patrick.net

Did Hat get banned? Asking because I'm looking for that "Haha Whitey You will be Replaced despite Us saying for 3 decades you're paranoid and that's not our intent" thread

Yes, he was shitting on the site. Really too far.

@WookieMan I have actually exposed them all in the past, and not much came of it. Most of the personal comments are pretty clearly personal.

HonkpilledMaster says

Did Hat get banned? Asking because I'm looking for that "Haha Whitey You will be Replaced despite Us saying for 3 decades you're paranoid and that's not our intent" thread

He sounded just like your old friend Kaki reincarnated. And when I pointed that out, my comment got flagged as personal... go figure..

It's getting way past the point of ridiculous with the "thought Police" here...

Yes, definitely a previous user back just to cause problems.

Please allow youtube videos to go full scren

Hircus says

Please allow youtube videos to go full scren

@Hircus Thanks for the suggestion. My earlier comment was wrong, and is deleted now. Wish granted, at least for videos posted from now on!

I actually had a bug where I did not have "allowfullscreen" on the list of allowed tags for the youtube iframe, so they were being stripped out of the html. You helped me fix it by asking why that didn't work.

I often link to images in my posts. I feel 99% of the time, the best thing to do is to upload the image to patnet because if I link to an external url, one day it will likely break, and then people can't see the image anymore. Also, uploads likely help avoid workplace filters. But, it's soooo easy to just link externally, vs it taking a handful of steps to upload, so I rarely upload.

So, I think it should be easier to to do the right thing - which is upload images.

Suggestion:

Add a checkbox near the new post input box, labeled "auto upload external urls found in img tags", and check it by default so most people use it. Then, upon post submit, scan for img tags and grab those w/ external urls, download the image, and replace the url w/ the generated patnet url.

You're right about images, and I was actually working on that today.

I'm going to let people enter external urls, and then simply upload the image to a cache on my server so that:
1. it won't break if the image goes away
2. it won't show the broken ssl lock when the external image is not from an https site
3. it's really easy for users
4. big threads with lots of external images won't bounce around when loading, because all the image sizes will be known

Could you make the uploaded filenames more unique?

I have this issue both for files that I upload, as well as for urls that you auto convert to files for me.

If I upload more than 1 image per month that has the same name, I run into duplicate issues. Eg, if both my files are named "image.png", then your generated filename is always:

/uploads/2019/06/126743_image.png

And, auto uploaded files are always named like:

/uploads/2019/06/126743_

Notice, it's missing the end.

Thanks @Hircus I will work on that tomorrow.

btw, I often write greasemonkey scripts to customize sites I use. This is one I use for your site, that makes it easy to paste an image from my clipboard. It skips the whole "save to file, then select the file to upload" steps and lets you just paste raw image data, as well as drag + drop a file. I'll post it here for anyone who wants to use, or maybe Patrick might incorporate it into the site.

https://pastebin.com/vpYjGr47

@Hircus I deployed a fix for your issue, I think:

https://github.com/killelea/node.patrick.net/commit/3a25449a912d87673fcd32bfad0ada6ead4182cb

So that should make each image upload distinct. I had assumed that no user would upload the same filename more than once, but I guess that isn't true.

Greasemonkey looks like fun. Too bad it's Firefox-only. Could I add that functionality to patrick.net directly?

Awesome, thanks

They call the idea "userscripts", and they should have an addon for most browsers, perhaps under a different name. They usually follow the *monkey naming convention, eg I use Tampermonkey on Chrome and Opera.

But, ya I think other users would appreciate if that code was built directly into patnet natively. I think if you just run that code as-is via the DOMContentLoaded event, it should work, although you might want to change it - such as just add the css rule directly to your css file, maybe just edit the html file directly instead of using js to manipulate it, etc...

I'm having trouble w/ profile pics. I've tried uploading various sizes / aspect ratios of my current profile pic, but it always gets presented with very small dimensions, much smaller than other people's. I looked at the html, and it seems I usually get about 16x15 size:

<img src='/uploads/2019/07/126743_2b43_aocrying-face.jpg' width='16' height='15' 'align='left' hspace='5' vspace='2' >

Other people seem to get 32x32 or so. How to get a bigger pic?

Also, there's a syntax error: note it says 'align= but should be align=

Thanks @Hircus Sorry for the delay, I have been traveling.

I fixed the syntax error (good find!) but don't understand the sizing problem.

Could you email an original of the crying face image to me at p@patrick.net and I'll see if I can reproduce the problem on my development version of the site.

I can't seem to start a new thread. I'm new, and logged in. Using brave on mobile.

Where is the "new thread" link?

Holy crap, I'm blind, Found it hiding in plain sight... gonna have to change my screen name now to avoid ridicule, haha

@patrick is there some kinda anti-hotlink protection in use?

I tried to download the first video in this thread (url below)
https://patrick.net/post/1334717/2020-08-28-kneepad-harris-promises-more-riots
but get 403 forbidden


The video src:
https://patrick.net/uploads/2020/08/2217_df9f_kamalaharrissaysthattheriotsarenotgoingtostopeverandtobeware.withasmileonherface..mp4

It might be due to the double dot at the end, but I am able to watch the video in my browser (vivaldi / webkit based) ok, just not download it, nor access the url directly like I am usually able to with internet videos.

Hircus says

patrick is there some kinda anti-hotlink protection in use?

@Hircus Yes, I did that after being threatened by a copyright troll lawyer, even though I comply with the DMCA.

For both images and videos, the "referer" has to be present, and has to say "patrick.net" in an http request, or else you get that 403 forbidden.

But you can get around it in two ways:

1. right click on the image or video and "save as" if your browser supports that
2. if you have the terminal program "curl" you can add the referer manually, like this on the command line:

curl -H 'referer: https://patrick.net' https ://patrick.net/uploads/2020/08/2217_3a4e_yigrioci.jpeg > saved_copy.jpeg

(except without the space after the https, which i had to put it so it shows you the link and doesn't put the image in this very comment)

ok thanks!

Patrick says

1. right click on the image or video and "save as" if your browser supports that

Doesn't happen on my mobile browser. Says download unsuccessful every time. 'right click' downloads on other sites with that browser works just dandy. Using Duck-Duck-Go's browser.

Wow, they have a browser? Thanks, good tip.

What about your laptop browser? I assume you have a laptop.

Patrick says

Wow, they have a browser? Thanks, good tip.

What about your laptop browser? I assume you have a laptop.

DDG just has a mobile browser, not desktop/laptop. I can download them from my laptop browser but that is Chrome.

I don't know why mobile browsers are refusing to let you save an image or video.

At least with an image you can just do a screenshot. Though that doesn't help with videos.

If the problem is referrer headers, maybe patrick could change it so that images/videos need either a referrer header OR send the login patrick.net username cookie. That way users who've logged in before and still have the cookie are exempt, which should still meet the objective of preventing wild internet hot linking. That would probably be an easy nginx config change.

Yes, that's a good idea.

Need to figure out how to do it exactly though, since the referrer header is checked in the nginx web server first, before it's possible to check whether the user is logged in.

How can nginx know whether a user is logged in?

Why not just check for the existence of the cookie name via nginx?
maybe like

if ($cookie_patricknetuser ~ "\d+") {...}


or whatever the right nginx syntax is.

A user wouldnt have the cookie unless they logged in at some point. They could spoof it, but it would only gain them hotlink viewing ability at best. I think the goal is really to allow patnet users, not necessarily ones that are currently logged in, and reusing the cookie as a way to say "weve seen this user before because they logged in once" seems convenient, and will still deny the internet at large. They can spoof the referrer header anyway, too.

@Hircus That's brilliant! Should have thought of that.

I'll try to do it tomorrow and let you know here if it works.

@Hircus I think I did it. Let me know if any problems.

nginx config is absolutely horrible. I want to switch web servers, but that's a lot of work too.

@patrick seems to work for me. thanks!

Is there a way to turn off Avatar pics? I love this site but some Avatars are NSFW (Trumping Tits, I'm talking to you!)
I sometimes have kids and Karens running around the house. I don't want to be labelled a porn toad or pedo.

rocketjoe79 says

Trumping Tits, I'm talking to you!

His doesn't even show up for me anymore. Not sure if it's a cache thing or not. Just get the ? mark missing image box on my end.

rocketjoe79 says

Is there a way to turn off Avatar pics? I love this site but some Avatars are NSFW (Trumping Tits, I'm talking to you!)
I sometimes have kids and Karens running around the house. I don't want to be labelled a porn toad or pedo.

Adblock extension for your browser allows to put any pic on "ignore", so you'd never see it again.

Thanks! AdBlock did thre trick, much obliged.

WookieMan says

His doesn't even show up for me anymore. Not sure if it's a cache thing or not. Just get the ? mark missing image box on my end.

How about now?

TrumpingTits says

WookieMan says

His doesn't even show up for me anymore. Not sure if it's a cache thing or not. Just get the ? mark missing image box on my end.

How about now?

Oh I'm fine with the image. Just don't get why it's not showing. Probably a browser issue. On Safari and it stopped after a recent update.

Try shift-reload to force reload of images in cache in your browser.

Maybe there was a broken version at some point and you got it cached.

I wish I had time to fix all this stuff. If SHOP doubles again, I will.

@Patrick: your certificate has expired.

FuckCCP89 says

Patrick: your certificate has expired.

Thanks for telling me @FuckCCP89

Should be fixed now. I really need to automate that.