init repo

.eslintrc.js

@@ -0,0 +1,25 @@
+module.exports = {
+  parser: '@typescript-eslint/parser',
+  parserOptions: {
+    project: 'tsconfig.json',
+    tsconfigRootDir: __dirname,
+    sourceType: 'module',
+  },
+  plugins: ['@typescript-eslint/eslint-plugin'],
+  extends: [
+    'plugin:@typescript-eslint/recommended',
+    'plugin:prettier/recommended',
+  ],
+  root: true,
+  env: {
+    node: true,
+    jest: true,
+  },
+  ignorePatterns: ['.eslintrc.js'],
+  rules: {
+    '@typescript-eslint/interface-name-prefix': 'off',
+    '@typescript-eslint/explicit-function-return-type': 'off',
+    '@typescript-eslint/explicit-module-boundary-types': 'off',
+    '@typescript-eslint/no-explicit-any': 'off',
+  },
+};

.gitignore

@@ -0,0 +1,56 @@
+# compiled output
+/dist
+/node_modules
+/build
+
+# Logs
+logs
+*.log
+npm-debug.log*
+pnpm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+
+# OS
+.DS_Store
+
+# Tests
+/coverage
+/.nyc_output
+
+# IDEs and editors
+/.idea
+.project
+.classpath
+.c9/
+*.launch
+.settings/
+*.sublime-workspace
+
+# IDE - VSCode
+.vscode/*
+!.vscode/settings.json
+!.vscode/tasks.json
+!.vscode/launch.json
+!.vscode/extensions.json
+
+# dotenv environment variable files
+.env
+.env.development.local
+.env.test.local
+.env.production.local
+.env.local
+
+# temp directory
+.temp
+.tmp
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json

.prettierrc

@@ -0,0 +1,4 @@
+{
+  "singleQuote": true,
+  "trailingComma": "all"
+}

.swcrc

@@ -0,0 +1,10 @@
+{
+    "jsc": {
+        "target": "esnext"
+    },
+    "isModule": true,
+    "module": {
+        "type": "nodenext",
+        "strict": true
+    }
+}

.vscode/launch.json

@@ -0,0 +1,21 @@
+{
+    // Use IntelliSense to learn about possible attributes.
+    // Hover to view descriptions of existing attributes.
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "type": "node",
+            "request": "launch",
+            "name": "Launch Program",
+            "skipFiles": [
+                "<node_internals>/**"
+            ],
+            "runtimeExecutable": "yarn",
+            "runtimeArgs": [ "start" ],
+            "outFiles": [
+                "${workspaceFolder}/dist/**/*.js"
+            ]
+        }
+    ]
+}

README.md

@@ -0,0 +1,5 @@
+# cupid
+this is a keyserver that queries multiple keyservers at once providing most recent data
+
+## deploying limitations
+it has to be deployed behind

nest-cli.json

@@ -0,0 +1,9 @@
+{
+  "$schema": "https://json.schemastore.org/nest-cli",
+  "collection": "@nestjs/schematics",
+  "sourceRoot": "src",
+  "compilerOptions": {
+    "deleteOutDir": true,
+    "builder": "swc"
+  }
+}

