AO3 News

Post Header

2017-10-12 13:48:34 -0400

With our latest deploys, we've ensured that common audio and video players still work after our pending move to HTTPS, added parent links to comment threads, removed a whole bunch of unused code, and took steps to prevent users from adding other people's works to anonymous or unrevealed collections.

Note: We successfully made the switch to HTTPS for a few days; however, the extra strain from encrypting all traffic proved too much for our servers at peak times. Until we have installed additional frontend servers (coming soon!), HTTP will remain the default protocol. (Of course, you can still elect to use a secure connection, e.g. via a browser extension like HTTPS Everywhere.) Please follow @AO3_Status on Twitter for futher updates.


  • Coders: Ariana, Cesy Avon, cyrilcee, Dense Lancer, Elz, james_, redsummernight, Sammie Louise, Sarken, tuff
  • Code reviewers: Ariana, Elz, james_, redsummernight, Sarken
  • Testers: Alison Watson, Lady Oscar, mumble, natalia gomes, Sarken


Works & Comments

  • [AO3-5192] - Common audio and video players that support HTTPS will still be accessible after our switch to secure browsing! We have adjusted the protocol in current embeds and added a step to our sanitizer that takes care of posts going forward.
  • [AO3-5188] - When trying to download a work as an ePub, users would frequently be served .zip files or a page of gibberish instead. We found the cause for this (caching! it's always caching!) and rewrote part of our download code to address the issue. Downloads should be served more reliably now.
  • [AO3-5159] - Some PDF files were also failing to generate, so we removed a line of code to see if that would help. Fingers crossed!
  • [AO3-3704] - If a work was styled with a work skin, and a co-creator edited that work later, the skin would be stripped off (...gruesome), requiring another edit by the first creator to tack it back on. Now the work skin stays where it should be at all times.
  • [AO3-5016] - It was previously possible to add other users' works to one's own anonymous and/or unrevealed collection, effectively hiding them from their creators (and everyone else) in the worst case scenario. We now prevent this, and display a helpful error message to the collection owner when they try.
  • [AO3-5058] - When importing someone else's work (as an Open Doors archivist), the site would throw an ugly Error 500 if it couldn't detect the work creator's email address on the imported page. It now provides a helpful error message instead.
  • [AO3-5131] - Trying to delete more than one comment from the same user, on the same work, when both had replies, was not possible for some reason. Turns out they would have both turned into identical "deleted comment" placeholders, and our validation code didn't like that. It's more lenient now.
  • [AO3-5144] - In order to make comment navigation easier, comment replies now have a "Parent Thread" link that takes you to the first comment in the thread and allows you to see the whole thing. \o/

Misc. Issues

  • [AO3-5015] - The location of the our backup Support form (used in case of serious site issues) had changed, so we edited the link on our Support form to save the OTW website a redirect.
  • [AO3-5044] - When changing one's username, one first had to read a little warning message about the consequences of a name change. However, that warning was misleadingly worded and didn't provide enough information about the process. We have improved the message now.
  • [AO3-4440] - In our efforts to make the AO3 interface translatable, we prepared the email that goes out to people with works in imported collections for eventual translation.
  • [AO3-5165] - We added some cleanup when certain background tasks failed.
  • [AO3-5189] - After running into an import test failure because an image URL in the relevant Dreamwidth post had changed, we rewrote the test in question to use the DW journal and community we manage ourselves to test imports.
  • [AO3-5195] - Coveralls was giving us wildly erratic scores for our test coverage, so we switched to Codecov, which will hopefully analyze our coverage in a more reliable manner.
  • [AO3-5055] - We have added a license to our code repository on GitHub.
  • [AO3-5187] - When we moved the autocomplete to its own Redis instance in our last deploy, we forgot to change the config files we use for our development environments. They're now updated and our coders can code again!

Code Cleanup

  • [AO3-4796] - When we deployed Rails 4, it broke filtering a little bit, so we had to use a hack-y workaround to fix it. Now that we're on Rails 5, we've removed the hack and filtering still works.
  • [AO3-5012] - We found some old code for automatically generating tag sets for a challenge that was never actually fleshed out, so we just removed it, for neatness.
  • [AO3-5093] - We simplified and tidied up part of our abuse report code.
  • [AO3-5094] - We also removed an ancient hack for fixing an encoding issue with time zones. It had fixed itself over the years, apparently.
  • [AO3-5096] - There was another bit of ancient unused code for bookmarks of external works, so we removed that too.
  • [AO3-5087] - More ancient, unused code for importing works was squashed while we were at it.
  • [AO3-5088] - Same for a security patch that had become irrelevant in the four years since we added it.
  • [AO3-5085] - We also had some lingering code for locales, which is now gone as well.

Known Issues

See our Known Issues page for current issues.