> some other trickery

I smell JavaScript coming in about >>90-120

This is the obligatory encoding test ... in <code>

 ㋋㏡
 ゔ〲〰 ゔ〲〲〰〰 ゔ〲〰 ゔ〲〰 ゔ〲〰ゔ 〲〰ゔ 〲〰ゔ〲〲〰ゔゔ
〳〵ヷヷヷヷ〰〰〰〳〵ヷヷヷヷ〰〰〰〳〵ヷヷヷヷ〰〰〰
(♛ฺД)(*゜∀゜)～♡ℳฺℴฺℯฺ❤ℒฺℴฺνℯฺ..._〆(゜▽゜*)㌰㌰ ㍉㍍㌧㌔㌶㍊㌣㌦
㌀㌁㌂㌃㌄㌅㌆㌇㌈㌉㌊㌋㌌☠ฺ ☠ฺ ☠ฺ ☠ฺ ☠ฺ ☠ฺ ☠ฺ ☠ฺ ☠ฺ
☼♭♬♫♨♩♧♦♥♤♣♢♠♡♐ฺ♑ฺ♒ฺ♓ฺ ♔ฺ♕ฺ ♖

ฺ ♗ฺ♘ฺ♙ฺ♚ฺ♛ฺ♜ฺ♝(･∀･)/ヾ~~╋┓!㋦㋸㋭°

|壁|」゜ρ゜)」　ノ ヽ``～ 力㋦㋸㋭°
 　 　 ／ ⌒ヽ  
　 　/　´_ゝ`） I am sorry、 the β α κ α kopipe couldn't be carried out・・・
　　|　  　　/
 　　| /| 　|
　 //　|  |
　Ｕ 　 .Ｕ  

> people like admins might prefer to use them

but they have capcodes now...

>>208

> multi-page links (1-, 101-, 201-, etc) at the top of subpages

This is just implemented on some 0ch types. 2channel doesn't use it (at least on no board that I know of).

>>96
forgot to mention that maybe a parameter could be included in config.pl to define an XHTML file for the disclaimer/rules block. It could be used both in 2ch and Futaba (right under the posting area) modes.

>>59-60

Details, please. Everything works for me.

> 2channel does not do this either by default. It can make browsing a bit more convenient (and I suspect dedicated 2channel browsers to insert & read these in some kind of standardized way) but I don't think that's reason enough to impose it on users by default.

whoops, I misread "postcount" as "posticon". Nevermind!

> It's a link, it screams "Click me!".

There's something to be said about obsessive-compulsive... >.>;

>>32

Your browser momentarily regressed to an old bug and then got better? Who can tell?

>>22

Running in pure perl would be ideal, portability-wise, but in practice implementing a JPEG loader and saver from scratch in Perl is both a lot more work than anyone wants to do, and the result will also be too slow.

As was already stated, making a statically linked executable lets you distribute pre-compiled binaries that people can just upload along with the script.

> Red, bold thread filesizes displayed near the bottom of subpages?

I support this, especially if thread-closing by filesize should be implemented.

>>108
I don't think that restricting specific users' posting priviliges is useful in any way except restricting them from posting.

>>108,113
"fusianasan" is for when a user wants to prove that he is posting from a certain place (like a school, a company's network or a military base).

>>112
A keyboard shortcut for "reply" in Kareha or "submit" in Wakaba would be nice to have.

In mode_image: shouldn't the board title be in <h1>, and the post headers in <h2>?

Copyright only applies to the literal code, not to features, ideas, or algorithm. Patents do, to some extent, but that's not the issue here. Since I'm not going to write the exact same code, there's little they can do.

>>333
The whole point of websites is to implement things without the external application. I don't understand the argument for OH NO ANOTHER BUTTON MY WHOLE LIFE IS RUINNED crowd. If you don't like the extra buttons why don't you remove them with an external application and/or preferences? When you are talking about formating options, a preview makes sense. Are you going to set up your thrid-party application for every configuration of tags supported for every board?

If a feature is of a wide enough audience, it should be included. I'm sure nearly everyone could use a preview every once in a while, whereas something like a Bible quotation functionality would not have wide use.

>>151 It's all public domain, I believe.

Oops, forgot to link the first point to my original thread: http://wakaba.c3.cx/sup/kareha.pl/1127326007

Oh, and see if dmpk2k is willing to port over the proxy detection and load-balancing/distributed server cluster functions to Kareha. Those would be neat.

> Also, I couldn't be arsed to fix Amber, since it was just a joke in the first place.

Booo!

> who here finds enough use in the auto-expanding comment box to justify the annoyances when you click in or out of it?

I love that feature. Please don't remove it!

