Search Mailing List Archives
[liberationtech] Concept for takedown-resistant publishing
art at globaleaks.org
Fri Feb 3 13:04:31 PST 2012
On Feb 3, 2012, at 9:35 PM, Daniel Margo wrote:
> After consulting a shower, I realized the way you would do comments is by storing them in a format that required no pre-processing (e.g. SQL sanitization) and then doing all post-processing (HTML sanitization, BBcodes, swear removal, w/e) at the client, where if they're byzantine all they affect is their self. This is probably extensible to any data storage-and-retrieval feature where there is A. no pre-processing, and B. no more post-processing than can be realistically done at render time. That still expands the universe of possible features a good bit.
> - Daniel Margo
Yes, showers are indeed often very illuminating!
The fact is that inside of the web application what you are doing is only REST requests to a backend system
that means that the content of the response cannot manipulate the DOM of the page therefore you are not
worried of sanitizing data.
I illustrate this approach in a post I did how we could in future do crypto safely inside of browsers:
More information about the liberationtech