Announcing https://orderbook.xrp.ninja

I just made a website https://orderbook.xrp.ninja. I have explained why I did it in the front page.
I am going to record some of the problems that I had and how I solved them in this post.

Prod code doesn't work

The code works in development mode. But it doesn't after minified. The error message was:

Uncaught Error: [$injector:modulerr] Failed to instantiate module rp due to: Error: [$injector:unpr] Unknown provider: e

I found a post on stackoverflow and fixed it like this.

Add domain to an existing Letsencrypt cert

$ certbot certonly --cert-name rippled.xrp.ninja -d rippled.xrp.ninja,ripple.xrp.ninja,www.xrp.ninja,xrp.ninja,orderbook.xrp.ninja

Redirect http traffic to https on lighttpd

Add this to lighttpd.con and also enable mod_redirect.
$HTTP["scheme"] == "http" {
    # capture vhost name with regex conditiona -> %0 in redirect pattern
    # must be the most inner block to the redirect rule
    $HTTP["host"] =~ ".*" {
        url.redirect = (".*" => "https://%0$0")
    }
}

Add response headers

Use http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModSetenv. Also there is a useful site to scan the header settings of a website: https://securityheaders.com/

Https link in iframe downgraded to http

The chart on the orderbook page is an https link to xrpchats.ripple.com. However, inexplicably the https link was downgraded to http and it can't be displayed since mixing https and http contents is not allowed.

I tried setting upgrade-insecure-requests in Content-Security-Policy. Then the problem was gone. But later it reappeared. I finally realized this is because ripple changed the link format. See this commit for details.

Javascript file size too large

The vendor.js file is too large. I have removed lots of unnecessary code. But after minimization, it's still 1.04 MB. I got the following picture with webpack-bundle-analyzer. The picture shows gzipped size. The gzipped size (320 KB) is acceptable.


To enable compression in lighttpd, mod_compress must be enabled, compress.cache-dir must be setup with proper permission and compress.filetype set to something like this:

compress.filetype = ("text/plain", "text/html", "text/css", "text/javascript", "application/x-javascript", "application/javascript", "application/font-woff")

Note that I only had "text/javascript" in this list which didn't work. Later I added the other two javascript types and it worked. I don't know how the type is determined though.

I plan to shrink it further with the help of inspectpack-plugin.

Orderbook doesn't update

See this commit for details.

Use font-display: fallback

See this commit.

Set “Cache Control"

First append hash to js and css file names. See this commit. This feature was originally there. But it renames index.html as well. To get things work ASAP, I removed this feature without investigating what this does and why it renames index.html until now.

Then I added the following code to lighttpd.conf: 
$HTTP["url"] =~ "(^/$|\.html$)" {
  setenv.add-response-header = ( "Cache-Control" =>; "no-cache, public, must-revalidate" )
}

$HTTP["url"] =~ "^/(js|css|img|fonts)/" {
  setenv.add-response-header = ( "Cache-Control" =>; "max-age=31536000, public, must-revalidate" )
}

Comments

Post a Comment

Popular posts from this blog

portage-2.2 preserve-libs FEATURES explained

Maybe I am not the right person to write about it. But I felt the necessity to write about it. So I will just write something about preserve-libs, leaving other FEATURES to more competent people. Portage-2.2 has already entered unstable tree. Many people has started using it. It has many new features, like preserve-libs, sets, license filter and so on. Please check README and RELEASE-NOTES for a complete list. I will only talk about preserve-libs. To understand why we need it, we have to know some background information. First of all, applications are not built from scratch. Any non trivial apps use lot of libraries. In GNU/Linux, most of them are shared libraries, i.e. .so files. You can use `ldd /usr/bin/mplayer` to check what shared libraries an app has been linked to, replace mplayer to whatever program you'd like to check. Shared libraries have versions. E.g. /usr/lib/libavformat.so.51, here 51 denotes its version. After upgrading, the version number may change. E.g. /usr/lib/...
Read more

Send $SGB (Songbird) to another wallet using a script

You need nodejs and web3 to run it:  const Web3 = require('web3'); // Variables definition const privKey = '8xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx2'; // Genesis private key const addressFrom = '0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'; const addressTo = '0xBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB'; const web3 = new Web3('https://songbird.towolabs.com/rpc'); // Create transaction const deploy = async () => { console.log( `Attempting to make transaction from ${addressFrom} to ${addressTo}` ); const createTransaction = await web3.eth.accounts.signTransaction( { from: addressFrom, to: addressTo, value: web3.utils.toWei('1', 'ether'), // Send 1 SGB. 'ether' is not a typo here. gasPrice: web3.utils.toWei('225', 'Gwei'), gas: '21000', }, privKey ); // Deploy transaction const createR...
Read more

The diff between the original SEC complaint against Ripple and the amended one

--- original.txt 2021-02-18 18:32:43.171832036 -0800 +++ amended.txt 2021-02-18 18:32:29.103735165 -0800 @@ -1,4 +1,4 @@ -Case 1:20-cv-10832 Document 4 Filed 12/22/20 Page 1 of 71 +Case 1:20-cv-10832-AT Document 46 Filed 02/18/21 Page 1 of 79 Richard Best Kristina Littman @@ -34,9 +34,9 @@ : ------------------------------------------------------------------------x -20 Civ. 10832 +20 Civ. 10832 (AT) ECF Case -Complaint +First Amended Complaint Jury Trial Demanded Plaintiff Securities and Exchange Commission (the “SEC”), for its Complaint against @@ -53,7 +53,7 @@ required by the federal securities laws, and no exemption from this requirement applied. 1 -Case 1:20-cv-10832 Document 4 Filed 12/22/20 Page 2 of 71 +Case 1:20-cv-10832-AT Document 46 Filed 02/18/21 Page 2 of 79 2. @@ -103,7 +103,7 @@ 2 -Case 1:20-cv-10832 Document 4 Filed 12/22/20 Page 3 of 71 +Case 1:20-cv-10832-AT Document 46 Filed 02/18/21 Page 3 of 79 VIOLATIONS 9. @@ -150,...
Read more