Factor/To do/Web

before wiki deployment

  • relative-link-prefix lossage again
  • click edit on a revision should show an editor for that revision, with a warning if its not the latest
  • clicking a revisions should show diff to previous
  • fix convo scope problems

[2008-09-07T20:49:17-05:00] NOTICE accepted-connection: { T{ secure f ~inet6~ } T{ secure f ~inet6~ } }

useless...]]

these could be the same problem:

  • some reqs take ages
  • check if session resumption is working; c.o is slow

read-request

read-request-line

read-crlf

decoder-read-until

decode-char

stream-read1/tuple-dispatch-engine

(wait-to-read)

refill

maybe-handshake

do-ssl-accept

wait-for-fd]]

  • wiki should look better
  • buttons and submit buttons look different

before blog deployment

  • don't redirect to 8812
  • farkup: build a toc
  • renaming pages
  • what links here
  • finding broken links
  • cgi needs a process timeout
  • blog should look better

Error in thread 95 (http.server connection from T{ inet6 f "0:0:0:0:0:0:0:1" 49166 }, [ ~duplex-stream~ ~inet6~ ~inet6~ handle-client ]):

Bad request: URL]]

  • this should be logged
  • websites.factorcode
  • if vlaidation fails, redirect to new-annotation form + anchor
  • blog needs a 'posts by this author' link
  • blog: show user's real name
  • wiki: show user's real name
  • better list support

- pastebin: 'no annotations', blog: 'no comments'

- t:ul, t:ol

- alternation, t:tr?

- paging

  • duplication:

- edit profile/logout links

- maybe init should be called on form submission also?

- wiki: some duplication between listing actions, and username links

- new todo, edit todo

- new blog, edit blog

- new user, edit user

- each -common page has edit profile, logout

- page title, feed title, title in atom tag

- blog: list of all posts, list of user posts

  • more robust component inheritance with real form nesting
  • what about stuff that's required with some but not others?

- that can be per-action

- new user action requires passwords

- edit user action doesn't

- user admin tool, edit profile, registration... abstract out user validation

  • abstract out CRUD actions
  • mutual exclusion for saving sessions and user profiles
  • think about transaction safety and thread safety with users table etc
  • will as a path delimiter cause problems for static responder?
  • tags for wiki and blog
  • log stack trace for 500 errors
  • help responder

=== bugs

  • db null value attacks
  • random number guessing
  • better handling of invalid db ids
  • try various .. and attacks on file-responder
  • must support chunked encoding post requests
  • if 'id' is wrong, rollback button redirects us to a revision page

where all the content is missing. general problem with multiple

forms on one page?

=== features

  • xml-rpc needs cleanup and fixes
  • wiki

- user pages

- full-text search

- semantic tagging

- personal and public tags

- protected pages

- web services

  • http-client: with-http-request for stream-oriented stuff
  • boilerplate: don't do this for 404's? or make 404's nicer
  • listener and inspector responders!
  • numbers-game
  • news

- threaded discussions in the comments

- voting

  • bug tracker

- something simple but using all of the above bits and pieces

  • integrated cms framework for wiki + blog + news + bug tracker
  • web services
  • file uploads

- http://www.ietf.org/rfc/rfc1867.txt

a:link { text-decoration: none; color: black; }

a:visited { text-decoration: none; color: black; }

a:active { text-decoration: none; color: black; }

a:hover { text-decoration: underline; color: black; }

=== low priority

  • test basic auth with capability upgrading
  • basic auth with enforced ssl
  • single-submit forms
  • password recovery is a 'business process', so is comment moderation etc
  • digest authentication
  • remember me
  • don't give the user a cookie if there is no session state
  • client side sessions

This revision created on Tue, 9 Sep 2008 03:10:53 by slava