profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/edrlab/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
EDRLab edrlab European Digital Reading Lab

edrlab/thorium-reader 446

A cross platform desktop reading app, based on the Readium Desktop toolkit

edrlab/webpub-viewer 9

Simple webpub viewer, starting from the work of NYPL-Simplified

edrlab/bd-comics-manga 5

Study of the requirements and solutions for expressing digital bd, comics, manga, graphics novels ... using Web Publications and EPUB 4.

edrlab/lcp-testing-tools 5

Compliance testing tools for Readium LCP

edrlab/librivox2lpf 1

Transforms audiobook content from Librivox into an LPF packaged W3C Audiobook

edrlab/cryptopp 0

free C++ class library of cryptographic schemes

edrlab/json11 0

A tiny JSON library for C++11.

edrlab/NYPLNavigator-iOS 0

iOS navigator for Readium 2

edrlab/pdf.js 0

PDF Reader in JavaScript

push eventedrlab/lis-mon-livre

Pierre Leroux

commit sha 8527799d9bccea7f14d9f89b2035709be42fc027

fix actions

view details

push time in an hour

push eventedrlab/lis-mon-livre

Pierre Leroux

commit sha 27dba9b22ec7b540e54d176f48bd320f4f443abf

fix actions deploy

view details

push time in an hour

push eventedrlab/lis-mon-livre

Pierre Leroux

commit sha 0d338407095015408463609417cf485d16eef33d

github actions firebase functions auto deploy

view details

push time in an hour

Pull request review commentedrlab/thorium-reader

[WIP] [fix #1454] http request with file:// URI

 export const httpGetWithAuth =          }; -export const httpGet = httpGetWithAuth(true);+const httpGetFactory =+    (): typeof httpFetchFormattedResponse =>+        async (...arg) => {+            const [_url, _options, _callback, ..._arg] = arg;++            let url: URL | undefined;+            try {+                url = new URL(_url);+            } catch (e) {+                // wrong URL : fallback to httpGetWithAuth+                debug("wrong URL : fallback to httpGetWithAuth");+                debug(e);+            }++            if (url?.protocol === "file:") {++                let isFailure = false;+                let stream: NodeJS.ReadableStream | undefined;+                try {+                    stream = createReadStream(url.pathname);

So, a maliciously-crafted OPDS feed, LCP license, etc. could trigger arbitrary filesystem location access. This wouldn't pass a security audit, even if in practice the recipient of the HTTP response would be limited to some internal Thorium API, because an arbitrary filesystem path could be an operating system hook (not necessarily a downloadable binary blob). In other words, a mounted filesystem should be regarded as a sensitive API surface, and Thorium should implement provisions to secure access (e.g. ask user permissions, limit to known folders, etc.).

panaC

comment created time in 2 hours

PullRequestReviewEvent

push eventedrlab/lis-mon-livre

Pierre Leroux

commit sha 3d0a099c1c760e3150ba176aa4969a7f82a8cb87

fix ci

view details

push time in 2 hours

push eventedrlab/lis-mon-livre

Pierre Leroux

commit sha f1cdaa63b88c2e148a4309fb8f1a37f0eeff3b77

github actions ci

view details

Pierre Leroux

commit sha d71a74581ac9a22b7b1990023ed9211888505826

Merge branch 'main' of https://github.com/edrlab/lis-mon-livre into main

view details

push time in 2 hours

push eventedrlab/lis-mon-livre

Pierre Leroux

commit sha 4e334862168a6f72f06290abdd8473d9c768c4b3

Update README.md

view details

push time in 2 hours

push eventedrlab/lis-mon-livre

Pierre Leroux

commit sha 662e44d0e9e85450043386832e85ca70979ba0a9

gactions pull

view details

Pierre Leroux

commit sha 5a25f87c2de47fc4c05f8c3ee064b42a1c4de18b

update index.js from panaC/audiobooks

view details

push time in 2 hours

PublicEvent
PullRequestReviewEvent

Pull request review commentedrlab/thorium-reader

[WIP] [fix #1454] http request with file:// URI

 export const httpGetWithAuth =          }; -export const httpGet = httpGetWithAuth(true);+const httpGetFactory =+    (): typeof httpFetchFormattedResponse =>+        async (...arg) => {+            const [_url, _options, _callback, ..._arg] = arg;++            let url: URL | undefined;+            try {+                url = new URL(_url);+            } catch (e) {+                // wrong URL : fallback to httpGetWithAuth+                debug("wrong URL : fallback to httpGetWithAuth");+                debug(e);+            }++            if (url?.protocol === "file:") {++                let isFailure = false;+                let stream: NodeJS.ReadableStream | undefined;+                try {+                    stream = createReadStream(url.pathname);

https://github.com/edrlab/thorium-reader/search?q=httpGet httpGet is used 3 times in our code:

