imgbi / img.bi Goto Github PK
View Code? Open in Web Editor NEWimg.bi main website
License: GNU General Public License v3.0
img.bi main website
License: GNU General Public License v3.0
Does this website allow linking directly to the image? If that's not possible, Img.bi can never compete with sites like Imgur.
I tried creating a hotlink: AAANmCAIAAAAq13OYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAASdEVYdFNvZnR3YXJlAEdyZWVuc2hvdF5VCAUAAP+HSURBVHhe7P15cyS5tu2J6RPIZLKW1C2zvupus9d9Ta17z6mqnOeByXkmI4JzksmZyZyzqrKmM9zXH1y/tRaAcDLrvPf63zoO2wbbvrEBhwNwMtaKDcT/pU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33qU5/61Kc+9alPfepTn/rUpz71qU996lOf+tSnPvWpT33q
The URL is super-long and the image can't be accessed.
your i2p link is unusable for almost everyone.
Please either register your domain or use a .b32.i2p address
Currently one can download all the uploaded files by randomly trying (brute-forcing) URLs under /download
, because only two letter/number combinations . As they are encrypted this is of course no big problem, but I still don't like it because it has one big problem: Metadata!
And after Snowden we should know that metadata matters.
So what one can get out by monitoring download
:
Of course if attacks against AES or the specific AES implementation are found you have also a serious problem, but when this happens you have a huge problem in general and this easy file access might be your smaller problem.
However a level of obscurity (which is achieved with more complex URLs in the download location) might at least prevent direct, easy attacks in this case.
So all in all: Please make the download location more complex, so one has to know the URL for downloading a specific file. Relying on the encryption is one way, doing everything to prevent attacks (including metadata leaks) is another...
AutoRM URL is a very nice idea. Very useful. Unluckly I see our problem.
Right know the common URL is:
and the "autoRM" URL is:
https://img.bi/#autorm/{picId}!{ReadKey}!{RMKey}
The recepient just have to change to remove "autorm" word to recover the common URL.
I know it can save the pic by all means and repost it, but it would be better to give another URL for autoRM.
It's not trivial by the way
The common name for your TLS setup is *.webhostbox.net. It's redirecting to some spammy site. Did you let the domain expire? I would've liked to evaluate your software before deciding if I want to use it.
Also:
npm install -g imgbi-server
npm ERR! code E404
npm ERR! 404 Not Found: imgbi-server@latest
After slecting the file and hitting "UPLOAD" I get the following error:
Error
It would be nice if you cold decouple the build process of the static files from the server start, because you do not always need to regenerate the static files with every server start.
E.g. when you create debug = "undefined"
in your local storage img.bi tries to read and parse it when visiting the "my" page, which of course results in an parse error.
Error: JSON.parse: unexpected character at line 1 column 1 of the JSON data
@https://domain.example/scripts/main.js:8:28334
r@https://domain.example/scripts/main.js:1:4487
@https://domain.example/scripts/main.js:8:28254
a/<@https://domain.example/scripts/main.js:3:2656
Yt/this.$get</h.prototype.$eval@https://domain.example/scripts/main.js:3:9989
Yt/this.$get</h.prototype.$digest@https://domain.example/scripts/main.js:3:8557
Yt/this.$get</h.prototype.$apply@https://domain.example/scripts/main.js:3:10285
c@https://domain.example/scripts/main.js:2:17715
b@https://domain.example/scripts/main.js:2:19904
ht/</S.onload@https://domain.example/scripts/main.js:2:20450
main.js:2:28031
o/<() main.js:2
nt/this.$get</<() main.js:2
a/<() main.js:3
Yt/this.$get</h.prototype.$eval() main.js:3
Yt/this.$get</h.prototype.$digest() main.js:3
Yt/this.$get</h.prototype.$apply() main.js:3
c()
So it might be worth to prefix the values for saved pictures img.bi creates, so that it does not read and clash with other things in the local storage.
Subj.
If I select or drag & drop multiple photos it uploads all of them (tested with 2 photos) but only displays one finally.
