profile settings: attempt to discourage spam accounts

inventaire / inventaire-client

webapp coupled to the inventaire server :books:

https://inventaire.io

48 stars 16 forks source link

profile settings: attempt to discourage spam accounts #389

Closed maxlath closed 1 year ago

maxlath commented 1 year ago

addressing https://github.com/inventaire/inventaire/issues/503 by not allowing to save a user bio that contains a URL and a suspect keyword

jum-s commented 1 year ago

Quite smart to use status code for this purpose. What about extracting hardcoded suspectKeywords into a .gitignored file (.ie .suspect-keywords), or anywhere none git covered in order to easily update the list without having to commit it? If you agree with the suggestion, the function looksLikeSpam could be early returned if no .suspect-keywords file is found.

maxlath commented 1 year ago

@jum-s It makes the setup more complex, but there is indeed the benefit to let the instance administrator adapt the list to their specific spammer pool. I moved the list to the server config, where it can then be modified as any config parameter https://github.com/inventaire/inventaire/pull/668 What do you think?