This button is great, but the button server at hnbutton.appspot.com (which queries the search API) is frequently over its quota, which means the button doesn't appear / work a lot of the time.
I honestly didn't realize how much traction it picked up over the past 6 months.. It was a (pleasant) surprise to login into my GAE console and realize that it was serving, on peak days, over 1M impressions.
Interestingly enough, the "exceeded quota" was not for CPU resources! Instead, it was all egress bandwidth. On busy days, it would reach the free 1GB egress limit sometime between 6-12PM, and hence the error. I've upgraded the app, and it should be good for terabytes a day. ;-)
P.S. I've also pushed an update to enable more aggressive HTTP caching on the assets.
I have a question ... why can't a Hacker News button be done entirely in Javascript? If only HN would incorporate CORS file. Even if it doesn't, there could be a way to approximate it by checking if you are logged into HN, and if you are, doing a cross-domain POST via a form.
"But how do you know if you're logged into HN?" Ah, that's the hack.
The question -- for all the hackers here -- is, what resource can we request via Javascript on HN that will return a different status code (200 or another one) depending on login state?
For example, maybe posting a blank password to "change password" form will return a non-success status code when you aren't logged in, and be an innocuous post (since it results in an error).
Of course, the trouble with these techniques is that the site can disable them at any time.
The instructions are for the async install, so even if the widget is broken or goes down (it shouldn't), your site rendering will not be blocked, or affected in any other way.
Edit: You can style ".hn-share-iframe". Then the next issue: it's much wider than it needs to be when the story has already been submitted (see the screenshot, there's a lot of blank space on the right). Is there any other solution besides just positioning it on the right of the share buttons list?
Unfortunately, not that I've found.. Twitter and G+ also reserve the space and run into the same problem. The root issue is the lack of automagic iframe resizing.. which is what "seamless" attribute will solve, once it arrives and is supported by the browsers.
So how does this work? Does hnbutton.appspot.com do some clever proxying, or something? Or does HN just have a very easily exploitable XSRF vulnerability?
From what I can understand, looking at one site that uses the button[0], it just displays current votes and links you to the submission. It doesn't do any voting from the site like a reddit button would do.
I also don't understand how it works. If you could up-vote just by following a link, you could easily gain a system. For example, you could submit a story that automatically up-votes itself when visited by logged-in user, without any button press (CSRF). I believe Facebook like button (and other similar gadgets) are iframes from Facebook. So Facebook controls how the button looks like and it is not possible to submit 'Like' requests from a third party domain.
Then any browser will try to load the script synchronously. This ensures asynchronous loading and if there is a problem with button server, it stays there.
is there a demo somewhere? I tried to do something similar but the ycombinator.com domain returns the "X-Frame-Options:deny" header which makes iframing impossible. Also in order to vote by simple GETting a url you have to include a CSRF token as a URL parameter.
Great stuff. I'm gonna incorporate this on my upcoming blog. Thanks!
On a side note. Could someone at YC fix the up vote arrows here? It's really hard to hit these tiny arrows without hitting everything around before, really messy. BTW, a larger textfield wouldn't hurt either.
PS: Sorry for stealing your topic, I just felt the need to say these things which I think don't bother only me. ;)
Great tip, thanks for that. But I was referring to touch devices which make somewhat difficult to apply custom styles. So we shouldn't give up on our "demands" for better UX.
Warning, shameless plug incoming. I made a HN app for iPhone and iPad to solve some of the issues of the site. Mainly going back and forth from comments to article. Haven't gotten to a better voting yet, but I may in the future.
I suspect it's not, as mine is universal. If you had mine on it, they'd both have the same icon. Also, you can go to the app store from the link above and if it says "Open" it means you have it on the device.
It's easy to set up your own (free) button server though. Here's how: https://bountify.co/blog/host-your-own-hacker-news-button-se...