<isd>
Note that sandstorm is going to override that flag if etherpad tries to set it itself
<isd>
I have some vague memory that at some point chrome was going to start defaulting to samesite=strict.
<ill_logic>
So I'm barely getting this stuff, but how is CSRF even a question? I thought Sandstorm disabled the ability to make requests to other domains.
<ill_logic>
Other than images.
<ill_logic>
Okay, so Strict on etherpad works as well. Only None (the default) breaks it.
<ill_logic>
But you're saying that if this Sandstorm change were to go through, it would have overridden the cookie with SameSite=Strict
<ill_logic>
in spite of whatever Etherpad was trying to do?
<ill_logic>
i.e. I'd never have seen this problem?
<ill_logic>
Should I do Strict instead of Lax then?
<ill_logic>
For now
<ill_logic>
Actually I wonder if it was failing before with SameSite=None because it requires Secure, and Secure requires https.
<ill_logic>
And I'm on a dev environment.
<ocdtrekkie>
Generally speaking I don't think we require https, so that would present a problem in a production app I think.
<ill_logic>
oh right this is from the app server to the proxy or whatever. doesn't need https.
griff has joined #sandstorm
griff has quit [Client Quit]
ask has joined #sandstorm
<ask>
hello :D
jryans has joined #sandstorm
keturn has joined #sandstorm
<ask>
can i ask somting about sandstorm
xet7 has quit [Remote host closed the connection]
xet7 has joined #sandstorm
xet7 has quit [Remote host closed the connection]
xet7 has joined #sandstorm
ask has quit [Quit: Connection closed]
coolmen has joined #sandstorm
<coolmen>
hello
<coolmen>
can i ask somting about zsandstorm ?
<xet7>
coolmen: Please ask
<coolmen>
i cant realy see if you can see where the app go
<coolmen>
like i whant wordpress on wordpess.example.com
<coolmen>
but i dont see thie functoin on your software
<xet7>
When you have installed Sandstorm, and added WordPress to Sandstorm, there is at Control Panel / Frontpage details about domain etc
<xet7>
also, when you have made changes to webpages, you need to click update/publish, and then at Control Panel / Frontpage click "Rebuild public website"
<xet7>
this will build public static website to be visible
<xet7>
there is also CNAME etc info in that frontpage
<xet7>
you need to add those to your nameserver
<xet7>
so that website can be like company.com or blog.company.com
<xet7>
there is needed both CNAME and TXT records
<xet7>
to be added to nameserver
<xet7>
nameserver can be for example from CloudFlare, Namecheap, etc
<xet7>
I use CloudFlare
<xet7>
it's free to use
<xet7>
also CloudFlare has some free DDoS etc protections
<xet7>
and CloudFlare can also provide SSL
<xet7>
I do host many websites for myself and my customers at Sandstorm WordPress etc
<xet7>
with different domains
<xet7>
I also use Piwik Sandstorm App for stats for some websites
<xet7>
For Sandstorm WordPress, good WordPress add-on is Scripts'n'Styles
<xet7>
with it, it is easy to add same Piwik tracking code, or alternatively Google Analytics code, etc to all WordPress pages
<xet7>
I downloaded Scripts'n'Styles by finding it with Google Search from WordPress.org plugins website, there downloaded plugin .zip file, and uploaded to Sandstorm WordPress plugins
<xet7>
Sandstorm WordPress is also very secure, because it generates static websites. For any website user that views website, there is no PHP code running at all for that viewer
<xet7>
So Sandstorm WordPress is not affected by any of WordPress vulnerabilities, that run on MySQL/PHP traditional hosting
<xet7>
For any questionnaires, I do use Sandstorm app SandForms
<xet7>
for example, I made questionnaire "Accessibility Survey", that link is at https://wekan.github.io
<xet7>
Answers are saved to serverside
<xet7>
and that questionnaire does not ask any personal details like name, email address, country etc
<xet7>
because of GDPR
<xet7>
Only I can view answers when I have logged into Sandstorm
<xet7>
Sandstorm is best kind of secure hosting environment
<xet7>
I have also shared write access of Sandstorm WordPress to my customers
<coolmen>
my ask its more. your can share your page or somting ok whit every people ?
<coolmen>
and a custom website
<coolmen>
like wordpess.example.com
<coolmen>
ok whti other app ?
<coolmen>
like pff Roundcube
<xet7>
Sandstorm has button "+ Share access" for sharing write access to some email address etc
<xet7>
that is how I shared write access of Sandstorm WordPress to my customers
<xet7>
any other app can also be shared in similar way
<coolmen>
ok whit custom domein ?
<xet7>
Yes
<coolmen>
or only provide whit sandstrom
<coolmen>
thx
<xet7>
I explained above how to make custom domain for public viewing
<xet7>
editing is always at something.sandcats.io
<coolmen>
yeey i have read it
<coolmen>
but only ask whas it for every app
<coolmen>
and what you say its yes :D
<coolmen>
that whas more my ask :D
<xet7>
There is Collections app for sharing a group of apps
<coolmen>
i now
<xet7>
:D
<coolmen>
but only the ask about the apps if you can say you have to use this webstie
<coolmen>
Roundcube.example.com
<coolmen>
or so
<xet7>
For changing something.sandcats.io to example.com, please make backup first, then there at server is /opt/sandstorm/sandstorm.conf with BASE_URL, docs at https://docs.sandstorm.io/en/latest/administering/config-file/ , but it needs wildcard SSL
<coolmen>
but i fink i like to use sandstorm but dont side or somting you cant change your domein somtimes
<coolmen>
but you can share whit every body
<coolmen>
i have to fink its sandstorm somting for me or not ?
<xet7>
It is possible to change domain. I explained all above.
<coolmen>
i now
<coolmen>
:P
<coolmen>
but then you have vunarble
<coolmen>
or not
<ocdtrekkie>
coolmen: Sandstorm doesn't presently let you put apps at normal subdomains because it breaks the security model. There's a hack to do it but it is not supported.
<xet7>
It is always possible to change domain. There is no situation where it is not possible to change domain in Sandstorm.
<coolmen>
i have to try sandstorm i look if its somting for me or not :P
<xet7>
Yes, it depends what kind of system is required.
<coolmen>
for website and what apps
<xet7>
all platforms have different pros/cons
<coolmen>
and mail server i fink
<xet7>
I host my websites at Sandstorm because of Sandstorm security features
<xet7>
For me, it's worry-free
<xet7>
I would not like to host any traditional PHP/MySQL hosting, it's huge amount of extra work, and worrry
<coolmen>
i now what you mean
<coolmen>
but people have to use like sandstorm.io/test
<coolmen>
and if you change the url are you then well or not security whit sandstorm
<xet7>
Changing URL does not change anything in security
<xet7>
Sandstorm is still secure
<coolmen>
nice
<coolmen>
thx
<ocdtrekkie>
So, an important distinction is that Sandstorm by design only publishes static website content.
<ocdtrekkie>
Dynamically running apps can't/shouldn't be hosted at a permanent subdomain.
<coolmen>
thx for helping my :D
<xet7>
Kind of. SandForms provides saving of questionnaires.
<xet7>
that change in sandstorm.conf is for all of login to Sandstorm and editing
<xet7>
for WordPress websites etc, they can still be in any differet https://different.com urls
<xet7>
it is per-app publishing setting
coolmen has quit [Quit: Connection closed]
xet7 has quit [Quit: Leaving]
xet7 has joined #sandstorm
<TimMc>
I keep clicking on Grains when I want Apps, and vice versa.
<TimMc>
I suspect there's currently a bit of a mismatch between the tech mental model and the user mental model. I wonder if the sidebar should actually be factored by task, like "Find"/"Open" and "Create".
<TimMc>
The Open view would be essentially the same as the current Grains view, except it would include the ability to fitler by app.
<isd>
Not a bad thought.
<isd>
Also seems like more filtering options on the grain list might separately be a good idea
<ocdtrekkie>
I really want to pin grains and I will be 98% happy with finding grains