From here on, this thread is about Kareha again:
↓

Here's a fun little game for you all!

I'm looking into adding support for using HTML markup in addition to WakabaMark, but since most boards use XHTML, I can't just let through any old HTML, and most people can't write well-formed XHTML. Also, I don't want any cross-site scripting going on. So I've tried to write a piece of code that takes any horribly written piece of HTML, sanitizes it by removing all tags and attributes that are not an approved list, checks the attribute values, and turns it into well-formed XML.

Now I'd like to see if anyone can break this. The objective is to get some Javascript onto the page, or making the page break in Firefox (or any other browser that parses XML strictly), or otherwise causing trouble. Have at it!

http://wakaba.c3.cx/test/sanitize.pl

Ah, there was an XHTML error in the cutesy capcode, and of Safari won't handle XHTML correctly and die on errors. Gah. Fixed.

The problem reported in >>143 is still present.

Why would there be any use in writing actual HTML in posts? Seems to me like it's just inviting abuse.

>>123
signed

>>96
forgot to mention that maybe a parameter could be included in config.pl to define an XHTML file for the disclaimer/rules block. It could be used both in 2ch and Futaba (right under the posting area) modes.

>considering the default prune behaviour of imgboards

One of the parameters Kareha uses to determine pruning is MAX_POSTS, so even if you sage a thread under this new condition, you still add to the board's total postcount and speed up the process for pruning that thread, regardless of MAX_RES. The only flew is this assumes pruning is based on thread creation date, not popularity (because someone could easily bump a shitty thread and save it from deletion).

I also agree that enabling this functionality would further make threads vulnerable to intentional bumping by trolls. I was sorta envisioning it being used in a mature community where trolling is minimal and quickly weeded out by regulars.

Here's a new idea: how about trying this in reverse? Only "sage" posts are counted in MAX_RES, in which case saging can again be used either in protest or as a courtesy to others. The only problem is that people can then freely bump threads without consequence.

> Why?

I am not the user who initiated this parition but I find them to be triggered far too often.

> On another note, why have I seen partition instead of petition multiple times?

An old imageboard meme. Don't ask!

> To more closely resemble the 2ch look, how about prefixing thread title headers in the main board page with a 【position:postcount】thingie?

I find the "1. Thread title (1000)" format much more readable in the post list. And for the main titles, I don't see any value is putting the position in there. That serves no discernable purpose.

> And as suggested before, the navigation links on the bottom of individual thread pages should include "Previous 100" (ie, all posts before the first post in the URL) and "Next 100" (ie, all posts after the last post in the URL).

They already do, but only if there are enough posts in the thread for this to make sense. Or, try a short range like 23-27 to see it in action.

> The "First 100" link should also be removed from the bottom of individual thread pages, and there should be a link to to thread-list included below the reply box of each previewed thread on the front page.

I've been wondering about the justifications for which navigation links should go where. 2ch has it pretty much worked out, I'm sure, but I don't quite see why there should be a "First 100" at the top but not at the bottom.

> Change "Del" links to widget buttons.

Would be very ugly. Those buttons are big.

> In order for the CSS selector not to take over the entire header, how about turning it into a drop-down menu?

I was meaning to do that from the start, but there was some problem with gettting it right. I forget what exactly.

> The same could be done with the Admin functions (appearing only after one correctly inputs the password), placing it on the right side of the board and thread title headers (this would also allow admins the convenience of deleting and permasaging threads from the front-page).

Squeeks would prefer to have a separate script for admining. I'm not sure which is the best approach here.

> and would something like this work (given that all boards share the same root directory)?
> >>>>sup/1129153864/1-100
> >>>1129153864/1-100

Maybe, but I don't see the value in adding code for this, given that you can just paste the URL in there.

> P.S. When you mentioned serving dynamic pages in >>46, were you referring to individual thread pages? As I mentioned before, it'd be nice to make the front page as dynamic and flexible as thread pages when it comes to viewing options (via PATH_INFO).

The front page gets lots of hits. This would drive up CPU usage something fierce.

> Oh, and please bring back MAX_LINES.

I still don't think it serves any useful purpose.

>>348

That's a Firefox bug.

>>305

Shift-reload already! Also, most people are familiar with "More options..." links and know when and when not to click them. I might see about styling it, though.

About the etyomology of "fusianasan":
http://4-ch.net/nihongo/kareha.pl/1102656968/224-

>>259

Fixed.

>>260-261

The test script doesn't try to handle charsets at all at the moment.

It's also more markup when even the existing one isn't working as well as it should.

Also, wouldn't making capcodes even more prevalent be considered A Bad Thing®? If anything, the role of capcodes should be minimized or altogether eradicated, in favor of ninja moderation.

Another question: would FUDGE_BLOCKQUOTES be considered deprecated by now, or are there still CSS styles out there that require it?

> Why not make None or Text Art the default?

Because >>309. I don't want to implement half of WakabaMark for the None mode, and without it you don't get stuff like quote highlighting.

> Also, can you make >> links into anchors('#') when you're on the reply/entire thread page, especially in Wakaba?

Er, that is exactly how Wakaba works right now? And Kareha can't change the contents of posts dynamically, so it'll never do it.

>>342
Well, for example, in both forms the text labels are bolded when they shouldn't be, in Futaba and Blue Moon. If you take a look at Blue Moon, the text labels in Create new thread are larger than those in the Reply box.

Copyright only applies to the literal code, not to features, ideas, or algorithm. Patents do, to some extent, but that's not the issue here. Since I'm not going to write the exact same code, there's little they can do.

>>244

Er, that's a feature, not a bug. That's how most GUIs act.

>>59-60

Details, please. Everything works for me.

test

Gah, I am totally confused about what to do about the admin interface. Separate script? Built-in? Javascript? How do I display the data? I have no idea!

A 1001th post would be a bother.

> More information on the all threads page, date of the last post? file size?

That might be somewhat useful, I suppose. I'll have a look at it.

> A quote button that puts >>n and puts the post prefixed by > in the reply box

There's already a way to put in >>n. However, quoting an entire post is seldom something you want to do anyway, so I don't think that's worth cluttering up the page with a million buttons for.

> Different secret strings for different functions (e.g. one for ID generation and one for secure tripcodes)

Most admins probably don't get point of the secret string anyway, and asking them to put in several is just too annoying. In retrospect, I'd like to add a second layer of hashing to these, but that'd mean breaking secure trips AGAIN.

> A trigger for turning wakabamark off and one for forcing a monospace font

I've been trying to work out a more elegant solution for this.