Skip to content
This repository has been archived by the owner on Dec 27, 2023. It is now read-only.

URL Specification

Jump to bottom
smcgregor edited this page Aug 6, 2012 · 15 revisions

Straw-man Proposal for Version 1, "Barn Owl," URL format

Domains:

Privly will support any domain, but initially we will have a short default whitelist for automatic injection:

Parameters

The URL format for Barn places parameter strings in the URL anchor as well as the server parameters. Parameters in the anchor text are never sent to the remote server, whereas server parameters are. Some host sites and URL shorteners do not respect anchors as well as the server parameters, so we should support both until we know the consequences of moving parameters exclusively to the anchor. In cases where the parameter is specified as both a server parameter and an anchor parameter, the anchor parameter is ignored.

Parameters Exclusive to the Anchor:

  • privlyLinkKey: This key is used to decrypt the ciphertext. It may also be placed in the server parameters, but doing so is discouraged since it provides the parameter to the remote server.

Anchor and Server Parameters:

  • privlyInject1 (Required): Indicates the link is capable of being injected according to the Barn specification.
  • privlyCiphertextURL: The injected web application fetches the ciphertext from this URL. If the URL is not specified, the ciphertext is assumed to be contained in the injected web application without the need for an additional request. The privlyCiphertextURL may have URL parameters, which will supersede the parameters found outside the privlyCiphertextURL.
  • privlyBurntAfter: specifies a time in seconds in the Unix epoch until the content is likely destroyed on the remote server. Destruction of the content should result in a change of message, but not a request to the remote server for the content
  • privlyBurntMessage: Display this message if the content was burnt, as ndicated by the burnAfter parameter.
  • privlyPassiveMessage: Display this message when the extension is in passive mode.
  • privlyPassive: Forces the link into passive mode
  • privlyExclude: Force the link to not be replaced or put into passive mode

DEPRECATED VERSION

The following information is here for reference purposes only. The current Privly URL format is a hard coded URL matching one of these patterns:

  • priv.ly/posts/(numeric identifier)
  • dev.privly.org/posts/(numeric identifier)
  • privly.org/posts/(numeric identifier)
  • privly.com/posts/(numeric identifier)
  • dev.privly.com/posts/(numeric identifier)
  • localhost:3000/posts/(numeric identifier) It also supports the passive mode injection of unofficial links with the anchor "#INJECTCONTENT0".

The extension also respects several optional parameters on the URL:

  • burntAfter: specifies a time in seconds in the Unix epoch until the content is likely destroyed on the remote server. Destruction of the content should result in a change of message, but not a request to the remote server for the content
  • burntMessage: Display this message if the content was burnt, as ndicated by the burnAfter parameter.
  • passiveMessage: Display this message when the extension is in passive mode.
  • passive: Forces the link into passive mode exclude: Force the link to not be replaced or put into passive mode

Foundation Home
Repository List
Development Mailing List
Testing Mailing List
Announcement Mailing List
Central Wiki
Submit a Bug
IRC
Download Extension
These documents are under active development and discussion.

Credit: This Google Summer of Code content is licensed under the CC Attribution-Noncommercial-Share Alike 3.0 Unported license furnished by the Sahana Software Foundation.

Specifications

System Hierarchy

Version List

Injectable Applications

Developer Guides

Security

Google Summer of Code

Clone this wiki locally