rejetto forum

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - username1565

Pages: 1 2 3
16
HTML & templates / Re: Chat for HFS.
« on: March 07, 2019, 06:24:02 AM »
What tool are you using to view the header? I use Wireshark and chrome built in html console.
I just can see the headers of queries - in the tab "Network" in Mozilla Firefox, and Google Chrome.

My next question is are you using a xhtml doc type and file format?
No. Just HTML, javascript and XHR queries.

@username1565: Please upload and post the exactly template file you are using that gives you that error, so we can try to debug your error.
I already send it, in that jsfiddle.
Quote
http://jsfiddle.net/pthoty2e/

Keep in mind that HFS only supports .TPL template format and it doesn't understand .PHP (it will take it like a normal .html file). So, for example, if you use 'upload.php' HFS will take it as a static page like if it was 'upload.html' and that could be the reason of this not working. That's why I've ask you if you can post here the file you are using...
That was been example code. Yeap, there is using PHP, but on another server,
and as you can see, there is working UPLOADING PROGRESS, when async=true.
Quote
  xhr.open( "POST", "https://zinoui.com/demo/progress-bar/upload.php", true );
If you will change this to false:
Quote
  xhr.open( "POST", "https://zinoui.com/demo/progress-bar/upload.php", false);
and press "Run" again,
then you can see "4", after FULL UPLOADING,
but you cann't see UPLOADING PROGRESS.
Because async = false.

Ok. After undedstanding this,
I want to tell you that
then, using that code, I changed the link to the link of my uploadable folder on HFS:
Quote
  xhr.open( "POST", "http://127.0.0.1:80/My_folder_for_upload/", false);
And got status OK, BUT after uploading. As you can see, async = false.

But... After trying to see progress, I changed async - to true:
Quote
  xhr.open( "POST", "http://127.0.0.1:80/My_folder_for_upload/", true);
And got 405 ERROR - method not allowed. No any progress. And no async=true working.

And, as I said earlier:
Quote
This all not working, if async = false, and need async = true ;)

Also, I tested this ะก# code:
Quote
client.DownloadDataAsync(new Uri(address));
And this working with HFS local URL's. Hm...

17
HTML & templates / Re: Chat for HFS.
« on: March 01, 2019, 10:16:01 AM »
i don't think the async is the problem: indeed the server has no way to distinguish it, it's totally a client matter.
The problem, getting a 405, is surely a cross-domain request.

Anyway, in your jsfiddle points to a php file, so i don't see how HFS can be involved.
rojetto, I enabled CORS in browser, so this is not cross-domain problem.

As you can see, from that jsfiddle-code, the string:
Quote
xhr.open( "POST", "https://zinoui.com/demo/progress-bar/upload.php", true );
means: send, the POST-query with file, to the URL: https://zinoui.com/demo/progress-bar/upload.php, with async = true;
because syntax for XHR is
Quote
XMLHttpRequest.open(method, url, async)
When acync = true;
The event function:
Quote
xhr.upload.onprogress = updateProgress;
is working,
and you can see the progress status (changing percentage)...

But HFS not supporting async = true, and cann't give the progress status for uploading...

If I change the URL https://zinoui.com/demo/progress-bar/upload.php
to http://127.0.0.1:80/HFS_uploadable_folder/
I can upload the files to HFS only with async = false,
and in this case, I can give only status on finishing the upload:
xhr.upload.onload or xhr.upload.onloadend,
but not xhr.upload.onprogress (when async = false)...

So I cann't see THE PROGRESS of uploading when async = false.

If HFS will supporting the uploading with async = true,
I can see the uploading status onprogress,
and also, I can use wget, Aria2, for example,
or this c# method: https://docs.microsoft.com/en-us/dotnet/api/system.net.webclient.downloadfileasync?view=netframework-4.7.2
and many others...
This all not working, if async = false, and need async = true ;)

18
Bug reports / Re: Exploits
« on: February 27, 2019, 04:11:12 PM »
What is this: https://www.exploit-db.com/exploits/39161
Is this fixed? How to fix this?

19
HTML & templates / Re: Chat for HFS.
« on: January 25, 2019, 02:16:41 PM »
I just try to upload the file on HFS upload folder, and upload this file - using XHR-query, with enabled async.
XMLHttpRequest.open(method, url, async)
XMLHttpRequest.open(method, url, true)
And I see: Invalid HTTP status code 405
When async is false file uploading working good.

Do you planning to add support for async uploading?
Without async uploading, I cann't see uploading-progress, using xhr.upload.onprogress
like here: http://jsfiddle.net/pthoty2e/

20
HTML & templates / Re: Chat for HFS.
« on: January 20, 2019, 03:16:41 PM »
http://file2hd.com
This using server side software, not client-side.
Also, this not supporting the DataURL, like this:

