are not respected by URLs being automatically converted to embeds. If I post the URL to an image like so:
I can bypass the above two settings, so long as I have permission to post URLs. Expected behavior is that links aren’t automatically embedded if my TL is below min trust to post images, and after n=newuser max images, links stop being automatically embedded as images (display blue warning so users don’t think something is broken)
Yes, with our use case being we don’t want users to be able to embed/onebox explicit images in their posts. It’s less bad if they link it, as then users have to go off-site to see the inappropriate content, and it’s not displayed on an official domain owned by us.
It’s unlikely that it will be a specific domain. Probable case is that user uploads something inappropriate to Imgur or some other hosting site that we want to allow for TL1+ users, and then links that in their post.