package.json

@@ -0,0 +1,80 @@
+{
+  "name": "cupid",
+  "version": "0.0.1",
+  "description": "",
+  "author": "",
+  "private": true,
+  "license": "GPL-3.0-only",
+  "type": "module",
+  "scripts": {
+    "build": "nest build",
+    "format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\"",
+    "start": "nest start",
+    "start:dev": "nest start --watch",
+    "start:debug": "nest start --debug --watch",
+    "start:prod": "node dist/main",
+    "lint": "eslint \"{src,apps,libs,test}/**/*.ts\" --fix",
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "test:cov": "jest --coverage",
+    "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
+    "test:e2e": "jest --config ./test/jest-e2e.json"
+  },
+  "dependencies": {
+    "@nestjs/common": "^10.0.0",
+    "@nestjs/core": "^10.0.0",
+    "@nestjs/platform-express": "^10.0.0",
+    "@nestjs/platform-fastify": "^10.3.10",
+    "fastify": "^4.28.1",
+    "hbs": "^4.2.0",
+    "ip-address": "^9.0.5",
+    "ky": "^1.5.0",
+    "reflect-metadata": "^0.2.0",
+    "rxjs": "^7.8.1"
+  },
+  "devDependencies": {
+    "@fastify/static": "^7.0.4",
+    "@fastify/view": "^9.1.0",
+    "@nestjs/cli": "^10.0.0",
+    "@nestjs/schematics": "^10.0.0",
+    "@nestjs/testing": "^10.0.0",
+    "@swc/cli": "^0.4.0",
+    "@swc/core": "^1.7.2",
+    "@types/express": "^4.17.17",
+    "@types/hbs": "^4.0.4",
+    "@types/jest": "^29.5.2",
+    "@types/node": "^20.3.1",
+    "@types/supertest": "^6.0.0",
+    "@typescript-eslint/eslint-plugin": "^7.0.0",
+    "@typescript-eslint/parser": "^7.0.0",
+    "eslint": "^8.42.0",
+    "eslint-config-prettier": "^9.0.0",
+    "eslint-plugin-prettier": "^5.0.0",
+    "jest": "^29.5.0",
+    "prettier": "^3.0.0",
+    "source-map-support": "^0.5.21",
+    "supertest": "^7.0.0",
+    "ts-jest": "^29.1.0",
+    "ts-loader": "^9.4.3",
+    "ts-node": "^10.9.1",
+    "tsconfig-paths": "^4.2.0",
+    "typescript": "^5.1.3"
+  },
+  "jest": {
+    "moduleFileExtensions": [
+      "js",
+      "json",
+      "ts"
+    ],
+    "rootDir": "src",
+    "testRegex": ".*\\.spec\\.ts$",
+    "transform": {
+      "^.+\\.(t|j)s$": "ts-jest"
+    },
+    "collectCoverageFrom": [
+      "**/*.(t|j)s"
+    ],
+    "coverageDirectory": "../coverage",
+    "testEnvironment": "node"
+  }
+}

src/app.module.ts

@@ -0,0 +1,9 @@
+import { KeysModule } from './keys/keys.module.js';
+import { Module } from '@nestjs/common';
+import { ViewsController } from './views.controller.js';
+
+@Module({
+    controllers: [ ViewsController ],
+    imports: [ KeysModule ]
+})
+export class AppModule {}

src/keys/controllers/hkp.controller.ts

@@ -0,0 +1,43 @@
+import { BadRequestException, Controller, Get, Query, Req } from "@nestjs/common";
+import { Address4, Address6 } from "ip-address";
+
+import type { FastifyRequest } from 'fastify';
+
+import { HKPOperation, VALID_OPS } from "../providers/abstract.provider.js";
+import { AllKeysProvider } from "../providers/all.provider.js";
+import { serializeIndexes } from "../indexes.js";
+
+@Controller()
+export class HKPController {
+
+    constructor(
+        private allKeysProvider: AllKeysProvider
+    ) {}
+
+    @Get('pks/lookup')
+    async lookup(@Req() req: FastifyRequest, @Query('search') search: string, @Query('op') op: HKPOperation) {
+        if (VALID_OPS.indexOf(op) === -1) {
+            throw new BadRequestException('op MUST be one of: ' + VALID_OPS.join(', '));
+        }
+
+        let ip: Address4 | Address6 | null = null;
+        if (Address4.isValid(req.ip.replace(/^.*:/, ''))) {
+            ip = new Address4(req.ip.replace(/^.*:/, ''))
+        } else if (Address6.isValid(req.ip)) {
+            ip = new Address6(req.ip)
+        }
+        if (ip === null) {
+            ip = new Address4('127.0.0.1');
+        }
+
+        const miscData = { ip }
+        
+        switch (op) {
+            case 'get':
+                return this.allKeysProvider.get(search, miscData);
+            case 'index':
+                const indexes = await this.allKeysProvider.index(search, miscData);
+                return serializeIndexes(indexes);
+        }
+    }
+}

