Skip to content
This repository has been archived by the owner on Dec 4, 2017. It is now read-only.

[WIP] docs(content security): add new chapter #1640

Closed
wants to merge 1 commit into from

Conversation

wardbell
Copy link
Contributor

Not ready to merge but closing in.

@googlebot
Copy link

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.

1 similar comment
@googlebot
Copy link

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.

@googlebot
Copy link

CLAs look good, thanks!

1 similar comment
@googlebot
Copy link

CLAs look good, thanks!

@wardbell wardbell force-pushed the docs-content-security branch 2 times, most recently from 20dbea6 to cd142d0 Compare June 10, 2016 10:07
@googlebot
Copy link

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.

1 similar comment
@googlebot
Copy link

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.

@wardbell
Copy link
Contributor Author

Brian Clark (clarkio, brian@clarkio.com) is covered under the IdeaBlade CLA and is working with me on this chapter. His and my commits are mutually agreed.

@googlebot
Copy link

CLAs look good, thanks!

1 similar comment
@googlebot
Copy link

CLAs look good, thanks!

@naomiblack
Copy link
Contributor

I'd like to adjust the tone a bit to avoid high-level direction to the reader "We strongly recommend consulting a security expert at strategic moments in the project timeline." feels a bit pejorative, like "go find a grown-up", and it's not clear who "we" or "a security expert" are. Instead, use something like "Securing a server is a complex topic beyond the scope of this guide. Here are some Angular-specific tips to help you get started." that sticks to the facts.

Also be careful of ambiguous "we", e.g.

 In this chapter we focus on an important part of the security story: ensuring the safety and security of the content we display and the user input we accept.

The authorial "we focus on" is fine, but "the content we display" is unclear -- who is displaying the content? "ensuring the safety and security of the content displayed by an application, and the user input that it accepts".

@naomiblack
Copy link
Contributor

I had a look on my dev server and noticed some markdown errors and inline comments. Can we polish this up to publish for RC2?

@naomiblack
Copy link
Contributor

This PR has both public/docs/ts/latest/guide/content-security.jade and public/docs/ts/latest/guide/content-security.md -- I think .md is an error and should be deleted? Can @wardbell confirm?

@mprobst
Copy link
Contributor

mprobst commented Jun 15, 2016

Hey. Thanks for hacking this up on short notice, looks very good! I'm going to take this PR over and carry it for the last five meters up to completion. So please vacation as hard as you can, we got this :-)

@clarkio
Copy link

clarkio commented Jun 16, 2016

@naomiblack we were working off the .md at the time and I believe it was intended to be removed once fully converted in jade.

@mprobst if you happen to have any feedback after running through it please feel free to share. Always enjoy talking security.

@naomiblack
Copy link
Contributor

obsolete.

@naomiblack naomiblack closed this Jun 23, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants