A transformation of social media platforms

At the beginning of this month I did an implementation of a commenting system by trying to harness social media platforms as the essence/backbone of the commenting system. To my horror, I found it to be unideal. Being critical towards society isn't always well taken, and not always well understood, and therefore it helps to elaborate on an idea  or criticism by coming from the perspective of the object(improvement) being conrasted upon.

I believe that embedded social media, if done correctly, would be the future of social platforms and bring about a new sense for commenting on blog sites and other various platforms that use commenting. And this article is dedicated to discussing the theory creating this possibility.


What am I talking about?

Think of something like Disqus, however - and unfortunately-, lets make it obsolete aka, incorporate it into our more popular social media platforms. Envision an internet where each and every website transparently forms part of a social media platform, done by means of commenting systems. This is what the failed attempt of embedded social media seems to be, and boy is it atrocious in it's current state, especially Twitter - Google+ almost has it right. You can read more here. Or perhaps this is an unthought of potential that exists.


What are we solving

A bit of thinking and you'll quickly come to realise that this isn't such a difficult task at all. 

The hurdle we're discussing here is security. How do we control

  • a.) user permissions - we wouldn't want a site to be allowed to comment for the client without their permission
  • b.) The representation of the commenting - we want the user to know they are commenting via the social media platform (SMP), or it could be thought of as SMP promotion.


Current state

Currently embedded social media sits as a hack by using iframes to authenticate a user via their cookie, moreover it allows the SMP to control the representation of their social content. This indicates to me how lazy the developers were, and yes, as a software engineer you need to be lazy, but not lazy in your thinking. Hitting the two birds with one stone in this case was a very bad call as it crippled the potential of the embedded social media concept.


Basically both don't allow manipulation of the representation. Twitter is backward as you need to embed a future post to track the previous conversation, so embarrasingly lazy.

Solution A - The mediator

So the solution is very simple, and infact it lies within the problem statement. Create a mediator. allow the social media user to cast actions via the SMP. This seemingly simple solution can become tricky, lets take a closer look.

If we use the client(web-browser) to act as a server, and make requests to that "server" via the SMP, we may just have a solution. This is possible, and we're still going to make use of the iframes. By means of a javascript application exposing an api for the SMP social content, embedded in an invisible iframe that listens via an HTML socket opened to the SMP - alternatively we could use a long polling mechanism instead of an HTML socket for prior HTML5 compatibility.

Effectively, this allows us to make requests to this client via the SMP and in turn allowing us to make user action requests via the iframe cookie as if it were from the user's web-client.


Solution B - Representation by composition

The representation of the comment box can be controlled by means of a javascript library and web widget designer - it could be very flexible if done correctly-. Perhaps certain widgets such as the plus one button could be made available and we could rather create a representation by composition from these widgets, the widgets having properties such as 'required', 'size'  and 'color' etc. where applicable. We can govern this library by means of a licence/terms of use - which is currently attached to embedded social media anyway. As a use case, the composition allows me to not have to display the same post,


Solution glue

In order for this to all work, we need some glue, i.e the real security factor. This is something like OAuth, where the SMP would need to grant the host website api usage privileges via means of public/private key.  

Solution Plan



  • The implementation could be so that when commending/+1/liking/etc a piece of social content, it is integrated with the url. 
  • Future implementations of the library could allow a website owner to publish directly to the social platform and returning ids and other useful information about the post.



I believe that as users of our social media platform, we shouldn't have to manage security of third party websites. Moving forth using oauth to get flexibility in website commenting boxes is unsafe in it's current implementation as the 3rd party receiving those permissions have those permissions while the user isn't present, moreover, we have to give out permissions to too many 3rd party for this to be of any real security value, it's redundant and annoying.

We can see with clarity that this is not such a hard problem to solve considering the technology that exists today. In fact, an implementation without a mediator is entirely possible as well by storing properties of the representation composed by a website owner on the SMP and then rendering the iframe with the given representation properties. Of course, this limits flexiblity and potentially in ways we would like to keep the flexibility. This does seem rather counter-intuitive, and that's security.

Wrapping an implementation of solution A+B into a js library for those popular social media platforms will serve greatly in promoting their SMP and help towards revolutionizing the web to become less redundant, simpler and more consolidated. Alternatively might we see someone like Disqus dominate the social media scene in the future?