Closed phil616 closed 1 month ago
Jurieu
commented
1 month ago One feasible solution is to add a warning prompt when accessing external links, such as:
You are accessing an unsafe link that does not belong to this site, do you want to continue?This way, a large number of external links can be placed on the website without taking any responsibility. And the security policy can be updated.
phil616
commented
1 month ago Good idea, for each external link, the href string will be replaced like "extlink?redirect_url=http%3A%2F%2Fexample.com". however this requires more templates and pages to receive params, you will be assign to do this.
---- Replied Message ---- | From | @.> | | Date | 07/06/2024 01:27 | | To | @.> | | Cc | @.>@.> | | Subject | Re: [phil616/Teyvatedu] Adaptation issues between external links and security policies (Issue #22) |
One feasible solution is to add a warning prompt when accessing external links, such as:
You are accessing an unsafe link that does not belong to this site, do you want to continue?
This way, a large number of external links can be placed on the website without taking any responsibility. And the security policy can be updated.
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: @.***>
Lourvine
commented
1 month ago Good idea, for each external link, the href string will be replaced like "extlink?redirect_url=http%3A%2F%2Fexample.com". however this requires more templates and pages to receive params, you will be assign to do this.
---- Replied Message ---- | From | @.> | | Date | 07/06/2024 01:27 | | To | @.> | | Cc | @.>@.> | | Subject | Re: [phil616/Teyvatedu] Adaptation issues between external links and security policies (Issue #22) |
One feasible solution is to add a warning prompt when accessing external links, such as:
You are accessing an unsafe link that does not belong to this site, do you want to continue?
This way, a large number of external links can be placed on the website without taking any responsibility. And the security policy can be updated.
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: @.***>
will do
In #17, a user ( @FireEndymion235 ) raised the issue of inserting external links into the website, but the latest security policy cannot allow this because the website has not yet enabled HTTPS and the security of the website link cannot be confirmed. In order to ensure user safety, the link will not be inserted for the time being, but the problem still exists. This issue is established to solve this problem.
Purpose: Solve this problem in the second iteration phase Thinking: Relax security policies, etc.
refs: SECURITY POLICY