src/keys/indexes.ts

@@ -0,0 +1,139 @@
+// as per https://www.ietf.org/archive/id/draft-gallagher-openpgp-hkp-05.html#name-machine-readable-indexes
+
+export interface Index {
+    prefix: 'info' | 'pub' | 'uid';
+}
+
+export type Indexes = Index[];
+
+export class InfoLine implements Index {
+    prefix: 'info';
+    version: 1;
+    count: number;
+
+    constructor(indexLine: string) {
+        parseIndex<InfoLine>(this, indexLine, [ 'version', 'count' ]);
+
+        this.prefix = 'info';
+
+        if (this.version != 1) {
+            throw new Error('InfoLine\'s version MUST be 1! Got ' + this.version)
+        }
+        if (this.count) {
+            if (typeof this.count !== 'number') {
+                if (isNaN(this.count)) {
+                    throw new Error('InfoLine\'s count MUST NOT be NaN!');
+                }
+            }
+        }
+    }
+}
+
+export class PubLine implements Index {
+    prefix: 'pub';
+    keyid?: string;
+    keylen?: number;
+    algorithm?: string;
+    creationdate?: number;
+    expirationdate?: number;
+    flags?: string;
+    version?: string;
+
+    constructor(indexLine: string) {
+        parseIndex<PubLine>(this, indexLine, [ 'keyid', 'keylen', 'algorithm', 'creationdate', 'expirationdate', 'flags', 'version' ]);
+
+        this.prefix = 'pub';
+
+        if (this.creationdate && typeof this.creationdate !== 'number') {
+            this.creationdate = parseFloat(this.creationdate);
+            if (isNaN(this.creationdate)) {
+                throw new Error('PubLine\'s creationdate MUST NOT be NaN!');
+            }
+        }
+        if (this.expirationdate && typeof this.expirationdate !== 'number') {
+            this.expirationdate = parseFloat(this.expirationdate);
+            if (isNaN(this.expirationdate)) {
+                throw new Error('PubLine\'s expirationdate MUST NOT be NaN!');
+            }
+        }
+    }
+}
+
+export class UidLine implements Index {
+    prefix: 'uid';
+    uidstring?: string;
+    creationdate?: string;
+    expirationdate?: string;
+    flags?: string;
+
+    constructor(indexLine: string) {
+        parseIndex<UidLine>(this, indexLine, [ 'uidstring', 'creationdate', 'expirationdate', 'flags' ]);
+
+        this.prefix = 'uid';
+    }
+}
+
+export function assertValidPrefix(prefix: string, throwError = true): boolean {
+    if ([ 'info', 'pub', 'uid' ].indexOf(prefix) == -1) {
+        if (!throwError) {
+            return false;
+        }
+        throw new Error('Prefix must be one of: info, pub, uid')
+    }
+    return true
+}
+
+export function parseIndexes(untyped: string[]): Indexes {
+    return untyped
+        .filter(x => x.split(':').length > 1)
+        .filter(x => assertValidPrefix(x.split(':')[0], false))
+        .map(x => {
+            const prefix = x.split(':')[0] as 'info' | 'pub' | 'uid';
+            switch (prefix) {
+                case 'info': return new InfoLine(x)
+                case 'pub':  return new PubLine(x)
+                case 'uid':  return new UidLine(x)
+            }
+        })
+}
+
+export function parseIndex<T extends Index>(self: any, index: string, keys: (keyof T)[]): void {
+    let exploded = index.replaceAll('\r', '').split(':');
+
+    if (keys.length > exploded.length) {
+        throw new Error('keys MUST NOT be longer than index');
+    }
+
+    const prefix = exploded[0] as 'info' | 'pub' | 'uid';
+    assertValidPrefix(prefix, true);
+    self.prefix = prefix;
+    exploded = exploded.slice(1, exploded.length);
+
+    for (let i = 0; i != keys.length; i++) {
+        self[keys[i]] = decodeURIComponent(exploded[i]);
+    }
+}
+
+export function serializeIndexes(indexes: Indexes): string {
+    let out: (string | number | undefined)[][] = [];
+    for (const index of indexes) {
+        if (index instanceof InfoLine) {
+            out.push([ 'info', index.version, index.count ]);
+        }
+        if (index instanceof PubLine) {
+            out.push([ 'pub', index.keyid, index.algorithm, index.keylen, index.creationdate, index.expirationdate, index.flags, index.version ]);
+        }
+        if (index instanceof UidLine) {
+            out.push([ 'uid', index.uidstring, index.creationdate, index.expirationdate, index.flags ]);
+        }
+    }
+
+    return out
+        .map(
+            x => x
+                  .map(x => x ?? '')
+                  .map(encodeURIComponent)
+                  .join(':')
+        )
+        .join('\n') + '\n'
+}

src/keys/keys.module.ts

@@ -0,0 +1,11 @@
+import { Module } from "@nestjs/common";
+import { HKPController } from "./controllers/hkp.controller.js";
+import { OpenPGPKeysProvider } from "./providers/openpgp.provider.js";
+import { AllKeysProvider } from "./providers/all.provider.js";
+
+@Module({
+    providers: [ OpenPGPKeysProvider, AllKeysProvider ],
+    controllers: [ HKPController ],
+    exports: [ OpenPGPKeysProvider, AllKeysProvider ] 
+})
+export class KeysModule {}

src/keys/providers/abstract.provider.ts

@@ -0,0 +1,31 @@
+import { Get, Injectable } from '@nestjs/common';
+import { Indexes } from '../indexes.js';
+import { Address4, Address6 } from 'ip-address';
+
+export type AdditionalData = { ip: Address4 | Address6 };
+export type HKPOperation = keyof AbstractKeysProvider;
+export type GetOperationReturn = string | 404;
+
+export const VALID_OPS: readonly HKPOperation[] = Object.freeze([ 'get', 'index' ])
+
+/** https://www.ietf.org/archive/id/draft-gallagher-openpgp-hkp-05.html#name-the-op-operation-field */
+@Injectable()
+export abstract class AbstractKeysProvider {
+
+    readonly url = Object.freeze('http://none');
+
+    /**
+        The "get" operation requests keys from the keyserver by textual search. A string that specifies which key(s) to return is provided in the "search" field.
+       
+        The response to a successful "get" request is a HTTP document containing an ASCII-armored keyring as specified in [Section 8](https://www.ietf.org/archive/id/draft-gallagher-openpgp-hkp-05.html#keyring-format).
+
+        The response MAY be wrapped in any HTML or other text desired, except that the actual key data consisting of an initial line break, the "-----BEGIN PGP PUBLIC KEY BLOCK-----" header, the armored key data itself, the "-----END PGP PUBLIC KEY BLOCK-----" header, and a final line break MUST NOT be modified from the form specified in [[I-D.ietf-openpgp-crypto-refresh](https://www.ietf.org/archive/id/draft-gallagher-openpgp-hkp-05.html#I-D.ietf-openpgp-crypto-refresh)].
+
+        If no keys match the request, the keyserver SHOULD return an appropriate HTTP error code such as 404 ("Not Found").
+     */
+    @Get()
+    async get(search: string, data: AdditionalData): Promise<GetOperationReturn>  { return 404 }
+
+    @Get()
+    async index(search: string, data: AdditionalData): Promise<Indexes>           { return [] }
+}

src/keys/providers/all.provider.ts

@@ -0,0 +1,48 @@
+import { Get, Injectable } from "@nestjs/common";
+import { AbstractKeysProvider, type AdditionalData } from "./abstract.provider.js";
+import { Indexes, InfoLine } from "../indexes.js";
+import { OpenPGPKeysProvider } from "./openpgp.provider.js";
+
+/**
+ * This provider searches all key providers and returns their combined result
+ */
+@Injectable()
+export class AllKeysProvider implements AbstractKeysProvider {
+
+    constructor(
+        private openPgpKeysProvider: OpenPGPKeysProvider
+    ) {}
+
+    getAll(): AbstractKeysProvider[] {
+        return [
+            this.openPgpKeysProvider
+        ]
+    }
+
+    @Get()
+    async get(search: string, data: AdditionalData): Promise<string | 404> {
+        const all = this.getAll();
+        const promises = await Promise.all(all.map(x => x.get(search, data)))
+
+        if (promises.filter(x => x == 404).length == promises.length) { // all failed
+            return 404
+        } else {
+            // if there are multiple keys, join them together to avoid missing data
+            return promises
+                .filter(x => typeof x === 'string')
+                .join('\n')
+        }
+    }
+
+    @Get()
+    async index(search: string, data: AdditionalData): Promise<Indexes> {
+        const all = this.getAll();
+        const promises = await Promise.all(all.map(x => x.index(search, data)))
+
+        // merge indexes if there are multiple
+        const out = [ new InfoLine('info:1:1') ] as Indexes;
+        promises.forEach(x => x.filter(x => x.prefix !== 'info').forEach(y => out.push(y)));
+
+        return out;
+    }
+}

