/lynxchan/ - LynxChan

The best engine you will ever shitpost with.



Keep threads on-topic.
Roadmap
Installation video tutorial
Vichan migration script

New Thread:



Max Message Length: 4096
Don't show location
Make sure I have a block bypass
Files:
Spoiler Max File Size: 1.00 MB
File Limit Per Post: 3
Remember to follow the rules .


List of chans using LynxChan StephenLynx##xS3ESC 03/09/2016 (Wed) 20:10:56 Id: 8c0391 Locked Pinned [Preview] No. 285 [Reply]
Edited last time by StephenLynx on 02/09/2018 (Fri) 01:25:28.



Cat Board owner 01/03/2016 (Sun) 12:07:51 Id: 9ca3a6 Locked Pinned Bumplocked [Preview] No. 219 [Reply]
Open file ( 3.93 MB 640x480 1451822329331.webm )
NEVER EVER



Cat 12/28/2017 (Thu) 04:25:58 Id: c95102 [Preview] No. 495 [Reply]
Open file ( 44.54 KB 698x265 owned.png )
What is known about this claimed exploit?

Cat Board owner 12/28/2017 (Thu) 11:21:02 Id: 36351e [Preview] No. 496
Aside from the possibility of running mongo accepting external connections without authentication enabled, nothing.

I am skeptical of anything that mentions or involves smiley, that image reeks of goon trolling. I figure the first place to be owned would be a large site, like mewch or endchan. At least this one, since its managed by me.

Mega Milk 12/29/2017 (Fri) 04:56:48 Id: 66a73b [Preview] No. 499
>>495
What site is/was this?

nanote 12/29/2017 (Fri) 05:42:22 Id: 3914a8 [Preview] No. 500

nanotech#zvNTEK 12/29/2017 (Fri) 05:42:40 Id: 3914a8 [Preview] No. 501
It was a prank lmao



Cat 02/11/2018 (Sun) 23:39:11 Id: d23996 [Preview] No. 524 [Reply]
Open file ( 96.34 KB 750x600 200912102227351.jpeg )
Please explain how is engine better than Meguca.

Cat 02/12/2018 (Mon) 11:21:12 Id: c24fbe [Preview] No. 525
You tell me why I should care about meguca.



Cat 01/04/2018 (Thu) 16:28:54 Id: d3100a [Preview] No. 505 [Reply]
Open file ( 83.88 KB 1273x518 XSS.png )
5 posts omitted.

Broken HTML generation OP 01/18/2018 (Thu) 17:44:42 Id: 61d67f [Preview] No. 517
Markdown links containing quoted text or quotes to posts generate invalid HTML. For example:

http://google.com/>507
http://google.com/ class="quoteLink" href="/lynxchan/res/505.html#507">>>507
http://google.com/ class="quoteLink" href="/lynxchan/res/505.html#507">>>>/lynxchan/507

This could have security implications (the resulting HTML looks quite bad), but I cannot find a way to exploit it at first glance. Suggested fix:

diff --git a/src/be/engine/postingOps/common.js b/src/be/engine/postingOps/common.js
--- a/src/be/engine/postingOps/common.js
+++ b/src/be/engine/postingOps/common.js
@@ -471,9 +471,9 @@ exports.replaceMarkdown = function(message, posts, board, replaceCode, cb) {

});

- message = message.replace(/(http|https)\:\/\/\S+/g, function links(match) {
+ message = message.replace(/https?\:\/\/[^\s<>"]+/g, function links(match) {
Message too long. Click here to view full text.

Cat 01/19/2018 (Fri) 00:07:21 Id: 5a92bd [Preview] No. 518
>>517
ty, ill look into it

Cat 01/19/2018 (Fri) 12:00:05 Id: e7347a [Preview] No. 519
Fixed, all I had to do was to process links before quotes.

Fixed only on 2.0, I will fix on 1.8 and 1.9 if I find some way to exploit that.

But given how stuff is sanitized anyway, I don't think that would be possible.

Cat 01/22/2018 (Mon) 20:08:52 Id: 248a80 [Preview] No. 520
test.

Testing Tester 01/28/2018 (Sun) 17:16:16 Id: 500963 [Preview] No. 523
Open file ( 554.91 KB 400x393 1093125a34d1c4e753c8c6776442aed3.gif )
Open file ( 10.78 KB 228x221 index.jpg )
Test



Markdown in /<board>/catalog.json API Cat 01/23/2018 (Tue) 00:56:37 Id: 24b91a [Preview] No. 521 [Reply]
Is there any reason that the catalog API json doesn't have the comment in markdown? The API has markdown in the thread views, but not catalog.