However if I look at "My pictures" it displays all so it's only a kind of usability issue. Maybe a preview (or a next/previous button) or something like this would be useful, because actually I thought "Oop, only one file was uploaded?" while in fact all pictures were uploaded correctly.
Also if you would make a kind of "preview page" (okay or at least not previews of the pictures but some links with filenames e.g.) then you would also have a basically implementation of #12. The only issue would be that you can't add photos later, but IMHO this is not necessary - to allow people to link to multiple pictures with one link (and one upload) would be enough for me.
Just a though: what about an URL redesign to be more open for future updates and more meaningful representation?
Trying to separate what's going on the server and client side:
Server: {picId} et {albumId} are identifiers of raw materials known by server and stored on it.
Client: {password}, {albumPassword} and "my" are only clientside
A GET on https://img.bi/{picId} would return an HTML with:
Hi.
First things first: thanks for the great work you put into img.bi!
I used it regularly from some time, it's awesome.
Is the website https://img.bi/ down? Are you aware of the issue?
I cannot access it (and am not the only one: http://isup.me/https://img.bi/).
Thanks again, and thanks in advance.
I couldn't upload PNG image.
Firefox 29 & 32 refused to upload it, whereas Chrome 33 said that file format is not supported.
would you ever consider including the option to strip exif data from an image when its uploaded? and/or optimizing the image like yahoo! smush.it does?
I'm trying to access https://img.bi/ for some time now and it always returns me timeout. Ping does not work neither. (IP: 131.72.136.19)
Is It Down Right Now reports that it's down too.
There is a missing value in the template for HTML : < title >{{config.name}}< /title >
In my installation the time is always 180 days when the home page is accessed. In the local storage I can also only see 180
saved even if I previously did a file upload with a different value.
At this time, when a user uploads images to .onion version of the website, they get only .onion URLs at the end.
You can't give them to friends who don't use Tor or post them in the "white" internet.
Hi there,
First of all great app, tnx for sharing it with community.
I tested image i uploaded by posting it on reddit. The main thing for that kind of sites, and all other social sites is to fetch thumb from the link. Right now that's not working. Is it able to add OG, Schema, or Twitter Card in head of the page, so any other site can fetch it ?
Peace,
Currently https://img.bi/ times out.
How about beside time for automatic deletion, adding a maximum number of view before desactivation ? (optionnal)
It could limit a bit an uncontrolled spread of picture viewing by link sharing
For exemple, I give to my family a link intend to be seen for only 5 peoples with an average view of 10 per people, I could set the maximum view to 50. After that limit the website desactivate the URL and force the author to regenerate the picture and create a new URL for it if he want to reshare it again.
I experience some uncaught errors in Chrome 36 :
So the image can be viewed unlimited times by multiple persons and is deleted automatically. Relative (save for N[m|h|d] e.g. 1h) and absolute (until d.m.y H:i:s). Would be pretty cool.
Because normally I upload things like screenshots and send someone (sometimes to more than one person) a link which may get viewed immediately or in a few hours and I don't want to remember days later to remove it.
People can use Apple iOS7 to upload picture in website but are not able to copy from the textbox and get the created URL
If you GET an URL with an invalid key the browser keep displaying the icon spinner "Loading" instead of telling the user that the key is invalid (not telling the key in incorrect)
In Firefox it shows the site as if it wouldn't had any favicon. However if I make a bookmark then the icon is shown correctly in the bookmark (but only there).
Firefox 38.0.1
rachel@racheltop:~$ wget img.bi
--2015-09-13 21:54:57-- http://img.bi/
Resolving img.bi (img.bi)... 131.72.136.19
Connecting to img.bi (img.bi)|131.72.136.19|:80... failed: Connection timed out.
rachel@racheltop:~$ curl -v img.bi
* Rebuilt URL to: img.bi/
* Hostname was NOT found in DNS cache
* Trying 131.72.136.19...
