Life In 19x19 :: Mousing over diagrams

Does your browser show image URLs when mousing over? Turn that off, because it looks like a diagram's URL encodes the entire diagram definition. Here's the URL of a random diagram:

Code:

http://www.lifein19x19.com/forum/example4.php?request=SGF&msg=$$Bcm151 Moves 151 to 160 This is a long title, which I am going to keep writing about. You can write paragraphs and paragraphs, and the captions should wrap correctly, and not overlap with the image. Hopefully this works on all diagram sizes. If it does, that would be cool. And nothing else to say here, I guess...
$$ ---------------------------------------
$$ | . . . . . . . . . . . . O . . . . . . |
$$ | . . . . O X . . . . X O X O O . O . . |
$$ | . O O O . X . . . X . . X X O O X . . |
$$ | . . X O . . . X . , X . . X X X O O . |
$$ | . . X O . X X X X O . O . . . X X O . |
$$ | . . . . O O O X O . . . . . X X O . . |
$$ | . . X . . . . O O . . O . . X O . O . |
$$ | . . . . O X . . . . . . X X O O . . . |
$$ | . X X . O 6 . O . O . X . . . O O . . |
$$ | . O X , X . X O . , . . . . X O X X . |
$$ | . O O X . . X O X X . X X X . X . . . |
$$ | . . . X . . . X O . . O X O X X 5 O . |
$$ | . . O X . . . X O . O . O O O . X 4 . |
$$ | . . O X . . . X O . . . O . X O O O . |
$$ | . . O . . . . O X O O . O . . X . . . |
$$ | . . O X X . . . X X X O . O . X O . . |
$$ | . . X O X . . . X . . X O . . X O . . |
$$ | . . O O X 3 . . . . . . X X . X O 0 . |
$$ | . . 2 C O . . . . . . . . . . 9 7 8 . |
$$ ---------------------------------------

I uploaded this to Imgur (thanks sol.ch), but is there a more direct way to post an image?

I'm using Opera, and I don't have any idea how to turn off image urls.

Does the server side script even cache the generated images?

daal wrote:

I'm using Opera, and I don't have any idea how to turn off image urls.

I'm using Opera too, but I'm not seeing it--but if I remember correctly, I've used versions of Opera that will use the image URL as the alt text if no alt text is specified. That means that this problem could be fixed by just adding some short alt text for the image (like "Go Diagram"), I'm guessing.

ross wrote:

daal wrote:

I'm using Opera, and I don't have any idea how to turn off image urls.

I'm wasn't seeing the behavior before, either, but I added the alt text like you suggested for now.

Doesn't seem to have done the trick, but thanks for the effort.

daal wrote:

Doesn't seem to have done the trick, but thanks for the effort.

It looks like your browser shows the URL regardless of the ALT text, then. I'm thinking that we're going to have to save the images on the server to adjust this, rather than generating them dynamically. I don't see how using an MD5 for a dynamically generated filename would allow for us to get around saving the images to disk since MD5 can have collisions. Perhaps we could save the files to the server using an MD5 hash for the filename, and if a duplicate filename existed, we could increment the filecount (eg. <md5-hash>1.gif, <md5-hash>2.gif, etc.). This would be inefficient for the cases where you have two of the same images (because we would generate separate, but identical images).

On the other hand, perhaps the chances of having an MD5 collision are low enough that we could use this filenaming scheme.

Also, I know Adrian wrote the wordpress plugin creating the diagram codes that did the above. Simply did an md5 hash of what was sent in to create a filename that could be checked so we didn't create duplicate images.

Kirby wrote:

daal wrote:

Doesn't seem to have done the trick, but thanks for the effort.

The chances of an MD5 collision are relatively low and I would think we wouldn't really need to worry about this. See: http://www.miketaylor.org.uk/tech/law.html for a simplified description of this.

And if a collision ever did occur, I don't think we'd have to wait long to hear about it! Plenty of us follow all the Malkovich games as it is, and that's where the vast majority of the diagram images are used.

Personally, I don't really buy the argument about using MD5 without any worries at all. There have been enough exploitations of MD5 to create a concern when you're using it for an important application. A popular example is this one: http://www.win.tue.nl/hashclash/rogue-ca/. However, it is true that these people were actively trying to break the system. It's also against my philosophy to develop something with a known problem if it can be avoided (like in this case by not generating filenames at all)...

