Problem with sticker action

Freeway
1

I’m trying to apply the sticker action (Sticker - ActionsForge) to a nested DIV box. According what I’ve read at FreewayTalk, it should work with such items.

Unfortunately, the action shows a strange behaviour: The “sticky” element is hidden behind the others on most browsers, except Safari, where it’s behind the first box, but on front of the others.

I’ve created a small demo site to show what is going wrong (see link, it’s a ZIP file). Perhaps Walter (waltd) or an other user can give me some hints.

Thank you very much. :slight_smile:

Bye,
Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

2

Can you post a link to the page showing the problem? (As a general rule, I don’t download Freeway documents when people post them here.)

Walter

On Jun 21, 2014, at 8:22 PM, tobiaseichner wrote:

I’m trying to apply the sticker action (Sticker - ActionsForge) to a nested DIV box. According what I’ve read at FreewayTalk, it should work with such items.

Unfortunately, the action shows a strange behaviour: The “sticky” element is hidden behind the others on most browsers, except Safari, where it’s behind the first box, but on front of the others.

I’ve created a small demo site to show what is going wrong (see link, it’s a ZIP file). Perhaps Walter (waltd) or an other user can give me some hints.

Thank you very much. :slight_smile:

Bye,
Tobias.

https://drive.google.com/file/d/0Bx8sJoYXBBPIbXRnWVY2aGc2bEE/edit?usp=sharing

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

3

No problem, here it is: Gerda Eichner – möblierte Appartements – Wohnen auf Zeit in Oberfranken

By the way, are there any security vulnerabilities known on freeway documents to take care about ?

Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

4

If you have never uploaded from within Freeway using a given document, then no. But if you have, then your upload user and password are embedded in the document. The password cannot be brute-forced out of the document, but the document can be used to deface your site or change its content, since it is authorized to change the content on server.

When posting a Freeway document for others to download (like the various examples I post for my Actions), I generally just use Transmit in place of Freeway’s built-in FTP to upload the example site, that way the password is never made part of the document and there’s nothing to lose.

As far as me being worried that your document contained some trojan horse that would cripple my computer, no, that’s not what I was worried about. It’s more about your security and peace of mind than anything else. (If the file you posted on Dropbox contains your password, you should take it down AND change your FTP password on your server immediately.)

When I have a contractual relationship with you, and you’ve paid me to dissect your site, or build one for you, or some such thing, then I will happily share binary Freeway files with you. I will specify exactly how you should compress the site archive (so I don’t have to bug you for external files that make it impossible to publish cleanly) and we will work out a round-trip code sharing setup. Generally at that level of work, you will have given me your passwords, and I will be contractually bound to keep them safe. We also won’t be discussing that in public.

Walter

On Jun 22, 2014, at 10:07 AM, tobiaseichner wrote:

No problem, here it is: Gerda Eichner – möblierte Appartements – Wohnen auf Zeit in Oberfranken

By the way, are there any security vulnerabilities known on freeway documents to take care about ?

Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

5

Thank you for the info.

In fact, I never used the built-in FTP feature of Freeway. But I must confess, even if, I not thought about this being a possible security risk (while I should, because I’m tending to be a bit paranoid sometimes).

Does FW show up a warning message about storing user account details within the project file ? While it is obvious after some thinking, it’s definitively a thing most people aren’t aware of. So maybe a warning message would be something for FW’s to-do list.

Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

6

You know what? Thank you for reminding me. I mentioned something about this a while ago, and it was pointed out to me that Freeway uses the Mac Keychain to store credentials now, and has done since version 3.5 or 4 (not really sure). So you can ignore my paranoia about the security leakage. The password is not stored in the document, it’s stored in YOUR mac in fairly unbreakable elliptical encryption, by the Mac OS.

Walter

On Jun 22, 2014, at 10:43 AM, tobiaseichner wrote:

Thank you for the info.

In fact, I never used the built-in FTP feature of Freeway. But I must confess, even if, I not thought about this being a possible security risk (while I should, because I’m tending to be a bit paranoid sometimes).

Does FW show up a warning message about storing user account details within the project file ? While it is obvious after some thinking, it’s definitively a thing most people aren’t aware of. So maybe a warning message would be something for FW’s to-do list.

Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

7

Ah, okay. It’s good to know.

“Elliptical encryption”… wasn’t there something in the news about certain algorithms are coming with NSA-made holes ?

Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

8

I believe that the Keychain’s encryption tech is something that the NSA doesn’t like very much. It’s part of the reason why there are a list of countries where you cannot buy or otherwise import a Mac. Basically, you have until the heat-death of the universe, given a good login password, before it can be brute-forced out. Of course if they really want it, they will get out the nipple clamps and get you to tell them.

Where Apple has been bitten is in the SSL stuff that protects your communication with other servers on the Internet. That was broken, and the breakage was known by a few spooks at the three-letter agencies for a very long time, and was recently fixed. There’s no telling who has your password if it was ever communicated by SSL over the Internet.

Walter

On Jun 22, 2014, at 10:52 AM, tobiaseichner wrote:

Ah, okay. It’s good to know.

“Elliptical encryption”… wasn’t there something in the news about certain algorithms are coming with NSA-made holes ?

Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

9

Spoken in general, in my mind people should take much more care about their privacy and protection of personal data. But it’s hard to put this across to people used to turn on their computers with the single push of a button without caring how things is working in the background.

And as long as the latest cool iPhone game is available free of charge, most don’t care that they pay with their privacy.

Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

10

Getting back to your question, I just tested this in Freeway 6. Since all of your elements are inline peers, all you need to do to get the effect to work the way you like is to manually add a generous z-index to the sticker element. The element below the sticker is riding up over the top of the sticker because it comes later in the source order, and absent any directive to the contrary, will always be above the elements that came before it.

Click once on your sticker, choose Item / Extended (option-command-x) and then the

segment of the dialog. Click Add, and enter z-index in the Name field and some large number like 20 in the Value field. Okay out of the stack of dialogs, and preview in a browser. The sticker should vault over the top of the other elements and stick at the top of the screen when you scroll past it.

Walter

On Jun 22, 2014, at 11:06 AM, tobiaseichner wrote:

Spoken in general, in my mind people should take much more care about their privacy and protection of personal data. But it’s hard to put this across to people used to turn on their computers with the single push of a button without caring how things is working in the background.

And as long as the latest cool iPhone game is available free of charge, most don’t care that they pay with their privacy.

Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

11

That did the trick ! Thank you.

Tobias.

freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options