fix: Copy and Import button layouts (#402 )

v0.36.0
fix: add resource limits on encoded prefs route
2025-04-03 21:17:37 +03:00 · 2025-03-31 00:33:39 -04:00 · 2025-03-19 23:05:28 -04:00 · 2025-03-19 22:58:51 -04:00 · 2025-03-07 17:10:21 -05:00 · 2025-03-07 17:08:58 -05:00
106 changed files with 10898 additions and 3060 deletions
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -0,0 +1,14 @@
+{
+    "name": "Rust",
+    "image": "mcr.microsoft.com/devcontainers/rust:1.0.9-bookworm",
+    "features": {
+        "ghcr.io/devcontainers/features/docker-in-docker:2": {}
+    },
+    "portsAttributes": {
+        "8080": {
+            "label": "redlib",
+            "onAutoForward": "notify"
+        }
+    },
+    "postCreateCommand": "cargo build"
+}
--- a/.env.example
+++ b/.env.example
@ -0,0 +1,52 @@
+# Redlib configuration
+# See the Configuration section of the README for a more detailed explanation of these settings.
+
+# Instance-specific settings
+# Enable SFW-only mode for the instance
+REDLIB_SFW_ONLY=off
+# Set a banner message for the instance
+REDLIB_BANNER=
+# Disable search engine indexing
+REDLIB_ROBOTS_DISABLE_INDEXING=off
+# Set the Pushshift frontend for "removed" links
+REDLIB_PUSHSHIFT_FRONTEND=undelete.pullpush.io
+
+# Default user settings
+# Set the default theme (options: system, light, dark, black, dracula, nord, laserwave, violet, gold, rosebox, gruvboxdark, gruvboxlight)
+REDLIB_DEFAULT_THEME=system
+# Set the default front page (options: default, popular, all)
+REDLIB_DEFAULT_FRONT_PAGE=default
+# Set the default layout (options: card, clean, compact)
+REDLIB_DEFAULT_LAYOUT=card
+# Enable wide mode by default
+REDLIB_DEFAULT_WIDE=off
+# Set the default post sort method (options: hot, new, top, rising, controversial)
+REDLIB_DEFAULT_POST_SORT=hot
+# Set the default comment sort method (options: confidence, top, new, controversial, old)
+REDLIB_DEFAULT_COMMENT_SORT=confidence
+# Enable blurring Spoiler content by default
+REDLIB_DEFAULT_BLUR_SPOILER=off
+# Enable showing NSFW content by default
+REDLIB_DEFAULT_SHOW_NSFW=off
+# Enable blurring NSFW content by default
+REDLIB_DEFAULT_BLUR_NSFW=off
+# Enable HLS video format by default
+REDLIB_DEFAULT_USE_HLS=off
+# Hide HLS notification by default
+REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION=off
+# Disable autoplay videos by default
+REDLIB_DEFAULT_AUTOPLAY_VIDEOS=off
+# Define a default list of subreddit subscriptions (format: sub1+sub2+sub3)
+REDLIB_DEFAULT_SUBSCRIPTIONS=
+# Define a default list of subreddit filters (format: sub1+sub2+sub3)
+REDLIB_DEFAULT_FILTERS=
+# Hide awards by default
+REDLIB_DEFAULT_HIDE_AWARDS=off
+# Hide sidebar and summary
+REDLIB_DEFAULT_HIDE_SIDEBAR_AND_SUMMARY=off
+# Disable the confirmation before visiting Reddit
+REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION=off
+# Hide score by default
+REDLIB_DEFAULT_HIDE_SCORE=off
+# Enable fixed navbar by default
+REDLIB_DEFAULT_FIXED_NAVBAR=on
--- a/.envrc
+++ b/.envrc
@ -0,0 +1 @@
+use flake
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1 @@
+Dockerfile.* linguist-language=Dockerfile
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -1 +1,3 @@
-liberapay: spike
+liberapay: sigaloid
+buy_me_a_coffee: sigaloid
+github: sigaloid
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -1,18 +1,22 @@
 ---
 name: 🐛 Bug report
 about: Create a report to help us improve
-title: ''
+title: '🐛 Bug Report: '
 labels: bug
 assignees: ''

 ---

+<!-- 
+  BEFORE FILING A BUG REPORT: Ensure that you are running the latest git commit. Visit /info on your instance, and ensure the git commit listed is the same commit listed on the home page.
+-->
+
 ## Describe the bug
 <!--
  A clear and concise description of what the bug is.
 -->

-## To reproduce
+## Steps to reproduce the bug

 <!--
 Steps to reproduce the behavior:
@ -22,12 +26,16 @@ Steps to reproduce the behavior:
 4. See error
 -->

-## Expected behavior
+## What's the expected behavior?
 <!-- 
  A clear and concise description of what you expected to happen.
 -->

-## Additional context
+## Additional context / screenshot
 <!--
  Add any other context about the problem here.
 -->
+
+
+<!-- Mandatory -->
+- [ ] I checked that the instance that this was reported on is running the latest git commit, or I can reproduce it locally on the latest git commit
--- a/.github/ISSUE_TEMPLATE/feature_parity.md
+++ b/.github/ISSUE_TEMPLATE/feature_parity.md
@ -1,7 +1,7 @@
 ---
 name: ✨ Feature parity
-about: Suggest implementing a feature into Libreddit that is found in Reddit.com
-title: ''
+about: Suggest implementing a feature into Redlib that is found in Reddit.com
+title: '✨ Feature parity: '
 labels: feature parity
 assignees: ''

@ -12,7 +12,7 @@ assignees: ''
  A clear and concise description of what the feature is.
 -->

-## Describe the implementation into Libreddit
+## Describe how this could be implemented into Redlib
 <!--
  A clear and concise description of what you want to happen.
 -->
@ -22,7 +22,7 @@ assignees: ''
  A clear and concise description of any alternative solutions or features you've considered.
 -->

-## Additional context
+## Additional context / screenshot
 <!--
  Add any other context or screenshots about the feature parity request here.
 -->
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@ -1,7 +1,7 @@
 ---
 name: 💡 Feature request
-about: Suggest a feature for Libreddit that is not found in Reddit
-title: ''
+about: Suggest a feature for Redlib that is not found in Reddit
+title: '💡 Feature request: '
 labels: enhancement
 assignees: ''

@ -12,7 +12,7 @@ assignees: ''
  A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
 -->

-## Describe the solution you'd like
+## Describe the feature you would like to be implemented
 <!--
  A clear and concise description of what you want to happen.
 -->
@ -22,7 +22,7 @@ assignees: ''
  A clear and concise description of any alternative solutions or features you've considered.
 -->

-## Additional context
+## Additional context / screenshot
 <!--
  Add any other context or screenshots about the feature request here.
 -->
--- a/.github/workflows/build-artifacts.yaml
+++ b/.github/workflows/build-artifacts.yaml
@ -0,0 +1,76 @@
+name: Release Build
+
+on:
+  push:
+    paths-ignore:
+      - "*.md"
+      - "compose.*"
+    branches:
+      - "main"
+  release:
+    types: [published]
+
+env: 
+  CARGO_TERM_COLOR: always
+
+  CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_LINKER: aarch64-linux-gnu-gcc
+  CC_aarch64_unknown_linux_musl: aarch64-linux-gnu-gcc
+  CARGO_TARGET_ARMV7_UNKNOWN_LINUX_MUSLEABIHF_LINKER: arm-linux-gnueabihf-gcc
+  CC_armv7_unknown_linux_musleabihf: arm-linux-gnueabihf-gcc
+
+jobs:
+  build:
+    name: Rust project - latest
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        target:
+          - x86_64-unknown-linux-musl
+          - aarch64-unknown-linux-musl
+          - armv7-unknown-linux-musleabihf
+    steps:
+      - uses: actions/checkout@v4
+      
+      - uses: actions-rust-lang/setup-rust-toolchain@v1
+        with:
+          target: ${{ matrix.target }}
+      
+      - if: matrix.target == 'x86_64-unknown-linux-musl'
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y --no-install-recommends musl-tools
+ 
+      - if: matrix.target == 'armv7-unknown-linux-musleabihf'
+        run: |
+          sudo apt update
+          sudo apt install -y gcc-arm-linux-gnueabihf musl-tools
+
+      - if: matrix.target == 'aarch64-unknown-linux-musl'
+        run: |
+          sudo apt update
+          sudo apt install -y gcc-aarch64-linux-gnu musl-tools
+
+      - name: Versions
+        id: version
+        run: echo "VERSION=$(cargo metadata --format-version 1 --no-deps | jq .packages[0].version -r | sed 's/^/v/')" >> "$GITHUB_OUTPUT"
+
+      - name: Build
+        run: cargo build --release --target ${{ matrix.target }}
+
+      - name: Package release
+        run: tar czf redlib-${{ matrix.target }}.tar.gz -C target/${{ matrix.target }}/release/ redlib
+
+      - name: Upload release
+        uses: softprops/action-gh-release@v1
+        with:
+          tag_name: ${{ steps.version.outputs.VERSION }}
+          name: ${{ steps.version.outputs.VERSION }} - ${{ github.event.head_commit.message }}
+          draft: true
+          files: |
+            redlib-${{ matrix.target }}.tar.gz
+          body: |
+            - ${{ github.event.head_commit.message }} ${{ github.sha }}
+          generate_release_notes: true
+
+
+
--- a/.github/workflows/docker-arm.yml
+++ b/.github/workflows/docker-arm.yml
@ -1,36 +0,0 @@
-name: Docker ARM Build
-
-on:
-  push:
-    paths-ignore:
-      - "**.md"
-    branches:
-      - master
-
-jobs:
-  build-docker:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-        with:
-          platforms: all
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v1
-        with:
-          version: latest
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-      - name: Build and push
-        uses: docker/build-push-action@v2
-        with:
-          context: .
-          file: ./Dockerfile.arm
-          platforms: linux/arm64
-          push: true
-          tags: spikecodes/libreddit:arm
--- a/.github/workflows/docker-armv7.yml
+++ b/.github/workflows/docker-armv7.yml
@ -1,39 +0,0 @@
-name: Docker ARM V7 Build
-
-on:
-  push:
-    paths-ignore:
-      - "**.md"
-    branches:
-      - master
-
-jobs:
-  build-docker:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-      - name: Set up QEMU
-        id: qemu
-        uses: docker/setup-qemu-action@v1
-        with:
-          platforms: all
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v1
-        with:
-          version: latest
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-      - name: Build and push
-        id: build_push
-        uses: docker/build-push-action@v2
-        with:
-          context: .
-          file: ./Dockerfile.armv7
-          platforms: linux/arm/v7
-          push: true
-          tags: spikecodes/libreddit:armv7
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@ -1,37 +0,0 @@
-name: Docker amd64 Build
-
-on:
-  push:
-    paths-ignore:
-      - "**.md"
-    branches:
-      - master
-
-jobs:
-  build-docker:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-        with:
-          platforms: all
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v1
-        with:
-          version: latest
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-      - name: Build and push
-        uses: docker/build-push-action@v2
-        with:
-          context: .
-          file: ./Dockerfile
-          platforms: linux/amd64
-          push: true
-          tags: spikecodes/libreddit:latest
-
--- a/.github/workflows/main-docker.yml
+++ b/.github/workflows/main-docker.yml
@ -0,0 +1,109 @@
+name: Container build
+
+on:
+  workflow_run:
+    workflows: ["Release Build"]
+    types:
+      - completed
+env:
+  REGISTRY_IMAGE: quay.io/redlib/redlib
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - { platform: linux/amd64, target: x86_64-unknown-linux-musl }
+          - { platform: linux/arm64, target: aarch64-unknown-linux-musl }
+          - { platform: linux/arm/v7, target: armv7-unknown-linux-musleabihf }
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY_IMAGE }}
+          tags: |
+            type=sha
+            type=raw,value=latest,enable={{is_default_branch}}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to Quay.io Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_ROBOT_TOKEN }}
+      - name: Build and push
+        id: build
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          platforms: ${{ matrix.platform }}
+          labels: ${{ steps.meta.outputs.labels }}
+          outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
+          file: Dockerfile
+          build-args: TARGET=${{ matrix.target }}
+      - name: Export digest
+        run: |
+          mkdir -p /tmp/digests
+          digest="${{ steps.build.outputs.digest }}"
+          touch "/tmp/digests/${digest#sha256:}"
+      - name: Upload digest
+        uses: actions/upload-artifact@v4
+        with:
+          name: digests-${{ matrix.target }}
+          path: /tmp/digests/*
+          if-no-files-found: error
+          retention-days: 1
+  merge:
+    runs-on: ubuntu-latest
+    needs:
+      - build
+    steps:
+      - name: Download digests
+        uses: actions/download-artifact@v4.1.7
+        with:
+          path: /tmp/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY_IMAGE }}
+          tags: |
+            type=sha
+            type=raw,value=latest,enable={{is_default_branch}}
+      - name: Login to Quay.io Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_ROBOT_TOKEN }}
+      - name: Create manifest list and push
+        working-directory: /tmp/digests
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
+
+      # - name: Push README to Quay.io
+      #   uses: christian-korneck/update-container-description-action@v1
+      #   env:
+      #     DOCKER_APIKEY: ${{ secrets.APIKEY__QUAY_IO }}
+      #   with:
+      #     destination_container_repo: quay.io/redlib/redlib
+      #     provider: quay
+      #     readme_file: 'README.md'
+
+      - name: Inspect image
+        run: |
+          docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}
--- a/.github/workflows/main-rust.yml
+++ b/.github/workflows/main-rust.yml
@ -0,0 +1,84 @@
+name: Rust Build & Publish
+
+on:
+  push:
+    paths-ignore:
+      - "**.md"
+  
+    branches:
+      - 'main'
+  
+  release:
+    types: [published]
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v3
+
+      - name: Cache Packages
+        uses: Swatinem/rust-cache@v2
+
+      - name: Install stable toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          toolchain: stable
+
+      - name: Install musl-gcc
+        run: sudo apt-get install musl-tools
+
+      - name: Install cargo musl target
+        run: rustup target add x86_64-unknown-linux-musl
+
+      # Building actions
+      - name: Build
+        run: RUSTFLAGS='-C target-feature=+crt-static' cargo build --release --target x86_64-unknown-linux-musl
+
+      - name: Versions
+        id: version
+        run: echo "VERSION=$(cargo metadata --format-version 1 --no-deps | jq .packages[0].version -r | sed 's/^/v/')" >> "$GITHUB_OUTPUT"
+        
+      # Publishing actions
+
+      - name: Publish to crates.io
+        if: github.event_name == 'release'
+        run: cargo publish --no-verify --token ${{ secrets.CARGO_REGISTRY_TOKEN }}
+
+      - name: Calculate SHA512 checksum
+        run: sha512sum target/x86_64-unknown-linux-musl/release/redlib > redlib.sha512
+
+      - name: Calculate SHA256 checksum
+        run: sha256sum target/x86_64-unknown-linux-musl/release/redlib > redlib.sha256
+
+      - uses: actions/upload-artifact@v4
+        name: Upload a Build Artifact
+        with:
+          name: redlib
+          path: |
+            target/x86_64-unknown-linux-musl/release/redlib
+            redlib.sha512
+            redlib.sha256
+        
+
+      - name: Release
+        uses: softprops/action-gh-release@v1
+        if: github.base_ref != 'main' && github.event_name == 'release'
+        with:
+          tag_name: ${{ steps.version.outputs.VERSION }}
+          name: ${{ steps.version.outputs.VERSION }} - ${{ github.event.head_commit.message }}
+          draft: true
+          files: |
+            target/x86_64-unknown-linux-musl/release/redlib
+            redlib.sha512
+            redlib.sha256
+          body: |
+            - ${{ github.event.head_commit.message }} ${{ github.sha }}
+          generate_release_notes: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@ -0,0 +1,67 @@
+name: Pull Request
+
+env:
+  CARGO_TERM_COLOR: always
+  NEXTEST_RETRIES: 10
+
+on:
+  push:
+    branches:
+      - 'main'
+
+  pull_request:
+    branches:
+      - 'main'
+    
+jobs:
+  test:
+    name: cargo test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v3
+      
+      - name: Install stable toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          toolchain: stable
+      
+      - name: Install cargo-nextest
+        uses: taiki-e/install-action@nextest
+
+      - name: Run cargo nextest
+        run: cargo nextest run
+
+  format:
+    name: cargo fmt --all -- --check
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v3
+      
+      - name: Install stable toolchain with rustfmt component
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          toolchain: stable
+          components: rustfmt
+
+      - name: Run cargo fmt
+        run: cargo fmt --all -- --check
+
+  clippy:
+    name: cargo clippy -- -D warnings
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v3
+
+      - name: Install stable toolchain with clippy component
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          toolchain: stable
+          components: clippy
+
+      - name: Run cargo clippy
+        run: cargo clippy -- -D warnings
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@ -1,59 +0,0 @@
-name: Rust
-
-on:
-  push:
-    paths-ignore:
-      - "**.md"
-    branches:
-      - master
-
-env:
-  CARGO_TERM_COLOR: always
-
-jobs:
-  build:
-    runs-on: ubuntu-18.04
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Cache Packages
-        uses: Swatinem/rust-cache@v1.0.1
-
-      - name: Build
-        run: cargo build --release
-
-      - name: Publish to crates.io
-        continue-on-error: true
-        run: cargo publish --no-verify --token ${{ secrets.CARGO_REGISTRY_TOKEN }}
-      
-      - uses: actions/upload-artifact@v2.2.1
-        name: Upload a Build Artifact
-        with:
-          name: libreddit
-          path: target/release/libreddit
-        
-      - name: Versions
-        id: version
-        run: |
-          echo "::set-output name=version::$(cargo metadata --format-version 1 --no-deps | jq .packages[0].version -r | sed 's/^/v/')"
-          echo "::set-output name=tag::$(git describe --tags)"
-          
-      - name: Calculate SHA512 checksum
-        run: sha512sum target/release/libreddit > libreddit.sha512
-        
-      - name: Release
-        uses: softprops/action-gh-release@v1
-        if: github.base_ref != 'master'
-        with:
-          tag_name: ${{ steps.version.outputs.version }}
-          name: ${{ steps.version.outputs.version }} - ${{ github.event.head_commit.message }}
-          draft: true
-          files: |
-            target/release/libreddit
-            libreddit.sha512
-          body: |
-            - ${{ github.event.head_commit.message }} ${{ github.sha }}
-          generate_release_notes: true
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,10 @@
-/target
+/target
+.env
+redlib.toml
+
+# Idea Files
+.idea/
+
+# nix files
+.direnv/
+result
--- a/.replit
+++ b/.replit
@ -1,2 +1,2 @@
-run = "while true; do wget -O libreddit https://github.com/spikecodes/libreddit/releases/latest/download/libreddit;chmod +x libreddit;./libreddit -H 63115200;sleep 1;done"
-language = "bash"
+run = "while :; do set -ex; nix-env -iA nixpkgs.unzip; curl -o./redlib.zip -fsSL -- https://nightly.link/redlib-org/redlib/workflows/main-rust/main/redlib.zip; unzip -n redlib.zip; mv target/x86_64-unknown-linux-musl/release/redlib .; chmod +x redlib; set +e; ./redlib -H 63115200; sleep 1; done"
+language = "bash"
--- a/96
+++ b/96
@ -0,0 +1,96 @@
+5trongthany <65565784+5trongthany@users.noreply.github.com>
+674Y3r <87250374+674Y3r@users.noreply.github.com>
+accountForIssues <52367365+accountForIssues@users.noreply.github.com>
+Adrian Lebioda <adrianlebioda@gmail.com>
+alefvanoon <53198048+alefvanoon@users.noreply.github.com>
+Alexandre Iooss <erdnaxe@crans.org>
+alyaeanyx <alexandra.hollmeier@mailbox.org>
+AndreVuillemot160 <84594011+AndreVuillemot160@users.noreply.github.com>
+Andrew Kaufman <57281817+andrew-kaufman@users.noreply.github.com>
+Artemis <51862164+artemislena@users.noreply.github.com>
+arthomnix <35371030+arthomnix@users.noreply.github.com>
+Arya K <73596856+gi-yt@users.noreply.github.com>
+Austin Huang <im@austinhuang.me>
+Basti <pred2k@users.noreply.github.com>
+Ben Smith <37027883+smithbm2316@users.noreply.github.com>
+BobIsMyManager <ahoumatt@yahoo.com>
+curlpipe <11898833+curlpipe@users.noreply.github.com>
+dacousb <53299044+dacousb@users.noreply.github.com>
+Daniel Valentine <Daniel-Valentine@users.noreply.github.com>
+Daniel Valentine <daniel@vielle.ws>
+dbrennand <52419383+dbrennand@users.noreply.github.com>
+dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
+Diego Magdaleno <38844659+DiegoMagdaleno@users.noreply.github.com>
+domve <domve@posteo.net>
+Dyras <jevwmguf@duck.com>
+Edward <101938856+EdwardLangdon@users.noreply.github.com>
+elliot <75391956+ellieeet123@users.noreply.github.com>
+erdnaxe <erdnaxe@users.noreply.github.com>
+Esmail EL BoB <github.defilable@simplelogin.co>
+FireMasterK <20838718+FireMasterK@users.noreply.github.com>
+George Roubos <cowkingdom@hotmail.com>
+git-bruh <e817509a-8ee9-4332-b0ad-3a6bdf9ab63f@aleeas.com>
+gmnsii <95436780+gmnsii@users.noreply.github.com>
+guaddy <67671414+guaddy@users.noreply.github.com>
+Harsh Mishra <erbeusgriffincasper@gmail.com>
+igna <igna@intent.cool>
+imabritishcow <bcow@protonmail.com>
+Johannes Schleifenbaum <johannes@js-webcoding.de>
+Josiah <70736638+fres7h@users.noreply.github.com>
+JPyke3 <pyke.jacob1@gmail.com>
+Kavin <20838718+FireMasterK@users.noreply.github.com>
+Kazi <kzshantonu@users.noreply.github.com>
+Kieran <42723993+EnderDev@users.noreply.github.com>
+Kieran <kieran@dothq.co>
+Kyle Roth <kylrth@gmail.com>
+laazyCmd <laazy.pr00gramming@protonmail.com>
+Laurențiu Nicola <lnicola@users.noreply.github.com>
+Lena <102762572+MarshDeer@users.noreply.github.com>
+Macic <46872282+Macic-Dev@users.noreply.github.com>
+Mario A <10923513+Midblyte@users.noreply.github.com>
+Matthew Crossman <matt@crossman.page>
+Matthew E <matt@matthew.science>
+Matthew Esposito <matt@matthew.science>
+Mennaruuk <52135169+Mennaruuk@users.noreply.github.com>
+mikupls <93015331+mikupls@users.noreply.github.com>
+Nainar <nainar.mb@gmail.com>
+Nathan Moos <moosingin3space@gmail.com>
+Nicholas Christopher <nchristopher@tuta.io>
+Nick Lowery <ClockVapor@users.noreply.github.com>
+Nico <github@dr460nf1r3.org>
+NKIPSC <15067635+NKIPSC@users.noreply.github.com>
+o69mar <119129086+o69mar@users.noreply.github.com>
+obeho <71698631+obeho@users.noreply.github.com>
+obscurity <z@x4.pm>
+Om G <34579088+OxyMagnesium@users.noreply.github.com>
+pin <90570748+0323pin@users.noreply.github.com>
+potatoesAreGod <118043038+potatoesAreGod@users.noreply.github.com>
+RiversideRocks <59586759+RiversideRocks@users.noreply.github.com>
+robin <8597693+robrobinbin@users.noreply.github.com>
+Robin <8597693+robrobinbin@users.noreply.github.com>
+robrobinbin <>
+robrobinbin <8597693+robrobinbin@users.noreply.github.com>
+robrobinbin <robindepril@gmail.com>
+Ruben Elshof <15641671+rubenelshof@users.noreply.github.com>
+Rupert Angermeier <rangermeier@users.noreply.github.com>
+Scoder12 <34356756+Scoder12@users.noreply.github.com>
+Slayer <51095261+GhostSlayer@users.noreply.github.com>
+Soheb <somoso@users.noreply.github.com>
+somini <somini@users.noreply.github.com>
+somoso <github@soheb.anonaddy.com>
+Spenser Black <spenserblack01@gmail.com>
+Spike <19519553+spikecodes@users.noreply.github.com>
+spikecodes <19519553+spikecodes@users.noreply.github.com>
+sybenx <syb@duck.com>
+TheCultLeader666 <65368815+TheCultLeader666@users.noreply.github.com>
+TheFrenchGhosty <47571719+TheFrenchGhosty@users.noreply.github.com>
+The TwilightBlood <hwengerstickel@protonmail.com>
+tirz <36501933+tirz@users.noreply.github.com>
+Tokarak <63452145+Tokarak@users.noreply.github.com>
+Tsvetomir Bonev <invakid404@riseup.net>
+Vladislav Nepogodin <nepogodin.vlad@gmail.com>
+Walkx <walkxnl@gmail.com>
+Wichai <1482605+Chengings@users.noreply.github.com>
+wsy2220 <wsy@dogben.com>
+xatier <xatierlike@gmail.com>
+Zach <72994911+zachjmurphy@users.noreply.github.com>
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,25 +1,68 @@
 [package]
-name = "libreddit"
+name = "redlib"
 description = " Alternative private front-end to Reddit"
-license = "AGPL-3.0"
-repository = "https://github.com/spikecodes/libreddit"
-version = "0.20.5"
-authors = ["spikecodes <19519553+spikecodes@users.noreply.github.com>"]
+license = "AGPL-3.0-only"
+repository = "https://github.com/redlib-org/redlib"
+version = "0.36.0"
+authors = [
+    "Matthew Esposito <matt+cargo@matthew.science>",
+    "spikecodes <19519553+spikecodes@users.noreply.github.com>",
+]
 edition = "2021"
+default-run = "redlib"

 [dependencies]
-askama = { version = "0.11.0", default-features = false }
-async-recursion = "0.3.2"
-cached = "0.26.2"
-clap = { version = "2.34.0", default-features = false }
-regex = "1.5.4"
-serde = { version = "1.0.132", features = ["derive"] }
-cookie = "0.15.1"
-futures-lite = "1.12.0"
-hyper = { version = "0.14.16", features = ["full"] }
-hyper-rustls = "0.23.0"
+rinja = { version = "0.3.4", default-features = false }
+cached = { version = "0.54.0", features = ["async"] }
+clap = { version = "4.4.11", default-features = false, features = [
+    "std",
+    "env",
+    "derive",
+] }
+regex = "1.10.2"
+serde = { version = "1.0.193", features = ["derive"] }
+cookie = "0.18.0"
+futures-lite = "2.2.0"
+hyper = { version = "0.14.31", features = ["full"] }
+percent-encoding = "2.3.1"
 route-recognizer = "0.3.1"
-serde_json = "1.0.73"
-tokio = { version = "1.15.0", features = ["full"] }
-time = "0.2.7"
-url = "2.2.2"
+serde_json = "1.0.133"
+tokio = { version = "1.35.1", features = ["full"] }
+time = { version = "0.3.31", features = ["local-offset"] }
+url = "2.5.0"
+rust-embed = { version = "8.1.0", features = ["include-exclude"] }
+libflate = "2.0.0"
+brotli = { version = "7.0.0", features = ["std"] }
+toml = "0.8.8"
+once_cell = "1.19.0"
+serde_yaml = "0.9.29"
+build_html = "2.4.0"
+uuid = { version = "1.6.1", features = ["v4"] }
+base64 = "0.22.1"
+fastrand = "2.0.1"
+log = "0.4.20"
+pretty_env_logger = "0.5.0"
+dotenvy = "0.15.7"
+rss = "2.0.7"
+arc-swap = "1.7.1"
+serde_json_path = "0.7.1"
+async-recursion = "1.1.1"
+pulldown-cmark = { version = "0.12.0", features = ["simd", "html"], default-features = false }
+hyper-rustls = { version = "0.24.2", features = [ "http2" ] }
+tegen = "0.1.4"
+serde_urlencoded = "0.7.1"
+chrono = { version = "0.4.39", default-features = false, features = [ "std" ] }
+htmlescape = "0.3.1"
+bincode = "1.3.3"
+base2048 = "2.0.2"
+revision = "0.10.0"
+
+
+[dev-dependencies]
+lipsum = "0.9.0"
+sealed_test = "1.0.0"
+
+[profile.release]
+codegen-units = 1
+lto = true
+strip = "symbols"
--- a/38
+++ b/38
@ -1,36 +1,20 @@
-####################################################################################################
-## Builder
-####################################################################################################
-FROM rust:alpine AS builder
+FROM alpine:3.19

-RUN apk add --no-cache musl-dev
+ARG TARGET

-WORKDIR /libreddit
+RUN apk add --no-cache curl

-COPY . .
+RUN curl -L "https://github.com/redlib-org/redlib/releases/latest/download/redlib-${TARGET}.tar.gz" | \
+    tar xz -C /usr/local/bin/

-RUN cargo build --target x86_64-unknown-linux-musl --release
-
-####################################################################################################
-## Final image
-####################################################################################################
-FROM alpine:latest
-
-# Import ca-certificates from builder
-COPY --from=builder /usr/share/ca-certificates /usr/share/ca-certificates
-COPY --from=builder /etc/ssl/certs /etc/ssl/certs
-
-# Copy our build
-COPY --from=builder /libreddit/target/x86_64-unknown-linux-musl/release/libreddit /usr/local/bin/libreddit
-
-# Use an unprivileged user.
-RUN adduser --home /nonexistent --no-create-home --disabled-password libreddit
-USER libreddit
+RUN adduser --home /nonexistent --no-create-home --disabled-password redlib
+USER redlib

 # Tell Docker to expose port 8080
 EXPOSE 8080

-# Run a healthcheck every minute to make sure Libreddit is functional
-HEALTHCHECK --interval=1m --timeout=3s CMD wget --spider --q http://localhost:8080/settings || exit 1
+# Run a healthcheck every minute to make sure redlib is functional
+HEALTHCHECK --interval=1m --timeout=3s CMD wget --spider -q http://localhost:8080/settings || exit 1
+
+CMD ["redlib"]

-CMD ["libreddit"]
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@ -0,0 +1,45 @@
+# supported versions here: https://hub.docker.com/_/rust
+ARG ALPINE_VERSION=3.20
+
+########################
+## builder image
+########################
+FROM rust:alpine${ALPINE_VERSION} AS builder
+
+RUN apk add --no-cache musl-dev
+
+WORKDIR /redlib
+
+# download (most) dependencies in their own layer
+COPY Cargo.lock Cargo.toml ./
+RUN mkdir src && echo "fn main() { panic!(\"why am i running?\") }" > src/main.rs
+RUN cargo build --release --locked --bin redlib
+RUN rm ./src/main.rs && rmdir ./src
+
+# copy the source and build the redlib binary
+COPY . ./
+RUN cargo build --release --locked --bin redlib
+RUN echo "finished building redlib!"
+
+########################
+## release image
+########################
+FROM alpine:${ALPINE_VERSION} AS release
+
+# Import redlib binary from builder
+COPY --from=builder /redlib/target/release/redlib /usr/local/bin/redlib
+
+# Add non-root user for running redlib
+RUN adduser --home /nonexistent --no-create-home --disabled-password redlib
+USER redlib
+
+# Document that we intend to expose port 8080 to whoever runs the container
+EXPOSE 8080
+
+# Run a healthcheck every minute to make sure redlib is functional
+HEALTHCHECK --interval=1m --timeout=3s CMD wget --spider --q http://localhost:8080/settings || exit 1
+
+# Add container metadata
+LABEL org.opencontainers.image.authors="sigaloid"
+
+CMD ["redlib"]
--- a/Dockerfile.arm
+++ b/Dockerfile.arm
@ -1,36 +0,0 @@
-####################################################################################################
-## Builder
-####################################################################################################
-FROM rust:alpine AS builder
-
-RUN apk add --no-cache g++
-
-WORKDIR /usr/src/libreddit
-
-COPY . .
-
-RUN cargo install --path .
-
-####################################################################################################
-## Final image
-####################################################################################################
-FROM alpine:latest
-
-# Import ca-certificates from builder
-COPY --from=builder /usr/share/ca-certificates /usr/share/ca-certificates
-COPY --from=builder /etc/ssl/certs /etc/ssl/certs
-
-# Copy our build
-COPY --from=builder /usr/local/cargo/bin/libreddit /usr/local/bin/libreddit
-
-# Use an unprivileged user.
-RUN adduser --home /nonexistent --no-create-home --disabled-password libreddit
-USER libreddit
-
-# Tell Docker to expose port 8080
-EXPOSE 8080
-
-# Run a healthcheck every minute to make sure Libreddit is functional
-HEALTHCHECK --interval=1m --timeout=3s CMD wget --spider --q http://localhost:8080/settings || exit 1
-
-CMD ["libreddit"]
--- a/Dockerfile.armv7
+++ b/Dockerfile.armv7
@ -1,43 +0,0 @@
-####################################################################################################
-## Builder
-####################################################################################################
-FROM --platform=$BUILDPLATFORM rust:slim AS builder
-
-ENV CARGO_TARGET_ARMV7_UNKNOWN_LINUX_MUSLEABIHF_LINKER=arm-linux-gnueabihf-gcc
-ENV CC_armv7_unknown_linux_musleabihf=arm-linux-gnueabihf-gcc
-
-RUN apt-get update && apt-get -y install gcc-arm-linux-gnueabihf \
-    binutils-arm-linux-gnueabihf \
-    musl-tools
-
-RUN rustup target add armv7-unknown-linux-musleabihf
-
-WORKDIR /libreddit
-
-COPY . .
-
-RUN cargo build --target armv7-unknown-linux-musleabihf --release
-
-####################################################################################################
-## Final image
-####################################################################################################
-FROM alpine:latest
-
-# Import ca-certificates from builder
-COPY --from=builder /usr/share/ca-certificates /usr/share/ca-certificates
-COPY --from=builder /etc/ssl/certs /etc/ssl/certs
-
-# Copy our build
-COPY --from=builder /libreddit/target/armv7-unknown-linux-musleabihf/release/libreddit /usr/local/bin/libreddit
-
-# Use an unprivileged user.
-RUN adduser --home /nonexistent --no-create-home --disabled-password libreddit
-USER libreddit
-
-# Tell Docker to expose port 8080
-EXPOSE 8080
-
-# Run a healthcheck every minute to make sure Libreddit is functional
-HEALTHCHECK --interval=1m --timeout=3s CMD wget --spider --q http://localhost:8080/settings || exit 1
-
-CMD ["libreddit"]
--- a/Dockerfile.ubuntu
+++ b/Dockerfile.ubuntu
@ -0,0 +1,51 @@
+# supported versions here: https://hub.docker.com/_/rust
+ARG RUST_BUILDER_VERSION=slim-bookworm
+ARG UBUNTU_RELEASE_VERSION=noble
+
+########################
+## builder image
+########################
+FROM rust:${RUST_BUILDER_VERSION} AS builder
+
+WORKDIR /redlib
+
+# download (most) dependencies in their own layer
+COPY Cargo.lock Cargo.toml ./
+RUN mkdir src && echo "fn main() { panic!(\"why am i running?\") }" > src/main.rs
+RUN cargo build --release --locked --bin redlib
+RUN rm ./src/main.rs && rmdir ./src
+
+# copy the source and build the redlib binary
+COPY . ./
+RUN cargo build --release --locked --bin redlib
+RUN echo "finished building redlib!"
+
+########################
+## release image
+########################
+FROM ubuntu:${UBUNTU_RELEASE_VERSION} AS release
+
+# Install ca-certificates
+RUN apt-get update && apt-get install -y ca-certificates
+
+# Import redlib binary from builder
+COPY --from=builder /redlib/target/release/redlib /usr/local/bin/redlib
+
+# Add non-root user for running redlib
+RUN useradd \
+    --no-create-home \
+    --password "!" \
+    --comment "user for running redlib" \
+    redlib
+USER redlib
+
+# Document that we intend to expose port 8080 to whoever runs the container
+EXPOSE 8080
+
+# Run a healthcheck every minute to make sure redlib is functional
+HEALTHCHECK --interval=1m --timeout=3s CMD wget --spider --q http://localhost:8080/settings || exit 1
+
+# Add container metadata
+LABEL org.opencontainers.image.authors="sigaloid"
+
+CMD ["redlib"]
--- a/FUNDING.yml
+++ b/FUNDING.yml
@ -1,12 +0,0 @@
-# These are supported funding model platforms
-
-github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
-patreon: # Replace with a single Patreon username
-open_collective: # Replace with a single Open Collective username
-ko_fi: # Replace with a single Ko-fi username
-tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
-community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
-liberapay: spike
-issuehunt: # Replace with a single IssueHunt username
-otechie: # Replace with a single Otechie username
-custom: ['https://www.buymeacoffee.com/spikecodes']
--- a/README.md
+++ b/README.md
@ -1,134 +1,127 @@
-# Libreddit
+# Redlib

-> An alternative private front-end to Reddit
+> An alternative private front-end to Reddit, with its origins in [Libreddit](https://github.com/libreddit/libreddit).