But you guys are right: there is a problem with the current implementation if the characters in the URL get too long. Also as has been said, if a collision did occur, we could address it at that time. And the probability of a collision is still low, especially if nobody is trying to attack the system. Another point is that it seems that diagrams have already been implemented in this manner without problems, so it might be OK to follow suit...

It's not as straightforward as copying what Adrian has done verbatim because of the limitations in the BBCode, but we should probably go this route. I think that the possibility of MD5 collisions is low enough that it is a much lesser issue to worry about than passing things through the URL like this.

So if we do go that route, what about using php's sha1 function? It's unlikely that we'll have an MD5 collision, and probably even more unlikely that we'll have a sha1 collision. It probably doesn't make a difference, since we'll probably get no collisions at all, but it might make me feel a little happier inside.

schultz wrote:

I'm flattered that you remembered the details of that code from so long ago

Author:	daal [ Sun Apr 25, 2010 12:26 am ]
Post subject:	Mousing over diagrams
When mousing over a diagram, it would be nice if the pop-up would contain a lot less information. As it is, the huge white window full of %20s is a bit bothersome.

Author:	Solomon [ Sun Apr 25, 2010 12:29 am ]
Post subject:	Re: Mousing over diagrams
Hmm, strange...I'm not getting this problem on my end (OS X, Chrome 5.0 Beta).

Author:	schultz [ Sun Apr 25, 2010 12:34 am ]
Post subject:	Re: Mousing over diagrams
I'm only seeing it when the page first begins loading. I thought it might be the alternate text for the image, as the issue daal is saying makes it very much sound like that. It's not happening to me, though. Daal, what browser are you using? Looking at the source code for the page itself, it looks like the javascript behind the processing of the diagram code is what's causing this (does a bunch of replaces on the text sent in and then adds it to the link that gets sent to the actual image/diagram/sgf creator).

Author:	Gresil [ Sun Apr 25, 2010 12:36 am ]
Post subject:	Re: Mousing over diagrams
Does your browser show image URLs when mousing over? Turn that off, because it looks like a diagram's URL encodes the entire diagram definition. Here's the URL of a random diagram: Code: http://www.lifein19x19.com/forum/example4.php?request=SGF&msg=$$Bcm151 Moves 151 to 160 This is a long title, which I am going to keep writing about. You can write paragraphs and paragraphs, and the captions should wrap correctly, and not overlap with the image. Hopefully this works on all diagram sizes. If it does, that would be cool. And nothing else to say here, I guess... $$ --------------------------------------- $$ \| . . . . . . . . . . . . O . . . . . . \| $$ \| . . . . O X . . . . X O X O O . O . . \| $$ \| . O O O . X . . . X . . X X O O X . . \| $$ \| . . X O . . . X . , X . . X X X O O . \| $$ \| . . X O . X X X X O . O . . . X X O . \| $$ \| . . . . O O O X O . . . . . X X O . . \| $$ \| . . X . . . . O O . . O . . X O . O . \| $$ \| . . . . O X . . . . . . X X O O . . . \| $$ \| . X X . O 6 . O . O . X . . . O O . . \| $$ \| . O X , X . X O . , . . . . X O X X . \| $$ \| . O O X . . X O X X . X X X . X . . . \| $$ \| . . . X . . . X O . . O X O X X 5 O . \| $$ \| . . O X . . . X O . O . O O O . X 4 . \| $$ \| . . O X . . . X O . . . O . X O O O . \| $$ \| . . O . . . . O X O O . O . . X . . . \| $$ \| . . O X X . . . X X X O . O . X O . . \| $$ \| . . X O X . . . X . . X O . . X O . . \| $$ \| . . O O X 3 . . . . . . X X . X O 0 . \| $$ \| . . 2 C O . . . . . . . . . . 9 7 8 . \| $$ ---------------------------------------

