Re: [Debconf-team] concerns about storm.debian.net (was Re: Meeting this week: A general sprint on stuff)

To: Laura Arjona Reina <larjona@debian.org>
Cc: debconf-team@lists.debconf.org
Subject: Re: [Debconf-team] concerns about storm.debian.net (was Re: Meeting this week: A general sprint on stuff)
From: Joerg Jaspert <joerg@debconf.org>
Date: Fri, 23 Oct 2015 09:57:50 +0200
Message-id: <[🔎] 874mhirp8h.fsf@delenn.ganneff.de>
Mail-followup-to: Laura Arjona Reina <larjona@debian.org>, debconf-team@lists.debconf.org
In-reply-to: <[🔎] 562944F1.9060905@debian.org> (Laura Arjona Reina's message of "Thu, 22 Oct 2015 22:20:01 +0200")
References: <8c398896-6b38-439d-a6dc-a1230b165c3c@email.android.com> <[🔎] 0a049a4b-e278-492c-be08-e27ac75181cd@email.android.com> <[🔎] 87k2qessph.fsf@delenn.ganneff.de> <[🔎] 562944F1.9060905@debian.org>

On 14102 March 1977, Laura Arjona Reina wrote:

>> The main point that makes it entirely unusable is its usage of a
>> new subdomain for serving the javascript FOR EVERY NEW REQUEST.
>> This is beyond stupid and disallows any kind of javascript blocker
>> in your browser, unless you allow it to trust the whole debian.net
>> domain, which is way too far fetched.
> I understand. Would adding storm.debian.net to the white list do the
> trick?
> I've done it in my Iceweasel with NoScript and it seems to work but
> I'm not totally sure.

Only if JS gets served from there. The two anti-js things i tested for
chromium either want to trust all of debian.net for full domain, or just
the host, ie they dont want to allow "everything below this subdomain".
:/

In any sensible setup there isnt the need for it. :/

-- 
bye, Joerg

Reply to:

Follow-Ups:
- Re: [Debconf-team] concerns about storm.debian.net (was Re: Meeting this week: A general sprint on stuff)
  - From: Asheesh Laroia <paulproteus@debian.org>

References:
- Re: [Debconf-team] Meeting this week: A general sprint on stuff
  - From: Laura Arjona Reina <larjona@debian.org>
- Re: [Debconf-team] Meeting this week: A general sprint on stuff
  - From: Joerg Jaspert <joerg@debconf.org>
- [Debconf-team] concerns about storm.debian.net (was Re: Meeting this week: A general sprint on stuff)
  - From: Laura Arjona Reina <larjona@debian.org>

Prev by Date: Re: [Debconf-team] Protecting Debian from DebConf issues? (was: Collaboratively drafting the next DebConf) delegation
Next by Date: Re: [Debconf-team] Protecting Debian from DebConf issues? (was: Collaboratively drafting the next DebConf) delegation
Previous by thread: [Debconf-team] concerns about storm.debian.net (was Re: Meeting this week: A general sprint on stuff)
Next by thread: Re: [Debconf-team] concerns about storm.debian.net (was Re: Meeting this week: A general sprint on stuff)
Index(es):
- Date
- Thread