Code: [Select]
data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBxISEhUTEhIWFRUWGRYZFxgXFxUYFhYVFRUXFxcXFxUYHSggGB0lGxcVITEhJSkrLi4uFx8zODMtNygtLisBCgoKDg0OGxAQGy4lICUtLS0tLS0tLS0tLS0tLS0tLS0tLS0vLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLf/AABEIAPEA0QMBIgACEQEDEQH/xAAcAAABBQEBAQAAAAAAAAAAAAAFAAIDBAYBBwj/xAA7EAABAwIFAgUDAwMDAwQDAAABAAIRAyEEBRIxQVFhBiJxgZETMqGxwfAUQtEjcuEzUvEVQ2LCBxYk/8QAGQEAAgMBAAAAAAAAAAAAAAAAAAMBAgQF/8QAKBEAAgICAgEEAQQDAAAAAAAAAAECAxEhEjFBBBMiUTIUM2FxUoGR/9oADAMBAAIRAxEAPwAScx1tIERtaVCoiGsaSBbeyoVcW4kwSBxsscfT1y2mWhLi8oJpKtgKhcDJm/7KystkeMmkanXCS9ybxk5UZII6rPZzT02HBH6I5XxIYQCDfpCDYprsRV+nTaS4kemy3028oty8CraeMko+QdhMRpMWgm56IhTxAJ8j4PbeFoKfgumxrRVeS47lv7SuVPBxaC/Du+paSx3/AFA0bkDY8Wmbq3v1/ZX2LPoDM3CsVarmiWbqjXq6CAQQT+I6qWnXkQZnqqytfcdoWsZ2EsHn9UfcC0Wuj2XeJi7d3ZZLGUiKbupFgNh/yqWHwdVrQeNzuq+45Id7cfDPXMBnzCVoMJmbHLxHCV3zyOnojeHzdzGi9ir+40V9s9gbUDl0UQeFhsn8R7A2J/QLY5Xjw9u+6YpJrJSUWid2HUTsOiTGSl9NWKgz6ChrMCKVmwqgZJUMAc2h2UppBEmYVcqYdAFJlAdE8YUdFYZThSgKQKZwY6KN2EHREoXfpoAF/wBKEkU+ikgDwR9N73DU0gbGEsZpDQ0GSD77FEEMx1Egl3BP7LlVWuD/AIN0fTYi0+zuErhrXXE8DrZV6tQuJPVMUlBzQfMJCiySlJtFpUydaj9EaM+EWNNcvJgUmlxPA1eUT8n4QPEOhriOiKeEnFrar3GQ8MaepEu/wtarcKpJmaucpWLJrWV4BAuDykWeUFlTS/v0/kKtg6btiZkiOwRQ4LygCNXW6wG+yxQWWBs6wDcUGh2ltVu1U7EdHLGVsPUpPLHt8wN+kG4I9oK3GKb5XCYsRPRC3Yb69MU6hDaoEU6jRcn/ALX7gAp9U2teDNbRncdAenSsZ9k4SBcmOidToGnqa/yuESDMzspm15aQ3STe3PTb1WxSh9GeSlBdlc0S67U5oLQCWk/5Cbh3vDtIMOBkiFP/AOsmS0tbIP7K0o+EEZayyzga8nWR6DotBkeZuDoJMArM0M0bqGprdPMfsjAxFKJpvF+FVpxLZjI9ZyvFB7Re6vwvLMkz8tcGk+UR7k916Ng8WHtEFOTyJawdxjrIfRqElX6w1FNo4ODKkgnpusk50qUUU2rpaC5xDWjckwPlAEICfpCG1/EWFb/7mr/Y1zv0CrYbxXhqr9DHEu6FpB/IVconDDehd0rtJ0qcNViCskrX01xAHgrnACTsmMqtdYEFOc0EQdlUwzQKjgNo/wALinaJ69UNHExYdULqv1EnqiWMpgtJIuBZCk6mtWSwzH6qaawnvJUNE1LuBbFh3C0ORYcihW0ydIaR3I1T+oQlaXwzSLmvY22th9JkAErfd+2zNT+4ixhMS95ADOgMcI1SqvaA0U3SOTss3hq7qbhB2N47I9g85pO8rnw68zC5Rpvoz8o9ixb3GNTY39/lC67HaibtHaINtiRv68K9muYNEGDseiz2aZqSAGeUWvyZPI6JkAphKMXktVGGvR1ubFZljqvqABsRyIQOmabnjTFN433if5wjGTudTL3uBjVt1DrFDMww4bVNMNDjqgdwNvfZOjPeGQ029EOc1Xim7yEOYZ1t56e25juomn6tOnUAh+mHSLEHuiLvq6G0w7ci29pE/wA7qvmGIb9Z9O2ltOYBEBwNgTz6BNjJsXOONABwOkNBM6jNuJse6s55iCxzKbXADyieSYEk9Ln8q3mdZxLRADxTaeh1EQY9/wBFHppV3Na8RU0NMi8HZx9oTc6TFqPgLUcF9NoOuYBJk8gSjHh3xrUaDMBogRqt/LIVgsAw0z/quIEyDxAi6oVvuLKdNt5EkQBJmT7BKVgx15PXMj8YUH/fUa3pcX6n+cBFx4twmrS2oHuiYYC4x7Lx3L8lY0B1cySZawQCbdOB6ou2o4tLGN+nT4DANu5BkqXe+kiPZXlm4zXxg4WphrO7vM71gWHus5WxtWuZMvPV5n3ANh7BQ5ZhGNgAifW5+URrUi24bPqP34SZSlLtjYqK6RWc54HnkdLH9lf8NN+pXbsXAyDFwOUBx2MOk6gQOYJlvex2W9//ABzgf9M1jzZvpyborj8lgix/F5NP9FdaxWXNUZC3mMZpSTkkAfOOPrkeXqFTw9YtM7qfMvuHooHubpAA83JXOop5vPg3epslGSSYsRXLzOyYxhOwlSUMMXiRFuqMZRg2z5gCYvv1WuXCn5YMTbbyyLLMn1XqhwgjynZwhEcU17KYFAEOD2hoG7hcn8q690AnooqGJa5wiZFx6hZbr+Wo9Gz0sItZZncy1UywuBECb9t5UH/7CKcEU9Tj8EdQVPnzi95Y6SRIMRPmM26o5lmR06dAaixwJBDjPextY/4S63BfkjYBKIqYgglwEbA23vARD+k0scHcc9CdlLWeC5ugRFk2tW1NGuYk3sduoF4kH5V5Sg38VgpMYa7dMG9txuHAXt1UGNxzBpqsaBLBBiSSfKI7z8SqWJr6ySw6NRn/ALgTGzDb1PouYxn1qcah5XwCD/aQQXD4smKKZmbaeipj89dJp04lzg0P9RAAH6n0RTB+H2UmEvO93GZdLCIg8RJss7k2Vh2JiJ0l7p/2QQPW4+FstYcXMc6GQTYGdDjz3Ljt0CvL49FVvbAD36WySCXSBFyBwBzzvsoamVkD67IDms1GO5u2O0opmFJjS0NcCWtdMW6ltvef/CI5PROg0nwDDTq4OoTPsSSqcsbROAdg2sIDw4i3nbI3b5r+6cylFeXC5gjuDPCA43DfQrvEk2gT/d9vtPPqFocNjmtaNbQABbl5A5+SicWTGWewpXc5h1EajsdoHJj+cIhhC541AyLeV1iPRQUntfSMm8TccHb1VPC1yx39w7hpj0IhUjnBMjRsoA2vbcG/vdUcTVqUXWnQdiCSAekcBXqT9bQQZHYkEek/om4lh0kGXNI6eYdyBz3CssMqC2MdiqzaTQZLh125/kr