-![screenshot](https://i.ibb.co/QYbqTQt/libreddit-rust.png)
+![screenshot](https://i.ibb.co/18vrdxk/redlib-rust.png)

 ---

-**10 second pitch:** Libreddit is a portmanteau of "libre" (meaning freedom) and "Reddit". It is a private front-end like [Invidious](https://github.com/iv-org/invidious) but for Reddit. Browse the coldest takes of [r/unpopularopinion](https://libreddit.spike.codes/r/unpopularopinion) without being [tracked](#reddit).
+**10-second pitch:** Redlib is a private front-end like [Invidious](https://github.com/iv-org/invidious) but for Reddit. Browse the coldest takes of [r/unpopularopinion](https://farside.link/redlib/r/unpopularopinion) without being [tracked](#reddit).

- 🚀 Fast: written in Rust for blazing fast speeds and memory safety
+- 🚀 Fast: written in Rust for blazing-fast speeds and memory safety
 - ☁️ Light: no JavaScript, no ads, no tracking, no bloat
 - 🕵 Private: all requests are proxied through the server, including media
 - 🔒 Secure: strong [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) prevents browser requests to Reddit

 ---

-I appreciate any donations! Your support allows me to continue developing Libreddit.
+## Table of Contents

-<a href="https://www.buymeacoffee.com/spikecodes" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png" alt="Buy Me A Coffee" style="height: 50px" ></a>
+1. [Redlib](#redlib)
+2. [Instances](#instances)
+3. [About](#about)
+   - [Built with](#built-with)
+   - [How is it different from other Reddit front ends?](#how-is-it-different-from-other-reddit-front-ends)
+     - [Teddit](#teddit)
+     - [Libreddit](#libreddit)
+4. [Comparison](#comparison)
+   - [Speed](#speed)
+   - [Privacy](#privacy)
+     - [Reddit](#reddit)
+     - [Redlib](#redlib-1)
+       - [Server](#server)
+5. [Deployment](#deployment)
+   - [Docker](#docker)
+     - [Docker Compose](#docker-compose)
+     - [Docker CLI](#docker-cli)
+   - Podman 
+      - Quadlets

-**Bitcoin:** [bc1qwyxjnafpu3gypcpgs025cw9wa7ryudtecmwa6y](bitcoin:bc1qwyxjnafpu3gypcpgs025cw9wa7ryudtecmwa6y)
-
-**Monero:** [45FJrEuFPtG2o7QZz2Nps77TbHD4sPqxViwbdyV9A6ktfHiWs47UngG5zXPcLoDXAc8taeuBgeNjfeprwgeXYXhN3C9tVSR](monero:45FJrEuFPtG2o7QZz2Nps77TbHD4sPqxViwbdyV9A6ktfHiWs47UngG5zXPcLoDXAc8taeuBgeNjfeprwgeXYXhN3C9tVSR)
+   - [Binary](#binary)
+     - [Running as a systemd service](#running-as-a-systemd-service)
+   - [Building from source](#building-from-source)
+   - [Replit/Heroku/Glitch](#replit-heroku-glitch)
+   - [launchd (macOS)](#launchd-macos)
+6. [Configuration](#configuration)
+   - [Instance settings](#instance-settings)
+   - [Default user settings](#default-user-settings)

 ---

 # Instances

-Feel free to [open an issue](https://github.com/spikecodes/libreddit/issues/new) to have your [selfhosted instance](#deployment) listed here!
+> [!TIP]
+> 🔗 **Want to automatically redirect Reddit links to Redlib? Use [LibRedirect](https://github.com/libredirect/libredirect) or [Privacy Redirect](https://github.com/SimonBrazell/privacy-redirect)!**

-| Website | Country | Cloudflare |
-|-|-|-|
-| [libredd.it](https://libredd.it) (official) | 🇺🇸 US |  |
-| [libreddit.spike.codes](https://libreddit.spike.codes) (official) | 🇺🇸 US |  |
-| [libreddit.dothq.co](https://libreddit.dothq.co) | 🇩🇪 DE | ✅ |
-| [libreddit.kavin.rocks](https://libreddit.kavin.rocks) | 🇮🇳 IN |  |
-| [libreddit.40two.app](https://libreddit.40two.app) | 🇳🇱 NL |  |
-| [reddit.invak.id](https://reddit.invak.id) | 🇧🇬 BG |  |
-| [reddit.phii.me](https://reddit.phii.me) | 🇺🇸 US |  |
-| [lr.riverside.rocks](https://lr.riverside.rocks) | 🇺🇸 US |  |
-| [libreddit.silkky.cloud](https://libreddit.silkky.cloud) | 🇫🇮 FI | ✅ |
-| [libreddit.database.red](https://libreddit.database.red) | 🇺🇸 US | ✅ |
-| [libreddit.exonip.de](https://libreddit.exonip.de) | 🇩🇪 DE |  |
-| [libreddit.domain.glass](https://libreddit.domain.glass) | 🇺🇸 US | ✅ |
-| [libreddit.sugoma.tk](https://libreddit.sugoma.tk) | 🇺🇸 US | |
-| [libreddit.jamiethalacker.dev](https://libreddit.jamiethalacker.dev) | 🇺🇸 US | ✅ |
-| [reddit.artemislena.eu](https://reddit.artemislena.eu) | 🇩🇪 DE |  |
-| [r.nf](https://r.nf) | 🇩🇪 DE | ✅ |
-| [libreddit.awesomehub.io](https://libreddit.awesomehub.io) | 🇫🇮 FI |  |
-| [libreddit.some-things.org](https://libreddit.some-things.org) | 🇨🇭 CH |  |
-| [reddit.stuehieyr.com](https://reddit.stuehieyr.com) | 🇩🇪 DE  |  |
-| [lr.mint.lgbt](https://lr.mint.lgbt) | 🇨🇦 CA |  |
-| [libreddit.alefvanoon.xyz](https://libreddit.alefvanoon.xyz) | 🇺🇸 US | ✅ |
-| [libreddit.igna.rocks](https://libreddit.igna.rocks) | 🇺🇸 US | |
-| [libreddit.autarkic.org](https://libreddit.autarkic.org) | 🇺🇸 US | |
-| [libreddit.flux.industries](https://libreddit.flux.industries) | 🇩🇪 DE | ✅ |
-| [libreddit.drivet.xyz](https://libreddit.drivet.xyz) | 🇫🇮 FI | ✅ |
-| [lr.oversold.host](https://lr.oversold.host) | 🇱🇺 LU | |
-| [libreddit.de](https://libreddit.de) | 🇩🇪 DE |  |
-| [libreddit.pussthecat.org](https://libreddit.pussthecat.org) | 🇩🇪 DE |  |
-| [libreddit.mutahar.rocks](https://libreddit.mutahar.rocks) | 🇫🇷 FR |  |
-| [libreddit.northboot.xyz](https://libreddit.northboot.xyz) | 🇩🇪 DE |  |
-| [leddit.xyz](https://www.leddit.xyz) | 🇩🇪 DE |  |
-| [lr.cowfee.moe](https://lr.cowfee.moe) | 🇺🇸 US |  |
-| [libreddit.hu](https://libreddit.hu) | 🇫🇮 FI | ✅ |
-| [libreddit.totaldarkness.net](https://libreddit.totaldarkness.net) | 🇨🇦 CA |  |
-| [libreddit.esmailelbob.xyz](https://libreddit.esmailelbob.xyz) | 🇪🇬 EG |  |
-| [spjmllawtheisznfs7uryhxumin26ssv2draj7oope3ok3wuhy43eoyd.onion](http://spjmllawtheisznfs7uryhxumin26ssv2draj7oope3ok3wuhy43eoyd.onion) | 🇮🇳 IN |  |
-| [fwhhsbrbltmrct5hshrnqlqygqvcgmnek3cnka55zj4y7nuus5muwyyd.onion](http://fwhhsbrbltmrct5hshrnqlqygqvcgmnek3cnka55zj4y7nuus5muwyyd.onion) | 🇩🇪 DE |  |
-| [kphht2jcflojtqte4b4kyx7p2ahagv4debjj32nre67dxz7y57seqwyd.onion](http://kphht2jcflojtqte4b4kyx7p2ahagv4debjj32nre67dxz7y57seqwyd.onion) | 🇳🇱 NL |  |
-| [inytumdgnri7xsqtvpntjevaelxtgbjqkuqhtf6txxhwbll2fwqtakqd.onion](http://inytumdgnri7xsqtvpntjevaelxtgbjqkuqhtf6txxhwbll2fwqtakqd.onion) | 🇨🇭 CH |  |
-| [liredejj74h5xjqr2dylnl5howb2bpikfowqoveub55ru27x43357iid.onion](http://liredejj74h5xjqr2dylnl5howb2bpikfowqoveub55ru27x43357iid.onion) | 🇩🇪 DE |  |
-| [kzhfp3nvb4qp575vy23ccbrgfocezjtl5dx66uthgrhu7nscu6rcwjyd.onion](http://kzhfp3nvb4qp575vy23ccbrgfocezjtl5dx66uthgrhu7nscu6rcwjyd.onion) | 🇺🇸 US |  |
-| [ecue64ybzvn6vjzl37kcsnwt4ycmbsyf74nbttyg7rkc3t3qwnj7mcyd.onion](http://ecue64ybzvn6vjzl37kcsnwt4ycmbsyf74nbttyg7rkc3t3qwnj7mcyd.onion) | 🇩🇪 DE |  |
-| [ledditqo2mxfvlgobxnlhrkq4dh34jss6evfkdkb2thlvy6dn4f4gpyd.onion](http://ledditqo2mxfvlgobxnlhrkq4dh34jss6evfkdkb2thlvy6dn4f4gpyd.onion) | 🇺🇸 US |  |
-| [libredoxhxwnmsb6dvzzd35hmgzmawsq5i764es7witwhddvpc2razid.onion](http://libredoxhxwnmsb6dvzzd35hmgzmawsq5i764es7witwhddvpc2razid.onion) | 🇺🇸 US |  |
-| [libreddit.2syis2nnyytz6jnusnjurva4swlaizlnleiks5mjp46phuwjbdjqwgqd.onion](http://libreddit.2syis2nnyytz6jnusnjurva4swlaizlnleiks5mjp46phuwjbdjqwgqd.onion) | 🇪🇬 EG |  |
+An up-to-date table of instances is available in [Markdown](https://github.com/redlib-org/redlib-instances/blob/main/instances.md) and [machine-readable JSON](https://github.com/redlib-org/redlib-instances/blob/main/instances.json).

+Both files are part of the [redlib-instances](https://github.com/redlib-org/redlib-instances) repository. To contribute your [self-hosted instance](#deployment) to the list, see the [redlib-instances README](https://github.com/redlib-org/redlib-instances/blob/main/README.md).

-A checkmark in the "Cloudflare" category here refers to the use of the reverse proxy, [Cloudflare](https://cloudflare). The checkmark will not be listed for a site which uses Cloudflare DNS but rather the proxying service which grants Cloudflare the ability to monitor traffic to the website.
+For information on instance uptime, see the [Uptime Robot status page](https://stats.uptimerobot.com/mpmqAs1G2Q).

 ---

 # About

-Find Libreddit on 💬 [Matrix](https://matrix.to/#/#libreddit:kde.org), 🐋 [Docker](https://hub.docker.com/r/spikecodes/libreddit), :octocat: [GitHub](https://github.com/spikecodes/libreddit), and 🦊 [GitLab](https://gitlab.com/spikecodes/libreddit).
+> [!NOTE]
+> Find Redlib on 💬 [Matrix](https://matrix.to/#/#redlib:matrix.org), 🐋 [Quay.io](https://quay.io/repository/redlib/redlib), :octocat: [GitHub](https://github.com/redlib-org/redlib), and 🦊 [GitLab](https://gitlab.com/redlib/redlib).
+
+Redlib hopes to provide an easier way to browse Reddit, without the ads, trackers, and bloat. Redlib was inspired by other alternative front-ends to popular services such as [Invidious](https://github.com/iv-org/invidious) for YouTube, [Nitter](https://github.com/zedeus/nitter) for Twitter, and [Bibliogram](https://sr.ht/~cadence/bibliogram/) for Instagram.
+
+Redlib currently implements most of Reddit's (signed-out) functionalities but still lacks [a few features](https://github.com/redlib-org/redlib/issues).

 ## Built with

 - [Rust](https://www.rust-lang.org/) - Programming language
 - [Hyper](https://github.com/hyperium/hyper) - HTTP server and client
- [Askama](https://github.com/djc/askama) - Templating engine
- [Rustls](https://github.com/ctz/rustls) - TLS library
+- [Rinja](https://github.com/rinja-rs/rinja) - Templating engine
+- [Rustls](https://github.com/rustls/rustls) - TLS library

-## Info
-Libreddit hopes to provide an easier way to browse Reddit, without the ads, trackers, and bloat. Libreddit was inspired by other alternative front-ends to popular services such as [Invidious](https://github.com/iv-org/invidious) for YouTube, [Nitter](https://github.com/zedeus/nitter) for Twitter, and [Bibliogram](https://sr.ht/~cadence/bibliogram/) for Instagram.
+## How is it different from other Reddit front ends?

-Libreddit currently implements most of Reddit's (signed-out) functionalities but still lacks [a few features](https://github.com/spikecodes/libreddit/issues).
+### Teddit

-## How does it compare to Teddit?
-
-Teddit is another awesome open source project designed to provide an alternative frontend to Reddit. There is no connection between the two and you're welcome to use whichever one you favor. Competition fosters innovation and Teddit's release has motivated me to build Libreddit into an even more polished product.
+Teddit is another awesome open source project designed to provide an alternative frontend to Reddit. There is no connection between the two, and you're welcome to use whichever one you favor. Competition fosters innovation and Teddit's release has motivated me to build Redlib into an even more polished product.

 If you are looking to compare, the biggest differences I have noticed are:
- Libreddit is themed around Reddit's redesign whereas Teddit appears to stick much closer to Reddit's old design. This may suit some users better as design is always subjective.
- Libreddit is written in [Rust](https://www.rust-lang.org) for speed and memory safety. It uses [Hyper](https://hyper.rs), a speedy and lightweight HTTP server/client implementation.
+
+- Redlib is themed around Reddit's redesign whereas Teddit appears to stick much closer to Reddit's old design. This may suit some users better as design is always subjective.
+- Redlib is written in [Rust](https://www.rust-lang.org) for speed and memory safety. It uses [Hyper](https://hyper.rs), a speedy and lightweight HTTP server/client implementation.
+
+### Libreddit
+
+While originating as a fork of Libreddit, the name "Redlib" was adopted to avoid legal issues, as Reddit only allows the use of their name if structured as "XYZ For Reddit".
+
+Several technical improvements have also been made, including:
+
+- **OAuth token spoofing**: To circumvent rate limits imposed by Reddit, OAuth token spoofing is used to mimick the most common iOS and Android clients. While spoofing both iOS and Android clients was explored, only the Android client was chosen due to content restrictions when using an anonymous iOS client.
+- **Token refreshing**: The authentication token is refreshed every 24 hours, emulating the behavior of the official Android app.
+- **HTTP header mimicking**: Efforts are made to send along as many of the official app's headers as possible to reduce the likelihood of Reddit's crackdown on Redlib's requests.

 ---

 # Comparison

-This section outlines how Libreddit compares to Reddit.
+This section outlines how Redlib compares to Reddit in terms of speed and privacy.

 ## Speed

-Lasted tested Jan 17, 2021.
+Last tested on January 12, 2024.

-Results from Google Lighthouse ([Libreddit Report](https://lighthouse-dot-webdotdevsite.appspot.com/lh/html?url=https%3A%2F%2Flibredd.it), [Reddit Report](https://lighthouse-dot-webdotdevsite.appspot.com/lh/html?url=https%3A%2F%2Fwww.reddit.com%2F)).
+Results from Google PageSpeed Insights ([Redlib Report](https://pagespeed.web.dev/report?url=https%3A%2F%2Fredlib.matthew.science%2F), [Reddit Report](https://pagespeed.web.dev/report?url=https://www.reddit.com)).

-|                        | Libreddit     | Reddit     |
-|------------------------|---------------|------------|
-| Requests               | 20            | 70         |
-| Resource Size (card ui)| 1,224 KiB     | 1,690 KiB  |
-| Time to Interactive    | **1.5 s**     | **11.2 s** |
+| Performance metric  | Redlib   | Reddit    |
+| ------------------- | -------- | --------- |
+| Speed Index         | 0.6s     | 1.9s      |
+| Performance Score   | 100%     | 64%       |
+| Time to Interactive | **2.8s** | **12.4s** |

 ## Privacy

 ### Reddit

 **Logging:** According to Reddit's [privacy policy](https://www.redditinc.com/policies/privacy-policy), they "may [automatically] log information" including:
+
 - IP address
 - User-agent string
 - Browser type
@ -141,13 +134,15 @@ Results from Google Lighthouse ([Libreddit Report](https://lighthouse-dot-webdot
 - The requested URL
 - Search terms

-**Location:** The same privacy policy goes on to describe location data may be collected through the use of:
+**Location:** The same privacy policy goes on to describe that location data may be collected through the use of:
+
 - GPS (consensual)
 - Bluetooth (consensual)
 - Content associated with a location (consensual)
 - Your IP Address

 **Cookies:** Reddit's [cookie notice](https://www.redditinc.com/policies/cookies) documents the array of cookies used by Reddit including/regarding:
+
 - Authentication
 - Functionality
 - Analytics and Performance
@ -155,136 +150,295 @@ Results from Google Lighthouse ([Libreddit Report](https://lighthouse-dot-webdot
 - Third-Party Cookies
 - Third-Party Site

-### Libreddit
+### Redlib

-For transparency, I hope to describe all the ways Libreddit handles user privacy.
+For transparency, I hope to describe all the ways Redlib handles user privacy.

-**Logging:** In production (when running the binary, hosting with docker, or using the official instances), Libreddit logs nothing. When debugging (running from source without `--release`), Libreddit logs post IDs fetched to aid with troubleshooting.
+#### Server

-**DNS:** Both official domains (`libredd.it` and `libreddit.spike.codes`) use Cloudflare as the DNS resolver. Though, the sites are not proxied through Cloudflare meaning Cloudflare doesn't have access to user traffic.
+- **Logging:** In production (when running the binary, hosting with docker, or using the official instances), Redlib logs nothing. When debugging (running from source without `--release`), Redlib logs post IDs fetched to aid with troubleshooting.

-**Cookies:** Libreddit uses optional cookies to store any configured settings in [the settings menu](https://libreddit.spike.codes/settings). These are not cross-site cookies and the cookies hold no personal data.
-
-**Hosting:** The official instances are hosted on [Replit](https://replit.com/) which monitors usage to prevent abuse. I can understand if this invalidates certain users' threat models and therefore, selfhosting, using unofficial instances and browsing through Tor are welcomed.
-
---
-
-# Installation
-
-## 1) Cargo
-
-Make sure Rust stable is installed along with `cargo`, Rust's package manager.
-
-```
-cargo install libreddit
-```
-
-## 2) Docker
-
-Deploy the [Docker image](https://hub.docker.com/r/spikecodes/libreddit) of Libreddit:
-```
-docker pull spikecodes/libreddit
-docker run -d --name libreddit -p 8080:8080 spikecodes/libreddit
-```
-
-Deploy using a different port (in this case, port 80):
-```
-docker pull spikecodes/libreddit
-docker run -d --name libreddit -p 80:8080 spikecodes/libreddit
-```
-
-To deploy on `arm64` platforms, simply replace `spikecodes/libreddit` in the commands above with `spikecodes/libreddit:arm`.
-
-To deploy on `armv7` platforms, simply replace `spikecodes/libreddit` in the commands above with `spikecodes/libreddit:armv7`.
-
-## 3) AUR
-
-For ArchLinux users, Libreddit is available from the AUR as [`libreddit-git`](https://aur.archlinux.org/packages/libreddit-git).
-
-```
-yay -S libreddit-git
-```
-
-## 4) GitHub Releases
-
-If you're on Linux and none of these methods work for you, you can grab a Linux binary from [the newest release](https://github.com/spikecodes/libreddit/releases/latest).
-
-## 5) Replit/Heroku/Glitch
-
-**Note:** These are free hosting options but they are *not* private and will monitor server usage to prevent abuse. If you need a free and easy setup, this method may work best for you.
-
-<a href="https://repl.it/github/spikecodes/libreddit"><img src="https://repl.it/badge/github/spikecodes/libreddit" alt="Run on Repl.it" height="32" /></a>
-[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/spikecodes/libreddit)
-[![Remix on Glitch](https://cdn.glitch.com/2703baf2-b643-4da7-ab91-7ee2a2d00b5b%2Fremix-button-v2.svg)](https://glitch.com/edit/#!/remix/libreddit)
+- **Cookies:** Redlib uses optional cookies to store any configured settings in the settings menu. These are not cross-site cookies and the cookies hold no personal data.

 ---

 # Deployment

-Once installed, deploy Libreddit to `0.0.0.0:8080` by running:
+This section covers multiple ways of deploying Redlib. Using [Docker](#docker) is recommended for production.

-```
-libreddit
-```
+For configuration options, see the [Configuration section](#Configuration).

-## Change Default Settings
+## Docker

-Assign a default value for each setting by passing environment variables to Libreddit in the format `LIBREDDIT_DEFAULT_{X}`. Replace `{X}` with the setting name (see list below) in capital letters.
+[Docker](https://www.docker.com) lets you run containerized applications. Containers are loosely isolated environments that are lightweight and contain everything needed to run the application, so there's no need to rely on what's installed on the host.

-| Name                    | Possible values                                                                                     | Default value |
-|-------------------------|-----------------------------------------------------------------------------------------------------|---------------|
-| `THEME`                 | `["system", "light", "dark", "black", "dracula", "nord", "laserwave", "violet", "gold", "rosebox"]` | `system`      |
-| `FRONT_PAGE`            | `["default", "popular", "all"]`                                                                     | `default`     |
-| `LAYOUT`                | `["card", "clean", "compact"]`                                                                      | `card`        |
-| `WIDE`                  | `["on", "off"]`                                                                                     | `off`         |
-| `COMMENT_SORT`          | `["hot", "new", "top", "rising", "controversial"]`                                                  | `hot`         |
-| `POST_SORT`             | `["confidence", "top", "new", "controversial", "old"]`                                              | `confidence`  |
-| `SHOW_NSFW`             | `["on", "off"]`                                                                                     | `off`         |
-| `USE_HLS`               | `["on", "off"]`                                                                                     | `off`         |
-| `HIDE_HLS_NOTIFICATION` | `["on", "off"]`                                                                                     | `off`         |
-| `AUTOPLAY_VIDEOS`       | `["on", "off"]`                                                                                     | `off`         |
+Container images for Redlib are available at [quay.io](https://quay.io/repository/redlib/redlib), with support for `amd64`, `arm64`, and `armv7` platforms.

-### Examples
+### Docker Compose
+
+> [!IMPORTANT]
+> These instructions assume the [Compose plugin](https://docs.docker.com/compose/migrate/#what-are-the-differences-between-compose-v1-and-compose-v2) has already been installed. If not, follow these [instructions on the Docker Docs](https://docs.docker.com/compose/install) for how to do so.
+
+Copy `compose.yaml` and modify any relevant values (for example, the ports Redlib should listen on).
+
+Start Redlib in detached mode (running in the background):

 ```bash
-LIBREDDIT_DEFAULT_SHOW_NSFW=on libreddit
+docker compose up -d
 ```

+Stream logs from the Redlib container:
+
 ```bash
-LIBREDDIT_DEFAULT_WIDE=on LIBREDDIT_DEFAULT_THEME=dark libreddit -r
+docker logs -f redlib
 ```

-## Proxying using NGINX
+### Docker CLI

-**NOTE** If you're [proxying Libreddit through a NGINX Reverse Proxy](https://github.com/spikecodes/libreddit/issues/122#issuecomment-782226853), add
-```nginx
-proxy_http_version 1.1;
+Deploy Redlib:
+
+```bash
+docker pull quay.io/redlib/redlib:latest
+docker run -d --name redlib -p 8080:8080 quay.io/redlib/redlib:latest
 ```
-to your NGINX configuration file above your `proxy_pass` line.

-## systemd
+Deploy using a different port on the host (in this case, port 80):

-You can use the systemd service available in `contrib/libreddit.service`
-(install it on `/etc/systemd/system/libreddit.service`).
+```bash
+docker pull quay.io/redlib/redlib:latest
+docker run -d --name redlib -p 80:8080 quay.io/redlib/redlib:latest
+```
+
+If you're using a reverse proxy in front of Redlib, prefix the port numbers with `127.0.0.1` so that Redlib only listens on the host port **locally**. For example, if the host port for Redlib is `8080`, specify `127.0.0.1:8080:8080`.
+
+Stream logs from the Redlib container:
+
+```bash
+docker logs -f redlib
+```
+## Podman 
+
+[Podman](https://podman.io/) lets you run containerized applications in a rootless fashion. Containers are loosely isolated environments that are lightweight and contain everything needed to run the application, so there's no need to rely on what's installed on the host.
+
+Container images for Redlib are available at [quay.io](https://quay.io/repository/redlib/redlib), with support for `amd64`, `arm64`, and `armv7` platforms.
+
+### Quadlets
+
+> [!IMPORTANT]
+> These instructions assume that you are on a systemd based distro with [podman](https://podman.io/). If not, follow these [instructions on podman's website](https://podman.io/docs/installation) for how to do so. 
+> It also assumes you have used `loginctl enable-linger <username>` to enable the service to start for your user without logging in. 
+
+Copy the `redlib.container` and `.env.example` files to `.config/containers/systemd/` and modify any relevant values (for example, the ports Redlib should listen on, renaming the .env file and editing its values, etc.).
+
+To start Redlib either reboot or follow the instructions below:
+
+Notify systemd of the new files
+```bash
+systemctl --user daemon-reload
+```
+
+Start the newly generated service file
+
+```bash
+systemctl --user start redlib.service
+```
+
+You can check the status of your container by using the following command:
+```bash 
+systemctl --user status redlib.service
+```
+
+## Binary
+
+If you're on Linux, you can grab a binary from [the newest release](https://github.com/redlib-org/redlib/releases/latest) from GitHub.
+
+Download the binary using [Wget](https://www.gnu.org/software/wget/):
+
+```bash
+wget https://github.com/redlib-org/redlib/releases/download/v0.31.0/redlib
+```
+
+Make the binary executable and change its ownership to `root`:
+
+```bash
+sudo chmod +x redlib && sudo chown root:root redlib
+```
+
+Copy the binary to `/usr/bin`:
+
+```bash
+sudo cp ./redlib /usr/bin/redlib
+```
+
+Deploy Redlib to `0.0.0.0:8080`:
+
+```bash
+redlib
+```
+
+> [!IMPORTANT]
+> If you're proxying Redlib through NGINX (see [issue #122](https://github.com/libreddit/libreddit/issues/122#issuecomment-782226853)), add
+>
+> ```nginx
+> proxy_http_version 1.1;
+> ```
+>
+> to your NGINX configuration file above your `proxy_pass` line.
+
+### Running as a systemd service
+
+You can use the systemd service available in `contrib/redlib.service`
+(install it on `/etc/systemd/system/redlib.service`).

 That service can be optionally configured in terms of environment variables by
-creating a file in `/etc/libreddit.conf`. Use the `contrib/libreddit.conf` as a
-template. You can also add the `LIBREDDIT_DEFAULT__{X}` settings explained
+creating a file in `/etc/redlib.conf`. Use the `contrib/redlib.conf` as a
+template. You can also add the `REDLIB_DEFAULT__{X}` settings explained
 above.

 When "Proxying using NGINX" where the proxy is on the same machine, you should
 guarantee nginx waits for this service to start. Edit
-`/etc/systemd/system/libreddit.service.d/reverse-proxy.conf`:
+`/etc/systemd/system/redlib.service.d/reverse-proxy.conf`:

