=== Sorry, sent again, because I forgot the docs list ===
On 21.05.2012 23:04, Daniel Gruno wrote:
> In light of recent concerns about the Disqus system, I've taken it upon
> myself to figure out an alternative we can use for adding comments to
> our pages. And so, through the better half of a day, I worked on
> creating a new system that is without any evil tracking mechanisms of
> any sort except for what people themselves will allow - that is, only
> information that is willingly entered will be stored, no IPs or such.
Great!
> The result (thus far) can be seen at a small test page I made for the
> http project at http://c.apaste.info/httpd.html - feel free to give it a
> test spin and see what you like.
I like it.
+1
Concerning production readyness, some points come to mind:
- Did you pay attention on escaping problematic input? I saw some
escaping, but didn't thoroughly test it. We don't want XSS and such.
- Is there some safety against brute force password hacking for the
registered people, especially the moderators? E.g. locking accounts
after a few wrong passwords.
- Since we want to host it later inside ASF infra: what are the infra
requirements? It seems the server part is written in Lua? Is it based on
httpd 2.4 with mod_lua, or just Lua in CGI scripts or similar?
Thanks!
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org
|