2fLME2hSbTbs0fJ5WY8CeHm0h9dw85+3sFrXOWiqGNiLZ5eBxKjckCkU8UNSTtKSAPmnMvuHoqrGE7CUUxNAOG14tuqWHd9N51dIt7LL6T8X/AGavV/kv6CeWUA1wEzJ59FqsE1jfMXCSNrLP4FzZEi82RNZb/wBxi6a1ZLDKuPqn7QJ1Shb3saYIDX8mTPx8Ijh3SC99y027fCpVcvp1qjna3Am8QOAAkm2mMYp8XkE4CmX1WkzoudfcHa60WZYvV5QBpI3B2ItsljjTpsAcIDWnSdhPSepVDAgVZLIkbnT/APaL/KkeDzj3nUPvayBI3Frq5TaYgNuR9wJ5vBCvYbCU3NeJaeDp49VDimOYANB7EFrmwOxvKvAXMquaxrXNcAHaTsPKDFi0gnSf1WafjXMcWNENLWtcHbWIOsRcf8rcHDtxFJwEte0eYBrRIiNhYLznMKJFQtD5EwDbiy11peTJY2ujd5WWMph7BvP5iSfVAMrrVK+JJEw03Hq6B+VqfD2E/wD5w03kG+3EITkDdNWsJiHAgwJ6S1UUsJl2slnH4e41iNTgIFgYIbJ6C26nxmO0P0CxEw0dXCQT22HseqTmasQYmGgENO4/5n9VCa4qYwU26XFty7mWdTxGyjPkPALzjL2muBUe5x0gmP8AuPV3UuJV3D4ZjjYO8sCDyOCTuRP6+6F+Kc2JrubTNha5tqmLAXtt0RPIamtk+YjbQ2znP/3c254Cu0+OWUTWdGjyxtXYtHo2NuCRx6SrGaYFxFn6T8kejBv+FRw9YnU1n+mAJIaNztd/Mdk/CYmCASZ3IkH8pXkuVW5x9F2gmo8jedLAfSxM+qv1MwMgspGSR/ceTExEcpuLwDKnnDZcNibEe6LeE8EalRrHQQCN44v8q0Xl6IbSR6pgqemm0dAB+FJC6xkCyRC3mI5C4uSuhACSToXEAfOOL+x3ohTGEmwJRXF/Y70VfL6JHmtBH7pNFbrWGWlOUnlhfAMbIJdBBsOtkTQPLg7UNRBvaOiOLDf+4xlKm5fBg6jgyZmW3+Veo0w0AdFx9YAhpmTsu1arWiXODR1KSdGMFHoVYgNJIBAvGll/cNkeqZjMQxkfSgiJIBkN9UOzPNWNH3QINuXeiCOx1epIoU5B5daW89eU2upzeEKn6iMZcWaLKsbTGol7hcHyERzuBupcVnWG1Wq6nHcaSXCLcSs5Ryio6XvDmtY0zHWJ/ZEPDmBacOx4aNT5cSb7uMD4hEEF1qjphrLMzw2vcNcRbie/ZUcz8M/VxLajAAz7jG+826rL1m062NDWGNMtI2AgGbne61OSYl2HqMpF0sqSGgn7XDgdAR+idJuKQiNkZML1KcWMNgfmZ35QAU6bHapl08R8D+cI/nZLRqgenWRygzSHyQbkX7x+ggquxrIMrLwXvHM6RHEQG/In3VjwlhX6TUcBJJM9TqJdPvxPC5hcKdNjBkWGwna/oSjWTYKWgNkNb7A+ihvQdnmOYUH1MY/WDqc4SIE36AbLW5flIw4LzThrhEvJGlvpvJKM4/B4SnXNatUaxwHLw0n2lW6uaYSuAxhbFokiN/ymc3JLWhfFJgWhiaTZa2Y6eb5BtPooMRh6c6wI8wIMWJI3vuUcZlVPcUwTtMjbsXKvi6IAcHfB2HAsN/ZVTwyzWStgcQ0sOovtMahpcQOQGo54Kxs4hrQbR3PySszhsO6k4vazeAIMggb2OyOZHWbQxTKhMNeR0G/VWjhTTKS3FnstI23TilRIIBGxTitxkI4SDVIuIIGpJySkD5za4HYgoXiiQ8wVay37T6qZ+GYTJF/UpVdfBYJCGXvO2mQSL9LIlpcft0z/APIwFRyUE1CD9gbJHMz/AIUuPzGnTcbGJjbssFsXKxpGj00lGTz9Fh0bmLcoJneJ1j6bYJ1CIuTboqNfxQHOexskOs0kQW26Ip4cygVgarqhDg4RAFo/VR7SUW5aZqlPn8Y9PtgqjhKdJrtfndu3Ubt7Aeqs0K40h1m/hGMVkrajHkNGpoMEudv12WfrYKsPJ5YHJBLfxBlRWlJ/J4JadcEorJtcuaH03DcOAHrZZig5+Ce6jVaRScdTHX0iTtJ2VFtSpQ0htbVN4HHZFsPn7y0MqtFRt5a4Q4X4OyiPZW6pT2yFlTDNe+sCwF+7tQNuYCzmJzsVsXQ+nOllRt+pm61oy7L6zp+kAReLRPss54oNJj6baVJrSDbSI/K0xlF68mf2XDfg3uckOZAIknnseyz2z3Dm/SIPE9VYyzFEsBdckDdS16JBBJ3n32hZ4SwzTKAsDSMAOJNxBG42ADgi+e5h9FtOiw6X1JA7BouUNwNTSO8+3ss94gxFbFYllTD+Y0B9u0yfMPWyZH5T2Ummo6B/i2iwCm0tJc4uLqhkydNhHqtFleUU3YRocCXabyIAEWubyoH4/C1Q0YkaC0h2ioCIcO/ISzLPTWaaGCaXF9i+Dpa3mOpWjlmPEyKL5ZB2T5tXw7AdReySBMnbvuin/rIqkSRc7TF/WDHsiuE8Oijhm03XI3JvJKz2MyJpOn7YuNJMg9pSW4ts0paNA0f3Agk2AG1uT34TqrJA1EdBA+2O6A+G8xLXOoOdMTBP3D1JFyj0eSCTItOx/nZVawwPT/CWZB9MNIMtt1B77rRrzjwPU82m/sY+QvQ2Bbq5co5Mk1xeB0JJEriuUHJJq4gD5xw9HQImVMkkk2XRreGSWsDXg6Y3O6bjMnFR5cXkTxG1oUeF+9vqjCwytfNyiaPTwjKTTBrMtpnbQI/7WAfN91pMopBlLSOTMxG0qrQy7Rewbub/ALlV8djnsJbS2BEXpkRHUuVJTlPs3xhGPQQxgaQSHgQDYRf1WZzWiKpAZUGof26ot1/RUs1weMxJGhmhoBDnB7SBPJgq3lHhGaf+uRU6SfzZWdTUVJkKxOTiVsPhdG959OFadS1W37TH5KKuyMNadLGtgcW269VSdhHNGo7e3/lRAmZSbRY37f8Ax7oVUwZc7V0NuyNOqBxgA9CYHPopGYLybXv/ACEzkl12LUW++iLAk7HhF23A7IPhA8uIaCY6D90TbUiA4EHof8qigyzmitinFpjr+hWeysmjiC5pOl5+Y7I7jDqdt29e4UNTL5YHReZ/5UqWNPyDSayglj84ZYPotfaTqAMe8KOjn4Z/0qVNvFrHbpZUxIjyl21t+bQDv1tdcrYdoBIAkHYjf/4i8q6ilpi28k2P8RF9nBwd0DQNQ5EndU2Yxo80+Y20yJCa3Dv1tD2gtP2mLAngA/yyPZb4fY2XOFzeDx7fCs2kL2Zytlj3NNbS5rhc9D6Qfyj2W1PqUgTGwO4na5WgbgmBh0gRB9D2M7LE4Cr9Oo5oaQJMBxMCdoPCjtEG78Hu/wBUS4z1Fvlen0xZeZ+DMPFUXj8zPdemU1rp/Ez2/kPhchdlclNFChJJJSB85rqsYRrDZwMk2UeIYA4gbLmVWSjF4WSS/ha7XcAHjaVLXpahEkeiGPY5hHXcIlhnktBO5Spy5SyaPTSUZPP0UsXmFaNGg6HCHSCRHum5dlrQfqWMiNMCB/IWjp4ek8GxjY7hROy8izAA3iT/AJVDoRkpdMq4eARpaN9gN/hFcPXJsWOb30kN+U6nlhF6tXSd2idUjsFdpfRaLtc93LjDQfi6kkldl7CJdJt/LcrNZjTwJeW6ofbZxEGB/bK0YpCs12uYFgASLHi26E4zC0w4gYeRa4txvJV4C3JSWmBnYaoHOdR0vbwBv3mVYpU3OA+o0tJFx+ydTwUHUBpnbzaQf8qxRk7gj1/yq2pvoE1jBlsRmFbBTTZSFRr3y1xJkA7s9ei2VNpLQSItN7xyq+Jy76rYcQCILDvDhsh+WYzFV3PYWhgb5XvPMWIYOpWmEuSy/BTlxeP+DKea/wBU3SymWgO+90QWDoOCVbqBrLOIA2vt2VylgmsGlggDt+iixxGmDSL/AObwss5cpDsvGwFUqM16C6Qdr3mZsVLjMKZBF/gkHgmDdFcNiKJ0sfR0aj/eBHsbwjAy9gb5dvY/qmp5ESMZXx7qTW/Wp6zNnDe1xbqimE8SUakDSZ+PlE8ZhwW6XxB2OkG/uspjMtcypIg2s5lxHR9M+YeolMUci29m4+sDTJuJG/qsXmdItc187EAy1xn4C0eVFxpR22m3yr+W5YKz9JbIO+1kQTyEmkgx4Lwxc36huDEWII9itqwqnluBFNgaOFdhbox4rBjby8nZSTJXVYgdK4uJKSDwJ2DIcACYPMbK0/CgtAnbmLlEf6F/b5UFRukwdwuTXZjT68klejQ0i51eoU7GSQALnYBSUcO5wkQkHOpkgQDEHn4PB7qbK8LmumBfwv02eUvJcdgBb3M2VlA2uIMjcIlhHvN3ER7JJqoujBNM62s9xE0zAO9zH4VttJxEhsgfceR3Z1KsYKo2C0/3GFYcY8lP7he/HcE83QO/VQ/k5l7CxlwY3BdZzhzI4V+mxtRokfwKph6b4IcZJ2kyn06jmnT0/e6vAU7q0moIqYvKwZMHnf8AZUzTDBEEx3R9ji6x/kplbB8R+60KCeysLH/syubY6oGgU2hp6m59lH4fD6bSKo1SZn1M3WkdgATcC23wpaWBnhM5LoN9lGpRBbqaVQ/piSRDhf1HcLTswDW9gmamToaB5rSevCXKtMtGxoFUcIYIe0O5jfUOvdDHuNN00j5Tu03HsilPEEO3IB+Wnr7FQ47Bl0us0zeNpmQ4dj+JVFFLoY5FB2LnyPGk8HdhP6t/KG582GAxB46x0kfqEb/ppBa5oPXoe/Y9wr2CyMubAbqYeHXIPqrJN9FW0uzNeH8e9zdD2yT/AD+SvSvD2WBjQ4/cbg+qiyfw1TouDonseO3daJrBHZaqq8bZnsny0h4XHBIFIlOEjYXJTioygB6SZKSCTzJcLB0HwFVwmLmztybWVtIsoU3kBBoGwhQ4jDhw6d4T67oaSOAuYZ5LQTuf8rPZ6dxXx2AOoUTqEtMT0siDHnUW6YA54Uy4kOuaWWi0Em8M6Cu6jvJ+U1JLNHs1f5l3B1tIe4mbQAT+QuU8WI1GJ6Eqm5QOWh2c2tFK6lNN5CwxvQge6s0sxIG/7lAaG3dWA6AJV+WEM48dBtuYN5CfUx4ItZZ1+JsYCgp4w2j+FTnJCRotZNiSqj6R1WOxlDG4twkci/qphipMyoksluWAhi2NJmR5hPud/wAyosO8EaZlwNh1HLT2iVTxIJa0zs4x7iR+6ky6gTUBG8q0YLJVzeDUZdlDDe97jqOy0GHoBogKDBtgBW2la4xS6M0pNjgkVyUpViuTjmrgK7K7CkDiUJwCSAGaF1OlJAHiOVshw82q/wCyOLO5DuP937LRKCREJAKSg0FwB5KuV8EI8gv3PCAB6SlZp0mZ1cK3hsK1zQSL+vdQ0msMCpTqgNIiZ56KTAxqvEQd/ZXP6JnQ/JVatgjPlFvVK/T1/QFcfd7p9V7Z0wPVO/pHi9rd0GzbFOY8A8i9vhKsoS3EbVNp4Rbp8p9Z0Mnoh2HxZ0ySOUyrmgI0i6qkmtmiXZb1iBJiVUdRLXS02P4UNavqaT0TsDiPKQd4lVRVPBb3E8hOYO6o4Wo4PuJCstMyAp8kMm/qoBaeC2PckI14ZYXPk8INhaNiHX2/BC03hmnJTYLYqfRraBspQVHSapFpFM6CnLgC6rFRLoTSkCoJHLspsrqAEkkkgDwbJq+mo1vV2/Sy1AK8/wAsxo1N1m88Dstrl2Ia5oA6dO6gkJ4bEBv9s90QpVwQDIHaUHSQBNiKYabGZVrA4gRpNo5nuh6SADqSG08a6RMRzbhXKWIa4wP0QBMsf4io31T1t7rXP2KAZ3hC8dABdUs/Fkx7MVXxb3NgfhEsJhYaJ3gXVX+nAcQON0QY+Gk/CyZaWjSlhaJ8NSGkyU8gNLD1EKi6vFOT1Ur8W3TvdCTIzgJMc0TC7Rpwbcoc7FN06gVYpYjU2xVuIZyEHYhsGN9lq/ClHyyVidbW7m/7rceFqvkBTalsXPo07QukJtN8qRPEsYuFycVwtViBupKUtKUKCR67KYuEqQH6klGkgD5+zPwriKLNbYeZ2aRP4JUmWVKtMDU1wMQRJtfqt1jKIaQB0VGphWkyZk91UkpYfGFouCfUq3hsVrMRCX9Czv8AKbh8OWvJ/ti1/RAFpJJJACXWuI2MLiSAClCvrabRChqiQREyq+HqkWGx3VxjwLlQ1lYYGOzSiGOjmR2VV1QAGTYIl4iwhMv2AKw+NzYNa5sydkl1b0OjNJYLWbYsu0gGATx0UlSkfKZtMINg3OeRAJjZaTD4B7mt1D4VHLBdLI6ngzBnYqzhMteyb+g/dWRhnSBMQN1dw4Np3VeZPEq0MvdI1FeheG4ayFkGVhPUrV5C2WymUvYuxaNFTqK02rZU6LFYDFpyIZJqTg9Q6V1SQS6lwlMCSgk6XLicAkpA5CSckoAxOMaNDjF4QpGqjAQQdih9XBOk6Rbi6gkqJLq4gBJJJIASSSSAHU9wrVRwjdU3bKIPIuEAczmjrpOb6/ovNsN4emoQ6fdej1cQ7t8IdWp3mEuzoZX2D8BlrKLbCSibWwxom5MpjBv2UVW6xORrZKCSYlSgARuqDK4BlE6R1bKMlceSxRotNwIK1/h6nDFj2SLra+G70wU/0/Yq1YQaphPCilPatZmySBJcBSUoGOAXQE2V0IA6uhchOCAFCS6kpIMYkkkqlgGVxJJACSSSQAkkkkAJ2ygcuJIAiqKCvskkl2dDK+yKnsVE/ZJJYJdmtld3CI5fukkpl0R4CbVr/Df/AEgupLR6fyJu6QVT2rqS2IyscF1cSUIlnU9iSSAHJJJIA6kkkpA//9k=

