We're starting to get spam. rel="nofollow" would be a deterrent. Possible to do this in a way that the user can't edit?
bleach is capable of doing this to a document: http://bleach.readthedocs.org/en/latest/linkify.html
note that we're ditching bleach incredibly soon.
based on the informaiton from https://support.google.com/webmasters/answer/96569?hl=en, we can add a general nofollow rule in the finalizedHTML that is used for the embed shell - remixing it won't show that tag (just like our <base> tag) and it should prevent google etc. from following spam page that people create through thimble
Created attachment 787729 [details] [review] https://github.com/mozilla/thimble.webmaker.org/pull/195
Comment on attachment 787729 [details] [review] https://github.com/mozilla/thimble.webmaker.org/pull/195 This isn't quite as good as link-level nofollow, but it probably does what we want for a lot less complexity.
curious why you say that? It does exactly the same as link-level nofollow in our case, since we would be linkifying all links anyway? Crawlers that actually respect nofollow (like google etc) should behave the same way whether they see this nofollow or nofollows on every individual link, unless I missed something in the article
I just mean it's a big hammer that also covers any links we inject into the doc vs. ones the user does. It's not critical, since we isolate our stuff in the details iframe.
ahh. yeah, given that all our links go into our shell rather than the embedded data I went with the full-doc nofollow. In it goes.
Commit pushed to master at https://github.com/mozilla/thimble.webmaker.org https://github.com/mozilla/thimble.webmaker.org/commit/d061910ce076282192b13976af1e661cf9f50090 Merge pull request #195 from Pomax/bug903085 added a nofollow rule for finalized HTML, to prevent spam indexing