* connect to 131.72.136.19 port 80 failed: Connection timed out
* Failed to connect to img.bi port 80: Connection timed out
* Closing connection 0
According to --help
it should just load a config file, but in fact it tries to load some kind of module:
$ ./cli.js -c config.json
Error: Cannot find module 'config.json'
at Function.Module._resolveFilename (module.js:339:15)
at Function.Module._load (module.js:290:25)
at Module.require (module.js:367:17)
at require (internal/module.js:20:19)
at Object.<anonymous> (/.../node_modules/img.bi-server/cli.js:13:14)
at after (/.../node_modules/cli/cli.js:1057:18)
at Object.cli.main (/.../node_modules/cli/cli.js:1062:9)
at Object.<anonymous> (/.../node_modules/img.bi-server/cli.js:10:5)
at Module._compile (module.js:413:34)
at Object.Module._extensions..js (module.js:422:10)
at Module.load (module.js:357:32)
at Function.Module._load (module.js:314:12)
at Function.Module.runMain (module.js:447:10)
at startup (node.js:148:18)
at node.js:405:3
It only works when I'll specify the path like this:
$ ./cli.js -c ./config.json
It should however handle both cases.
When people go to a picture URL they will focus on the picture itself.
Maybe it would be better to hide by default the link generation (Web, tor and so on). A user interested by the associated links must click on a "link for sharing" button.
I would love a "Paste From Clipboard" feature, like http://snag.gy/
.
It would be great if it would be possible to have an Android app that let's us configure upload server address etc. and then give another "Share" option of uploading an image or screenshot to our own img.bi instance. What do you think?
To replicate this issue, go to the website, and click on Upload (without first selecting a file).
I know that nothing is happening, but it's stuck on "Uploading" with a loading icon.
Maybe disable the "Upload" button until a file is added?
URL generated on the website for img.bi.js view is wrong:
<img data-imgbi="https://img.bi/#/GCKXiMh!GrpJM9T5nctCSugqCxvVIG6Zp1PFm8W1nMsusmfs" />
Instead of
<img data-imgbi="https://img.bi/#!GCKXiMh!GrpJM9T5nctCSugqCxvVIG6Zp1PFm8W1nMsusmfs" />
At first nice all ads on your page have to follow this strict guidelines, including the ones for acceptable ads by AdBlockPlus.
However at first there are no ads (even with disabled adblocker I see none), but - although you say you follow ABPs guidelines https://img.bi/partials/ads.html (so just your ads information page) is blocked by ABPs EasyList. (I think because of a generic filter)
So I assume you didn't tried to get on ABPs list of acceptable ads, because you don't display any ads currently.
Or am I wrong? And do you want to make something against the blocking of the ads information page? (E.g. renaming would already solve the issue)
Hi,
My System:
Distributor ID: Debian
Description: Debian GNU/Linux 8.0 (jessie)
Release: 8.0
Codename: jessie
npm install -g imgbi-server
say that there isn’t any package to install:
npm ERR! 404 Not Found
npm ERR! 404
npm ERR! 404 'imgbi-server' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, or http url, or git url.
npm ERR! System Linux 2.6.32-43-pve
npm ERR! command "/usr/bin/nodejs" "/usr/bin/npm" "install" "-g" "imgbi-server"
npm ERR! cwd /root/img.bi
npm ERR! node -v v0.10.29
npm ERR! npm -v 1.4.21
npm ERR! code E404
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /root/img.bi/npm-debug.log
npm ERR! not ok code 0
If I try to install it via the git directory, I get that Errors:
> [email protected] install /root/img.bi/node_modules/bcrypt
> node-gyp rebuild
gyp: Call to 'node -e "require('nan')"' returned exit status 1. while trying to load binding.gyp
gyp ERR! configure error
gyp ERR! stack Error: `gyp` failed with exit code: 1
gyp ERR! stack at ChildProcess.onCpExit (/usr/share/node-gyp/lib/configure.js:344:16)
gyp ERR! stack at ChildProcess.emit (events.js:98:17)
gyp ERR! stack at Process.ChildProcess._handle.onexit (child_process.js:809:12)
gyp ERR! System Linux 2.6.32-43-pve
gyp ERR! command "nodejs" "/usr/bin/node-gyp" "rebuild"
gyp ERR! cwd /root/img.bi/node_modules/bcrypt
gyp ERR! node -v v0.10.29
gyp ERR! node-gyp -v v0.12.2
gyp ERR! not ok
npm WARN This failure might be due to the use of legacy binary "node"
npm WARN For further explanations, please read
/usr/share/doc/nodejs/README.Debian
npm ERR! [email protected] install: `node-gyp rebuild`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] install script.