> I think the drop-in Style capability is fantastic-- but it just doesn't seem to play nice with the current 2ch page design.

plz 2 be keeping that feature too

>>101
If that is legit, then fusianasan needs to display IPs just like tripcodes: not bold/strong.

/-100 shows the first post two times.

I fixed the Javascript a bit, and uploaded it for these boards. Try shift-reloading to get the new code, and see if cookies work better now that I'm not using cargo-cult code.

Test with ¦

>>137
I'd advocate going for a separate interface a-la Wakaba, but it might be a bit too much to do for this release.

Also, maybe Easter Eggs like the Eternal September timestamp and others (if they exist) should be documented in config.pl.

Lastly, a question: who here finds enough use in the auto-expanding comment box to justify the annoyances when you click in or out of it?

The "Entire thread" link in the top navigation bar of the thread page is still broken.

Here's a fun little game for you all!

I'm looking into adding support for using HTML markup in addition to WakabaMark, but since most boards use XHTML, I can't just let through any old HTML, and most people can't write well-formed XHTML. Also, I don't want any cross-site scripting going on. So I've tried to write a piece of code that takes any horribly written piece of HTML, sanitizes it by removing all tags and attributes that are not an approved list, checks the attribute values, and turns it into well-formed XML.

Now I'd like to see if anyone can break this. The objective is to get some Javascript onto the page, or making the page break in Firefox (or any other browser that parses XML strictly), or otherwise causing trouble. Have at it!

http://wakaba.c3.cx/test/sanitize.pl

>>123

Noted. I've been struggling with that same problem for naming things internally in the code, and obviously it distracted me from noticing the same problem in the GUI.

If you want to have a look at what the code actually does to dig out flaws, here is the current version:

sub sanitize_html($%)
{
	my ($html,%tags)=@_;
	my (@stack,$clean);
	my $entity_re=qr/&(?!\#[0-9]+;|\#x[0-9a-fA-F]+;|amp;)/;

	while($html=~/(?:([^<]+)|<([^<>]*)>?)/g)
	{
		my ($text,$tag)=($1,$2);

		if($text)
		{
			$text=~s/$entity_re/&amp;/g;
			$text=~s/>/&gt;/g;
			$clean.=$text;
		}
		else
		{
			if($tag=~m!^\s*(/?)\s*([a-z0-9_:\-\.]+)(?:\s+(.*?)|)\s*(/?)\s*$!si)
			{
				my ($closing,$name,$args,$implicit)=($1,lc($2),$3,$4);

				if($tags{$name})
				{
					if($closing)
					{
						if(grep { $_ eq $name } @stack)
						{
							my $entry;

							do {
								$entry=pop @stack;
								$clean.="</$entry>";
							} until $entry eq $name;
						}
					}
					else
					{
						my %args;

						$args=~s/\s/ /sg;

						while($args=~/([a-z0-9_:\-\.]+)(?:\s*=\s*(?:'([^']*?)'|"([^"]*?)"|['"]?([^'" ]*))|)/gi)
						{
							my ($arg,$value)=(lc($1),defined($2)?$2:defined($3)?$3:$4);
							$value=$arg unless defined($value);

							my $type=$tags{$name}{args}{$arg};

							if($type)
							{
								my $passes=1;

								if($type=~/url/i) { $passes=0 unless $value=~/(?:^$protocol_re:|^[^:]+$)/ }
								if($type=~/number/i) { $passes=0 unless $value=~/^[0-9]+$/  }

								if($passes)
								{
									$value=~s/$entity_re/&amp;/g;

									if($value=~/"/) { $value="'$value'" }
									else { $value="\"$value\"" }

									$args{$arg}=$value;
								}
							}
						}

						my $cleanargs=join " ",map { "$_=$args{$_}" } keys %args;

						$implicit="/" if($tags{$name}{empty});

						push @stack,$name unless $implicit;

						$clean.="<$name";
						$clean.=" $cleanargs" if $cleanargs;
						$clean.=" $implicit" if $implicit;
						$clean.=">";
					}
				}
			}
		}
	}

	my $entry;
	while($entry=pop @stack) { $clean.="</$entry>" }

	return $clean;
}

>>9
I mentioned the option because on highly active boards it's helpful to know which threads will be gone in the next few minutes.

I've been meaning to change some of the defaults away from Futaba-style to saner behaviours. Any suggestions for what to change are welcome. So far:

• Pruning set to furthest-back instead of oldest.
• Size limit instead of post number limit, maybe?
• I'll add thread closing to Kareha, but I was thinking of setting the default behaviour to never permasage or close threads.

>>214

Point taken. I'll add it as an autoclose option.