/t/ - Meta

Site Discussion

Files (Max 3)
[New Post]

(230.4KB, 1280x853)
The Official Meta Thread
Discuss here everything about the site, the software, the staff, etc.
Rules: https://fatpeople.lol/rules.html
FAQ: https://fatpeople.lol/faq.html

Firstly, yes board creation is open but don't go crazy. I Will disable it at ~20 boards and allow exceptions beyond that for boards I find personally interesting or boards that need a bunker. When it comes to managing your board, I'll repeat what I said in another thread:
>Follow site rules, keep the content legal, don't skirt the line.
If you lack the time and staff to manage board, don't start one. Global moderation here works to keep the site running and out of trouble, not to run your board for you.
There has been some new activity since this site was added to the "webring" which is nice. There are tons of cool sites in the webring which you can find on the board page: https://fatpeople.lol/boards.html so have your bookmarks folder ready.
The software running here is a work in progress. Some features may be missing, others may be broken. Things will improve with time. If something does not work as you expect or you have any issues, please make a post in this thread (or board) and include a detailed description of the problem and steps to reproduce. For vulnerabilities/security issues, please refer to the FAQ and contact me privately.
Great, thanks Tom. Cute gun-grill btw.
Question; what's the trick to upload multiple images with one post? I've been able to set the limit at 3 in the moderation page, but trying to post anything more than one via the QRs 'files' field doesn't work afaict.
Replies: >>193
Its just a multiple input file field. you should be able to hold control and select up to 3 files in the file browser menu in your OS and it will upload them all. Also make sure your browser supports it https://caniuse.com/#search=file%20multiple
Replies: >>202
(21KB, 336x280)
(21KB, 336x280)
(21KB, 336x280)
For example
Would it be possible to make thumbnails a bit larger?
Replies: >>196 >>198
I was thinking about going 200x200 (right now its 128x128) for desktop users. Mobile I will probably use CSS to keep it the same. Not sure how it will affect already uploaded images but i could reprocess them all to 200x if need be.
Ill post in here when I get around to changing it.
Replies: >>198
(228.4KB, 1080x1350)
OK I made them a little bigger (200x200)
You might need to ctrl+f5 or clear cache to get the updated css.
Older thumbnails will still show as the smaller size.
(1MB, 460x344)
Testing can tor post files
not cucked, seemsgood.
I see thanks, I'll give it a try.
<also; caniuse.com
Cool. Didn't know about that.
Hey Admin Tom. So, I was responding to an anon about a board question.

I had already authenticated in and put this in the 'Name' field:
Chobitsu## Board Owner
but the standard name 'Robowaifu Technician' appeared in my post.

What gives, obviously I did something wrong?
Replies: >>206 >>207
hmmm OK ill try it out on a test board and check whats wrong.
Replies: >>207
Not your fault, problem fixed and I edited that post to include your name & cap. Thanks for the bug report on that.
Replies: >>208
(154.6KB, 761x800)
Great, thanks Tom!
I just saw the new board list. You've clearly vaulted fatchan's webring list to the front of the pack now. Thanks for the efforts Tom.
Replies: >>234
I might change it to only sort on one criteria instead of combinations because it adds more DB load and complexity. Even though mongodb supports index intersection I'm not sure how the performance will be when I add proper indexes. Right now it doesn't need them since the collections are so small and get cached anyway. I think most people only want to sort by most/least for users, pph or total posts so there is no need for multi-facet sorting. Once if the webring adds tags to the schema I will also change the "name" box to a "search" box and search with tags, since right now it only returns exact matches on board uri. That should be another improvement. 
Hopefully the board list does not get me in trouble because I saw some people arguing on smug/a about how offering a sorted list of all boards would lead to the 8chan problem of small boards being dead. I already had it mostly working before those comments though and would rather not remove it because I find it useful. Personally it doesn't stop me exploring smaller baords and I have posted on many.

In other news, there is now a small box at the bottom of thread page showing if you are connected to socket.io for live posts. New posts in the thread will appear immediately instead of polling the JSON like older imageboards. If you lose connection, once it can reconnect it will use the JSON to catch up, then continue with the websocket. The dot color meanings: yellow = connecting (on page load), green = connected, red = lost connection/trying to reconnect. You might need to ctrl+f5/clear cache for it to show up correctly.
Replies: >>235 >>246
Nah leave it as is imo. I know that a request was made to Robi to turn on tag data along with the webring broadcasts. He said he'd talk with someone (presumably the other guy on smug). Not sure what the status of the idea is atm.

Interesting, didn't know about that (I'm not much of a web guy yet though).
Replies: >>236 >>243
socket.io is kinda like websocket. Actually it is, but with some additional logic added in for rooms, and to let it scale beter through arbiters like redis. Instead of polling or repeating a request at an interval, the connection remains open and sends a heartbeat. 
When a post is made, it is delivered through the already open connection and sends only the necessary data for a single post. It saves on bandwidth by not requesting redundant data like the whole thread JSON on an interval, and also saves on server processing power by not opening and closing multiple requests. It just opens and maintains one.
Replies: >>239
>>186 (OP) 
shut up faggot
Replies: >>238
(65.8KB, 300x100)
>it just opens and maintains one.
Hmm. Managing limited resources is an important concern in general. I assume there is a practical limit on the number of these open connections?
Replies: >>240
Yes but it would be a pretty large number. If necessary socket.io can also be configured in long-polling mode where it maintains a queue for each socket and then it will poll (like the traditional behaviour) and update the posts in the same way. OR you could add a second server and connect it to the redis arbiter and it would scale the number of connections you could handle (if you know how to configure load balancers).
Maintaining only takes a small amount of ram. Making requests over and over probably uses more resources. I could also use webworkers to share the same connection between multiple tabs which would reduce connections (I will do this, just not high priority right now)
The site has had this feature for a long time, I just didnt have an indicator for it.
Replies: >>241
I see. I guess I have plenty to learn about web systems. I'm currently working on a thread pool atm so I'm learning something about stuff like this.
Replies: >>242
>working on writing my own thread pool*
Forgot to mention last night that last activity time and tags for boards were added to the webring. Seems like only smug and me implement it right now. But now board list search searches both uri and tags.
Replies: >>244 >>245
Oh cool. That will be very useful, especially when this grows to hundreds of boards among dozens of sites on the webring federation.
Looks like Robi has entered the board list battle with a vengeance Tom. :^)

His new webring panels looks pretty sweet.
Replies: >>246
Yes it's much nicer now. It's hard to compete since I do it all server-side.
Like I mentioned in >>234, sorting on the db without proper indexes is bad performance-wise. You don't notice yet because the webring and local boardlist is quite small, but it would get worse quickly. For a compound sort (sorting on multiple fields), the database needs a separate compound index for nearly every combination of sorting. It's not practical or reasonable to have so many database indexes. More indexes means a larger minumum size in memory and larger cpu footprint when re-ordering documents.
I think it would be best to support 2 indexed sorts:
- Default "8chan sort" which is a compound sort of [users, pph, posts]
- Activity sort
Both in either ascending or descending.
Replies: >>247
I see. Sounds complicated tbh. So, I certainly love the activity sort and I can tell already I'll soon be addicted to it. I can't be sure, but it looks like not every site is providing that info back yet? Julay, Smug, & Fatchan seem to be the only ones using it atm afaict.
Replies: >>248
Since Julay and smug has it, I assume its available in both the lynxchan and infinity/vichan plugins. It's just a matter of the other sites updating to use either one.
Replies: >>249
One thing I wish was available would be able to individually 'filter' out boards and even whole sites from appearing in the list (I mean as the end-user ofc). There are several boards that I never want to visit by their very nature, and even the newest Floridachan site itself doesn't allow TOR posters and therefore is of zero interest to me (since I never frequent boards I can read-only). For now, the lack of filtering isn't of much concern, but as you say it will grow and then it could feel like a minor nuisance if it's not present.
Replies: >>250 >>252
I could blacklist sites to prevent them showing up in the webring board list, but I think that is intended for boards that spam and cause trouble in the webring. Maybe somebody will release a small standalone client that has all the sorting and filtering available locally. That would also have the advantage of not visiting a bunker to find links to other bunkers, so people dont need to bookmark multiple board lists incase one goes down.
Replies: >>251 >>252
You Admin's need to blacklist sites is a whole higher arena than my personal ones (kinda why I mentioned 'as an end-user'). So for example /d/ might not be evil shits that are spamming everyone and need to be blacklisted therefore, but for me personally I'm never going there. Stuff like that.

>standalone client
There was an 'unofficial' standalone windows application for cuckchan back in the day that was a powerful gallery and thread-watcher tool. can't remember what it was called now, but I'm guessing you mean something like that.

And yea, I think especially at this early stage of the game sites are differentiating themselves from one another in various ways. One of those ways is the board list (and for which you took the early lead tbh).
The main issue with filtering/favoriting boards is that you'll have to do it separately for every individual website, because there's no way to transmit information between them without privacy issues (e.g. going through a central server). This is one of the greatest weaknesses of the webring in my opinion, it affects userscripts and styles and everything, it's just very hard to get any consistency.

I'd love to have it though, especially because Julayworld has so many damn boards and I only care about 3 or 4 of them.

>standalone client
I've been thinking about/advocating for this because it has almost nothing but advantages. It improves privacy and performance, doesn't require you to gimp the features just because JS is shit, solves the aforementioned consistency and data transfer problems, solves the "bookmark every website just in case" problem, generally brings the webring closer to you rather than the server you're on, enables features that are impossible on the browser, allows you to modify the structure of pages/posts/everything...

I'd do it myself but I have no experience whatsoever with programming networking.
Replies: >>255
Yes, I strictly mean some sort of end-user filtering tool directly on the boardlist page's script, not a webring-server/system-wide facility. Again, that's a higher level concern.
>Julayworld has so many damn boards
Heh, my response would be
A) This is a good thing ofc
B) Not as many as there will be! :^)

>standalone client
Those are all good ideas you bring up anon. Hmm, I haven't been using it for long, but libcurl for C/C++ seems to make it rather straightforward to use networking. Maybe it could serve as some kind of basis for a program? I'm sure Python has good networking as well.
(430.9KB, 500x282)
I see that 'Activity'  sort on the board list.
Replies: >>257
Thanks. Later I will add a relative time mode so it shows "x minutes/hours/days ago". Right now the times are in server timezone so they dont really make sense for all users.
Replies: >>258
(234.1KB, 2319x1546)
yeah, that would be kinda nice.
Alright added it. Goes from
>x minutes/hours/days/weeks/months ago 
>more than a year
Replies: >>260
Yea that looks just right. Any idea of adding a similar 'heat map' background to the time?
Replies: >>261
>>260 Added but you might need to clear cache/ctrl+f5 to get the updated css
Replies: >>262 >>265
(43.6KB, 600x647)
heh, that was fast. i love the fact you guys are all innovating at the same time together.
How will 8kun ever recover?
Replies: >>265
Heh, I just realized my joke might be misinterpreted given the current circumstances around 8kun. I absolutely want the Watkins to succeed with bringing it back online, I simply want bunkers and sites like this one to become much stronger players in the future. Competition is a good thing.
Replies: >>267
I'm really enjoying the board list here now. It's my go to tool to see where the activity is at.
Replies: >>267
>8kun come back
Yeah it will be pretty great when its back. Still using infinity based on the recent leaks and still has bonegoblins name on the bottom of every page. I am sure he is not happy about that and the "8" branding and will continue to sperg on twitter.
>become much stronger players in future
It would be fun to move to powerful server(s) and add multiple servers/proxies for high availability (kinda like 8kun) incase the site comes under threat or gets alot of growth. I don't expact that anytime soon though.