  • file downloader
  • opds
  • packageLink

access for the main process only not accessible from the renderer process

panaC

comment created time in 2 hours

issue openededrlab/lis-mon-livre

loss user data persistence between sessions (storage cross-session)

Doc: https://developers.google.com/assistant/conversational/storage-user

I noticed that the user storage has a very limited size. According to my observation if the storage size exceeds the limit, the new data state is not persisted and the previous data state is kept.

Now : after some optimisation : like string size reduction

I remarks that the user data storage is wiped after each end of session. It's not kept.

User data storage :

>  {                                                                                                      
>    p_i: 0,                                                                                              
>    player: {                                                                                            
>      'du_contrat_social_rousseau.json': { t: 36, i: 0, d: 1632475912941 }                               
>    },                                                                                                   
>    p_t: 36,                                                                                             
>    bearerToken: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwic3ViIjoxLCJpYXQiOjE2Mz
I0NzM1MTcsImV4cCI6MTYzMjQ3MzU3N30.AtJ09OuT3IDOTsgT2RqLgnv1hKSwK4j4RRZOgxuoJXo',                           
>    p_n: 'du_contrat_social_rousseau.json'                                                               
>  }       

User data storage provided to the next session :

>  {                                                                                                      
>    bearerToken: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwic3ViIjoxLCJpYXQiOjE2Mz
I0NzM1MTcsImV4cCI6MTYzMjQ3MzU3N30.AtJ09OuT3IDOTsgT2RqLgnv1hKSwK4j4RRZOgxuoJXo'                            
>  }  

created time in 2 hours

startededrlab/thorium-reader

started time in 7 hours

issue openededrlab/thorium-reader

Thorium | Bug | Screenreader on Windows reads underscores at chapter beginning (»Unterstrich«)

Thorium 1.7.2 – Windows 10

When screenreader feature is used on Windows, it reads two underscores on chapter beginnings. See example video for this behavior here: https://www.loom.com/share/eeefb3c9df984c43bf6512516c206ca6

The code of the XHTML file, which is seen in the video is the following.

<?xml version="1.0" encoding="UTF-8" standalone="no"?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops">

<head> <title>Höhenlage</title> <link href="../css/idGeneratedStyles.css" rel="stylesheet" type="text/css" /><link href="../css/styling.css" rel="stylesheet" type="text/css" /> </head>

<body id="ch-110-gender.xhtml" lang="de-DE" xml:lang="de-DE"> <div class="Einfacher-Textrahmen"> <h1 id="_idParaDest-1">01 | Screenreaderausgabe bei Gender-Zeichen</h1> <p class="FT_2_Abs">Das ist ein Beispielsatz für Verleger:innen und Lektor_innen und weitere Interessent*innen zur Feststellung der Sprachausgabe. AutorInnen und Leser/-innen werden bestimmt auch Interesse daran haben. Hier noch zum Vergleich: Verlegerinnen, Lektorinnen, Interessentinnen, Leserinnen.</p> </div> </body> </html>

created time in 8 hours

startededrlab/thorium-reader

started time in 2 days

startededrlab/thorium-reader

started time in 2 days

issue commentedrlab/thorium-reader

Feature request: Fixed layout epub zoom

i confirm, same issue, when i zoom it lost in resolution

MattiJarvinen

comment created time in 2 days

startededrlab/thorium-reader

started time in 3 days

issue commentedrlab/thorium-reader

Feature request: Fixed layout epub zoom

Hello, could you please post a separate issue including screenshots? Would you mind sharing your EPUB with me so I can investigate? ( daniel.weck@gmail.com )

MattiJarvinen

comment created time in 3 days

Pull request review commentedrlab/thorium-reader

[WIP] [fix #1454] http request with file:// URI

 export const httpGetWithAuth =          }; -export const httpGet = httpGetWithAuth(true);+const httpGetFactory =+    (): typeof httpFetchFormattedResponse =>+        async (...arg) => {+            const [_url, _options, _callback, ..._arg] = arg;++            let url: URL | undefined;+            try {+                url = new URL(_url);+            } catch (e) {+                // wrong URL : fallback to httpGetWithAuth+                debug("wrong URL : fallback to httpGetWithAuth");+                debug(e);+            }++            if (url?.protocol === "file:") {++                let isFailure = false;+                let stream: NodeJS.ReadableStream | undefined;+                try {+                    stream = createReadStream(url.pathname);

Enormous security risk (full disk access).

panaC

comment created time in 3 days

PullRequestReviewEvent
PullRequestReviewEvent

issue commentedrlab/thorium-reader

Feature request: Fixed layout epub zoom

Awesome work @danielweck @llemeurfr.

One thing I've noticed is that when I zoom in on my epubs they become pixelated and the text becomes hard to read. Is there any solution to this?

MattiJarvinen

comment created time in 3 days

Pull request review commentedrlab/thorium-reader

[fix #1536] opds problem details

 import { apiSaga } from "./api"; const filename_ = "readium-desktop:renderer:redux:saga:opds-browse"; const debug = debug_(filename_); -type TA = apiActions.result.TAction<TReturnPromiseOrGeneratorType<TApiMethod["opds/browse"]>>;+type TA = apiActions.result.TAction<TReturnPromiseOrGeneratorType<TApiMethod["browser/browse"]>>;  export function* opdsBrowse(link: string, REQUEST_ID: string) {      debug("opds-browse", link);-    yield apiSaga("opds/browse", REQUEST_ID, link);+    yield apiSaga("browser/browse", REQUEST_ID, link);

...I also note that the IBrowserResultView signals a generic HTTP request/response use-case, yet its object shape / model seems to be tightly-coupled with OPDS:

export interface IBrowserResultView {
    opds?: IOpdsResultView;
    problemDetails?: IOpdsProblemDetailsResultView;
}
panaC

comment created time in 3 days

PullRequestReviewEvent
PullRequestReviewEvent

Pull request review commentedrlab/thorium-reader

[fix #1536] opds problem details

 import { apiSaga } from "./api"; const filename_ = "readium-desktop:renderer:redux:saga:opds-browse"; const debug = debug_(filename_); -type TA = apiActions.result.TAction<TReturnPromiseOrGeneratorType<TApiMethod["opds/browse"]>>;+type TA = apiActions.result.TAction<TReturnPromiseOrGeneratorType<TApiMethod["browser/browse"]>>;  export function* opdsBrowse(link: string, REQUEST_ID: string) {      debug("opds-browse", link);-    yield apiSaga("opds/browse", REQUEST_ID, link);+    yield apiSaga("browser/browse", REQUEST_ID, link);

Can you please explain the rationale for the change from opds/browse to browse/browse? If the intent is to signal that this API will / can work with any HTTP request/response cycle, then I understand, but browse/browse looks like a typo rather than an intentional entry point in the API surface. Would http/browse be preferable, or is that a misnomer too?

panaC

comment created time in 3 days

Pull request review commentedrlab/thorium-reader

[fix #1536] opds problem details

 import { apiSaga } from "./api"; const filename_ = "readium-desktop:renderer:redux:saga:opds-browse"; const debug = debug_(filename_); -type TA = apiActions.result.TAction<TReturnPromiseOrGeneratorType<TApiMethod["opds/browse"]>>;+type TA = apiActions.result.TAction<TReturnPromiseOrGeneratorType<TApiMethod["browser/browse"]>>;  export function* opdsBrowse(link: string, REQUEST_ID: string) {      debug("opds-browse", link);-    yield apiSaga("opds/browse", REQUEST_ID, link);+    yield apiSaga("browser/browse", REQUEST_ID, link);

...furthermore, there is a file renaming from opdsBrowse.ts to browse.ts which signals the generic nature of the API, but the function is still named opdsBrowse():

export function* opdsBrowse(link: string, REQUEST_ID: string) {
...
}
panaC

comment created time in 3 days

PullRequestReviewEvent