Re: OverbiteNX

To: gopher-project@other.debian.org
Subject: Re: OverbiteNX
From: Cameron Kaiser <spectre@floodgap.com>
Date: Sun, 21 Jan 2018 09:19:16 -0800 (PST)
Message-id: <[🔎] 201801211719.w0LHJGRW7340254@floodgap.com>

(replying to both)

The protocol handler approach is the key. Note that Chrome doesn't allow
"gopher://"; to be used this way (yet -- Firefox didn't either but I
successfully talked them into it).

As far as redirecting to a web handler, that's OverbiteWX. In fact, 0.4 will
come out later this week with some internal plumbing changes that fix the
extra redirect steps in history and also switches the proxy to use HTTPS to
Floodgap. The next step is multiple proxy support. OverbiteWX will not be
decommissioned since it's the simplest thing to do.

However, I still don't like having to bounce gopher requests through
proxies for both privacy and efficiency reasons. A native TCP sockets
feature in Firefox would neatly solve the problem, but this would at least
get native connections even if a few more hoops are required.

A C implementation would be the best thing for Windows, and I can cross-compile
C binaries on my Mac using mxe. The downside is that transactions have to
occur in JSON, so this is a little less convenient to do in naked C (I could
add a JSON C++ implementation but this would bloat the binary, and certain
limitations in how data is sent means I'd probably need to implement base64
as well which is a lot easier to do in vanilla Perl even without any additional
extensions). The other downside is that it excludes non-x86 unless someone sat
down and built binaries for them, which (as I use Power ISA most frequently)
would be suboptimal. But, nothing says there couldn't be a C *and* Perl
implementation, and each one chooses that.

The install means is:

- Install the extension into Firefox.
- The Firefox extension tells you where to get the native component.
- You install it (either an NSIS/MSI for Windows, a macOS pkg for macOS, or
  a shell script for everything else -- I'd also consider a .deb or .rpm here).

The native binary/script would have a white list of ports, so it wouldn't
just allow anything to connect to any port and be used as a means to attack
other systems. It also wouldn't do any interpretation other than turning
binary data into base64; everything else would be passed to the extension.

Again, I won't embark on this if there's significant resistance, but I think
I could have an MVP running in a month at least for macOS.

Expanding the protocol is not in scope for this project, though I certainly
think some good ideas have been mentioned.

-- 
------------------------------------ personal: http://www.cameronkaiser.com/ --
  Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckaiser@floodgap.com
-- Seen on hand dryer: "Push button for a message from your congressman." -----

Reply to:

Follow-Ups:
- Re: OverbiteNX
  - From: SiMpLe MaChInEs <simple@sdf.org>

Prev by Date: Re: Project Gutenberg
Next by Date: Gopher over TLS
Previous by thread: Re: OverbiteNX
Next by thread: Re: OverbiteNX
Index(es):
- Date
- Thread