-
-// TODO(TC): Implement
-//
-// Trusted content
-//
-// Normally, Keep-web is installed using a wildcard DNS entry and a
-// wildcard HTTPS certificate, serving data from collection X at
-// ``https://X--dl.example.com/path/file.ext''.
-//
-// It will also serve publicly accessible data at
-// ``https://dl.example.com/collections/X/path/file.txt'', but it does not
-// accept any kind of credentials at paths like these.
-//
-// In "trust all content" mode, Keep-web will accept credentials (API
-// tokens) and serve any collection X at
-// "https://dl.example.com/collections/X/path/file.ext". This is
-// UNSAFE except in the special case where everyone who is able write
-// ANY data to Keep, and every JavaScript and HTML file written to
-// Keep, is also trusted to read ALL of the data in Keep.
-//
-// In such cases you can enable trust-all-content mode.
-//
-// keep-web -trust-all-content [...]
-//
-// In the general case, this should not be enabled: