Feature requests for making bazukachan Tor/I2P/Lokinet ready #16
Comments
they already should work, TOR works, I2P works, don't know about lokinet.
There is only interval between posts(replies and threads) included in the same https://github.com/27chan/bazukachan/blob/master/inc/config.php#L519
It already exists https://github.com/27chan/bazukachan/blob/master/inc/config.php#L557
Leftycucks have added it, but so weird that js captcha is removed. towards-a-new-leftypol/leftypol_lainchan@a1bdba3
I don't think I2P IP's all appear as one(same with Lokinet), each looks like "981iskd.b32.i2p" "89iksdksa.b32.i2p" ect. |
|
There is only interval between posts(replies and threads) included in the same https://github.com/27chan/bazukachan/blob/master/inc/config.php#L519 With Tor, all the IPs are the same, if I choose 20 seconds and between this while someone try to make a post, it will be unable to do. This option should work with cookies, for each session, an interval of X seconds could be applied to avoid flood by some retard. ===================== Leftycucks have added it, but so weird that js captcha is removed. towards-a-new-leftypol/leftypol_lainchan@a1bdba3 Interesting, maybe I will apply this patch here. ====================== I don't think I2P IP's all appear as one(same with Lokinet), each looks like "981iskd.b32.i2p" "89iksdksa.b32.i2p" ect. I'm waiting for this feature, I don't know anything about PHP, so I can't implement by myself. |
|
The default captcha also "works" with non js, it's just broken and missing a few lines in the templates. The non-js captcha is displaying the incorrect value: The correct form would be: echo "<html><body>You do not have JavaScript enabled. To fill out the CAPTCHA, please copy the ID to the post form in the ID field, and write the answer in the answer field.<br><br>CAPTCHA ID: {$captcha['cookie']}<br>CAPTCHA image: {$captcha['html']}</body></html>";And for the template: https://github.com/27chan/bazukachan/blob/master/templates/post_form.html#L122 <noscript>You seem to have JavaScript disabled. To complete the CAPTCHA,<br><a href="{{ config.captcha.provider_get }}?mode=get&extra={{ config.captcha.extra }}&nojs=true" target="_blank">open this link in a new tab</a> and put the result in the boxes below:
<br>
ID: <input class="captcha_cookie" type="text" name="captcha_cookie" size="25" autocomplete="off"><br>
Answer: <input class="captcha_text" type="text" name="captcha_text" size="25" maxlength="6" autocomplete="off">
</noscript>5 - Link anonymizing return '<a referrerpolicy="no-referrer"' . implode(' ', $parts) . '>' . $link['text'] . '</a>' . $after;But I didn't test myself, you can also set a header with nginx. |
|
I knew I saw something about i2p in a fork somewhere, if you really want to use bazuka or vichan, you better port this class of neochan: https://github.com/neochaner/neochan/blob/master/inc/session.php or just use neochan and disable board creation, or better yet, use picochan. |
I'm planning to host an imageboard on Tor (.onion address), but I'm afraid of someone make a flood there.
So, I addressed features that if implemented, would make bazukachan compatible with anonymity networks like Tor, I2P and Lokinet.
1 - Interval of X seconds between thread and post creation.
===> This would prevent some retards to post lots of texts repeatedly and also defeat scripts made to flood imageboards; this option would require cookies to work.
2 - Max threads per hour.
===> In an imageboard, an owner can estimate how many threads are created by hour and establish a limit for preventing flood in board pages.
3 - Captcha mechanism for threads and posts that doesn't require JavaScript.
===> This can prevent flood; and users worried about privacy leaks in their browsers (particularly TorBrowser) can solve the captcha without problems. This PHP captcha mechanism would be great: https://www.phpcaptcha.org/
===> Addressed here: #12
4 - IDs system and an option to delete all posts in a specific board or in entire imageboard.
===> Connections coming from Tor and I2P will appear as "127.0.0.1", so, deleting repeated posts in a flood attack can affect other threads, posts or even the entire imageboard if the one is hosted only in a .onion or .i2p pseudo-domain. Deleting posts by ID would affect only the matched posts and threads. A smart idea.
===> Addressed here: #14
5 - Link anonymizing.
===> This prevents sites to "see" from what site the link to it was clicked. It's easy to implement as anchor in HTML5 has an option to modify the link behavior: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/a#attr-referrerpolicy
===> External services can also be used: https://href.li -- https://anonym.to -- https://www.linkanonymous.com -- https://anonym.es/en.html
===> Also addressed here: #15
===========================================================================
These are my requests for making bazukachan compatible with anonymity networks.
The text was updated successfully, but these errors were encountered: