moqmar
commented
6 years ago Ideally, it should use the history API with a fake ID and mimic the original spam filter as closely as possible, to prevent people from investigating why the spam screen on encrypted documents looks different than on unencrypted ones.
Yes, it's not the best way to approach this scenario, but the only plausible one to provide at least some filtering from link lists, so there won't be as much to do for reviewing reports.
This is more or less intended, but there should be a client-side spam protection to at least prevent people who don't know JavaScript from posting spam.