discourse integration - Change Whonix forum software to discourse

force_https has been enabled. Hopefully this does not break this forums’s .onion.

Due to potential flakyness of this 2FA method, let’s consider (2FA) account recovery.

If someone is a known person or pseudonym, having a usually used e-mail address and OpenPGP (or signify or otherwise) signing key, should I trust that signing key in if there ever is a request to disable 2FA?


Qubes OS forum works fine without JavaScript enabled, it is possible to search, browse and read threads.

Whonix forum is broken without JavaScript, the site doesn’t load properly at random, and threads don’t load all replies.

Both use Discourse. is it possible to make it so that the Whonix forum is usable without JavaScript? I am not asking for posting, signing up etc, but to read.

Seems like something you could research and report back your contribution :slight_smile:

This was caused by the custom skin for the forums we were using. This has now been reverted. Forums now functional for me without JavaScript.

@webmaster Your discourse instance can be read without JavaScript, how did you do that?

1 Like

Yes the experience seems to line up now. Strangely it doesn’t load the same way every time, giving the impression that it’s broken at first.



Still buggy

1 Like

The header/footer overlap issue reported by @nurmagoz has been fixed.

1 Like

For other bugs:

  • Please try to reproduce these on upstream, https://meta.discourse.org/
  • If reproducible there, please report these directly to upstream, not here.
  • Posting links to upstream bug reports here is welcome.

Only bugs only happening here should be reported here.

1 Like

Fixed for clearnet, but the onion version e.g section “News” only showing upper topics (no scrollbar).

1 Like

It’s buggy for me too, but refreshing the page makes it load correctly at times.

Are you sure there’s a difference onion vs clearnet?

There is a discourse upstream bug however which prevents a proper header / footer for noJS. Reported here:

I can reproduce this on https://meta.discourse.org/. If you wish to see this fixed, please reproduce and report that upstream.

1 Like
1 Like

Needs research what kind of data is sent to the AI.

Typing pattern? Bad.

Only public information? Maybe OK.

Or maybe only suitable if using local AI only instead of remote (API) based AI.

Consider including the onionsite link in the sign up email as well as clearnet to prevent having to copy parts of the URL manually.

Unfortunately too difficult. Unlikely to happen. Related wiki chapter:
Placing Trust in Whonix chapter Web Application Shortcomings in Whonix wiki