 ```conf
 [Unit]
 Before=nginx.service
 ```

-## Building
+## Building from source

-```
-git clone https://github.com/spikecodes/libreddit
-cd libreddit
+To deploy Redlib with changes not yet included in the latest release, you can build the application from source.
+
+```bash
+git clone https://github.com/redlib-org/redlib && cd redlib
 cargo run
 ```
+
+## Replit/Heroku
+
+> [!WARNING]
+> These are free hosting options, but they are _not_ private and will monitor server usage to prevent abuse. If you need a free and easy setup, this method may work best for you.
+
+<a href="https://repl.it/github/redlib-org/redlib"><img src="https://repl.it/badge/github/redlib-org/redlib" alt="Run on Repl.it" height="32" /></a>
+[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/redlib-org/redlib)
+
+## launchd (macOS)
+
+If you are on macOS, you can use the [launchd](https://en.wikipedia.org/wiki/Launchd) service available in `contrib/redlib.plist`.
+
+Install it with `cp contrib/redlib.plist ~/Library/LaunchAgents/`.
+
+Load and start it with `launchctl load ~/Library/LaunchAgents/redlib.plist`.
+
+<!-- ## Cargo
+
+Make sure Rust stable is installed along with `cargo`, Rust's package manager.
+
+```bash
+cargo install libreddit
+``` -->
+
+<!-- ## AUR
+
+For ArchLinux users, Redlib is available from the AUR as [`libreddit-git`](https://aur.archlinux.org/packages/libreddit-git).
+
+```bash
+yay -S libreddit-git
+```
+## NetBSD/pkgsrc
+
+For NetBSD users, Redlib is available from the official repositories.
+
+```bash
+pkgin install libreddit
+```
+
+Or, if you prefer to build from source
+
+```bash
+cd /usr/pkgsrc/libreddit
+make install
+``` -->
+
+---
+
+# Configuration
+
+You can configure Redlib further using environment variables. For example:
+
+```bash
+REDLIB_DEFAULT_SHOW_NSFW=on redlib
+```
+
+```bash
+REDLIB_DEFAULT_WIDE=on REDLIB_DEFAULT_THEME=dark redlib -r
+```
+
+You can also configure Redlib with a configuration file named `redlib.toml`. For example:
+
+```toml
+REDLIB_DEFAULT_WIDE = "on"
+REDLIB_DEFAULT_USE_HLS = "on"
+```
+
+> [!NOTE]
+> If you're deploying Redlib using the **Docker CLI or Docker Compose**, environment variables can be defined in a [`.env` file](https://docs.docker.com/compose/environment-variables/set-environment-variables/), allowing you to centralize and manage configuration in one place.
+>
+> To configure Redlib using a `.env` file, copy the `.env.example` file to `.env` and edit it accordingly.
+>
+> If using the Docker CLI, add ` --env-file .env` to the command that runs Redlib. For example:
+>
+> ```bash
+> docker run -d --name redlib -p 8080:8080 --env-file .env quay.io/redlib/redlib:latest
+> ```
+>
+> If using Docker Compose, no changes are needed as the `.env` file is already referenced in `compose.yaml` via the `env_file: .env` line.
+
+## Command Line Flags
+
+Redlib supports the following command line flags:
+
+- `-4`, `--ipv4-only`: Listen on IPv4 only.
+- `-6`, `--ipv6-only`: Listen on IPv6 only.
+- `-r`, `--redirect-https`: Redirect all HTTP requests to HTTPS (no longer functional).
+- `-a`, `--address <ADDRESS>`: Sets address to listen on. Default is `[::]`.
+- `-p`, `--port <PORT>`: Port to listen on. Default is `8080`.
+- `-H`, `--hsts <EXPIRE_TIME>`: HSTS header to tell browsers that this site should only be accessed over HTTPS. Default is `604800`.
+
+## Instance settings
+
+Assign a default value for each instance-specific setting by passing environment variables to Redlib in the format `REDLIB_{X}`. Replace `{X}` with the setting name (see list below) in capital letters.
+
+| Name                      | Possible values | Default value          | Description                                                                                               |
+| ------------------------- | --------------- | ----------------       | --------------------------------------------------------------------------------------------------------- |
+| `SFW_ONLY`                | `["on", "off"]` | `off`                  | Enables SFW-only mode for the instance, i.e. all NSFW content is filtered.                                |
+| `BANNER`                  | String          | (empty)                | Allows the server to set a banner to be displayed. Currently this is displayed on the instance info page. |
+| `ROBOTS_DISABLE_INDEXING` | `["on", "off"]` | `off`                  | Disables indexing of the instance by search engines.                                                      |
+| `PUSHSHIFT_FRONTEND`      | String          | `undelete.pullpush.io` | Allows the server to set the Pushshift frontend to be used with "removed" links.                          |
+| `PORT`                    | Integer 0-65535 | `8080`                 | The **internal** port Redlib listens on.                                                                  |
+| `ENABLE_RSS`              | `["on", "off"]` | `off`                  | Enables RSS feed generation.                                                                              |
+| `FULL_URL`                | String          | (empty)                | Allows for proper URLs (for now, only needed by RSS)
+## Default user settings
+
+Assign a default value for each user-modifiable setting by passing environment variables to Redlib in the format `REDLIB_DEFAULT_{Y}`. Replace `{Y}` with the setting name (see list below) in capital letters.
+
+| Name                                | Possible values                                                                                                                    | Default value |
+| ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ------------- |
+| `THEME`                             | `["system", "light", "dark", "black", "dracula", "nord", "laserwave", "violet", "gold", "rosebox", "gruvboxdark", "gruvboxlight", "tokyoNight", "icebergDark", "doomone", "libredditBlack", "libredditDark", "libredditLight"]` | `system`      |
+| `FRONT_PAGE`                        | `["default", "popular", "all"]`                                                                                                    | `default`     |
+| `LAYOUT`                            | `["card", "clean", "compact"]`                                                                                                     | `card`        |
+| `WIDE`                              | `["on", "off"]`                                                                                                                    | `off`         |
+| `POST_SORT`                         | `["hot", "new", "top", "rising", "controversial"]`                                                                                 | `hot`         |
+| `COMMENT_SORT`                      | `["confidence", "top", "new", "controversial", "old"]`                                                                             | `confidence`  |
+| `BLUR_SPOILER`                      | `["on", "off"]`                                                                                                                    | `off`         |
+| `SHOW_NSFW`                         | `["on", "off"]`                                                                                                                    | `off`         |
+| `BLUR_NSFW`                         | `["on", "off"]`                                                                                                                    | `off`         |
+| `USE_HLS`                           | `["on", "off"]`                                                                                                                    | `off`         |
+| `HIDE_HLS_NOTIFICATION`             | `["on", "off"]`                                                                                                                    | `off`         |
+| `AUTOPLAY_VIDEOS`                   | `["on", "off"]`                                                                                                                    | `off`         |
+| `SUBSCRIPTIONS`                     | `+`-delimited list of subreddits (`sub1+sub2+sub3+...`)                                                                            | _(none)_      |
+| `HIDE_AWARDS`                       | `["on", "off"]`                                                                                                                    | `off`         |
+| `DISABLE_VISIT_REDDIT_CONFIRMATION` | `["on", "off"]`                                                                                                                    | `off`         |
+| `HIDE_SCORE`                        | `["on", "off"]`                                                                                                                    | `off`         |
+| `HIDE_SIDEBAR_AND_SUMMARY`          | `["on", "off"]`                                                                                                                    | `off`         |
+| `FIXED_NAVBAR`                      | `["on", "off"]`                                                                                                                    | `on`          |
+| `REMOVE_DEFAULT_FEEDS`              | `["on", "off"]`                                                                                                                    | `off`         |
--- a/app.json
+++ b/app.json
@ -1,5 +1,5 @@
 {
-  "name": "Libreddit",
+  "name": "Redlib",
  "description": "Private front-end for Reddit",
  "buildpacks": [
    {
@ -11,31 +11,73 @@
  ],
  "stack": "container",
  "env": {
-    "LIBREDDIT_DEFAULT_THEME": {
+    "REDLIB_DEFAULT_THEME": {
      "required": false
    },
-    "LIBREDDIT_DEFAULT_FRONT_PAGE": {
+    "REDLIB_DEFAULT_FRONT_PAGE": {
      "required": false
    },
-    "LIBREDDIT_DEFAULT_LAYOUT": {
+    "REDLIB_DEFAULT_LAYOUT": {
      "required": false
    },
-    "LIBREDDIT_DEFAULT_WIDE": {
+    "REDLIB_DEFAULT_WIDE": {
      "required": false
    },
-    "LIBREDDIT_DEFAULT_COMMENT_SORT": {
+    "REDLIB_DEFAULT_COMMENT_SORT": {
      "required": false
    },
-    "LIBREDDIT_DEFAULT_POST_SORT": {
+    "REDLIB_DEFAULT_POST_SORT": {
      "required": false
    },
-    "LIBREDDIT_DEFAULT_SHOW_NSFW": {
+    "REDLIB_DEFAULT_BLUR_SPOILER": {
      "required": false
    },
-    "LIBREDDIT_USE_HLS": {
+    "REDLIB_DEFAULT_SHOW_NSFW": {
      "required": false
    },
-    "LIBREDDIT_HIDE_HLS_NOTIFICATION": {
+    "REDLIB_DEFAULT_BLUR_NSFW": {
+      "required": false
+    },
+    "REDLIB_USE_HLS": {
+      "required": false
+    },
+    "REDLIB_HIDE_HLS_NOTIFICATION": {
+      "required": false
+    },
+    "REDLIB_SFW_ONLY": {
+      "required": false
+    },
+    "REDLIB_DEFAULT_HIDE_AWARDS": {
+      "required": false
+    },
+    "REDLIB_DEFAULT_HIDE_SCORE": {
+      "required": false
+    },
+    "REDLIB_BANNER": {
+      "required": false
+    },
+    "REDLIB_ROBOTS_DISABLE_INDEXING": {
+      "required": false
+    },
+    "REDLIB_DEFAULT_SUBSCRIPTIONS": {
+      "required": false
+    },
+    "REDLIB_DEFAULT_FILTERS": {
+      "required": false
+    },
+    "REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION": {
+      "required": false
+    },
+    "REDLIB_PUSHSHIFT_FRONTEND": {
+      "required": false
+    },
+    "REDLIB_ENABLE_RSS": {
+      "required": false
+    },
+    "REDLIB_FULL_URL": {
+      "required": false
+    },
+    "REDLIB_DEFAULT_REMOVE_DEFAULT_FEEDS": {
      "required": false
    }
  }
--- a/build.rs
+++ b/build.rs
@ -0,0 +1,25 @@
+use std::process::{Command, ExitStatus, Output};
+
+#[cfg(not(target_os = "windows"))]
+use std::os::unix::process::ExitStatusExt;
+
+#[cfg(target_os = "windows")]
+use std::os::windows::process::ExitStatusExt;
+
+fn main() {
+	println!("cargo:rerun-if-changed=src/");
+	let output = String::from_utf8(
+		Command::new("git")
+			.args(["rev-parse", "HEAD"])
+			.output()
+			.unwrap_or(Output {
+				stdout: vec![],
+				stderr: vec![],
+				status: ExitStatus::from_raw(0),
+			})
+			.stdout,
+	)
+	.unwrap_or_default();
+	let git_hash = if output == String::default() { "dev".into() } else { output };
+	println!("cargo:rustc-env=GIT_HASH={git_hash}");
+}
--- a/compose.dev.yaml
+++ b/compose.dev.yaml
@ -0,0 +1,26 @@
+# docker-compose -f docker-compose.dev.yml up -d
+version: "3.8"
+
+services:
+  redlib:
+    build: .
+    restart: always
+    container_name: "redlib"
+    ports:
+      - 8080:8080 # Specify `127.0.0.1:8080:8080` instead if using a reverse proxy
+    user: nobody
+    read_only: true
+    security_opt:
+      - no-new-privileges:true
+      # - seccomp=seccomp-redlib.json
+    cap_drop:
+      - ALL
+    networks:
+      - redlib
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
+      interval: 5m
+      timeout: 3s
+
+networks:
+  redlib:
--- a/compose.yaml
+++ b/compose.yaml
@ -0,0 +1,24 @@
+services:
+  redlib:
+    image: quay.io/redlib/redlib:latest
+    restart: always
+    container_name: "redlib"
+    ports:
+      - 8080:8080 # Specify `127.0.0.1:8080:8080` instead if using a reverse proxy
+    user: nobody
+    read_only: true
+    security_opt:
+      - no-new-privileges:true
+      # - seccomp=seccomp-redlib.json
+    cap_drop:
+      - ALL
+    env_file: .env
+    networks:
+      - redlib
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
+      interval: 5m
+      timeout: 3s
+
+networks:
+  redlib:
--- a/contrib/libreddit.conf
+++ b/contrib/libreddit.conf
@ -1,2 +0,0 @@
-ADDRESS=localhost
-PORT=12345
--- a/contrib/libreddit.service
+++ b/contrib/libreddit.service
@ -1,15 +0,0 @@
-[Unit]
-Description=libreddit daemon
-After=network.service
-
-[Service]
-DynamicUser=yes
-# Default Values
-Environment=ADDRESS=0.0.0.0
-Environment=PORT=8080
-# Optional Override
-EnvironmentFile=-/etc/libreddit.conf
-ExecStart=/usr/bin/libreddit -a ${ADDRESS} -p ${PORT}
-
-[Install]
-WantedBy=default.target
--- a/contrib/redlib.conf
+++ b/contrib/redlib.conf
@ -0,0 +1,17 @@
+ADDRESS=0.0.0.0
+PORT=12345
+#REDLIB_DEFAULT_THEME=default
+#REDLIB_DEFAULT_FRONT_PAGE=default
+#REDLIB_DEFAULT_LAYOUT=card
+#REDLIB_DEFAULT_WIDE=off
+#REDLIB_DEFAULT_POST_SORT=hot
+#REDLIB_DEFAULT_COMMENT_SORT=confidence
+#REDLIB_DEFAULT_BLUR_SPOILER=off
+#REDLIB_DEFAULT_SHOW_NSFW=off
+#REDLIB_DEFAULT_BLUR_NSFW=off
+#REDLIB_DEFAULT_USE_HLS=off
+#REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION=off
+#REDLIB_DEFAULT_AUTOPLAY_VIDEOS=off
+#REDLIB_DEFAULT_SUBSCRIPTIONS=(sub1+sub2+sub3)
+#REDLIB_DEFAULT_HIDE_AWARDS=off
+#REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION=off
--- a/contrib/redlib.plist
+++ b/contrib/redlib.plist
@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+    <key>Label</key>
+    <string>redlib</string>
+
+    <key>Program</key>
+    <string>redlib</string>
+
+    <key>KeepAlive</key>
+    <true/>
+
+    <key>RunAtLoad</key>
+    <true/>
+</dict>
+</plist>
+
+ 
--- a/contrib/redlib.service
+++ b/contrib/redlib.service
@ -0,0 +1,38 @@
+[Unit]
+Description=redlib daemon
+After=network.service
+
+[Service]
+DynamicUser=yes
+# Default Values
+#Environment=ADDRESS=0.0.0.0
+#Environment=PORT=8080
+# Optional Override
+EnvironmentFile=-/etc/redlib.conf
+ExecStart=/usr/bin/redlib -a ${ADDRESS} -p ${PORT}
+
+# Hardening
+DeviceAllow=
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+PrivateDevices=yes
+ProcSubset=pid
+ProtectClock=yes
+ProtectControlGroups=yes
+ProtectHome=yes
+ProtectHostname=yes
+ProtectKernelLogs=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+ProtectProc=invisible
+RestrictAddressFamilies=AF_INET AF_INET6
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallFilter=~@privileged @resources
+UMask=0077
+
+[Install]
+WantedBy=default.target
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,13 +0,0 @@
-version: "3.8"
-
-services:
-  web:
-    build: .
-    restart: always
-    container_name: "libreddit"
-    ports:
-      - 8080:8080
-    healthcheck:
-      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
-      interval: 5m
-      timeout: 3s
--- a/flake.lock
+++ b/flake.lock
@ -0,0 +1,98 @@
+{
+  "nodes": {
+    "crane": {
+      "locked": {
+        "lastModified": 1731974733,
+        "narHash": "sha256-enYSSZVVl15FI5p+0Y5/Ckf5DZAvXe6fBrHxyhA/njc=",
+        "owner": "ipetkov",
+        "repo": "crane",
+        "rev": "3cb338ce81076ce5e461cf77f7824476addb0e1c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ipetkov",
+        "repo": "crane",
+        "type": "github"
+      }
+    },
+    "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1731890469,
+        "narHash": "sha256-D1FNZ70NmQEwNxpSSdTXCSklBH1z2isPR84J6DQrJGs=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "5083ec887760adfe12af64830a66807423a859a7",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "crane": "crane",
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs",
+        "rust-overlay": "rust-overlay"
+      }
+    },
+    "rust-overlay": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1732069891,
+        "narHash": "sha256-moKx8AVJrViCSdA0e0nSsG8b1dAsObI4sRAtbqbvBY8=",
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "rev": "8509a51241c407d583b1963d5079585a992506e8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "type": "github"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/flake.nix
+++ b/flake.nix
@ -0,0 +1,65 @@
+{
+  description = "Redlib: Private front-end for Reddit";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+
+    crane.url = "github:ipetkov/crane";
+
+    flake-utils.url = "github:numtide/flake-utils";
+
+    rust-overlay = {
+      url = "github:oxalica/rust-overlay";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = { nixpkgs, crane, flake-utils, rust-overlay, ... }:
+    flake-utils.lib.eachSystem [ "x86_64-linux" ] (system:
+      let
+        pkgs = import nixpkgs {
+          inherit system;
+          overlays = [ (import rust-overlay) ];
+        };
+
+        inherit (pkgs) lib;
+
+        rustToolchain = pkgs.rust-bin.stable.latest.default.override {
+          targets = [ "x86_64-unknown-linux-musl" ];
+        };
+
+        craneLib = (crane.mkLib pkgs).overrideToolchain rustToolchain;
+
+
+        src = lib.cleanSourceWith {
+          src = craneLib.path ./.;
+          filter = path: type:
+            (lib.hasInfix "/templates/" path) ||
+            (lib.hasInfix "/static/" path) ||
+            (craneLib.filterCargoSources path type);
+        };
+
+        redlib = craneLib.buildPackage {
+          inherit src;
+          strictDeps = true;
+          doCheck = false;
+
+          CARGO_BUILD_TARGET = "x86_64-unknown-linux-musl";
+          CARGO_BUILD_RUSTFLAGS = "-C target-feature=+crt-static";
+        };
+      in
+      {
+        checks = {
+          my-crate = redlib;
+        };
+
+        packages.default = redlib;
+        packages.docker = pkgs.dockerTools.buildImage {
+          name = "quay.io/redlib/redlib";
+          tag = "latest";
+          created = "now";
+          copyToRoot = with pkgs.dockerTools; [ caCertificates fakeNss ];
+          config.Cmd = "${redlib}/bin/redlib";
+        };
+      });
+}
--- a/redlib.container
+++ b/redlib.container
@ -0,0 +1,16 @@
+[Install]
+WantedBy=default.target
+
+[Container]
+AutoUpdate=registry
+ContainerName=redlib
+DropCapability=ALL
+EnvironmentFile=.env
+HealthCmd=["wget","--spider","-q","--tries=1","http://localhost:8080/settings"]
+HealthInterval=5m
+HealthTimeout=3s
+Image=quay.io/redlib/redlib:latest
+NoNewPrivileges=true
+PublishPort=8080:8080
+ReadOnly=true
+User=nobody
--- a/scripts/gen-credits.sh
+++ b/scripts/gen-credits.sh
@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+# This scripts generates the CREDITS file in the repository root, which
+# contains a list of all contributors ot the Redlib project.
+#
+# We use git-log to surface the names and emails of all authors and committers,
+# and grep will filter any automated commits due to GitHub.
+
+set -o pipefail
+
+cd "$(dirname "${BASH_SOURCE[0]}")/../" || exit 1
+git --no-pager log --pretty='%an <%ae>%n%cn <%ce>' main \
+    | sort -t'<' -u -k1,1 -k2,2 \
+    | grep -Fv -- 'GitHub <noreply@github.com>' \
+    > CREDITS
--- a/scripts/load_test.py
+++ b/scripts/load_test.py
@ -0,0 +1,31 @@
+import requests
+from bs4 import BeautifulSoup
+from concurrent.futures import ThreadPoolExecutor
+
+base_url = "http://localhost:8080"
+
+full_path = f"{base_url}/r/politics"
+
+ctr = 0
+
+def fetch_url(url):
+    global ctr
+    response = requests.get(url)
+    ctr += 1
+    print(f"Request count: {ctr}")
+    return response
+
+while full_path:
+    response = requests.get(full_path)
+    ctr += 1
+    print(f"Request count: {ctr}")
+    soup = BeautifulSoup(response.text, 'html.parser')
+    comment_links = soup.find_all('a', class_='post_comments')
+    comment_urls = [base_url + link['href'] for link in comment_links]
+    with ThreadPoolExecutor(max_workers=10) as executor:
+        executor.map(fetch_url, comment_urls)
+    next_link = soup.find('a', accesskey='N')
+    if next_link:
+        full_path = base_url + next_link['href']
+    else:
+        break
--- a/scripts/update_hls_js.sh
+++ b/scripts/update_hls_js.sh
@ -0,0 +1,18 @@
+#!/bin/bash
+
+cd "$(dirname "$0")"
+LATEST_TAG=$(curl -s https://api.github.com/repos/video-dev/hls.js/releases/latest | jq -r '.tag_name')
+
+if [[ -z "$LATEST_TAG" || "$LATEST_TAG" == "null" ]]; then
+  echo "Failed to fetch the latest release tag from GitHub."
+  exit 1
+fi
+
+LICENSE="// @license http://www.apache.org/licenses/LICENSE-2.0 Apache-2.0
+// @source  https://github.com/video-dev/hls.js/tree/$LATEST_TAG"
+
+echo "$LICENSE" > ../static/hls.min.js
+
+curl -s https://cdn.jsdelivr.net/npm/hls.js@${LATEST_TAG}/dist/hls.min.js >> ../static/hls.min.js
+
+echo "Update complete. The latest hls.js (${LATEST_TAG}) has been saved to static/hls.min.js."
--- a/scripts/update_oauth_resources.sh
+++ b/scripts/update_oauth_resources.sh
@ -0,0 +1,112 @@
+#!/bin/bash
+
+# Requirements
+# - curl
+# - rg
+# - jq
+
+# Fetch iOS app versions
+ios_version_list=$(curl -s "https://ipaarchive.com/app/usa/1064216828" | rg "(20\d{2}\.\d+.\d+) / (\d+)" --only-matching -r "Version \$1/Build \$2" | sort | uniq)
+
+# Count the number of lines in the version list
+ios_app_count=$(echo "$ios_version_list" | wc -l)
+
+echo -e "Fetching \e[34m$ios_app_count iOS app versions...\e[0m"
+
+
+# Specify the filename as a variable
+filename="src/oauth_resources.rs"
+
+# Add comment that it is user generated
+echo "// This file was generated by scripts/update_oauth_resources.sh" > "$filename"
+echo "// Rerun scripts/update_oauth_resources.sh to update this file" >> "$filename"
+echo "// Please do not edit manually" >> "$filename"
+echo "// Filled in with real app versions" >> "$filename"
+
+# Open the array in the source file
+echo "pub const _IOS_APP_VERSION_LIST: &[&str; $ios_app_count] = &[" >> "$filename"
+
+num=0
+
+# Append the version list to the source file
+echo "$ios_version_list" | while IFS= read -r line; do
+  num=$((num+1))
+  echo "	\"$line\"," >> "$filename"
+  echo -e "[$num/$ios_app_count] Fetched \e[34m$line\e[0m."
+done
+
+# Close the array in the source file
+echo "];" >> "$filename"
+
+# Fetch Android app versions
+page_1=$(curl -s "https://apkcombo.com/reddit/com.reddit.frontpage/old-versions/" | rg "<a class=\"ver-item\" href=\"(/reddit/com\.reddit\.frontpage/download/phone-20\d{2}\.\d+\.\d+-apk)\" rel=\"nofollow\">" -r "https://apkcombo.com\$1" | sort | uniq | sed 's/      //g')
+# Append with pages
+page_2=$(curl -s "https://apkcombo.com/reddit/com.reddit.frontpage/old-versions?page=2" | rg "<a class=\"ver-item\" href=\"(/reddit/com\.reddit\.frontpage/download/phone-20\d{2}\.\d+\.\d+-apk)\" rel=\"nofollow\">" -r "https://apkcombo.com\$1" | sort | uniq | sed 's/      //g')
+page_3=$(curl -s "https://apkcombo.com/reddit/com.reddit.frontpage/old-versions?page=3" | rg "<a class=\"ver-item\" href=\"(/reddit/com\.reddit\.frontpage/download/phone-20\d{2}\.\d+\.\d+-apk)\" rel=\"nofollow\">" -r "https://apkcombo.com\$1" | sort | uniq | sed 's/      //g')
+page_4=$(curl -s "https://apkcombo.com/reddit/com.reddit.frontpage/old-versions?page=4" | rg "<a class=\"ver-item\" href=\"(/reddit/com\.reddit\.frontpage/download/phone-20\d{2}\.\d+\.\d+-apk)\" rel=\"nofollow\">" -r "https://apkcombo.com\$1" | sort | uniq | sed 's/      //g')
+page_5=$(curl -s "https://apkcombo.com/reddit/com.reddit.frontpage/old-versions?page=5" | rg "<a class=\"ver-item\" href=\"(/reddit/com\.reddit\.frontpage/download/phone-20\d{2}\.\d+\.\d+-apk)\" rel=\"nofollow\">" -r "https://apkcombo.com\$1" | sort | uniq | sed 's/      //g')
+
+# Concatenate all pages
+versions="${page_1}"
+versions+=$'\n'
+versions+="${page_2}"
+versions+=$'\n'
+versions+="${page_3}"
+versions+=$'\n'
+versions+="${page_4}"
+versions+=$'\n'
+versions+="${page_5}"
+
+# Count the number of lines in the version list
+android_count=$(echo "$versions" | wc -l)
+
+echo -e "Fetching \e[32m$android_count Android app versions...\e[0m"
+
+# Append to the source file
+echo "pub const ANDROID_APP_VERSION_LIST: &[&str; $android_count] = &[" >> "$filename"
+
+num=0
+
+# For each in versions, curl the page and extract the build number
+echo "$versions" | while IFS= read -r line; do
+  num=$((num+1))
+  fetch_page=$(curl -s "$line")
+  build=$(echo "$fetch_page" | rg "<span class=\"vercode\">\((\d+)\)</span>" --only-matching -r "\$1" | head -n1)
+  version=$(echo "$fetch_page" | rg "<span class=\"vername\">Reddit (20\d{2}\.\d+\.\d+)</span>" --only-matching -r "\$1" | head -n1)
+  echo "	\"Version $version/Build $build\"," >> "$filename"
+  echo -e "[$num/$android_count] Fetched \e[32mVersion $version/Build $build\e[0m."
+done
+
+# Close the array in the source file
+echo "];" >> "$filename"
+
+# Retrieve iOS versions
+table=$(curl -s "https://en.wikipedia.org/w/api.php?action=parse&page=IOS_17&prop=wikitext&section=31&format=json" | jq ".parse.wikitext.\"*\"" | rg "(17\.[\d\.]*)\\\n\|(\w*)\\\n\|" --only-matching -r "Version \$1 (Build \$2)")
+
+# Count the number of lines in the version list
+ios_count=$(echo "$table" | wc -l)
+
+echo -e "Fetching \e[34m$ios_count iOS versions...\e[0m"
+
+# Append to the source file
+echo "pub const _IOS_OS_VERSION_LIST: &[&str; $ios_count] = &[" >> "$filename"
+
+num=0
+
+# For each in versions, curl the page and extract the build number
+echo "$table" | while IFS= read -r line; do
+  num=$((num+1))
+  echo "	\"$line\"," >> "$filename"
+  echo -e "\e[34m[$num/$ios_count] Fetched $line\e[0m."
+done
+
+# Close the array in the source file
+echo "];" >> "$filename"
+
+echo -e "\e[34mRetrieved $ios_app_count iOS app versions.\e[0m"
+echo -e "\e[32mRetrieved $android_count Android app versions.\e[0m"
+echo -e "\e[34mRetrieved $ios_count iOS versions.\e[0m"
+
+echo -e "\e[34mTotal: $((ios_app_count + android_count + ios_count))\e[0m"
+
+echo -e "\e[32mSuccess!\e[0m"
--- a/seccomp-redlib.json
+++ b/seccomp-redlib.json
@ -0,0 +1,125 @@
+{
+  "defaultAction": "SCMP_ACT_ERRNO",
+  "archMap": [
+    {
+      "architecture": "SCMP_ARCH_X86_64",
+      "subArchitectures": [
+        "SCMP_ARCH_X86",
+        "SCMP_ARCH_X32"
+      ]
+    },
+    {
+      "architecture": "SCMP_ARCH_AARCH64",
+      "subArchitectures": [
+        "SCMP_ARCH_ARM"
+      ]
+    },
+    {
+      "architecture": "SCMP_ARCH_MIPS64",
+      "subArchitectures": [
+        "SCMP_ARCH_MIPS",
+        "SCMP_ARCH_MIPS64N32"
+      ]
+    },
+    {
+      "architecture": "SCMP_ARCH_MIPS64N32",
+      "subArchitectures": [
+        "SCMP_ARCH_MIPS",
+        "SCMP_ARCH_MIPS64"
+      ]
+    },
+    {
+      "architecture": "SCMP_ARCH_MIPSEL64",
+      "subArchitectures": [
+        "SCMP_ARCH_MIPSEL",
+        "SCMP_ARCH_MIPSEL64N32"
+      ]
+    },
+    {
+      "architecture": "SCMP_ARCH_MIPSEL64N32",
+      "subArchitectures": [
+        "SCMP_ARCH_MIPSEL",
+        "SCMP_ARCH_MIPSEL64"
+      ]
+    },
+    {
+      "architecture": "SCMP_ARCH_S390X",
+      "subArchitectures": [
+        "SCMP_ARCH_S390"
+      ]
+    }
+  ],
+  "syscalls": [
+    {
+      "names": [
+        "accept4",
+        "arch_prctl",
+        "bind",
+        "brk",
+        "clock_gettime",
+        "clone",
+        "close",
+        "connect",
+        "epoll_create1",
+        "epoll_ctl",
+        "epoll_pwait",
+        "eventfd2",
+        "execve",
+        "exit",
+        "exit_group",
+        "fcntl",
+        "flock",
+        "fork",
+        "fstat",
+        "futex",
+        "getcwd",
+        "getpeername",
+        "getpid",
+        "getrandom",
+        "getsockname",
+        "getsockopt",
+        "getgid",
+        "getppid",
+        "gettid",
+        "getuid",
+        "ioctl",
+        "listen",
+        "lseek",
+        "madvise",
+        "mmap",
+        "mprotect",
+        "mremap",
+        "munmap",
+        "newfstatat",
+        "open",
+        "openat",
+        "prctl",
+        "poll",
+        "read",
+        "recvfrom",
+        "rt_sigaction",
+        "rt_sigprocmask",
+        "rt_sigreturn",
+        "sched_getaffinity",
+        "sched_yield",
+        "sendto",
+        "setitimer",
+        "setsockopt",
+        "set_tid_address",
+        "shutdown",
+        "sigaltstack",
+        "socket",
+        "socketpair",
+        "stat",
+        "wait4",
+        "write",
+        "writev"
+      ],
+      "action": "SCMP_ACT_ALLOW",
+      "args": [],
+      "comment": "",
+      "includes": {},
+      "excludes": {}
+    }
+  ]
+}
--- a/src/client.rs
+++ b/src/client.rs
@ -1,18 +1,149 @@
+use arc_swap::ArcSwap;
 use cached::proc_macro::cached;
+use futures_lite::future::block_on;
 use futures_lite::{future::Boxed, FutureExt};
-use hyper::{body::Buf, client, Body, Request, Response, Uri};
+use hyper::client::HttpConnector;
+use hyper::header::HeaderValue;
+use hyper::{body, body::Buf, header, Body, Client, Method, Request, Response, Uri};
+use hyper_rustls::HttpsConnector;
+use libflate::gzip;
+use log::{error, trace, warn};
+use once_cell::sync::Lazy;
+use percent_encoding::{percent_encode, CONTROLS};
 use serde_json::Value;
-use std::result::Result;

