On Thu, 2022-04-07 at 11:01 +0200, Oliver Falk wrote: > I remember the CGI was disabled quite some time ago, but I have to > admit, I never had the chance to engage with the right people to see > how we can fix it.
To be clear, I'm not the right person, just relaying some info that got dug up on IRC today when other people noticed the script was broken. > I understand the script was added in order to provide additional > caching, right? I think it was mainly for privacy; not sending the avatar image requests to third-party domains such as libravatar.org. > What about if we change this to directly access libravatar.org and > see if the performance is sufficient? (doesn't address > federation...). That would presumably work, but there is the privacy issue. > There is a very simple libravatar proxy python script: > https://git.linux-kernel.at/oliver/ivatar/-/blob/master/libravatarproxy.py Since the Debian BTS is written in Perl I assume the admins prefer it. > Since I do have some Perl experience as well, if you want to stick > with Perl, I can also look into the existing CGI and depending on if > you want or not, also add federation. That would be helpful I think. I also note from looking at the Apache config today that the script might have already been migrated to mod_perl, but I wasn't sure, so I'll leave it up to the Debian BTS admins to check and respond and maybe re-enable execution of the script again. -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