Thanks friend.
Replies: >>273
Webring/board list now correctly reports last activity if a post gets deleted e.g. removing spam. Going to update it again soon to respect SAGEs. Then it will be back on track matching what I read on smug.
Replies: >>273
yeah, he's really playing this up atm. sad, really.

Yes! Resiliency in the face of an adversarial environment is something I think about often and it will be vital in the future if IB culture is to survive. It will be a huge loss to the world if it disappears.

Nice. Look forward to it.
stephen lynx is a cunt
komi curious.jpg
(52.4KB, 800x450)
How easy would it be to implement last-50/100/200/etc views for threads? Would they be hard coded, or could it be left to the user to decide how large or small he wants to make it, like last-266?
Replies: >>277
You could make it output more pages with the last X posts but of course that means more server load generating them. It could be left to the user but then the page would be generated dynamically. If you make it a set number then its probably better to save it as a static file. 
Im not sure this site needs it (yet) anyway because the javascript is pretty light so big threads should load fast and not be such a burden. Part of that is due to the way posts update live using a websocket instead of downloading a massive html page, and partly because reply links are in the html not added by a script. Also the scroll buttons float in the bottom right so you can access them from anywhere on the page.
(493.1KB, 960x640)
Responding to >>285 about their feature request, but figured this would be a good post to update on how things are going in general so I am posting here.
Been working on a simple post hiding or hide by ID. It works but I wont release it yet. Still need to make a unified settings menu for the frontend before there are too many scripts. I will include settings like themes, live post settings, hide list clearing options, etc all in one place, probably a modal box like the one that shows errors when posting. That way any script that needs settings doesn't litter the page with out of place options or cause content jumping.

For updates after that, I will spend some time on new moderation tools for global staff. This will include global filtering, file hash bans and the ability to alter board settingss like captcha site-wide in case of spam attacks. Should help counteract TOR hidden market ads or pharmaceutical bot spam. It is relatively easy for me to moderate for global rule breaking spam across all boards (since I have a global "recent posts" page), but these would help prevent the issue before it happens and make it easier especially if there were more boards or overall higher PPH. Also I will add another section to the FAQ about how antispam settings like the early404 or PPH/TPH triggers work to help board owners understand what they do and include my recommendation that both these things remain ON.

Then the focus shifts to more todo list items like staff post editing, custom static pages for boards, cross-board post moving, file URL uploads, etc. Of course also I have some things in mind that need refactoring and cleaning the code, but things are pretty good as they are.
Replies: >>291 >>296
>Still need to make a unified settings menu for the frontend before there are too many scripts
>That way any script that needs settings doesn't litter the page with out of place options or cause content jumping.
Smart thinking, and good choice imo. The clean interface here is one of the nicer features of jschan. I wouldn't clutter the interface up too much if I were you.
>PPH/TPH triggers work to help board owners understand
This seems like a good idea as well. early404 is something I'm not certain I understand too well, care to explain it ahead of time here? Also, as a BO I don't really want threads just disappearing within hours simply b/c there are few to no replies. Is that how that tool works? I fully understand the need to stop automated or semi-automated attacks ofc.

The future plans sound really sweet. I wish the ability to move posts around at all was a part of the board software where I'm at. Having an even more powerful version here is a strong point in favor of this board software imo.

You're doing a good job Tom, keep it up mate!
Replies: >>292
pph/tph (posts per hour / threads per hour) trigger means when the board hits either of the configured triggers, it will perform the "trigger action" which can be either nothing, enable captcha for new threads, enable captcha for all posts or lock the board.

Early404 means when a thread has less then 5 replies and leaves the top 1/3 of thread limit (so roughly halfway down page 3 on a 10 page board) it gets pruned, just like something on the end of page 10. It helps prevent spamming threads to slide a board because every thread needs 5 replies. Coupled with captcha its very effective. Iirc the idea originated from an issue on the vichan repo about how to prevent sliding without hurting regular posters too much. The tradeoff being that legitimate threads with too few replies will also be pruned, so it is up to board owners whether they want to enable it.
The default settings when creating a board are: 
tph trigger: 15
pph trigger: 50
trigger action: enable captcha for all posts
early404: enabled

As for post moving, it already exists but is (and will remain) a staff action, used for moving offtopic posts, combining duplicate threads, etc. It is mostly untested and the logic for it is pretty complex because of relinking quotes and rebuilding the correct pages, but it should work. I will need to really clean it up when i add cross board as an option.
Replies: >>293 >>295 >>296
>it gets pruned, just like something on the end of page 10
OK, so I do understand it. So, as generally a very contentious BO in my (now ~3yr-old board) I watched fairly closely to deal with spam, and severely out-of-band shitposting. Fortunately I didn't have much of the former (but I paid attention), and I create a 'The Lounge' containment thread for the latter. There were a few threads in my roughly 100 thread board that had less than 5 replies but were completely legitimate (including at least one of my own making).

Having those threads auto-pruned by some bot to fulfill a site's anti-spam admin policies would have been--and still would be--a mistake. Now I'm diligent to keep my own archives up to date (see: >>>/tech/76), and I realize that I'm probably atypical for a BO, but I hope you never just 'force' early404 here.
Replies: >>294
>but I hope you never just 'force' early404 here, it would have been a shame to lose those threads forever.*
Replies: >>296
(2.9MB, 200x234)
> and the logic for it is pretty complex because of relinking quotes and rebuilding the correct page
trust me, i'm well aware of these 'hidden' complexities heh.
As I said in >>290
>my recommendation
because it is useful in more situations than not. However it will not be forced, it is optional.
I was just theorizing about global moderation. Of course global staff should not interfere with boards beyond enforcing global rules, but if multiple boards come under spam attack, changing their board settings to enable captcha or early404 might be a good idea rather than deleting posts in futility. I agreed with your point that legitimate threads may be gobbled up by early404 in >>292 and I will include that when I update the FAQ notes.
Replies: >>297
Fair enough, thanks for the diligence. 
I wonder if they keep him in a dungeon and beat him daily with rubber hoses now?
Hey Tom, any change you can fix my code block fubar?
Replies: >>299
i gotchu
Replies: >>300
Thanks mate.
Consider adding these javascript buttons with javascript, or hiding them with CSS if js is disabled. I'm noticing there's more and more of them even though I don't use JS, for example the options button on top right, the auto-loader "connecting..." thing, and now post options or whatever.

What I'd do is add a script right at the start of the document body that does document.body.classList.add("js"), then add js class to anything that requires js, and then add body:not(.js) js{display:none!important;} to the CSS style. That way you don't have to loop through all the posts to add shit or anything.
Replies: >>304 >>306
There is a noscript tag with a style tag inside that should hide them all. Using ublock origin right now and just tried noscript in tor browser, all the js only elements are hidden. Not sure why you still see them.
Replies: >>305
Ah, maybe my uMatrix is spoofing noscript elements. I faintly recall that being a thing.
Replies: >>306
Yep, best fix that, noscript tags are valid and the proper way to show content for users with js disabled.
To better answer >>303, the reason I have post menus in the page already instead of inserting everything dynamically is that doing it on page load must block rendering if you want to prevent content jumping, and is slow especially for long threads. Of course the page is larger but only by a negligible amount and IMO the benefits outweigh the costs. Doing it the way other imageboards do it means you get content jumping AND inserting many elements dynamically leading to a sluggish and ugly experience.  To compare versus lynxchan/vichan try the folowing steps with and without scripts enabled on vch/smug, julay and this site:
1. open a thread
2. scroll half way down
3. refresh the page
There should be a noticable difference and hopefully you agree it performs better here. I completely respect the noscript/tor/privacy conscious users, that is why I made the new settings menu to keep things tucked away and reduce clutter in the first place. Hope you understand.
Replies: >>307 >>311
You're on the right track Tom and obviously have given thought to efficiency in both time and space. Just move forward with your design. If it turns out uMatrix is creating an issue, then just note it in the site FAQ, with proper advice thereto.
Curious what 'Scuffed code' >>308 means?
Replies: >>310
Buddy of mine wanted to share some code with me and is blind or doesnt see /tech. Some weird buffering behaviour in nodes net module when using UDS.
Personally I feel like noscript elements are a net negative for privacy since you could put a tracking beacon there or something to poke noscript users specifically.

I do agree that it's better having the js elements on the html rather than adding them with js.
Replies: >>312
Never thought of it that way. But noscript elements in the document head can only contain meta link or style elements. maybe a meta refresh is the worst you could do? Otherwise adding an extra request to flag noscript users doesnt really matter because the inverse is true. you could just see that they dont download any scripts.
Replies: >>313
>elements in the document head can only contain meta link or style elements
Styles can load fonts, and also images as background-image and with ::after.

>you could just see that they dont download any scripts
Much more elaborate to accomplish than just pasting an image and tracking requests to it, especially if it's a third party beacon. The more effort one has to put to get around obscure things like this the less likely they are to do it.

Anyway it's not a big deal, I just thought the js elements weren't hidden at all for nojs users.
Replies: >>315
Yeah good point. I use it in other places so im not about to change it all up. Anyways not a big deal.
(38KB, 1002x124)
Hey there, I notice that your board listing still responds to sages on the webring as recent activity. I merely point it out b/c I think I remember you saying you intended to ignore them or something. My guess is they are reporting it to you as bumps?
Replies: >>317 >>318
The 2 posts in question btw
Yes, they are reporting it as activity. https://julay.world/webring.json its based off the lastPostTimestamp.
Replies: >>319
Figured. Thought I'd let you know Tom.
Hey Tom, any chance you could fix this post for me? It didn't turn out as I intended haha. 
Just use your best judgement I'd say. :^)
Replies: >>321
Once I get back to my desktop I will do it first thing. The reason the multiple ='s behave like that is the post styling uses lazy regexes so you can have multiple of them in a single line. Downside being that long repetitions of them don't work. I have some ideas in mind for a solution or beter method I will try later. And eventually post editing will be a feature so I can edit them without having to edit the fucking database manually... lol
Replies: >>323
Thanks, apologies for being a nuisance. I suppose I should have used a code block heh.
Is it too late to replace MongrelDB with MariaDB or PostgreSQL? Mongo eats RAM and is unstable.
Replies: >>325 >>326
Not admin, but could you explain anon? I'm intredasted in using a nosql approach for my own project work. Any problems with using BSON (as I'm already fairly leveraged atp w/ JSON)?
Replies: >>326
Is it too late? Probably. Alot of mongo features are used e.g. nested data, arrays, TTL expiry, the aggregation framework, partial filter expression indexes, etc. SQL doesn't have a way to do those as easily. MongoDB has worked smoothly in this and other projects for me. Lynxchan had isues but im prety sure Stephen is just doing something retarded to make it crash. The ram usage at a minimum needs to hold your indexes and by default mongo allocates 50% of ram. It wont clear anything it has cached until it needs to. You can change the log leven and check data sizes and various other stats from within the mongo console to find what might be causing your issues.
If your complaints are that it uses too much ram and crashes with no further explanation then you are just talking shit.

