More than 9 categories: background colors and images not shown

Bug Reports
  • #1

    This is with the latest NodeBB (0.4.0). I can have and configure more than 10 categories. However, from category #10 on-wards the background color and image is not displayed on the home screen. Is this a bug in NodeBB or should I look at the template (I use Cerulean)?

  • #2


    More likely something to do with the theme. I have almost 30 categories here and running 0.4.0, with none of the problem that you described. I'm, of course, using Lavender, not Cerulean.

    That aside, if your site is what's listed on your profile page, you might want to consider getting its security certificate in order.

  • Plugin & Theme Dev

    @igbuend On the website your profile links, the problem with the Hardware-image is the class. you've set it's Image Class to auto instead of cover like the others are. Gadgets is also 'auto' but doesn't have any assigned image. Does the background-color stay within the ACP as you set them if you reload? Otherwise it could be just a missing 'Save' 😉

  • #4

    Meanwhile I got it fixed. Apparently I had some problems with my browser (I mostly use a Chromebook) not showing certain items on screen and sometimes not giving feedback about saves. Seems to work fine with the current code :).

    Regarding my security certificate: that is perfectly fine. It is not the safest certificate (which is a self-signed certificate contrary to what vendors try to tell you), but a free from CACERT. Since my site will be geared towards white-hat hackers, it is some kind of inside joke while at the same time scares away some spammers. Bit off-topic to explain the inside joke, but:

    • According to group thinking, certificates need a trusted third party to proof that an identity (e.g. your email, or a URL of a server) belongs to a person or a server. Those trusted third parties are the certificate authorities. An organised man-in-the-middle in a security protocol! Crazy! Especially since none of these authorities really can be trusted: many of them have been hacked, most of them are US based, in this post-Snowden era you already know who else has the private keys of those CA ... They even invented the more expensive EV-SLL ("enhanced validation") certificates, in fact admitting that before they didn't really validate an identity as documented in their own procedures. I once worked for a company that owned 3 of those certificate authorities. We were not even using the certificates internally ...

    • It is even worse. Not you" decide which certificate authority to trust, the browser vendors maintain a list, that is even different between the browser vendors. If they have that CA listed in the browser, you won't even see a warning. It costs for a certificate vendor about 50.000 USD to be "trusted" by the browser companies. When I see at the "trusted" CA list I notice a lot of malicious organisations yet they are trusted by the browsers. And mal-ware writers even know how to modify the list. A broken security model, or at least the implementation, yes ...

    Personally I think we can fix the model, but keep all browser vendors and certificate authorities outside the picture. The first problem is to trust that a specific public key belongs to a person/server. The problem was distribution. Really? I can send/publicize my certificate in hundreds of ways (We-chat attachment, Weibo posting, Facebook posting, tweet, ...). It unfeasible to intercept/modify all possible communications for any government or malicious organisation even if you control my ISP. Maybe we can have something like bit-coin transactions, certificate validated if X third parties agree ...

    DO not even get me started about the current OpenSSL issues :).

Suggested Topics

| | | |