Yes yes yes!
I want to make sure that:
- Currently, atlas doesn’t work with the new ID. I want Atlas login to connect straight to ldap.
- Downloadable images are not working. It would be nice to have that feature again
- I don’t want atlas to load images from external (and arbitrary) pages. I can offer an S3 bucket, I prefer users to upload the images to our system if they want it displayed. Also, it’s important to offer everything in https (no mixed content). Important to note that the image should be verified on its type, we don’t want weird/executable files uploaded (not only by extension, but type too).
- I’d like all external/user URLs to have “rel=nofollow” (HTML a rel Attribute)
- I’d like admins to have access to disable/delete anything suspicious.
- I’d need admins (or certain email) to receive notifications when a new site is added (with the URL and image), so we can action on spammers.
- We need to make sure it’s not possible to cause javascript injections, even when displaying the image.