There are limitations to BSON like the maximum document size (16MB iirc) so each document must fit within that. MongoDB also does not have things like cascading deletes, enforced data types or schema, database triggers, joins, etc if you need those alot, use SQL. You should look at mongodb docs for data modelling if you are curious https://docs.mongodb.com/manual/data-modeling/
Other BSON quirks include their special data types for integers (all numbers floats by default), objectIDs, dates, probably more. Also I imagine your experience will depend on what driver you use, so do some research and find which is best for the language you are using.
Replies: >>327
(246.3KB, 440x248)
>so do some research and find which is best for the language you are using.
Thanks for the advice Tom. It's the BUMP project. BTW, I'm close w/ an improved v0.2
I'm stuck at the 'symlink it to /etc/nginx/sites-enabled.' part.
I have the nginx config file called 'default' in /etc/nginx/sites-available, but when I run 'ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled' it says 'ln: failed to create symbolic link '/etc/nginx/sites-enabled/default': File exists'.
Replies: >>335
(82.3KB, 1330x974)
I got the FAQ page working, so that's something. However index.html, news.html, boards.html etc are all missing and give a 502.
Replies: >>334
(58.1KB, 941x753)
In case it's relevant: this is how the setup script went.
Replies: >>335
looks to me like you're mostly there anon. good luck.
I think I know whats wrong. I will  make a few changes and post in >>217 to let you know. And I will clarify what to do for >>329
Replies: >>344
keep up the good work tom, you might just make this a very appealing alternative to lynxchan
Replies: >>363
Appreciate the encouragement, friend.
Lynxchan has alot of development under its belt with some good improvements especially in the latest version. It's definitely more mature. I will strive to add matching features, but dont want a competition or rush. Lynx already gets some hate, but the last thing I need is some kind of infighting or to make people feel I am trying to uproot lynxchan users into another software. Hope you don't see this the wrong way or maybe I'm totally overthinking it.
For now just gonna take it slow and steady adding and improving features based on the github todo lists and my personal needs. Having some people to enjoy and use it right now is good beta testing :^)
Add the option to hide the  registered user (mod) that deleted the files from the log
Replies: >>366 >>404
Also ctrl+v paste from clipboard into file upload
Replies: >>366 >>404
Would it be a global setting, per-board, or per-entry with a checkbox like "dont show name in log"? 
IMO showing the name keeps accountability so people know who deleted their post. Hiding it does not really protect anybody, it will just make users resent the moderation as a whole if a staff hides their name. I can still add it, just sharing why I think its not a great idea.

Okay, will do. ClipboardImage.png incoming :^)
Replies: >>367 >>374
knowing moderation team names creates endless drama
Replies: >>368
That's true. I guess if they dont know the names in the first place it prevents trouble from hiding names. Ok I will think about how to implement this best and probably make it an opt-IN to show staff name when moderating incase somebody wants it.
Replies: >>375
>>186 (OP) 
cool, are there file hash bans here yet?
Replies: >>370
No, but it's on my todo list.
Low priority though. The problem with this is using hashes/checksums to ban files completely wrong. A small change to the input of a hash function should result in a significant change to the output. So if you ban a file, somebody can literally open it in a text editor, change 1 character and it will bypass the ban. Most video/image formats wont be seriously affected by such small corruption. It would work for a few dumb pedos uploading CP, but the same file encoded differently or from a different source (happens alot) will still get by. And it definitely wont stop a spambot.
I remember back in 2016 many vichan sites were hit by the same CP link shortener ad spambot, and it sent the same image but with JPEGs of different quality to bypass any kind of image hash ban. Instead vichan implemented OCR (optical character recognition) to try and read text in the file like the banned urls and then put the text through regular post message filters. It wasn't very reliable. Image analysis like this or like similarity search are not really great either because they require alot of processing power.
Replies: >>371 >>372
Feel like I should add to this. Basically trying to ban files just sucks. Then is also steganography where data is hidden within regular images through some interesting techniques. For example https://github.com/desudesutalk/f5stegojs
Yes it's pretty easy to get around but most people don't bother/know, it does take care of brainlets pretty good and makes them have to take an extra step to keep posting shit making their life harder and more likely to just give up, specially if they are phoneposting, the work they have to put in by altering the file will outweigh the work a mod has to do to just baleet it
Replies: >>373
Still adding it, just sharing some issues behind it.
dancing monkey.gif
(876.6KB, 345x270)
>ClipboardImage.png incoming :^)
Replies: >>404 >>406
I absolutely could care less about e-drama having important things to do in life. If I (or my vols) ever perform a moderation action I want it obvious why, ie, I want a reason to be a requirement.
Can you remove the actual chan websites from the webring example file? You should remain neutral as a software developer and not cherry pick imageboards you personally don't like.
Just replace them with 'imageboard.url' or something.
Replies: >>388
(3KB, 234x137)
1. Can you make it so if you click on the post number (the number, not the 'No.') it adds like a 'q388' or something in the URL and it pre-fills in the >>post number in the post form?
Right now clicking the post number just links to #postform which doesn't do much.
2. Sometimes I don't connect for live posts even though my connection works fine, how come?
Replies: >>392 >>404
1. It should already do that
2. Not sure. Does it ever connect, or immediately go to 'error reconnecting'?
May I ask what browser you use, and if any errors appear in the developer console? (f12)
Replies: >>393 >>404

Not that guy, but when I click on your number I get a QR box and the above is inserted. Brave browser.
(9.2KB, 347x103)
(1MB, 00:27)
>>364 >>365
Clipboard works now, and drag+drop works for most browsers. I don't think drag+drop works in palemoon so I have a workaround from stackoverflow I will try later. I still have to a little "x" to remove files, selective spoilers, the small thumbnails in vichan/lynx, etc. Right now you can just middle click to clear the files, I left that in there from when I was testing and it will get removed once its finished. Oh, and >>374 yes it is clipboardimage.png :^)
I also added the log name hiding thing. Username is only shown in logs if the staff selects to show their username with a checkbox. The username is still stored with the log event in the database as I plan to have logs (with names unhidden) in the management pages eventually.

There were some more changes:
- If you had live posts disabled, when you enable it, it does the "catch-up" (same as happens when reconnecting) to fetch any missed posts.
- Added an audio file option and it should work for mp3/wav/ogg.

Anon are you still here/facing this isssue? (>>392)
Ehh, I knew I forgot to mention something: If anything looks strange after the changes, force refresh ctrl+f5 or clear cache.
(2.4MB, 640x360, 00:26)
>Oh, and >>374 yes it is clipboardimage.png :^)
heh, nice.
Manuel - Gas Gas Gas-atuFSv2bLa8.opus
(4MB, 04:31)
Replies: >>408
Hmm, looks like opus isn't working just yet tbh. I believe it contains an ogg payload iirc.
Replies: >>409
Sorry just updated the nginx config to add .opus extension, it should play now.
Replies: >>410
(129.7KB, 700x874)
No worries mate. Playing perfectly now, thanks.
>>186 (OP) 
Tom, not that it's hindering me in the slightest, but after the server break yesterday I noticed that catalog.json's weren't being served up (404) until a post was made on the board. Again, irrelevantly trivial but you've asked us to give you bug reports.
Replies: >>412
Visit the catalog html page (no need to post) and it will generate the json.
Jsons dont generate directly because they should always exist if a page exists... unelss ur an idiot like me and manually delete them oops, oops. Next time I do some major change I will make sure not to delete the jsons.
Replies: >>413
Thanks. Again, not an issue. :^)
make it so you can post a thread from the catalog
good work with the front end, looks nice & pretty good on mobile too
the reply/thread box popping out on the upper right corner looks weird but I guess it's just not something I'm used too
Replies: >>417
also this scrolling animation thing pisses me off, it's a big scroll when threads are long
Replies: >>416 >>452 >>476
>thread from catalog
Okay I'll add that
>long scroll
Hello chrome user. Firefox caps it to 1 second max scroll time so it goes fast no matter how long the page. But if enough people ask then maybe.
>upper right post box
The post box floating upper right is my simple solution to "quick reply" that also works for noscript and mobile users.
Thanks for feedback.
>good work with the front end, looks nice & pretty good on mobile too
It does look much better than lynxchan on both mobile and desktop, we just need more features and easier control, installation, maintenance, etc.
I heard there's something called Picochan which allows image expansion without javascript, anyone know about that and how it works? I can't find anything about it except some dead link from a brazilian imageboard list.

The only thing I can think of is using display:none on the expanded image and trusting the browser to not load it, and then expanding with the ID target method. But that seems pretty hacky and unreliable.
Replies: >>423
Actually I guess you could use a checkbox input with CSS "~" selector to toggle it as well, instead of ID targeting.
first method.webm
(1.2MB, 1094x782, 00:11)
second method.webm
(820.1KB, 900x622, 00:08)
I discovered one method, though it depends on CSS variables.
There's 2 ways to do it and both have different resizing problems. The example below cannot be resized from what I can tell, so big images will just overflow the container.
language: html
	.expander:checked + .imgtest img{
	.expander:checked + .imgtest::after{
		<input type="checkbox" class="expander">Expand</input>
		<span class="imgtest" style="--fullimg:url('test1_full.jpg')">
			<img src="test1.jpg">
		<input type="checkbox" class="expander">Expand</input>
		<span class="imgtest" style="--fullimg:url('test2_full.jpg')">
			<img src="test2.jpg">
Another slightly more roundabout way is to set it as a background image. This allows the image to fit the page, though it requires more variables and the height leaves an empty space below if the image scales down.
language: html
	.expander:checked + .imgtest img{
	.expander:checked + .imgtest::after{
		content:" ";
		background-position: center top;
		<input type="checkbox" class="expander">Expand</input>
		<span class="imgtest" style="--fullimg:url('test1_full.jpg');--width:1500px;--height:1061px;">
			<img src="test1.jpg">
		<input type="checkbox" class="expander">Expand</input>
		<span class="imgtest" style="--fullimg:url('test2_full.jpg');--width:638px;--height:1000px;">
			<img src="test2.jpg">
Sorry if this is a little off topic, just thought it would be useful to be aware of a method for this. Maybe consider adding something like this to jschan as well.
Ah, as a third method, you could use the second method except make it display full-screen upon :hover. That wouldn't require all the checkboxes.

The scaling problem with this one is that small images will upscale to be full-screen, which looks like shit.
Replies: >>425
hover method.webm
(810KB, 746x686, 00:08)
Sorry for spamming this thread, but >>424 actually works pretty well with a little trickery.
language: html
.expander:checked + .imgtest img{
	content:" ";
	transform:translate(-50%, -50%);
	background-position:center center;
.imgtest:hover::before{ /* faded black background */
	content:" ";
	<span class="imgtest" style="--fullimg:url('test1_full.jpg');--width:1500px;--height:1061px;">
		<img src="test1.jpg" width="200">
	<span class="imgtest" style="--fullimg:url('test2_full.jpg');--width:638px;--height:1000px;">
		<img src="test2.jpg" height="200">
	<span class="imgtest" style="--fullimg:url('test3_full.jpg');--width:300px;--height:125px;">
		<img src="test3_full.jpg" width="200">
Replies: >>426 >>429 >>476
(60.1KB, 1280x720)
This seems to give pretty good results. Not requiring the browser to have JS enabled, and still provide a decent experience for the end-user, is probably one of best features of JSchan tbh.
>Sorry for spamming this thread
I can't speak for Tom ofc; but I, for one, welcome our new image-expansion overlords.
Replies: >>427
I also forgot to add that image hovering and backlink hovering especially are the two features that I miss most with JSchan. I certainly would welcome image hovering if Tom adds it.
Replies: >>428
Wait, is backlink hovering working now? Nice, I guess I either missed it's introduction or I'm just a retard. Thanks Tom!
Replies: >>429
I like >>425 so I will play with that in dev environment. Gotta make it not interfere with javascript mode, not flicker if the image expands over the cursor, wont work for audio/video,etc.