Author:	schultz [ Sun Apr 25, 2010 12:38 am ]
Post subject:	Re: Mousing over diagrams
Gresil wrote: Does your browser show image URLs when mousing over? Turn that off, because it looks like a diagram's URL encodes the entire diagram definition. Here's the URL of a random diagram: Code: http://www.lifein19x19.com/forum/example4.php?request=SGF&msg=$$Bcm151 Moves 151 to 160 This is a long title, which I am going to keep writing about. You can write paragraphs and paragraphs, and the captions should wrap correctly, and not overlap with the image. Hopefully this works on all diagram sizes. If it does, that would be cool. And nothing else to say here, I guess... $$ --------------------------------------- $$ \| . . . . . . . . . . . . O . . . . . . \| $$ \| . . . . O X . . . . X O X O O . O . . \| $$ \| . O O O . X . . . X . . X X O O X . . \| $$ \| . . X O . . . X . , X . . X X X O O . \| $$ \| . . X O . X X X X O . O . . . X X O . \| $$ \| . . . . O O O X O . . . . . X X O . . \| $$ \| . . X . . . . O O . . O . . X O . O . \| $$ \| . . . . O X . . . . . . X X O O . . . \| $$ \| . X X . O 6 . O . O . X . . . O O . . \| $$ \| . O X , X . X O . , . . . . X O X X . \| $$ \| . O O X . . X O X X . X X X . X . . . \| $$ \| . . . X . . . X O . . O X O X X 5 O . \| $$ \| . . O X . . . X O . O . O O O . X 4 . \| $$ \| . . O X . . . X O . . . O . X O O O . \| $$ \| . . O . . . . O X O O . O . . X . . . \| $$ \| . . O X X . . . X X X O . O . X O . . \| $$ \| . . X O X . . . X . . X O . . X O . . \| $$ \| . . O O X 3 . . . . . . X X . X O 0 . \| $$ \| . . 2 C O . . . . . . . . . . 9 7 8 . \| $$ --------------------------------------- Gresil beat me to it, was editing my post while he posted the above. This is what it is doing. I saw another version of this that actually takes all that text and creates a md5 hash of the text and uses that as the name of the image and sgf file. Would be a way to clean this up quite a bit. Edit - Found where I saw that, and feel a little silly. Code that is tagged with a familiar author...Adrian Petrescu.

Life In 19x19 http://prod.lifein19x19.com/

Mousing over diagrams http://prod.lifein19x19.com/viewtopic.php?f=14&t=244	Page 1 of 2

Author:	daal [ Sun Apr 25, 2010 2:04 am ]
Post subject:	Re: Mousing over diagrams
I'm using Opera, and I don't have any idea how to turn off image urls. BTW, I wanted to post a screenshot of what I'm seeing, and I can't figure out how to do that either Edit: It must be a browser thing, The pop-ups don't show up in Firefox...

Author:	daal [ Sun Apr 25, 2010 3:19 am ]
Post subject:	Re: Mousing over diagrams
I uploaded this to Imgur (thanks sol.ch), but is there a more direct way to post an image? In any case, this is what I'm seeing:

Author:	Phelan [ Sun Apr 25, 2010 7:06 am ]
Post subject:	Re: Mousing over diagrams
daal wrote: I uploaded this to Imgur (thanks sol.ch), but is there a more direct way to post an image? You can use the "upload attachment" function below the main post writing area.

Author:	Kirby [ Sun Apr 25, 2010 9:15 am ]
Post subject:	Re: Mousing over diagrams
Yes, currently information is passed through the URL to generate an image on the fly. The image is not actually saved anywhere. This was because it was the only way I could figure out how to make diagrams work at the time. I think there's probably an alternative method that we can look into, but maybe after I work on the space issue with the diagrams that I think simpkin brought up.

Author:	fwiffo [ Sun Apr 25, 2010 9:25 am ]
Post subject:	Re: Mousing over diagrams
Does the server side script even cache the generated images?

Author:	ross [ Sun Apr 25, 2010 10:13 am ]
Post subject:	Re: Mousing over diagrams
daal wrote: I'm using Opera, and I don't have any idea how to turn off image urls. I'm using Opera too, but I'm not seeing it--but if I remember correctly, I've used versions of Opera that will use the image URL as the alt text if no alt text is specified. That means that this problem could be fixed by just adding some short alt text for the image (like "Go Diagram"), I'm guessing.

Author:	Kirby [ Sun Apr 25, 2010 10:29 am ]
Post subject:	Re: Mousing over diagrams
fwiffo wrote: Does the server side script even cache the generated images? Well, if I think about the actual implementation, there's a good chance that it does. Basically, we just use the php imagepng function, which outputs the raw image stream directly. I haven't looked into how php implements this. The imagepng function can also take a filename as a parameter, in which case it will save the file to the given location.

Author:	Kirby [ Sun Apr 25, 2010 10:35 am ]
Post subject:	Re: Mousing over diagrams
ross wrote: daal wrote: I'm using Opera, and I don't have any idea how to turn off image urls. I'm using Opera too, but I'm not seeing it--but if I remember correctly, I've used versions of Opera that will use the image URL as the alt text if no alt text is specified. That means that this problem could be fixed by just adding some short alt text for the image (like "Go Diagram"), I'm guessing. I'm wasn't seeing the behavior before, either, but I added the alt text like you suggested for now.

