
Show HN: Kvak.io – Online Notepad - levmiseri
http://kvak.io/?n=intro
======
phelm
There seem to be some SSL issues
[https://www.ssllabs.com/ssltest/analyze.html?d=kvak.io](https://www.ssllabs.com/ssltest/analyze.html?d=kvak.io)

~~~
levmiseri
Thanks! Will address this today.

------
andrewla
A possible security concern is that this can store arbitrary HTML, including
script.

[http://kvak.io/?n=f9f2o1r2pd64](http://kvak.io/?n=f9f2o1r2pd64)

~~~
natpalmer1776
Ironic how you posted a note without a password so anyone immature enough (me)
could just tamper with your example.

~~~
andrewla
That breaks the visitor counter, since it relied on updating the underlying
document to update the counts!

I was going to go ahead and hide the lock button entirely to avoid this
attack, but decided I would get some work done today instead.

EDIT: after a bit more hacking, I removed the password and hid the lock
button. Nothing that would stop a determined adversary :) (Also, I kept the
Khajit change in your honor)

~~~
levmiseri
Great. Thanks!

Fix for this incoming. I don't want to limit HTML insertion in general, but
I'll make sure scripts are not possible.

------
levmiseri
A lightweight online note-pad for any quick text-sharing needs. Let me know
what you think or if you find any use for it!

~~~
breck
Neat! I like how it's lightweight, not enough lightweight stuff on the web
nowadays (except for HN). Allowing the option to set human readable permalinks
might be useful.

------
tomw1808
I like the unintrusive UI, but what I would really like is markdown support. I
am not sure if that fits _your_ initial idea, but I'm a tech person, so, for
me that's a must.

Also, add https, because google will punish you.

Otherwise, well done.

~~~
stevekemp
I created [https://markdownshare.com/](https://markdownshare.com/) to allow
anybody to create/share/render markdown.

Unfortunately these kind of sites are an abuse magnet, so it is in the process
of being retired.

I think any sustainable site/service like this has to be self-hosted, or come
with a subscription. Because otherwise dealing with all the bots, spam-
submissions, and other abuse is just too depressing.

~~~
tealpod
I know exactly what you mean. I made [https://Write.wtf](https://Write.wtf)
majority of it is just junk.

~~~
abi
Neat. Have you implemented any anti-spam controls? How much does it cost to
keep it running?

------
donmb
What would help a lot, if you could customize the generated parameter in some
way. Together with the password feature noone could "hack" into it anyways.

~~~
donmb
Also you could easily get rid of the "?n=" param I guess and just build a slug
like [http://kvak.io/fsf2o1r6yw5](http://kvak.io/fsf2o1r6yw5)

~~~
levmiseri
Both great ideas. Getting rid of "?n=" is definitely coming (current links
will of course keep working). Custom URL is also now on the list of next
improvements.

~~~
donmb
cool, looking forward :) I will abuse this then as a grocery shopping list to
share with my girfriend

------
zserge
That's cool! Reminds me of old notepad.cc and
[https://onthesamepage.online/](https://onthesamepage.online/) with very
similar mechanics and philosophy, but for visual drawing.

------
benrbray
Have you considered using ProseMirror [1]? It's a nice wrapper around
contenteditable that makes things like inline math editing [2] much easier to
set up.

[1] [https://prosemirror.net/](https://prosemirror.net/) [2]
[https://github.com/benrbray/prosemirror-
math](https://github.com/benrbray/prosemirror-math)

------
g105b
How I yearn.
[http://kvak.io/?n=bpf2o1s1jn1u0](http://kvak.io/?n=bpf2o1s1jn1u0)

------
monkeydust
This could be handy when you post on a forum or underneath a new article.
Sometimes you want to go into more depth but technically limited on space or
frankly it would be too much. You could have a link to note for those that
wanted to read more. Would like it if I could host on my server, and had
markdown (as said) plus some basic tracking info - # clicks etc.

------
grandpaa
[http://kvak.io/?n=lef2o1r142f1i6](http://kvak.io/?n=lef2o1r142f1i6)

~~~
natpalmer1776
NewPassword1

------
tleb_
Looks nice! You seem to be missing an about page and a privacy-related page
though. What tech stack is behind?

------
rammy1234
It doesn't work for me after I enter a password to lock it. I cannot type in
anything.

------
soared
Does anyone know of a replacement for the chrome extension papier? Made a new
tab in chrome into a persistent notepad. I built all my note taking around it
and my only option seems to side load it from now on.

------
maelito
What what the name of the similar service launched a few years ago by telegram
?

~~~
holdn
[https://telegra.ph/](https://telegra.ph/)

~~~
dgellow
Example of an article published on telegra.ph, if someone wants to see how it
looks with content: [https://telegra.ph/Why-Using-WhatsApp-Is-
Dangerous-01-30-4](https://telegra.ph/Why-Using-WhatsApp-Is-Dangerous-01-30-4)

------
baxtr
Very interesting tool. I wonder what the business model behind this might be.
How do you intend to make money? Do you even want to make money with this?

~~~
levmiseri
I don't intend to make money out of this. A happy little side project that's
easy to maintain and improve over time.

------
andrewinardeer
Down?

> Not Found on Accelerator > Description: Your request on the specified host
> was not found. Check the location and try again.

------
skapadia
Can you describe the tech stack behind this?

~~~
levmiseri
The entire thing is just a vanilla HTML/CSS/JS connected with Firebase.

------
berkas1
Could you make it redirect to https automatically please? Will the source code
be available?

------
leokennis
This is a great way to quickly share text between my personal phone and my
work machine :)

~~~
quickthrower2
Not great for secrets tho

------
vishnuharidas
Password for editing is not worth it, but a password for reading will be
totally worth it.

------
davidcollantes
Will love to self host something like this. Would you be willing to open
source it?

------
nurettin
I can't help but notice that this was done in django.

~~~
levmiseri
It was not. If the code suggests that, then it's just because I'm not a very
good developer. All basic HTML/CSS/JS + Firebase.

~~~
nurettin
Oh, I didn't read the code, the favicon shown by my browser confused me.

------
donmb
This is amazing. As simple as it can be. Good job!

------
ellis0n
Would be great with client side encryption

------
ian0
This is really good, extremely simple.

------
useless_foghorn
adding a QR code generator would make this super mobile friendly.

------
ahstilde
reminds me of shrib.com/

------
scott31
Why should I use this when there is HN for collaborative discussion?

