Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Melhora minha página de membrana em aproximadamente 798932 vezes #108

Merged
merged 15 commits into from
Aug 20, 2024
Merged

Melhora minha página de membrana em aproximadamente 798932 vezes #108

merged 15 commits into from
Aug 20, 2024

Conversation

LuNeder
Copy link
Contributor

@LuNeder LuNeder commented Jul 2, 2024

Adiciona um gatinho à minha pagina de membrana!!

@LuNeder LuNeder requested a review from Misterio77 July 2, 2024 20:55
@LuNeder
Copy link
Contributor Author

LuNeder commented Jul 2, 2024

Ué, aqui localmente no nix develop funcionou mas aí no staging não :(

@Misterio77
Copy link
Member

Misterio77 commented Jul 2, 2024
edited
Loading

Não funciona no staging pq vc ta usando um link absoluto, que começa com /. Isso só funciona se a raiz for a raiz do site, que não é o caso do staging.

Isso é fácil de resolver, tho. O jekyll sabe qual path ele tá, então vc pode usar {% link assets/foo %}, tipo assim: https://github.com/gelos-icmc/site/blob/main/src/_layouts/root.html#L21

@Misterio77
Copy link
Member

Misterio77 commented Jul 2, 2024
edited
Loading

Se vc puder, tho, eu prefiro q JS (e outros assets) q não se aplica ao site todo seja linkado de um lugar externo (e.g. uma CDN), pra não pesar o histórico do nosso git

@LuNeder
Copy link
Contributor Author

LuNeder commented Jul 2, 2024

Não funciona no staging pq vc ta usando um link absoluto, que começa com /. Isso só funciona se a raiz for a raiz do site, que não é o caso do staging.

Isso é fácil de resolver, tho. O jekyll sabe qual path ele tá, então vc pode usar {% link assets/foo %}, tipo assim: https://github.com/gelos-icmc/site/blob/main/src/_layouts/root.html#L21

hmmm, ainda funciona localmente mas nao no staging

@LuNeder
Copy link
Contributor Author

LuNeder commented Aug 20, 2024

Se vc puder, tho, eu prefiro q JS (e outros assets) q não se aplica ao site todo seja linkado de um lugar externo (e.g. uma CDN), pra não pesar o histórico do nosso git

Pera, isso não é meio unsafe?
🦀🦔

@LuNeder
Copy link
Contributor Author

LuNeder commented Aug 20, 2024

(isso aí foi um rebase)

@Misterio77
usar oneko remoto para não vendorar
545853b 
Com hash e SRI é bem safe
@Misterio77
Copy link
Member

Misterio77 commented Aug 20, 2024
edited
Loading

Se vc puder, tho, eu prefiro q JS (e outros assets) q não se aplica ao site todo seja linkado de um lugar externo (e.g. uma CDN), pra não pesar o histórico do nosso git

Pera, isso não é meio unsafe? 🦀🦔

Não se você usar de um lugar safe (e.g. github, forkado talvez). Se quiser absoluta garantia, é só usar SRI.

Aqui um exemplo:

<script src="https://raw.githubusercontent.com/adryd325/oneko.js/b323d71126726e4487c10f0d75fc47ac37ead11c/oneko.js" integrity="sha384-j7T4YgaJr82nh4zGyb1Xja4Fr9q8/zBsuW+RZuT3uaYrROfMkxuv+kIz29KayScD"></script>

@Misterio77
Copy link
Member

Botei aqui na branch, vê oq vc acha hehe

@Misterio77
Copy link
Member

Pera fiz merda, um se c

@LuNeder
Copy link
Contributor Author

LuNeder commented Aug 20, 2024

Não funciona, provavelmente por causa dos outros arquivos que o script precisa (foto do gatinho e tal)

@Misterio77
Copy link
Member

Resolvido

@Misterio77
Copy link
Member

Não funciona, provavelmente por causa dos outros arquivos que o script precisa (foto do gatinho e tal)

Dá pra carregar ela remotamente tb. N tava funfando pq o raw.githubusercontent.com n retorna o mime type certo do js, então coloquei pelo jsdelivr.net. Com o SRI fica bem safe de usar.

@LuNeder
Copy link
Contributor Author

LuNeder commented Aug 20, 2024

Hmmmmm n ta dando pra fazer carinho, certeza que pegou da repo certa? (https://github.com/tylxr59/oneko.js)

@Misterio77
Copy link
Member

Ahh n sabia que era esse o fork certo, um sec.

