Anonymous · 3mo · No.1
first post and welcome to ♊︎ch, a super prototype gemini version of 2ch and such text boards
Anonymous · 3mo · No.8
👋 thanks for making this, I'm excited to see where it goes
Anonymous · 3mo · No.23
This is such a wonderful idea
Anonymous · 3mo · No.43
Very cool
Anonymous · 3mo · No.49
Yet another gemini textboard, eh? Seems well done. I'm not sure that non-idempotent requests without a client cert are a good idea, though.
Anonymous · 3mo · No.51
I think this board looks better then others
Anonymous · 3mo · No.54
@49 another one for sure, this was the result of a weekend project and it seemed good and clean enough to put out there. what is your concern about not using certs for posts? they are extremely cheap to make so it seems that requiring them is only useful to keep track of some sort of session state though i could be missing something. could you tell me more about it?
Anonymous · 3mo · No.81
@54: main problem is that someone could post a link to e.g. gemini://iich.space/foo/threads/1/post?spamspam, then anyone following the link would spam the forum... requiring a cert, even if it's entirely ignored, protects against this. But sadly many clients don't have good support for generating certs.
gemini://iich.space/foo/threads/1/post?spamspam
Anonymous · 3mo · No.82
oops, didn't expect that to actually generate a link... we may see this problem in action! Sorry.
Anonymous · 3mo · No.83
@81 1. That's happened to Geddit once
Anonymous · 3mo · No.86
@81 that's a good point! i think a way to solve this without requiring certs would to be have some sort of token as part of the post url, something like threads/1/post/token?spamspam. the token could be time sensitive or one-use only
Anonymous · 3mo · No.89
@86 This has been done and it *does* solve the problem. They're called CSRF (cross-site request forgery) tokens.
sk!_gaAry-2 · 3mo · No.92
@89 so _that's_ what they're used for. perfect, thank you. since there isn't cookie storage to hold the token per client, the best i could think of in a short time is what i mentioned earlier about time sensitive one-use tokens. they have become part of the post urls. i hope it doesn't break anything for anyone. if it does then no one would be able to tell me, hah! let me know if you experience any problems
Anonymous · 3mo · No.98
@92 help I can't post anything ;-P
Anonymous · 3mo · No.144
This is awesome man!
sk!_gaAry-2 · 3mo · No.170
@144 thanks! this has been a really fun project. the simplicity of the protocol makes that part easy and the limitation of the typography makes that part hard. trying to come up with a clean and simple layout for content without being messy or illegible has been great. always open to feedback
sk!_gaAry-2 · 3mo · No.347
i decided to write a quick gemini->https gateway so https://iich.space/ had content on it. it's read-only but at least makes it web-facing. i enjoy the look and feel of lagrange so i modified the styles from https://gmi.skyjake.fi/ to match the markup i generate and, just like lagrange, there's inline image loading. the relative obscurity of gemini capsules can be a charming thing but i don't think it necessarily devalues a capsule to be web accessible
sk!_gaAry-2 · 3mo · No.348
also i am going to have to regenerate the ssl certs soon since the current ones are set to expire in just a couple weeks. just keep in mind that gemini's TOFU will yell soon but that everything is a-ok
Anonymous · 3mo · No.379
nice, the web version will be good for sharing content.