readme

Author: rdtmaster

LICENSE

@@ -1 +1 @@
-Nothing here (yet)
+Use the software wherever and however you like, you are free to modify it, just don't claim you are the original author. Don't use this program anywhere it can put human lives in danger or cause other damage. The developer is in no way responsible for any consequences, be it account suspension due to use of the API or if there is any reddit or other platform ToS violation.

README.md

@@ -21,17 +21,12 @@ In late march 2023 the mobile web interface got removed by reddit staff.
 None of them are like the old ``.compact`` interface. Most lack old browser compatability, some are 'privacy-oriented' which means you cannot log into your reddit account.
 
 ## What it's not?
-It's not a privacy-focused client. If it provides any additional privacy/security (or so you believe) then congrats, go celebrate & rejoice, however this is unintentional and not something to rely on. And neither is it a full scale reddit client utilizing all features exposed by the official API. It is and likely will remain only a subset of what the official front-end provides, much like the `i.reddit.com` used to be (it had not the edit post feature, posting was limited, no moderation etc). If we can achieve same feature coverage this will exceed my expectations by far. See the roadmap below for detail.
+It's not a privacy-focused client or a reddit automation software.
 
-### Why won't you add dynamic user account switching
-Because I believe this could open the door for multi accounting, automation and other stuff reddit might get upset about. Yes reddit allows alts, you can use them as well by editing configs. This decision is final as of right now, I am not taking it because I am all that invested into reddit cleanliness or following ToS, I just don't want to contribute to any shady activity, which will ultimately lead to reddit becoming more strict. If you want an automated solution for upvoting, spamming, pharming accounts, go develop one or buy it off the market, plenty of them available. I want reddit to stay as relaxed as it is.
-
-### Why not an in-browser client?
-I thought about it but there are several obstacles. One of the most ambitious goals I have so far is making this app a drop-in replacement of `i.reddit.com` through the use of `.hosts` file. I have a freaking number of bookmarks pointing to `i.reddit.com` pages, would be great to revive them.
+## Is pasting my login/password safe
+Short answer: yes. CompactBro is fully open-source and contains no backdoors. It is generally safe, but I am not responsible for 3rd party libraries and also cannot guarantee your account won't die because of API use (even though the API is public, most websites do not like when you use anything but the official web/mobile client). If your account poses great value I wouldn't advice to risk it.
 
 ## How to install
-Work in progress!
-
 First, download binary for your operating system from the releases page.  Alternatively, clone this repo and build it (you need `git` and functional go >= 1.20.3 installation):
 ```bash
 git clone https://github.com/rdtmaster/compactbro
@@ -42,6 +37,7 @@ go build
 chmod +x compactbro && ./compactbro #on *nix
 compactbro.exe #on windows
 ```
+
 ## Configuration
 - Login to reddit and head over to **preferences** => **apps**, create a new APP. The name could be any (e.g. `compactbro`), type should be `script` and other fields are optional. Note down App ID and secret.
 - create config file `compactbro.toml` in your `<default-config-directory>\compactbro` (if you are unsure of the location, launch the software and it will print the path in use, create the file there)
@@ -77,18 +73,14 @@ Password = "<password>"
 Replace values in `<...>` with credentials of your choice; be advised these are basic auth credentials you will use to access the app, they have nothing to do with username/password you use to log into your reddit account, therefore these do not have to match, even though they can if so you choose.
 
 ### HTTPS
-Today majority of websites and apps are overly secure, with HTTPS enforced everywhere. Most resources in fact do not need it. There's nothing wrong about using plain HTTP in most scenarios. Any half sain person understands that if you just want to read the news or even sh1tpost on reddit it should not involve cryptography (which introduces great overhead and a big number of errors). Well, at least not by default. Think twice prior to enabling HTTPS, chances are you don't need it.
-However, if you transmit any data without HTTPS **in theory** it could be intercepted. So in a nutshell, if you use compactbro server-side and you live in a free/democratic country, there's not much to worry about. Yet in case you are concerned about government surveillance or are just a little bit paranoid, there's an option to use HTTPS built into Compactbro. It could come handy if you want compactbro to become a drop-in replacement for `i.reddit.com`. Below are the steps to achieve this. The manual is (work-in-progress), it covers only Windows+Firefox setup but it should work basically anywhere with little changes.
+If you require traffic between compactbro instance and your browser to be encrypted there's an option to use HTTPS. Usually you don't need it if you run the program locally.
 
 To generate keys, install OpenSSL (there are binaries available for most platforms, refer to their site for more info) and generate SSL certs:
 ```shell
 cd <path-to-compactbro>/certs
-
 openssl ecparam -genkey -name prime256v1 -out key.pem
-
-openssl req -new -sha1 -key key.pem -out csr.csr -subj "/CN=i.reddit.com" -addext "subjectAltName=DNS:localhost,DNS:localhost,IP:127.0.0.1"
-
-openssl req -x509 -sha1 -days 365 -key key.pem -in csr.csr -out certificate.pem
+openssl req -new -sha1 -key key.pem -out csr.csr -subj "/CN=localhost" -addext "subjectAltName=DNS:localhost,DNS:localhost,IP:127.0.0.1"
+openssl req -x509 -sha1 -days 3650 -key key.pem -in csr.csr -out certificate.pem
 ```
 This will generate self-signed SSL certificate, which you have to import to your browser as a trusted root CA (for firefox: `settings` => `advanced` => `certificates` => `import`). 
 