21
HTML & templates / Re: Chat for HFS.
« on: January 18, 2019, 11:05:58 AM »
I already did this Javascript-canvas-captcha: https://jsfiddle.net/jnrb69gz/1/
Here is my example for uploading files to HFS uploadable folder. Attachment1. [HFS_UPLOADING+fractals.zip]


Also, I think, the script for uploading files for HFS,
must be published in the separate thread!


1. I did this multiuploading form with preview: https://codepen.io/anon/pen/JwemBb
Just select files with pictures.
But... There is multi-uploading and selecting files working by click button.

2. Here: http://jsfiddle.net/tohan/jtaevhoj/
you can see Drop Zone, and there is allowed "drag and drop" many files.
In the last example, you can see progress-bar.

3. I did combine this all to one clickable drop-zone: http://jsfiddle.net/se0bcvth/
Now this is clickable, and progress-bar - added.
But... There is no available the copy and paste...

4. Here: http://jsfiddle.net/protasovams/v7naLkbk/
You can see contenteditable div, and there is allowed copy and paste text, HTML, and pictures!

5. Here: https://pqina.nl/filepond/
You can see uploading files, using CRTL+V (but only one file).

So... Can anyone help me to combine this all to for multiuploading?
I want to do this:
1. Selecting many files for uploading by clicking the button.
2. Selecting many files for uploading by "drag and drop" in drop-zone.
3. Add the files for uploading, with random filename, when puctures was been pasted,
after press Print Screen button or copying this as image from HTML (right click -> copy as image).
4. Add image, as file for uploading, with random filename (+ preview),
    if dataURL or base64 was been pasted in contenteditable DIV.
5. Copy and paste the files, using CTRL+V keys, to selecting this for uploading on HFS.
6. Locally working script, client-side, without remote libraries, like JQUERY, or bootstrap.css, etc (or existing this files on localhost).

Can anyone help me to realize this all in one script?

22
HTML & templates / Re: Chat for HFS.
« on: December 22, 2018, 01:56:32 AM »
Google capcha.
This need Internet, and reCaptcha not working in LAN.

I guess it could be done using a macro that calls a command-line utility that generates a captcha. But it will be complex (at least for me, it's beyond my knowledge and time).
I already did this Javascript-canvas-captcha: https://jsfiddle.net/jnrb69gz/1/
Also, I saw drag and drop captcha's with JQuery:
Here: http://jsfiddle.net/wfMLe/2/
and here: https://codepen.io/terasol/pen/gBQWpB

This may to allow the upload steganography pictures
to uploadable folder in HFS
without spam,
and host nanoboard on onion domain, in TOR.

Here is my example for uploading files to HFS uploadable folder. Attachment1.
See the code and comments in the source code.
And if you have any questions, just ask me here, In This Thread.

Attachment2, filelist.zip - contains filelist.tpl to return the clickable links,
by URL: http://IP:port/upload_files/UPLOADED_FILES/?search=*.png
and the PNG-pictures (containers) from this clickable links - is parsed by nanoboard soft.
So any HFS can host the nanoboard in the TOR, as thread with containers, by onion URL.
This file just need to put near HFS.exe - to get response with clickable links, and then this response is parsing good.

23
Bug reports / Re: invalid link
« on: December 05, 2018, 02:29:22 AM »
Solved!
Found solve in this thread: http://rejetto.com/forum/index.php?topic=4049.0
and here: http://www.rejetto.com/wiki/index.php/HFS:_URL_parameters
Quote
~files.lst
inserts HTML from filelist.tpl if exists in hfs.exe folder, otherwise produces ASCII file list of the requested folder

To get list with URLs:
1. Create filelist.tpl
2. Write this code there:
Code: [Select]
%files%

[files]
<playlist version="1" xmlns="http://xspf.org/ns/0/">
<trackList>
%list%
</trackList>
</playlist>

[file]
<track>
<a href="http://%host%%encoded-folder%%item-url%">http://%host%%encoded-folder%%item-url%</a><br>
</track>
3. Run HFS, add folder with files there (if still not added).
4. Go to http://IP:PORT/folder/?search=.png&rev=1&sort=t
Now there is links lists with full path in the href.
Fullpath URL is the main path to file on the server.
And no any relative pathes in response links.

Best regards.

24
Bug reports / invalid link
« on: December 04, 2018, 08:33:24 PM »
Need to add fullpath to the link, because path not full, relative and invalid.

1. Run HFS server.
2. Add some "folder" with files there.
3. Go to http://IP:PORT/folder/ - there is the files inside the folder.
4. Open the source code of HTML-page with that response:
and see this:
Code: [Select]
<a href="file1.txt"><img src="/~img47"> file1.txt</a>"file1.txt" - this is relative path for http://IP:PORT/folder/ where this page is generated, and this is - incorrect link.

Need to insert there fullpath:
Code: [Select]
<a href="http://IP:PORT/folder/file1.txt"> file1.txt </a>
HOW TO DO THIS?
I don't know syntax of macroses...

P.S.: I did add there an index.html with the links to all files,
and this seems good with fullpathes... But this is not dynamic page...

25
HTML & templates / Re: Chat for HFS.
« on: December 02, 2018, 08:19:33 PM »
Is there possible
to using any captcha
when some random user
do uploading the files
to UPLOAD folder??

26
HTML & templates / Re: Simple contact template
« on: July 26, 2018, 06:27:12 AM »
Wow, you make email form template!
I did try this, but I cann't access to HFS now.  ;D
There is only form when I try to go on my server and no access to the files. Can you fix this?
I see this as separate link "Contact to admin", in standart HFS template.

Also, I did try to using EML version, and I saw this errors:
Quote
Requested GET /
Upload failed, Not allowed: New-Message-2018.07.26-at-08.38.03.eml
Requested POST /
This because message try to upload to the root directory on the server.
So need to re-write path as specified folder, which was been opened for uploads:
Code: (javascript) [Select]
request.open("POST", "./contacts/");  //Try to upload file to "contacts" folder, using POST query
//Before using this, enable "uploads for anyone": HFS -> folder -> Right click -> Properties... -> Permissions -> Upload -> Anyone -> OK.