Still needs some work, but yeah
- make it fetch from the api for index pages
- bug sometimes where it doesnt disappear
- disable for mobile users since its cramped, and pointless unless they have a samsung galaxy note device or a mouse
Replies: >>430 >>431 >>432
(14.5KB, 463x308)
Also Im gonna try to add the underline thing when hovering a reply link to a post with multiple quotes, so you can see which part is the reply without checking the number. Pic related is an example i just took from 4chan.
Replies: >>431
great, that will make the place seem like a different site for me personally. that specific part of the whole shitposting experience is really integral for me.
yes, good idea.
(170.7KB, 532x468)
I doubt there's any way to use the CSS variable method for any files besides images. It might help to make the thumbnail different for videos and such, so you can immediately tell that it's not an image file.
I always try to make a custom style to put a play button of sorts on top of video thumbnails, so it's easy to tell that it's a video.
Replies: >>433
It does have a duration but it doesn't really make it clear that its a video.
I think its possible to add a "play button" type overlay to videos with CSS alone, or maybe I should add a 🔊 icon next to the file information.
Replies: >>434
Yeah as long as the image container has something that identifies it as a video, it's easy to add stuff on top with ::after. I think there's some esoteric way to read the filename extension with CSS too but I don't remember how it works.
Looks like this website already has a dataset for it, so if I made a custom style for a jschan website it would be just this:
language: css
.post-file-src[data-type="video"]::after {
	content: "▶";
	display: inline-block;
	position: absolute;
	top: 50%;
	left: 50%;
	background: #000;
	color: #fff;
	border-radius: 100%;
	width: 50px;
	height: 50px;
	line-height: 50px;
	font-size: 26px;
	padding-left: 4px;
	transform: translate(-50%, -50%);
	opacity: 0.5;
	box-shadow: 0 0 3px #fff;
.post-file-src:hover::after {
	opacity: 1;
My vichan userscript adds a video/audio icon to the file info, though it's main purpose is to open a video player window that's similar to the quick reply box. I just like the play button because it's very easy to tell that there's more behind the thumbnail when scrolling by.
Replies: >>435
Works great, and i can add some javascript to hide it when the video is expanded.
Mind if i add it to jschan?
Replies: >>437
>Mind if i add it to jschan?
No! This CSS style™ is ©me, I'll license it to you for $799

Jokes aside, go ahead, the reason I post these is just in case they'll be useful to someone else.
Replies: >>438
>not requiring a per-use royalty in addition.
you'll never become the new (((Jewgle))) at this rate anon.
One thing I would find convenient and maybe others would too, is if the control for the audio that's playing on a page floated in a corner regardless of whether the post that I started playing it from is still in view inside the browser.

Here's an example of the idea, not sure how they're doing it though.
Replies: >>444
I will think about it. I was going to add just a "stop" button (no other controls) because I often open a video/audio then scroll down. When i want to play another, I have to scroll back up to find it and stop it.

The example page you gave is possible for audio, but not practical for video.
Replies: >>445
Yes, it seems the floating control is a kind of universal one and just assumes the state of whatever audio is playing atm. Even if that description isn't precisely accurate, that is the preferred behavior imo.
Replies: >>450
>>186 (OP) 
Hey there, anon.cafe is down right now not sure why. Could you make a board here to house some anons?
Replies: >>448 >>449
Anon cafe is back, probably the same issue as julay had before. Board creation is enabled so you can make bunkers if you still want
You're welcome to use our bunker-bunker if this comes up again anons. I remember anon.cafe housing us for a while before when julay had some issues.
OK I have been doing some frontend scripts stuff (added relative and 24h time mode) so im in the groove to work on this, probably tomorrow.
My idea is to make the video/audio play normally, but once it scrolls off screen, show the controls at the top of the page and in the case of a video since its above the controls it will be hidden behind the navbar. Theoretically this works, havent tried yet.
It wouldnt really work with more than one thing playing at a time, so I think it should also limit playing to one at a time, but is that too restrictive? Would appreciate your opinion and some other anons who read this.
Replies: >>451
>so I think it should also limit playing to one at a time, but is that too restrictive?
Not at all. In fact I think that's likely the only sensible approach. If you had some type of 'playlist' or 'back' button that would let me play something, then change my mind, then go right back to what I was playing before--all w/o having to scroll back up and re-locate the original, etc--that would be great too.
>Bonus points if the back-button picks up playback right where it was left off. :^)
> Disabled
Replies: >>453 >>476
well, crap it's still doing it, heh. don't know anon.
Replies: >>454
html {
Replies: >>455
I'm not sure how I would set that up inside Chromium Anon?
Replies: >>456
Userstyle plugin?
Replies: >>457
Ahh, I see. Thanks. Umm, not sure I really want to invest into that. That setting stops the annoying lag on Julay, for now that's good enough tbh.
Would fatchan be up for hosting a /webm/ style board? I don't know how much of a burden that might be since /webm/ on 8chan probably has a good few gigs of files on it alone. I'd like to have that kind of board somewhere on the webring. And possibly on a smaller site like this to properly distribute boards since places like Julay are kind of getting a monopoly. If not that's fine, I don't know what your plans are or how much you're looking to expand. And I don't want it to feel like I or anyone is just using the site as a massive file storage service.
Replies: >>465
The server storage isnt huge, probably not bigger than any other webring sites. I would prefer to keep it to a cyclic thread on /b/ or something, that way even if there was 10MB * 1000 posts ~= 10GB so it wont take all the space. I would like to expand, but low on funds atm. Will see how things go in a few months time.
Replies: >>466
Alright that's cool. I'll probably poke around anon.cafe or some other boards to get a feel for if they're up for it. Can BO's set file size limits with jschan? I'm trying to learn a bit about compression to lighten the load. While 8chan's large file size is in many cases great, I feel like it might have made people a little lazy and bloated file sizes a bit.
Replies: >>467
>per board file limit
File size limit is global, but I can update to make it per board.
Just look up 2 pass compression with ffmpeg to easily convert a file to a target size.
>8chan bloated files
8chan definitely spoiled users with large file sizes.
>>186 (OP) 
Is there a chance for an overboard or "latest posts" feature to be made?
Replies: >>473 >>476
Its in the todo list on github, but needs changes for reporting, deleting, etc to work hence I have postponed it. Right now I am working on other things like accounts management and global mod tools.
(24.4KB, 565x366)
So, some changes lately incase people are curious:
 - The manage link up top takes you to the board manage page and has been removed from non-board pages.
 - There is now an "account" link where you can see links to create a board, change password, lotout or global management if you have permission. It also includes a list of boards you own or are moderator on, pic related.
 - Board owners can no longer assign themself as moderator
 - "global" moderators and board owners are now possible i.e. people who can moderate or edit all boards, but cannot access global moderation pages.
 - Board list has different icons for SFW and unlisted boards and I renamed the sort options to "Popularity" or "Latest Activity" to be more clear
 - Board list will show unlisted boards for global staff
 - Accounts list on global manage pages shows the boards somebody is mod or owns, and has pages
 - Removed the smooth scroll CSS because chrome makes it really sluggish and people hate it (>>415, >>452)
 - Small change to javascript for post hovering, so hovered posts wil be aligned with the link to prevent overlapping
Mostly steps towards making moderation less clunky

What I wanna do next
 - Add searching users on global management
 - Add recently added users and boards list to global management
 - Add an option for moderators to resign from their position
 - Maybe allow board owners to resign without deleting or transfering their board? There is no claims system, but this could be useful in future.
 - Add post editing to post options (/tech/ anon who is making BUMP will be happy about this)

Some other stuff anons here have mentioned that have not got added, but i havent forgotten about
 - post hovering or expanding for noscript users (>>425)
 - overboard (>>472)
 - buttons to control audio/video without scrolling back to find whats playing (>443)
Replies: >>480
Would you be open to hosting /cutebois/? Julay had concerns about DOST issues because of the 3D porn and shut it down. Understandable if you'd rather not. Was going to just settle back into 8kun but that sites a shit-show.
Replies: >>478
Sorry, no. I understand some things are not strictly illegal but I would rather keep this place safe and not skirt the line.
Have you tried 8channel.net? As much as people hate the site, they would probably be opening to hosting it. Site is full of dodgy content and the admins dont care.
Replies: >>479
No worries, 8channel is a pretty blatant honeypot.
(285KB, 539x539)
Wow, sounds like you've really been busy lately Tom! I like the clean interface on the management pages. Yes, 'Popularity' is more concise. Those who understood how the previous ranking worked won't mind the adjustment, and for others it's easier for them to grasp. Sounds like you've made managing the system from a global perspective more capable. 
I like the new hovering setting, little details like that make a big difference to both the usability and the perceived quality of a site. Heh, I never really cared for the smooth scrolling thing myself anyway but that's just me. 

I think the planned changes are interesting too, but I'm a little concerned about 'searching users on global management'. What's that all about? would Terry approve? :^) I really like the improvements for managing/transferring/resigning. No other IB software really tackles that set of issues well. Once again, you can really distinguish yourself as a leader in this field if you do it right. And yes, being able to edit my clumsy af posts will be quite welcome!

Supporting noscript effectively is probably a nuisance for you, but it is very important IMO. In the future (especially) it may prove absolutely necessary for your users--after all the surveillance state and it's controls are only going to get worse as more and more (((polite))) behavior is expected, nay demanded, of anons.

Having a good overboard system and multimedia controls will be icing on the cake. BTW, are you aware of the FinalSolution project Robi's working on now? I hope it's something you'll participate in when it's perfected well enough to roll out. It could really close the loop on the whole Webring idea and usher in a whole new way of shitposting for the future. He says the idea is much like Fidonet, but for imageboards.
Replies: >>481
>I'm a little concerned about 'searching users on global management'. What's that all about? 
Searching registered accounts by username, or board URI to find what accounts are owner/mod. Also can catch people spam creating boards or accounts. Just a useful and necessary mod tool IMO.
>are you aware of the FinalSolution project Robi's working on
Yes, I read robis posts on julay. Sounds kinda like NNTPchan or fidonet but he says its a bit different. Will be interesting to see how moderation is handled.
Replies: >>482
If you're not busy mind spoonfeeding us a little? 
-I don't know how either NNTPchan works at all apart from the fact it's supposed to use TOR and possibly be some P2P mashup.
-I don't have any real clue what Fidonet is apart that it used to work like an internet over telephone wires or something.
-What do you personally think a good moderation approach would be for FS-net?
Replies: >>483
NNTPchan doesnt have to be TOR afaik. It just means that when you make a post on one nntpchan node, if two nodes trust eachother, the posts (and i think also moderation actions) propagate. It makes posts shared in multiple places to resist takedown, and moderation is possible unlike decentralised systems e.g 08chan, but then its not an anarchy and you can end up with cliques of nodes.
The two approaches are a bunch of tradeoffs of control/censorship/moderation. Fidonet I have no idea, but their site says
>FidoNet is a world-wide network of over 15,000 systems which exchange mail and files using a mix of proprietary and internet protocols.
and sounds like a similar concept
As for FS I cant comment as its not my project and i dont really know how it will work in the end.
Replies: >>484
Alright thanks, that helps a little. Good day.
Unrelated to anything, but another little tweak that might help nojs users is making the "No." text not selectable, so it's easier to select and copypaste the post number. Just apply user-select:none; to it in CSS.
Replies: >>486
Will do. just chillin playin some vidya right now.
Deleted last few posts because I messed up the database slightly when migrating. The last post number was out of sync from the latest actual post number because I manually inserted some posts without updating the last post number (its attached to the board because mongodb doesnt have "autoincrement" like some other databases).
For those who missed my deleted post
Basically my old host went out of business and gave me very short notice. Their email:
Dear Customer,

Over the past few months we have been met with many challenges within the hosting business. Some that have not been overcome.

As result of this we will be closing our doors.  We will be shutting down this Monday 12/9/2019.  We are taking this time to let our customers know so that they may backup and retrieve all of their data before then.

