Make displaying application used to toot opt-in #9897
Conversation
ClearlyClaire
force-pushed
the
feature/disable-application-info
branch
3 times, most recently
from
efd18d1
to
e72d45e
Compare
ClearlyClaire
force-pushed
the
feature/disable-application-info
branch
from
e72d45e
to
bfee2aa
Compare
|
I have disagreements for multiple reasons:
|
|
Hm, the first two reasons kind of make sense, but I'm really skeptical about the third point. EDIT: Also, you might have responded before I edited the PR to add the rationale |
ClearlyClaire
force-pushed
the
feature/disable-application-info
branch
from
bfee2aa
to
708b4fd
Compare
ClearlyClaire
changed the title
|
I changed it so that the information is still stored and displayed to the author. I believe this addresses all your concerns. |
This reverts commit ed30110.
|
@ThibG Why did you change default behavior? |
|
I changed it because I think most users do not care about displaying such information, and I think we should err on the side of not leaking info that might turn out to be private, at least by default. Furthermore, nothing currently tells users that such information will be displayed.
Le 6 février 2019 17:31:17 GMT+01:00, rinsuki <notifications@github.com> a écrit :
…
@ThibG Why did you change default behavior?
I think, this should be an opt-out...
--
You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub:
#9897 (comment)
--
Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.
|
|
I didn't realize you made it default to false after my concerns. I agree with @rinsuki the default behaviour should not be changed.
This is true, but I think there are generally a lot of ideological questions users do not care about. Whether you are using Tusky or Mastalab does not endanger anyone in the majority of cases, and we need to help the app ecosystem, because users generally don't think about an app ecosystem after they've found an app that works for them. Not everyone leaves a 5-star review on the app store, so do you think they will look for an option they do not know is there? |
|
I think that this change will cause malfunction of https://distsn.org/mastodon-apps.html and some sites. I understand that you are concerned about privacy, but I think that changing default behavior is not favorable. As an alternative to opt-in, I propose to display some message in "/oauth/authorize". |
* Make storing and displaying application used to toot opt-in * Revert to storing application info, and display it to the author via API
* Make storing and displaying application used to toot opt-in * Revert to storing application info, and display it to the author via API
This PR introduces a setting to control whether an the application used to post toots is
stored anddisplayed, and makes it opt-in (thus changing the default behavior).The reasoning for this is that this information has little legitimate use, but may be used to get private information about the user (are they posting from their computer or a phone app? Do they use a very little-used app? If so, can we identify them across accounts?)