+use std::sync::atomic::Ordering;
+use std::sync::atomic::{AtomicBool, AtomicU16};
+use std::{io, result::Result};
+
+use crate::dbg_msg;
+use crate::oauth::{force_refresh_token, token_daemon, Oauth};
 use crate::server::RequestExt;
+use crate::utils::{format_url, Post};
+
+const REDDIT_URL_BASE: &str = "https://oauth.reddit.com";
+const REDDIT_URL_BASE_HOST: &str = "oauth.reddit.com";
+
+const REDDIT_SHORT_URL_BASE: &str = "https://redd.it";
+const REDDIT_SHORT_URL_BASE_HOST: &str = "redd.it";
+
+const ALTERNATIVE_REDDIT_URL_BASE: &str = "https://www.reddit.com";
+const ALTERNATIVE_REDDIT_URL_BASE_HOST: &str = "www.reddit.com";
+
+pub static HTTPS_CONNECTOR: Lazy<HttpsConnector<HttpConnector>> =
+	Lazy::new(|| hyper_rustls::HttpsConnectorBuilder::new().with_native_roots().https_only().enable_http2().build());
+
+pub static CLIENT: Lazy<Client<HttpsConnector<HttpConnector>>> = Lazy::new(|| Client::builder().build::<_, Body>(HTTPS_CONNECTOR.clone()));
+
+pub static OAUTH_CLIENT: Lazy<ArcSwap<Oauth>> = Lazy::new(|| {
+	let client = block_on(Oauth::new());
+	tokio::spawn(token_daemon());
+	ArcSwap::new(client.into())
+});
+
+pub static OAUTH_RATELIMIT_REMAINING: AtomicU16 = AtomicU16::new(99);
+
+pub static OAUTH_IS_ROLLING_OVER: AtomicBool = AtomicBool::new(false);
+
+const URL_PAIRS: [(&str, &str); 2] = [
+	(ALTERNATIVE_REDDIT_URL_BASE, ALTERNATIVE_REDDIT_URL_BASE_HOST),
+	(REDDIT_SHORT_URL_BASE, REDDIT_SHORT_URL_BASE_HOST),
+];
+
+/// Gets the canonical path for a resource on Reddit. This is accomplished by
+/// making a `HEAD` request to Reddit at the path given in `path`.
+///
+/// This function returns `Ok(Some(path))`, where `path`'s value is identical
+/// to that of the value of the argument `path`, if Reddit responds to our
+/// `HEAD` request with a 2xx-family HTTP code. It will also return an
+/// `Ok(Some(String))` if Reddit responds to our `HEAD` request with a
+/// `Location` header in the response, and the HTTP code is in the 3xx-family;
+/// the `String` will contain the path as reported in `Location`. The return
+/// value is `Ok(None)` if Reddit responded with a 3xx, but did not provide a
+/// `Location` header. An `Err(String)` is returned if Reddit responds with a
+/// 429, or if we were unable to decode the value in the `Location` header.
+#[cached(size = 1024, time = 600, result = true)]
+#[async_recursion::async_recursion]
+pub async fn canonical_path(path: String, tries: i8) -> Result<Option<String>, String> {
+	if tries == 0 {
+		return Ok(None);
+	}
+
+	// for each URL pair, try the HEAD request
+	let res = {
+		// for url base and host in URL_PAIRS, try reddit_short_head(path.clone(), true, url_base, url_base_host) and if it succeeds, set res. else, res = None
+		let mut res = None;
+		for (url_base, url_base_host) in URL_PAIRS {
+			res = reddit_short_head(path.clone(), true, url_base, url_base_host).await.ok();
+			if let Some(res) = &res {
+				if !res.status().is_client_error() {
+					break;
+				}
+			}
+		}
+		res
+	};
+
+	let res = res.ok_or_else(|| "Unable to make HEAD request to Reddit.".to_string())?;
+	let status = res.status().as_u16();
+	let policy_error = res.headers().get(header::RETRY_AFTER).is_some();
+
+	match status {
+		// If Reddit responds with a 2xx, then the path is already canonical.
+		200..=299 => Ok(Some(path)),
+
+		// If Reddit responds with a 301, then the path is redirected.
+		301 => match res.headers().get(header::LOCATION) {
+			Some(val) => {
+				let Ok(original) = val.to_str() else {
+					return Err("Unable to decode Location header.".to_string());
+				};
+
+				// We need to strip the .json suffix from the original path.
+				// In addition, we want to remove share parameters.
+				// Cut it off here instead of letting it propagate all the way
+				// to main.rs
+				let stripped_uri = original.strip_suffix(".json").unwrap_or(original).split('?').next().unwrap_or_default();
+
+				// The reason why we now have to format_url, is because the new OAuth
+				// endpoints seem to return full paths, instead of relative paths.
+				// So we need to strip the .json suffix from the original path, and
+				// also remove all Reddit domain parts with format_url.
+				// Otherwise, it will literally redirect to Reddit.com.
+				let uri = format_url(stripped_uri);
+
+				// Decrement tries and try again
+				canonical_path(uri, tries - 1).await
+			}
+			None => Ok(None),
+		},
+
+		// If Reddit responds with anything other than 3xx (except for the 2xx and 301
+		// as above), return a None.
+		300..=399 => Ok(None),
+
+		// Rate limiting
+		429 => Err("Too many requests.".to_string()),
+
+		// Special condition rate limiting - https://github.com/redlib-org/redlib/issues/229
+		403 if policy_error => Err("Too many requests.".to_string()),
+
+		_ => Ok(
+			res
+				.headers()
+				.get(header::LOCATION)
+				.map(|val| percent_encode(val.as_bytes(), CONTROLS).to_string().trim_start_matches(REDDIT_URL_BASE).to_string()),
+		),
+	}
+}

 pub async fn proxy(req: Request<Body>, format: &str) -> Result<Response<Body>, String> {
-	let mut url = format!("{}?{}", format, req.uri().query().unwrap_or_default());
+	let mut url = format!("{format}?{}", req.uri().query().unwrap_or_default());

 	// For each parameter in request
-	for (name, value) in req.params().iter() {
+	for (name, value) in &req.params() {
 		// Fill the parameter value in the url
-		url = url.replace(&format!("{{{}}}", name), value);
+		url = url.replace(&format!("{{{name}}}"), value);
 	}

 	stream(&url, &req).await
@ -20,15 +151,12 @@ pub async fn proxy(req: Request<Body>, format: &str) -> Result<Response<Body>, S

 async fn stream(url: &str, req: &Request<Body>) -> Result<Response<Body>, String> {
 	// First parameter is target URL (mandatory).
-	let uri = url.parse::<Uri>().map_err(|_| "Couldn't parse URL".to_string())?;
-
-	// Prepare the HTTPS connector.
-	let https = hyper_rustls::HttpsConnectorBuilder::new().with_native_roots().https_only().enable_http1().build();
+	let parsed_uri = url.parse::<Uri>().map_err(|_| "Couldn't parse URL".to_string())?;

 	// Build the hyper client from the HTTPS connector.
-	let client: client::Client<_, hyper::Body> = client::Client::builder().build(https);
+	let client: &Lazy<Client<_, Body>> = &CLIENT;

-	let mut builder = Request::get(uri);
+	let mut builder = Request::get(parsed_uri);

 	// Copy useful headers from original request
 	for &key in &["Range", "If-Modified-Since", "Cache-Control"] {
@ -55,54 +183,172 @@ async fn stream(url: &str, req: &Request<Body>) -> Result<Response<Body>, String
 			rm("x-cdn-server-region");
 			rm("x-reddit-cdn");
 			rm("x-reddit-video-features");
+			rm("Nel");
+			rm("Report-To");

 			res
 		})
 		.map_err(|e| e.to_string())
 }

-fn request(url: String, quarantine: bool) -> Boxed<Result<Response<Body>, String>> {
-	// Prepare the HTTPS connector.
-	let https = hyper_rustls::HttpsConnectorBuilder::new().with_native_roots().https_or_http().enable_http1().build();
+/// Makes a GET request to Reddit at `path`. By default, this will honor HTTP
+/// 3xx codes Reddit returns and will automatically redirect.
+fn reddit_get(path: String, quarantine: bool) -> Boxed<Result<Response<Body>, String>> {
+	request(&Method::GET, path, true, quarantine, REDDIT_URL_BASE, REDDIT_URL_BASE_HOST)
+}
+
+/// Makes a HEAD request to Reddit at `path, using the short URL base. This will not follow redirects.
+fn reddit_short_head(path: String, quarantine: bool, base_path: &'static str, host: &'static str) -> Boxed<Result<Response<Body>, String>> {
+	request(&Method::HEAD, path, false, quarantine, base_path, host)
+}
+
+// /// Makes a HEAD request to Reddit at `path`. This will not follow redirects.
+// fn reddit_head(path: String, quarantine: bool) -> Boxed<Result<Response<Body>, String>> {
+// 	request(&Method::HEAD, path, false, quarantine, false)
+// }
+// Unused - reddit_head is only ever called in the context of a short URL
+
+/// Makes a request to Reddit. If `redirect` is `true`, `request_with_redirect`
+/// will recurse on the URL that Reddit provides in the Location HTTP header
+/// in its response.
+fn request(method: &'static Method, path: String, redirect: bool, quarantine: bool, base_path: &'static str, host: &'static str) -> Boxed<Result<Response<Body>, String>> {
+	// Build Reddit URL from path.
+	let url = format!("{base_path}{path}");

 	// Construct the hyper client from the HTTPS connector.
-	let client: client::Client<_, hyper::Body> = client::Client::builder().build(https);
+	let client: &Lazy<Client<_, Body>> = &CLIENT;

-	// Build request
-	let builder = Request::builder()
-		.method("GET")
-		.uri(&url)
-		.header("User-Agent", format!("web:libreddit:{}", env!("CARGO_PKG_VERSION")))
-		.header("Host", "www.reddit.com")
-		.header("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8")
-		.header("Accept-Language", "en-US,en;q=0.5")
-		.header("Connection", "keep-alive")
-		.header("Cookie", if quarantine { "_options=%7B%22pref_quarantine_optin%22%3A%20true%7D" } else { "" })
-		.body(Body::empty());
+	// Build request to Reddit. When making a GET, request gzip compression.
+	// (Reddit doesn't do brotli yet.)
+	let mut headers: Vec<(String, String)> = vec![
+		("Host".into(), host.into()),
+		("Accept-Encoding".into(), if method == Method::GET { "gzip".into() } else { "identity".into() }),
+		(
+			"Cookie".into(),
+			if quarantine {
+				"_options=%7B%22pref_quarantine_optin%22%3A%20true%2C%20%22pref_gated_sr_optin%22%3A%20true%7D".into()
+			} else {
+				"".into()
+			},
+		),
+	];
+
+	{
+		let client = OAUTH_CLIENT.load_full();
+		for (key, value) in client.headers_map.clone() {
+			headers.push((key, value));
+		}
+	}
+
+	// shuffle headers: https://github.com/redlib-org/redlib/issues/324
+	fastrand::shuffle(&mut headers);
+
+	let mut builder = Request::builder().method(method).uri(&url);
+
+	for (key, value) in headers {
+		builder = builder.header(key, value);
+	}
+
+	let builder = builder.body(Body::empty());

 	async move {
 		match builder {
 			Ok(req) => match client.request(req).await {
-				Ok(response) => {
-					if response.status().to_string().starts_with('3') {
-						request(
-							response
-								.headers()
-								.get("Location")
+				Ok(mut response) => {
+					// Reddit may respond with a 3xx. Decide whether or not to
+					// redirect based on caller params.
+					if response.status().is_redirection() {
+						if !redirect {
+							return Ok(response);
+						};
+						let location_header = response.headers().get(header::LOCATION);
+						if location_header == Some(&HeaderValue::from_static(ALTERNATIVE_REDDIT_URL_BASE)) {
+							return Err("Reddit response was invalid".to_string());
+						}
+						return request(
+							method,
+							location_header
 								.map(|val| {
-									let new_url = val.to_str().unwrap_or_default();
-									format!("{}{}raw_json=1", new_url, if new_url.contains('?') { "&" } else { "?" })
+									// We need to make adjustments to the URI
+									// we get back from Reddit. Namely, we
+									// must:
+									//
+									//     1. Remove the authority (e.g.
+									//     https://www.reddit.com) that may be
+									//     present, so that we recurse on the
+									//     path (and query parameters) as
+									//     required.
+									//
+									//     2. Percent-encode the path.
+									let new_path = percent_encode(val.as_bytes(), CONTROLS)
+										.to_string()
+										.trim_start_matches(REDDIT_URL_BASE)
+										.trim_start_matches(ALTERNATIVE_REDDIT_URL_BASE)
+										.to_string();
+									format!("{new_path}{}raw_json=1", if new_path.contains('?') { "&" } else { "?" })
 								})
 								.unwrap_or_default()
 								.to_string(),
+							true,
 							quarantine,
+							base_path,
+							host,
 						)
-						.await
-					} else {
-						Ok(response)
+						.await;
+					};
+
+					match response.headers().get(header::CONTENT_ENCODING) {
+						// Content not compressed.
+						None => Ok(response),
+
+						// Content encoded (hopefully with gzip).
+						Some(hdr) => {
+							match hdr.to_str() {
+								Ok(val) => match val {
+									"gzip" => {}
+									"identity" => return Ok(response),
+									_ => return Err("Reddit response was encoded with an unsupported compressor".to_string()),
+								},
+								Err(_) => return Err("Reddit response was invalid".to_string()),
+							}
+
+							// We get here if the body is gzip-compressed.
+
+							// The body must be something that implements
+							// std::io::Read, hence the conversion to
+							// bytes::buf::Buf and then transformation into a
+							// Reader.
+							let mut decompressed: Vec<u8>;
+							{
+								let mut aggregated_body = match body::aggregate(response.body_mut()).await {
+									Ok(b) => b.reader(),
+									Err(e) => return Err(e.to_string()),
+								};
+
+								let mut decoder = match gzip::Decoder::new(&mut aggregated_body) {
+									Ok(decoder) => decoder,
+									Err(e) => return Err(e.to_string()),
+								};
+
+								decompressed = Vec::<u8>::new();
+								if let Err(e) = io::copy(&mut decoder, &mut decompressed) {
+									return Err(e.to_string());
+								};
+							}
+
+							response.headers_mut().remove(header::CONTENT_ENCODING);
+							response.headers_mut().insert(header::CONTENT_LENGTH, decompressed.len().into());
+							*(response.body_mut()) = Body::from(decompressed);
+
+							Ok(response)
+						}
 					}
 				}
-				Err(e) => Err(e.to_string()),
+				Err(e) => {
+					dbg_msg!("{method} {REDDIT_URL_BASE}{path}: {}", e);
+
+					Err(e.to_string())
+				}
 			},
 			Err(_) => Err("Post url contains non-ASCII characters".to_string()),
 		}
@ -113,56 +359,209 @@ fn request(url: String, quarantine: bool) -> Boxed<Result<Response<Body>, String
 // Make a request to a Reddit API and parse the JSON response
 #[cached(size = 100, time = 30, result = true)]
 pub async fn json(path: String, quarantine: bool) -> Result<Value, String> {
-	// Build Reddit url from path
-	let url = format!("https://www.reddit.com{}", path);
-
 	// Closure to quickly build errors
-	let err = |msg: &str, e: String| -> Result<Value, String> {
+	let err = |msg: &str, e: String, path: String| -> Result<Value, String> {
 		// eprintln!("{} - {}: {}", url, msg, e);
-		Err(format!("{}: {}", msg, e))
+		Err(format!("{msg}: {e} | {path}"))
 	};

+	// First, handle rolling over the OAUTH_CLIENT if need be.
+	let current_rate_limit = OAUTH_RATELIMIT_REMAINING.load(Ordering::SeqCst);
+	let is_rolling_over = OAUTH_IS_ROLLING_OVER.load(Ordering::SeqCst);
+	if current_rate_limit < 10 && !is_rolling_over {
+		warn!("Rate limit {current_rate_limit} is low. Spawning force_refresh_token()");
+		tokio::spawn(force_refresh_token());
+	}
+	OAUTH_RATELIMIT_REMAINING.fetch_sub(1, Ordering::SeqCst);
+
 	// Fetch the url...
-	match request(url.clone(), quarantine).await {
+	match reddit_get(path.clone(), quarantine).await {
 		Ok(response) => {
 			let status = response.status();