We deeply apologize for this inconvenience.So I moved hosts and here we are. IDs are different because i changed all the secrets. Some anon asked in a deleted post if I have documented steps (to make a better, proper setup guide) and the answer is yes. I did create a rough text file as I was setting things up to remember the whole process. I will clean it up and make an improved guide for github when I get the chance.
If something is broken with the site let me know and ill sort it out soon.
Replies: >>493 >>494
And now i realise the first sentence of that is a complete clusterfuck. Whatever im tired.
>Mongodb not working like a normal database
nothing to see here, folks
Replies: >>495
Not mongos fault and only minor compared to moving everything to a different server on short notice. Bloody pain in my ass.
Replies: >>496
It's all good Tom. Get some rest now bro.
(2.6MB, 300x424)
Yay, fatchan is back up!
Replies: >>498
Yep. I got things mostly setup today and everything should be in working order. The new backend host is pretty powerful and now there are some frontend proxies with a privacy respecting host. They mostly hide and protect the backend but I can use them for other tasks like caching in future when I can afford it. Speed feels pretty good even with the extra layer, but im in AU and my connection to everything sucks lol... so let me know.

I put up a news post about the old hosting provider that you should read if interested. Lets just say it wasnt a small scale incident.
Replies: >>499
>I put up a news post about the old hosting provider that you should read if interested.
Replies: >>500
in the navbar, friend
Replies: >>501 >>502
Heh, I'm a doofus. I look in /t/ & /tech/, catalog & index.
I understand. Thanks for the transparency Tom.
(30.7KB, 477x318)
You might want to ease up on the captcha difficulty as they are often undoable for humans or run off-screen.
Sort of related: how long does it take before jschan delete unused captcha images from the /captcha/ folder?
Replies: >>510
Yes the distortions sometimes make it run off screen or cause blobs if they are close to eachother, I can work on it. The biggest issue is distinguishing "c" from "e" because of the line.
Expired captchas are deleted every 5 minutes.
StephenL*nx is calling you out bro: https://8channel.net/lynxchan/res/214.html#377
I dont really care. I can clean up the part in the screenshot he put, not like it will make him happy but holy fuck why are tabs so wide on github. As for dependencies, that happens when you use a templating engine, wrappers for certain things like express, gm, etc. in the node ecosystem you break things into modules. I will even break some small parts of jschan off into modules eventually. I didn't know there was some people giving him shit like this:
hey tom what do you think about this feature?
>I'll see what I can do buddy.
hey stephen what do you think about this feature?
>make an addon
>fork it anytime 
>no demand for it
>make your own front end
>tranny screeching
I would appreciate if people didnt start shit with stephen and cause trouble for me. Lynxchan isn't perfect but I never started this to replace lynxchan like he did for vichan, and this project isnt at a stage where it could anyway. Lynxchan has alot more features and does alot more things properly even if its a little ugly, so just leave it be.

Side note, why 8channel instead of lynxhub?
Replies: >>514
>I would appreciate if people didnt start shit with stephen and cause trouble for me.
I'm pretty sure Sergio is just about smart enough to realize it's not you posting. People are just sick and tired of LynxChan and very excited about a welcome alternative that is jschan.
>Side note, why 8channel instead of lynxhub?
See https://pastebin.com/2iNB0dPv
Replies: >>515
Yeah maybe youre right. Weird that he didnt pick julay.world though in regards to not wanting to host  a site.
Replies: >>516
I'm pretty sure he will when 8channel inevitably goes down. Anyway, keep up the good work. You're pissing off the trannycoder which means you're on the right path.
Replies: >>517
Why do you think 8channel will go down?
Replies: >>518
It's happened before and given its controversial yet legal content and resistance from normalscum there's a big chance it will happen (again).
Replies: >>519
Just to chime in, the "this site is seized" thing was photoshopped/edited im pretty sure. If thats what youre referring to as "last time". Their host is frantech (same host as julay.world and this sites reverse proxies) and yes they are free speech happy, but 8channel is definitely skirting the line.
Replies: >>520
They can always go with Novogara, but it's more expensive.
Hey, what about a feature that allows you to block countries per board (they can read but not post)? For example:
Blocked countries: US, UK, ES, DE, BR
Replies: >>525
Yeah, its possible. Just gotta decide where to put the list. Maybe when they try posting say "your country 'US' is blocked from posting on this board. full list of blocked countries: ..." and board staff can put it in a sticky or announcements section if they want.
More news https://fatpeople.lol/news.html#5df7909877335e0d4c92b759 since I dont think people check the news page
(49.4KB, 1166x306)
Two things:
1. Clicking [New Post] on a board to start a new thread opens the Post form all the way to the right of the screen as if it were Quick Reply. Very annoying tbh, this should just open a post form at or under the [New Post] button.
2. When posting in a thread, it doesn't scroll\take you to your post. LynxChan also doesn't do this and it's very annoying to have to scroll down to your own post.
Replies: >>534
1. People have criticised the post form and I understand. Its a simple way to have a floating post box that works with noscript and looks decent on mobile. Ill add to my todo list to make the post form draggable so people can move it around, but floating there by default is best for compatibility.
2. It should scroll to your own posts, definitely does for me. Either a bug or browser compatibility issue if not. You could post on >>>/spam/ and see if any errors come up in the browser developer console (usually f12 to open) and report back here. Or for scrolling to other users posts, thats available in the settings menu top right.
Replies: >>539
Scrolling to your post works sometimes and sometimes it doesn't. I'll have to test it more.
By the way does setting up a .onion require anything special? I know LynxChan has a 'Tor port'.
Replies: >>543
Also is there a way to see posters' IPs when logged in as admin?
Replies: >>541
Ah you can but they are hashed by default. Is there a way to display unhashes poster IPs?
Replies: >>542 >>543
Use another software for now if you need .onion
I need to change the captcha system and antispam to work for hidden services since all the traffic appears as the same IP address. Dont want to run into the same issue as lynx where unlimited captchas on tor took up all the disk space from a simple http flood. 

Hashed by defaut, I could add a config option to disable hashing. Any posts already in the database would be stuck with hashes since rn it doesnt store plain IPs at all.
Replies: >>544
(17KB, 703x277)
Optional unhashed IPs would be cool yeah.
Also I found a bug: when you add 2 files to your post, and then you click the Select files button 'again' to add another file it says there's 3 files. But when you actually hit post, it only posts 1 file namely the last selected file.
Replies: >>545
The adding files instead of replacing is intentional. However the upload bug is a browser compatibility issue. I can fix it by using a hidden input for each separate file like vichan does. More javascript jank i will have to get around to for compatibility reeeee why browsers do this to me. Clipboard and drag+drop will have the same problem most likely.
Replies: >>546
It's kind of misleading when it says 3 files when in reality there's only 1 so yeah a fix there would be welcome.
Merry Christmas Tom.
Replies: >>547 >>548
Ill fix the file form issues when i get the chance.
Thanks and merry christmas anon.
Ok I tried fixing and it works on palemoon now when it didnt before. It should also fix multiple files with using drag+drop or clipboard. Clear your cache (ctrl+f5) and try on >>>/spam/ with your browser and let me know how it goes.
If not, I will try again later. Busy celebrating with family today. Merry christmas again :^)
(1.8KB, 373x68)
adding mods dont work
Replies: >>561
Pull from git, fixed now sorry :)
That would explain why no boards here have mods... lol
(105.9KB, 402x562)
64chan.me is currently on jschan
>>186 (OP) 
gonna try to install jschan on google cloud, what linux distro should i use?
Replies: >>566
anything you can install the dependencies/requirements should work. i use debian.
1. When you click [Reply] next to a thread it automatically puts a quote link >> with the OP post number in the post form. That's kind of annoying, clicking Reply should only open the thread and nothing more.
2. Is there a setting to automatically activate thread captcha if an X amount of threads are created within an hour?
Replies: >>571
Bug: when thread captcha is activated and you disable it again, the captcha doesn't disappear. One has to make a new thread (or post?) WITH a captcha and only once that's done the captcha disappears.
Replies: >>571
1. intended behaviour. click the "No." to go to the post/open thread without adding the quote.
2. yes in board settings, "tph trigger threshold" and "tph/pph trigger action"

OK, i can fix that thanks for the report. Ill do it tomorrow had a pretty lit new years celebration ima bit tired.

Happy new year anons :)
(10.9KB, 200x200)
The positioning of the postform makes it appear to sprout from the navbar. If possible, what do you think of moving [New Post] into the rightmost position on the navbar? It not only makes sense visually, it has the minor but beneficial outcome of your mouse cursor being closer to the postform once opened. I think it looks best with the underline removed from [New Post], to conform with everything on the navbar and pages div. If you agree with everything so far, there is then the matter of the settings, which currently sits in the rightmost position on the navbar. There are three possibilities. You could remove its right float. You could remove its right float and change it from the symbol to the word, to conform with everything on the left side of the navbar. If possible, and I think this is the best choice, you could have it in the center of the navbar because that is where the menu appears.

Also, what about a custom spoiler image? Something like this. Thanks for reading. Thanks for hosting and developing.
Replies: >>576
>move [new post] or postform
The current [new post] position is somewhat of a convention so other imageboard users know where it is. Draggable post form is in my todo list, which should alleviate isues with its position and ill make it default to the middle where the button/cursor is. 
>remove underline from [new post]
Good point, i removed it.
>move settings to middle/right
No for this one. Having links on each side of the navbar is pretty common design and I like it separated on the right. 
>make settings a word not an icon
I would prefer that too, but some mobile devices dont have enough room and would wrap the navbar. I would need to add a side menu or something.
>custom spoiler image
Very cool, added. You might need to clear cache (ctrl+f5) for it to update.

Thanks for feedback
Replies: >>577
>The current [new post] position is somewhat of a convention so other imageboard users know where it is.
Well, ye olde convention had the boardlist in a vertical frame on the left. They could get used to it, and if they couldn't figure out how to post because of it, that would be a great retard filter. :^) But your planned solution sounds good.
>I like it separated on the right. 
I agree. That was only a suggestion if you decided to move [New Post] into its spot.
>I would prefer that too, but some mobile devices dont have enough room and would wrap the navbar.
<caring about phoneposters
Doesn't CSS take care of that with @media rule? Remove the symbol. Use ::after to set the content to "Settings" for a normal rule. Use ::after to set the content to "\2699" for the @media rule. I think that would work. I don't know if there's another way or a better way.
Replies: >>578
>css :after
Yeah that works, ill add it in. It is possible to make a toggling sidebar on mobile that works without any scripts (using the :checked and adjacent sibling selector css) but its not worth the hassle until I need to add more navbar links.
(134.6KB, 672x763)
What about centering the announcement text? But you can't use no-m-p to select it, that would affect the news page too. I don't know what selector would work best.
Replies: >>581
Opening the postform and clicking the nav-item to go to the top/bottom of the page closes the postform because of the changing fragment URL, but you're probably already aware of that. Do you have a solution planned? That's way above my head.
Nitpick about live posts: line 351 of the style.css, animation-iteration-count, could be removed and infinite could be put after ease in line 350.
Replies: >>581 >>584
Should be dealt with. Clear cache try it out some and let me know.
Sorry have to be brief, busy today+tomorrow.
Replies: >>582
Looks good. I just noticed in my inspector there are two style.css, only when JavaScript is disabled. Does it have a purpose? The second appears identical, but seems to do nothing. It doesn't happen on other pages, only on each board.
Actually it happens on the create board page too, must be something with the captcha.
Replies: >>584
Yeah it was the captcha frame for noscript users. It had the whole style.css even though it only needed a few rules. So I moved the necessary ones to a stylesheet just for that page.
Back to >>580 I made the solution a bit more robust. Only post numbers and the "new post" button open the postform, and only the "X" button closes it. Top/bottom buttons, "No." links and following quotes doesnt affect the postform. Ive been trying the floating postform thing on a local instance but it still needs work with making sure it stays within bounds in some special cases like resizing the window or the message box.
Also there are 2 new options in the settings menu: video/audio looping, and an option to remove the height limit on expanded image/video (apparently some people prefer that).
Replies: >>586
1: 64ch is ran by a dumb ass kid that moved from lynxchan once before. 
2: he doesn't mention "always crashing". He just vaguely says it broke down.
3: I think there's a leak on node's https module because of something 8channel admin showed me related to it and the fact that no other site suffers from something similar.
4: 2.4 greatly reduces mongo ram usage by storing media files on disk. It also reduces ram spikes by moving when execs are ran to pre-process files for further usage and by including a built-in native captcha. These execs caused a lot of issues due to the nature of forks on linux.

So no, the issue is not mongo and 2.4 is greatly improved on that aspect. All in all 8channel running with relatively limited resources helped me to find areas I could improve the software, along with the recent attacks. I am positive that jschan will suffer from similar issues if it gets more attention. They also use a fork for their captcha, for example. So that thing where that guy just spammed the captcha with 2k proxies would still make it run out of memory.
>(apparently some people prefer that).
Useful for vertical images with text, like manga pages.

If the selected theme or code theme in settings matches a board's default it doubles that style sheet.
The theme tomorrow2.css is tomorrow.css, the only difference being two rules that already exist in style.css.
You use a variable for the color of greentext, for consistency you could use one for pinktext too.
Icons, like sticky, are you keeping them PNG? If someone wanted to change their colors with CSS, using filter is much more unintuitive than using fill for SVG.
Replies: >>588
>theme duplicating
>variable for pinktext
OK ill fix those thanks

Its tomorrow without the background on the top of posts for mobile, my personal theme
>svg icons for sticky/lock/etc
SVG is blocked by tor on high security mode iirc (unless my tor was misconfigured or this is different now) so I kept them PNG.
Replies: >>590
(4.7KB, 167x147)
Oh, I somehow overlooked the mobile background rule. That's a nice look.
It's fine if they're kept PNG. There's an online generator for changing color using filter. It suggests black starting color for best results. CSS could be used to first change the icons to black and then to the desired color, but that's some extra text that could be avoided if they were already black. I was going to suggest doing just that, but then I noticed some things about the original images that annoyed me. They have inconsistent sizes, sticky is unnecessarily large, cyclic and lock are small, cyclic's right and bottom arrows are clipped 1 pixel, lock is 1px off-center. Would you like a new set of black icons that you could change colors using a variable for filter? 100x100 seems a good size. Here's a comparison with two new icons, their color set to #f00 using filter. I still have to do the others. Would you want the bumplock icon to remain as it is or changed to an anchor? Won't be done tonight, I should try to get to sleep at a more reasonable hour.

The postform still closes when the fragment URL changes if JavaScript is disabled. I assume that persists because JavaScript is necessary to stop that from happening.
Replies: >>591
I would love new icons, anchor for bumplock definitely. Whenever you have time no rush.
And yes the postform is the same as before for noscript not much I can do other than remove the floating if its still annoying.
Replies: >>592
I think it's fine as is. In terms of NoScript breaking site functionality it is very very minor. If it is accidentally closed, it can be re-opened at any part of a thread by clicking any post number. You would only need to go to the top of the page on the index to re-open it, and there's no reason to be scrolling around the index with it open.
With JavaScript disabled, it started to have a noticeable delay for style sheets loading, resulting in a flash a white when pages are loaded. Happening frequently, almost always. With JavaScript enabled, it hasn't happened once.
Replies: >>595
Page loads fine for me with or without scripts EXCEPT in firefox I found a weird behavior:
When scripts are disabled and the browser developer tools is opened to the inspector tab, page loads exhibit the weird unstyled flash. Not just for this website, but for any website that loads slowly enough or has enough css. Doesnt happen if I have a different tab opened in the developer tools, using chromium or with scripts enabled. Its almost like the browser doesnt wait for css to load before rendering the page, very very strange.
Does this also happen to you, or do you get the white flash on all page loads even just browsing normally? In any case, I didnt change anything recently that would cause this and browsers should not render the page until stylesheets in the head are loaded.
Replies: >>596
Waterfox, JavaScript disabled, nothing open, browsing normally. I can make it happen occasionally on vch by continuously clicking the boardlist to load the page. It's a lot more sensitive here.
Replies: >>597
vch has cloudflare which helps page loading speed immensely since you connect to the closest cache server (check http://ping.pe/vch.moe they have 10ms latency in nearly all locations). This site is just run on budget hardware. Im still not convinced its an issue with this site and idk whats causing it, but ill try waterfox and test my local instance with a new+old commit to see if there is a difference. Hopefully I can figure it out.
Replies: >>598
(165.9KB, 472x540)
I don't get why pages load fine with JavaScript, but not without. If this was always the case, I should've noticed it earlier because I always start browsing with NoScript. Sorry I'm not smart enough to provide more help.
Waterfox works for me too ¯\_(ツ)_/¯
I should have asked before but maybe you changed something in your browser or added a new extension? I cant reproduce the problem so not gonna dig any deeper for now.
Replies: >>600
(53.3KB, 640x480)
Didn't change anything, no new extension, no browser update. I don't think the mystery will ever be solved.

Almost done with new icons.
(1.2KB, 100x100)
(825B, 100x100)
(797B, 100x100)
The naming of the original icon files is sticky, cyclic, locked, and bumplocked. Locked and bumplocked have unnecessary past tense, could be changed to lock and bumplock for consistency/autism's sake.

Give the icons a variable for filter to allow for custom color on themes. These are values for #f00.
language: css
Here's the generator. Because there are many possible combinations of filter to create the same color, I generated many of them and collected the accurate results to find one that is shorter than the majority. Saves a few characters.
(1.5KB, 100x100)
(1MB, 1610x2179)
Anchor based on May's.
(37.6KB, 1900x121)
All look good and filter works in all my browsers, gonna bookmark that generator im sure it will come in handy. also why does chromium (2nd) blur images, ewww...
If you want some kind of attribution lmk, im assuming not since you remain anon but I appreciate the work :)
Replies: >>604
(109B, 100x100)
Try this, an icon without anti-aliasing. If it gets rid of the blurriness I'll change them tomorrow. I would want to tweak the shapes, so they look better without anti-aliasing.
Correct. Never tripfagged, don't have any name I use throughout the internet to be attributed, even if I wanted.
Replies: >>605
(921B, 100x100)
Replies: >>606
(1.5KB, 96x32)
(1.5KB, 86x49)
(1.5KB, 86x35)
No difference to my eye.
Replies: >>607
(559B, 50x50)
Yeah. One more attempt at 50px and no anti-aliasing with cyclic? If that doesn't work the only way to fix blurriness is probably making them actual size, so they require no downscaling, but that would then result in blurriness for anyone who using them at larger sizes.
Replies: >>608
(12.2KB, 387x123)
Still no improvement, instead I tried increasing the size to 14x14 instead of 12x12 and add vertical-align: middle css.
The extra size seems to do the trick (too big or nah?) with css helping them stay equally above/below the line height, and now icons looks decent on both chrome left, ff right.
Replies: >>611
Not too big, looks good.
(6.1KB, 857x200)
What do you think of this? If it is possible to insert the ban reason into the title of an img.
Replies: >>613
It is, it would need to be wrapped in another element because the css :hover for tooltips on mobile doesnt work on img tags
Replies: >>614
If you want to do that, I'll make the icon. That was just something I hastily made to demonstrate.

Hide/Unhide on OP doesn't also collapse/expand replies.
Autism: titles for lock/bumplock use past tense when sticky/cyclic don't.
The modal, postform, and stickynav get their background color from the variable --post-color. Should they instead be grouped with the navbar's variable? My reasoning for suggesting this is that they all share the same fundamental appearance/behavior (fixed position, stacking above other elements). All current themes use two main background colors, but if a theme added a third background color for the navbar I think it looks better with that color also applied to the modal, postform, and stickynav. I don't have any idea for a new, more explicit name for the navbar's variable if you do make this change.
Replies: >>615
actually i like the current ban message sorry
>hide/unhide replies
in my todo list already, as well as an option to hide the stubs completely and a way to clear all hides in the settings menu
>tense of icon names
ill change it once i have a db migration script because i wanna change them in the database as well
>css vars stuff
the navbar color and post color is the same in all the themes, but you are right a separate var for floating elements and name change would make things more clear and customisable.

then after these changes i wanna finally finish floating postform and get to some backend stuff. been spending too much time tweaking styles and prettying things up lately :p
Replies: >>616
>actually i like the current ban message sorry
That's alright, but can't say I'm a fan of it. Looks weird compared to the old (USER WAS BANNED FOR THIS POST) without a ban reason. I liked some different text combinations I tried, but you probably already tried a bunch of them yourself and found the one you prefer. Just wanted to show you the one thing I thought of that you might not have. Maybe I'll get used to it, or I could just ban and delete in the unlikely event I ever have to ban someone. No big deal.
>then after these changes i wanna finally finish floating postform and get to some backend stuff. been spending too much time tweaking styles and prettying things up lately :p
Sounds good. I should stop messing around with little things on here too (I think I found everything I could with my limited knowledge) and get back to learning to draw, so I can populate my empty board with a bunch of shitty drawings.

Maybe I'll make the flags look better sometime, but that won't be for a long while. Would you want them in a sprite sheet (I'd make it slightly bigger and give you new coordinates) as they are now or individual images?
Replies: >>617
new flags in a single image would be cool, its better for the server making just 1 request. my only concern would be you needing to update it if flags change or get added but i dont think that happens too frequently. https://flag-sprites.com/ might be helpful for you also. i updated the image from there and changed flag css last night to use image-rendering: crisp-edges so they dont get blurred which made them look a little nicer. also gonna edit the readme with some notes on updating geoip database and flag files. thanks again for all the help lately and good luck with your drawing :)
Replies: >>618
>my only concern would be you needing to update it if flags change or get added but i dont think that happens too frequently.
Yeah, that's the only problem of a sprite sheet, but it would definitely be nice to have flags that have 14px height, to match the icons. Or they could be 28px height and downscaled 50% with CSS. Is there any way to do that without messing up the coordinates? Because that would cover someone using larger font sizes without getting blurry flags. Thanks for the link.
>thanks again for all the help lately and good luck with your drawing :)
You're welcome. Wish I could be of more help. Good luck with your coding.
Replies: >>619
unless the new flags are an integer multiple of the current sizes you would have to spend some time figuring out all the new coordinates. Im pretty sure its possible to downscale the flags with background-size css and just inpt the flags file width/2 and use a 14px height. not at a desktop right now to try but will ill try when i get the chance.
Replies: >>621
Also ill get back to you on the flag size, i think the current height is fine and 14 would be too large so maybe just 2x the current resolution of the flags which would make it easier to fix the coordinates
Replies: >>621
New coordinates would be easy and actually help me keep track of my progress by writing a new rule with the location of the top left pixel of each flag as I make them. I tried testing downscaling/upscaling on the current flags and fixing coordinates in inspector, but have only succeeding in making them disappear.