@LuNeder
Copy link
Contributor Author

LuNeder commented Aug 20, 2024

Dúvida: não daria para um malfeitor alterar o .gif e fazer malfeitorias assim, já que (acho) só é checado o hash do .js?

@Misterio77
Copy link
Member

Misterio77 commented Aug 20, 2024
edited
Loading

Dúvida: não daria para um malfeitor alterar o .gif e fazer malfeitorias assim, já que (acho) só é checado o hash do .js?

Então, é bem improvavel pq eu to puxando um hash de commit especifico. Eu to usando o short hash (8 caracteres), mas se vc quiser ser ultra safe dá pra usar o hash inteiro. Daí é impossível existir outra gif num commit com o mesmo hash hehe.

@Misterio77
Copy link
Member

Se vc quiser ir pro extremo, dá pra especificar o data-cat como um base64 do proprio conteudo da .gif ehuaheuahea. Assim:

    data-cat="data:image/gif;base64,R0lGODlhAAGAAJECAAAAAP///wAAAAAAACH5BAEAAAIALAAAAAAAAYAAAAL/lH8AtizbkJy02ouz3ljxD4biSDJBACXPWrbuCwIoTNd2fEKKp0faDvTdhiTZjIgkel4y4Cm3wz0VKGGyEi1ZJcbj9etqbqXdJ/QjLkOz4ESuKIybl7exiF6ftpq5uf6nBmXm1fZwFtLElRBICJPIVDVUZgc45ffWATFHNVnI9cdhFGcyOKc1IQp5OMJmuMnaNQmaIds36+naeBGrKFqKedfIuzdI2bH2EGiM9ftrB5RbfIubu0w15aOJ0rxskUo6LfWKWMyom+lUDk0huuMcDrjOiu3NvWjpXPSnHMpmroOm2TZToQSWehbLXJ9uE/wgkHdsUxxlmK5hK6bvYr4f/9gsHnzEUWAnNNdi0duV8B+wGDIk9NnwLwKjb9o8LoRIyyDBkDoFMYwm8tyuKmrcWVOIryKeoewCMKCEdIbKI9p6nuSpk6HCoiBzJr3082nPpewo8im3EkuQh06gjo0q1US6rDCDwmt68GOkukmLInKn7idcaUIRlGJx0a1ViZ1kxtwYEe1OrAMlF/4kslVBuv0Wf2OZ7e5gqz22GrSWF2NAsAknDyXalxxpcadX0TIa5CrmxSLBcRvLlgvgTWtwohpeWZDreu/SRp692m5Xb75sybIymlurILU4G5KjV+NdoPlsap27drNn2Vlto7qk3A/45tqZES25/vNTTh2Ri/82upFf4gzD13rsGfjeV6c5pl1WCLFlU2bTmBehampZBttykVnUDQ+8SRXWVAfZZ8tbbqjjWYjZ/QcYhyOiUyE/6r041FwO6vccYRbultyCDbRTUoyTqPhhhygKSBl8zjH3EVYVYihYbTueqOA7j4hx337c9UhkFc5odhx5Ch4lZolLCkdeKmTx+OGZTH7kEXZ5+TfQlZzE4+V4Wtqo54lxKnmZK39+teZD8eWZpzHDpYNeoa9BRiCVhJp00yJkRPqeixIViGhreg7Z10hvagoZSjIBA2Z0O+IoZlHSTPfXfsc8GRZQlHKZ462ivlnZVqkyWSuMkbIqoiWcwPoFd9z/gdYXPspusWiz9xmXjK5cchhdsHzJAa12WyZKTQ3mrVFcqckQ1iKdwriaIZzBsuqIc4V+y5h12oar1rOl6Ysdv9Xy26++/yoLBxLwwkTwwI7iy3DDDhMT6MMST0wxvgtXjHHGuKQg01OOXKwxSyGPjMYKHR+c77f3kvzJyiwzoW0U+wo6I3ovQ+wyxr+SAQtyy97GX3Ix/2zDzmoZ6qYWRNfBIcjAzjPVg6TuyoE0RSfUjw7lwJGFMk4jrG7EeIl9odALZUKohjAZIu5MHYZNNps/apqzb8UZ/drKpPaKGn1xN9QSDVEdNfgd2JKCsqpbGx7k12yl7d7Yp+kzEd6S/9tjqplqF9hi5AfWp/iUXgGX45eWfyKAU4a9FDrmwX2neZ+PkltnP4uM5jhcguUWGMhIcfV2em7Q5p1ccp1FYzDQ5fQjosXPPnkly0OPoAW/3J57m3NXJJ7orduzsJqxa24kb+dVx3dn2pMwyLa/oYgqhtsIz6mDhODhaY/69z0+1fX4ZxTiTS8MwCqWjM6lvSh55gx3kpSO9Bcxk7gKU9Qx0YyqR4xuvaFYkEJgkS74vviExi4QVBSlTqgbU3nNcXbD4NqQpsHmhdB1+2lQ8kpHHB2NMIQHLMtCpDU/z7HJXKNbX0BOJS/ukTA1lUsNDXEIwdr5CXL745XZujMe3P+RJIfPiwjv9uIGGS4RXZfTnfoAlTz0daeHwvki7fqzsxWFqEq9AZp85PO6Fk7qhJIbTK3YVcfO2WtvcfMjCKO3reyYkHwTpF6JgDQO4YyPiFCkoRy9RyJEFpF0nEvRo3CnGOIYsixPalLNphYXQZEGk5d7YlnKBD6tTNKUJAIlSso1ygqaL3RqBKMfY6MeQCrqPilKnJ+0mElQIuSR4ekT8gaYNydOB0voctaAdPicUnbvPM5TTjvKSBpkqbJdyKBfjQ4lHgUWro30CmLSxsYu37WJlT4cF6NaSU20iJOaXPkb9vi0QQoyJ0JiGNUd/Wk3ruCpXMRExhZ9FtAk6hD/lWtaQhpaFAxCboeF1VjUMCf1zrJZiSRIdMy9AJgeYvmNS/NDh5+g9g9xMUacMBTkSavVkZA+TRXFOVqCnGgsLJFJVlwTmEyVGEGTFvQOJoOGMXcKM2rVD47p0unNoPrUfBXBZCrIKl7qpgQ3MvSbV81ISS3GVQc00HBXfdaeOFrW42QDrKxIK1fpGte86pWAJ2PBXv8K2MBeQapME6xhw6SzdiZMpng9LEnygFCgmfN/z5QPTZXX2ImdzqxFs2pn4hQS/DjLqzx5FztKprQmOlRw/tOCZ6lDpwB6kYqkveUthskt283jft6C66gE99pMdlOIUzQTHyG2OL/a56x1/4nZbdsZ3E8CN7I/nd+fHFXZoOTsdw7Aquxolq181bGo/SFvljLCzKRQNrZtQS4ZQymVze1GgULRZnQdeMOpynd0KqFWdn+z3felQLgAvE0koSrJcDpmk66s5HfhaTp49dK490WaNJ9BTth8NL/3cBMoqRIoRR6SksxbUArDiFLZupaLxL2O0KKZ3BpuDpDvTdqKxCZHMnjrxMUVMOOClkOaVoduMLYQraxIERHObib79Q2Ts2hRNNISnnE63BkXiJAhd6TIGFlndanIYSpVFnnlc6exsojOIHrNwWEWbm+l2EfyWbGZ4x1irzSZ4Do5i8cW1rN1ZjzLBrdS0G4erv+SkynnZMKtzkO8FSXxY60fgvGnke4VlxdUEFpd1s507CmwjOvIeRYmyWazTqMPGrsxOPqZAhVLFOnpQxZPOo+w7PSntslgUWNYh/DBkbLgR1VVMzKe/ws0QuOJSZD8kqoLJQrYbpzsiYq2TtiF5nJXeY5p4zlJ6AuH+LDNO/qeNGxbIfAHQw1rVy97KTd2bjW9l78bzfWC7jbxl768bjZbFci1IQsHH9znP0c7gStOd55vxOFKb3u+2PSKRjUyHynfN8lsDLiDCt7m48i6off86p71yd+Gz+rh5Ip4oOv9cfkCNFHjhiVAoHfRjUK6lkJb1tvIJzsA4fwmO2woiXP/zeg5u3Uzg/LmqNIQ2l2z2uCuHtNqaAxnMeMX4BYH6O6EOeujh0pDnvrjR4ue9XOCLmu+quhKYopepE4cwLLstdNJ6TFJDLK2iGvagEFj92rz9m7u7fnQ/AU2IKaEsEk4Fh18qyanKvfHRgJPYynYajCMK0M0zizYpnt3jm1MTtRdruct5i+AbfZlBe2r5TF7NZQ49rCaV+viLVbh1cueqZl/fcN8O/vc676NTMN9rHYviQVbSmd3I7xcqzx6HJx+96VXSueV0J8mc3r54AX+UWuCuB/UlTa+MH6Ha+F7BPvutKzF62KfDl6vjgIVD1FeeiMRPtq2bWt4m+bzOxx2/5K+aLJ9Lkk0tBJGLdNdB7JG/LNG0xVhXvRSSnNvmLVltqJ13SQY2UeBaYd26MZ0bGY0BBJ5QEd1xYVEzjZngmZ28SMvbddFx7dC4Td11AZfVUFdZmQ4g5Rzu0QdPAKD8yZZMoiB0gd03ccrBXaDnJZx15ZhZcZJQwg8XUY4D1SEYkYo8WIlQmZtAWhxQdeDNehCWUg20NaFKcaCLWhllCZyXyVGWzh89vVdudRJvZYkFiQ9Y/cXOtc9ozYmt/ZGnaYfh5dhC+dxTJQyDOeGWkKEWJgyPrM0cWg+u8ZS70RqUWRlzWds0td9r/JajmZp+vaE6iYl2UNwjOiHLaiH1f9Qd1hkiAkyYbXFhoOWhJfWHCi4cau1XjQIXytFEDRRJdoUJZW2aS0jWirGiq04UGOhU78DJ/qlcrPEXenXHj/XFC5mLAIEa340JM2FZR74diMWYsrIGVfSjAemiEf4LqcoitKkjeSoR0D1LnbncDllazo4OBn4OHCof7IobClyiefGhdSGXjfnjhIHisKYCR6EaXCFKciiho/0PYTWdPKWdhG0SgR1WmT2j5G1aA9IPMx1cJ0ojeQoRy4zE9gYVEFyISgkj3kmTCinBwfzYf6UY4WWGRiXbv3Ea/kHO6kWeyRnkyMYdfPYDnqBeGjYUV9CXANZbuHjVBQyZDBpTQXFJ0yPZRrzgkuSoTe/w4ge4i7eV1NK4n+ZFk/7lF1dyYCA4olgJ5bHNE4lt13p4jv4M3leAotT01oDlRtzo0s+B1b/dTZOoitUQxNilXx5w1MgRxkK55Ko4jQx54MOZ3f7VpO4giakNJeykZcAkzWCF2yXF3doA2KxV11udD6YKYtkF4YV+DCTJ0hRaDAmeH+Y4XgIgy7atpOeQHeFF3qiR30VWJsKCEPPRjCWqVm5yXxzZXlLdQ/CaX3JCXqvpJzN6ZzUUAAAOw=="

