Skip to content

Loading…

Don't filter NSFW listings when using the API. #402

Closed
wants to merge 1 commit into from

3 participants

@bboe

No description provided.

@spladug
reddit member

Merged as 07d8675. Thanks!

@spladug spladug closed this
@talklittle

Ah, did this just go into production? I just had a user email me about NSFW content appearing despite disallowing over_18 content in their website preferences. I guess it's now up to the API clients to implement a layer of filtering?

I'm somewhat against this change because doing the filtering on the client side causes a variable number of listings per page. Given that, it is nice to have that control on the client side for devs who need it.

I'd personally rather the default be to honor the over_18 settings in the logged-in user's profile, but have a querystring switch to override it for API clients that need to see the unfiltered listings.

@bboe

@talklittle

Before implementing this change I had a little discussion with the admins on IRC. The reason we agreed on this solution was that the over18 support was somewhat broken when considering non-authenticated users and users without the over18 flag checked, thus it was simpler to just ignore that setting altogether than to try to come up with a solution that properly mimicked the web-version of the over18 consent page.

Basically, the non-authenticated users were allowed access to the over18 content without requiring an over18 cookie that the webpage view requires, and authenticated users without over18 enabled received empty listings for NSFW subreddits but could still directly access the NSFW submissions.

In either case, this change should only return a complete listing (rather than an empty listing) when someone explicitly is looking at a NSFW subreddit listing or a multi-listing containing a NSFW subreddit. Thus I don't really see how that's an issue on the client's end as it's better for the client to simply prevent them from making that request in the first place.

@talklittle

@bboe Hey thanks for the explanation. Sorry for the confusion, I misunderstood the impact of this change. This is actually a really great one that I am happy about, so please disregard my previous comment in the context of this change.

The behavior that I meant to point out is that the API always returns over18 posts within a listing, e.g. for /r/videos, when the same user on the website will not see those individual over18 posts. So, that is a separate issue. Thanks for clearing it up!

@bboe

The behavior that I meant to point out is that the API always returns over18 posts within a listing, e.g. for /r/videos, when the same user on the website will not see those individual over18 posts. So, that is a separate issue.

Oh I see. Actually, you were correct initially. This change does prevent the filtering of those individual NSFW posts. Perhaps we can modify your suggestion ever so slightly, and have an "obey_over18" parameter for subreddit listing requests so that it will perform the filtering when that parameter is True and the over18 option is not enabled for the user as I can now see how this complicates things on the client's end.

@talklittle

Sure, I like that idea- I'm fine passing an "obey_over18=true" parameter with each request. I'll see if I can take a look soon. For now I'm opening GH-407 to track progress. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Apr 2, 2012
  1. @bboe
Showing with 7 additions and 1 deletion.
  1. +2 −0 r2/r2/config/extensions.py
  2. +5 −1 r2/r2/models/link.py
View
2 r2/r2/config/extensions.py
@@ -18,6 +18,8 @@
"i": ("compact", "text/html; charset=UTF-8"),
}
+API_TYPES = ('api', 'json')
+
def set_extension(environ, ext):
environ["extension"] = ext
environ["render_style"], environ["content_type"] = extension_mapping[ext]
View
6 r2/r2/models/link.py
@@ -27,7 +27,7 @@
from account import Account, DeletedUser
from subreddit import Subreddit
from printable import Printable
-from r2.config import cache
+from r2.config import cache, extensions
from r2.lib.memoize import memoize
from r2.lib.filters import _force_utf8
from r2.lib import utils
@@ -217,6 +217,10 @@ def keep_item(self, wrapped):
if wrapped.hidden:
return False
+ # Don't hide from API users
+ if c.render_style in extensions.API_TYPES:
+ return True
+
# hide NSFW links from non-logged users and under 18 logged users
# if they're not explicitly visiting an NSFW subreddit or a multireddit
if (((not c.user_is_loggedin and c.site != wrapped.subreddit)
Something went wrong with that request. Please try again.