version 2.4

[Mars]

@rejetto

could you add this macro in scriptlib.pas during the new release of hfs
    ....

    if name = 'sha1' then
      result:=strSHA1(p);
    if name = 'sha256' then
      result:=strSHA256(p);

it is to allow an intercation with the function sha256(s) that you placed in the template


thank you in advance

[rejetto]

Will pressing the bulb be saved, possibly by account? Is it controllable, possibly even by day/night cycle?

it's saved  as a cookie in the browser.
the 'cycle' could be a plugin, i don't think i will include such feature in the base.
i guess the best would be to detect what you want from the OS, as they are starting to be dark-aware.


Thanks to the new *.diff.tpl feature it will be much easier to make "plugins".
I have many ideas but little time.

could you add this macro in scriptlib.pas during the new release of hfs
it is to allow an intercation with the function sha256(s) that you placed in the template

sure, next release

[dj]

Will pressing the bulb be saved, possibly by account? Is it controllable, possibly even by day/night cycle?

autotheme addon sets dark mode by OS

[MarkV]

it's saved  as a cookie in the browser.
the 'cycle' could be a plugin, i don't think i will include such feature in the base.
i guess the best would be to detect what you want from the OS, as they are starting to be dark-aware.


Thanks to the new *.diff.tpl feature it will be much easier to make "plugins".
I have many ideas but little time.

My browser kills cookies after a few minutes or session end, thanks for the note. I would like to have at least the option to make dark the default (theme always starts as dark instead of light).

autotheme addon sets dark mode by OS

Will not work for me, I'm on Windows 7. Could be set by day time easily.

[rejetto]

My browser kills cookies after a few minutes or session end, thanks for the note. I would like to have at least the option to make dark the default (theme always starts as dark instead of light).

put this file in hfs folder.
i love this feature.

autotheme addon sets dark mode by OS

cool! i forgot about it.
I will use the method for the default tpl. I hope you don't mind

[MarkV]

Seems to work, although it unconditionally forces dark mode (reset to dark at every refresh or directory change as the theme gets re-read). Well, good enough for me!

Just be sure to skip the OS method on non-conforming OS (everything before Windows 10 1803 IIRC).


Edit: Small objection with the dark theme in general. Every refresh or directory change, it flashes bright before returning to dark again. This is very painful for the eyes, especially in dark environments. Maybe it's easy to improve.

[dj]

cool! i forgot about it.
I will use the method for the default tpl. I hope you don't mind

That's what it's there for.
(It's also build in in my tpl)

[LeoNeeson]

i'll better explain this new anti-DoS mechanism i just introduced:
[...]
If necessary i will introduce an option to configure this behavior, we'll see.

» Suggestion: Why don't you introduce an option to also configure how many connections per second (per IP) are accepted? (for example, with a new variable 'MAX_PER_SECOND'). That, along with the current variable 'MAX_CONCURRENTS'. It could be a menu setting, or (even better) only a hidden config on hfs.ini. This could be useful for advanced server admins that doesn't care about having a DoS protection, for example if he only uses HFS on a private or local LAN environment. Alternatively, if any of those settings are set to "0", it could disable this DoS protection (never delivering a 429 error, but giving unlimited/unrestricted connections, like on the old 2.3m version). It's just an idea...

» Another important thing: Have you thought on how this new setting could affect the use of HFS along with Stunnel? (I haven't tested since I don't use Stunnel, but this new setting could give trouble if all requests have the same IP, like when it's used with Stunnel). An option to disable all this DoS protection, could come handy for that exactly reason.

Cheers,
Leo.-

[NaitLee]

Leo says right. My homepage index.html needs lots of css and js requests, and RC2 also caused some of them 429.
Because they should be loaded from start, retrying cannot solve all problems.
Making this adjustable means respecting users freedom
Or only apply the anti-DoS on a same request by default?

[rejetto]

» Suggestion: Why don't you introduce an option to also configure how many connections per second (per IP) are accepted?

as i just said, if we find that's necessary to have an option we'll have an option.

» Another important thing: Have you thought on how this new setting could affect the use of HFS along with Stunnel?

to be honest, no, that can be a serious problem. I may need to introduce the 'option' just for this.
As i understand, stunnel doesn't work at http level, and won't "forward" the original IP address to HFS. Correct?
An "http proxy" would do that, and you would have no problem.
Sadly it's not easy to find a free one. Surely can be done by configuring nginx or apache as reverse proxy.
https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
https://www.scaleway.com/en/docs/how-to-configure-nginx-reverse-proxy/

Leo says right. My homepage index.html needs lots of css and js requests, and RC2 also caused some of them 429.

DoS protection doesn't apply to files, css or js.
Tell me how to reproduce the problem please, it may be a bug.

[Mars]

any external connection made through stunnel is seen as a local connection in 127.0.0.1 by hfs, it is impossible to go back to the user and the use of the ban therefore is rendered useless

transparent = yes | no (Unix only)
Transparent proxy mode

Rewrite the addresses so that they appear to come from the SSL client machine
rather than one that runs stunnel. This option is only available in local mode
(exec option) with the LD_PRELOADing env.so shared library shared library and
in remote mode (connect option) on Linux 2.2 kernels compiled with the option
transparent proxy and only in server mode. This option cannot be combined with the mode
proxy (connect) unless the default route from the client to the target goes through
the host running stunnel, which cannot be localhost.

transmission of external ip is only available on UNIX

[illskillz24]

One question, can custom templates be used for hfs24?

I keep getting an error.

[rejetto]

One question, can custom templates be used for hfs24?
I keep getting an error.

if the template was made for 2.3 some changes must be done.
template makers can get help on this separate thread http://rejetto.com/forum/index.php?topic=13326.0

[NaitLee]

DoS protection doesn't apply to files, css or js.
Tell me how to reproduce the problem please, it may be a bug.

I'm wrong, there's a limit set in my configuration by a template...

One question, can custom templates be used for hfs24?
I keep getting an error.

Updates requires new templates have sth different from old ones:

[unauthorized] to [unauth] as recognition, inheritable selections like [error-page],
new file action methods ('section' to 'file'), and new login system (encryptable password, logout).
Maybe auto-retry is needed, too.

[dj]

at the moment Mobil-light and Takeback works