I’d been getting really annoyed with my kinda-fragile website templates and some of the accumulated cruft, as well as a bunch of things that were difficult, UX-wise, so I redesigned my site. How do you like it?
I finally got around to enabling search, as an experimental feature. Publ’s full-text search functionality is kinda janky right now and I really want to rework it. But people were asking, so here you go.
Also god damn my templates are getting hard to maintain.
There’s also so much stuff I really want to rewite in Publ, while I’m feeling grumpy.
EDIT: Oh right, also what started me down this path was also fixing Authl’s login flow for email links on email providers which generate link previews, e.g. Outlook and Hotmail. So I mean folks who were getting “invalid token” errors while signing in by email should have a better time now.
Another year has come and gone so I’d might as well reflect on what happened during it and try to plan for the next one.
- These lists are intended to be exhaustive
- Every item on the list applies to every situation
- Every item on the list must be taken to heart and considered at all times
- Every item based in historical fact is worth worrying about for all future implementations
- Every item deserves explanation
- An assumption you made that shows up on the list is a personal attack on your programming abilities
- These lists are intended as guides for how to do things (or, conversely, guides for things not to do)
I made a change to Authl which more or less necessitated resetting everyone’s login.
I mean, it only really necessitated resetting the logins of folks who sign in via Twitter, but the way Publ authentication works (or at least the way I have it set up on my site) means I can’t reset just an individual session.
Also it didn’t really require a full login reset but it would have been confusing for some folks for some amount of time, so I figured better safe than sorry. “Oops I need to log in again” is a lot less difficult to deal with than “it says I’m logged in, did fluffy remove me from their friends list or something? what did i do wrong :( :( :(”
This also means that all bearer tokens have been reset, so if you were doing something with those you’ll need to generate a new one (either from your profile or via TicketAuth). Of course you automatically get a TicketAuth grant when you sign in anyway, so if you’re using TicketAuth I guess there’s nothing extra you need to do to begin with.
Update: haha I forgot to actually push this entry until like 4 days later oops. well okay have an explanation if you were wondering
After my recent isso updates, I found that double-quotes had disappeared from most peoples' comments, and it was really weird and I couldn’t figure out why.
Anyway, long story short, it turns out that something changed to cause the
EXT_QUOTE support to start converting
<q>s, and isso’s HTML sanitizer (which runs after Markdown conversion) isn’t configured to allow that as an HTML element. (Or maybe this was happening all along and I just didn’t notice until now! Nothing in Misaka has changed in that time so I probably just never noticed.)
The fix is to either remove
options or add
allowed-elements in the
[markup] section of the isso config file. For example, here’s that section of mine:
On a related note, don’t enable
EXT_QUOTE on Publ if you want quotes to be able to appear in auto-generated entry summaries and the like. (I suppose I should change Publ to always override the Markdown extension configuration where it makes sense…)
So the reason for my recent mini-rantle was that I found a hidden API in isso that would have made it pretty easy for folks to trivially scrape every comment on my website, including ones on private entries.
Fortunately the fix was really simple and it’s what I have deployed on my site right now.
So hey, I thought it was weird that nobody had been posting comments on my blog in a while. Turns out comments were just, like, broken, and nobody told me, for some reason.
The problem turned out to be that Isso currently doesn’t work on Python 3.8 (or at least, the current released version, which is ridiculously outdated, doesn’t), and it was easy to roll it back to Python 3.7, thanks to poetry’s pyenv integration. So, score another one for poetry.
But why don’t people actually tell me when they’re having problems with my site? Do people just assume that if something’s broken it’s broken on purpose? Because I mean… no?
Anyway, comments are fixed now.
I’ve done a bunch of refactoring/simplification on my website templates. I think everything still works but if you see something funky, please let me know.
There’s also a lot more I need to fix, especially redoing the CSS to be cleaner and on the comics subsection (which has an entirely different set of templates that aren’t built on HTML5 semantic containers at all), but that can definitely wait.
(I also really want to redo novembeat at some point since I have a better idea of how to structure it now, but that also will wait.)