Monero logs

00:08:34 plowsof: it doesnt seem to like the FOSSness of the * , but tor is working now

00:16:09 plowsof: ive lifted a csp from (under 'to tighten further..' https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html

00:18:16 plowsof: which gives an A+ 🤷

00:27:02 plowsof: and breaks the site, oops

00:28:59 plowsof: too aggressive , ill leave it up for redsh4de to take a look at the browser console errors , otherwise have to revert to something else

01:58:37 321bob321:monero.social: Which proxy is it ?

01:58:42 321bob321:monero.social: Caddy ?

06:43:57 redsh4de:matrix.org: good call, forgor about this: will add today

06:44:19 redsh4de:matrix.org: will investigate

08:32:36 redsh4de:matrix.org: pushed changes that resolves most of the csp issues, but update the headers to also include `media-src self blob: data:;` to allow loading local media content, and `font-src self data:;` to allow loading of the local fonts

08:44:54 redsh4de:matrix.org: Apply this CSP and it will work fine:

08:44:55 redsh4de:matrix.org: ```

08:44:57 redsh4de:matrix.org: "default-src 'none'; script-src 'none'; connect-src 'self'; img-src 'self' data:; media-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self'",

08:44:59 redsh4de:matrix.org: ```

10:47:00 redsh4de:matrix.org: 'unsafe-inline' for style-src is pretty much required for the icons to work as dynamically as they do

10:50:24 plowsof:matrix.org: thanks, added it and pointed to your repo https://beta.monerodevs.org/

10:50:47 plowsof:matrix.org: onion link in the headers

10:52:26 redsh4de:matrix.org: And we still have a A+ :D

10:52:26 redsh4de:matrix.org: https://securityheaders.com/?q=+https%3A%2F%2Fbeta.monerodevs.org%2F&followRedirects=on

11:03:52 plowsof: Dan proxy : its..... im sorry its nginx , the built in coolify option + Nixpacks (rather than a Dockerfile like monero-docs)

11:35:42 basses:matrix.org: cool

11:36:14 basses:matrix.org: but you will have to re-run these tests for also the server hosting the website which will be getmonero.org

11:39:59 basses:matrix.org: https://internet.nl/site/beta.monerodevs.org/3545181

12:28:37 plowsof: security.txt .. interesting

12:30:17 plowsof: lets see if they accept a redirect @ beta.monerodevs.org/.well-known/security.txt

12:31:29 ofrnxmr:xmr.mx: It says redirects are ok

12:32:04 plowsof: ive put an example contact email there

12:33:02 plowsof: signed too because we are crypto peoples

12:33:42 plowsof: the scan site may take time to load or the format is wrong : i created using https://securitytxt.org/

12:35:00 plowsof: same for ipv6.. added a record for it but not appearing in dig yet

12:37:14 plowsof: bumped to 92 . adding ipv6 complains about https... will check soon, no idea

13:07:49 redsh4de:matrix.org: rando: magnet link uses a avif icon now, and the download dropdowns have been made prettier + more consistent with the rest of the page now

13:08:07 redsh4de:matrix.org: https://matrix.monero.social/_matrix/media/v1/download/matrix.org/mpYNhcohycprYrPbFgqLWeSP

13:47:50 basses:matrix.org: menu localizable?

13:47:59 basses:matrix.org: platforms menu localizable?

13:51:30 plowsof: rando 100% now but its ignoring the security,txt :(

13:52:03 basses:matrix.org: nice

13:52:24 plowsof: ignore, i added en,Esperanto which is wrong in languages

13:52:33 redsh4de:matrix.org: should be en, eo

13:52:59 plowsof: thanks

13:53:34 redsh4de:matrix.org: not yet, i'll localize non-brand words like installer, tarball, etc

13:54:35 redsh4de:matrix.org: I put up security.txt on the github repo itself just now, so that the scanner does not complain about the mismatch of canonical and the gist source

13:57:21 plowsof: 🙏

14:06:35 basses:matrix.org: redsh4de extrnal link icons reverted to LTR?

14:06:48 basses:matrix.org: https://getmonero-redesign-impl.vercel.app/ar/downloads/

14:07:31 basses:matrix.org: all icons too

14:07:38 basses:matrix.org: in RTL

14:12:24 redsh4de:matrix.org: good eye, fixing

14:17:36 redsh4de:matrix.org: pushed just now, with localization for download dropdown

14:17:49 redsh4de:matrix.org: the vercel link will update quicker

14:18:27 basses:matrix.org: https://www.getmonero.org/404 Diego Salazar any ideas for 404 page for news redesig? I like the simplicity and tongue of cheeck descn

14:18:59 basses:matrix.org: https://www.getmonero.org/404 Diego Salazar any ideas for 404 page for new redesign? I like the simplicity and tongue of cheeck desc of current one

14:25:55 basses:matrix.org: https://matrix.monero.social/_matrix/media/v1/download/matrix.org/OpSCILTDfXWotmKPAUtORVKU

14:26:09 basses:matrix.org: I was thinking of making this optionally localizable

14:26:42 basses:matrix.org: https://matrix.monero.social/_matrix/media/v1/download/matrix.org/TVFtZvzFOLBKvVrXlXoImsPV

14:26:47 basses:matrix.org: would look like this for arabic

14:26:54 basses:matrix.org: https://www.omniglot.com/language/numerals.htm

14:34:10 redsh4de:matrix.org: can do :D

14:40:15 basses:matrix.org: just add t(), as if we did by default, some will want to even use the "universal" numerals 123...

14:40:46 basses:matrix.org: just add t(), as if we did localize them by default for each locale, some will want to even use the "universal" numerals 123... for their locale with theor own numerals.

14:43:44 redsh4de:matrix.org: Won't even need t here, have something simpler in mind

14:58:53 redsh4de:matrix.org: ```js

14:58:54 redsh4de:matrix.org: export const localizeNumber = (

14:58:56 redsh4de:matrix.org: number: number,

14:58:58 redsh4de:matrix.org: locale: keyof typeof locales,

14:59:00 redsh4de:matrix.org: minimumIntegerDigits: number = 1,

14:59:02 redsh4de:matrix.org: ): string => {

14:59:04 redsh4de:matrix.org: const localeString = locales[locale];

14:59:06 redsh4de:matrix.org: return number.toLocaleString(localeString, {

14:59:08 redsh4de:matrix.org: minimumIntegerDigits: minimumIntegerDigits,

14:59:10 redsh4de:matrix.org: useGrouping: false,

14:59:12 redsh4de:matrix.org: });

15:05:06 redsh4de:matrix.org: live on page rando : https://getmonero-redesign-impl.vercel.app/ar

15:11:28 ofrnxmr:xmr.mx: http://beta.monerodevs.org/.well-known/security.txt LMAO [@321bob321:monero.social](https://matrix.to/#/@321bob321:monero.social)

18:44:36 321bob321:monero.social: Need robot.txt too ?

18:49:44 ofrnxmr:xmr.mx: Did you see the contact details [@321bob321:monero.social](https://matrix.to/#/@321bob321:monero.social)

18:50:47 321bob321:monero.social: Yeah

18:59:09 ofrnxmr:xmr.mx: At least we know that is account is used

18:59:36 321bob321:monero.social: Always monitored

19:01:39 321bob321:monero.social: For 404 page should have something like “oops boating accident be back soon”