Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Can you share the warning? I made a public page and would say it was not clear to me this was a consequence of doing that. The warning as I remember it (a month ago) makes it sound like the information on this page is going to be public -- not - oh yeah the email addresses of everyone who edited this page will also be leaked.


When you start contributing to a page you see this:

https://cleanshot.com/share/trYdqYFZ

This is pretty meh. We will deploy more explicit messaging while we mitigate this properly.


The warning is too vague. “May become visible” kind of sounds like Notion doesn’t know whether they will become visible or not.


It's definitely weasel wording. And moreover, it's honestly tiring to constantly have these weasel words carrying such weight, and then jackasses getting bent out of shape that they aren't given the benefit of the doubt anymore.


Just following up that we've made it more explicit while we work on this:

https://cleanshot.com/share/8yFpGVDQ


Also, to me, "anyone who can view this page" sounds like "anyone _in this workspace_ that can view this page", not "anyone _on the public web_".


Please also especially clarify that IDs of contributors will be public. Meh is good, but this was a bit too simple.

There is a way to mitigate this. Re-hash and cache the page to be meta-less for public URLs. I guess that requires a huge amount of coding for a team that has not built the product from the ground up. But I feel like a "copy and paste" could fix that (remove author data).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: