Skip to content

blog post about the browser edition #1120

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 24 commits into from
May 22, 2025
Merged

blog post about the browser edition #1120

merged 24 commits into from
May 22, 2025

Conversation

Simon-Laux
Copy link
Member

Blog post that talks a bit about the browser edition.
Ideally it can become what we link to if someone asks for a browser edition again.

I'm looking forward to your improvements ideas and suggestions.

@github-actions GitHub Actions
Copy link

Check out the page preview at https://staging.delta.chat/1120/en/

@WofWca WofWca self-requested a review May 20, 2025 20:06
WofWca
WofWca reviewed May 20, 2025
View reviewed changes
Copy link
Member

@WofWca WofWca left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about mentioning the security of this? And perhaps that people shouldn't try to deploy this in production?
There is password protection, but it's not particularly securely implemented, as far as I can tell (I'm not a security expert though):

https://github.com/deltachat/deltachat-desktop/blob/aa07f3902e7f642935b9513908028a441fa8ec84/packages/target-browser/src/index.ts#L98

It's just a string equality check, with no timeouts and no timing attack protection.

Also, the WebSocket server doesn't perform origin validation IIRC.

Otherwise, at a glance the post looks short and nice, but I haven't read it yet.

nojisan
nojisan reviewed May 20, 2025
View reviewed changes
nojisan
nojisan reviewed May 20, 2025
View reviewed changes
hpk42
hpk42 reviewed May 21, 2025
View reviewed changes
Copy link
Contributor

@hpk42 hpk42 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great stuff, Simon!

A couple of short and one longer modification suggestion for the ending of the post.

General review note: Never start a new paragraph and use "this" or "it". It's better if each paragraph can be read on its own without remembering prior ones.

consistent capitalization: "s/delta chat/Delta Chat" and "s/desktop/Desktop" and "s/electron/Electron/" and "s/tauri/Tauri/"

Feel free to merge any suggestion and then modify afterwards to your likening. Discussing each suggestion in depth would cumbersome and latency-prone. I'll do another review afterward your merging/next draft.

Simon-Laux
Simon-Laux commented May 21, 2025
View reviewed changes
Simon-Laux
Simon-Laux commented May 21, 2025
View reviewed changes
_posts/2025-05-20-browser-edition.md Outdated
See the [Web version topic in the Delta Chat Forum](https://support.delta.chat/t/what-would-be-needed-for-a-standalone-web-version-without-a-server-component/3789) for further discussion.

If you are not really into programming, it might be hard to understand how hard these issues are.
But no worries, even if you are a programmer, or even with ourselves as matter experts, it's hard to predict :)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this sentence is a bit hard to read, we should simplify it somehow.

@Simon-Laux
Copy link
Member Author

How about mentioning the security of this?

I'll see to add a hint to that.

Also, the WebSocket server doesn't perform origin validation IIRC.

AFAIK it checks for the session token, which may be enough?

WofWca
WofWca approved these changes May 22, 2025
View reviewed changes
Copy link
Member

@WofWca WofWca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks alright overall.
If you say you're about to merge it, I could add some spelling corrections in a separate MR.

WofWca and others added 2 commits May 22, 2025 15:50
@WofWca
correct spelling in "Browser edition" post
13a5890 
Correct, unify proper nouns' spelling.
@Simon-Laux
Merge pull request #1121 from deltachat/wofwca/correct-browser-edition
871f036 
correct spelling in "Browser edition" post
hpk42
hpk42 approved these changes May 22, 2025
View reviewed changes
Copy link
Contributor

@hpk42 hpk42 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice work!

@Simon-Laux Simon-Laux merged commit 29ec3a4 into main May 22, 2025
3 checks passed
@Simon-Laux Simon-Laux deleted the browser-edition branch May 22, 2025 13:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nojisan nojisan nojisan left review comments

@hpk42 hpk42 hpk42 approved these changes

@WofWca WofWca WofWca approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Simon-Laux @hpk42 @nojisan @WofWca