Cat 01/23/2018 (Tue) 21:08:40 Id: 04c95d [Preview] No. 522
If you are the guy that e-mailed me, there is no good reason and I added it on 2.0.



Cat 01/14/2018 (Sun) 17:03:57 Id: 5d701d [Preview] No. 516 [Reply]
Open file ( 74.68 KB 645x729 d27.png )
Open file ( 74.68 KB 645x729 d27.png )
Hey guys, just had a question regarding installation of a 3rd party front end with Lynxchan, upon downloading a front end like 8tailedLynx (https://gitgud.io/obongo/8TailedLynx) and booting up lynxchan I get several broken pages that look like plaintext.

I was told on the irc to run command [code]lynxchan -rfe -r -nd[/code] to rebuild the pages.

When running that command I get the following error:
[code]m@xchantest:~$ lynxchan -rfe -r -nd
Were found issues with templates.
Enable verbose mode to output them.
Full deletion progress: 7%
events.js:160
throw er; // Unhandled 'error' event
^

Error: connect ECONNREFUSED /tmp/unix.socket
at Object.exports._errnoException (util.js:1020:11)
at exports._exceptionWithHostPort (util.js:1043:20)
at PipeConnectWrap.afterConnect [as oncomplete] (net.js:1090:14)
Message too long. Click here to view full text.



Was the RAM cache a mistake? Dog 01/02/2018 (Tue) 08:43:20 Id: 100739 [Preview] No. 502 [Reply]
Open file ( 490.02 KB 255x255 pondering.gif )
Can someone explain me the rationale behind the RAM cache? Intuitively, it feels wrong to (re)implement caching of GridFS files because GridFS/MongoDB already performs some sort of caching in the background. The main benefit seems to be the non-preemptive caching strategy (JIT), which is a big win, but could have been easily achieved without an additional cache layer.

Cat 01/02/2018 (Tue) 12:05:56 Id: 4e1f98 [Preview] No. 503
Concurrency and performance.

Gridfs became unstable with JIT removing and reading at the same time, causing corrupted caches. Up to 1.8 that wasn't an issue since cached files would only be removed after a newer version was stored.

And the new implementation was able to serve 5x more requests.



Issues with Penumbra Lynx Cat 12/27/2017 (Wed) 08:03:39 Id: f170f6 [Preview] No. 491 [Reply]
Not totally sure if this is the correct place to ask this, but apparently i'm too retarded to edit a front end

How do I edit the homepage of imageboard, like the title element and footnotes and stuff? Modifying the index.html in the templates doesn't work.

I'm also confused about the overboard, as on other places like mewch it shows recently posted threads on the index, but for me it doesn't work

Cat 12/27/2017 (Wed) 10:44:02 Id: 892edf [Preview] No. 492
1: the title of the site is set on the global settings, the title of individual pages is set on the language pack.
2: after editing a template, you have to reload the RAM cache of the template. You have a few options for that: A: run lynxchan with -fd so it will reload that cache everytime it is used B: run lynxchan -nd adding a rebuild command, they can be found on src/be/readme. This will rebuild the completed page that used the template.
3: you have to set the overboard uri and the option to show recent posts on the front-page on the global settings. To edit global settings, login as root and click the link on the global management page. You can also edit the settings json manually, but that won't trigger some required actions on the engine after certain settings change and is prone to error.

Cat 12/27/2017 (Wed) 19:51:57 Id: f170f6 [Preview] No. 493
>>492
Thank you so much!

Cat Board owner 12/28/2017 (Thu) 11:42:44 Id: c38287 [Preview] No. 498
Btw, I made a small mistake there: -r commands rebuilds the disk cache of completed pages, -rfe reloads the RAM cache of templates.



Cat 12/27/2017 (Wed) 22:07:12 Id: d545ac [Preview] No. 494 [Reply]
When I try to upload custom JS, my browser sends the file with the wrong mime type (application/x-javascript), and it gets rejected by the server. Is this check really needed?

Cat Board owner 12/28/2017 (Thu) 11:23:11 Id: c50848 [Preview] No. 497
Hm, that is a good question.
I figure that I could remove the check, since its a feature that will only be used by sites without user owned boards and possibly by only site owners themselves.

Come to #lynxchan on rizon and I can give you a solution for 1.9.


Reason:
Password:
Global
Delete only files
Delete media (Actually removes the saved files from the server, standard file deletion only removes the reference to the selected posts)

Captcha(Used only for reporting): No cookies?

[ 12345 ]