+			let reset: Option<String> = if let (Some(remaining), Some(reset), Some(used)) = (
+				response.headers().get("x-ratelimit-remaining").and_then(|val| val.to_str().ok().map(|s| s.to_string())),
+				response.headers().get("x-ratelimit-reset").and_then(|val| val.to_str().ok().map(|s| s.to_string())),
+				response.headers().get("x-ratelimit-used").and_then(|val| val.to_str().ok().map(|s| s.to_string())),
+			) {
+				trace!(
+					"Ratelimit remaining: Header says {remaining}, we have {current_rate_limit}. Resets in {reset}. Rollover: {}. Ratelimit used: {used}",
+					if is_rolling_over { "yes" } else { "no" },
+				);
+
+				// If can parse remaining as a float, round to a u16 and save
+				if let Ok(val) = remaining.parse::<f32>() {
+					OAUTH_RATELIMIT_REMAINING.store(val.round() as u16, Ordering::SeqCst);
+				}
+
+				Some(reset)
+			} else {
+				None
+			};
+
 			// asynchronously aggregate the chunks of the body
 			match hyper::body::aggregate(response).await {
 				Ok(body) => {
+					let has_remaining = body.has_remaining();
+
+					if !has_remaining {
+						// Rate limited, so spawn a force_refresh_token()
+						tokio::spawn(force_refresh_token());
+						return match reset {
+							Some(val) => Err(format!(
+								"Reddit rate limit exceeded. Try refreshing in a few seconds.\
+								 Rate limit will reset in: {val}"
+							)),
+							None => Err("Reddit rate limit exceeded".to_string()),
+						};
+					}
+
 					// Parse the response from Reddit as JSON
 					match serde_json::from_reader(body.reader()) {
 						Ok(value) => {
 							let json: Value = value;
+
+							// If user is suspended
+							if let Some(data) = json.get("data") {
+								if let Some(is_suspended) = data.get("is_suspended").and_then(Value::as_bool) {
+									if is_suspended {
+										return Err("suspended".into());
+									}
+								}
+							}
+
 							// If Reddit returned an error
 							if json["error"].is_i64() {
-								Err(
-									json["reason"]
-										.as_str()
-										.unwrap_or_else(|| {
-											json["message"].as_str().unwrap_or_else(|| {
-												eprintln!("{} - Error parsing reddit error", url);
-												"Error parsing reddit error"
-											})
-										})
-										.to_string(),
-								)
+								// OAuth token has expired; http status 401
+								if json["message"] == "Unauthorized" {
+									error!("Forcing a token refresh");
+									let () = force_refresh_token().await;
+									return Err("OAuth token has expired. Please refresh the page!".to_string());
+								}
+
+								// Handle quarantined
+								if json["reason"] == "quarantined" {
+									return Err("quarantined".into());
+								}
+								// Handle gated
+								if json["reason"] == "gated" {
+									return Err("gated".into());
+								}
+								// Handle private subs
+								if json["reason"] == "private" {
+									return Err("private".into());
+								}
+								// Handle banned subs
+								if json["reason"] == "banned" {
+									return Err("banned".into());
+								}
+
+								Err(format!("Reddit error {} \"{}\": {} | {path}", json["error"], json["reason"], json["message"]))
 							} else {
 								Ok(json)
 							}
 						}
 						Err(e) => {
+							error!("Got an invalid response from reddit {e}. Status code: {status}");
 							if status.is_server_error() {
 								Err("Reddit is having issues, check if there's an outage".to_string())
 							} else {
-								err("Failed to parse page JSON data", e.to_string())
+								err("Failed to parse page JSON data", e.to_string(), path)
 							}
 						}
 					}
 				}
-				Err(e) => err("Failed receiving body from Reddit", e.to_string()),
+				Err(e) => err("Failed receiving body from Reddit", e.to_string(), path),
 			}
 		}
-		Err(e) => err("Couldn't send request to Reddit", e),
+		Err(e) => err("Couldn't send request to Reddit", e, path),
 	}
 }
+
+async fn self_check(sub: &str) -> Result<(), String> {
+	let query = format!("/r/{sub}/hot.json?&raw_json=1");
+
+	match Post::fetch(&query, true).await {
+		Ok(_) => Ok(()),
+		Err(e) => Err(e),
+	}
+}
+
+pub async fn rate_limit_check() -> Result<(), String> {
+	// First, check a subreddit.
+	self_check("reddit").await?;
+	// This will reduce the rate limit to 99. Assert this check.
+	if OAUTH_RATELIMIT_REMAINING.load(Ordering::SeqCst) != 99 {
+		return Err(format!("Rate limit check failed: expected 99, got {}", OAUTH_RATELIMIT_REMAINING.load(Ordering::SeqCst)));
+	}
+	// Now, we switch out the OAuth client.
+	// This checks for the IP rate limit association.
+	force_refresh_token().await;
+	// Now, check a new sub to break cache.
+	self_check("rust").await?;
+	// Again, assert the rate limit check.
+	if OAUTH_RATELIMIT_REMAINING.load(Ordering::SeqCst) != 99 {
+		return Err(format!("Rate limit check failed: expected 99, got {}", OAUTH_RATELIMIT_REMAINING.load(Ordering::SeqCst)));
+	}
+
+	Ok(())
+}
+
+#[cfg(test)]
+use {crate::config::get_setting, sealed_test::prelude::*};
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_rate_limit_check() {
+	rate_limit_check().await.unwrap();
+}
+
+#[test]
+#[sealed_test(env = [("REDLIB_DEFAULT_SUBSCRIPTIONS", "rust")])]
+fn test_default_subscriptions() {
+	tokio::runtime::Builder::new_multi_thread().enable_all().build().unwrap().block_on(async {
+		let subscriptions = get_setting("REDLIB_DEFAULT_SUBSCRIPTIONS");
+		assert!(subscriptions.is_some());
+
+		// check rate limit
+		rate_limit_check().await.unwrap();
+	});
+}
+
+#[cfg(test)]
+const POPULAR_URL: &str = "/r/popular/hot.json?&raw_json=1&geo_filter=GLOBAL";
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_localization_popular() {
+	let val = json(POPULAR_URL.to_string(), false).await.unwrap();
+	assert_eq!("GLOBAL", val["data"]["geo_filter"].as_str().unwrap());
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_obfuscated_share_link() {
+	let share_link = "/r/rust/s/kPgq8WNHRK".into();
+	// Correct link without share parameters
+	let canonical_link = "/r/rust/comments/18t5968/why_use_tuple_struct_over_standard_struct/kfbqlbc/".into();
+	assert_eq!(canonical_path(share_link, 3).await, Ok(Some(canonical_link)));
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_private_sub() {
+	let link = json("/r/suicide/about.json?raw_json=1".into(), true).await;
+	assert!(link.is_err());
+	assert_eq!(link, Err("private".into()));
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_banned_sub() {
+	let link = json("/r/aaa/about.json?raw_json=1".into(), true).await;
+	assert!(link.is_err());
+	assert_eq!(link, Err("banned".into()));
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_gated_sub() {
+	// quarantine to false to specifically catch when we _don't_ catch it
+	let link = json("/r/drugs/about.json?raw_json=1".into(), false).await;
+	assert!(link.is_err());
+	assert_eq!(link, Err("gated".into()));
+}
--- a/src/config.rs
+++ b/src/config.rs
@ -0,0 +1,274 @@
+use once_cell::sync::Lazy;
+use serde::{Deserialize, Serialize};
+use std::{env::var, fs::read_to_string};
+
+// Waiting for https://github.com/rust-lang/rust/issues/74465 to land, so we
+// can reduce reliance on once_cell.
+//
+// This is the local static that is initialized at runtime (technically at
+// first request) and contains the instance settings.
+pub static CONFIG: Lazy<Config> = Lazy::new(Config::load);
+
+// This serves as the frontend for an archival API - on removed comments, this URL
+// will be the base of a link, to display removed content (on another site).
+pub const DEFAULT_PUSHSHIFT_FRONTEND: &str = "undelete.pullpush.io";
+
+/// Stores the configuration parsed from the environment variables and the
+/// config file. `Config::Default()` contains None for each setting.
+/// When adding more config settings, add it to `Config::load`,
+/// `get_setting_from_config`, both below, as well as
+/// `instance_info::InstanceInfo.to_string`(), README.md and app.json.
+#[derive(Default, Serialize, Deserialize, Clone, Debug)]
+pub struct Config {
+	#[serde(rename = "REDLIB_SFW_ONLY")]
+	#[serde(alias = "LIBREDDIT_SFW_ONLY")]
+	pub(crate) sfw_only: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_THEME")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_THEME")]
+	pub(crate) default_theme: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_FRONT_PAGE")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_FRONT_PAGE")]
+	pub(crate) default_front_page: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_LAYOUT")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_LAYOUT")]
+	pub(crate) default_layout: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_WIDE")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_WIDE")]
+	pub(crate) default_wide: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_COMMENT_SORT")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_COMMENT_SORT")]
+	pub(crate) default_comment_sort: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_POST_SORT")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_POST_SORT")]
+	pub(crate) default_post_sort: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_BLUR_SPOILER")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_BLUR_SPOILER")]
+	pub(crate) default_blur_spoiler: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_SHOW_NSFW")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_SHOW_NSFW")]
+	pub(crate) default_show_nsfw: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_BLUR_NSFW")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_BLUR_NSFW")]
+	pub(crate) default_blur_nsfw: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_USE_HLS")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_USE_HLS")]
+	pub(crate) default_use_hls: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_HIDE_HLS_NOTIFICATION")]
+	pub(crate) default_hide_hls_notification: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_HIDE_AWARDS")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_HIDE_AWARDS")]
+	pub(crate) default_hide_awards: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_HIDE_SIDEBAR_AND_SUMMARY")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_HIDE_SIDEBAR_AND_SUMMARY")]
+	pub(crate) default_hide_sidebar_and_summary: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_HIDE_SCORE")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_HIDE_SCORE")]
+	pub(crate) default_hide_score: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_SUBSCRIPTIONS")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_SUBSCRIPTIONS")]
+	pub(crate) default_subscriptions: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_FILTERS")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_FILTERS")]
+	pub(crate) default_filters: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION")]
+	#[serde(alias = "LIBREDDIT_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION")]
+	pub(crate) default_disable_visit_reddit_confirmation: Option<String>,
+
+	#[serde(rename = "REDLIB_BANNER")]
+	#[serde(alias = "LIBREDDIT_BANNER")]
+	pub(crate) banner: Option<String>,
+
+	#[serde(rename = "REDLIB_ROBOTS_DISABLE_INDEXING")]
+	#[serde(alias = "LIBREDDIT_ROBOTS_DISABLE_INDEXING")]
+	pub(crate) robots_disable_indexing: Option<String>,
+
+	#[serde(rename = "REDLIB_PUSHSHIFT_FRONTEND")]
+	#[serde(alias = "LIBREDDIT_PUSHSHIFT_FRONTEND")]
+	pub(crate) pushshift: Option<String>,
+
+	#[serde(rename = "REDLIB_ENABLE_RSS")]
+	pub(crate) enable_rss: Option<String>,
+
+	#[serde(rename = "REDLIB_FULL_URL")]
+	pub(crate) full_url: Option<String>,
+
+	#[serde(rename = "REDLIB_DEFAULT_REMOVE_DEFAULT_FEEDS")]
+	pub(crate) default_remove_default_feeds: Option<String>,
+}
+
+impl Config {
+	/// Load the configuration from the environment variables and the config file.
+	/// In the case that there are no environment variables set and there is no
+	/// config file, this function returns a Config that contains all None values.
+	pub fn load() -> Self {
+		let load_config = |name: &str| {
+			let new_file = read_to_string(name);
+			new_file.ok().and_then(|new_file| toml::from_str::<Self>(&new_file).ok())
+		};
+
+		let config = load_config("redlib.toml").or_else(|| load_config("libreddit.toml")).unwrap_or_default();
+
+		// This function defines the order of preference - first check for
+		// environment variables with "REDLIB", then check the legacy LIBREDDIT
+		// option, then check the config, then if all are `None`, return a `None`
+		let parse = |key: &str| -> Option<String> {
+			// Return the first non-`None` value
+			// If all are `None`, return `None`
+			let legacy_key = key.replace("REDLIB_", "LIBREDDIT_");
+			var(key).ok().or_else(|| var(legacy_key).ok()).or_else(|| get_setting_from_config(key, &config))
+		};
+		Self {
+			sfw_only: parse("REDLIB_SFW_ONLY"),
+			default_theme: parse("REDLIB_DEFAULT_THEME"),
+			default_front_page: parse("REDLIB_DEFAULT_FRONT_PAGE"),
+			default_layout: parse("REDLIB_DEFAULT_LAYOUT"),
+			default_post_sort: parse("REDLIB_DEFAULT_POST_SORT"),
+			default_wide: parse("REDLIB_DEFAULT_WIDE"),
+			default_comment_sort: parse("REDLIB_DEFAULT_COMMENT_SORT"),
+			default_blur_spoiler: parse("REDLIB_DEFAULT_BLUR_SPOILER"),
+			default_show_nsfw: parse("REDLIB_DEFAULT_SHOW_NSFW"),
+			default_blur_nsfw: parse("REDLIB_DEFAULT_BLUR_NSFW"),
+			default_use_hls: parse("REDLIB_DEFAULT_USE_HLS"),
+			default_hide_hls_notification: parse("REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION"),
+			default_hide_awards: parse("REDLIB_DEFAULT_HIDE_AWARDS"),
+			default_hide_sidebar_and_summary: parse("REDLIB_DEFAULT_HIDE_SIDEBAR_AND_SUMMARY"),
+			default_hide_score: parse("REDLIB_DEFAULT_HIDE_SCORE"),
+			default_subscriptions: parse("REDLIB_DEFAULT_SUBSCRIPTIONS"),
+			default_filters: parse("REDLIB_DEFAULT_FILTERS"),
+			default_disable_visit_reddit_confirmation: parse("REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION"),
+			banner: parse("REDLIB_BANNER"),
+			robots_disable_indexing: parse("REDLIB_ROBOTS_DISABLE_INDEXING"),
+			pushshift: parse("REDLIB_PUSHSHIFT_FRONTEND"),
+			enable_rss: parse("REDLIB_ENABLE_RSS"),
+			full_url: parse("REDLIB_FULL_URL"),
+			default_remove_default_feeds: parse("REDLIB_DEFAULT_REMOVE_DEFAULT_FEEDS"),
+		}
+	}
+}
+
+fn get_setting_from_config(name: &str, config: &Config) -> Option<String> {
+	match name {
+		"REDLIB_SFW_ONLY" => config.sfw_only.clone(),
+		"REDLIB_DEFAULT_THEME" => config.default_theme.clone(),
+		"REDLIB_DEFAULT_FRONT_PAGE" => config.default_front_page.clone(),
+		"REDLIB_DEFAULT_LAYOUT" => config.default_layout.clone(),
+		"REDLIB_DEFAULT_COMMENT_SORT" => config.default_comment_sort.clone(),
+		"REDLIB_DEFAULT_POST_SORT" => config.default_post_sort.clone(),
+		"REDLIB_DEFAULT_BLUR_SPOILER" => config.default_blur_spoiler.clone(),
+		"REDLIB_DEFAULT_SHOW_NSFW" => config.default_show_nsfw.clone(),
+		"REDLIB_DEFAULT_BLUR_NSFW" => config.default_blur_nsfw.clone(),
+		"REDLIB_DEFAULT_USE_HLS" => config.default_use_hls.clone(),
+		"REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION" => config.default_hide_hls_notification.clone(),
+		"REDLIB_DEFAULT_WIDE" => config.default_wide.clone(),
+		"REDLIB_DEFAULT_HIDE_AWARDS" => config.default_hide_awards.clone(),
+		"REDLIB_DEFAULT_HIDE_SIDEBAR_AND_SUMMARY" => config.default_hide_sidebar_and_summary.clone(),
+		"REDLIB_DEFAULT_HIDE_SCORE" => config.default_hide_score.clone(),
+		"REDLIB_DEFAULT_SUBSCRIPTIONS" => config.default_subscriptions.clone(),
+		"REDLIB_DEFAULT_FILTERS" => config.default_filters.clone(),
+		"REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION" => config.default_disable_visit_reddit_confirmation.clone(),
+		"REDLIB_BANNER" => config.banner.clone(),
+		"REDLIB_ROBOTS_DISABLE_INDEXING" => config.robots_disable_indexing.clone(),
+		"REDLIB_PUSHSHIFT_FRONTEND" => config.pushshift.clone(),
+		"REDLIB_ENABLE_RSS" => config.enable_rss.clone(),
+		"REDLIB_FULL_URL" => config.full_url.clone(),
+		"REDLIB_DEFAULT_REMOVE_DEFAULT_FEEDS" => config.default_remove_default_feeds.clone(),
+		_ => None,
+	}
+}
+
+/// Retrieves setting from environment variable or config file.
+pub fn get_setting(name: &str) -> Option<String> {
+	get_setting_from_config(name, &CONFIG)
+}
+
+#[cfg(test)]
+use {sealed_test::prelude::*, std::fs::write};
+
+#[test]
+fn test_deserialize() {
+	// Must handle empty input
+	let result = toml::from_str::<Config>("");
+	assert!(result.is_ok(), "Error: {}", result.unwrap_err());
+}
+
+#[test]
+#[sealed_test(env = [("REDLIB_SFW_ONLY", "on")])]
+fn test_env_var() {
+	assert!(crate::utils::sfw_only())
+}
+
+#[test]
+#[sealed_test]
+fn test_config() {
+	let config_to_write = r#"REDLIB_DEFAULT_COMMENT_SORT = "best""#;
+	write("redlib.toml", config_to_write).unwrap();
+	assert_eq!(get_setting("REDLIB_DEFAULT_COMMENT_SORT"), Some("best".into()));
+}
+
+#[test]
+#[sealed_test]
+fn test_config_legacy() {
+	let config_to_write = r#"LIBREDDIT_DEFAULT_COMMENT_SORT = "best""#;
+	write("libreddit.toml", config_to_write).unwrap();
+	assert_eq!(get_setting("REDLIB_DEFAULT_COMMENT_SORT"), Some("best".into()));
+}
+
+#[test]
+#[sealed_test(env = [("LIBREDDIT_SFW_ONLY", "on")])]
+fn test_env_var_legacy() {
+	assert!(crate::utils::sfw_only())
+}
+
+#[test]
+#[sealed_test(env = [("REDLIB_DEFAULT_COMMENT_SORT", "top")])]
+fn test_env_config_precedence() {
+	let config_to_write = r#"REDLIB_DEFAULT_COMMENT_SORT = "best""#;
+	write("redlib.toml", config_to_write).unwrap();
+	assert_eq!(get_setting("REDLIB_DEFAULT_COMMENT_SORT"), Some("top".into()))
+}
+
+#[test]
+#[sealed_test(env = [("REDLIB_DEFAULT_COMMENT_SORT", "top")])]
+fn test_alt_env_config_precedence() {
+	let config_to_write = r#"REDLIB_DEFAULT_COMMENT_SORT = "best""#;
+	write("redlib.toml", config_to_write).unwrap();
+	assert_eq!(get_setting("REDLIB_DEFAULT_COMMENT_SORT"), Some("top".into()))
+}
+#[test]
+#[sealed_test(env = [("REDLIB_DEFAULT_SUBSCRIPTIONS", "news+bestof")])]
+fn test_default_subscriptions() {
+	assert_eq!(get_setting("REDLIB_DEFAULT_SUBSCRIPTIONS"), Some("news+bestof".into()));
+}
+
+#[test]
+#[sealed_test(env = [("REDLIB_DEFAULT_FILTERS", "news+bestof")])]
+fn test_default_filters() {
+	assert_eq!(get_setting("REDLIB_DEFAULT_FILTERS"), Some("news+bestof".into()));
+}
+
+#[test]
+#[sealed_test]
+fn test_pushshift() {
+	let config_to_write = r#"REDLIB_PUSHSHIFT_FRONTEND = "https://api.pushshift.io""#;
+	write("redlib.toml", config_to_write).unwrap();
+	assert!(get_setting("REDLIB_PUSHSHIFT_FRONTEND").is_some());
+	assert_eq!(get_setting("REDLIB_PUSHSHIFT_FRONTEND"), Some("https://api.pushshift.io".into()));
+}
--- a/src/duplicates.rs
+++ b/src/duplicates.rs
@ -0,0 +1,236 @@
+// Handler for post duplicates.
+
+use crate::client::json;
+use crate::server::RequestExt;
+use crate::subreddit::{can_access_quarantine, quarantine};
+use crate::utils::{error, filter_posts, get_filters, nsfw_landing, parse_post, template, Post, Preferences};
+
+use hyper::{Body, Request, Response};
+use rinja::Template;
+use serde_json::Value;
+use std::borrow::ToOwned;
+use std::collections::HashSet;
+use std::vec::Vec;
+
+/// `DuplicatesParams` contains the parameters in the URL.
+struct DuplicatesParams {
+	before: String,
+	after: String,
+	sort: String,
+}
+
+/// `DuplicatesTemplate` defines an Askama template for rendering duplicate
+/// posts.
+#[derive(Template)]
+#[template(path = "duplicates.html")]
+struct DuplicatesTemplate {
+	/// params contains the relevant request parameters.
+	params: DuplicatesParams,
+
+	/// post is the post whose ID is specified in the reqeust URL. Note that
+	/// this is not necessarily the "original" post.
+	post: Post,
+
+	/// duplicates is the list of posts that, per Reddit, are duplicates of
+	/// Post above.
+	duplicates: Vec<Post>,
+
+	/// prefs are the user preferences.
+	prefs: Preferences,
+
+	/// url is the request URL.
+	url: String,
+
+	/// num_posts_filtered counts how many posts were filtered from the
+	/// duplicates list.
+	num_posts_filtered: u64,
+
+	/// all_posts_filtered is true if every duplicate was filtered. This is an
+	/// edge case but can still happen.
+	all_posts_filtered: bool,
+}
+
+/// Make the GET request to Reddit. It assumes `req` is the appropriate Reddit
+/// REST endpoint for enumerating post duplicates.
+pub async fn item(req: Request<Body>) -> Result<Response<Body>, String> {
+	let path: String = format!("{}.json?{}&raw_json=1", req.uri().path(), req.uri().query().unwrap_or_default());
+	let sub = req.param("sub").unwrap_or_default();
+	let quarantined = can_access_quarantine(&req, &sub);
+
+	// Log the request in debugging mode
+	#[cfg(debug_assertions)]
+	req.param("id").unwrap_or_default();
+
+	// Send the GET, and await JSON.
+	match json(path, quarantined).await {
+		// Process response JSON.
+		Ok(response) => {
+			let post = parse_post(&response[0]["data"]["children"][0]).await;
+
+			let req_url = req.uri().to_string();
+			// Return landing page if this post if this Reddit deems this post
+			// NSFW, but we have also disabled the display of NSFW content
+			// or if the instance is SFW-only
+			if post.nsfw && crate::utils::should_be_nsfw_gated(&req, &req_url) {
+				return Ok(nsfw_landing(req, req_url).await.unwrap_or_default());
+			}
+
+			let filters = get_filters(&req);
+			let (duplicates, num_posts_filtered, all_posts_filtered) = parse_duplicates(&response[1], &filters).await;
+
+			// These are the values for the "before=", "after=", and "sort="
+			// query params, respectively.
+			let mut before: String = String::new();
+			let mut after: String = String::new();
+			let mut sort: String = String::new();
+
+			// FIXME: We have to perform a kludge to work around a Reddit API
+			// bug.
+			//
+			// The JSON object in "data" will never contain a "before" value so
+			// it is impossible to use it to determine our position in a
+			// listing. We'll make do by getting the ID of the first post in
+			// the listing, setting that as our "before" value, and ask Reddit
+			// to give us a batch of duplicate posts up to that post.
+			//
+			// Likewise, if we provide a "before" request in the GET, the
+			// result won't have an "after" in the JSON, in addition to missing
+			// the "before." So we will have to use the final post in the list
+			// of duplicates.
+			//
+			// That being said, we'll also need to capture the value of the
+			// "sort=" parameter as well, so we will need to inspect the
+			// query key-value pairs anyway.
+			let l = duplicates.len();
+			if l > 0 {
+				// This gets set to true if "before=" is one of the GET params.
+				let mut have_before: bool = false;
+
+				// This gets set to true if "after=" is one of the GET params.
+				let mut have_after: bool = false;
+
+				// Inspect the query key-value pairs. We will need to record
+				// the value of "sort=", along with checking to see if either
+				// one of "before=" or "after=" are given.
+				//
+				// If we're in the middle of the batch (evidenced by the
+				// presence of a "before=" or "after=" parameter in the GET),
+				// then use the first post as the "before" reference.
+				//
+				// We'll do this iteratively. Better than with .map_or()
+				// since a closure will continue to operate on remaining
+				// elements even after we've determined one of "before=" or
+				// "after=" (or both) are in the GET request.
+				//
+				// In practice, here should only ever be one of "before=" or
+				// "after=" and never both.
+				let query_str = req.uri().query().unwrap_or_default().to_string();
+
+				if !query_str.is_empty() {
+					for param in query_str.split('&') {
+						let kv: Vec<&str> = param.split('=').collect();
+						if kv.len() < 2 {
+							// Reject invalid query parameter.
+							continue;
+						}
+
+						let key: &str = kv[0];
+						match key {
+							"before" => have_before = true,
+							"after" => have_after = true,
+							"sort" => {
+								let val: &str = kv[1];
+								match val {
+									"new" | "num_comments" => sort = val.to_string(),
+									_ => {}
+								}
+							}
+							_ => {}
+						}
+					}
+				}
+
+				if have_after {
+					"t3_".clone_into(&mut before);
+					before.push_str(&duplicates[0].id);
+				}
+
+				// Address potentially missing "after". If "before=" is in the
+				// GET, then "after" will be null in the JSON (see FIXME
+				// above).
+				if have_before {
+					// The next batch will need to start from one after the
+					// last post in the current batch.
+					"t3_".clone_into(&mut after);
+					after.push_str(&duplicates[l - 1].id);
+
+					// Here is where things get terrible. Notice that we
+					// haven't set `before`. In order to do so, we will
+					// need to know if there is a batch that exists before
+					// this one, and doing so requires actually fetching the
+					// previous batch. In other words, we have to do yet one
+					// more GET to Reddit. There is no other way to determine
+					// whether or not to define `before`.
+					//
+					// We'll mitigate that by requesting at most one duplicate.
+					let new_path: String = format!(
+						"{}.json?before=t3_{}&sort={}&limit=1&raw_json=1",
+						req.uri().path(),
+						&duplicates[0].id,
+						if sort.is_empty() { "num_comments".to_string() } else { sort.clone() }
+					);
+					match json(new_path, true).await {
+						Ok(response) => {
+							if !response[1]["data"]["children"].as_array().unwrap_or(&Vec::new()).is_empty() {
+								"t3_".clone_into(&mut before);
+								before.push_str(&duplicates[0].id);
+							}
+						}
+						Err(msg) => {
+							// Abort entirely if we couldn't get the previous
+							// batch.
+							return error(req, &msg).await;
+						}
+					}
+				} else {
+					after = response[1]["data"]["after"].as_str().unwrap_or_default().to_string();
+				}
+			}
+
+			Ok(template(&DuplicatesTemplate {
+				params: DuplicatesParams { before, after, sort },
+				post,
+				duplicates,
+				prefs: Preferences::new(&req),
+				url: req_url,
+				num_posts_filtered,
+				all_posts_filtered,
+			}))
+		}
+
+		// Process error.
+		Err(msg) => {
+			if msg == "quarantined" || msg == "gated" {
+				let sub = req.param("sub").unwrap_or_default();
+				Ok(quarantine(&req, sub, &msg))
+			} else {
+				error(req, &msg).await
+			}
+		}
+	}
+}
+
+// DUPLICATES
+async fn parse_duplicates(json: &Value, filters: &HashSet<String>) -> (Vec<Post>, u64, bool) {
+	let post_duplicates: &Vec<Value> = &json["data"]["children"].as_array().map_or(Vec::new(), ToOwned::to_owned);
+	let mut duplicates: Vec<Post> = Vec::new();
+
+	// Process each post and place them in the Vec<Post>.
+	for val in post_duplicates {
+		let post: Post = parse_post(val).await;
+		duplicates.push(post);
+	}
+
+	let (num_posts_filtered, all_posts_filtered) = filter_posts(&mut duplicates, filters);
+	(duplicates, num_posts_filtered, all_posts_filtered)
+}
--- a/src/instance_info.rs
+++ b/src/instance_info.rs
@ -0,0 +1,235 @@
+use crate::{
+	config::{Config, CONFIG},
+	server::RequestExt,
+	utils::{ErrorTemplate, Preferences},
+};
+use build_html::{Container, Html, HtmlContainer, Table};
+use hyper::{http::Error, Body, Request, Response};
+use once_cell::sync::Lazy;
+use rinja::Template;
+use serde::{Deserialize, Serialize};
+use time::OffsetDateTime;
+
+// This is the local static that is intialized at runtime (technically at
+// the first request to the info endpoint) and contains the data
+// retrieved from the info endpoint.
+pub static INSTANCE_INFO: Lazy<InstanceInfo> = Lazy::new(InstanceInfo::new);
+
+/// Handles instance info endpoint
+pub async fn instance_info(req: Request<Body>) -> Result<Response<Body>, String> {
+	// This will retrieve the extension given, or create a new string - which will
+	// simply become the last option, an HTML page.
+	let extension = req.param("extension").unwrap_or_default();
+	let response = match extension.as_str() {
+		"yaml" | "yml" => info_yaml(),
+		"txt" => info_txt(),
+		"json" => info_json(),
+		"html" | "" => info_html(&req),
+		_ => {
+			let error = ErrorTemplate {
+				msg: "Error: Invalid info extension".into(),
+				prefs: Preferences::new(&req),
+				url: req.uri().to_string(),
+			}
+			.render()
+			.unwrap();
+			Response::builder().status(404).header("content-type", "text/html; charset=utf-8").body(error.into())
+		}
+	};
+	response.map_err(|err| format!("{err}"))
+}
+
+fn info_json() -> Result<Response<Body>, Error> {
+	if let Ok(body) = serde_json::to_string(&*INSTANCE_INFO) {
+		Response::builder().status(200).header("content-type", "application/json").body(body.into())
+	} else {
+		Response::builder()
+			.status(500)
+			.header("content-type", "text/plain")
+			.body(Body::from("Error serializing JSON"))
+	}
+}
+
+fn info_yaml() -> Result<Response<Body>, Error> {
+	if let Ok(body) = serde_yaml::to_string(&*INSTANCE_INFO) {
+		// We can use `application/yaml` as media type, though there is no guarantee
+		// that browsers will honor it. But we'll do it anyway. See:
+		// https://github.com/ietf-wg-httpapi/mediatypes/blob/main/draft-ietf-httpapi-yaml-mediatypes.md#media-type-applicationyaml-application-yaml
+		Response::builder().status(200).header("content-type", "application/yaml").body(body.into())
+	} else {
+		Response::builder()
+			.status(500)
+			.header("content-type", "text/plain")
+			.body(Body::from("Error serializing YAML."))
+	}
+}
+
+fn info_txt() -> Result<Response<Body>, Error> {
+	Response::builder()
+		.status(200)
+		.header("content-type", "text/plain")
+		.body(Body::from(INSTANCE_INFO.to_string(&StringType::Raw)))
+}
+fn info_html(req: &Request<Body>) -> Result<Response<Body>, Error> {
+	let message = MessageTemplate {
+		title: String::from("Instance information"),
+		body: INSTANCE_INFO.to_string(&StringType::Html),
+		prefs: Preferences::new(req),
+		url: req.uri().to_string(),
+	}
+	.render()
+	.unwrap();
+	Response::builder().status(200).header("content-type", "text/html; charset=utf8").body(Body::from(message))
+}
+#[derive(Serialize, Deserialize, Default)]
+pub struct InstanceInfo {
+	package_name: String,
+	crate_version: String,
+	pub git_commit: String,
+	deploy_date: String,
+	compile_mode: String,
+	deploy_unix_ts: i64,
+	config: Config,
+}
+
+impl InstanceInfo {
+	pub fn new() -> Self {
+		Self {
+			package_name: env!("CARGO_PKG_NAME").to_string(),
+			crate_version: env!("CARGO_PKG_VERSION").to_string(),
+			git_commit: env!("GIT_HASH").to_string(),
+			deploy_date: OffsetDateTime::now_local().unwrap_or_else(|_| OffsetDateTime::now_utc()).to_string(),
+			#[cfg(debug_assertions)]
+			compile_mode: "Debug".into(),
+			#[cfg(not(debug_assertions))]
+			compile_mode: "Release".into(),
+			deploy_unix_ts: OffsetDateTime::now_local().unwrap_or_else(|_| OffsetDateTime::now_utc()).unix_timestamp(),
+			config: CONFIG.clone(),
+		}
+	}
+	fn to_table(&self) -> String {
+		let mut container = Container::default();
+		let convert = |o: &Option<String>| -> String { o.clone().unwrap_or_else(|| "<span class=\"unset\"><i>Unset</i></span>".to_owned()) };
+		if let Some(banner) = &self.config.banner {
+			container.add_header(3, "Instance banner");
+			container.add_raw("<br />");
+			container.add_paragraph(banner);
+			container.add_raw("<br />");
+		}
+		container.add_table(
+			Table::from([
+				["Package name", &self.package_name],
+				["Crate version", &self.crate_version],
+				["Git commit", &self.git_commit],
+				["Deploy date", &self.deploy_date],
+				["Deploy timestamp", &self.deploy_unix_ts.to_string()],
+				["Compile mode", &self.compile_mode],
+				["SFW only", &convert(&self.config.sfw_only)],
+				["Pushshift frontend", &convert(&self.config.pushshift)],
+				["RSS enabled", &convert(&self.config.enable_rss)],
+				["Full URL", &convert(&self.config.full_url)],
+				["Remove default feeds", &convert(&self.config.default_remove_default_feeds)],
+				//TODO: fallback to crate::config::DEFAULT_PUSHSHIFT_FRONTEND
+			])
+			.with_header_row(["Settings"]),
+		);
+		container.add_raw("<br />");
+		container.add_table(
+			Table::from([
+				["Hide awards", &convert(&self.config.default_hide_awards)],
+				["Hide score", &convert(&self.config.default_hide_score)],
+				["Theme", &convert(&self.config.default_theme)],
+				["Front page", &convert(&self.config.default_front_page)],
+				["Layout", &convert(&self.config.default_layout)],
+				["Wide", &convert(&self.config.default_wide)],
+				["Comment sort", &convert(&self.config.default_comment_sort)],
+				["Post sort", &convert(&self.config.default_post_sort)],
+				["Blur Spoiler", &convert(&self.config.default_blur_spoiler)],
+				["Show NSFW", &convert(&self.config.default_show_nsfw)],
+				["Blur NSFW", &convert(&self.config.default_blur_nsfw)],
+				["Use HLS", &convert(&self.config.default_use_hls)],
+				["Hide HLS notification", &convert(&self.config.default_hide_hls_notification)],
+				["Subscriptions", &convert(&self.config.default_subscriptions)],
+				["Filters", &convert(&self.config.default_filters)],
+			])
+			.with_header_row(["Default preferences"]),
+		);
+		container.to_html_string().replace("<th>", "<th colspan=\"2\">")
+	}
+	fn to_string(&self, string_type: &StringType) -> String {
+		match string_type {
+			StringType::Raw => {
+				format!(
+					"Package name: {}\n
+				Crate version: {}\n
+                Git commit: {}\n
+                Deploy date: {}\n
+                Deploy timestamp: {}\n
+                Compile mode: {}\n
+				SFW only: {:?}\n
+				Pushshift frontend: {:?}\n
+				RSS enabled: {:?}\n
+				Full URL: {:?}\n
+				Remove default feeds: {:?}\n
+                Config:\n
+                    Banner: {:?}\n
+                    Hide awards: {:?}\n
+                    Hide score: {:?}\n
+                    Default theme: {:?}\n
+                    Default front page: {:?}\n
+                    Default layout: {:?}\n
+                    Default wide: {:?}\n
+                    Default comment sort: {:?}\n
+                    Default post sort: {:?}\n
+					Default blur Spoiler: {:?}\n
+                    Default show NSFW: {:?}\n
+                    Default blur NSFW: {:?}\n
+                    Default use HLS: {:?}\n
+                    Default hide HLS notification: {:?}\n
+                    Default subscriptions: {:?}\n
+                    Default filters: {:?}\n",
+					self.package_name,
+					self.crate_version,
+					self.git_commit,
+					self.deploy_date,
+					self.deploy_unix_ts,
+					self.compile_mode,
+					self.config.sfw_only,
+					self.config.enable_rss,
+					self.config.full_url,
+					self.config.default_remove_default_feeds,
+					self.config.pushshift,
+					self.config.banner,
+					self.config.default_hide_awards,
+					self.config.default_hide_score,
+					self.config.default_theme,
+					self.config.default_front_page,
+					self.config.default_layout,
+					self.config.default_wide,
+					self.config.default_comment_sort,
+					self.config.default_post_sort,
+					self.config.default_blur_spoiler,
+					self.config.default_show_nsfw,
+					self.config.default_blur_nsfw,
+					self.config.default_use_hls,
+					self.config.default_hide_hls_notification,
+					self.config.default_subscriptions,
+					self.config.default_filters,
+				)
+			}
+			StringType::Html => self.to_table(),
+		}
+	}
+}
+enum StringType {
+	Raw,
+	Html,
+}
+#[derive(Template)]
+#[template(path = "message.html")]
+struct MessageTemplate {
+	title: String,
+	body: String,
+	prefs: Preferences,
+	url: String,
+}
--- a/src/lib.rs
+++ b/src/lib.rs
@ -0,0 +1,13 @@
+pub mod client;
+pub mod config;
+pub mod duplicates;
+pub mod instance_info;
+pub mod oauth;
+pub mod oauth_resources;
+pub mod post;
+pub mod search;
+pub mod server;
+pub mod settings;
+pub mod subreddit;
+pub mod user;
+pub mod utils;
--- a/src/main.rs
+++ b/src/main.rs
@ -2,26 +2,21 @@
 #![forbid(unsafe_code)]
 #![allow(clippy::cmp_owned)]

-// Reference local files
-mod post;
-mod search;
-mod settings;
-mod subreddit;
-mod user;
-mod utils;
-
-// Import Crates
-use clap::{App as cli, Arg};
+use cached::proc_macro::cached;
+use clap::{Arg, ArgAction, Command};
+use std::str::FromStr;

 use futures_lite::FutureExt;
+use hyper::Uri;
 use hyper::{header::HeaderValue, Body, Request, Response};
+use log::{info, warn};
+use once_cell::sync::Lazy;
+use redlib::client::{canonical_path, proxy, rate_limit_check, CLIENT};
+use redlib::server::{self, RequestExt};
+use redlib::utils::{error, redirect, ThemeAssets};
+use redlib::{config, duplicates, headers, instance_info, post, search, settings, subreddit, user};

-mod client;
-use client::proxy;
-use server::RequestExt;
-use utils::{error, redirect};
-
-mod server;
+use redlib::client::OAUTH_CLIENT;

 // Create Services

@ -69,6 +64,17 @@ async fn font() -> Result<Response<Body>, String> {
 	)
 }

+async fn opensearch() -> Result<Response<Body>, String> {
+	Ok(
+		Response::builder()
+			.status(200)
+			.header("content-type", "application/opensearchdescription+xml")
+			.header("Cache-Control", "public, max-age=1209600, s-maxage=86400")
+			.body(include_bytes!("../static/opensearch.xml").as_ref().into())
+			.unwrap_or_default(),
+	)
+}
+
 async fn resource(body: &str, content_type: &str, cache: bool) -> Result<Response<Body>, String> {
 	let mut res = Response::builder()
 		.status(200)
@ -85,58 +91,121 @@ async fn resource(body: &str, content_type: &str, cache: bool) -> Result<Respons
 	Ok(res)
 }

+async fn style() -> Result<Response<Body>, String> {
+	let mut res = include_str!("../static/style.css").to_string();
+	for file in ThemeAssets::iter() {
+		res.push('\n');
+		let theme = ThemeAssets::get(file.as_ref()).unwrap();
+		res.push_str(std::str::from_utf8(theme.data.as_ref()).unwrap());
+	}
+	Ok(
+		Response::builder()
+			.status(200)
+			.header("content-type", "text/css")
+			.header("Cache-Control", "public, max-age=1209600, s-maxage=86400")
+			.body(res.to_string().into())
+			.unwrap_or_default(),
+	)
+}
+
 #[tokio::main]
 async fn main() {
-	let matches = cli::new("Libreddit")
+	// Load environment variables
+	_ = dotenvy::dotenv();
+
+	// Initialize logger
+	pretty_env_logger::init();
+
+	let matches = Command::new("Redlib")
 		.version(env!("CARGO_PKG_VERSION"))
 		.about("Private front-end for Reddit written in Rust ")
+		.arg(Arg::new("ipv4-only").short('4').long("ipv4-only").help("Listen on IPv4 only").num_args(0))
+		.arg(Arg::new("ipv6-only").short('6').long("ipv6-only").help("Listen on IPv6 only").num_args(0))
 		.arg(
-			Arg::with_name("redirect-https")
-				.short("r")
+			Arg::new("redirect-https")
+				.short('r')
 				.long("redirect-https")
 				.help("Redirect all HTTP requests to HTTPS (no longer functional)")
-				.takes_value(false),
+				.num_args(0),
 		)
 		.arg(
-			Arg::with_name("address")
-				.short("a")
+			Arg::new("address")
+				.short('a')
 				.long("address")
 				.value_name("ADDRESS")
 				.help("Sets address to listen on")
-				.default_value("0.0.0.0")
-				.takes_value(true),
+				.default_value("[::]")
+				.num_args(1),
 		)
 		.arg(
-			Arg::with_name("port")
-				.short("p")
+			Arg::new("port")
+				.short('p')
 				.long("port")
 				.value_name("PORT")
+				.env("PORT")
 				.help("Port to listen on")
 				.default_value("8080")
-				.takes_value(true),
+				.action(ArgAction::Set)
+				.num_args(1),
 		)
 		.arg(
-			Arg::with_name("hsts")
-				.short("H")
+			Arg::new("hsts")
+				.short('H')
 				.long("hsts")
 				.value_name("EXPIRE_TIME")
 				.help("HSTS header to tell browsers that this site should only be accessed over HTTPS")
 				.default_value("604800")
-				.takes_value(true),
+				.num_args(1),
 		)
 		.get_matches();

-	let address = matches.value_of("address").unwrap_or("0.0.0.0");
-	let port = std::env::var("PORT").unwrap_or_else(|_| matches.value_of("port").unwrap_or("8080").to_string());
-	let hsts = matches.value_of("hsts");
+	match rate_limit_check().await {
+		Ok(()) => {
+			info!("[✅] Rate limit check passed");
+		}
+		Err(e) => {
+			let mut message = format!("Rate limit check failed: {}", e);
+			message += "\nThis may cause issues with the rate limit.";
+			message += "\nPlease report this error with the above information.";
+			message += "\nhttps://github.com/redlib-org/redlib/issues/new?assignees=sigaloid&labels=bug&title=%F0%9F%90%9B+Bug+Report%3A+Rate+limit+mismatch";
+			warn!("{}", message);
+			eprintln!("{}", message);
+		}
+	}

-	let listener = [address, ":", &port].concat();
+	let address = matches.get_one::<String>("address").unwrap();
+	let port = matches.get_one::<String>("port").unwrap();
+	let hsts = matches.get_one("hsts").map(|m: &String| m.as_str());

-	println!("Starting Libreddit...");
+	let ipv4_only = std::env::var("IPV4_ONLY").is_ok() || matches.get_flag("ipv4-only");
+	let ipv6_only = std::env::var("IPV6_ONLY").is_ok() || matches.get_flag("ipv6-only");
+
+	let listener = if ipv4_only {
+		format!("0.0.0.0:{}", port)
+	} else if ipv6_only {
+		format!("[::]:{}", port)
+	} else {
+		[address, ":", port].concat()
+	};
+
+	println!("Starting Redlib...");

 	// Begin constructing a server
 	let mut app = server::Server::new();

+	// Force evaluation of statics. In instance_info case, we need to evaluate
+	// the timestamp so deploy date is accurate - in config case, we need to
+	// evaluate the configuration to avoid paying penalty at first request -
+	// in OAUTH case, we need to retrieve the token to avoid paying penalty
+	// at first request
+
+	info!("Evaluating config.");
+	Lazy::force(&config::CONFIG);
+	info!("Evaluating instance info.");
+	Lazy::force(&instance_info::INSTANCE_INFO);
+	info!("Creating OAUTH client.");
+	Lazy::force(&OAUTH_CLIENT);
+
 	// Define default headers (added to all responses)
 	app.default_headers = headers! {
 		"Referrer-Policy" => "no-referrer",
@ -146,37 +215,63 @@ async fn main() {
 	};

 	if let Some(expire_time) = hsts {
-		if let Ok(val) = HeaderValue::from_str(&format!("max-age={}", expire_time)) {
+		if let Ok(val) = HeaderValue::from_str(&format!("max-age={expire_time}")) {
 			app.default_headers.insert("Strict-Transport-Security", val);
 		}
 	}

 	// Read static files
-	app.at("/style.css").get(|_| resource(include_str!("../static/style.css"), "text/css", false).boxed());
+	app.at("/style.css").get(|_| style().boxed());
 	app
 		.at("/manifest.json")
 		.get(|_| resource(include_str!("../static/manifest.json"), "application/json", false).boxed());
-	app
-		.at("/robots.txt")
-		.get(|_| resource("User-agent: *\nDisallow: /u/\nDisallow: /user/", "text/plain", true).boxed());
+	app.at("/robots.txt").get(|_| {
+		resource(
+			if match config::get_setting("REDLIB_ROBOTS_DISABLE_INDEXING") {
+				Some(val) => val == "on",
+				None => false,
+			} {
+				"User-agent: *\nDisallow: /"
+			} else {
+				"User-agent: *\nDisallow: /u/\nDisallow: /user/"
+			},
+			"text/plain",
+			true,
+		)
+		.boxed()
+	});
 	app.at("/favicon.ico").get(|_| favicon().boxed());
 	app.at("/logo.png").get(|_| pwa_logo().boxed());
 	app.at("/Inter.var.woff2").get(|_| font().boxed());
 	app.at("/touch-icon-iphone.png").get(|_| iphone_logo().boxed());
 	app.at("/apple-touch-icon.png").get(|_| iphone_logo().boxed());
+	app.at("/opensearch.xml").get(|_| opensearch().boxed());
 	app
 		.at("/playHLSVideo.js")
 		.get(|_| resource(include_str!("../static/playHLSVideo.js"), "text/javascript", false).boxed());
 	app
 		.at("/hls.min.js")
 		.get(|_| resource(include_str!("../static/hls.min.js"), "text/javascript", false).boxed());
+	app
+		.at("/highlighted.js")
+		.get(|_| resource(include_str!("../static/highlighted.js"), "text/javascript", false).boxed());
+	app
+		.at("/check_update.js")
+		.get(|_| resource(include_str!("../static/check_update.js"), "text/javascript", false).boxed());
+	app.at("/copy.js").get(|_| resource(include_str!("../static/copy.js"), "text/javascript", false).boxed());

-	// Proxy media through Libreddit
+	app.at("/commits.atom").get(|_| async move { proxy_commit_info().await }.boxed());
+	app.at("/instances.json").get(|_| async move { proxy_instances().await }.boxed());
+
+	// Proxy media through Redlib
 	app.at("/vid/:id/:size").get(|r| proxy(r, "https://v.redd.it/{id}/DASH_{size}").boxed());
 	app.at("/hls/:id/*path").get(|r| proxy(r, "https://v.redd.it/{id}/{path}").boxed());
 	app.at("/img/*path").get(|r| proxy(r, "https://i.redd.it/{path}").boxed());
 	app.at("/thumb/:point/:id").get(|r| proxy(r, "https://{point}.thumbs.redditmedia.com/{id}").boxed());
 	app.at("/emoji/:id/:name").get(|r| proxy(r, "https://emoji.redditmedia.com/{id}/{name}").boxed());
+	app
+		.at("/emote/:subreddit_id/:filename")
+		.get(|r| proxy(r, "https://reddit-econ-prod-assets-permanent.s3.amazonaws.com/asset-manager/{subreddit_id}/{filename}").boxed());
 	app
 		.at("/preview/:loc/award_images/:fullname/:id")
 		.get(|r| proxy(r, "https://{loc}view.redd.it/award_images/{fullname}/{id}").boxed());
@ -187,12 +282,14 @@ async fn main() {
 	// Browse user profile
 	app
 		.at("/u/:name")
-		.get(|r| async move { Ok(redirect(format!("/user/{}", r.param("name").unwrap_or_default()))) }.boxed());
+		.get(|r| async move { Ok(redirect(&format!("/user/{}", r.param("name").unwrap_or_default()))) }.boxed());
 	app.at("/u/:name/comments/:id/:title").get(|r| post::item(r).boxed());
 	app.at("/u/:name/comments/:id/:title/:comment_id").get(|r| post::item(r).boxed());

