hugo-hyperskip

Email-powered static comments for Hugo

git clone git://git.shimmy1996.com/hugo-hyperskip.git
commit 815167c5137480f14f7c404c21b353fd829a7153
parent bf89beeff690beded707fbfcddd9938a4c681242
Author: Shimmy Xu <shimmy.xu@shimmy1996.com>
Date:   Sun,  5 Jan 2020 22:17:14 -0600

Update README

Diffstat:
MREADME.org | 2+-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README.org b/README.org
@@ -33,6 +33,6 @@ For the email form to work properly, please specify in blog's =config.toml= auth
   email = "author@example.com"
 #+END_SRC
 
-The last 10 characters of =email_hash= will be displayed on the page for anyone aside from the blog author (SHA256 is used to match author email to given email hash). It is preferable to also only store the last 10 or fewer characters of email hash in the =comments.toml= file. This is used as an alternative to services like Gravatar or Libravatar for identification purposes, which would have required storing the entire hash value.
+The last 4 characters of =email_hash= will be displayed on the page for anyone aside from the blog author (SHA256 is used to match author email to given email hash). It is preferable to also only store the last few characters of email hash in the =comments.toml= file. This is used as an alternative to services like Gravatar or Libravatar for identification purposes, which would have required storing the entire hash value, an inherent security risk.
 
 By default, form data is sent using URL encoding in body of the email. An easy way to convert it back is to use =urllib.parse.unquote= in Python.