Okay. I don't plan to start anytime soon, so take your time.
>14 would be too large
I assume you meant 28. Doubling would result in 22px height, not much of a difference between that and 28px. But whatever you think is best.
Replies: >>622
(9.1KB, 360x87)
(18.2KB, 225x246)
(5.2KB, 320x46)
Alright I just tried and it is possible to scale down an image with css background-size, so higher res flag icons would work, pic related zoomed to show (looks weird because im using the current small flag file, but you get the idea). In css the background-position coordinates are halved and the background-size is added with 136px being half the flag file width.
And yes I meant 22 for the flag. Doesnt sound too much different from 28 and the height will match the new icons, but flags are ~1:1.5 aspect ratio and all solid so they look too chunky imo, also pic related. Its not too bad though and if 28px gives more room to make icons or something you can go with that. Anyways like you said not for a while so no biggie and we can change later.
>tom deleted my post about how to curl post a new thread
wtf why?
Replies: >>633
You asked me how to adapt a lynxchan spam script that started with while true do so you could "curl post" here. Im assuming youre the same person who occasionally floods /tech/? Thats not very nice anon :^(
Replies: >>634
you retard, it's not a spam script. it's literally a super basic curl script to post a thread or reply using lynxchan. i could write literally the same tiny script for jschan.
>floods /tech/
never touched that board in my life, stop being a paranoid dickhead.
Replies: >>636
I thought I was being lighthearted with
>thats not very nice
but apparently im a paranoid dickhead >:(

And you did have an infinite while loop, but to answer your question anyway i think you just had the wrong URL. Send POST request to /forms/board/<board uri>/post
Replies: >>638 >>643
deleting posts and thus rulecucking is never lighthearted
the infinite loop can be changed in the script (which is publicly well-known by the way and at the level of kindergarten coding).
Replies: >>639
I assumed if you came up with the script you could figure the right url so it seemed like a bait. Also im trying to avoid drama with stephen lynx (i dont think he likes me very much) and some retard would probably spam his board on 8channel about "Tom is hosting lynxchan spam scripts!!!111!!1".
Sorry for any troubles, friend.
Replies: >>640 >>681
no he didnt come up with the script. please be nice to him he's retarded like many of the users of freech

>Also im trying to avoid drama with stephen lynx
stephen lynx doesnt care about anyone hosting any scripts for lynxchan. whether it be post spammers or ddos scripts
Replies: >>642
(16.3KB, 676x222)
ayy lmao
Replies: >>642 >>643
All good.
Backstory if you care is some guy was shilling my site and shitposting on lynxchan support board so stephen shit talked me and the code. He had previously opened some kind and helpful issues on github so it seemed like those people soured his opinion of me. Now i just wanna avoid anything bad related to him.

Replies: >>643
already answered >>636
>captcha per post
lmao my work here is done. eat shit, tom.
Replies: >>657 >>659 >>691
>shit talking when you had to ask two seperate people what form to send your requests to
really winning son
Replies: >>658
i bet you enjoyed filling in that captcha two or three times.
Replies: >>660
it enables automatically sir, but ill keep it on for now since you want to spam me :(
once. you manually fill out 25 of them to slide freech every day
Replies: >>661
is this guy a serial spammer who solves captchas by hand? i dont know whether to be impressed or disappointed
>automatic captcha per post after X amount of replies
interesting, not even lynxchan has that.
Replies: >>663
I think it only has it for threads since thats more important to prevent sliding, but that leaves threads vulnerable to spam
bet your life tom.png
(450.7KB, 1111x2048)
>>186 (OP) 
alright tom times come for you to meet your maker. wheres my custom css field tom? you see tom you really fucked up because you see on mobile I have full reign to ban you and everything you love just look at pic related #1 right there tom. pretty incriminating tom if I do say so myself. and you know what else tom when you hit reply in mobile it automatically inserts the OP >> link and also pops up the reply box which is it's a nice box tom but I'm trying to read the confusing cyclical about pruning threads and it's blocking my view tom. I give you until the count of 3 before I ban you with no appeal for every post you've made tom don't fucking press me.
fatchan is officially being held hostage until my demands are met.
Replies: >>672
(2.3MB, 2108x2864)
Please sir show mercy dont ban me
 its in my todo list though, dw https://github.com/fatchan/jschan/issues/57 
Replies: >>674
I created that script to take down Julay and Anon.cafe, but I never did the first attack. I was interested in it after hearing about Julay's first captcha crash. My dolphin was laughing when imageboards get flooded. Am I sadistic? Maybe? I'm in Straya.

As for getting the request URL, use your browser's developer tools to see the HTML source. While the script is shitty, I don't know Python, only Bash or PHP (up to OOP). ;(

I'm still looking for vulnerabilities in other software, so don't worry. I LOVE APIS!!! I'll be back next time unless those dolphin plush threads/posts all are gone. Please remove them.
Replies: >>677 >>691
what are you talking about, schizo nigger
posting on my jschan instance is suddenly broken out of nowhere. keep getting 502 Bad Gateway
when trying to reply.
what happened and how do i fix?
Replies: >>679
Bad gateway means the backend is down. check pm2 logs for any errors. You still see static pages because they are served by nginx. Also check nginx logs to see if anything unusual is going on like a DOS attack.
Replies: >>680
>You still see static pages because they are served by nginx
ah i see. yeah then probably the BE is fucked.
(18.2KB, 449x393)
Nah, I'm cool. I really don't care about spam scripts. If a site is vulnerable to them, that's either the software or site admin that's at fault. Also, I criticize shit all the time without a grudge against the individual. You should have seen how much shit I have endchan's admin in the past. I took a shit on your software, not on you.
Replies: >>682
good to hear thanks, and yes endchan seems to have a very outdated butchered version of lynxchan.
Replies: >>683
btw, in case you didn't read that copy of my post on 8channel, you might want to start looking into writing a c++ captcha generation to avoid a process fork for that. also, your captcha is really hard to solve, imo. I took 3 or 4 tries the last time. And allowing the FE to get a new captcha after the current one expires is a good idea too.
Replies: >>684
I did see on julay but i think the wrapper i use for gm/im uses spawn not fork.
Captcha difficulty could be changed.
For expired captchas you can double click (with js) or click the refresh button in the frame (no js) to get a new one. Adding a timer to refresh automatically would be a good idea though, thanks for the tip.
Replies: >>685
I'm pretty sure the spawn feature is just a fork.
Yup. The issue is not node's fork, is the kernel fork. No matter what process you create, it will reserve as much ram as the original process.
Replies: >>687
So any node process that is using more than whatever available memory is left wont be able to fork/spawn anymore, is what im getting from this. Yikes.
So does your c++ module implement the imagemagick code for generating the captcha and then you can call it innl nodejs like a normal function, or does it do some magic to patch spawn? Ive never dealt with native modules or whatever is the correct term but it sounds interesting. Ill take a look and fork it if i need.
Replies: >>688
> wont be able to fork/spawn anymore
> like a normal function
like any function. check the addon for 2.3 so you wont get lost.
Replies: >>689
Nice, will do.
Screenshot from 2020-01-15 11-15-33.png
(65KB, 1564x358)
Could you address these claims in picrel?
Replies: >>691
The board was immediately spammed and somebody was trying to DDOS the site again. Seemed like it was created just to be spammed and based on the attack pattern, it was most likely the same person as >>656 and >>676 I guess it is the "dolphin spammer" referred to in that screenshot, because in their own words:
>My dolphin was laughing when imageboards get flooded

If it was just a coincidence that it got spammed right after being created (or got targeted by this dolphin person when you posted the link), make a new account and I'll transfer the board. If they spam your board again I won't remove it. My apologies and I hope you understand why I took the precaution.
Replies: >>692
(345.9KB, 794x502)
Thanks for answering. Dolphin-kun is a known sperg at /r9k/, who once decided to be baited by cuckchan according to him into posting cp link in a new thread and he got bullied for it. He also got called out for sperging out on mark/v/ by robots and tried to claim the board after last BO died he failed of course and he spammed the board afterwards.. He has vendetta against /r9k/ and tries to do anything to destroy it.
If anyone tries to claim /r9k/ here or at any other webring site in future, contact /r9k/ BO beforehand, since it's most likely dophin-kun/comradescum1 who wants to claim it just to spam it.
Replies: >>693 >>694 >>696
>according to him
Meant to be spoilered.
Replies: >>696
Not just /r9k/, he hates all of anon.cafe for some reason. I don't think there's a board on there that hasn't been spammed. No idea why he does it, maybe it's a desire for attention.
Seems like I have a lot to catch up on. If r9k BO at anon cafe really needs to move they should make a capcode/role signature post on anon.cafe with their username on this site so I can transfer to the right person. I disabled board creation here temporarily so the same thing doesnt happen again.
>>693 slightly different post formatting here, explained in faq https://fatpeople.lol/faq.html
>dolphin pedo constantly ddosing and spamming anon.cafe
>he claimed /r9k/ on julay as well
Man this is fucking cancer. And there seems to be no word from the admin of anon.cafe's r9k. Not that I really blame him since I doubt he wanted to deal with this level of autism. Would it be possible to restore the account and board I made here? You couldn't trust someone to make the board with a new account since it could just be the dolphin pedo trying to sneak his bullshit in again.
Replies: >>716 >>720
>>186 (OP) 
There's a high probability this is the spammer.
Replies: >>716
Meant for >>714.
Replies: >>717
Well that's why I'm asking if it can be restored to minimize that chance. I guess if you think dolphin pedo made the board in the first place then that would be the case. Otherwise the only other option is getting the anon.cafe BO to post with capcode and communicate, but the site is down constantly. I just want to post on a comfy board with some robots and this is all getting really tiresome.
Replies: >>718 >>720
Giving it to someone who isn't the BO doesn't minimize the chance of it falling into the wrong hands. You'll just have to be patient and wait for him.
Replies: >>719
I guess, hope he can get in contact sometime soon. But if he just DDoS's any site that /r9k/ migrates too then not much is going to change.
Replies: >>720
>>714 >>717
The account and board were made and deleted between backups, so I dont have means to restore them. Anon cafe BO can post there with an email if they really want to move here.

I have mitigations in place and my backend never sees a majority of the traffic, but my resources and knowledge are limited so it depends how far the attacks go. Julay.world also has the same host and is more popular so no doubt they have protection in place.
As for the type of attack, its mostly HTTP floods coming from digitalocean. Im not sure if they are TOR exit nodes or if they are rented by the spammer directly, but I will continue collecting attack logs to send to their abuse department.
requested /fa/ because anon cafe might not be stable in the long run. tired of lynxchan so not julay if you give it to me will ya delist it? thanks for your time
Replies: >>722
Transferred ownership to 'anon'. You can choose to make it unlisted from the local boardlist or webring in the settings page. Up to you, but I checked anon.cafe and dont have a problem with it being public, seems pretty innocuous.
Also I recommend keeping antispam settings fairly tight (default is good if the board isn't too popular, disable early404 if you want) because of the situation above ^ of some spammer targeting webring sites.
Otherwise, enjoy
Replies: >>723 >>729
Thanks m8. I'll do my best.
>disable early404 if you want
What about having it disabled by default for new boards? It's more likely to aid in sliding legitimate threads on a new board than as an extra anti-spam measure because of low activity not generating enough replies, and someone new to ownership may not know to disable it.
Captcha seems to work stopping spam for now, but there's always the possibility of it being solved or manual spam. What about a two-stage option for TPH/PPH, if someone wants a more robust anti-spam measure? Something like "Enable captcha for all posts then Lock Board". The threshold is reached and captcha is enabled. The threshold is reached again and board is locked.
Replies: >>732
Hey go to boards and sort by latest activity for me real quick
You see that one says the latest post is "3 days from now" and the one below it that says the latest post is in the future too?
What's that all about?
Replies: >>731
(26.9KB, 1024x768)
Replies: >>732
All good ideas, noted.

