GuestNo new alerts


- Updates902
You may or may not have noticed a slight lag on first view, when your browser hasn't cached the resources, or maybe you haven't, that's even better. I keep a really close eye on the speed metrics, so I notice things really quick and one thing I noticed and was somewhat aware of is how large my avatar is.

It is 626x855 and sometimes takes longer than I would like to download. One way of getting it out the door faster is with thumbnailing and the main option open to me are Lilliput and Rez. Lilliput is part-C however, which complicates the process of installing Gosora, so I'd like to make it an optional dependency, however we still need a thumbnailer in the core.

And that's where Rez comes in. As a library that's 50% assembly, it is still pretty fast even if it doesn't reach Lilliput's performance, however one of the reasons that I've been dragging my heels on this is because Rez like most thumbnailers have DoS potential.

In other words, an adversary could conceivably overload a server with enough load that it's incapable of serving users, this DoS may even be accidental from a large number of people uploading avatars simultaneously. As such, I cannot run Rez on demand and have to opt to lazily run it over time and throttle it such that too many avatars can't be built at once.

However, this adds complexity, thus the delays. While thumbnailing is important, there are other things which are also important like getting things working well enough that you could toss Gosora in production without a second thought, even things which may seem low priority for some like analytics has provided me with a vast amount of information, including on what sorts of vulnerability scanners are flying by the neighbourhood and what crawlers we're getting.

In addition to that, it helps point out areas which people (or machines) might be having trouble with, if a large number of people land on the registration page and don't complete the registration process.

But of course, I don't want to get side-tracked here, this update is about thumbnailing, even if some ideas like fractional or live graphs might be interesting.

I've spent the past day drafting this out and I think we might go down a model where someone uploads an avatar, and then, it shows up in the UCP as "processing" right until the system has crunched it down to a smaller size suitable for view everywhere.

Until the process is complete, you'll be stuck with the default noavatar, whatever that may be. By default, it's an adorable.io avatar like the ones you may have seen around here. But I am open to suggestions on how to handle it, and of course, we would need some option to disable the thumbnailing.

In addition to that, we'll introduce other measures to reduce the number of absurdly large avatars, including imposing a one megabyte upload limit on avatars which should help avoid the situation where people toss 4K after 4K image to bog down Rez and to generally save bandwidth and disk space.