Commit Graph

26 Commits

Author SHA1 Message Date
Christian Bundy
a4ccae8833 Fix theme using capitalization
Problem: Capitalization in "sulphurPool" was causing a file not found.

Solution: Replace "sulphurPool" with "sulphurpool".
2020-03-24 14:55:50 -07:00
Cinnamon
dba544c9b5
Merge branch 'master' into add-profile-image-upload 2020-03-11 17:20:47 -07:00
Christian Bundy
f2cf067b67 Present error message while waiting for indexing
Problem: When our views are still indexing the database they apparently
don't respond over MuxRPC, which means that we're just waiting forever
until they finish. This means that people who are indexing the database
get an HTTP response that might take an hour to finish.

Solution: If we have more than 1 mebibyte of backlog, present an error
message explaining the situation and asking for a bit of patience.
2020-03-09 15:14:28 -07:00
Christian Bundy
02d6d5adac Add profile image upload
Problem: We can set our name and profile description but profile images
are expected by most people and supported by most clients and we don't
have them. A profile without an image can sometimes lack the intimacy
you'd get if you let people upload profile images that they can use as a
visual avatar.

Solution: Add profile image upload to the Edit Profile page and add a
bunch of plumbing for `ssb.blobs.add()` to add the blob and publish a
message setting it as a profile image.
2020-03-01 11:11:09 -08:00
Christian Bundy
3758bbf636 Simplify installation
Problem: The install instructions in the readme contains quotes because
it has a `*`, but `#semver:` does what we need without the quotes. The
`docs/install.md` file also has some unnecessary complexity, like
cloning via SSH (only useful for maintainers), which I think we can
safely remove.

Solution: Change the install instruction and reorganize
`docs/install.md` to be more relevant to people who are installing from
source.
2020-02-29 08:31:07 -08:00
Christian Bundy
ed5e6e5f61 Add support for Unix socket with noauth
Problem: We're doing tons of unnecessary cryptography by encrypting the
connection between the "client" and "server", which are often running in
the same process.

Solution: Instead of connecting to the SSB service over TCP and
encrypting the stream, just connect over a socket (supported on Windows,
macOS, and Linux) and don't bother encrypting anything. This is what
Patchwork and Patchbay do already, and since our secret is at
`~/.ssb/secret` then we should be comfortable with `~/.ssb/socket` being
a trusted file where access implies authentication.

Local tests suggest that when sodium-native is available, this commit
reduces the time to render the 'Popular (Day)' page by 17%, but when we
have to fall back to JavaScript cryptography the same page now takes 30%
less time to render. My intuition is that this improvement is more
dramatic on mobile, but requires further testing before we can pat
ourselves on the back too much. :)
2020-02-21 09:23:46 -08:00
Christian Bundy
cf1a88e2f7 Add Termux install documentation
Problem: The Termux install is new and exciting and there isn't any
documentation on how to experiment with it.

Solution: Add some documentation like we've done with systemd and
Docker so that we can collaborate and figure it out in the repo!
2020-02-20 15:12:38 -08:00
Christian Bundy
3abd28ade2 Fix likes not working with Patchwork as server
Problem: Recently we refactored the code so that we calls over MuxRPC
used promises, which was incompatible with the client-side SSB-Tangle
plugin that was expecting a callback. While debugging this error, I also
noticed that our `{ ws: { http: false } }` code wasn't doing anything,
and that our connection error handler was handling all kinds of
unrelated errors that would make debug more difficult.

Solution: Use `util.promisify()` to convert the callback-style function
into a promise-style function, remove the unused SSB-WS code, and reduce
the scope of the error catcher so that it'll continue to output errors
unless they're "cannot connect to sbot".
2020-02-16 10:24:42 -08:00
Christian Bundy
5635b36074 Merge branch 'master' of github.com:fraction/oasis into fix-search 2020-02-02 12:24:06 -08:00
Christian Bundy
b0103ad847 Fix search hanging when querying 3 or fewer chars
Problem: SSB-Search has a bug where too few characters just hangs the
search indefinitely and never returns. https://github.com/fraction/oasis/issues/107

Solution: Enforce a minimum length of 3 characters in the search. I
bumped into another bug where HyperScript, a dependency of HyperAxe,
doesn't support the `minlength` attribute, so I had to deploy a small
workaround for that too. The fixes aren't very pretty but they're better
than just ignoring the problem.
2020-02-02 12:20:47 -08:00
Jonathan Dahan
a3265dc635 add upstream C4/42 contributing document 2020-01-28 14:33:05 -05:00
Christian Bundy
48cac575e7 Add install-systemd-service.js 2020-01-03 21:06:08 -08:00
Christian Bundy
8d56405251 Format with prettier 2020-01-03 15:21:33 -08:00
Christian Bundy
64154f2eed Change to organize install docs 2020-01-03 15:04:16 -08:00
Christian Bundy
2ee4ece1c1
Change to remove whoami() calls 2019-12-07 17:01:04 -08:00
Christian Bundy
f0aa1f11df
Change default views to filter ssb-dogfood
The SSB network is full of discussion about the SSB network, which isn't
very accessible for the majority of people. SSB developers use SSB to
talk about SSB, a practice often called "eating your own dog food",
which exascerbates the problem.

This commit filters the "dogfood" from the public thread and comment
views, which can be avoided by appending `/dogfood` to the URL.

- http://localhost:3000/public/threads/dogfood
- http://localhost:3000/public/comments/dogfood

This is a hack, and should be resolved with sorting and filters and all
sorts of fancy options for each list of messages, but I want to start
experimenting with this view (and talking to people who aren't talking
about SSB).
2019-12-04 11:34:48 -08:00
Christian Bundy
815d3bfca1
Add blob subdomain and security headers
Serving HTML under the same domain is dangerous, because it means that a
malicious user could serve JavaScript that could act on other pages on
the domain. This could allow a malicious user to read or publish
information from a blob URL.

This commit stops that behavior by delegating blobs to their own blob
subdomain and adding HTTP headers for security so that they can't access
the application.
2019-10-25 07:42:33 -07:00
Christian Bundy
b4f928fc48
Fix install bug by using new CSS variable package 2019-10-08 10:32:13 -07:00
Christian Bundy
0467db81d2
Use pull-paramap to speed up like page 2019-09-30 17:46:04 -07:00
Christian Bundy
0593635ca3
Add all supported base16 themes 2019-09-29 19:00:30 -07:00
Christian Bundy
8f0ed9b872
Add lots of shared base16 + highlight.js themes 2019-09-29 16:06:41 -07:00
Christian Bundy
c349a29601
Add reply-all feature for non-forky replies 2019-09-26 17:19:18 -07:00
Christian Bundy
5b115f5004
Add spell-check for Markdown files in project 2019-08-13 14:40:08 -07:00
Christian Bundy
e87cbd37d0
Fix bug where private messages were liked publicly 2019-08-12 14:17:04 -07:00
Christian Bundy
3a11162455
Fix ssb-msgs broken from mechanical edit 2019-06-27 15:07:09 -07:00
Christian Bundy
762cc50f9a
Add cspell and use real English words 2019-06-27 14:54:32 -07:00