Feature Ideas

From GNU MediaGoblin Wiki
Revision as of 19:27, 4 October 2011 by Elrond (talk | contribs) (Extract all the old security related ideas from #361(csrf))
Jump to navigation Jump to search

Introduction

There are many features that one can think of for MediaGoblin. Some should be implemented really soon, because they are needed right now. Other features would be nice to have, but are currently really hard to implement. And finally there are the Feature Ideas that can be classified as "brain storming".

This wiki page is mostly for long term feature ideas. This specifically means there are no promises that anything listed here will ever happen. It means nobody is currently working on this feature.

If you have an idea for a new feature, that is not listed here or in the Bug Tracker, please talk to some developers, or add it below in the "Yet Unsorted Ideas" section. If you really think, that your idea is extremely important and needs to be acted upon soon, you could file a bug.

The List

If there is a bug (closed or open), please link to it.

Yet Unsorted Ideas

Put your new ideas here:

  • Two federation ideas
  • Copy (some) metadata from the full‐size image into the smaller versions. If possible (according to metadata formats), add a note to them that they are not exactly the original.
    • #381: exif data handling for users (about privacy)

Security related ideas / Features

  • DONE: CSRF (#361)
  • X-Content-Type-Options: nosniff
    Served pages have the content-type set. And the browser should not be allowed to guess a different type. See: Firefox bug #471020
  • "Content Security Policy" (CSP) might really be a good add on to have. Noone should rely solely on this, but it might make things a lot safer if other security guards fail.
    A simple allow 'self' might already get a lot of things better.
    Link1 Link2
  • Possibly disallowing pages to be shown in frames.

Long term things that might happen