Open preaction opened 9 years ago
Rely on browser same-origin policy to secure this for now. Require that something like nginx be used to proxy requests. Later we can add key-based site auth.
Comments should be markdown. Create a file-based store to begin with? Comments should be anonymous. Clear all bad tags (Mojo might know how). Put rel=nofollow on all links. Allow replies but don't write a tree.
Later:
Rather than do very repetitive things, we're going to use Mojo::Pg for all of this.
Comments will work like this:
GET /<base_url>/<*path>
POST /<base_url>/<*path>
<base_url>
can be just the base URL of the Comment app, or it can include a domain section.
The idea here is that we are a central microservices platform. Though we will have to study that scaling problem...
We'll need a Markdown parser as well. And we'll need to do that all server-side.
Create a comment app. Other websites provide their ID and a path and allows users to comment on that path