Add site-wide option to allow moderated comment posts to be unhidden like a spoiler

[valconius]

Hi all, I was reading Murder-Death-Kill Genocide-Crusade Simulator 9000 and happened upon a neat little example of something I probably don't want to read but would like the freedom to read anyway even if reading it might hurt my eyes, cause blood to gush out of my ears and give me the sniffles. See: https://mangadex.org/title/21758/kaifuku-jutsushi-no-yarinaoshi/comments/ somewhere around comment #387. (As an aside, it would be nice to be able to generate a permalink to comments by number, such as "https://..../...-yarinaoshi/comments/#387".)

Whilst that is a rambling bunch of humorous silliness (or silly humorousity) by me, my actual suggestion is really rather mundane:
1. Add some backend metadata/tag to moderated commentary posts specifying they were either totally deleted or else merely moderated. All moderated posts up to this point are marked as "totally deleted."
1.1. A totally-deleted post was deleted because it contained blatantly illegal stuff or else contained some information hazard. See below for a simple and common-sense definition.
2. Add some frontend site-wide user option where merely-moderated posts are given a cosmetic change: a new toggle button on the right-hand side to temporarily unhide the merely-moderated post. All merely-moderated posts default to hidden.
3. Do no cosmetic changes to totally deleted posts.

A simple definition for totally deleted is "this stuff will kill me or put me in jail". For example, stupid teenagers visit this website. Here, stupid is defined as something all of us understand, typically relating to poor impulse control combined with lack of foresight owing to lack of experience. Here, an information hazard might be a recipe to make mustard gas disguised as a recipe to make do-it-yourself shiny salt crystals. That is certainly not illegal but it crossing paths with a teenager in the United States where high school chemistry sadly typically rarely exceeds rote memorization would probably have very bad outcomes some of the time. On the other hand, saying something mean and hurting my feelings is not worthy of being permanently deleted, even if you threaten bodily, mental or spiritual harm to me, although someone will probably ban you and moderate your post for trying to threaten me. In short, breaking a site rule is grounds for moderation, but not for deletion of MangaDex history, but trying to kill someone is grounds for permanent deletion. Both are presumably grounds for banning.

I draw attention to the notion of "maintaining integrity of history" because MangaDex already, after all, maintains a history of purged chapters and commentary posts for those purged chapters and provides a convenient site-wide option to enable viewing this history, so this seems to fit in with MangaDex's ethos of maintaining history. (As an aside, others have noted how MangaDex lacks a feature to "export followed/favorites as JSON"... an omission that seems rather odd especially given how easy it is to implement in Javascript with no modification to the site's code.)

A possible exploit could be the appearance of shadow discussions where Person A and Person B bitchslap each other in an endless string of moderated comments. A simple counter to that possible exploit is what you folks already do, which is banning people.

As an aside, I suggest this primarily so that I can laugh at stupid people who have been moderated. I find laughing at others' expense to be rather enjoyable, as does most of our species. I especially enjoy following a comment chain without random deletions or ex-post-facto edits interfering with the commentary's seemingly endless flow of hilarious retardation. I would prefer being able to also temporarily undo someone's edits so that I can laugh even more, but I'll settle for this minor change.

 

[Kanami-chan]

saying something mean and hurting my feelings is not worthy of being permanently deleted

It is in the year of 2k19

 

[blackyawgdom]

This would be Denied because the option already exists.

All you have to do is [This post has been redacted. Reason: Figure it out yourself]

 

[sterven]

If you want to see the moderated comments all you gotta do is flip the switch in your settings specifically the "comment visibility" tab.

 

[crazybars]

@valconius

Your suggestion is already in your settings though?


Click your drop down menu, go to settings and go to Comment visibility and change it from hide Moderated Comments to Show All.

 

[MavB_Ver]

I can see the moderated comments just fine by toggling the Comment visibility in the Settings, yes. Don't know about the deleted ones, but the ones that are deleted are normally not worthy of your attention anyway, ads for example.

And by generating link to a commnet, you meant this? https://mangadex.org/thread/2876/19/#post_1193592
You can get that by clicking on the time when the comment was posted.

 

[ABCsOfLife]

Oh did cha mean like you can see it without messing around the settings?

