0
centralized repo collection TWEET
send a tweet with the url to XDM_APP that contains something like
@XDM_APP my fancy #repo https://github.com/lad1337/XDM-main-plugin-repo/
and XDM would check these tweets and collect the urls ... no central service (maintained by me) easy to use and more awarness
@XDM_APP my fancy #repo https://github.com/lad1337/XDM-main-plugin-repo/
and XDM would check these tweets and collect the urls ... no central service (maintained by me) easy to use and more awarness
Servicio de atención al cliente por UserEcho
@XDM_APP Buy my fancy viagra now https://viagraburger.com/biggor-p3n1s/
Sure, it might be a nice and dynamic solution, but we need some kind of a way to control and remove harmful entries as well.
- your tweet is missing the #repo thing
- It could be restricted to urls ending with .json
- The response body must be json parseable
- The json must fit the schema (uhhh I could enforce a json schema!)
Only then XDM should use the URLNot to mention that you can quite easily forge an url that is valid but has nothing to do with json, but still looks like json: http://example.com/index.php/foobar.json or https://www.facebook.com/index.php/doodaa.json
The way that PHP works, that should be valid with pretty much all php files with the same logic.
Don't get me wrong, I like the idea of decentralized repository management, but I'm seeing a lot of potential for malicious behavior with the proposed solution.
so can this be vital by enforcing a bunch of rules on the URL schema?
maybe only allow "https://raw.github.com" ?