rejetto forum

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - danny

Pages: 1
1
HTML & templates / Stripes, the template for simple and easy
« on: February 20, 2021, 11:56:39 AM »
Stripes has a very clean layout that helps focus the users. 
Anyone will be able to use it easily.

+ High efficiency for multi-user workload.  Caching.  Exceptionally Sturdy.
+ Support for:  Phone/PC, large folders, basic users, any connection type.
+ Data savings because adaptive scripts aren't sent until they are needed.

Template Install:  HFS menu, HTML Template, Change file.
Kudos to DJ for the login, delete, and music shuffle player.

2
HTML & templates / Tiles and Stripes, the gallery view
« on: July 26, 2020, 11:51:14 AM »
For HFS 2.4 RC5/6/7...

Tiles-n-Stripes template is for development/testing purposes (not for main server). 
Tiles/Gallery layout may cause a couple of problems:
1).  On a fast connection, the amount of data (if page scroll+download/archive) can jam the ui and get stuck.
2).  On a slow connection, the amount of incomplete requests can snowball an overlarge 'todo' list; also stuck.

For problem#1, it was rewritten with micro-delay timers between retries and between rows of lazyload photo tiles.  This avoids the fast-connection-stuck problem, by providing some slack-time for other functions to run (ui-screen-update, list, uploads, multiple-users, etc.).   So, it can work for localhost/local-lan test and other fast connections.  Do see the updated lazyload script.

For problem#2, your clients have a variety of connection speeds, so this template is not suitable for use over the internet
Possible fixes include ondemand (not implemented) whereby no tiles are shown until user clicks to see tiles on current page.  And, speed adaptive tile size, whereby the tiles get much larger size and margins for slow connections, so they could load faster if fewer fit on screen (not implemented because no client speed measure available).

3
HFS ~ HTTP File Server / FR: average speed
« on: June 24, 2020, 12:54:38 PM »
Feature request:    I would like to access averaged peak speed data via macro. 
Like that ui graph with speed peak. . . average of peaks, if made available by macro, would be so very useful in determining workload/capacity. 
That is the missing piece of data for making pages adaptive to capacity. 

4
Bug reports / unimportant leaks through to error section
« on: June 10, 2020, 04:55:28 AM »
If [error-page] is present, that content will be a response, to ban/disconnect/scanner
Next,
No matter if [error-page] section is present or not, contents of [overload] will be a response to banned/disconnect/scanner

This is unintentionally verbose/pingable. 

Also, if you do the hide-root thing, throwback14 is rigged not to leak at / but, if you ask for url/File, the overload section is the response even if you don't have a folder named file.   Apparently, /file has a special meaning and exists always. 

Here is a patch: 
Delete the [error-page] section (if any).  Throwback14 doesn't have it.
And also,
The [overload] section should start off with 3 filter macros: 
{.if|!%user%|{:{.if|{.%url% = /.}|{:{.disconnect.}:}.}:}.}{.if|!%user%|{:{.if|{.%url% = /file.}|{:{.disconnect.}:}.}:}.}{.if|!%user%|{:{.if|{.%url% = /File.}|{:{.disconnect.}:}.}:}.}
Does:  Don't send extra messages to strangers seeking /, /file, /File. 
Pseudocode:  If  stranger caused overload at / then disconnect; and, if  stranger caused overload at /file then disconnect; and, if stranger caused overload at /File then disconnect.

If there are more built-ins, then the filter which starts the [overload] section should be revised to:
{.if|!%user%|{:{.disconnect.}:}.}
Pseudocode:  Don't send overload message to strangers. 
I updated my home server to that, because I don't know how many built-ins there are (such as /file which exists always). 

The question is:
Should the security update be done at the template or at hfs.exe? 
If it was a good idea to put the security update into a template, then I'd need to ask a moderator to unlock the Throwback template thread. 

Severity:
Least Impact.  Almost none.  Hideroot style security effort is not expected to succeed on port80; and common scanners don't check every uncommon port to see if web servers respond to /file, because it is unfeasible to use a scanner in that way. 


In my opinion:
A template could not be fully effective at hideroot security efforts (not a total means of security, but it lasts until a change).  A template could do either least or more verbose response.  Only hfs.exe could do zero response.  Perhaps an option could be added for make no response to / nor to any folders which don't exist?  I'm glad that Throwback and Takeback have better inbuilt security than any other templates; however, I think it would be a bit more effective if the .exe did the job.  Again, the security-gap reported is least-impact (of least concern).  But, it could be improved.

5
This post redacted.

6
HTML & templates / forum error
« on: May 08, 2018, 06:12:33 PM »
This thread has copies of some posts from the Throwback thread.   Seems to be an error.

7
The files (here at post#1) are open source; built for speed and quality.   Feel free to make a comment.

There is no limit on folder size (any size folder is fine); so, it can be used for an effective music player and file finder (tested up to half million file list).  There is no minimum connection speed (it has streaming file list).  Any kind of connection works fine.

It has a clean layout that works on any size screen, and automated error recovery so it is super-easy for users (they are not confused).
The photo features are ondemand and adaptive for data savings.

Template Install:  HFS menu, HTML Template, change file
Do see:  watchdog & WatchCat keepalive monitor accessories.
HFS2.3K for high capacity, if ethernet port force-set to 100mbit
Kudos to DJ for login, music shuffle player, delete and slideshow
See also:  The simpler Stripes template on its own thread

8
HTML & templates / build 299, still trying to log in, from a phone
« on: April 27, 2018, 09:56:23 PM »
Edit:  Many of the phone/mobile browsers don't have basic-auth.  But, Firefox mobile is compatible and Some chrome versions can do it.  So, the eventual solution was to simply download a compatible browser. 

It seems recommendable to put a note like that into the [unauthorized] section of an hfs template.  So, instead of no explanation, the user could have a note on what to do to achieve login. 

Pages: 1