<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Aug 17, 2017 at 7:18 AM, Marvin Scholz <span dir="ltr"><<a href="mailto:epirat07@gmail.com" target="_blank">epirat07@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi, thanks for your work.<div><div class="h5"><br>
<br>
On 17 Aug 2017, at 3:08, Diogo Silva wrote:<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
+++ b/share/cloudstorage/amazons3_<wbr>login.html<br>
@@ -0,0 +1,52 @@<br>
+<html><br>
+<head><br>
+ <meta name="Author" content="VideoLAN" /><br>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><br>
+ <meta http-equiv="X-UA-Compatible" content="IE=edge" /><br>
+ <meta name="viewport" content="width=device-width, initial-scale=1" /><br>
+ <title>VLC Local Authentication Server</title><br>
+ <script src='//<a href="http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js" rel="noreferrer" target="_blank">ajax.googleapis.com/aja<wbr>x/libs/jquery/1.9.1/jquery.min<wbr>.js</a>' type='text/javascript'></scrip<wbr>t><br>
+ <script async="async" src="//<a href="http://images.videolan.org/js/bootstrap.min.js" rel="noreferrer" target="_blank">images.videolan.org/js/<wbr>bootstrap.min.js</a>" type="text/javascript"></scrip<wbr>t><br>
+ <script src='<a href="https://cdnjs.cloudflare.com/ajax/libs/js-url/2.5.0/url.min.js" rel="noreferrer" target="_blank">https://cdnjs.cloudflare.<wbr>com/ajax/libs/js-url/2.5.0/url<wbr>.min.js</a>'></script><br>
+ <link rel="stylesheet" type="text/css" href="//<a href="http://images.videolan.org/style/bootstrap.min.css" rel="noreferrer" target="_blank">images.videolan.org/st<wbr>yle/bootstrap.min.css</a>" /><br>
+ <link rel="stylesheet" type="text/css" href="//<a href="http://images.videolan.org/style/style.min.css" rel="noreferrer" target="_blank">images.videolan.org/st<wbr>yle/style.min.css</a>" /><br>
</blockquote>
<br></div></div>
If I understand this correctly, this is a HTML page that will be rendered to the user to login to<br>
Amazon S3. I don't think it is acceptable or necessary to include so many external scripts here. </blockquote><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> </blockquote><div><br></div><div>I can take a look at those scripts (maybe url.min.js can be removed with some additional js code) but the others are a</div><div>bit essential in order to provide some pretty pages to the user.<br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
+</head><br>
+<body class="new-design"><br>
+ <div id='bodyInner' class='blue' style='padding:0'><br>
+ <nav id="nav" class="navbar navbar-default navbar-static-top"><br>
+ <div class="container"><br>
+ <div class="navbar-header"><a class="navbar-brand" href="//<a href="http://www.videolan.org/" rel="noreferrer" target="_blank">www.videolan.org/</a>"><im<wbr>g src='//<a href="http://images.videolan.org/images/logoBlue.png" rel="noreferrer" target="_blank">images.videolan.org/ima<wbr>ges/logoBlue.png</a>' alt='VideoLAN association' /></a><br>
+ <a class="navbar-brand" style="padding: 15px 15px">VLC Local Server</a><button type="button" class="navbar-toggle collapsed"<br>
+ data-toggle="collapse" data-target="#main-navbar" aria-expanded="false"><span class="sr-only">Toggle navigation</span><span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span></butt<wbr>on></div><br>
+ </div><br>
+ </nav><br>
+ <div class="container center-block"><br>
+ <script><br>
+ function submitData() {<br>
+ var code = encodeURIComponent($('#inputAc<wbr>cessKey').val() + '@' + $('#inputRegion').val() + '##' + $('#inputSecretKey').val());<br>
+ window.location.href = location.pathname.split("/").s<wbr>lice(0,-1).join("/") + "?code=" + code + "&state=" + url('?').state;<br>
+ return false;<br>
+ };<br>
</blockquote>
<br></span>
That javascript looks awful. Why is it necessary, can't the form just do a POST? If this is necessary and can't be written in a less<br>
obfuscated way, I would at least add a comment explaining what it does.</blockquote><div><br></div><div>Indeed, I will write it in a cleaner way.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
+ </script><br>
+ <h2 class="text-center">Amazon S3 Login</h2><br>
+ <h5>VLC requires access to your Amazon S3 account in order to display the content of your cloud storage.<br/>Amazon<br>
+ S3 requires generating an access and a secret token in order to be used in external applications. To generate those<br>
+ tokens, go to "My security credentials", then "Access Keys" and create them.</h5><br/><br>
+ <form class="form-horizontal" onsubmit="return submitData()"><br>
+ <div class="form-group"><label for="inputRegion" class="col-sm-2 control-label">Region</label><br>
+ <div class="col-sm-10"><select id="inputRegion" class="form-control"><option value="ap-northeast-1">Asia Pacific (Tokyo)</option><option value="ap-northeast-2">Asia Pacific (Seoul)</option><option value="ap-south-1">Asia Pacific (Mumbai)</option><option value="ap-southeast-1">Asia Pacific (Singapore)</option><option value="ap-southeast-2">Asia Pacific (Sydney)</option><option value="ca-central-1">Canada (Central)</option><option value="eu-central-1">EU (Frankfurt)</option><option value="eu-west-1">EU (Ireland)</option><option value="eu-west-2">EU (London)</option><option value="sa-east-1">South America (São Paulo)</option><option value="us-east-1">US East (N. Virginia)</option><option value="us-east-2">US East (Ohio)</option><option value="us-west-1">US West (N. California)</option><option value="us-west-2">US West (Oregon)</option></select></di<wbr>v><br>
+ </div><br>
+ <div class="form-group"><label for="inputAccessKey" class="col-sm-2 control-label">Access Key</label><br>
+ <div class="col-sm-10"><input type="text" class="form-control" id="inputAccessKey" placeholder="Access Key ID"></div><br>
+ </div><br>
+ <div class="form-group"><label for="inputSecretKey" class="col-sm-2 control-label">Secret Key</label><br>
+ <div class="col-sm-10"><input type="password" class="form-control" id="inputSecretKey" placeholder="Secret Access Key"></div><br>
+ </div><br>
+ <div class="form-group"><br>
+ <div class="col-sm-offset-2 col-sm-10"><button type="submit" id="submit" class="btn btn-default">Sign in</button></div><br>
+ </form><br/><br/><br>
+ <h5>This page is running locally and is hosted by your machine. The inserted data is going to be safely sent to <a href="<a href="https://aws.amazon.com/s3/" rel="noreferrer" target="_blank">https://aws.amazon.com/s<wbr>3/</a>">Amazon S3</a> servers.</h5><br>
</blockquote>
<br></span>
Sure it is running locally, but pulls in a bunch of scripts from external sources.<br></blockquote><div><br></div><div>This module completely requires access to internet. After receiving that data, it is going to be sent within a POST request to Amazon (properly managed).<br><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
In general: Why have so many different HTMLs instead of a generic one with replaceable variables for the different services?<br></blockquote><div><br></div><div>Indeed, it can be easily loaded with replaceable variables and it would look much better and consume less space.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Yours sincerely,<br>
Marvin Scholz</blockquote><div><br>Thanks for the feedback!</div><div> </div></div><br></div></div>