@@ -110,10 +102,7 @@ You can use your own domain as well.
 - [x] View Posts+comments
 - [x] Edit posts
 - [x] Edit comments
-- [ ] Handle more comments (partially complete)
 - [x] Comment under post and reply to comments
-- [ ] Delete comment
-- [ ] Delete post
 - [x] Infinite scrolling subreddit, DMs and user overview page
 - [x] Check inbox and display orange icon, add config option to turn it on/off
 - [x] View messages (DMs, comment replies, post replies, username mentions, sent)
@@ -123,7 +112,10 @@ You can use your own domain as well.
 - [x] User attrs (submitter, mod, admin)
 - [x] Image/video thumbnails
 - [x] Mark NSFW, spoiler
-- [ ] Create good readme (partially complete)
+- [ ] Handle more comments (partially complete)
+- [ ] GIFs display
+- [ ] Delete comment
+- [ ] Delete post
 
 ## Roadmap for future versions
 - [ ] Full support for DM messages
@@ -138,10 +130,10 @@ You can use your own domain as well.
 
 ## Versioning policy
 It'll be nice if v1 can ever see the light and even nicer if something beyond that gets released.
-Minor versions are subject for eventual delition from the releases section, except the latest one. At the moment v1 is the only major version planned, its goal in a nutshell: "*release something that compiles and lets you browse and comment*". New major version should be released once something notable happens, minor versions are released whenever I want to see if it still works.
+New versions are released on every change pushed to the repo, in general you should download the latest version.
 
 ## Compatability and intentional decisions
 1. Javascript (e.g. frontend) has been completely re-written without use of `jQuery` library. Adopting reddit's codebase would be even harder then coding everything from scratch. Initial plan was to leave HTML and CSS untouched, but it was impossible
-2. Compactbro web interface supports Firefox 47.0 and server supports Windows 7x32. Effort should be made to try and support older versions of Firefox. At no point should Compactbro ever drop Windows 7 (incl.32 bit) support or bump minimum supported browser version. If adding any new feature requires to raise those minimum system requirements, that feature should be forgotten.
+2. Compactbro web interface supports Firefox 47.0 and server supports Windows 7x32. Effort should be made to try and support older versions of Firefox. At no point should Compactbro ever drop Windows 7 (incl.32 bit) support or bump minimum supported browser version. If adding any new feature requires to raise those minimum system requirements, that feature should be forgotten. Note: the last version of Go officially supporting Win7 is `go1.20.14` so it must be used to compile CompactBro.
 3. Compactbro assumes you are over 18 and are willing to view NSFW and spoiler content. By using this software you confirm you reached that age and have no issue with adult materials.
-4. Compactbro uses the `amber` engine. It turned out to be pretty backward and limited in terms of functionality, most notably it has no support for recursive mixins. That said, I enjoyed using this engine, it makes creating templates very fast, probably as rapid as it could be. Making page templates still eight around 70% of the time spent to develop this software, with any other engine I doubt I can ever finish it.
+4. CompactBro uses the `amber` engine. It turned out to be pretty backward and limited in terms of functionality, most notably it has no support for recursive mixins. That said, I enjoyed using this engine, it makes creating templates very fast, probably as rapid as it could be. Making page templates still eight around 70% of the time spent to develop this software, with any other engine I doubt I can ever finish it.

static/js.js

@@ -23,6 +23,15 @@ function hide(elem){
 function show(elem){
 	elem.classList.remove('hidden');
 }
+
+function isHidden(elem){
+	return elem.classList.contains('hidden');
+}
+
+function isShown(elem){
+	return !isHidden(elem);
+}
+
 function togDisplay(elem){
 	if (elem.classList.contains('hidden')) {
 		show(elem);
@@ -137,24 +146,6 @@ function setEvents(thing){
 }
 
 
-
-//------- Event Listeners -------
-
-function backgroundUnread(){
-	if (document.getElementById('msgTrigger')){
-		return;
-	}
-	fetch(baseURL+'/checkunread/', {method: 'HEAD', credentials: 'include'}).then(r =>{
-		if (r.status === 200){
-			const mail = document.getElementById('mail');
-			const mailcl = mail.classList;
-			mail.href='/message/unread/';
-			mailcl.remove('nohavemail');
-			mailcl.add('havemail');
-		}
-	});
-}
-
 function get(url){
 	return fetch(baseURL+url, {method: 'GET', credentials: 'include'});
 }
@@ -172,14 +163,23 @@ function pst(url,json){
 	});
 }
 
-function isHidden(elem){
-	return elem.classList.contains('hidden');
-}
 
-function isShown(elem){
-	return !isHidden(elem);
+function backgroundUnread(){
+	if (document.getElementById('msgTrigger')){
+		return;
+	}
+	fetch(baseURL+'/checkunread/', {method: 'HEAD', credentials: 'include'}).then(r =>{
+		if (r.status === 200){
+			const mail = document.getElementById('mail');
+			const mailcl = mail.classList;
+			mail.href='/message/unread/';
+			mailcl.remove('nohavemail');
+			mailcl.add('havemail');
+		}
+	});
 }
 
+
 function optionsDisplay(id){
 	togDisplay(document.getElementById(id).getElementsByClassName('options_expando')[0]);
 }