Author:	daal [ Sun Apr 25, 2010 12:59 pm ]
Post subject:	Re: Mousing over diagrams
Kirby wrote: ross wrote: daal wrote: I'm using Opera, and I don't have any idea how to turn off image urls. I'm using Opera too, but I'm not seeing it--but if I remember correctly, I've used versions of Opera that will use the image URL as the alt text if no alt text is specified. That means that this problem could be fixed by just adding some short alt text for the image (like "Go Diagram"), I'm guessing. I'm wasn't seeing the behavior before, either, but I added the alt text like you suggested for now. Doesn't seem to have done the trick, but thanks for the effort.

Page 1 of 2	All times are UTC - 8 hours [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/

Author:	Kirby [ Sun Apr 25, 2010 1:09 pm ]
Post subject:	Re: Mousing over diagrams
daal wrote: Doesn't seem to have done the trick, but thanks for the effort. It looks like your browser shows the URL regardless of the ALT text, then. I'm thinking that we're going to have to save the images on the server to adjust this, rather than generating them dynamically. I don't see how using an MD5 for a dynamically generated filename would allow for us to get around saving the images to disk since MD5 can have collisions. Perhaps we could save the files to the server using an MD5 hash for the filename, and if a duplicate filename existed, we could increment the filecount (eg. <md5-hash>1.gif, <md5-hash>2.gif, etc.). This would be inefficient for the cases where you have two of the same images (because we would generate separate, but identical images). On the other hand, perhaps the chances of having an MD5 collision are low enough that we could use this filenaming scheme.

Author:	schultz [ Sun Apr 25, 2010 6:02 pm ]
Post subject:	Re: Mousing over diagrams
Kirby wrote: daal wrote: Doesn't seem to have done the trick, but thanks for the effort. It looks like your browser shows the URL regardless of the ALT text, then. I'm thinking that we're going to have to save the images on the server to adjust this, rather than generating them dynamically. I don't see how using an MD5 for a dynamically generated filename would allow for us to get around saving the images to disk since MD5 can have collisions. Perhaps we could save the files to the server using an MD5 hash for the filename, and if a duplicate filename existed, we could increment the filecount (eg. <md5-hash>1.gif, <md5-hash>2.gif, etc.). This would be inefficient for the cases where you have two of the same images (because we would generate separate, but identical images). On the other hand, perhaps the chances of having an MD5 collision are low enough that we could use this filenaming scheme. The chances of an MD5 collision are relatively low and I would think we wouldn't really need to worry about this. See: http://www.miketaylor.org.uk/tech/law.html for a simplified description of this. And if a collision ever did occur, I don't think we'd have to wait long to hear about it! Plenty of us follow all the Malkovich games as it is, and that's where the vast majority of the diagram images are used. Also, I know Adrian wrote the wordpress plugin creating the diagram codes that did the above. Simply did an md5 hash of what was sent in to create a filename that could be checked so we didn't create duplicate images.

Author:	apetresc [ Sun Apr 25, 2010 7:14 pm ]
Post subject:	Re: Mousing over diagrams
schultz wrote: Also, I know Adrian wrote the wordpress plugin creating the diagram codes that did the above. Simply did an md5 hash of what was sent in to create a filename that could be checked so we didn't create duplicate images. I'm flattered that you remembered the details of that code from so long ago I don't think we have to worry about collisions. The chances of a collision in a data set as small as the collection of all diagrams on this board are extremely vanishingly small; it was a significant academic event when someone was able to produce any two strings that had the same MD5 hash, and as far as I know, it's still an open question how to generate any collision for a given hash. The fact that the strings we'd be hashing are, by their nature, almost identical, doesn't matter. md5 is very "discontinuous" in that sense. The reason I think it may be important to implement this at all is because we may soon run into Internet Explorer's 1000-character-URL limit if we make GET requests with the entire diagram with escape characters in there.