I'm against that, the moderated comment is hidden quite well for a reason you know.
Making it appear like that spoiler function will just.. what's the word.. making it easier to trigger people(?).
Like I'm imagining people show up in the comment section reading it, and stumble upon a moderated comment and be like..
"Oh! What's this? A moderated comment?! And it's only one click away for appearing! I should click it as I am curious individual!"
And then after clicking be like...
"Son of b****! I should "@" that person who got moderated and let them know my thoughts! Shame on you!"

 

[valconius]

Thanks all, these were speedy responses. I suppose the suggestion now reduces to adding a third mode to the already-extant option such that moderated comments are toggle-able within the comment thread. Furthermore, the existing option, "show all comments", would be more helpful if moderated comments were still colored differently or else tagged as such.

@crazybars blegh, this is the second time now an option existed that I never noticed.

@MavB_Ver thanks, though on a touch screen I need to try tapping a few times until I actually click the button. Another cosmetic suggestion, solved I suppose by adding a bit of padding to the styling of the relevant html element.

As an aside, the moderated comment I had originally wished to see was rather boring. I am rather distressed that the moderated comment was not as entertaining as I had expected.

 

[Holo]

I think one thing is clear - we need to advertise all the site functions better. Some people still don't know you can filter chapter languages, and that has been possible since day 1.

 

[sterven]

would be more helpful if moderated comments were still colored differently or else tagged as such.

They are they have a crossed out yellow speech bubble next to the time stamp.

 

[valconius]

@sterven "<...> in the case that they are toggled to be shown."

That is what I meant. Presently, toggling moderated comments to visible removes the yellow color and all other distinct styling.

@Holo This site is very well organized, but somehow I find 4chan-x's ui to be more intuitive. It clearly isn't more intuitive, MD is superior, but I sometimes somehow get lost here. All I know is I am always tripped-up by the "More Settings" button on both the site settings menu and the chapter/manga reader settings menu. You know how web browsers have been progressively dumbed-down until nowadays in mobile chrome and safari you can't even directly edit the URL? Righty, don't do that; hiding options seems like a halfway step in that direction. Perhaps change the background color of the advanced settings, but show everything always. I do like how some advanced settings normally hidden persist in the basic settings menu after they're edited, though. I would almost say firefox's about:config screen is more intuitive, mainly because anything you change from default gets highlighted in bold until you change it back to default.

Where is the frontend's source code? When I do my own website or ff extension development, I usually include a placeholder function(s) to populate the screen, boxes, menus and so on with (random/procedurally-generated) dummy data, then tuck all that away in a separate file and include one line in <body .../> sourcing that file. Moving to a deployed/testing version rather than a "check if this pretty stuff is practical" js file is as easy as uncommenting one line defining a variable and having the main fake-debug function not execute if that special variable is defined (and likewise the fake-debug file defines a variable propagated to the "release" version dictating whether or not for example a fancy backend is used). Ofc I dunno how you folks do things, but it would be nice if I could simply tinker with the site's source and post an example fake mangadex somewhere for viewers of the thread to play with.

 

[ZaxaPac]

@valconius

but it would be nice if I could simply tinker with the site's source and post an example fake mangadex somewhere for viewers of the thread to play with.

As would all those fake MangaDex sites already showing up in searches. I don't think it's in their best interest to readily hand out access to the site's source code to anybody who wants it, lest it lead to a very convincing fake site with malicious intent, but those are just my thoughts. I'm sure there might be people/sites out there who could already get pretty close, but why make it even easier for them?

 

[valconius]

@ZaxaPac Sorry for the long response, but I've never been able to come up with of a simple response to what I view as a common fallacy among laypeople and engineers alike. Feel free to skip to the last paragraph.

At present, mangadex seems to be explicitly blocked on most internet search engines, for it is, after all, only once in a blue moon a simple search (even including "mangadex" in the search terms") even leads me here. I remind you that all of your (or at least the site author's) tools are FLOSS, and all those, too cam be easily subverted as could have been the case with Emacs' repository some years ago were it not for an explicit ethos of bootstrappability in the more mature of those project, leading to, among other things, the source code heritage database. Furthermore, your argument suggests inaccessibility of source protects the user against phishing, a fallacy more commonly heard by medium and large military contractors whose real reasons to not share are to reinforce their virtual monopoly; Boeing did not develop the L4 microkernel, and Lockheed did not perform formal verification of a subset of L4 in the course of the US government's development of a variant meant for secure drone operating systems. I think Juniper Networks is the company rather infamous for detecting (many years after the fact!) malicious code insertion into their family of firewall products. MangaDex is not a fortune 500 company, and even they are subverted on a regular basis. It's the FLOSS groups, not the wealthy companies and not the likes of your everyday script kiddy's project but instead the likes of GCC and OpenBSD, who are most resistant to exploitation, and failures in this regard tend to come from breaking from their style of workflow.

