Add a blocklist of URL's

[PaulKinlan]

There's probably some url sets that we don't want to allow to get posted such as googleplex etc. Might be good to add a configurable filter that stops us from doing something stupid.

[PaulKinlan]

Actually, rather than a URL list that could also leak things, maybe we should try and see if an external service can get a 200 response and similar data to what the extension sees.

Process: User Clicks submit. DevWebFeed host trys to fetch the URL, if it can't get access then it won't post it....

[ebidel]

Good idea. Better to play it safe. If the crx makes a fetch without cookies and gets a 200 back, that may work. Although if someone is on a corp IP it may still go through....

…

On Mon, Apr 23, 2018, 12:39 AM Paul Kinlan ***@***.***> wrote: Actually, rather than a URL list that could also leak things, maybe we should try and see if an external service can get a 200 response and similar data to what the extension sees. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#14 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAOigGHQ5FBlbzjwtctrMNEk6nA4ujChks5trYVIgaJpZM4TfYx9> .