npm ERR! This is most likely a problem with the bcrypt package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR! node-gyp rebuild
npm ERR! You can get their info via:
npm ERR! npm owner ls bcrypt
npm ERR! There is likely additional logging output above.
npm ERR! System Linux 2.6.32-43-pve
npm ERR! command "/usr/bin/nodejs" "/usr/bin/npm" "instal"
npm ERR! cwd /root/img.bi
npm ERR! node -v v0.10.29
npm ERR! npm -v 1.4.21
npm ERR! code ELIFECYCLE
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /root/img.bi/npm-debug.log
npm ERR! not ok code 0
When pictures are automaticaly removed because of "time to live", those pictures are still viewable in
https://img.bi/#/my
But when you click on the blue view button, it leads to the message: "Probably it was already removed."
Are the pictures sitll stored but not viewable ? In this case you should display to the author a message on top of each picture saying they have expired and a way to regenerate a new link.
If the pictures is deleted from the storage then it also be deleted from the "my" view.
Furthermore, an automated deleted pictures cannot be removed from the my view, since the URL
https://img.bi/#/rm/<id>!<key>
is not available any more and leads to the "Probably it was already removed." message too.
This is because it seems to be set with Javascript later correctly.
I think this is basically not such nice, so just add the website title directly to the HTML output.
The copy buttons at the file view doesn't work. That's surely because of the browser restrictions for access to the clipboard.
Additionally I think it is intended that there are some hover/clicking effects, but they aren't working.
So maybe a better thing would be if you could select the link with one click (e.g. by using user-select although this is not standardised).
When going to a wrong picID (like https://img.bi/#/ZhIYck2), Chrome 36 display:
Maybe it would be better to tell the user that the resource this not available.
It would nice to have a counter till deletion for each picture
After uploading an image, these example links are generated:
Link to view image https://img.bi/#/G5Jw9pb!ydTeFu6LMwMovBdEyfl6ebBqUC9U8RGOXJT9oyWN
Remove image after first view https://img.bi/#autorm/G5Jw9pb!ydTeFu6LMwMovBdEyfl6ebBqUC9U8RGOXJT9oyWN!JJR9gtAi4Bn5egqAXF5ZFXp58DJ
As you can see, the second link contains the first one. This leads to the following problem:
Suppose I upload an image and want to use the "remove image after first view" functionality.
Anyone can take the link, remove "autorm" and the additional, unnecessary part (in this case !JJR9gtAi4Bn5egqAXF5ZFXp58DJ
) to transform the link into a normal non-autodeleting link.
Would it be possible to create multiple keys that cannot be converted to each other, in order to make sure one-time links cannot be accessed multiple times?
It would be neat to have album (photo grouping) support.
As a user
I can upload several pictures, in several times if needed
I order to have a unique URL to share and access the whole album
I2P people disable JS because it leaks information. But userscripts can be useful, because they can be audited and user fully controls what is actually executed in the browser.
So, provide a userscript to use img.bi with disabled JS.
After deleting a photos you will be redirected to the homepage. IMHO it would be more useful to redirect back to the last visited site, which is "My pictures".
This way deleting multiple photos will be easier.
Sorry I don't want to open another issue for this: And of course to have checkboxes to delete multiple photos would make it much easier to delete them.
Long running on a server seems to be problematic.