You can add this description in your code, and add to the first post - the info about this string at line 155.
Because there is only dot and slash, and no anyone newbie cann't understand...

text messages uploading v0.1b working too. But need to write pathway in the string:
Code: [Select]
request.open("POST", "./contacts/");  //at first, enable uploads in "contacts"
Also, macro-method v0.1a is working.
I see in the root directory on HFS server the file "Private-Message-2018.07.26-at-09.07.42.txt"
I see GET link: "/?NameA=test&MailA=test@test.test&SubjectA=test&MessageA=test+test+test&SubmitMessage="
so GET-method using here. I did try to go by this link again, and I see another file with this message.
And no need to open root folder for uploads in this case.
But how to set the folder "/contacts", I don't understand...
I see there is variable %folder%:
Code: [Select]
{.save|%folder%Private-Message-{.time|yyyy.mm.dd'-at-'hh.nn.ss.}.txt|
Best regards.

27
HTML & templates / Re: private messenger chat
« on: July 26, 2018, 05:35:10 AM »
I did try to using all versions.
Versions V4.5 and V4.6 not have chat.htm in archive.

Only v2.4 working (from chatneu folder inside):
1. Unzip v2.4.
2. add chatneu folder to HFS as real folder.
3. go to http://IP:port/chatneu/chat.htm
4. name: user, text: "test from user".
Now I can check chat.txt file content, in the added folder "chatneu".

Test public chat:
1. Go from another computer to http://IP:port/chatneu/chat.htm
2. User: testuser, see messages from user.
3. text: "test from testuser".
User and testuser see this. OK.

But in this template I see an "..."-error.

Test private messages:
1. Name: user -> to testuser; text -> "test private message from user to testuser"
2. user see this message, testuser see "..."
3. Response from testuser: test -> "Do not see your message, user!"
4. testuser see his message, user see "..."
Chat history for user:
Quote
26.07.2018 19:48:30 --- testuser>> ...
26.07.2018 19:47:47 ---  user>>testuser test private message from user to testuser
26.07.2018 19:46:35 --- testuser> test from testuser
26.07.2018 19:46:26 --- testuser hat den Chat betreten.
26.07.2018 19:45:21 ---  user> test from user
26.07.2018 19:44:57 --- user hat den Chat betreten.

Chat history for testuser:
Quote
26.07.2018 19:48:30 --- testuser>>user Do not see your message, user!
26.07.2018 19:47:47 --- user>> ...
26.07.2018 19:46:35 --- testuser> test from testuser
26.07.2018 19:46:26 --- testuser hat den Chat betreten.
26.07.2018 19:45:21 --- user> test from user
26.07.2018 19:44:57 --- user hat den Chat betreten.

chat.txt content in chatneu folder:
Quote
26.07.2018 19:39:38 --- <b>testuser</b>&gt;  <span style="color:#000000">Do not see your message, user!</span><br>
 26.07.2018 19:38:46 --- <b>user</b>&gt; >testuser <span style="color:#000000">testing testuser</span><br>
 26.07.2018 19:38:09 --- <b>testuser</b>&gt;  <span style="color:#000000">test message from testuser</span><br>
 26.07.2018 19:37:59 --- <i> testuser hat den Chat betreten.</i><br>
 26.07.2018 19:37:20 --- <b>user</b>&gt;  <span style="color:#000000">test</span><br>
 26.07.2018 19:36:55 --- <i> user hat den Chat betreten.</i><br>

As you can see, when one user write to another user the private message,
this user can see this message, but another user saw "...".
Message not displaying for another user and users cann't read private messages,
but in file chat.txt this data is exists.

I see chat.htm in v3.1, but there is no any TO field, and old chat.htm not working
(cann't fill name and don't see prompt to do this.)
Can anyone fix this?

Also, How to using another versions with chat.htm? This file no found there...
Is this possible?

P.S.:
First idea that I have to display private message - download using XHR,
the file chat.txt from "chatneu" folder, and parse this file on client side using JS.
But in this case anyone can read private messages.

So this can be encrypted by assymetric encryption, using JS NaCl (like toxcore),
and "libsodium" JS library, for example, and saved as hex in the chat.txt.
There can be generated public key by passphrase.
Here you can see static public and secret key from static seed "hello":
Quote
Keypair - from seed (Uint8Array) "hello" in HEX:
Secret key: 9B71D224BD62F3785D96D46AD3EA3D73319BFBC2890CAADAE2DFF72519673CA7
Public key: D8333ECF53DAC465D59F3B03878CEFF88947EEC57C965105A049A0F5F1B7A510
And also you can see there and example of assimetryc encryption and decription.
sha256-hash
from username and password (need to add, then),
can be seed string to generate nacl keypair,
and when username connected to the chat, then he can share his public key to anyone else.
In this case, any user who write to him private message, can do encryption of this message,
using public key of this user. Result can be saved as encrypted hex in chat.txt.
Then, user can do client-side JavaScript decryption of this message,
by using his temporary secret private key.

Best regards.

28
HTML & templates / Re: Chat for HFS.
« on: July 22, 2018, 05:31:34 PM »
Hello again, @LeoNeeson.
I understand what do you mean about signing message in PGPSuite.
You can sign/verify and encrypt/decrypt the small files, this will be base64 encoded, then.
Also you can do signing+encrypt and decrypt+verify. But yeap, I cann't see there, a readable text.

You cann't get only signed message with readable text there, because as you say, there is using another stansard (keybase.io).
For more secure, result not containing open text, and this is encoded or encrypted and added fingerprint + encoding this.

PGPSuite is based on script kbpgp.js (that means, keybase pgp).
To using openPGP, maybe need to write separate OpenPGP.js library.  ::)
But as you say this already exists, and need to integrate and include this.
Maybe this will be easy, but I don't see, in the Internet,
the working HTML-examples, with included openPGP.js:
Quote
OpenPGP.js v1.6.2, v2.6.2 and the latest v3.1.0
and maybe this project for node.js and need server-side module requirements on the node.

And also, at any time, you can yourself do your own fork of this project on github,
download this, rewrite the souce code, and upload new files to your own public branch.

Also, if you want to generate signature only, without encrypting text message (for emailing as example),
and then check signature (verify this message) with leaving readable message - you can using bitcoin signature tool,
for sign and verify readable messages. Other altcoins keys and address - there is available too!
Signing and verify, for not large files, is available there too (as base64 encoded text).

To use this:
1. Generate your own private key, and get address from this key.
For example, I used the message as passphrase to get priv and compressed vertcoin address in next example.
2. Save private key, and address.
3. Sign text or file by private key. You'll see readable message there.
4. Transfer this to someone else, and this can be verified, and will be still readable (if text).

This seems like pgp signature. My example:
Quote
-----BEGIN BITCOIN SIGNED MESSAGE-----
Blah-blah-blah - this is a readable text.
-----BEGIN SIGNATURE-----
VrrZoy5Dc6tPWib4TmchBgkc87mrAJg8Pd
HyVlWz2WoVWuMq6dh5I/MQSHtE2Up/1t1q4JYKPfqSNfZzYENvELoOZ2qBCrjN0TkmYWtITT/GMTcuqub+uEr0U=
-----END BITCOIN SIGNED MESSAGE-----
You can use the text from this message as passphrase in generator tab,
then get private key, and see the address corresponding to this,
but if you will at first, select in right-side list - Vertcoin.
Address will switch to compressed automatically, because Vertcoin have compressed addresses.

This brainwallet, can be hosted in LAN, using HFS! Code is JS+JQuery only. No any server-side software.
If your IP is static, you can tell in email your own permalink to open for your friends the way to verify signature of your messages.
You can also open the port and using static IP, or DDNS, to make this available from Internet.
And of cource you can using TOR + any tor2web services - without using any unstable DDNS services.

Quote
Back about your chat template, perhaps (to implement private rooms) you can take some ideas for inspiration, by looking this project: ZeroBin (where the server has zero knowledge of the stored data). They use URL Hash to exchange a decryption key (the same way Mega.nz does). But it's only an idea or a suggestion, I don't know if it is feasible to implement.
Zerobin seems nice, like jsfiddle.net, codepen.io
and another sites for sharing code notes.
But in the source code this have index.php.
I don't see database, like MySQL, but PHP is a server-side language.
Maybe this can be re-writed as HFS templates using scripting commands, because HFS not working as PHP-server.
I didn't saw intently this code and don't working with this...

URL Hash implies GET-query to the server, and JS can emulate this, like t-addr converter link or permalink in brainwallet,
but JS cann't responce as server and tell any files - because this is client-side language.
Maybe this is possible to using URL Hash, if keep-alive peer connection will be opened,
like this WebRTC file-sharing, for example.
This working in 2 tabs in Chrome (I don't test it in LAN without Internet)...
You can see random ID for each private rooms, p2p connection and peer exchange services (socket.io, or peer.js)
in the source code.

And still... If by using URL Hash, can be created folders on the HFS server,
then can be available opportunity to use this for create folders,
but not temporary folders, because there is no any option for deletion files and folders for anonymous users
(else backdoor for damage any files from anyone).
And maybe private rooms can be realized, using HFS scripting commands, but as separate template or module for this great portable HFS.
I see this option in chat version from DJ (but there is '...' bug).


Hey, Leo!
You no need to buy or hold any Bitcoins to make digital signature with saving readable text.
As I said, you can using open source brainwallet on client-side, to do signature
for your messages and verify signed messages from anyone.
Here you can see the source code: https://github.com/Taiiwo/bitcoin-signature-tool
And as you can see, this have only JS, CSS, and HTML files. And this project was been forked from brainwallet.
And in my brainwallet (source code here)
there is available to using compressed, and uncompressed private keys and addresses, from any another altcoins.
As you can see, to do signature, need the private key (WIF-format). This is base58Check encoded hex value.
To get this, you can using any 32-byte (256 bit) HEXadecimal string,
as secret exponent in generator tab.
You can encode to hex any text or bits using converter.
Also, your private key can be the sha256 hash from any your own key-file. Bitlength sha256 hash is 32 bytes, 256 bits.

That means you can generate yourself this value, and encode this to base58Check,
then using this to sign and get address for this key,
and then you can using this address as identifier for your signed messages.
No need to buy or hold any bitcoins, or altcoins.
No need to download any software, blockchain, no need to connect the nodes, etc...
Just ECDSA used here on client-site (JS, HTML, CSS), and this seems like PGP messages with readable text.

The simple way to understand the sence for using digital signatures,
is the understanding the sence of asymemtric encryption
(public key - encrypt from anyone, private key - for decrypt for owner public key),
and asymmetric signing (sign using private key by owner the public key, and verify by his public key).



29
HTML & templates / Re: Chat for HFS.
« on: July 21, 2018, 06:33:27 PM »
After this all - fix. File - chat.js:
Code: [Select]
line 83: //': ' in message bug - fixed.
//message received.
var nickname = this.responseText.split(': ', 1)[0]; //insert nickname
var message = this.responseText.split(nickname+': ', 2)[1]; //insert message

line 89: //multiply sound elements in HTML code - bug fixed.
//add sound and play this.
if ($("#chatAudio").length) {
$('#chatAudio')[0].play();
} else {
$('body').append($('<audio id="chatAudio"><source src="notify.ogg" type="audio/ogg"><source src="notify.mp3" type="audio/mpeg"><source src="notify.wav" type="audio/wav"></audio>'));
$('#chatAudio')[0].play();
}

line 98: //1000 messages limit with last message in the top - without need scrolling
//display in chat window
var code = '<p>'+'<span>'+nickname+'</span>'+message+'</p>'; //add tags to message
var old_code = document.getElementById('chat-area').innerHTML;
var messages_limit = 1000;
old_code = old_code.split("</p>", messages_limit);
old_code = old_code.join('');
console.log('old_code', old_code);
document.getElementById('chat-area').innerHTML = code+old_code; //display this

Recommend to set messages_limit 100 or 10, because for each message will be working many cycles for largest value.
But if there is many users, they can make a spam, so then need to make this value greather to read needed message.

30
HTML & templates / Re: Chat for HFS.
« on: July 21, 2018, 04:05:03 PM »
Hello, @LeoNeeson! Thanks for your interest and time for test this.
Quote
- (Bug) if we insert ":" in a message, then any text/word after that is not shown.
This because ":" symbol is the delimiter, you can see this in source code and inside the file content.
As you can see in the source code, delimiter is ": " (":+white_space"), so links with https:// is working, for example.
File with message contains next data: "USERNAME,delimiter,message".
This delimiter can be any symbol, or even dynamic delimiter, as the hash from message, for example.  ;D
We can using special unicode characters, like Zero-width space or another symbol, which will be trimmed or cann't be writed.
Just rewrite this strings in chat.js:
Code: [Select]
//message received.
83: var nickname = this.responseText.split(': ')[0]; //insert nickname
84: var message = this.responseText.split(': ')[1]; //insert message
...
131: name+ ': ';
But I fixed this bug, using this code:
Code: [Select]
//message received.
var nickname = this.responseText.split(': ', 1)[0]; //insert nickname
var message = this.responseText.split(nickname+': ', 2)[1]; //insert message

Also, I see another bug - many sounds elements with id="chatAudio" in the source code in html-page in browser.
This was been fixed by code in last message.


If delimiter will be changed, I see another problem. Anyone can uploading any message with custom delimiter,
then not all messages will be available for each user.
Incrementing message nubmer is automatically for each uploading.
As you can see in the source code, each message saved by POST query, as file with one name "message.txt".

Quote
- Automatically scroll-down messages, so we can always see the last posted message.
You can scroll fasly if you press SHIFT button, and click in the end of scroll bar.
But you are right, it can be automatically.
This is client-side software, and you can do with this source code anything, what do you want.

