this extension loads website from hostr, and injects it into page. however script tags needs some special care
just hacking firefox extensions to allow inline scripts
inline scripts are generally not allowed
but its allowed to run script with browser.tabs.executeScript
its just dump, you have to import external library because browser native library works only on SECURE HTTPS sites
crypto.subtle....
IMPORT CRYPTO JS INSTEAD:
do relays have the files? lets keep track
https://h.hostr.cc/p/103a0ad46013efa62540526ff67da42b4ef0f31c75d8fd913108b956566c7126/d/index.html
its not just checking pubkey + d_tag, but compares shasum
(had to make trim() for it to work, so its only 99.9 % exact check)
do relays have the files? lets keep track
https://h.hostr.cc/p/103a0ad46013efa62540526ff67da42b4ef0f31c75d8fd913108b956566c7126/d/index.html
you cannot just
img = document.createElement("img")
img.src = src
document.body.append(img)
no
in order to avoid cors errors, remember to:
document.body.innerHTML += img.outerHTML
javascript security practices are so retarded
just remember to always use .innerHTML += instead of .append() to prevent some cors errors
its not illegal to click a link
however it may be illegal to put up a server
web browsers should have built in tor
not for matters of privacy, but for accessing wider variety of websites
when you want to protect your identity through tor, of course tor browser is best option
confirmed: it is possible to create hybrid-onion websites
eg. your #nostr #web #client can load #images from .onion if user #browser resolves these (eg. tor browser) #onion #tor
added support for loading content from .onion addresses
you need to use tor browser or configure onion routing otherwise
this should load at least one image:
or (may or may not be up)
http://shadowxcu2g6r6dfhnjsvojo5rqnlv42q25ko6zih5w3kwl2mfss3bad.onion/media.html#oniontest1;v
//
sending note with #primal
#snort doesnt work
#coracle is broken
#iris is broken
added support for loading content from .onion addresses
you need to use tor browser or configure onion routing otherwise
this should load at least one image:
or (may or may not be up)
http://shadowxcu2g6r6dfhnjsvojo5rqnlv42q25ko6zih5w3kwl2mfss3bad.onion/media.html#oniontest1;v
added support for loading content from .onion addresses
you need to use tor browser or configure onion routing otherwise
this should load at least one image:
or (may or may not be up)
http://shadowxcu2g6r6dfhnjsvojo5rqnlv42q25ko6zih5w3kwl2mfss3bad.onion/media.html#oniontest1;v
*maybe it was firmware
fun to know: one youtuber found a bug in apple gpu drivers, where you could hack the system by running 3d application :D
rabbit hole of system security goes far indeed
optimal solution is ofc where you get near native performance from everything, everything is easy to use, yet achieve perfect user account isolation where you can process sensitive stuff under one account and run insecure stuff under another
however, in the end we come to firmware and hw, where there is no control even in linux
setfacl is nice, because you dont need to mess your system files with chmod / chown. if you mess up, just remove setfacl rules and everything is back to normal
chmod / chown can break the whole system if used wrong
to run webserver, you dont really need /usr/bin executables
my webserver only need /usr/bin/env, all else can be blacklisted