Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: 1Kb Webspace (uber.space)
88 points by Visurox on Jan 26, 2023 | hide | past | favorite | 61 comments
Hey guys, I wanted to introduce you my hacknight project.

It is a tribute to onekb.net which has stopped its service a few years ago. Currently it is still a beta where external resources are also possible (but not the point ;) ) to get your opinions.

When it is finished, the source code will be open source. The secret word is therefore also hackernews.

P.S.: The source code is currently 2.4Kb I'm trying to make it smaller. 1Kb would be my goal.




Having to say that here: the shared Webspace hoster used for this project is superb. the most nerdy German spaced provider i ever met. https://uberspace.de/en/ it is pay-what-you-want and truly into Unix philosophy and modern linux userspace at ssh access level.


Exactly. And its much better to use them, instead of buying a domain and webspace for may 5 users at the end who "code" more then test or hi.


I think I broke it by creating the username `index.html`. Sorry, I wasn't expecting it to do anything.


Now try `.well-known/acme-challenge`, or the `google123456789asbcef.html` authentication file!


Hmm, what is "the google[...].html authentication file" ?

We roped off all of /.well-known/ and it is after all under a dot directory which ought to have been caught by a lot of existing software anyway, it seems like if people have things they want treated this way they ought to live in /.well-known/ too, it's not as though the registration process is onerous, you just need to write a specification for your thing.


Answer about the Google file: https://news.ycombinator.com/item?id=34544351


The Username google43434343 would be too long. Max 12. :) Also input a forbidden list which should be filter the most crap in usernames. :)


Just numbers and letters are allowed. but yeah, the google file whould be useless but possible bad. Will think about!


What do these do? The latter is, er, ungoogleable.


Google lets you prove ownership of a website by hosting a specific file with a unique name they provide. When you’re the owner, Google lets you see search analytics for your site.

Here’s the one for my site: https://memalign.github.io/googlefc60e159eedb4219.html


Ah nice to know. Another point for the todo list! :)


Is that you, Bobby Tables?


No Database.


Fixed. :)


winning


True, but this is exactly why I post it here. To see my mistakes and fix it before put up a project for everyone. :)

Betas ftw!


You can store up to 2KB of data in the URL, so you could actually run this service with zero storage costs, just generate a URL containing the provided code, could be signed if you want the username to be the only one with control of the content


Storing data in the metadata reminds me of the $5000 compression challenge: https://www.patrickcraig.co.uk/other/compression.htm


This is a fascinating line of emails. I am somewhat astounded of how terribly Mike handled the sportsmanship side of things -- what was he threatening to sue over, anyways? Someone who successfully paid him $100 and had respectfully inquired for the prize?

I do not handle people who act in such a volatile and aggressive manner well, especially if so spontaneously. I appreciate Patrick for having good sportsmanship, keeping the situation calm, not re-engaging, then publishing the exchange for everyone to see.

I recently had an exchange like this where someone blew up at me in a very toxic manner over a text-based medium, and having the messages saved certainly helped from an accountability standpoint.

Thank you again for sharing this anecdote, it was very interesting.


True! I still like my way, but feel free to code it like you wish, more nerdy stuff is always welcome. :)


Ah, I already did this! :)

https://wgx.github.io/anypage/editor


Looks cool! I created something similar a while ago, which allows you to store any kind of data in the url (web pages, audio, games,...).

https://mkaandorp.github.io/hdd-of-babel/


> https://mkaandorp.github.io/hdd-of-babel/

It broke 3256x880 (225 kByte) PNG image, drastically ripping it to 407x110 (3.4 kByte) JPEG image.


Thats pretty smart! I rem I did something like this with a notepad. Would love to see to future code!



The increased CPU cost of that approach maybe outweighs the saved storage cost?


Maybe it's just me, but I have no idea what this is (I never saw onekb.net) and how to use it.


Heres an great example from the 1kbclub: https://1k.lom.me/ Without the htaccess, the complete site is 555 bytes, so you would still have ~500 more until you hit the mark. :)


Its a 1Kb webspace. It should bring you to simply and shorten as much as you can instead of big size webpages. Archive.org has a backup: https://web.archive.org/web/20131208003019/http://onekb.net/


> Visurox 3 hours ago [flagged] [dead] | parent | next [–]

> Sorry to tell you, but this is an absolutly useless comment. Even if I would say your right, is the only point an uppercase mistake. Yay. FeelGreatMan.

Someone was teaching you the difference between a kilobit and a kilobyte in notation, and you responded this way? Sheesh.


He's right: this kind of pedantry is almost always useless because it's nearly always bytes unless you know you're talking about line serialisation or codecs.


I dont need someone who tell me the diff, I just make an upper and lower case type mistake. Cool down.


Shameless plug - but feel free to add to the 1kB Club [0] once it hits the 1kB mark :)

0: https://1kB.club


Its ok for me. :) I thought last night about but may I cant hit the mark with this project. Thanks god, I have a lot more. ;D



@Visurox Didn't work for me (wrong secret), but I like the idea.

I was thinking about a variant of this, but I am somewhat concerned about abuse of such a service. Being 1kB you aren't going to get much in the way of image media, which is a major concern. Objectionable text I care less for. The concern I have is malicious JS (but I couldn't see how you handle this).