src/keys/providers/openpgp.provider.ts

@@ -0,0 +1,22 @@
+import { Get, Injectable } from "@nestjs/common";
+
+import { AbstractKeysProvider } from "./abstract.provider.js";
+import type { AdditionalData } from "./abstract.provider.js";
+import { proxyGetOp, proxyIndexOp } from "./utils.js";
+import { Indexes } from "../indexes.js";
+
+@Injectable()
+export class OpenPGPKeysProvider implements AbstractKeysProvider {
+
+    readonly url = Object.freeze('https://keys.openpgp.org');
+
+    @Get()
+    async get(search: string, data: AdditionalData): Promise<string | 404> {
+        return proxyGetOp(this.url + '/pks/lookup', search, data);
+    }
+
+    @Get()
+    async index(search: string, data: AdditionalData): Promise<Indexes> {
+        return proxyIndexOp(this.url + '/pks/lookup', search, data);
+    }
+}

src/keys/providers/ubuntu.provider.ts

@@ -0,0 +1,22 @@
+import { Get, Injectable } from "@nestjs/common";
+
+import { AbstractKeysProvider } from "./abstract.provider.js";
+import type { AdditionalData } from "./abstract.provider.js";
+import { proxyGetOp, proxyIndexOp } from "./utils.js";
+import { Indexes } from "../indexes.js";
+
+@Injectable()
+export class UbuntuKeysProvider implements AbstractKeysProvider {
+
+    readonly url = Object.freeze('https://keyserver.ubuntu.com');
+
+    @Get()
+    async get(search: string, data: AdditionalData): Promise<string | 404> {
+        return proxyGetOp(this.url + '/pks/lookup', search, data);
+    }
+
+    @Get()
+    async index(search: string, data: AdditionalData): Promise<Indexes> {
+        return proxyIndexOp(this.url + '/pks/lookup', search, data);
+    }
+}

src/keys/providers/utils.ts

@@ -0,0 +1,47 @@
+import ky, { ResponsePromise } from "ky";
+import { AdditionalData, GetOperationReturn, HKPOperation } from "./abstract.provider.js";
+import { Indexes, parseIndexes } from "../indexes.js";
+
+const BEGIN_HEADER = '-----BEGIN PGP PUBLIC KEY BLOCK-----';
+const END_HEADER = '-----END PGP PUBLIC KEY BLOCK-----';
+
+export function getKey(raw: string): string {
+    return (
+        raw
+            .replace(new RegExp(`.*${BEGIN_HEADER}`, 'gm'), BEGIN_HEADER)
+            .replace(new RegExp(`${END_HEADER}.*`,   'gm'), END_HEADER)
+    );
+}
+
+/**
+ * Proxy request to a 3rd party keyserver via ky
+ */
+export function proxyRequest(url: string, op: HKPOperation, search: string, data: AdditionalData): ResponsePromise {
+    return ky(
+        url,
+        {
+            headers: {
+                'User-Agent': 'Cupid (https://cupid.blek.codes)'
+            },
+            searchParams: {
+                op,
+                search
+            }
+        }
+    )
+}
+
+export async function proxyGetOp(url: string, search: string, data: AdditionalData): Promise<GetOperationReturn> {
+    const httpRes = await proxyRequest(url, 'get', search, data);
+    if (httpRes.status !== 200) { return 404 }
+
+    return getKey(await httpRes.text())
+}
+
+export async function proxyIndexOp(url: string, search: string, data: AdditionalData): Promise<Indexes> {
+    const httpRes = await proxyRequest(url, 'index', search, data);
+    if (httpRes.status !== 200) { return [] }
+    
+    const rawIndexes = await httpRes.text();
+    return parseIndexes(rawIndexes.split('\n'))
+}