Here, you suggest hiding the source protects the user, but a million other attacks are possible anyway. If I accidentally visit "MangaDex.com" then I have fallen victim to a type of semantic attack, and if I attempt to log-in I have allowed myself to be hit by a phishing attack. An attacker cannot, however, just log-in from their fancy server, because typically not part of source code repos are cryptographic keys. An attacker can programmatically talk to the MD server to glean my habits, and if I stupidly (as probably nearly everyone does) use the same un/pw pair almost everywhere, the attackers can even hit my bank accounts. A type of DOS attack against MD can also be performed, since credentialed gatekeeping no longer works. However, this is true of just about every site you currently use. Though... google gives me my bank's real website but consistently gives me fake mangadex websites (or used to, anyway). However, the fault there lies on the search engine and the information warfare attacks (spamming fake md links on irc, message boards and so on). Etc etc etc.

I think you see my argument pattern: I cannot prove you wrong because an endless list of security gotchas exist that I'd need to individually address, and you can probably notice the many holes in my rambling where I didn't address, for example, malicious javascript stealing your Windows passwords, things that seem odd but were entirely possible by a script kiddy owing to SPECTRE iirc. I can only suggest that good computer science yields web site design for which your worries are fundamentally irrelevant/protected against by default, and I can only point in a handwave-y manner to the history of FLOSS outperforming proprietary stuff generally excepting niche military needs (i.e. darpa's SSITH, in other words outperforming always where funding exists in the first place). MD as-is would probably need to be re-architected completely to follow good principles of distributed database design, but here's the endless chicken vs the egg problem again. As an aside, your notion of security by obfuscation is imho the same reason some criticize OpenBSD's bent toward severe code review/internal auditing. I can't find a certain very good summary of this, but their website at https://www.openbsd.org/security.html features their own words on the matter. I do insist that your statement comes from a logical fallacy, but I can't easily prove that.

Perhaps someone can PM me the source code. I haven't tried just looking at the web site, but iirc MD uses some weird js library and some weird CMS so I presume editing the source directly would be many times easoer. I might not even touch the source, but I presume PM'ing source code to curious forum-goers, while taking the risk one of them either has a subverted computer or is a subversive himself, is a good-enough compromise.

 

[Teasday]

The timestamp is the kind of anchor link you're asking for.

mangadex.com specifically happens to be owned by us.

The source won't be publicized, via PMs or otherwise. The only "weird" js library we use is jquery and I'd rather get rid of it asap. The forum software will be replaced as soon as we can.

 

[valconius]

@Teasday well at least that is a succinct direct answer to my question.

Should I make another thread for minor cosmetic suggestions, ie on a tablet touchscreen the anchor is hard to tap-click -> make the clickable area of the item bigger.

 

[Teasday]

@valconius If it's suggestions related to the forums, don't bother. We're changing to Xenforo 2 anyway.

 

[valconius]

... why don't you guys just use any standard database, I must nitpick this reminds me of an old college project where a simple haptic transducer thingy's circuit (a touch pad to control window blinds among other things) was replaced by a dizzing array of Atmel microcontrollers and Android tablets.... Anyway, no, it's in the per-manga and per-chapter commentary pages. It's the link on the "#xxx" or "x-hours-ago" post-number bit. From FIrefoz devtools:

#post_372465 > td:nth-child(2) > span:nth-child(2) > a:nth-child(2)

html body div#content.container table.table.table-md.edit tbody tr#post_372465.post td.pb-3 span.float-right a.permalink

In other words, the headline or "#post_xxx" permalink to a comment, the <a .../> with the "permalimk" class, it has no real styling so it winds up difficult to click on crappy windows touchscreens.

 

[MrIncognito]

You should use any standard database, and not a series of plaintext files like you are apparently using right now or are planning to use (???)

 

[Teasday]

_{@valconius posted:}

Anyway, no, it's in the per-manga and per-chapter commentary pages.

Which will be replaced by Xenforo too, yeah.

No idea what you guys are talking about with standard databases and plaintext files. We use MySQL.

 

[MrIncognito]

(mine was a joke because I didn't know what he was talking about either)

On a more serious note, re: permalinks, it seems Xenforo might give that element some padding.