Disable discourse from crawling links

how to disable discourse from crawling (embeding) links, for security reasons.

these settings i have for onebox seem to failed

Did you try “*” in sites not to crawl?

i did, and it failed

There’s currently no way of disabling oneboxing.

could you guys maybe add an option to do it?
for people like myself that use a reverse proxy, any one can post an ip logger and get backend ip

so i guess there wont ever be a way then?

That’s not a fair statement. It’s on Régis list, but it hasn’t gotten done yet. I’d recommend checking out How do we decide what goes into each release of Discourse? - this is the only request that I’ve seen so per #1 this is not high on our todo list - but it’s on the todo list.

4 Likes

in a way it should be, cause it can affect users, many might not post about it dont mean it doesnt affect others, but i do understand about it not being high on the list but still, its something i think should be heavily considered

Have you tried adding the domain names ro your censored words? Last I tested doing so will effectively prevent the links from becoming working links in posts.

1 Like

there are alot of iplogging domains out there, would be impossible to block all, and no i never tried adding to censored words, i just tried the onebox domains blacklist which failed, as for some reason it still sends a requests to the logger

@nbianca can you make sure the “onebox domains blacklist” work as expected?

Also, we should enforce the validation to ensure only domains are entered (ie. “http://www.youtube.com” is not a valid value).

1 Like

This was fixed by:

5 Likes