-
Notifications
You must be signed in to change notification settings - Fork 880
[WIP] docs(content security): add new chapter #1640
Conversation
We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google. |
1 similar comment
We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google. |
02122ee
to
073f647
Compare
CLAs look good, thanks! |
1 similar comment
CLAs look good, thanks! |
20dbea6
to
cd142d0
Compare
We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google. |
1 similar comment
We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google. |
Brian Clark (clarkio, brian@clarkio.com) is covered under the IdeaBlade CLA and is working with me on this chapter. His and my commits are mutually agreed. |
CLAs look good, thanks! |
1 similar comment
CLAs look good, thanks! |
4272176
to
2a282df
Compare
2a282df
to
34b58ca
Compare
I'd like to adjust the tone a bit to avoid high-level direction to the reader "We strongly recommend consulting a security expert at strategic moments in the project timeline." feels a bit pejorative, like "go find a grown-up", and it's not clear who "we" or "a security expert" are. Instead, use something like "Securing a server is a complex topic beyond the scope of this guide. Here are some Angular-specific tips to help you get started." that sticks to the facts. Also be careful of ambiguous "we", e.g.
The authorial "we focus on" is fine, but "the content we display" is unclear -- who is displaying the content? "ensuring the safety and security of the content displayed by an application, and the user input that it accepts". |
I had a look on my dev server and noticed some markdown errors and inline comments. Can we polish this up to publish for RC2? |
This PR has both public/docs/ts/latest/guide/content-security.jade and public/docs/ts/latest/guide/content-security.md -- I think .md is an error and should be deleted? Can @wardbell confirm? |
Hey. Thanks for hacking this up on short notice, looks very good! I'm going to take this PR over and carry it for the last five meters up to completion. So please vacation as hard as you can, we got this :-) |
@naomiblack we were working off the .md at the time and I believe it was intended to be removed once fully converted in jade. @mprobst if you happen to have any feedback after running through it please feel free to share. Always enjoy talking security. |
obsolete. |
Not ready to merge but closing in.