ptth/todo.md

87 lines
3.0 KiB
Markdown

Interesting issues will get a unique ID with
`dd if=/dev/urandom bs=5 count=1 | base32`
- Report server version in HTML
- [YNQAQKJS](issues/2020-12Dec/auth-route-YNQAQKJS.md) Open new auth route for spiders / scrapers
- Track / Estimate bandwidth per server?
- EOTPXGR3 Remote `tail -f` (_Complicated_) (Maybe use chunked encoding or something?)
- "Preview as" feature for Markdown (It's not threaded through the relay yet)
- Make a debug client to replicate the issue Firefox is having with turtling
- YMFMSV2R Add Prometheus metrics
- Not working great behind reverse proxies
- Impl multi-range / multi-part byte serving
- Deny unused HTTP methods for endpoints
- ETag cache based on mtime
- Server-side hash?
- UPAQ3ZPT Log / audit log?
- Prevent directory traversal attacks in file_server.rs
- Error handling
- Reverse proxy to other local servers
# Off-project stuff:
- Benchmark directory entry sorting
# Known issues:
## Graceful shutdown
Relay can't shut down gracefully if Firefox is connected to it, e.g. if Firefox
kept a connection open while watching a video.
I'm pretty sure this is a bug in Hyper, so for now I've worked around it with a
forced shutdown timer.
Sometimes I get the turtle icon in Firefox's network debugger. But this happens
even with Caddy running a static file server, so I can't prove that it's on my
side. The VPS is cheap, and the datacenter is far away.
## Embedded asssets
The bad_passwords file is huge. Since it's static, it should only be in physical
RAM when the server first launches, and then the kernel will let it be paged
out.
Rust has some open issues with compiling assets into the exe, so I'm not
going to push on this for now, for neither bad_passwords nor the HTML assets:
https://github.com/rust-lang/rust/issues/65818
I also considered compressing the passwords file, but I couldn't even get
brotli to give it a decent ratio.
## RAM use is kinda high
I tried to reduce the thread count in Tokio, but it's still around 12 or 13
MiB even when the server is doing nothing.
I'll leave in the minimize_ram setting for now, but it doesn't actually
reduce RAM use.
## Server names can't have spaces
I tried to figure out the percent encoding and it didn't work.
Maybe Base64 would be better or something? At least it's unambiguous and it
can go straight from UTF-8 to bytes to ASCII-armored.
## Turtle in Firefox's network debugger
The turtle shows up if Firefox has to wait more than 500 ms till first byte.
Curl says we can download a small file (950 bytes) end-to-end in about 250 ms.
So I think somewhere between Firefox and Caddy, something is getting confused.
Firefox, probably the same as Chromium, doesn't try to buffer entire videos
at once, so I think it purposely hangs the download, and then I'm not sure
what happens.
I might have to build a client that imitates this behavior, since it's hard
to control.
## Server can't protect its API key on Windows
This is because I use a dumb hack with Unix permissions to protect the config
file on Linux.