Author:	Kirby [ Sun Apr 25, 2010 7:27 pm ]
Post subject:	Re: Mousing over diagrams
schultz wrote: Kirby wrote: daal wrote: Doesn't seem to have done the trick, but thanks for the effort. It looks like your browser shows the URL regardless of the ALT text, then. I'm thinking that we're going to have to save the images on the server to adjust this, rather than generating them dynamically. I don't see how using an MD5 for a dynamically generated filename would allow for us to get around saving the images to disk since MD5 can have collisions. Perhaps we could save the files to the server using an MD5 hash for the filename, and if a duplicate filename existed, we could increment the filecount (eg. <md5-hash>1.gif, <md5-hash>2.gif, etc.). This would be inefficient for the cases where you have two of the same images (because we would generate separate, but identical images). On the other hand, perhaps the chances of having an MD5 collision are low enough that we could use this filenaming scheme. The chances of an MD5 collision are relatively low and I would think we wouldn't really need to worry about this. See: http://www.miketaylor.org.uk/tech/law.html for a simplified description of this. And if a collision ever did occur, I don't think we'd have to wait long to hear about it! Plenty of us follow all the Malkovich games as it is, and that's where the vast majority of the diagram images are used. Also, I know Adrian wrote the wordpress plugin creating the diagram codes that did the above. Simply did an md5 hash of what was sent in to create a filename that could be checked so we didn't create duplicate images. Personally, I don't really buy the argument about using MD5 without any worries at all. There have been enough exploitations of MD5 to create a concern when you're using it for an important application. A popular example is this one: http://www.win.tue.nl/hashclash/rogue-ca/. However, it is true that these people were actively trying to break the system. It's also against my philosophy to develop something with a known problem if it can be avoided (like in this case by not generating filenames at all)... But you guys are right: there is a problem with the current implementation if the characters in the URL get too long. Also as has been said, if a collision did occur, we could address it at that time. And the probability of a collision is still low, especially if nobody is trying to attack the system. Another point is that it seems that diagrams have already been implemented in this manner without problems, so it might be OK to follow suit... It's not as straightforward as copying what Adrian has done verbatim because of the limitations in the BBCode, but we should probably go this route. I think that the possibility of MD5 collisions is low enough that it is a much lesser issue to worry about than passing things through the URL like this. So if we do go that route, what about using php's sha1 function? It's unlikely that we'll have an MD5 collision, and probably even more unlikely that we'll have a sha1 collision. It probably doesn't make a difference, since we'll probably get no collisions at all, but it might make me feel a little happier inside.

Author:	daal [ Sun Apr 25, 2010 10:09 pm ]
Post subject:	Re: Mousing over diagrams
I've gotten rid of it. I asked the question in the Opera forums, and Tools>Preferences>Advanced>Browsing> disable tooltips. That did the trick.

Author:	schultz [ Sun Apr 25, 2010 10:59 pm ]
Post subject:	Re: Mousing over diagrams
Kirby wrote: Personally, I don't really buy the argument about using MD5 without any worries at all. There have been enough exploitations of MD5 to create a concern when you're using it for an important application. A popular example is this one: http://www.win.tue.nl/hashclash/rogue-ca/. However, it is true that these people were actively trying to break the system. It's also against my philosophy to develop something with a known problem if it can be avoided (like in this case by not generating filenames at all)... But you guys are right: there is a problem with the current implementation if the characters in the URL get too long. Also as has been said, if a collision did occur, we could address it at that time. And the probability of a collision is still low, especially if nobody is trying to attack the system. Another point is that it seems that diagrams have already been implemented in this manner without problems, so it might be OK to follow suit... It's not as straightforward as copying what Adrian has done verbatim because of the limitations in the BBCode, but we should probably go this route. I think that the possibility of MD5 collisions is low enough that it is a much lesser issue to worry about than passing things through the URL like this. So if we do go that route, what about using php's sha1 function? It's unlikely that we'll have an MD5 collision, and probably even more unlikely that we'll have a sha1 collision. It probably doesn't make a difference, since we'll probably get no collisions at all, but it might make me feel a little happier inside. I know it's not as straightforward as what Adrian did, unfortunately. I attempted to essentially modify it to work with the BBCode stuff a while ago, but kind of hit my personal limit on javascript and php coding. Always planned on going back and figuring it out, but then my club's forums kind of dried up and died so all my incentive disappeared. And I see no problem with using php's sha-1 function. It makes sense, and should (theoretically) make collisions even less likely. And if it makes you a little happier, then why not. Adrian Petrescu wrote: schultz wrote: Also, I know Adrian wrote the wordpress plugin creating the diagram codes that did the above. Simply did an md5 hash of what was sent in to create a filename that could be checked so we didn't create duplicate images. I'm flattered that you remembered the details of that code from so long ago Got a little lucky. Just happened to be looking through that code because of what was brought up in this thread, and realized the name looked very familiar. Never made the connection in the past (also would make sense, though, since you were using a different username).