src/main.ts

@@ -0,0 +1,28 @@
+import { FastifyAdapter, NestFastifyApplication } from '@nestjs/platform-fastify';
+import { NestFactory } from '@nestjs/core';
+import handlebars from 'hbs';
+
+import { join } from 'path';
+
+import { AppModule } from './app.module.js';
+
+async function bootstrap() {
+  const app = await NestFactory.create<NestFastifyApplication>(AppModule, new FastifyAdapter());
+
+  const root = import.meta.dirname;
+
+  app.useStaticAssets({
+    root: join(root, '..', 'public'),
+    prefix: '/public/'
+  });
+
+  app.setViewEngine({
+    engine: {
+      handlebars
+    },
+    templates: join(root, '..', 'views')
+  })
+
+  await app.listen(3000);
+}
+bootstrap();

src/views.controller.ts

@@ -0,0 +1,17 @@
+import { Controller, Get, Render } from "@nestjs/common";
+
+import { AllKeysProvider } from "./keys/providers/all.provider.js";
+
+@Controller()
+export class ViewsController {
+
+    constructor(
+        private allKeysProvider: AllKeysProvider
+    ) { }
+
+    @Get()
+    @Render('index.html')
+    index() {
+        return { keys: this.allKeysProvider.getAll().map(x => x.url) }
+    }
+}

test/app.e2e-spec.ts

@@ -0,0 +1,25 @@
+import { Test, TestingModule } from '@nestjs/testing';
+import { INestApplication } from '@nestjs/common';
+import request from 'supertest';
+
+import { AppModule } from './../src/app.module.js';
+
+describe('AppController (e2e)', () => {
+  let app: INestApplication;
+
+  beforeEach(async () => {
+    const moduleFixture: TestingModule = await Test.createTestingModule({
+      imports: [AppModule],
+    }).compile();
+
+    app = moduleFixture.createNestApplication();
+    await app.init();
+  });
+
+  it('/ (GET)', () => {
+    return request(app.getHttpServer())
+      .get('/')
+      .expect(200)
+      .expect(res => res.headers['Content-Type'] == 'text/html');
+  });
+});

test/jest-e2e.json

@@ -0,0 +1,9 @@
+{
+  "moduleFileExtensions": ["js", "json", "ts"],
+  "rootDir": ".",
+  "testEnvironment": "node",
+  "testRegex": ".e2e-spec.ts$",
+  "transform": {
+    "^.+\\.(t|j)s$": "ts-jest"
+  }
+}

tsconfig.build.json

@@ -0,0 +1,4 @@
+{
+  "extends": "./tsconfig.json",
+  "exclude": ["node_modules", "test", "dist", "**/*spec.ts"]
+}

tsconfig.json

@@ -0,0 +1,21 @@
+{
+  "compilerOptions": {
+    "module": "NodeNext",
+    "declaration": true,
+    "removeComments": true,
+    "emitDecoratorMetadata": true,
+    "experimentalDecorators": true,
+    "allowSyntheticDefaultImports": true,
+    "target": "ESNext",
+    "sourceMap": true,
+    "outDir": "./dist",
+    "baseUrl": "./",
+    "incremental": true,
+    "skipLibCheck": true,
+    "strictNullChecks": true,
+    "noImplicitAny": true,
+    "strictBindCallApply": true,
+    "forceConsistentCasingInFileNames": true,
+    "noFallthroughCasesInSwitch": true
+  }
+}

views/index.html

@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <title>Cupid GPG server</title>
+    </head>
+
+    <body>
+        <h1>Cupid</h1>
+        <p>
+            this is a GPG keyserver that serves keys from all the following servers combined:
+        </p>
+        <ul>
+            {{#each keys}}
+                <li>{{ this }}</li>
+            {{/each}}
+        </ul>
+        <p>
+            point is to reduce situations when one keyserver has a key but another one which you use, doesnt
+        </p>
+
+        <h2>transparency</h2>
+        <p>
+            a specific instance (like this one) may not be fully transparent. in fact, its recommended for you to make your own instance
+        </p>
+    </body>
+</html>