Probably that site has the wrong date format in their webring.json. Its supposed to be ISO 8601 format which is always in UTC timezone. If they include a diferent format with timezone that is ahead of UTC but still can be parsed as a date string it could lead to "future" last activity dates. Ill blacklist them for now until they fix it.
Replies: >>733
That site is owned by the spammer. The only conclusion is he did it purposely and inflated PPH/Users/Posts to climb to the top. He may also be harvesting IPs of any visitors, as he wanted to do that with a board on julay.
Replies: >>734 >>735
Actually, correction: all the lynxchan boards and my site return a simplified ISO8601 date format which is UTC time because we use javascript Date#toISOString, and the vichan boards return a timezone of +0 which effectively the same. "Oceanchan" is reporting inflated pph numbers and latest activity on 2020-1-21 which is obviously manipulated to climb the board list like >>733 said, so I will definitely blacklist them. Thanks for the heads up.
Replies: >>735
I've been posting this thinking I might be a damn fool. Thanks for the corroboration.
Just did some more checking, they also run their own nameservers on a different domain "boxeddolphin.com" (which resolves to the same IP and is also the PTR record). They are fishing for IPs from every angle. Definitely avoid that site.
Replies: >>737 >>739
Yeah and he just delisted his site from the whole webring, which he did earlier before creating /r9k/ with 5000 future posts and relisting it. Probably saw that it was getting called out. Guys shitty and has been trying to fuck with the webring for it seems like a full month now. Probably won't go away either if he's going to all this trouble, at least for a while. So far he's been unsuccessful.
That's the short of it
Replies: >>738
It also adds credibility to the idea that all the digitalocean IPs used for DOS attacks are vps purchased by the spammer, not just TOR exit nodes. So I will be compiling logs and reporting them to digitalocean if it happens again.
That's my new domain. It costed my dolphin $10 aussie shekels.
Hey admin, Smug dev here. robi and I patched this latest vulnerability out of the ring by making the "known" field never be read or used for spidering, now we only spider "following". If it's not already like that, you might want to consider changing it. This change makes it much easier to chop of bad branches of the webring (blacklisting the problem site will also get rid of everything it included). Though the flipside is transitive links become less reliable, and it is worth adding as many sites as possible to "following" so that the webring is more resilient to key nodes going down.
Replies: >>747 >>748 >>756
For reference, Smug follows the entirety of the webring directly:
OK ill change that right now, thanks. This change means if one site follows somebody new, other sites would have to manually add that site to their follower list in order to show its boards, correct?
Replies: >>750
Also, could you patch the vichan/infinity webring addon to return values for postsPerHour, uniqueUsers and totalPosts as numbers rather than strings?
Replies: >>750
No, it SHOULD still spider the ring by following other sites' follows. The change is that this list does not get automatically cached. In other words, if site A follows site B, and B follows site C, then site A will transitively follow B's following list and so follow C - HOWEVER it will not actually cache this locally so it will have to go through B each refresh to get to C (and D if C is the only site following it etc.). If B goes down, then A will no longer be able to reach C, so A should really also add C to its follows directly as well so it's not so reliant on B. At present there are boards only followed by our two sites, so if we both went down the rest of the ring wouldn't be able to see those boards any more.

Ahhh, I understand now. Thanks for clarification.
If A follows both B and C, C removes an unwanted site, B keeps an unwanted site, and A is just picking up both of their webring lists, what happens?
Replies: >>753 >>754
Let me actually redo this
A, B, and C all follow eachother mutually, C removes an unwanted site (x), B keeps an unwanted site (x), and A does nothing. What happens?
Replies: >>754
If by "removed" on C's part you mean blacklisted and "keep" on B you mean followed, then the lists would look like:
-following: B, C
-known: B, C, X

-following: A, C, X
-known: A, C, X

-following: A, B
-blacklist: X
-known: A, B>>750 feel free to correct me if im wrong
Replies: >>755
Exactly. Thank you.
What would happen in this scenario?
Replies: >>756
Well... nothing really. Blacklists dont propagate because sites may have different blacklists to others and we dont want a malicious actor spreading their blacklist. That hasn't changed.

The recent change was to how caching is handled. Lets say site X was malicious and had a bunch of false entries and crap in their webring "known" or "followed" e.g. X1, X2, X3. Even if X was blacklisted, X1, X2 and X3 would be cached and propagate among other webring sites. Now X1, X2 and X3 could also have malicious entries and the problem just spirals out of control. The solution was to not cache other sites "known" values and simply fetch everything recursively starting with your own following list like >>746 and >>750 explained, so when you blacklist somebody it just chops their branch of the webring off completely.
Can't believe I overlooked this until now. Any reason for this strange order on the postform?

Looks good and makes the most sense because it follows their display order in the post-info, but whatever you prefer I think Name and Email fields should definitely be neighbors because of their relation.

Looks good too. Works better than Subject first with how Force Anon currently functions, as the Sage field looks best on the same row as the [X] and it would be wise to maintain the same order between normal and Force Anon.

When using Force Anon, the Sage after the checkbox is redundant. I think it looks better removed. When using Force Anon you need to disable then re-enable it every time you want to make an official post with capcode. 8chan solved this by having two separate CSS for regular browsing and moderation browsing. Maybe there was some underlying code too, I don't know. Anyway, I didn't really like their solution because it disabled custom CSS when moderating. What if Force Anon left the Name and Email fields intact, but only capcode and sage were valid inputs? Someone tries to include a name, tripcode, or email, it strips them before posting. Would be cool.

I think 8chan had an option for the board owner to disable the Subject field when replying, so it could only be used in OPs. I would like that.
Replies: >>760
>field order
I agree on changing the order, makes sense
>option for the board owner to disable the Subject field when replying
Sounds good
>remove text in sage checkbox
That can be removed depending on how I solve the force anon problem

>force anon and staff posting capcodes
I already knew about this issue for a while actually, but im stuck choosing between 3 options:
1. Enable the name and email fields even with force anon enabled. The server already does validation so only staff can post name or an email other than sage with force anon enabled, it gets stripped for normal users. The downside to this is showing useless fields to normal users and not being able to tell if force anon is enabled.

2. The 8chan approach. What they actually do is make a dynamic "mod view" for all pages that has the full post form. This is more complex, and has other issues (mainly performance and vulnerability to abuse) that dont make it worthwhile to add just for posting with capcode.

3. Have a postform in the management area with an extra "thread" field. That way staff can post with the full postform without having to implement a "mod view" system or show useless name/email fields to regular users. Less staff friendly, but avoids the main issues of both 1 & 2 and since staff dont usually post with capcode too often, it could be a good option.

Maybe there are other solutions, but these are whats on the books right now. Let me know what you think and thanks for the feedback.
Replies: >>761 >>769
(11.6KB, 1012x419)
I don't consider useless fields to be a big deal because they're already not used a vast majority of the time, which is why I didn't notice their order until now. Staff Actions are useless to normal users, but I guess being hidden behind two clicks is a little better than being out in the open as Name and Email would be. Not being able to tell at a glance that Force Anon is enabled may cause some confusion and "WHERE'S MUH NAME/TRIP?" posts, but anons could have a bit of fun with it as a newfag detector. It reminds me of when someone first encounters imageboards and inputs a name and email, and when someone first encounters word filters. A learning curve isn't bad. Though I understand why you want to pare everything down to only the essential.
Having performance and vulnerability issues is a definite no then.
In the Thread field you'd input the post number of the thread you want to reply to? No post number in the Thread field would result in a new thread? Sounds interesting. Would be a little clunky when replying if you're not able to view the thread at the same time, but tabs exist. It has a certain charm to it, maybe we need a little clunkiness in our lives.

I'll think more about this, but I doubt I'll come up with anything better than solution 1 and 3.
(101.2KB, 640x775)
An option on the account page for automatic capcode? Enable it, post on a Force Anon board, disable it. Could also be useful on regular boards with high activity when having meta discussion. No useless fields. No clunky postform in the management area, which would be useless on regular boards.
Replies: >>766 >>767
(7KB, 453x549)
>Could also be useful on regular boards with high activity when having meta discussion.
This is a little too specific a reason to make a decision based on it
Could you cram a capcode checkbox next to or under the spoiler or sage checkbox?
Replies: >>768 >>769
>This is a little too specific a reason to make a decision based on it
It's not a reason to do it, just an extra use outside of the actual reason (Force Anon). I'm not suggesting the current method be replaced either, the capcode could retain its ability to be enabled manually within the Name field.
>Could you cram a capcode checkbox next to or under the spoiler or sage checkbox?
I had thought of that, but it would result in showing useless fields to normal users. The same problem as leaving the Name and Email fields intact on a Force Anon board.

I'll expand on this idea a little. Maybe the Suffix field could store its value and always have an affect if something is input. Meaning if the automatic capcode was disabled with "Tom" in the Suffix field, he would only need to type "##" in the Name field and it would always display "##Admin Tom" on an official post. That would be another extra use for regular boards, for anyone who likes using the role name feature. Why account and not manage? The manage page is per board. If it enables capcode site-wide (for boards you're permitted to moderate), it makes most sense to be on the account page. If it enables capcode per board, you could enable it somewhere, forget about it, and be more likely to accidentally post with capcode. I think it's better as a site-wide option, especially for an admin/global account. It's easier to keep track of, it's either enabled or disabled.
Replies: >>769
(19.2KB, 441x308)
I like the idea of setting a default capcode suffix on the account page, I could do that. And as for showing extra fields, a second "capcode" checkbox next to sage isnt as bad as the full name field, pic related.
I think ill add these two things for now, and eventually implement 2. from >>760. With some proper caching it would perform fine and it opens up for more features like optionally not requiring staff to fill captchas to post/moderate and not showing staff only actions on public pages.
Replies: >>770 >>774 >>776
>not showing staff only actions on public pages
I see you were properly razzled by the threats of getting BANNED ON YOUR OWN WEBSITE
jokes aside that looks good, and it also leaves room for another checkbox if for whatever reason you decide you want/need another checkbox I take it you might've figured out a way past the vulnerability issues you were saying option 2. had?
Replies: >>772 >>775
Actually let me toss this at you see what you think
What if the blank space on the right of "capcode"'s checkbox was the new reply button? That would make the entire field shorter but would of course make the reply button much smaller. Just a thought
Replies: >>773 >>775
nevermind this would make the reply button inconsistent in placement across boards and that's shitty
Replies: >>774
(6.8KB, 511x344)
Could also do this if you wanted, but it feels a little cluttered to me. Though it's not really necessary at the moment because I think I'm the only one using Force Anon and I don't use the role name feature.

Yeah, it would be inconsistent, it would also be weird having it next to the [X].
Replies: >>775
Because mod view (especially if you disable captcha) requires CSRF security tokens, you need to serve different HTML per-user per-page. So with lots of accounts viewing lots of pages and because the tokens expire, the server needs to do more work building these pages on-the-fly. Its a "vulnerability" in the sense that somebody could make a bunch of accounts and flood mod view to try and overload the server. AFAIK this is the reason 8chan had "sys.8ch.net" because they served mod view off separate servers. Public pages are static and only updated when a post is made, so the same thing can be served to many users without any complex logic behind it.

The submit button being at the bottom/end is best, seems like the logical order.
The account page idea suggested earlier is nicer unless you need to change role name often (is that common?).

btw I had to write this twice because my kitten stepped on my pc power button >:^(
Replies: >>776
>I like the idea of setting a default capcode suffix on the account page, I could do that.
It could even function as a display name if you wanted to keep actual usernames hidden as an added security measure. Whenever you implement post editing it could draw from it for the "Edited by" message. The board logs could draw from it, eliminating the use of "Hidden User", because normal users do like knowing who did what, so they can direct their rage at the correct target. If blank, a generic owner/admin/global in place of the name, or it could be required (don't know what name I would use though).

>AFAIK this is the reason 8chan had "sys.8ch.net" because they served mod view off separate servers.
Oh yeah, I totally forgot about sys.8ch.net. I never created a board there to actually use, only for testing, so I don't remember too much.

>The account page idea suggested earlier is nicer
I agree, I only suggested it as a temporary solution until mod view is implemented.
>unless you need to change role name often (is that common?).
Probably not, unless someone wanted to sockpuppet to pretend to have a mod team.

>btw I had to write this twice because my kitten stepped on my pc power button >:^(
Owned :^)

349 replies | 73 files | 127 UIDs
Show Post Actions


Staff Actions:


- rules - faq - source code -