This repository has been archived by the owner on Nov 15, 2017. It is now read-only.
Let the user choose whether site- or domain-level scopes should be auto-created #250
Comments
|
Questionnement pertinent, je suis plutôt d'accord avec ce que tu dis. On devrait laisser le choix pour l'utilisateur, en proposant par défaut la création automatique de règles à portée domaine pour plus de praticité et pour éviter les faux bugs comme la #249, tout en précisant que les règles à portée site augmentent la sécurité. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Domain-level scopes provide a security increase relative to global scope, and a convenience increase relative to site-level scope. So the ability to auto-create these instead of just site-level scope might be welcomed to many users.
Site-level scopes are more likely to "break" a site, especially those which uses redirections in their normal operation (logging in, etc.).
Those redirections are not well dealt with site-level scopes, because, for example, in issue #249, a user may whitelist the proper set of rules on
www.laposte.net, but then there is a redirection towebmailz.laposte.netafter trying to logging in, while there are no proper whitelist rules yet for that one hostname. With a domain-level scope, rules for*.laposte.netare seen by bothwww.laposte.netandwebmailz.laposte.net. Hence the convenience factor.The text was updated successfully, but these errors were encountered: