Page 1 of 2

Websites upgraded+secured; help wanted

Posted: Wed Feb 15, 2017 1:10 am
by robn
You may have heard rumours that the wiki was hacked. Turns out it was true (I even got in trouble with the datacenter operators).

So, I've upgraded to the latest forum and wiki software (PHPBB and MediaWiki). For good measure, I've forced HTTPS for everything (existing links should redirect and continue to work).

There's a bunch of stuff that I know is now broken or at least a little off:
  • Homepage slideshow styling (probably a failing CSP rule on an embedded script)
  • Wiki mixed-content warnings (MediaWiki footer, probably some non-https images in pages too)
  • Wiki editor seems to be broken
  • http links need changing to https
  • Forum has lost its logo
As you see, I have very little time to maintaining Pioneer infrastructure these days. I would welcome help with fixing the above and, longer term, assistance running the web servers and build infrastructure (with a view to handing it off entirely to someone who wants it). There's no hurry from me; I'm happy to keep putting in my hour of Pioneer work each month, and will still respond when prodded. And I'll will get to all these things eventually!

-- Rob N.

Re: Websites upgraded+secured; help wanted

Posted: Thu Feb 16, 2017 2:52 pm
by bszlrd
Thank you very much!

I'm afraid I can't offer much help regarding web maintenance, my knlowledge is quite limited in that field.

Re: Websites upgraded+secured; help wanted

Posted: Tue Feb 21, 2017 2:03 pm
by FluffyFreak
I've been meaning to reply but haven't known what to say!

Erm, thanks robn! :)

We'll have to get sorted with taking some of the shit off your hands somehow.

Re: Websites upgraded+secured; help wanted

Posted: Mon Mar 13, 2017 1:35 pm
by Ragerin
Hey

I hope I can contribute to Pioneer. :)

Grabbed some low-hanging fruit for now.

------
Mixed-content warning @ Wiki-footer:
The CreativeCommons logo image source should be 'https://i.creativecommons.org/l/by-sa/3.0/88x31.png'

---

Temporary workaround to the WYSIWYG editor issue:
  • Login to the Wiki
  • Go to preferences -> Editing
  • Scroll down to "Rich Editor" and check "Show WikiTextEditor"
  • Scroll all the way down and click "Save"
This fix allowed me to edit and preview without any problems, albeit with a pretty barebones editor...

I think I found the root cause for the issue at hand, but maybe we can discuss this sometime, @robn? Cheers

---


I am digging a bit into the other problems as well, catch me by PM or IRC and we could discuss these?
I may be able to help.

Re: Websites upgraded+secured; help wanted

Posted: Tue Mar 14, 2017 9:07 am
by robn
Ragerin dropped into IRC tonight and gave me some very precise instructions, and now the wysiwyg editor is running again and there's no mixed content warnings (and a couple of other minor tweaks). So Ragerin++, thank you!

Re: Websites upgraded+secured; help wanted

Posted: Thu Apr 06, 2017 8:32 am
by Ragerin
As this is not relevant in regard to the development of Pioneer itself, I figured I'd just put this up here. :-)

I put up a new website design. You can give it a look at www.pioneer.hgaard.net


It's running on Django, so it's super easy to add functionality (ie. post-based news, authorization, etc.) if the need should arise.

Furthermore it has a translation system (not currently enabled) so the page can be viewed in different languages.

Re: Websites upgraded+secured; help wanted

Posted: Thu Apr 06, 2017 11:00 am
by charlieg
Ragerin wrote: Thu Apr 06, 2017 8:32 amwww.pioneer.hgaard.net
That link didn't work, but this did: pioneer.hgaard.net

Re: Websites upgraded+secured; help wanted

Posted: Fri Apr 07, 2017 7:35 am
by Ragerin
charlieg: yeah, I forgot a DNS record. I added it now, so www.pioneer.hgaard.net works too. Thanks for notifying me!

Re: Websites upgraded+secured; help wanted

Posted: Fri Apr 07, 2017 5:38 pm
by FluffyFreak
It's good, works fine and looks nice :)

Would it be possible to re-create the dynamic download link that we used to have?
I think it detected/guessed what OS you were using from the browser info and then changed the "download latest" button for the newest version for your OS.

Other than that I think it's all good :)

Re: Websites upgraded+secured; help wanted

Posted: Mon Apr 10, 2017 6:41 am
by Ragerin
FluffyFreak: Yup, that wouldn't be super hard.

So, implementing a client OS detection in JS is really easy and fast.

But SourceForge does not have any API (that I could find).

So the solution I tested, involved grabbing the entire DOM of the download list for Pioneer on SourceForge and extracting the latest release. This solution could work as an independent script. I tried doing it clientside, but it is way too slow.

It's actually super strange, that SourceForge does not have an API... I was really surprised.


How do you currently do it? (robn?)