A web service for commenting
2019-01-27
Derek Zhou
Commenting is a feature that many websites provides or want toprovide. However, a good commenting system is not so easy:
- Implementation non-trival
- could be abused by spammer
- maintainence headache
So a hosted web service are often used. In this case commenting is provided by a third party web service. However, all current commenting web-services suck in a way:
- no easy way to keep spammer / troller down
- identification of visitors is hard or inconvient
- no threading
- for fee or ads
A good looking, non-intrusive, secure web service for adding comments can be highly appreiciated.
Environment
Webpages are published on server A. The webpage contains a link to another server B, which is the commenting web service. Over in server B, each disscussed webpage has a seprated URL, with original webpage in miniature form displayed on top, like a social link. Comments are listed below with UI to reply (with quote) for the root (the original webpage) or any one comment. Server A can remain as dumb as possible wrt. the commenting function.
Challenges
Besides visual, There are 3 main challenges:
- the silo problem, ie, to identify the set of comments associated with this particular webpage.
- the authentication problem, ie, who is the visitor?
- the authorization problem, ie, what can the visitor do?
Silo
Comments should be associated to the canonical URL of the webpage. A comment is targeted to one and only one page and different pages' comments should not mix. Any webpage can be discussed, even without original author's consent. However, the original author may express interest in participating the discussion by provide his email address in a meta tag of the webpage.
authoentication
Each visitor should be able to identify herself to the system without too much effort. The id can be like an email address: user@domain. Different visitor should not be able forge this id to the system. It is best to use a social login, like oauth2 so the comment service does not keep passwords and users can enjoy single sign on.
authorization
It is better not to maintain a complex authorization system; it could be brittle, and over fitting the current/local prteference, and can be deemed unfair from other perpective. The following rules does not rely on anything except the user's participation of the very discussion itself:
- Anyone can see replies to his own comment.
- A pin is either a normal reply, or a special zero length, unpinnable reply (mere pin).
- A pinned reply cannot be revoked, however, reply unpinned can be downgraded to a mere pin.
- A mere pin can be re-pinned, (extended). It cannot be shortened.
- One can only pin the comments that he can see, and cannot pin himself.
- Anyone can see the siblings, ie. replies to a comment he pinned, if and only if that the sibling is pinned.
- The top level comments are considered replies to the author of the webpage. If the author is not given a identity through the meta tag, the system will assume the role and automatically pin every top level comment once at the very momoent of when the comment is made.
- Any reply, if unpinned, will expire in a given time. Any pin will expire too. It is configurable that if this effect is cacasdable. If cascadable, a long forgotten discussion will gradually decay into nothing and disapear completely.
With the above rules, anyone that want to participate the discussion has to pin at the top level. With the broaden visibility he can drill down and pin the sub-thread as he discover more. Spammers and trolls are largely avoided because no one will pin them. The author has incentive to reveal himself to keep the spammers down at the top level. Also commentors have incentive to write in a civil and informative way because the only one that can pin their replies are the one he repiled.
User can choose to receive emails on several levels:
- no email
- daily digest
- one for each reply and each comment that become available. Email threading shall be kept
Other applications
The same system, with further enhancement, could becomae:
- personal bookmark system
- invitation system
- poll or scheduling system
There are quite some monetizing opportunities.