That breaks the visitor counter, since it relied on updating the underlying document to update the counts!
I was going to go ahead and hide the lock button entirely to avoid this attack, but decided I would get some work done today instead.
EDIT: after a bit more hacking, I removed the password and hid the lock button. Nothing that would stop a determined adversary :) (Also, I kept the Khajit change in your honor)
Neat! I like how it's lightweight, not enough lightweight stuff on the web nowadays (except for HN). Allowing the option to set human readable permalinks might be useful.
I like the unintrusive UI, but what I would really like is markdown support. I am not sure if that fits _your_ initial idea, but I'm a tech person, so, for me that's a must.
Unfortunately these kind of sites are an abuse magnet, so it is in the process of being retired.
I think any sustainable site/service like this has to be self-hosted, or come with a subscription. Because otherwise dealing with all the bots, spam-submissions, and other abuse is just too depressing.
Have you seen clientside-encrypted pastebins like 0bin[0]? The idea is to absolve the host of legal responsibility, since they can't even access the data without the decryption key in the URL.
MarkdownShare looks like a pretty neat service, I'm sorry to hear that people took advantage of it!
Interesting that you mention a subscription service would more sustainable. I'm actually building a markdown note-taking app [1], that is based around a note-card format. We are currently developing a way to share a markdown card with a secure link.
A combination of (bot) IP addresses making 20+ requests a second, to post SPAM. Half the abuse was people just making lots of requests in short spaces of time, the other half was just people submitting spam, more slowly. I added rate-limiting to deal with the worst offenders, but mostly they'd keep POSTing away, ignoring the error-codes I was sending.
All submissions would get a random ID, something like this example chosen at random:
There were numerous bots who'd try to spider/probe the site collecting all the links. Handling millions of 404s a month wasn't much of a pain, because the service was pretty efficient, but it was just another source of annoyance.
Finally, and God only knows how, I'd get a ton of DCMA takedown notices for alleged copyright infringement. That's what pushed me over the edge into first of all making it read only, and secondly planning to kill it at the end of the year.
Just bots spamming forms I guess, hoping to get indexed and ranked on google.
The same thing you see on random blogs, I don't think there's anything specific about my service in particular - just badly coded bots that don't have retry logic and blindly spam the same content to thousands of sites that accept comments, content, and pingbacks.
What would help a lot, if you could customize the generated parameter in some way. Together with the password feature noone could "hack" into it anyways.
Both great ideas. Getting rid of "?n=" is definitely coming (current links will of course keep working). Custom URL is also now on the list of next improvements.
Have you considered using ProseMirror [1]? It's a nice wrapper around contenteditable that makes things like inline math editing [2] much easier to set up.
This could be handy when you post on a forum or underneath a new article. Sometimes you want to go into more depth but technically limited on space or frankly it would be too much. You could have a link to note for those that wanted to read more. Would like it if I could host on my server, and had markdown (as said) plus some basic tracking info - # clicks etc.
Does anyone know of a replacement for the chrome extension papier? Made a new tab in chrome into a persistent notepad. I built all my note taking around it and my only option seems to side load it from now on.
Very interesting tool. I wonder what the business model behind this might be. How do you intend to make money? Do you even want to make money with this?