A few things you would definitely need:

1. The ability to handle takedowns (i.e. somebody adds doxxing information, or uses it to launch some attack script).

2. The ability to edit content. My solution to this was that a key would be generated and this could be used to edit.

3. Some protection against creation abuse. You better believe somebody would create 1 billion 1kB pages, just because they can. I would maybe have it so that the user puts in an email and a page edit code is sent to that email address after some artificial delay. It's not fool-proof but might slow them down. Maybe you also do some additional checks, like keywords, entropy, etc.

Anyway, all of these problems are precisely why I never decided to go through with this.

Another idea was to provide an ultra-minimal VM web server, where you run some lightweight byte code to process requests. Maybe there are some exciting possibilities with this, but similar concerns are still there.


I posted before, that the script is in maintenance to fix this and that.

1.: Theres an email on the buttom. ;) 2.: I thought of it, but that would make everything more complicated. So, no, not for now. 3.: In the new beta is an temp secret word. Not the best captcha, but yeah, it works. And I think about a localhost entry if the user made a website before. May in mix with the edit function. If someone would spam, they will do, no matter if I save the IP or did hundred checks. Thats the net. :)


> 1.: Theres an email on the buttom. ;)

I saw this, but if it was to for some reason to get even remotely popular or abused, this would not scale.

> 2.: I thought of it, but that would make everything more complicated. So, no, not for now.

Sure, but it also allows for the right to delete content, etc. I don't think it has to be complicated.

> 3.: In the new beta is an temp secret word. Not the best captcha, but yeah, it works. And I think about a localhost entry if the user made a website before. May in mix with the edit function. If someone would spam, they will do, no matter if I save the IP or did hundred checks. Thats the net. :)

I don't think it needs to be fool-proof, just add enough resistance that it's not worth it. It is just 1kB after all, if the barrier is significant enough people just won't bother.


Nice.

But please, if you are in IT, don't mix up kb and kB. There is a x8 size factor from the bit to the byte!

[Edit: and "kilo" is a lowercase k]


I am not in IT, just an ordinary nerd who made an lower instead of an uppercase. On the website itself the title says all. 1024 bytes.


The site is going into maintenance again overnight. Many many folders consisting of only a "hi" or similar make me doubt if too many on HN don't know what is meant by "code". ;)

Anyway, the secret word is changing and will be reset in about 15 hours. So far the beta has been quite successful though, as I've been pointed to many things that I didn't notice when I created it.

If I decide to use the whole thing with my own domain and webspace instead of uberspace (which were only for the beta test), you will find out here. At the moment it doesn't look like it will be profitable.


> Many many folders consisting of only a "hi" or similar make me doubt if too many on HN don't know what is meant by "code". ;)

I suspect it's just people experimenting with how it works, what it allows or doesn't, and so on. I wouldn't focus much on the cruft.


What is code?


So, I will change the secret word for now (1-2 hours) to fix some stuff the user mention here (thanks!). And to the one who post the snake game, stop it, I need to code! ;)

After then, the word will be the same as before.


Since you can insert arbitrary JS, it feels like you could write a loop that ajax posts a bunch of new webspaces when someone visits a webspace. Might look into protecting againt that.


Just for now. Later after the beta (which is nearly finished) no extern stuff will work, just the basics. But you’re absolutely correct!


src and href are now forbidden tags. should be filter out the most crap.


The site doesn't seem to work, says "Wrong secret word" for hackernews.

Is there a list of pages people have made?

So with out src & href you can't have links, seem like a massive limitation. Was trying to a submit a personal site with external links, guess it's no use now.


There's srcset, and things like generating content with JS, inline css base64 images (background: url(data:...), and lots of other loopholes. The author is going to re-live a lockdown path many others have gone through ;)


The prob is, when you allow clickable links, you cant count the spam sites or with evil code.


Filter for username and text is online, thanks to the users! hackernews is the secret word again. :)


Is it working? I've got my code ready:)

  <style>#b{--s:12vmin;--w:100vmin;--h:calc(var(--w) / 2);position:relative;width:var(--w);height:var(--w);margin:auto;animation:spin 4s linear infinite;transform-origin:center}@keyframes spin{100%{transform:rotate(360deg)}}#b b{font:var(--s) monospace;height:var(--h);position:absolute;width:var(--s);left:calc(var(--h) - var(--s)/ 2);top:0;transform-origin:bottom center}</style><div id=b><script>for(i in s="because circular reasoning works ",s)b.innerHTML+=`<b style="transform:rotate(${360*i/s.length}deg)">${s[i]}`</script>


would be work.


It looks like it's down for the "night".

OP: I like the idea. How can we keep up with what you're doing/when it's back online? I have some code to post :)


I work on temp secret code instead of a fixed word and expand it with placeholders so everyone should be able to post more than hi or test. ;)


Kilobyte = kB.


Forbidden words!

Okay? Which words? Fuck that. I just said Hello..


Cant be. My filter for bad code is very small. Also for the username.


Hell?


haha, funny to use a 3rd-party hoster to provide web space to others! How did you end up using uberspace for this?


Because I use uberspace for years and it perfect for projects like this before buying a domain.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: