Welcome to the new forums!

Welcome to the new forums, now powered by Beast. This forum software isn’t based around a mail gateway in the same way as the old one, so you’ll notice it’s much more like a traditional lightweight Web-based forum and much less like a Web view of a newsgroup.

Post formatting is done with Textile just like news comments, Wiki pages and bug tracker entries. When you post new topics, reply to discussions or edit posts you’ve made, you can find brief formatting help displayed under the text input box along with a link to the Textile quick reference page.

Quoting of parts of other people’s messages isn’t done in the traditional e-mail sense with leading “>” characters. Instead, you must manually select short lines or single paragraphs and quote them with the “bq. ” command – i.e. press “Return” to start a new line, type in “b”, “q” and ”.”, press “Space”, then paste in the text you want to quote. You must quote separate paragraphs individually.

Quoted text looks like this.

Since that’s a bit fiddly, I may find time in future to add the ability to quote old messages directly using formatting similar to the all of the old posts that have been imported into this new forum. For now though, you’ll need a browser which supports text cut and paste for this to work, such as Netsurf (click and drag with the mouse to select text, the press Ctrl+C to copy and Ctrl+V to paste).

Beast includes Gravatar support, for those rare moments when the Gravatar site isn’t down ;-) – this is how come I have a logo next to my name in posts. You can set up a visible avatar using the e-mail address you registered with the ROOL site and this will be displayed on the forum. No image rating is specified, so your default image will be selected (Gravatar uses a ratings scheme similar to that used to indicate suitable viewing ages for films).

Notification of changes is done through RSS feeds – see the little orange icons scattered throughout. You can watch topics for changes; use the small check box and “Set” button at the top of a particular topic view. In the sidebar under “Options” there is a link containing your user name when logged in. If you follow this, you can find a list of all the posts you made, or all posts made by other people in topics you are watching (your “monitored” list). RSS feeds are available for both. You are also able to find the same information for any other forum user by following the link made from their name in one of their posts, so you can keep track of things written by authors in which you have an interest or form ad hoc groups of people watching a particular topic.

To prevent any further delays to the forum being live, I’ve elected to conduct only very brief testing with a narrow range of browsers. If you spot any problems, please report them using the bug tracker.

Enjoy!

Any chance of using an RSS format that Sargasso can handle?

What’s Sargasso? :-)

If you can tell me what’s up with the format, I’ll have a look at modifying the XML template(s). I’ve so far ignored the RSS side of things because it “just seems to work” though there’s still a user name error on some feeds that needs fixing (some show an internal MD5’d name, rather than a human readable one). So if I’m going to be working on the feeds for one thing, I may as well look at the other at the same time.

http://zamez.org/sargasso or http://zamez.org/sargasso2 for the version rewritten in C. Forum feeds work fine with the latter – no idea about the former.

quoting with > characters appears to work OK too.

So you don’t need to bother with bq.

I’ll try that on a multi-line sample (just putting “>” in front of each line):

help displayed under the text input box along with a link to the Textile quick reference page.

Quoting of parts of other people’s messages isn’t done in the traditional e-mail sense with leading “>” characters. Instead, you must ma

Yep, looks good. Well spotted! :-) Means the implementation of a “Reply with quote” button should be that much easier. You’ll get attributions for replies that way too.

Though I’m not sure about that shade of green…

Today Sargasso is giving an error:

Problem with the SSL CA cert (path? access rights?)

BTW – got those italics using plain old left arrow “i” right arrow – the listed alternative didn’t seem to work!

And good old “blockquote” in arrow delimiters works as well!

John,
Most basic HTML should work. The use of underscore-word-underscore tends to fail if there is punctuation or other symbols within the part to be italicised.

BTW, if you’re wondering about the 2.15am post, I’m eating beans and scrambled egg. I just….really needed beans and scrambled egg. Maybe I’m pregnant? ;-)

Today Sargasso is giving an error

All traffic to the ROOL site is now SSL encrypted. Non-SSL requests are redirected. Our GoDaddy certificate includes a certificate chain of trust, so your SSL engine has to be capable of verifying a cert chain or it might give up when it can’t immediately find a trusted root certificate.

I’m not familiar with Sargasso but Google indicates its current version was last updated in 2006, which means a fix may not be forthcoming… I suppose the answer to such things would be to allow HTTP requests again, but I’m reluctant to reduce the site security and reluctant to have to bloat out the Nginx configuration any further.

That said, if it was really necessary because there was really no way to update Sargasso, I suppose it could be done. But ideally software would be updated by having it properly verify chains; else not verify at all; dunno where its SSL support comes from, but if it’s AcornSSL then we have a problem since that module’s very abandonware-y, but OTOH fixing it would fix the same issue in any software that used the same SSL mechanism.

I’m not familiar with Sargasso but Google indicates its current version was last updated in 2006

Mine is 5 July 2009. James Bursa, the author, is still very active, and possibly John-Mark Bell, who works closely with him on the NetSurf project and who gave us the URL for the earlier versions, might see if something could be done if he sees this.

@Rick: Glad to hear you are still eating something!

Is forcing all http sessions to SSL due to the lack of support in the backend for switching?
Otherwise having SSL always on isn’t a security feature if there’s nothing worth encrypting (e.g. in a session that isn’t logged in etc. such as sargasso, or someone browsing the forums not logged in).
It’s just unecessary load on the server doing encryption – that’s assuming the load actually comes from the web server and not the backend!

i.e. can’t you just say for the sake of arguing:
if ( userid > 0 )
SSL=on
else
SSL=off
then have a baseuri check and redirect to enforce any that miss the net?

I’m not picking, just interested from a geeky point of view. Esp as I’ve finally migrated from apache to nginx myself and want to start using it as the default now. I’m quite impressed, it’s really nice.

BTW if you would like another vm for testing, I can spin you one up easily enough – I’ve got around 4GB on my dedi server spare so enough for another host or two (depending on how much memory you need)

Sargasso 2.02 not working.
Oregano2 not working.
Phoenix 2.13 not working – with AcornSSL on RO4.02.
(https works with Google)

I’ve done a quick fix to enable enable Sargasso to download the riscosopen RSS feed. You can download it from here.

I’ve done a quick fix to enable enable Sargasso to download the riscosopen RSS feed.

Thanks, Chris. I couldn’t remember where I’d got that later version last time. Back in business!

@ John: “Glad to hear you are still eating something!”
(my emphasis)

Still? Huh?
If you don’t consume tea and cupcakes at regular intervals, your interrupt handler stops working, and that’s a Very Bad Thing.

Thanks Chris for the Sargasso update – it would be nice to have a updated version number – even it was just a change of date and/or version number like – 2.021.

Just why does Oregano2 & Phoenix/AcornSSL have problems!

Just why does Oregano2 & Phoenix/AcornSSL have problems!

I think it’s because they don’t support certificate chains
.

Neither does Sargasso yet. What I did to get it working was to download the certificate off the server with this command,

Sargasso then uses this as the certificate bundle. It’s only a temporary fix until I add proper support for certificate chains.

As per my previous post. It’s exactly that. AcornSSL doesn’t support certificate chains, so it doesn’t work. Fixing that would fix any AcornSSL clients, but the module is abandonware and NetSurf is the recommended client for this site now (because there are no viable alternatives, really).

Non-SSL support was causing confusion amongst users because Hub can’t transmit security tokens without SSL for safety. That’s why you always seem to be logged out if you use non-SSL connections; we even had a bug report against that. Nginx makes it even harder because it requires an entire “server {…}” section incorporating the bulk of the server configuration for each listener. I’d have to split all of that configuration out into another file and include it in each block, but then there are potential issues with restrictions for inclusions. Nginx has baroque and fragile rules for just which server block gets used for a given connection (the horribly complex “server_name” directive and the conditions under which wildcards work or fail depending on what gets put into the “listen” directive) and it took a long time just to get it to reliably redirect our various ROOL domains to “…org” along with SSL in passing, including support for IP address based requests or non-HOST header senders and so forth. I’m in no rush to change anything there.

Don’t even get me started on the lack of CGI support. Even LigHTTPd manages that just fine.

…anyway, I wrote a massive rant about this on my personal Facebook account because Nginx’s shortcomings (especially regarding configuration) were so infuriating – I won’t repeat it all here. My blood pressure’s rising just thinking about it. Horrible piece of software really, as long as it works for our site then all good, but I can’t claim to be a fan.

Adding certificate chain support to RISC OS applications would improve compatibility with a large number of other sites anyway, so it can only be considered a good thing. It may prompt updates to potentially outdated and vulnerable SSL libraries too.