-	app.at("/user/[deleted]").get(|req| error(req, "User has deleted their account".to_string()).boxed());
+	app.at("/user/[deleted]").get(|req| error(req, "User has deleted their account").boxed());
+	app.at("/user/:name.rss").get(|r| user::rss(r).boxed());
 	app.at("/user/:name").get(|r| user::profile(r).boxed());
+	app.at("/user/:name/:listing").get(|r| user::profile(r).boxed());
 	app.at("/user/:name/comments/:id").get(|r| post::item(r).boxed());
 	app.at("/user/:name/comments/:id/:title").get(|r| post::item(r).boxed());
 	app.at("/user/:name/comments/:id/:title/:comment_id").get(|r| post::item(r).boxed());
@ -200,8 +297,12 @@ async fn main() {
 	// Configure settings
 	app.at("/settings").get(|r| settings::get(r).boxed()).post(|r| settings::set(r).boxed());
 	app.at("/settings/restore").get(|r| settings::restore(r).boxed());
+	app.at("/settings/encoded-restore").post(|r| settings::encoded_restore(r).boxed());
 	app.at("/settings/update").get(|r| settings::update(r).boxed());

+	// RSS Subscriptions
+	app.at("/r/:sub.rss").get(|r| subreddit::rss(r).boxed());
+
 	// Subreddit services
 	app
 		.at("/r/:sub")
@ -210,7 +311,7 @@ async fn main() {

 	app
 		.at("/r/u_:name")
-		.get(|r| async move { Ok(redirect(format!("/user/{}", r.param("name").unwrap_or_default()))) }.boxed());
+		.get(|r| async move { Ok(redirect(&format!("/user/{}", r.param("name").unwrap_or_default()))) }.boxed());

 	app.at("/r/:sub/subscribe").post(|r| subreddit::subscriptions_filters(r).boxed());
 	app.at("/r/:sub/unsubscribe").post(|r| subreddit::subscriptions_filters(r).boxed());
@ -220,15 +321,25 @@ async fn main() {
 	app.at("/r/:sub/comments/:id").get(|r| post::item(r).boxed());
 	app.at("/r/:sub/comments/:id/:title").get(|r| post::item(r).boxed());
 	app.at("/r/:sub/comments/:id/:title/:comment_id").get(|r| post::item(r).boxed());
+	app.at("/comments/:id").get(|r| post::item(r).boxed());
+	app.at("/comments/:id/comments").get(|r| post::item(r).boxed());
+	app.at("/comments/:id/comments/:comment_id").get(|r| post::item(r).boxed());
+	app.at("/comments/:id/:title").get(|r| post::item(r).boxed());
+	app.at("/comments/:id/:title/:comment_id").get(|r| post::item(r).boxed());
+
+	app.at("/r/:sub/duplicates/:id").get(|r| duplicates::item(r).boxed());
+	app.at("/r/:sub/duplicates/:id/:title").get(|r| duplicates::item(r).boxed());
+	app.at("/duplicates/:id").get(|r| duplicates::item(r).boxed());
+	app.at("/duplicates/:id/:title").get(|r| duplicates::item(r).boxed());

 	app.at("/r/:sub/search").get(|r| search::find(r).boxed());

 	app
 		.at("/r/:sub/w")
-		.get(|r| async move { Ok(redirect(format!("/r/{}/wiki", r.param("sub").unwrap_or_default()))) }.boxed());
+		.get(|r| async move { Ok(redirect(&format!("/r/{}/wiki", r.param("sub").unwrap_or_default()))) }.boxed());
 	app
 		.at("/r/:sub/w/*page")
-		.get(|r| async move { Ok(redirect(format!("/r/{}/wiki/{}", r.param("sub").unwrap_or_default(), r.param("wiki").unwrap_or_default()))) }.boxed());
+		.get(|r| async move { Ok(redirect(&format!("/r/{}/wiki/{}", r.param("sub").unwrap_or_default(), r.param("wiki").unwrap_or_default()))) }.boxed());
 	app.at("/r/:sub/wiki").get(|r| subreddit::wiki(r).boxed());
 	app.at("/r/:sub/wiki/*page").get(|r| subreddit::wiki(r).boxed());

@ -236,17 +347,14 @@ async fn main() {

 	app.at("/r/:sub/:sort").get(|r| subreddit::community(r).boxed());

-	// Comments handler
-	app.at("/comments/:id").get(|r| post::item(r).boxed());
-
 	// Front page
 	app.at("/").get(|r| subreddit::community(r).boxed());

 	// View Reddit wiki
-	app.at("/w").get(|_| async { Ok(redirect("/wiki".to_string())) }.boxed());
+	app.at("/w").get(|_| async { Ok(redirect("/wiki")) }.boxed());
 	app
 		.at("/w/*page")
-		.get(|r| async move { Ok(redirect(format!("/wiki/{}", r.param("page").unwrap_or_default()))) }.boxed());
+		.get(|r| async move { Ok(redirect(&format!("/wiki/{}", r.param("page").unwrap_or_default()))) }.boxed());
 	app.at("/wiki").get(|r| subreddit::wiki(r).boxed());
 	app.at("/wiki/*page").get(|r| subreddit::wiki(r).boxed());

@ -254,26 +362,99 @@ async fn main() {
 	app.at("/search").get(|r| search::find(r).boxed());

 	// Handle about pages
-	app.at("/about").get(|req| error(req, "About pages aren't added yet".to_string()).boxed());
+	app.at("/about").get(|req| error(req, "About pages aren't added yet").boxed());

-	app.at("/:id").get(|req: Request<Body>| match req.param("id").as_deref() {
-		// Sort front page
-		Some("best" | "hot" | "new" | "top" | "rising" | "controversial") => subreddit::community(req).boxed(),
-		// Short link for post
-		Some(id) if id.len() > 4 && id.len() < 7 => post::item(req).boxed(),
-		// Error message for unknown pages
-		_ => error(req, "Nothing here".to_string()).boxed(),
+	// Instance info page
+	app.at("/info").get(|r| instance_info::instance_info(r).boxed());
+	app.at("/info.:extension").get(|r| instance_info::instance_info(r).boxed());
+
+	// Handle obfuscated share links.
+	// Note that this still forces the server to follow the share link to get to the post, so maybe this wants to be updated with a warning before it follow it
+	app.at("/r/:sub/s/:id").get(|req: Request<Body>| {
+		Box::pin(async move {
+			let sub = req.param("sub").unwrap_or_default();
+			match req.param("id").as_deref() {
+				// Share link
+				Some(id) if (8..12).contains(&id.len()) => match canonical_path(format!("/r/{sub}/s/{id}"), 3).await {
+					Ok(Some(path)) => Ok(redirect(&path)),
+					Ok(None) => error(req, "Post ID is invalid. It may point to a post on a community that has been banned.").await,
+					Err(e) => error(req, &e).await,
+				},
+
+				// Error message for unknown pages
+				_ => error(req, "Nothing here").await,
+			}
+		})
+	});
+
+	app.at("/:id").get(|req: Request<Body>| {
+		Box::pin(async move {
+			match req.param("id").as_deref() {
+				// Sort front page
+				Some("best" | "hot" | "new" | "top" | "rising" | "controversial") => subreddit::community(req).await,
+
+				// Short link for post
+				Some(id) if (5..8).contains(&id.len()) => match canonical_path(format!("/comments/{id}"), 3).await {
+					Ok(path_opt) => match path_opt {
+						Some(path) => Ok(redirect(&path)),
+						None => error(req, "Post ID is invalid. It may point to a post on a community that has been banned.").await,
+					},
+					Err(e) => error(req, &e).await,
+				},
+
+				// Error message for unknown pages
+				_ => error(req, "Nothing here").await,
+			}
+		})
 	});

 	// Default service in case no routes match
-	app.at("/*").get(|req| error(req, "Nothing here".to_string()).boxed());
+	app.at("/*").get(|req| error(req, "Nothing here").boxed());

-	println!("Running Libreddit v{} on {}!", env!("CARGO_PKG_VERSION"), listener);
+	println!("Running Redlib v{} on {listener}!", env!("CARGO_PKG_VERSION"));

-	let server = app.listen(listener);
+	let server = app.listen(&listener);

 	// Run this server for... forever!
 	if let Err(e) = server.await {
-		eprintln!("Server error: {}", e);
+		eprintln!("Server error: {e}");
 	}
 }
+
+pub async fn proxy_commit_info() -> Result<Response<Body>, String> {
+	Ok(
+		Response::builder()
+			.status(200)
+			.header("content-type", "application/atom+xml")
+			.body(Body::from(fetch_commit_info().await))
+			.unwrap_or_default(),
+	)
+}
+
+#[cached(time = 600)]
+async fn fetch_commit_info() -> String {
+	let uri = Uri::from_str("https://github.com/redlib-org/redlib/commits/main.atom").expect("Invalid URI");
+
+	let resp: Body = CLIENT.get(uri).await.expect("Failed to request GitHub").into_body();
+
+	hyper::body::to_bytes(resp).await.expect("Failed to read body").iter().copied().map(|x| x as char).collect()
+}
+
+pub async fn proxy_instances() -> Result<Response<Body>, String> {
+	Ok(
+		Response::builder()
+			.status(200)
+			.header("content-type", "application/json")
+			.body(Body::from(fetch_instances().await))
+			.unwrap_or_default(),
+	)
+}
+
+#[cached(time = 600)]
+async fn fetch_instances() -> String {
+	let uri = Uri::from_str("https://raw.githubusercontent.com/redlib-org/redlib-instances/refs/heads/main/instances.json").expect("Invalid URI");
+
+	let resp: Body = CLIENT.get(uri).await.expect("Failed to request GitHub").into_body();
+
+	hyper::body::to_bytes(resp).await.expect("Failed to read body").iter().copied().map(|x| x as char).collect()
+}
--- a/src/oauth.rs
+++ b/src/oauth.rs
@ -0,0 +1,247 @@
+use std::{collections::HashMap, sync::atomic::Ordering, time::Duration};
+
+use crate::{
+	client::{CLIENT, OAUTH_CLIENT, OAUTH_IS_ROLLING_OVER, OAUTH_RATELIMIT_REMAINING},
+	oauth_resources::ANDROID_APP_VERSION_LIST,
+};
+use base64::{engine::general_purpose, Engine as _};
+use hyper::{client, Body, Method, Request};
+use log::{error, info, trace};
+use serde_json::json;
+use tegen::tegen::TextGenerator;
+use tokio::time::{error::Elapsed, timeout};
+
+const REDDIT_ANDROID_OAUTH_CLIENT_ID: &str = "ohXpoqrZYub1kg";
+
+const AUTH_ENDPOINT: &str = "https://www.reddit.com";
+
+// Spoofed client for Android devices
+#[derive(Debug, Clone, Default)]
+pub struct Oauth {
+	pub(crate) initial_headers: HashMap<String, String>,
+	pub(crate) headers_map: HashMap<String, String>,
+	pub(crate) token: String,
+	expires_in: u64,
+	device: Device,
+}
+
+impl Oauth {
+	/// Create a new OAuth client
+	pub(crate) async fn new() -> Self {
+		// Call new_internal until it succeeds
+		loop {
+			let attempt = Self::new_with_timeout().await;
+			match attempt {
+				Ok(Some(oauth)) => {
+					info!("[✅] Successfully created OAuth client");
+					return oauth;
+				}
+				Ok(None) => {
+					error!("Failed to create OAuth client. Retrying in 5 seconds...");
+				}
+				Err(duration) => {
+					error!("Failed to create OAuth client in {duration:?}. Retrying in 5 seconds...");
+				}
+			}
+			tokio::time::sleep(Duration::from_secs(5)).await;
+		}
+	}
+
+	async fn new_with_timeout() -> Result<Option<Self>, Elapsed> {
+		let mut oauth = Self::default();
+		timeout(Duration::from_secs(5), oauth.login()).await.map(|result| result.map(|_| oauth))
+	}
+
+	pub(crate) fn default() -> Self {
+		// Generate a device to spoof
+		let device = Device::new();
+		let headers_map = device.headers.clone();
+		let initial_headers = device.initial_headers.clone();
+		// For now, just insert headers - no token request
+		Self {
+			headers_map,
+			initial_headers,
+			token: String::new(),
+			expires_in: 0,
+			device,
+		}
+	}
+	async fn login(&mut self) -> Option<()> {
+		// Construct URL for OAuth token
+		let url = format!("{AUTH_ENDPOINT}/auth/v2/oauth/access-token/loid");
+		let mut builder = Request::builder().method(Method::POST).uri(&url);
+
+		// Add headers from spoofed client
+		for (key, value) in &self.initial_headers {
+			builder = builder.header(key, value);
+		}
+		// Set up HTTP Basic Auth - basically just the const OAuth ID's with no password,
+		// Base64-encoded. https://en.wikipedia.org/wiki/Basic_access_authentication
+		// This could be constant, but I don't think it's worth it. OAuth ID's can change
+		// over time and we want to be flexible.
+		let auth = general_purpose::STANDARD.encode(format!("{}:", self.device.oauth_id));
+		builder = builder.header("Authorization", format!("Basic {auth}"));
+
+		// Set JSON body. I couldn't tell you what this means. But that's what the client sends
+		let json = json!({
+				"scopes": ["*","email", "pii"]
+		});
+		let body = Body::from(json.to_string());
+
+		// Build request
+		let request = builder.body(body).unwrap();
+
+		trace!("Sending token request...\n\n{request:?}");
+
+		// Send request
+		let client: &once_cell::sync::Lazy<client::Client<_, Body>> = &CLIENT;
+		let resp = client.request(request).await.ok()?;
+
+		trace!("Received response with status {} and length {:?}", resp.status(), resp.headers().get("content-length"));
+		trace!("OAuth headers: {:#?}", resp.headers());
+
+		// Parse headers - loid header _should_ be saved sent on subsequent token refreshes.
+		// Technically it's not needed, but it's easy for Reddit API to check for this.
+		// It's some kind of header that uniquely identifies the device.
+		// Not worried about the privacy implications, since this is randomly changed
+		// and really only as privacy-concerning as the OAuth token itself.
+		if let Some(header) = resp.headers().get("x-reddit-loid") {
+			self.headers_map.insert("x-reddit-loid".to_owned(), header.to_str().ok()?.to_string());
+		}
+
+		// Same with x-reddit-session
+		if let Some(header) = resp.headers().get("x-reddit-session") {
+			self.headers_map.insert("x-reddit-session".to_owned(), header.to_str().ok()?.to_string());
+		}
+
+		trace!("Serializing response...");
+
+		// Serialize response
+		let body_bytes = hyper::body::to_bytes(resp.into_body()).await.ok()?;
+		let json: serde_json::Value = serde_json::from_slice(&body_bytes).ok()?;
+
+		trace!("Accessing relevant fields...");
+
+		// Save token and expiry
+		self.token = json.get("access_token")?.as_str()?.to_string();
+		self.expires_in = json.get("expires_in")?.as_u64()?;
+		self.headers_map.insert("Authorization".to_owned(), format!("Bearer {}", self.token));
+
+		info!("[✅] Success - Retrieved token \"{}...\", expires in {}", &self.token[..32], self.expires_in);
+
+		Some(())
+	}
+}
+
+pub async fn token_daemon() {
+	// Monitor for refreshing token
+	loop {
+		// Get expiry time - be sure to not hold the read lock
+		let expires_in = { OAUTH_CLIENT.load_full().expires_in };
+
+		// sleep for the expiry time minus 2 minutes
+		let duration = Duration::from_secs(expires_in - 120);
+
+		info!("[⏳] Waiting for {duration:?} seconds before refreshing OAuth token...");
+
+		tokio::time::sleep(duration).await;
+
+		info!("[⌛] {duration:?} Elapsed! Refreshing OAuth token...");
+
+		// Refresh token - in its own scope
+		{
+			force_refresh_token().await;
+		}
+	}
+}
+
+pub async fn force_refresh_token() {
+	if OAUTH_IS_ROLLING_OVER.compare_exchange(false, true, Ordering::SeqCst, Ordering::SeqCst).is_err() {
+		trace!("Skipping refresh token roll over, already in progress");
+		return;
+	}
+
+	trace!("Rolling over refresh token. Current rate limit: {}", OAUTH_RATELIMIT_REMAINING.load(Ordering::SeqCst));
+	let new_client = Oauth::new().await;
+	OAUTH_CLIENT.swap(new_client.into());
+	OAUTH_RATELIMIT_REMAINING.store(99, Ordering::SeqCst);
+	OAUTH_IS_ROLLING_OVER.store(false, Ordering::SeqCst);
+}
+
+#[derive(Debug, Clone, Default)]
+struct Device {
+	oauth_id: String,
+	initial_headers: HashMap<String, String>,
+	headers: HashMap<String, String>,
+}
+
+impl Device {
+	fn android() -> Self {
+		// Generate uuid
+		let uuid = uuid::Uuid::new_v4().to_string();
+
+		// Generate random user-agent
+		let android_app_version = choose(ANDROID_APP_VERSION_LIST).to_string();
+		let android_version = fastrand::u8(9..=14);
+
+		let android_user_agent = format!("Reddit/{android_app_version}/Android {android_version}");
+
+		let qos = fastrand::u32(1000..=100_000);
+		let qos: f32 = qos as f32 / 1000.0;
+		let qos = format!("{:.3}", qos);
+
+		let codecs = TextGenerator::new().generate("available-codecs=video/avc, video/hevc{, video/x-vnd.on2.vp9|}");
+
+		// Android device headers
+		let headers: HashMap<String, String> = HashMap::from([
+			("User-Agent".into(), android_user_agent),
+			("x-reddit-retry".into(), "algo=no-retries".into()),
+			("x-reddit-compression".into(), "1".into()),
+			("x-reddit-qos".into(), qos),
+			("x-reddit-media-codecs".into(), codecs),
+			("Content-Type".into(), "application/json; charset=UTF-8".into()),
+			("client-vendor-id".into(), uuid.clone()),
+			("X-Reddit-Device-Id".into(), uuid.clone()),
+		]);
+
+		info!("[🔄] Spoofing Android client with headers: {headers:?}, uuid: \"{uuid}\", and OAuth ID \"{REDDIT_ANDROID_OAUTH_CLIENT_ID}\"");
+
+		Self {
+			oauth_id: REDDIT_ANDROID_OAUTH_CLIENT_ID.to_string(),
+			headers: headers.clone(),
+			initial_headers: headers,
+		}
+	}
+	fn new() -> Self {
+		// See https://github.com/redlib-org/redlib/issues/8
+		Self::android()
+	}
+}
+
+fn choose<T: Copy>(list: &[T]) -> T {
+	*fastrand::choose_multiple(list.iter(), 1)[0]
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_oauth_client() {
+	assert!(!OAUTH_CLIENT.load_full().token.is_empty());
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_oauth_client_refresh() {
+	force_refresh_token().await;
+}
+#[tokio::test(flavor = "multi_thread")]
+async fn test_oauth_token_exists() {
+	assert!(!OAUTH_CLIENT.load_full().token.is_empty());
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_oauth_headers_len() {
+	assert!(OAUTH_CLIENT.load_full().headers_map.len() >= 3);
+}
+
+#[test]
+fn test_creating_device() {
+	Device::new();
+}
--- a/src/oauth_resources.rs
+++ b/src/oauth_resources.rs
@ -0,0 +1,158 @@
+// This file was generated by scripts/update_oauth_resources.sh
+// Rerun scripts/update_oauth_resources.sh to update this file
+// Please do not edit manually
+// Filled in with real app versions
+pub const _IOS_APP_VERSION_LIST: &[&str; 1] = &[""];
+pub const ANDROID_APP_VERSION_LIST: &[&str; 150] = &[
+	"Version 2024.22.1/Build 1652272",
+	"Version 2024.23.1/Build 1665606",
+	"Version 2024.24.1/Build 1682520",
+	"Version 2024.25.0/Build 1693595",
+	"Version 2024.25.2/Build 1700401",
+	"Version 2024.25.3/Build 1703490",
+	"Version 2024.26.0/Build 1710470",
+	"Version 2024.26.1/Build 1717435",
+	"Version 2024.28.0/Build 1737665",
+	"Version 2024.28.1/Build 1741165",
+	"Version 2024.30.0/Build 1770787",
+	"Version 2024.31.0/Build 1786202",
+	"Version 2024.32.0/Build 1809095",
+	"Version 2024.32.1/Build 1813258",
+	"Version 2024.33.0/Build 1819908",
+	"Version 2024.34.0/Build 1837909",
+	"Version 2024.35.0/Build 1861437",
+	"Version 2024.36.0/Build 1875012",
+	"Version 2024.37.0/Build 1888053",
+	"Version 2024.38.0/Build 1902791",
+	"Version 2024.39.0/Build 1916713",
+	"Version 2024.40.0/Build 1928580",
+	"Version 2024.41.0/Build 1941199",
+	"Version 2024.41.1/Build 1947805",
+	"Version 2024.42.0/Build 1952440",
+	"Version 2024.43.0/Build 1972250",
+	"Version 2024.44.0/Build 1988458",
+	"Version 2024.45.0/Build 2001943",
+	"Version 2024.46.0/Build 2012731",
+	"Version 2024.47.0/Build 2029755",
+	"Version 2023.48.0/Build 1319123",
+	"Version 2023.49.0/Build 1321715",
+	"Version 2023.49.1/Build 1322281",
+	"Version 2023.50.0/Build 1332338",
+	"Version 2023.50.1/Build 1345844",
+	"Version 2024.02.0/Build 1368985",
+	"Version 2024.03.0/Build 1379408",
+	"Version 2024.04.0/Build 1391236",
+	"Version 2024.05.0/Build 1403584",
+	"Version 2024.06.0/Build 1418489",
+	"Version 2024.07.0/Build 1429651",
+	"Version 2024.08.0/Build 1439531",
+	"Version 2024.10.0/Build 1470045",
+	"Version 2024.10.1/Build 1478645",
+	"Version 2024.11.0/Build 1480707",
+	"Version 2024.12.0/Build 1494694",
+	"Version 2024.13.0/Build 1505187",
+	"Version 2024.14.0/Build 1520556",
+	"Version 2024.15.0/Build 1536823",
+	"Version 2024.16.0/Build 1551366",
+	"Version 2024.17.0/Build 1568106",
+	"Version 2024.18.0/Build 1577901",
+	"Version 2024.18.1/Build 1585304",
+	"Version 2024.19.0/Build 1593346",
+	"Version 2024.20.0/Build 1612800",
+	"Version 2024.20.1/Build 1615586",
+	"Version 2024.20.2/Build 1624969",
+	"Version 2024.20.3/Build 1624970",
+	"Version 2024.21.0/Build 1631686",
+	"Version 2024.22.0/Build 1645257",
+	"Version 2023.21.0/Build 956283",
+	"Version 2023.22.0/Build 968223",
+	"Version 2023.23.0/Build 983896",
+	"Version 2023.24.0/Build 998541",
+	"Version 2023.25.0/Build 1014750",
+	"Version 2023.25.1/Build 1018737",
+	"Version 2023.26.0/Build 1019073",
+	"Version 2023.27.0/Build 1031923",
+	"Version 2023.28.0/Build 1046887",
+	"Version 2023.29.0/Build 1059855",
+	"Version 2023.30.0/Build 1078734",
+	"Version 2023.31.0/Build 1091027",
+	"Version 2023.32.0/Build 1109919",
+	"Version 2023.32.1/Build 1114141",
+	"Version 2023.33.1/Build 1129741",
+	"Version 2023.34.0/Build 1144243",
+	"Version 2023.35.0/Build 1157967",
+	"Version 2023.36.0/Build 1168982",
+	"Version 2023.37.0/Build 1182743",
+	"Version 2023.38.0/Build 1198522",
+	"Version 2023.39.0/Build 1211607",
+	"Version 2023.39.1/Build 1221505",
+	"Version 2023.40.0/Build 1221521",
+	"Version 2023.41.0/Build 1233125",
+	"Version 2023.41.1/Build 1239615",
+	"Version 2023.42.0/Build 1245088",
+	"Version 2023.43.0/Build 1257426",
+	"Version 2023.44.0/Build 1268622",
+	"Version 2023.45.0/Build 1281371",
+	"Version 2023.47.0/Build 1303604",
+	"Version 2022.42.0/Build 638508",
+	"Version 2022.43.0/Build 648277",
+	"Version 2022.44.0/Build 664348",
+	"Version 2022.45.0/Build 677985",
+	"Version 2023.01.0/Build 709875",
+	"Version 2023.02.0/Build 717912",
+	"Version 2023.03.0/Build 729220",
+	"Version 2023.04.0/Build 744681",
+	"Version 2023.05.0/Build 755453",
+	"Version 2023.06.0/Build 775017",
+	"Version 2023.07.0/Build 788827",
+	"Version 2023.07.1/Build 790267",
+	"Version 2023.08.0/Build 798718",
+	"Version 2023.09.0/Build 812015",
+	"Version 2023.09.1/Build 816833",
+	"Version 2023.10.0/Build 821148",
+	"Version 2023.11.0/Build 830610",
+	"Version 2023.12.0/Build 841150",
+	"Version 2023.13.0/Build 852246",
+	"Version 2023.14.0/Build 861593",
+	"Version 2023.14.1/Build 864826",
+	"Version 2023.15.0/Build 870628",
+	"Version 2023.16.0/Build 883294",
+	"Version 2023.16.1/Build 886269",
+	"Version 2023.17.0/Build 896030",
+	"Version 2023.17.1/Build 900542",
+	"Version 2023.18.0/Build 911877",
+	"Version 2023.19.0/Build 927681",
+	"Version 2023.20.0/Build 943980",
+	"Version 2023.20.1/Build 946732",
+	"Version 2022.20.0/Build 487703",
+	"Version 2022.21.0/Build 492436",
+	"Version 2022.22.0/Build 498700",
+	"Version 2022.23.0/Build 502374",
+	"Version 2022.23.1/Build 506606",
+	"Version 2022.24.0/Build 510950",
+	"Version 2022.24.1/Build 513462",
+	"Version 2022.25.0/Build 515072",
+	"Version 2022.25.1/Build 516394",
+	"Version 2022.25.2/Build 519915",
+	"Version 2022.26.0/Build 521193",
+	"Version 2022.27.0/Build 527406",
+	"Version 2022.27.1/Build 529687",
+	"Version 2022.28.0/Build 533235",
+	"Version 2022.30.0/Build 548620",
+	"Version 2022.31.0/Build 556666",
+	"Version 2022.31.1/Build 562612",
+	"Version 2022.32.0/Build 567875",
+	"Version 2022.33.0/Build 572600",
+	"Version 2022.34.0/Build 579352",
+	"Version 2022.35.0/Build 588016",
+	"Version 2022.35.1/Build 589034",
+	"Version 2022.36.0/Build 593102",
+	"Version 2022.37.0/Build 601691",
+	"Version 2022.38.0/Build 607460",
+	"Version 2022.39.0/Build 615385",
+	"Version 2022.39.1/Build 619019",
+	"Version 2022.40.0/Build 624782",
+	"Version 2022.41.0/Build 630468",
+	"Version 2022.41.1/Build 634168",
+];
+pub const _IOS_OS_VERSION_LIST: &[&str; 1] = &[""];
--- a/src/post.rs
+++ b/src/post.rs
@ -1,19 +1,23 @@
+#![allow(clippy::cmp_owned)]
+
 // CRATES
 use crate::client::json;
-use crate::esc;
+use crate::config::get_setting;
 use crate::server::RequestExt;
 use crate::subreddit::{can_access_quarantine, quarantine};
 use crate::utils::{
-	error, format_num, format_url, get_filters, param, rewrite_urls, setting, template, time, val, Author, Awards, Comment, Flags, Flair, FlairPart, Media, Post, Preferences,
+	error, format_num, get_filters, nsfw_landing, param, parse_post, rewrite_emotes, setting, template, time, val, Author, Awards, Comment, Flair, FlairPart, Post, Preferences,
 };
 use hyper::{Body, Request, Response};

-use askama::Template;
-use std::collections::HashSet;
+use once_cell::sync::Lazy;
+use regex::Regex;
+use rinja::Template;
+use std::collections::{HashMap, HashSet};

 // STRUCTS
 #[derive(Template)]
-#[template(path = "post.html", escape = "none")]
+#[template(path = "post.html")]
 struct PostTemplate {
 	comments: Vec<Comment>,
 	post: Post,
@ -21,13 +25,18 @@ struct PostTemplate {
 	prefs: Preferences,
 	single_thread: bool,
 	url: String,
+	url_without_query: String,
+	comment_query: String,
 }

+static COMMENT_SEARCH_CAPTURE: Lazy<Regex> = Lazy::new(|| Regex::new(r"\?q=(.*)&type=comment").unwrap());
+
 pub async fn item(req: Request<Body>) -> Result<Response<Body>, String> {
 	// Build Reddit API path
 	let mut path: String = format!("{}.json?{}&raw_json=1", req.uri().path(), req.uri().query().unwrap_or_default());
 	let sub = req.param("sub").unwrap_or_default();
 	let quarantined = can_access_quarantine(&req, &sub);
+	let url = req.uri().to_string();

 	// Set sort to sort query parameter
 	let sort = param(&path, "sort").unwrap_or_else(|| {
@ -45,7 +54,7 @@ pub async fn item(req: Request<Body>) -> Result<Response<Body>, String> {

 	// Log the post ID being fetched in debug mode
 	#[cfg(debug_assertions)]
-	dbg!(req.param("id").unwrap_or_default());
+	req.param("id").unwrap_or_default();

 	let single_thread = req.param("comment_id").is_some();
 	let highlighted_comment = &req.param("comment_id").unwrap_or_default();
@ -55,109 +64,57 @@ pub async fn item(req: Request<Body>) -> Result<Response<Body>, String> {
 		// Otherwise, grab the JSON output from the request
 		Ok(response) => {
 			// Parse the JSON into Post and Comment structs
-			let post = parse_post(&response[0]).await;
-			let comments = parse_comments(&response[1], &post.permalink, &post.author.name, highlighted_comment, &get_filters(&req));
-			let url = req.uri().to_string();
+			let post = parse_post(&response[0]["data"]["children"][0]).await;
+
+			let req_url = req.uri().to_string();
+			// Return landing page if this post if this Reddit deems this post
+			// NSFW, but we have also disabled the display of NSFW content
+			// or if the instance is SFW-only.
+			if post.nsfw && crate::utils::should_be_nsfw_gated(&req, &req_url) {
+				return Ok(nsfw_landing(req, req_url).await.unwrap_or_default());
+			}
+
+			let query_body = match COMMENT_SEARCH_CAPTURE.captures(&url) {
+				Some(captures) => captures.get(1).unwrap().as_str().replace("%20", " ").replace('+', " "),
+				None => String::new(),
+			};
+
+			let query_string = format!("q={query_body}&type=comment");
+			let form = url::form_urlencoded::parse(query_string.as_bytes()).collect::<HashMap<_, _>>();
+			let query = form.get("q").unwrap().clone().to_string();
+
+			let comments = match query.as_str() {
+				"" => parse_comments(&response[1], &post.permalink, &post.author.name, highlighted_comment, &get_filters(&req), &req),
+				_ => query_comments(&response[1], &post.permalink, &post.author.name, highlighted_comment, &get_filters(&req), &query, &req),
+			};

 			// Use the Post and Comment structs to generate a website to show users
-			template(PostTemplate {
+			Ok(template(&PostTemplate {
 				comments,
 				post,
+				url_without_query: url.clone().trim_end_matches(&format!("?q={query}&type=comment")).to_string(),
 				sort,
-				prefs: Preferences::new(req),
+				prefs: Preferences::new(&req),
 				single_thread,
-				url,
-			})
+				url: req_url,
+				comment_query: query,
+			}))
 		}
 		// If the Reddit API returns an error, exit and send error page to user
 		Err(msg) => {
-			if msg == "quarantined" {
+			if msg == "quarantined" || msg == "gated" {
 				let sub = req.param("sub").unwrap_or_default();
-				quarantine(req, sub)
+				Ok(quarantine(&req, sub, &msg))
 			} else {
-				error(req, msg).await
+				error(req, &msg).await
 			}
 		}
 	}
 }

