Re: sponsor logo on home of CPAN mirror

2018-01-01 Thread Graham Barr
> On Dec 31, 2017, at 07:25, Henk P. Penning wrote: > > > I don't see how such a change can be kept local ; > how can it /not/ propagate to downstream mirrors? If the JSON file was named using the mirror hostname then index.html can extract the name from the URL and it

Re: sponsor logo on home of CPAN mirror

2018-01-01 Thread Leo Lapworth
On 1 January 2018 at 17:57, Elaine Ashton wrote: > On Jan 1, 2018, at 5:20 PM, Henk P. Penning wrote: > > I don't understand the "slippery slope". > Where is the "slope", and why is it "slippery" ? > -- the "how to add a sponsor logo/link" has been around for

Re: sponsor logo on home of CPAN mirror

2017-12-31 Thread Henk P. Penning
t;, cpan-workers <cpan-workers@perl.org> Subject: Re: sponsor logo on home of CPAN mirror  Ok ; here is the same thing with a /local/site.json file,  instead of a /local/site.js file :    http://cpan.cs.uu.nl/ondex2.html Hi Elaine, The entire point of a mirror is that it is an exact du

Re: sponsor logo on home of CPAN mirror

2017-12-31 Thread Henk P. Penning
On Sun, 31 Dec 2017, Robert wrote: Date: Sun, 31 Dec 2017 09:21:26 +0100 From: Robert <rob...@perl.org> To: Ask Bjørn Hansen <a...@perl.org> Cc: Henk P. Penning <penn...@uu.nl>, cpan-workers <cpan-workers@perl.org> Subject: Re: sponsor logo on home of CPAN mirror Encou

Re: sponsor logo on home of CPAN mirror

2017-12-31 Thread Robert
Encouraging mirrors to inject code is a very bad idea from a security perspective. I agree with Ask that allowing them to inject config is safer but is still a slippery slope. On Sat, Dec 30, 2017 at 9:58 PM, Ask Bjørn Hansen wrote: > Rather than having it execute javascript

Re: sponsor logo on home of CPAN mirror

2017-12-30 Thread Henk P. Penning
On Sun, 31 Dec 2017, Ask Bjørn Hansen wrote: Date: Sun, 31 Dec 2017 06:58:48 +0100 From: Ask Bjørn Hansen <a...@perl.org> To: Henk P. Penning <penn...@uu.nl> Cc: cpan-workers <cpan-workers@perl.org> Subject: Re: sponsor logo on home of CPAN mirror Rather than having it

Re: sponsor logo on home of CPAN mirror

2017-12-30 Thread Zefram
Henk P. Penning wrote: > -- add a javascript function "hostedby()" > -- add an empty in the "footer_mirror" section I certainly approve of only showing the logo to people who run JavaScript. -zefram