Regularly I cannot upload any files as imgbi somehow closes the connection related to some headers. At least this is how I can interpret the nginx error messages (running as reverse proxy):
yyyy/mm/dd 12:59:18 [error] 12554#0: *1306 upstream prematurely closed connection while reading response header from upstream, request: "POST /SOMEDIR/api/upload HTTP/2.0", upstream: "http://127.0.0.1:SOMEPORT/api/upload"
yyyy/mm/dd 13:01:25 [error] 12554#0: *1306 connect() failed (111: Connection refused) while connecting to upstream, request: "POST /SOMEDIR/api/upload HTTP/2.0", upstream: "http://127.0.0.1:SOMEPORT/api/upload"
Or:
yyyy/mm/dd 18:39:57 [error] 1465#0: *174 recv() failed (104: Connection reset by peer) while reading response header from upstream, request: "POST /imgbi/api/upload HTTP/2.0", upstream: "http://127.0.0.1:SOMEPORT/api/upload"
yyyy/mm/dd 18:40:25 [error] 1465#0: *174 connect() failed (111: Connection refused) while connecting to upstream, request: "POST /SOMEDIR/api/upload HTTP/2.0", upstream: "http://127.0.0.1:SOMEPORT/api/upload"
After a restart of imgbi everything is working again.
$ ./cli.js
INFO: Building static content
INFO: [XX:YY:ZZ]
INFO: Working directory changed to ~/node/node_modules/img.bi-server
INFO: [XX:YY:ZZ]
INFO: Using gulpfile ~/node/node_modules/img.bi-server/gulpfile.js
INFO: [XX:YY:ZZ]
INFO: Starting 'css'...
INFO: [XX:YY:ZZ]
INFO: Starting 'js'...
INFO: [XX:YY:ZZ]
INFO: Starting 'html'...
INFO: [XX:YY:ZZ]
INFO: Starting 'favicons'...
INFO: [XX:YY:ZZ]
INFO: Starting 'fonts'...
events.js:159
throw err;
^
Error: Uncaught, unspecified "error" event. (Potentially unhandled rejection [2] 'modals.less' wasn't found. Tried - /.../node_modules/img.bi-server/frontend/less/modals.less,node_modules/bootstrap/less/modals.less,frontend/less/modals.less,modals.less in file /.../node_modules/img.bi-server/frontend/less/main.less line no. 29
)
at GulpRunner.emit (events.js:157:17)
at Socket.<anonymous> (/.../node_modules/gulp-runner/index.js:59:10)
at emitOne (events.js:90:13)
at Socket.emit (events.js:182:7)
at readableAddChunk (_stream_readable.js:153:18)
at Socket.Readable.push (_stream_readable.js:111:10)
at Pipe.onread (net.js:534:20)
When uncommenting this line I get another error:
Error: Uncaught, unspecified "error" event. (Potentially unhandled rejection [2] 'responsive-utilities.less' wasn't found. Tried - /.../node_modules/img.bi-server/frontend/less/responsive-utilities.less,node_modules/bootstrap/less/responsive-utilities.less,frontend/less/responsive-utilities.less,responsive-utilities.less in file /.../node_modules/img.bi-server/frontend/less/main.less line no. 26
)
at GulpRunner.emit (events.js:157:17)
at Socket.<anonymous> (/.../node_modules/gulp-runner/index.js:59:10)
at emitOne (events.js:90:13)
at Socket.emit (events.js:182:7)
at readableAddChunk (_stream_readable.js:153:18)
at Socket.Readable.push (_stream_readable.js:111:10)
at Pipe.onread (net.js:534:20)
I'm getting a 404 error when using npm install. Its failing because its trying to download libvips-8.2.0 at a url (https://dl.bintray.com/lovell/sharp/) that no longer has 8.2.0 available. Are you guys running into this when you build?
Okay this has not really something to do with this repo, but however I see that your site "only" scored B in sslabs test.
So at least disabling RC4 would be nice and if you can - adding things like HSTS and HPKP would be fantastic of course.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.