@LuNeder
Copy link
Contributor Author

LuNeder commented Aug 20, 2024

Yay, ta funcionando! Obrigadaaaaa

@LuNeder
Copy link
Contributor Author

LuNeder commented Aug 20, 2024

Por mim pode mergear, só precisa do teu review

Misterio77
Misterio77 approved these changes Aug 20, 2024
View reviewed changes
Copy link
Member

@Misterio77 Misterio77 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@Misterio77 Misterio77 merged commit 6719633 into main Aug 20, 2024
4 checks passed
gelos-bot bot added a commit to gelos-icmc/infra that referenced this pull request Aug 20, 2024
@gelos-bot
flake/lock: atualizar gelos-site
e373856 
unpacking 'github:gelos-icmc/site/6719633cdd60e07ad1db408ce00c697aba5f1fe4' into the Git cache...
• Updated input 'gelos-site':
    'github:gelos-icmc/site/0dd506208e9fc35729862167212c4a1f8b65d798?narHash=sha256-FgrEVupwijVWglaPpatlphBaoqtwfV7ekXjJf%2BJls1w%3D' (2024-08-20)
  → 'github:gelos-icmc/site/6719633cdd60e07ad1db408ce00c697aba5f1fe4?narHash=sha256-sz5SuLpLkbbWL0SyifqeCiLsK8i0IeDgBh9zZmmIxU8%3D' (2024-08-20)

gelos-icmc/site@6719633 gelos-icmc/site#108
@LuNeder
Copy link
Contributor Author

LuNeder commented Aug 20, 2024

Tks :D

@LuNeder LuNeder deleted the luana-update-membrana branch August 20, 2024 02:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Misterio77 Misterio77 Misterio77 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@LuNeder @Misterio77