-// POSTS
-async fn parse_post(json: &serde_json::Value) -> Post {
-	// Retrieve post (as opposed to comments) from JSON
-	let post: &serde_json::Value = &json["data"]["children"][0];
-
-	// Grab UTC time as unix timestamp
-	let (rel_time, created) = time(post["data"]["created_utc"].as_f64().unwrap_or_default());
-	// Parse post score and upvote ratio
-	let score = post["data"]["score"].as_i64().unwrap_or_default();
-	let ratio: f64 = post["data"]["upvote_ratio"].as_f64().unwrap_or(1.0) * 100.0;
-
-	// Determine the type of media along with the media URL
-	let (post_type, media, gallery) = Media::parse(&post["data"]).await;
-
-	let awards: Awards = Awards::parse(&post["data"]["all_awardings"]);
-
-	// Build a post using data parsed from Reddit post API
-	Post {
-		id: val(post, "id"),
-		title: esc!(post, "title"),
-		community: val(post, "subreddit"),
-		body: rewrite_urls(&val(post, "selftext_html")).replace("\\", ""),
-		author: Author {
-			name: val(post, "author"),
-			flair: Flair {
-				flair_parts: FlairPart::parse(
-					post["data"]["author_flair_type"].as_str().unwrap_or_default(),
-					post["data"]["author_flair_richtext"].as_array(),
-					post["data"]["author_flair_text"].as_str(),
-				),
-				text: esc!(post, "link_flair_text"),
-				background_color: val(post, "author_flair_background_color"),
-				foreground_color: val(post, "author_flair_text_color"),
-			},
-			distinguished: val(post, "distinguished"),
-		},
-		permalink: val(post, "permalink"),
-		score: format_num(score),
-		upvote_ratio: ratio as i64,
-		post_type,
-		media,
-		thumbnail: Media {
-			url: format_url(val(post, "thumbnail").as_str()),
-			alt_url: String::new(),
-			width: post["data"]["thumbnail_width"].as_i64().unwrap_or_default(),
-			height: post["data"]["thumbnail_height"].as_i64().unwrap_or_default(),
-			poster: "".to_string(),
-		},
-		flair: Flair {
-			flair_parts: FlairPart::parse(
-				post["data"]["link_flair_type"].as_str().unwrap_or_default(),
-				post["data"]["link_flair_richtext"].as_array(),
-				post["data"]["link_flair_text"].as_str(),
-			),
-			text: esc!(post, "link_flair_text"),
-			background_color: val(post, "link_flair_background_color"),
-			foreground_color: if val(post, "link_flair_text_color") == "dark" {
-				"black".to_string()
-			} else {
-				"white".to_string()
-			},
-		},
-		flags: Flags {
-			nsfw: post["data"]["over_18"].as_bool().unwrap_or(false),
-			stickied: post["data"]["stickied"].as_bool().unwrap_or(false),
-		},
-		domain: val(post, "domain"),
-		rel_time,
-		created,
-		comments: format_num(post["data"]["num_comments"].as_i64().unwrap_or_default()),
-		gallery,
-		awards,
-	}
-}
-
 // COMMENTS
-fn parse_comments(json: &serde_json::Value, post_link: &str, post_author: &str, highlighted_comment: &str, filters: &HashSet<String>) -> Vec<Comment> {
+
+fn parse_comments(json: &serde_json::Value, post_link: &str, post_author: &str, highlighted_comment: &str, filters: &HashSet<String>, req: &Request<Body>) -> Vec<Comment> {
 	// Parse the comment JSON into a Vector of Comments
 	let comments = json["data"]["children"].as_array().map_or(Vec::new(), std::borrow::ToOwned::to_owned);

@ -165,79 +122,136 @@ fn parse_comments(json: &serde_json::Value, post_link: &str, post_author: &str,
 	comments
 		.into_iter()
 		.map(|comment| {
-			let kind = comment["kind"].as_str().unwrap_or_default().to_string();
 			let data = &comment["data"];
-
-			let unix_time = data["created_utc"].as_f64().unwrap_or_default();
-			let (rel_time, created) = time(unix_time);
-
-			let edited = data["edited"].as_f64().map_or((String::new(), String::new()), time);
-
-			let score = data["score"].as_i64().unwrap_or(0);
-			let body = rewrite_urls(&val(&comment, "body_html"));
-
-			// If this comment contains replies, handle those too
 			let replies: Vec<Comment> = if data["replies"].is_object() {
-				parse_comments(&data["replies"], post_link, post_author, highlighted_comment, filters)
+				parse_comments(&data["replies"], post_link, post_author, highlighted_comment, filters, req)
 			} else {
 				Vec::new()
 			};
-
-			let awards: Awards = Awards::parse(&data["all_awardings"]);
-
-			let parent_kind_and_id = val(&comment, "parent_id");
-			let parent_info = parent_kind_and_id.split('_').collect::<Vec<&str>>();
-
-			let id = val(&comment, "id");
-			let highlighted = id == highlighted_comment;
-
-			let author = Author {
-				name: val(&comment, "author"),
-				flair: Flair {
-					flair_parts: FlairPart::parse(
-						data["author_flair_type"].as_str().unwrap_or_default(),
-						data["author_flair_richtext"].as_array(),
-						data["author_flair_text"].as_str(),
-					),
-					text: esc!(&comment, "link_flair_text"),
-					background_color: val(&comment, "author_flair_background_color"),
-					foreground_color: val(&comment, "author_flair_text_color"),
-				},
-				distinguished: val(&comment, "distinguished"),
-			};
-			let is_filtered = filters.contains(&["u_", author.name.as_str()].concat());
-
-			// Many subreddits have a default comment posted about the sub's rules etc.
-			// Many libreddit users do not wish to see this kind of comment by default.
-			// Reddit does not tell us which users are "bots", so a good heuristic is to
-			// collapse stickied moderator comments.
-			let is_moderator_comment = data["distinguished"].as_str().unwrap_or_default() == "moderator";
-			let is_stickied = data["stickied"].as_bool().unwrap_or_default();
-			let collapsed = (is_moderator_comment && is_stickied) || is_filtered;
-
-			Comment {
-				id,
-				kind,
-				parent_id: parent_info[1].to_string(),
-				parent_kind: parent_info[0].to_string(),
-				post_link: post_link.to_string(),
-				post_author: post_author.to_string(),
-				body,
-				author,
-				score: if data["score_hidden"].as_bool().unwrap_or_default() {
-					("\u{2022}".to_string(), "Hidden".to_string())
-				} else {
-					format_num(score)
-				},
-				rel_time,
-				created,
-				edited,
-				replies,
-				highlighted,
-				awards,
-				collapsed,
-				is_filtered,
-			}
+			build_comment(&comment, data, replies, post_link, post_author, highlighted_comment, filters, req)
 		})
 		.collect()
 }
+
+fn query_comments(
+	json: &serde_json::Value,
+	post_link: &str,
+	post_author: &str,
+	highlighted_comment: &str,
+	filters: &HashSet<String>,
+	query: &str,
+	req: &Request<Body>,
+) -> Vec<Comment> {
+	let comments = json["data"]["children"].as_array().map_or(Vec::new(), std::borrow::ToOwned::to_owned);
+	let mut results = Vec::new();
+
+	for comment in comments {
+		let data = &comment["data"];
+
+		// If this comment contains replies, handle those too
+		if data["replies"].is_object() {
+			results.append(&mut query_comments(&data["replies"], post_link, post_author, highlighted_comment, filters, query, req));
+		}
+
+		let c = build_comment(&comment, data, Vec::new(), post_link, post_author, highlighted_comment, filters, req);
+		if c.body.to_lowercase().contains(&query.to_lowercase()) {
+			results.push(c);
+		}
+	}
+
+	results
+}
+#[allow(clippy::too_many_arguments)]
+fn build_comment(
+	comment: &serde_json::Value,
+	data: &serde_json::Value,
+	replies: Vec<Comment>,
+	post_link: &str,
+	post_author: &str,
+	highlighted_comment: &str,
+	filters: &HashSet<String>,
+	req: &Request<Body>,
+) -> Comment {
+	let id = val(comment, "id");
+
+	let body = if (val(comment, "author") == "[deleted]" && val(comment, "body") == "[removed]") || val(comment, "body") == "[ Removed by Reddit ]" {
+		format!(
+			"<div class=\"md\"><p>[removed] — <a href=\"https://{}{post_link}{id}\">view removed comment</a></p></div>",
+			get_setting("REDLIB_PUSHSHIFT_FRONTEND").unwrap_or_else(|| String::from(crate::config::DEFAULT_PUSHSHIFT_FRONTEND)),
+		)
+	} else {
+		rewrite_emotes(&data["media_metadata"], val(comment, "body_html"))
+	};
+	let kind = comment["kind"].as_str().unwrap_or_default().to_string();
+
+	let unix_time = data["created_utc"].as_f64().unwrap_or_default();
+	let (rel_time, created) = time(unix_time);
+
+	let edited = data["edited"].as_f64().map_or((String::new(), String::new()), time);
+
+	let score = data["score"].as_i64().unwrap_or(0);
+
+	// The JSON API only provides comments up to some threshold.
+	// Further comments have to be loaded by subsequent requests.
+	// The "kind" value will be "more" and the "count"
+	// shows how many more (sub-)comments exist in the respective nesting level.
+	// Note that in certain (seemingly random) cases, the count is simply wrong.
+	let more_count = data["count"].as_i64().unwrap_or_default();
+
+	let awards: Awards = Awards::parse(&data["all_awardings"]);
+
+	let parent_kind_and_id = val(comment, "parent_id");
+	let parent_info = parent_kind_and_id.split('_').collect::<Vec<&str>>();
+
+	let highlighted = id == highlighted_comment;
+
+	let author = Author {
+		name: val(comment, "author"),
+		flair: Flair {
+			flair_parts: FlairPart::parse(
+				data["author_flair_type"].as_str().unwrap_or_default(),
+				data["author_flair_richtext"].as_array(),
+				data["author_flair_text"].as_str(),
+			),
+			text: val(comment, "link_flair_text"),
+			background_color: val(comment, "author_flair_background_color"),
+			foreground_color: val(comment, "author_flair_text_color"),
+		},
+		distinguished: val(comment, "distinguished"),
+	};
+	let is_filtered = filters.contains(&["u_", author.name.as_str()].concat());
+
+	// Many subreddits have a default comment posted about the sub's rules etc.
+	// Many Redlib users do not wish to see this kind of comment by default.
+	// Reddit does not tell us which users are "bots", so a good heuristic is to
+	// collapse stickied moderator comments.
+	let is_moderator_comment = data["distinguished"].as_str().unwrap_or_default() == "moderator";
+	let is_stickied = data["stickied"].as_bool().unwrap_or_default();
+	let collapsed = (is_moderator_comment && is_stickied) || is_filtered;
+
+	Comment {
+		id,
+		kind,
+		parent_id: parent_info[1].to_string(),
+		parent_kind: parent_info[0].to_string(),
+		post_link: post_link.to_string(),
+		post_author: post_author.to_string(),
+		body,
+		author,
+		score: if data["score_hidden"].as_bool().unwrap_or_default() {
+			("\u{2022}".to_string(), "Hidden".to_string())
+		} else {
+			format_num(score)
+		},
+		rel_time,
+		created,
+		edited,
+		replies,
+		highlighted,
+		awards,
+		collapsed,
+		is_filtered,
+		more_count,
+		prefs: Preferences::new(req),
+	}
+}
--- a/src/search.rs
+++ b/src/search.rs
@ -1,12 +1,16 @@
+#![allow(clippy::cmp_owned)]
+
 // CRATES
-use crate::utils::{catch_random, error, filter_posts, format_num, format_url, get_filters, param, redirect, setting, template, val, Post, Preferences};
+use crate::utils::{self, catch_random, error, filter_posts, format_num, format_url, get_filters, param, redirect, setting, template, val, Post, Preferences};
 use crate::{
 	client::json,
+	server::RequestExt,
 	subreddit::{can_access_quarantine, quarantine},
-	RequestExt,
 };
-use askama::Template;
 use hyper::{Body, Request, Response};
+use once_cell::sync::Lazy;
+use regex::Regex;
+use rinja::Template;

 // STRUCTS
 struct SearchParams {
@ -29,7 +33,7 @@ struct Subreddit {
 }

 #[derive(Template)]
-#[template(path = "search.html", escape = "none")]
+#[template(path = "search.html")]
 struct SearchTemplate {
 	posts: Vec<Post>,
 	subreddits: Vec<Subreddit>,
@ -42,16 +46,41 @@ struct SearchTemplate {
 	/// Whether all fetched posts are filtered (to differentiate between no posts fetched in the first place,
 	/// and all fetched posts being filtered).
 	all_posts_filtered: bool,
+	/// Whether all posts were hidden because they are NSFW (and user has disabled show NSFW)
+	all_posts_hidden_nsfw: bool,
+	no_posts: bool,
 }

+// Regex matched against search queries to determine if they are reddit urls.
+static REDDIT_URL_MATCH: Lazy<Regex> = Lazy::new(|| Regex::new(r"^https?://([^\./]+\.)*reddit.com/").unwrap());
+
 // SERVICES
 pub async fn find(req: Request<Body>) -> Result<Response<Body>, String> {
-	let nsfw_results = if setting(&req, "show_nsfw") == "on" { "&include_over_18=on" } else { "" };
-	let path = format!("{}.json?{}{}&raw_json=1", req.uri().path(), req.uri().query().unwrap_or_default(), nsfw_results);
-	let query = param(&path, "q").unwrap_or_default();
+	// This ensures that during a search, no NSFW posts are fetched at all
+	let nsfw_results = if setting(&req, "show_nsfw") == "on" && !utils::sfw_only() {
+		"&include_over_18=on"
+	} else {
+		""
+	};
+	let uri_path = req.uri().path().replace("+", "%2B");
+	let path = format!("{}.json?{}{}&raw_json=1", uri_path, req.uri().query().unwrap_or_default(), nsfw_results);
+	let mut query = param(&path, "q").unwrap_or_default();
+	query = REDDIT_URL_MATCH.replace(&query, "").to_string();

 	if query.is_empty() {
-		return Ok(redirect("/".to_string()));
+		return Ok(redirect("/"));
+	}
+
+	if query.starts_with("r/") || query.starts_with("user/") {
+		return Ok(redirect(&format!("/{query}")));
+	}
+
+	if query.starts_with("R/") {
+		return Ok(redirect(&format!("/r{}", &query[1..])));
+	}
+
+	if query.starts_with("u/") || query.starts_with("U/") {
+		return Ok(redirect(&format!("/user{}", &query[1..])));
 	}

 	let sub = req.param("sub").unwrap_or_default();
@ -79,7 +108,7 @@ pub async fn find(req: Request<Body>) -> Result<Response<Body>, String> {

 	// If all requested subs are filtered, we don't need to fetch posts.
 	if sub.split('+').all(|s| filters.contains(s)) {
-		template(SearchTemplate {
+		Ok(template(&SearchTemplate {
 			posts: Vec::new(),
 			subreddits,
 			sub,
@ -88,21 +117,24 @@ pub async fn find(req: Request<Body>) -> Result<Response<Body>, String> {
 				sort,
 				t: param(&path, "t").unwrap_or_default(),
 				before: param(&path, "after").unwrap_or_default(),
-				after: "".to_string(),
+				after: String::new(),
 				restrict_sr: param(&path, "restrict_sr").unwrap_or_default(),
 				typed,
 			},
-			prefs: Preferences::new(req),
+			prefs: Preferences::new(&req),
 			url,
 			is_filtered: true,
 			all_posts_filtered: false,
-		})
+			all_posts_hidden_nsfw: false,
+			no_posts: false,
+		}))
 	} else {
 		match Post::fetch(&path, quarantined).await {
 			Ok((mut posts, after)) => {
-				let all_posts_filtered = filter_posts(&mut posts, &filters);
-
-				template(SearchTemplate {
+				let (_, all_posts_filtered) = filter_posts(&mut posts, &filters);
+				let no_posts = posts.is_empty();
+				let all_posts_hidden_nsfw = !no_posts && (posts.iter().all(|p| p.flags.nsfw) && setting(&req, "show_nsfw") != "on");
+				Ok(template(&SearchTemplate {
 					posts,
 					subreddits,
 					sub,
@ -115,18 +147,20 @@ pub async fn find(req: Request<Body>) -> Result<Response<Body>, String> {
 						restrict_sr: param(&path, "restrict_sr").unwrap_or_default(),
 						typed,
 					},
-					prefs: Preferences::new(req),
+					prefs: Preferences::new(&req),
 					url,
 					is_filtered: false,
 					all_posts_filtered,
-				})
+					all_posts_hidden_nsfw,
+					no_posts,
+				}))
 			}
 			Err(msg) => {
-				if msg == "quarantined" {
+				if msg == "quarantined" || msg == "gated" {
 					let sub = req.param("sub").unwrap_or_default();
-					quarantine(req, sub)
+					Ok(quarantine(&req, sub, &msg))
 				} else {
-					error(req, msg).await
+					error(req, &msg).await
 				}
 			}
 		}
@ -135,7 +169,7 @@ pub async fn find(req: Request<Body>) -> Result<Response<Body>, String> {

 async fn search_subreddits(q: &str, typed: &str) -> Vec<Subreddit> {
 	let limit = if typed == "sr_user" { "50" } else { "3" };
-	let subreddit_search_path = format!("/subreddits/search.json?q={}&limit={}", q.replace(' ', "+"), limit);
+	let subreddit_search_path = format!("/subreddits/search.json?q={}&limit={limit}", q.replace(' ', "+"));

 	// Send a request to the url
 	json(subreddit_search_path, false).await.unwrap_or_default()["data"]["children"]
--- a/src/server.rs
+++ b/src/server.rs
@ -1,17 +1,84 @@
+#![allow(dead_code)]
+#![allow(clippy::cmp_owned)]
+
+use brotli::enc::{BrotliCompress, BrotliEncoderParams};
+use cached::proc_macro::cached;
 use cookie::Cookie;
+use core::f64;
 use futures_lite::{future::Boxed, Future, FutureExt};
 use hyper::{
-	header::HeaderValue,
+	body,
+	body::HttpBody,
+	header,
 	service::{make_service_fn, service_fn},
 	HeaderMap,
 };
 use hyper::{Body, Method, Request, Response, Server as HyperServer};
+use libflate::gzip;
 use route_recognizer::{Params, Router};
-use std::{pin::Pin, result::Result};
-use time::Duration;
+use std::{
+	cmp::Ordering,
+	fmt::Display,
+	io,
+	pin::Pin,
+	result::Result,
+	str::{from_utf8, Split},
+	string::ToString,
+};
+use time::OffsetDateTime;
+
+use crate::dbg_msg;

 type BoxResponse = Pin<Box<dyn Future<Output = Result<Response<Body>, String>> + Send>>;

+/// Compressors for the response Body, in ascending order of preference.
+#[derive(Copy, Clone, Debug, Eq, Hash, Ord, PartialEq, PartialOrd)]
+enum CompressionType {
+	Passthrough,
+	Gzip,
+	Brotli,
+}
+
+/// All browsers support gzip, so if we are given `Accept-Encoding: *`, deliver
+/// gzipped-content.
+///
+/// Brotli would be nice universally, but Safari (iOS, iPhone, macOS) reportedly
+/// doesn't support it yet.
+const DEFAULT_COMPRESSOR: CompressionType = CompressionType::Gzip;
+
+impl CompressionType {
+	/// Returns a `CompressionType` given a content coding
+	/// in [RFC 7231](https://datatracker.ietf.org/doc/html/rfc7231#section-5.3.4)
+	/// format.
+	fn parse(s: &str) -> Option<Self> {
+		let c = match s {
+			// Compressors we support.
+			"gzip" => Self::Gzip,
+			"br" => Self::Brotli,
+
+			// The wildcard means that we can choose whatever
+			// compression we prefer. In this case, use the
+			// default.
+			"*" => DEFAULT_COMPRESSOR,
+
+			// Compressor not supported.
+			_ => return None,
+		};
+
+		Some(c)
+	}
+}
+
+impl Display for CompressionType {
+	fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+		match self {
+			Self::Gzip => write!(f, "gzip"),
+			Self::Brotli => write!(f, "br"),
+			Self::Passthrough => Ok(()),
+		}
+	}
+}
+
 pub struct Route<'a> {
 	router: &'a mut Router<fn(Request<Body>) -> BoxResponse>,
 	path: String,
@ -41,13 +108,13 @@ pub trait RequestExt {
 	fn params(&self) -> Params;
 	fn param(&self, name: &str) -> Option<String>;
 	fn set_params(&mut self, params: Params) -> Option<Params>;
-	fn cookies(&self) -> Vec<Cookie>;
-	fn cookie(&self, name: &str) -> Option<Cookie>;
+	fn cookies(&self) -> Vec<Cookie<'_>>;
+	fn cookie(&self, name: &str) -> Option<Cookie<'_>>;
 }

 pub trait ResponseExt {
-	fn cookies(&self) -> Vec<Cookie>;
-	fn insert_cookie(&mut self, cookie: Cookie);
+	fn cookies(&self) -> Vec<Cookie<'_>>;
+	fn insert_cookie(&mut self, cookie: Cookie<'_>);
 	fn remove_cookie(&mut self, name: String);
 }

@ -68,83 +135,87 @@ impl RequestExt for Request<Body> {
 		self.extensions_mut().insert(params)
 	}

-	fn cookies(&self) -> Vec<Cookie> {
+	fn cookies(&self) -> Vec<Cookie<'_>> {
 		self.headers().get("Cookie").map_or(Vec::new(), |header| {
 			header
 				.to_str()
 				.unwrap_or_default()
 				.split("; ")
-				.map(|cookie| Cookie::parse(cookie).unwrap_or_else(|_| Cookie::named("")))
+				.map(|cookie| Cookie::parse(cookie).unwrap_or_else(|_| Cookie::from("")))
 				.collect()
 		})
 	}

-	fn cookie(&self, name: &str) -> Option<Cookie> {
+	fn cookie(&self, name: &str) -> Option<Cookie<'_>> {
 		self.cookies().into_iter().find(|c| c.name() == name)
 	}
 }

 impl ResponseExt for Response<Body> {
-	fn cookies(&self) -> Vec<Cookie> {
+	fn cookies(&self) -> Vec<Cookie<'_>> {
 		self.headers().get("Cookie").map_or(Vec::new(), |header| {
 			header
 				.to_str()
 				.unwrap_or_default()
 				.split("; ")
-				.map(|cookie| Cookie::parse(cookie).unwrap_or_else(|_| Cookie::named("")))
+				.map(|cookie| Cookie::parse(cookie).unwrap_or_else(|_| Cookie::from("")))
 				.collect()
 		})
 	}

-	fn insert_cookie(&mut self, cookie: Cookie) {
-		if let Ok(val) = HeaderValue::from_str(&cookie.to_string()) {
+	fn insert_cookie(&mut self, cookie: Cookie<'_>) {
+		if let Ok(val) = header::HeaderValue::from_str(&cookie.to_string()) {
 			self.headers_mut().append("Set-Cookie", val);
 		}
 	}

 	fn remove_cookie(&mut self, name: String) {
-		let mut cookie = Cookie::named(name);
-		cookie.set_path("/");
-		cookie.set_max_age(Duration::second());
-		if let Ok(val) = HeaderValue::from_str(&cookie.to_string()) {
+		let removal_cookie = Cookie::build(name).path("/").http_only(true).expires(OffsetDateTime::now_utc());
+		if let Ok(val) = header::HeaderValue::from_str(&removal_cookie.to_string()) {
 			self.headers_mut().append("Set-Cookie", val);
 		}
 	}
 }

 impl Route<'_> {
-	fn method(&mut self, method: Method, dest: fn(Request<Body>) -> BoxResponse) -> &mut Self {
+	fn method(&mut self, method: &Method, dest: fn(Request<Body>) -> BoxResponse) -> &mut Self {
 		self.router.add(&format!("/{}{}", method.as_str(), self.path), dest);
 		self
 	}

 	/// Add an endpoint for `GET` requests
 	pub fn get(&mut self, dest: fn(Request<Body>) -> BoxResponse) -> &mut Self {
-		self.method(Method::GET, dest)
+		self.method(&Method::GET, dest)
 	}

 	/// Add an endpoint for `POST` requests
 	pub fn post(&mut self, dest: fn(Request<Body>) -> BoxResponse) -> &mut Self {
-		self.method(Method::POST, dest)
+		self.method(&Method::POST, dest)
+	}
+}
+
+impl Default for Server {
+	fn default() -> Self {
+		Self::new()
 	}
 }

 impl Server {
 	pub fn new() -> Self {
-		Server {
+		Self {
 			default_headers: HeaderMap::new(),
 			router: Router::new(),
 		}
 	}

-	pub fn at(&mut self, path: &str) -> Route {
+	pub fn at(&mut self, path: &str) -> Route<'_> {
 		Route {
 			path: path.to_owned(),
 			router: &mut self.router,
 		}
 	}

-	pub fn listen(self, addr: String) -> Boxed<Result<(), hyper::Error>> {
+	pub fn listen(self, addr: &str) -> Boxed<Result<(), hyper::Error>> {
 		let make_svc = make_service_fn(move |_conn| {
 			// For correct borrowing, these values need to be borrowed
 			let router = self.router.clone();
@ -156,18 +227,25 @@ impl Server {
 			// let shared_router = router.clone();
 			async move {
 				Ok::<_, String>(service_fn(move |req: Request<Body>| {
-					let headers = default_headers.clone();
+					let req_headers = req.headers().clone();
+					let def_headers = default_headers.clone();

-					// Remove double slashes
-					let mut path = req.uri().path().replace("//", "/");
+					// Remove double slashes and decode encoded slashes
+					let mut path = req.uri().path().replace("//", "/").replace("%2F", "/");

 					// Remove trailing slashes
 					if path != "/" && path.ends_with('/') {
 						path.pop();
 					}

+					// Replace HEAD with GET for routing
+					let (method, is_head) = match req.method() {
+						&Method::HEAD => (&Method::GET, true),
+						method => (method, false),
+					};
+
 					// Match the visited path with an added route
-					match router.recognize(&format!("/{}{}", req.method().as_str(), path)) {
+					match router.recognize(&format!("/{}{}", method.as_str(), path)) {
 						// If a route was configured for this path
 						Ok(found) => {
 							let mut parammed = req;
@ -176,40 +254,510 @@ impl Server {
 							// Run the route's function
 							let func = (found.handler().to_owned().to_owned())(parammed);
 							async move {
-								let res: Result<Response<Body>, String> = func.await;
-								// Add default headers to response
-								res.map(|mut response| {
-									response.headers_mut().extend(headers);
-									response
-								})
+								match func.await {
+									Ok(mut res) => {
+										res.headers_mut().extend(def_headers);
+										if is_head {
+											*res.body_mut() = Body::empty();
+										} else {
+											let _ = compress_response(&req_headers, &mut res).await;
+										}
+
+										Ok(res)
+									}
+									Err(msg) => new_boilerplate(def_headers, req_headers, 500, if is_head { Body::empty() } else { Body::from(msg) }).await,
+								}
 							}
 							.boxed()
 						}
 						// If there was a routing error
-						Err(e) => async move {
-							// Return a 404 error
-							let res: Result<Response<Body>, String> = Ok(Response::builder().status(404).body(e.into()).unwrap_or_default());
-							// Add default headers to response
-							res.map(|mut response| {
-								response.headers_mut().extend(headers);
-								response
-							})
-						}
-						.boxed(),
+						Err(e) => new_boilerplate(def_headers, req_headers, 404, if is_head { Body::empty() } else { e.into() }).boxed(),
 					}
 				}))
 			}
 		});

 		// Build SocketAddr from provided address
-		let address = &addr.parse().unwrap_or_else(|_| panic!("Cannot parse {} as address (example format: 0.0.0.0:8080)", addr));
+		let address = &addr.parse().unwrap_or_else(|_| panic!("Cannot parse {addr} as address (example format: 0.0.0.0:8080)"));

 		// Bind server to address specified above. Gracefully shut down if CTRL+C is pressed
 		let server = HyperServer::bind(address).serve(make_svc).with_graceful_shutdown(async {
+			#[cfg(windows)]
 			// Wait for the CTRL+C signal
 			tokio::signal::ctrl_c().await.expect("Failed to install CTRL+C signal handler");
+
+			#[cfg(unix)]
+			{
+				// Wait for CTRL+C or SIGTERM signals
+				let mut signal_terminate = tokio::signal::unix::signal(tokio::signal::unix::SignalKind::terminate()).expect("Failed to install SIGTERM signal handler");
+				tokio::select! {
+					_ = tokio::signal::ctrl_c() => (),
+					_ = signal_terminate.recv() => ()
+				}
+			}
 		});

