[wp-meta] [Making WordPress.org] #5093: Proposal to allow users to remove URLs that they have added to their posts in the support forums
Making WordPress.org
noreply at wordpress.org
Thu May 6 09:54:16 UTC 2021
#5093: Proposal to allow users to remove URLs that they have added to their posts
in the support forums
----------------------------+---------------------
Reporter: carike | Owner: (none)
Type: defect | Status: new
Priority: high | Milestone:
Component: Support Forums | Resolution:
Keywords: has-patch |
----------------------------+---------------------
Comment (by bedas):
Would like to add a word here on a few details.
**A)** I think it is not up to GDPR, lawyers or anyone else to determine
what is the persons "private" stuff. I tend to agree even with the
statement that the URL to the website may be considered "private", what is
however most important is to remember that the content written by any user
is ''not'' our property, it is the property of the user who wrote it
(again, this may differ in law enforcements however this is my opinion).
Just like comments, a user should have the right to remove ''everything''
they wrote from online instances, by default, as a basic right. This
includes, but is not limited to, links.
WordPress is a leading CMS and setting a standard that may go above what
GDPR asks us to do can have a positive impact.
Even "evil" Facebook allows to delete your content and removes content
(mostly) once you delete either said content or your account, which does
not seem to happen in WordPress (please correct me if I am wrong on this).
Understandably this is a help forum, and removing content would kind of
dispose of the goal (to keep a log for other users to find the same
solution), however, with the modern times, users do not research, they ask
anew. So the "loss of information" - even if deleting a full topic - is
actually not that big and the impact is probably close to zero.
Users ask ''again'', even if they found a solution, often they ask the
same question again "just to be sure".
That said, this is perhaps off topic but I believe that the "threads are
not deleted even if you request us to" approach may not be the most
respectful way to deal with data that, bottom line, ''is neither ours nor
WordPress's property''.
**B)** I have worked for years in a (PRO/PAID WordPress Plugin) company
providing Support for WordPress users, and the way this issue was dealt
with there, was as follows:
- if a user request deletion of their thread, we complied with it. No
Questions Asked.
- a custom code logic applied to the threads masked all URLs by default
and made them visible only to Moderators and OP. Only if a specific
"prefix" (in our case an `@`) was added to the URL, then the URL was
public.
- the masking logic automatically excluded major domains like Stack
Overflow, Google, WordPress, etc from the masking process.
- this masking process of course applied to everything what had the syntax
`anything.anything`. Similarly to WhatsApp when you type
`anything.anything` and that gets converted to an URL, this sometimes
resulted in funny issues due to typos (when a user mistakenly forgot the
space after a dot). These issues however are minimal, and can be resolved
by Mods quickly.
- last but not least the user in the forums was able to edit their posts
until marked as resolved. After that, the users where welcome to contact
us for further edit or removal.
This effectively ensured that no "private" url got public by accident, it
allowed to make specific URLs publicly readable if needed, and as well
automatically ensured that most of the common external sites (as said,
like SO, WP, etc) where public so other readers could follow the links to
potential solutions.
If it helps, I am sure said Company will be more than willing to share
their code solution with WordPress or even commit directly, as they are
directly involved and contributing to the platform almost daily. I can, if
this is desired or/and welcome, reach out and ask for inputs.
Concluding, I believe it is utmost important to respect the peoples
content, and to understand that their written content, wether an ask for
help or else, in no way ever changes property. It is and stays the OPs
property, I believe, and the OP should free to do with that content what
they consider best.
Implementing such solution as above described would not add work to
Moderators, rather, it would probably save a lot of time.
Of course the difference between "paid" and "volunteer" forums is, that
here we couldn't "employ" someone responding to needs of peoples on
demand. But I think the approach with the prefixing already would solve
99% of the "please remove URL" issues, and the option to delete even after
OP marked a topic as resolved, could simply be ignored in the WP case.
After all, no one but the OP can mark as resolved, so perhaps just adding
a last notice there, saying "If you mark as resolved, you won't be able to
remove Urls or else edit the postings" would complete the resolution.
Finally, posting an URL that the OP shared in our reply to the OP is (IMO)
a plain simple no-go. We should always anonymise and never directly copy
paste the OP's URLs.
That is simply good practice I believe.
Public Urls ''can'' in fact be a minor security issue. What if I
mistakenly post my ''customised'' login URL? While security thru obscurity
is not a ''solution'', it is ''part of a solution'' (because since the WP
login Urls are widely known, renaming them can have a huge impact on brute
force bots, because they would not know my customised login url. Publicly
sharing them would effectively "destroy" this (tiny) measure. Mainly thou
I think it is just a form of respect to not copy-paste in replies the URL
shared by Users (specially, if that URL was only part of the "I need help
with" field.
I hope this helps and sorry the long-ish post, and of course, this is
mostly based on my opinion and experience. Not trying to force it on
anyone ;)
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/5093#comment:33>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list