Just using css-code "overflow: scroll" for div element, and Javascript or jquery scrolling functions.
And... I want to say next for you...
When many messages there is exists in textarea, scrolling functions can lagging...
I tested this JQuery method:
Quote
$('#chat-area').animate({ scrollTop: window_height + chat_height }, 'slow', function (){});
So better way to already see last message, will be next... Just invert message filling in textarea!
Code: [Select]
function get_file(number){...
    xhr.onload = function(){
        ...
        //replase this
        //var code = '<p>'+'<span>'+nickname+'</span>'+message+'</p>'; //add tags to message
//document.getElementById('chat-area').innerHTML += code; //display this
        //to this ->
        var code = '<p>'+'<span>'+nickname+'</span>'+message+'</p>'; //add tags to message
document.getElementById('chat-area').innerHTML = code + document.getElementById('chat-area').innerHTML; //display this in top
    }
}
Now, last message you can always see in the top of textarea, without any scrolling.
As you can see all textarea data will be copying every time when this will be filled.
So you can limit this in this step, for example to see last 100, 1000 messages only and not more than.

For example, in last message, I did set limit as 1000 messages, using split html content by '</p>' delimiter with 100 messages limit.
I did test '<p>' and '</p>' tags inside the messages, and I see all tags is closed autumatically in my browser, without any bugs.

Quote
- Show the number of users online, or even better, have a simple online user list.
There is no any signalling about the status "online".
Maybe, to do this, need to create a separate file, and rewrite this when user authorized,
and correct this, if user is not active within some time limit (not wrote any message).
But any rewrition of file will opening the backdoor to do damage this file from anyone.
I think will be better to using another server-side script, implemented to HFS.

Quote
- Save/remember nickname on a cookie, and allow change nickname when clicking on it.
Is HFS working with cookies? I see only 1 cookie file with HFS_SID in my browser settings.
If cookies can be sent, then you can rewrite the souce code and don't ask username in prompt, if cookie is exists.
I wrote this chat as simple and portable IRC-althernative, to working in TOR.
I have .onion domain and this is better than any DDNS. And as I remember, Tor Browser have strength cookies-policy.

Quote
- Add an optional 'Send' button (as a fail-over, for old browsers not detecting when the 'Enter' key is pressed).
This is HTML/JS - coding. You can add this yourself using standard form methods. And post the source code in this thread, then.
In this case javascript functions can be called by methods form onsubmit="function_name()", and onclick="function_name()"
By default, message will be sent after press "enter", according JQuery code
//textarea functions...
in the file chat.js
I don't know what browsers cann't using JQuery, but this can be excluded too.

Quote
- Privacy: If possible, save messages using the epoch Unix Time,
to avoid someone automatically stealing all the messages,
since it's currently searching for "message (2).txt", "message (3).txt", etc.
Nice idea. Seems like private rooms.
But as I said I created this as analogue of public IRC-channel in Local Network.
In IRC you can see private rooms too, but this is a channel, and this need Internet connection.
For example, you can connect here: https://webchat.freenode.net/ to #tox channel with any username,
and do chating online with Tox developers community.
In LAN IRC - not working... And this HFS-chat working in LAN.

If number in filename will be changed, then any random user cann't do loading this simply.
I saw the problem in this, earler, but now...
How I see private rooms implementation?
1. Alice and Bob, select the key and do key exchange using DH.
2. Both calculating hash(from this key).
3. Rewtire "message" prefix (not number) as "hash(from_key)" and save the messages, encrypted by this key.
(For example, can be using AES algoritm to do encryption/decryption message content, and save this as HEX.)
4.
 - No any user must not and cann't download this messages.
 - Admin cann't read this messages (he don't know key for encryption/decryption.)
 - Admin can delete this messages, as admin for files in folder.
 - Bob and Alice can download messages, by simply incremention suffix (number about which you say).

Quote
- Add a private chat mode: when a private chat with some user is started, a new window is opened, and a new -temporal- folder is created on HFS, with a random folder name (for example "TempChat-5560AFHG") so, another users can't guess the folder path and steal or retrieve private chats.
Hehheh... This folder must be uploadable, and only HFS-admin can switch this.
To using security, as I said, Alice and Bob can using encryption/decryption in public chat.
No any user cann't read message without decryption key in this case,
but so many messages can be available in public to download...
If folder not recursively hidden, then any user can see file prefix,
and then save the same files with spam random values,
and in this case, Alice and Bob cann't decrypt this, but will got spam-loading.
So the private rooms, as I said Alice and Bob can using hash of key as prefix for filename with messages.
And in this case loading to server will be lower than in the case with just encrypted messages in public room.

Quote
And when one of the users close your browser, the private chat ends, and the another user gets a message like 'John has closed this chat' (similar as IRC).
Hm... This seems like WebRTC. Peer2Peer connection with random identifier for each private chat-room.
To make p2p connections, need the stun-server, or another relay-server - must be implemented in server-side software for make peers exchange.
To see any status value, need to do signalling between users.
All signals will be go to the server in this case, and as you can see this is HFS server, then signals will be saved AS FILES.
AS MANY-MANY FILES (without deletion, of course)...  :D
So will be better to do peer exchange, and directly data exchange between the peers.
Then will be possible to do video-chat, or voice chat, like VOIP, with lowest server loading.

Quote
And then, we can also automatically delete that temporal folder, when both parts close the window.
You cann't delete the folder, because in this case, this deletion can do anyone then.
But admin can do special permissions for you, as for authorized user.
In this case you must to contact to admin, and do logining to HFS server.

Quote
We can also create a -permanent- private chat (with a folder name like "PermChat-EASY777"), adding a button to make it, so if 2 users know the 'private chat name' (aka: private chat folder name), for example "EASY777", then, they can join the chat anytime without having to post anything on the public chat (that folder stores the messages permanently).
Hm... In this case, you need to be authorized on admin's HFS-server, or download HFS yourself, create folder with your own name,
and rewrite the pathways in HFS_JQuery_chat. Folder must be uploadable.
You can hide this folder! And you can do this - recursivelly hidden! To hide files inside this folder from anyone. Yeap...
But not from sniffers, because XHR using DNS. In TOR this can be secure, because TOR use encryption.

Quote
So basically, we can have a public chat, and a private chat and all without a database or anything special.
As I wrote in the top, this is possible in 1 uploadable folder, if:
1. Messages will be encrypted. (Can be used assymetric cryptography!)
2. Prefix for files will be changed in the source code.
3. Auto-increment for files containing the encrypted messages with this prefix.
And more no need nothing. To use assymetric cryptography can be used JS library, like js-nacl,
RSA, Diffie-Hellman key exchange, etc... You can find this here + BigInteger: https://github.com/username1565

Quote
You can also check the chat made by DJ, here (which can give you some new fresh ideas).
Thanks for your link. I did test this, but private messages in last version not working.
There is "..." for receiver. Template not working for me, in HFS 2.2.

https://rawr.thatstevensguy.com/
I did download Thunderchicken of Glory v4.0.3 and test this.
I see "mini chat" with id="Shoutbox" and the folder "template\shoutbox"
I see there is each message in each file too.
There is IP of user and timestamp in filename, and HTML content inside the file.
This chat is not secure if IP leak to admin, because any admin can be not good, IMHO.

Best regards, and have a nice day.

Pages: 1 2 3