 		server.boxed()
 	}
 }
+
+/// Create a boilerplate Response for error conditions. This response will be
+/// compressed if requested by client.
+async fn new_boilerplate(
+	default_headers: HeaderMap<header::HeaderValue>,
+	req_headers: HeaderMap<header::HeaderValue>,
+	status: u16,
+	body: Body,
+) -> Result<Response<Body>, String> {
+	match Response::builder().status(status).body(body) {
+		Ok(mut res) => {
+			let _ = compress_response(&req_headers, &mut res).await;
+
+			res.headers_mut().extend(default_headers.clone());
+			Ok(res)
+		}
+		Err(msg) => Err(msg.to_string()),
+	}
+}
+
+/// Determines the desired compressor based on the Accept-Encoding header.
+///
+/// This function will honor the [q-value](https://developer.mozilla.org/en-US/docs/Glossary/Quality_values)
+///  for each compressor. The q-value is an optional parameter, a decimal value
+/// on \[0..1\], to order the compressors by preference. An Accept-Encoding value
+/// with no q-values is also accepted.
+///
+/// Here are [examples](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Encoding#examples)
+/// of valid Accept-Encoding headers.
+///
+/// ```http
+/// Accept-Encoding: gzip
+/// Accept-Encoding: gzip, compress, br
+/// Accept-Encoding: br;q=1.0, gzip;q=0.8, *;q=0.1
+/// ```
+#[cached]
+fn determine_compressor(accept_encoding: String) -> Option<CompressionType> {
+	if accept_encoding.is_empty() {
+		return None;
+	};
+
+	// Keep track of the compressor candidate based on both the client's
+	// preference and our own. Concrete examples:
+	//
+	// 1. "Accept-Encoding: gzip, br" => assuming we like brotli more than
+	//    gzip, and the browser supports brotli, we choose brotli
+	//
+	// 2. "Accept-Encoding: gzip;q=0.8, br;q=0.3" => the client has stated a
+	//    preference for gzip over brotli, so we choose gzip
+	//
+	// To do this, we need to define a struct which contains the requested
+	// requested compressor (abstracted as a CompressionType enum) and the
+	// q-value. If no q-value is defined for the compressor, we assume one of
+	// 1.0. We first compare compressor candidates by comparing q-values, and
+	// then CompressionTypes. We keep track of whatever is the greatest per our
+	// ordering.
+
+	struct CompressorCandidate {
+		alg: CompressionType,
+		q: f64,
+	}
+
+	impl Ord for CompressorCandidate {
+		fn cmp(&self, other: &Self) -> Ordering {
+			// Compare q-values. Break ties with the
+			// CompressionType values.
+
+			match self.q.total_cmp(&other.q) {
+				Ordering::Equal => self.alg.cmp(&other.alg),
+				ord => ord,
+			}
+		}
+	}
+
+	impl PartialOrd for CompressorCandidate {
+		fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
+			Some(self.cmp(other))
+		}
+	}
+
+	impl PartialEq for CompressorCandidate {
+		fn eq(&self, other: &Self) -> bool {
+			(self.q == other.q) && (self.alg == other.alg)
+		}
+	}
+
+	impl Eq for CompressorCandidate {}
+
+	// This is the current candidate.
+	//
+	// Assmume no candidate so far. We do this by assigning the sentinel value
+	// of negative infinity to the q-value. If this value is negative infinity,
+	// that means there was no viable compressor candidate.
+	let mut cur_candidate = CompressorCandidate {
+		alg: CompressionType::Passthrough,
+		q: f64::NEG_INFINITY,
+	};
+
+	// This loop reads the requested compressors and keeps track of whichever
+	// one has the highest priority per our heuristic.
+	for val in accept_encoding.split(',') {
+		let mut q: f64 = 1.0;
+
+		// The compressor and q-value (if the latter is defined)
+		// will be delimited by semicolons.
+		let mut spl: Split<'_, char> = val.split(';');
+
+		// Get the compressor. For example, in
+		//   gzip;q=0.8
+		// this grabs "gzip" in the string. It
+		// will further validate the compressor against the
+		// list of those we support. If it is not supported,
+		// we move onto the next one.
+		let compressor: CompressionType = match spl.next() {
+			// CompressionType::parse will return the appropriate enum given
+			// a string. For example, it will return CompressionType::Gzip
+			// when given "gzip".
+			Some(s) => match CompressionType::parse(s.trim()) {
+				Some(candidate) => candidate,
+
+				// We don't support the requested compression algorithm.
+				None => continue,
+			},
+
+			// We should never get here, but I'm paranoid.
+			None => continue,
+		};
+
+		// Get the q-value. This might not be defined, in which case assume
+		// 1.0.
+		if let Some(s) = spl.next() {
+			if !(s.len() > 2 && s.starts_with("q=")) {
+				// If the q-value is malformed, the header is malformed, so
+				// abort.
+				return None;
+			}
+
+			match s[2..].parse::<f64>() {
+				Ok(val) => {
+					if (0.0..=1.0).contains(&val) {
+						q = val;
+					} else {
+						// If the value is outside [0..1], header is malformed.
+						// Abort.
+						return None;
+					};
+				}
+				Err(_) => {
+					// If this isn't a f64, then assume a malformed header
+					// value and abort.
+					return None;
+				}
+			}
+		};
+
+		// If new_candidate > cur_candidate, make new_candidate the new
+		// cur_candidate. But do this safely! It is very possible that
+		// someone gave us the string "NAN", which (&str).parse::<f64>
+		// will happily translate to f64::NAN.
+		let new_candidate = CompressorCandidate { alg: compressor, q };
+		if let Some(ord) = new_candidate.partial_cmp(&cur_candidate) {
+			if ord == Ordering::Greater {
+				cur_candidate = new_candidate;
+			}
+		};
+	}
+
+	if cur_candidate.q == f64::NEG_INFINITY {
+		None
+	} else {
+		Some(cur_candidate.alg)
+	}
+}
+
+/// Compress the response body, if possible or desirable. The Body will be
+/// compressed in place, and a new header Content-Encoding will be set
+/// indicating the compression algorithm.
+///
+/// This function deems Body eligible compression if and only if the following
+/// conditions are met:
+///
+/// 1. the HTTP client requests a compression encoding in the Content-Encoding
+///    header (hence the need for the `req_headers`);
+///
+/// 2. the content encoding corresponds to a compression algorithm we support;
+///
+/// 3. the Media type in the Content-Type response header is text with any
+///    subtype (e.g. text/plain) or application/json.
+///
+/// `compress_response` returns Ok on successful compression, or if not all three
+/// conditions above are met. It returns Err if there was a problem decoding
+/// any header in either `req_headers` or res, but res will remain intact.
+///
+/// This function logs errors to stderr, but only in debug mode. No information
+/// is logged in release builds.
+async fn compress_response(req_headers: &HeaderMap<header::HeaderValue>, res: &mut Response<Body>) -> Result<(), String> {
+	// Check if the data is eligible for compression.
+	if let Some(hdr) = res.headers().get(header::CONTENT_TYPE) {
+		match from_utf8(hdr.as_bytes()) {
+			Ok(val) => {
+				let s = val.to_string();
+
+				// TODO: better determination of what is eligible for compression
+				if !(s.starts_with("text/") || s.starts_with("application/json")) {
+					return Ok(());
+				};
+			}
+			Err(e) => {
+				dbg_msg!(e);
+				return Err(e.to_string());
+			}
+		};
+	} else {
+		// Response declares no Content-Type. Assume for simplicity that it
+		// cannot be compressed.
+		return Ok(());
+	};
+
+	// Don't bother if the size of the size of the response body will fit
+	// within an IP frame (less the bytes that make up the TCP/IP and HTTP
+	// headers).
+	if res.body().size_hint().lower() < 1452 {
+		return Ok(());
+	};
+
+	// Check to see which compressor is requested, and if we can use it.
+	let accept_encoding: String = match req_headers.get(header::ACCEPT_ENCODING) {
+		None => return Ok(()), // Client requested no compression.
+
+		Some(hdr) => match String::from_utf8(hdr.as_bytes().into()) {
+			Ok(val) => val,
+
+			#[cfg(debug_assertions)]
+			Err(e) => {
+				dbg_msg!(e);
+				return Ok(());
+			}
+
+			#[cfg(not(debug_assertions))]
+			Err(_) => return Ok(()),
+		},
+	};
+
+	let compressor: CompressionType = match determine_compressor(accept_encoding) {
+		Some(c) => c,
+		None => return Ok(()),
+	};
+
+	// Get the body from the response.
+	let body_bytes: Vec<u8> = match body::to_bytes(res.body_mut()).await {
+		Ok(b) => b.to_vec(),
+		Err(e) => {
+			dbg_msg!(e);
+			return Err(e.to_string());
+		}
+	};
+
+	// Compress!
+	match compress_body(compressor, body_bytes) {
+		Ok(compressed) => {
+			// We get here iff the compression was successful. Replace the body
+			// with the compressed payload, and add the appropriate
+			// Content-Encoding header in the response.
+			res.headers_mut().insert(header::CONTENT_ENCODING, compressor.to_string().parse().unwrap());
+			*(res.body_mut()) = Body::from(compressed);
+		}
+
+		Err(e) => return Err(e),
+	}
+
+	Ok(())
+}
+
+/// Compresses a `Vec<u8>` given a [`CompressionType`].
+///
+/// This is a helper function for [`compress_response`] and should not be
+/// called directly.
+
+// I've chosen a TTL of 600 (== 10 minutes) since compression is
+// computationally expensive and we don't want to be doing it often. This is
+// larger than client::json's TTL, but that's okay, because if client::json
+// returns a new serde_json::Value, body_bytes changes, so this function will
+// execute again.
+#[cached(size = 100, time = 600, result = true)]
+fn compress_body(compressor: CompressionType, body_bytes: Vec<u8>) -> Result<Vec<u8>, String> {
+	// io::Cursor implements io::Read, required for our encoders.
+	let mut reader = io::Cursor::new(body_bytes);
+
+	let compressed: Vec<u8> = match compressor {
+		CompressionType::Gzip => {
+			let mut gz: gzip::Encoder<Vec<u8>> = match gzip::Encoder::new(Vec::new()) {
+				Ok(gz) => gz,
+				Err(e) => {
+					dbg_msg!(e);
+					return Err(e.to_string());
+				}
+			};
+
+			match io::copy(&mut reader, &mut gz) {
+				Ok(_) => match gz.finish().into_result() {
+					Ok(compressed) => compressed,
+					Err(e) => {
+						dbg_msg!(e);
+						return Err(e.to_string());
+					}
+				},
+				Err(e) => {
+					dbg_msg!(e);
+					return Err(e.to_string());
+				}
+			}
+		}
+
+		CompressionType::Brotli => {
+			// We may want to make the compression parameters configurable
+			// in the future. For now, the defaults are sufficient.
+			let brotli_params = BrotliEncoderParams::default();
+
+			let mut compressed = Vec::<u8>::new();
+			match BrotliCompress(&mut reader, &mut compressed, &brotli_params) {
+				Ok(_) => compressed,
+				Err(e) => {
+					dbg_msg!(e);
+					return Err(e.to_string());
+				}
+			}
+		}
+
+		// This arm is for any requested compressor for which we don't yet
+		// have an implementation.
+		CompressionType::Passthrough => {
+			let msg = "unsupported compressor".to_string();
+			return Err(msg);
+		}
+	};
+
+	Ok(compressed)
+}
+
+#[cfg(test)]
+mod tests {
+	use super::*;
+	use brotli::Decompressor as BrotliDecompressor;
+	use futures_lite::future::block_on;
+	use lipsum::lipsum;
+	use std::{boxed::Box, io};
+
+	#[test]
+	fn test_determine_compressor() {
+		// Single compressor given.
+		assert_eq!(determine_compressor("unsupported".to_string()), None);
+		assert_eq!(determine_compressor("gzip".to_string()), Some(CompressionType::Gzip));
+		assert_eq!(determine_compressor("*".to_string()), Some(DEFAULT_COMPRESSOR));
+
+		// Multiple compressors.
+		assert_eq!(determine_compressor("gzip, br".to_string()), Some(CompressionType::Brotli));
+		assert_eq!(determine_compressor("gzip;q=0.8, br;q=0.3".to_string()), Some(CompressionType::Gzip));
+		assert_eq!(determine_compressor("br, gzip".to_string()), Some(CompressionType::Brotli));
+		assert_eq!(determine_compressor("br;q=0.3, gzip;q=0.4".to_string()), Some(CompressionType::Gzip));
+
+		// Invalid q-values.
+		assert_eq!(determine_compressor("gzip;q=NAN".to_string()), None);
+	}
+
+	#[test]
+	fn test_compress_response() {
+		// This macro generates an Accept-Encoding header value given any number of
+		// compressors.
+		macro_rules! ae_gen {
+			($x:expr) => {
+				$x.to_string().as_str()
+			};
+
+			($x:expr, $($y:expr),+) => {
+				format!("{}, {}", $x.to_string(), ae_gen!($($y),+)).as_str()
+			};
+		}
+
+		for accept_encoding in [
+			"*",
+			ae_gen!(CompressionType::Gzip),
+			ae_gen!(CompressionType::Brotli, CompressionType::Gzip),
+			ae_gen!(CompressionType::Brotli),
+		] {
+			// Determine what the expected encoding should be based on both the
+			// specific encodings we accept.
+			let expected_encoding: CompressionType = match determine_compressor(accept_encoding.to_string()) {
+				Some(s) => s,
+				None => panic!("determine_compressor(accept_encoding.to_string()) => None"),
+			};
+
+			// Build headers with our Accept-Encoding.
+			let mut req_headers = HeaderMap::new();
+			req_headers.insert(header::ACCEPT_ENCODING, header::HeaderValue::from_str(accept_encoding).unwrap());
+
+			// Build test response.
+			let lorem_ipsum: String = lipsum(10000);
+			let expected_lorem_ipsum = Vec::<u8>::from(lorem_ipsum.as_str());
+			let mut res = Response::builder()
+				.status(200)
+				.header(header::CONTENT_TYPE, "text/plain")
+				.body(Body::from(lorem_ipsum))
+				.unwrap();
+
+			// Perform the compression.
+			if let Err(e) = block_on(compress_response(&req_headers, &mut res)) {
+				panic!("compress_response(&req_headers, &mut res) => Err(\"{e}\")");
+			};
+
+			// If the content was compressed, we expect the Content-Encoding
+			// header to be modified.
+			assert_eq!(
+				res
+					.headers()
+					.get(header::CONTENT_ENCODING)
+					.unwrap_or_else(|| panic!("missing content-encoding header"))
+					.to_str()
+					.unwrap_or_else(|_| panic!("failed to convert Content-Encoding header::HeaderValue to String")),
+				expected_encoding.to_string()
+			);
+
+			// Decompress body and make sure it's equal to what we started
+			// with.
+			//
+			// In the case of no compression, just make sure the "new" body in
+			// the Response is the same as what with which we start.
+			let body_vec = match block_on(body::to_bytes(res.body_mut())) {
+				Ok(b) => b.to_vec(),
+				Err(e) => panic!("{e}"),
+			};
+
+			if expected_encoding == CompressionType::Passthrough {
+				assert!(body_vec.eq(&expected_lorem_ipsum));
+				continue;
+			}
+
+			// This provides an io::Read for the underlying body.
+			let mut body_cursor: io::Cursor<Vec<u8>> = io::Cursor::new(body_vec);
+
+			// Match the appropriate decompresor for the given
+			// expected_encoding.
+			let mut decoder: Box<dyn io::Read> = match expected_encoding {
+				CompressionType::Gzip => match gzip::Decoder::new(&mut body_cursor) {
+					Ok(dgz) => Box::new(dgz),
+					Err(e) => panic!("{e}"),
+				},
+
+				CompressionType::Brotli => Box::new(BrotliDecompressor::new(body_cursor, expected_lorem_ipsum.len())),
+
+				_ => panic!("no decompressor for {}", expected_encoding),
+			};
+
+			let mut decompressed = Vec::<u8>::new();
+			if let Err(e) = io::copy(&mut decoder, &mut decompressed) {
+				panic!("{e}");
+			};
+
+			assert!(decompressed.eq(&expected_lorem_ipsum));
+		}
+	}
+}
--- a/src/settings.rs
+++ b/src/settings.rs
@ -1,13 +1,18 @@
+#![allow(clippy::cmp_owned)]
+
 use std::collections::HashMap;

 // CRATES
 use crate::server::ResponseExt;
-use crate::utils::{redirect, template, Preferences};
-use askama::Template;
+use crate::subreddit::join_until_size_limit;
+use crate::utils::{deflate_decompress, redirect, template, Preferences};
 use cookie::Cookie;
 use futures_lite::StreamExt;
 use hyper::{Body, Request, Response};
+use rinja::Template;
 use time::{Duration, OffsetDateTime};
+use tokio::time::timeout;
+use url::form_urlencoded;

 // STRUCTS
 #[derive(Template)]
@ -19,17 +24,26 @@ struct SettingsTemplate {

 // CONSTANTS

-const PREFS: [&str; 10] = [
+const PREFS: [&str; 19] = [
 	"theme",
 	"front_page",
 	"layout",
 	"wide",
 	"comment_sort",
 	"post_sort",
+	"blur_spoiler",
 	"show_nsfw",
+	"blur_nsfw",
 	"use_hls",
 	"hide_hls_notification",
 	"autoplay_videos",
+	"hide_sidebar_and_summary",
+	"fixed_navbar",
+	"hide_awards",
+	"hide_score",
+	"disable_visit_reddit_confirmation",
+	"video_quality",
+	"remove_default_feeds",
 ];

 // FUNCTIONS
@ -37,10 +51,10 @@ const PREFS: [&str; 10] = [
 // Retrieve cookies from request "Cookie" header
 pub async fn get(req: Request<Body>) -> Result<Response<Body>, String> {
 	let url = req.uri().to_string();
-	template(SettingsTemplate {
-		prefs: Preferences::new(req),
+	Ok(template(&SettingsTemplate {
+		prefs: Preferences::new(&req),
 		url,
-	})
+	}))
 }

 // Set cookies using response "Set-Cookie" header
@ -49,7 +63,7 @@ pub async fn set(req: Request<Body>) -> Result<Response<Body>, String> {
 	let (parts, mut body) = req.into_parts();

 	// Grab existing cookies
-	let _cookies: Vec<Cookie> = parts
+	let _cookies: Vec<Cookie<'_>> = parts
 		.headers
 		.get_all("Cookie")
 		.iter()
@ -68,16 +82,16 @@ pub async fn set(req: Request<Body>) -> Result<Response<Body>, String> {

 	let form = url::form_urlencoded::parse(&body_bytes).collect::<HashMap<_, _>>();

-	let mut response = redirect("/settings".to_string());
+	let mut response = redirect("/settings");

 	for &name in &PREFS {
 		match form.get(name) {
 			Some(value) => response.insert_cookie(
-				Cookie::build(name.to_owned(), value.clone())
+				Cookie::build((name.to_owned(), value.clone()))
 					.path("/")
 					.http_only(true)
 					.expires(OffsetDateTime::now_utc() + Duration::weeks(52))
-					.finish(),
+					.into(),
 			),
 			None => response.remove_cookie(name.to_string()),
 		};
@ -91,7 +105,7 @@ fn set_cookies_method(req: Request<Body>, remove_cookies: bool) -> Response<Body
 	let (parts, _) = req.into_parts();

 	// Grab existing cookies
-	let _cookies: Vec<Cookie> = parts
+	let _cookies: Vec<Cookie<'_>> = parts
 		.headers
 		.get_all("Cookie")
 		.iter()
@ -107,16 +121,16 @@ fn set_cookies_method(req: Request<Body>, remove_cookies: bool) -> Response<Body
 		None => "/".to_string(),
 	};

-	let mut response = redirect(path);
+	let mut response = redirect(&path);

-	for name in [PREFS.to_vec(), vec!["subscriptions", "filters"]].concat() {
+	for name in PREFS {
 		match form.get(name) {
 			Some(value) => response.insert_cookie(
-				Cookie::build(name.to_owned(), value.clone())
+				Cookie::build((name.to_owned(), value.clone()))
 					.path("/")
 					.http_only(true)
 					.expires(OffsetDateTime::now_utc() + Duration::weeks(52))
-					.finish(),
+					.into(),
 			),
 			None => {
 				if remove_cookies {
@ -126,6 +140,119 @@ fn set_cookies_method(req: Request<Body>, remove_cookies: bool) -> Response<Body
 		};
 	}

+	// Get subscriptions/filters to restore from query string
+	let subscriptions = form.get("subscriptions");
+	let filters = form.get("filters");
+
+	// We can't search through the cookies directly like in subreddit.rs, so instead we have to make a string out of the request's headers to search through
+	let cookies_string = parts
+		.headers
+		.get("cookie")
+		.map(|hv| hv.to_str().unwrap_or("").to_string()) // Return String
+		.unwrap_or_else(String::new); // Return an empty string if None
+
+	// If there are subscriptions to restore set them and delete any old subscriptions cookies, otherwise delete them all
+	if subscriptions.is_some() {
+		let sub_list: Vec<String> = subscriptions.expect("Subscriptions").split('+').map(str::to_string).collect();
+
+		// Start at 0 to keep track of what number we need to start deleting old subscription cookies from
+		let mut subscriptions_number_to_delete_from = 0;
+
+		// Starting at 0 so we handle the subscription cookie without a number first
+		for (subscriptions_number, list) in join_until_size_limit(&sub_list).into_iter().enumerate() {
+			let subscriptions_cookie = if subscriptions_number == 0 {
+				"subscriptions".to_string()
+			} else {
+				format!("subscriptions{}", subscriptions_number)
+			};
+
+			response.insert_cookie(
+				Cookie::build((subscriptions_cookie, list))
+					.path("/")
+					.http_only(true)
+					.expires(OffsetDateTime::now_utc() + Duration::weeks(52))
+					.into(),
+			);
+
+			subscriptions_number_to_delete_from += 1;
+		}
+
+		// While subscriptionsNUMBER= is in the string of cookies add a response removing that cookie
+		while cookies_string.contains(&format!("subscriptions{subscriptions_number_to_delete_from}=")) {
+			// Remove that subscriptions cookie
+			response.remove_cookie(format!("subscriptions{subscriptions_number_to_delete_from}"));
+
+			// Increment subscriptions cookie number
+			subscriptions_number_to_delete_from += 1;
+		}
+	} else {
+		// Remove unnumbered subscriptions cookie
+		response.remove_cookie("subscriptions".to_string());
+
+		// Starts at one to deal with the first numbered subscription cookie and onwards
+		let mut subscriptions_number_to_delete_from = 1;
+
+		// While subscriptionsNUMBER= is in the string of cookies add a response removing that cookie
+		while cookies_string.contains(&format!("subscriptions{subscriptions_number_to_delete_from}=")) {
+			// Remove that subscriptions cookie
+			response.remove_cookie(format!("subscriptions{subscriptions_number_to_delete_from}"));
+
+			// Increment subscriptions cookie number
+			subscriptions_number_to_delete_from += 1;
+		}
+	}
+
+	// If there are filters to restore set them and delete any old filters cookies, otherwise delete them all
+	if filters.is_some() {
+		let filters_list: Vec<String> = filters.expect("Filters").split('+').map(str::to_string).collect();
+
+		// Start at 0 to keep track of what number we need to start deleting old subscription cookies from
+		let mut filters_number_to_delete_from = 0;
+
+		// Starting at 0 so we handle the subscription cookie without a number first
+		for (filters_number, list) in join_until_size_limit(&filters_list).into_iter().enumerate() {
+			let filters_cookie = if filters_number == 0 {
+				"filters".to_string()
+			} else {
+				format!("filters{}", filters_number)
+			};
+
+			response.insert_cookie(
+				Cookie::build((filters_cookie, list))
+					.path("/")
+					.http_only(true)
+					.expires(OffsetDateTime::now_utc() + Duration::weeks(52))
+					.into(),
+			);
+
+			filters_number_to_delete_from += 1;
+		}
+
+		// While filtersNUMBER= is in the string of cookies add a response removing that cookie
+		while cookies_string.contains(&format!("filters{filters_number_to_delete_from}=")) {
+			// Remove that filters cookie
+			response.remove_cookie(format!("filters{filters_number_to_delete_from}"));
+
+			// Increment filters cookie number
+			filters_number_to_delete_from += 1;
+		}
+	} else {
+		// Remove unnumbered filters cookie
+		response.remove_cookie("filters".to_string());
+
+		// Starts at one to deal with the first numbered subscription cookie and onwards
+		let mut filters_number_to_delete_from = 1;
+
+		// While filtersNUMBER= is in the string of cookies add a response removing that cookie
+		while cookies_string.contains(&format!("filters{filters_number_to_delete_from}=")) {
+			// Remove that sfilters cookie
+			response.remove_cookie(format!("filters{filters_number_to_delete_from}"));
+
+			// Increment filters cookie number
+			filters_number_to_delete_from += 1;
+		}
+	}
+
 	response
 }

@ -137,3 +264,35 @@ pub async fn restore(req: Request<Body>) -> Result<Response<Body>, String> {
 pub async fn update(req: Request<Body>) -> Result<Response<Body>, String> {
 	Ok(set_cookies_method(req, false))
 }
+
+pub async fn encoded_restore(req: Request<Body>) -> Result<Response<Body>, String> {
+	let body = hyper::body::to_bytes(req.into_body())
+		.await
+		.map_err(|e| format!("Failed to get bytes from request body: {}", e))?;
+
+	if body.len() > 1024 * 1024 {
+		return Err("Request body too large".to_string());
+	}
+
+	let encoded_prefs = form_urlencoded::parse(&body)
+		.find(|(key, _)| key == "encoded_prefs")
+		.map(|(_, value)| value)
+		.ok_or_else(|| "encoded_prefs parameter not found in request body".to_string())?;
+
+	let bytes = base2048::decode(&encoded_prefs).ok_or_else(|| "Failed to decode base2048 encoded preferences".to_string())?;
+
+	let out = timeout(std::time::Duration::from_secs(1), async { deflate_decompress(bytes) })
+		.await
+		.map_err(|e| format!("Failed to decompress bytes: {}", e))??;
+
+	let mut prefs: Preferences = timeout(std::time::Duration::from_secs(1), async { bincode::deserialize(&out) })
+		.await
+		.map_err(|e| format!("Failed to deserialize preferences: {}", e))?
+		.map_err(|e| format!("Failed to deserialize bytes into Preferences struct: {}", e))?;
+
+	prefs.available_themes = vec![];
+
+	let url = format!("/settings/restore/?{}", prefs.to_urlencoded()?);
+
+	Ok(redirect(&url))
+}
--- a/src/subreddit.rs
+++ b/src/subreddit.rs
@ -1,17 +1,25 @@
+#![allow(clippy::cmp_owned)]
+
+use crate::{config, utils};
 // CRATES
-use crate::esc;
 use crate::utils::{
-	catch_random, error, filter_posts, format_num, format_url, get_filters, param, redirect, rewrite_urls, setting, template, val, Post, Preferences, Subreddit,
+	catch_random, error, filter_posts, format_num, format_url, get_filters, info, nsfw_landing, param, redirect, rewrite_urls, setting, template, val, Post, Preferences,
+	Subreddit,
 };
-use crate::{client::json, server::ResponseExt, RequestExt};
-use askama::Template;
+use crate::{client::json, server::RequestExt, server::ResponseExt};
 use cookie::Cookie;
+use htmlescape::decode_html;
 use hyper::{Body, Request, Response};
+use rinja::Template;
+
+use chrono::DateTime;
+use once_cell::sync::Lazy;
+use regex::Regex;
 use time::{Duration, OffsetDateTime};

 // STRUCTS
 #[derive(Template)]
-#[template(path = "subreddit.html", escape = "none")]
+#[template(path = "subreddit.html")]
 struct SubredditTemplate {
 	sub: Subreddit,
 	posts: Vec<Post>,
@ -19,15 +27,19 @@ struct SubredditTemplate {
 	ends: (String, String),
 	prefs: Preferences,
 	url: String,
+	redirect_url: String,
 	/// Whether the subreddit itself is filtered.
 	is_filtered: bool,
 	/// Whether all fetched posts are filtered (to differentiate between no posts fetched in the first place,
 	/// and all fetched posts being filtered).
 	all_posts_filtered: bool,
+	/// Whether all posts were hidden because they are NSFW (and user has disabled show NSFW)
+	all_posts_hidden_nsfw: bool,
+	no_posts: bool,
 }

 #[derive(Template)]
-#[template(path = "wiki.html", escape = "none")]
+#[template(path = "wiki.html")]
 struct WikiTemplate {
 	sub: String,
 	wiki: String,
@ -37,7 +49,7 @@ struct WikiTemplate {
 }

 #[derive(Template)]
-#[template(path = "wall.html", escape = "none")]
+#[template(path = "wall.html")]
 struct WallTemplate {
 	title: String,
 	sub: String,
@ -46,12 +58,16 @@ struct WallTemplate {
 	url: String,
 }

+static GEO_FILTER_MATCH: Lazy<Regex> = Lazy::new(|| Regex::new(r"geo_filter=(?<region>\w+)").unwrap());
+
 // SERVICES
 pub async fn community(req: Request<Body>) -> Result<Response<Body>, String> {
 	// Build Reddit API path
 	let root = req.uri().path() == "/";
+	let query = req.uri().query().unwrap_or_default().to_string();
 	let subscribed = setting(&req, "subscriptions");
 	let front_page = setting(&req, "front_page");
+	let remove_default_feeds = setting(&req, "remove_default_feeds") == "on";
 	let post_sort = req.cookie("post_sort").map_or_else(|| "hot".to_string(), |c| c.value().to_string());
 	let sort = req.param("sort").unwrap_or_else(|| req.param("id").unwrap_or(post_sort));

@ -64,6 +80,21 @@ pub async fn community(req: Request<Body>) -> Result<Response<Body>, String> {
 	} else {
 		front_page.clone()
 	});
+
+	if (sub_name == "popular" || sub_name == "all") && remove_default_feeds {
+		if subscribed.is_empty() {
+			return info(req, "Subscribe to some subreddits! (Default feeds disabled in settings)").await;
+		} else {
+			// If there are subscribed subs, but we get here, then the problem is that front_page pref is set to something besides default.
+			// Tell user to go to settings and change front page to default.
+			return info(
+				req,
+				"You have subscribed to some subreddits, but your front page is not set to default. Visit settings and change front page to default.",
+			)
+			.await;
+		}
+	}
+
 	let quarantined = can_access_quarantine(&req, &sub_name) || root;

 	// Handle random subreddits
@ -72,7 +103,7 @@ pub async fn community(req: Request<Body>) -> Result<Response<Body>, String> {
 	}

 	if req.param("sub").is_some() && sub_name.starts_with("u_") {
-		return Ok(redirect(["/user/", &sub_name[2..]].concat()));
+		return Ok(redirect(&["/user/", &sub_name[2..]].concat()));
 	}

 	// Request subreddit metadata
@ -86,86 +117,110 @@ pub async fn community(req: Request<Body>) -> Result<Response<Body>, String> {
 		} else {
 			Subreddit::default()
 		}
-	} else if sub_name.contains('+') {
-		// Multireddit
+	} else {
+		// Multireddit, all, popular
 		Subreddit {
 			name: sub_name.clone(),
 			..Subreddit::default()
 		}
-	} else {
-		Subreddit::default()
 	};

-	let path = format!("/r/{}/{}.json?{}&raw_json=1", sub_name.clone(), sort, req.uri().query().unwrap_or_default());
+	let req_url = req.uri().to_string();
+	// Return landing page if this post if this is NSFW community but the user
+	// has disabled the display of NSFW content or if the instance is SFW-only.
+	if sub.nsfw && crate::utils::should_be_nsfw_gated(&req, &req_url) {
+		return Ok(nsfw_landing(req, req_url).await.unwrap_or_default());
+	}
+
+	let mut params = String::from("&raw_json=1");
+	if sub_name == "popular" {
+		let geo_filter = match GEO_FILTER_MATCH.captures(&query) {
+			Some(geo_filter) => geo_filter["region"].to_string(),
+			None => "GLOBAL".to_owned(),
+		};
+		params.push_str(&format!("&geo_filter={geo_filter}"));
+	}
+
+	let path = format!("/r/{}/{sort}.json?{}{params}", sub_name.replace('+', "%2B"), req.uri().query().unwrap_or_default());
 	let url = String::from(req.uri().path_and_query().map_or("", |val| val.as_str()));
+	let redirect_url = url[1..].replace('?', "%3F").replace('&', "%26").replace('+', "%2B");
 	let filters = get_filters(&req);

 	// If all requested subs are filtered, we don't need to fetch posts.
 	if sub_name.split('+').all(|s| filters.contains(s)) {
-		template(SubredditTemplate {
+		Ok(template(&SubredditTemplate {
 			sub,
 			posts: Vec::new(),
 			sort: (sort, param(&path, "t").unwrap_or_default()),
-			ends: (param(&path, "after").unwrap_or_default(), "".to_string()),
-			prefs: Preferences::new(req),
+			ends: (param(&path, "after").unwrap_or_default(), String::new()),
+			prefs: Preferences::new(&req),
 			url,
+			redirect_url,
 			is_filtered: true,
 			all_posts_filtered: false,
-		})
+			all_posts_hidden_nsfw: false,
+			no_posts: false,
+		}))
 	} else {
 		match Post::fetch(&path, quarantined).await {
 			Ok((mut posts, after)) => {
-				let all_posts_filtered = filter_posts(&mut posts, &filters);
-
-				template(SubredditTemplate {
+				let (_, all_posts_filtered) = filter_posts(&mut posts, &filters);
+				let no_posts = posts.is_empty();
+				let all_posts_hidden_nsfw = !no_posts && (posts.iter().all(|p| p.flags.nsfw) && setting(&req, "show_nsfw") != "on");
+				if sort == "new" {
+					posts.sort_by(|a, b| b.created_ts.cmp(&a.created_ts));
+					posts.sort_by(|a, b| b.flags.stickied.cmp(&a.flags.stickied));
+				}
+				Ok(template(&SubredditTemplate {
 					sub,
 					posts,
 					sort: (sort, param(&path, "t").unwrap_or_default()),
 					ends: (param(&path, "after").unwrap_or_default(), after),
-					prefs: Preferences::new(req),
+					prefs: Preferences::new(&req),
 					url,
+					redirect_url,
 					is_filtered: false,
 					all_posts_filtered,
-				})
+					all_posts_hidden_nsfw,
+					no_posts,
+				}))
 			}
 			Err(msg) => match msg.as_str() {
-				"quarantined" => quarantine(req, sub_name),
-				"private" => error(req, format!("r/{} is a private community", sub_name)).await,
-				"banned" => error(req, format!("r/{} has been banned from Reddit", sub_name)).await,
-				_ => error(req, msg).await,
+				"quarantined" | "gated" => Ok(quarantine(&req, sub_name, &msg)),
+				"private" => error(req, &format!("r/{sub_name} is a private community")).await,
+				"banned" => error(req, &format!("r/{sub_name} has been banned from Reddit")).await,
+				_ => error(req, &msg).await,
 			},
 		}
 	}
 }

-pub fn quarantine(req: Request<Body>, sub: String) -> Result<Response<Body>, String> {
+pub fn quarantine(req: &Request<Body>, sub: String, restriction: &str) -> Response<Body> {
 	let wall = WallTemplate {
-		title: format!("r/{} is quarantined", sub),
+		title: format!("r/{sub} is {restriction}"),
 		msg: "Please click the button below to continue to this subreddit.".to_string(),
 		url: req.uri().to_string(),
 		sub,
 		prefs: Preferences::new(req),
 	};

-	Ok(
-		Response::builder()
-			.status(403)
-			.header("content-type", "text/html")
-			.body(wall.render().unwrap_or_default().into())
-			.unwrap_or_default(),
-	)
+	Response::builder()
+		.status(403)
+		.header("content-type", "text/html")
+		.body(wall.render().unwrap_or_default().into())
+		.unwrap_or_default()
 }

 pub async fn add_quarantine_exception(req: Request<Body>) -> Result<Response<Body>, String> {
 	let subreddit = req.param("sub").ok_or("Invalid URL")?;
 	let redir = param(&format!("?{}", req.uri().query().unwrap_or_default()), "redir").ok_or("Invalid URL")?;
-	let mut response = redirect(redir);
+	let mut response = redirect(&redir);
 	response.insert_cookie(
-		Cookie::build(&format!("allow_quaran_{}", subreddit.to_lowercase()), "true")
+		Cookie::build((&format!("allow_quaran_{}", subreddit.to_lowercase()), "true"))
 			.path("/")
 			.http_only(true)
 			.expires(cookie::Expiration::Session)
-			.finish(),
+			.into(),
 	);
 	Ok(response)
 }
@ -175,6 +230,41 @@ pub fn can_access_quarantine(req: &Request<Body>, sub: &str) -> bool {
 	setting(req, &format!("allow_quaran_{}", sub.to_lowercase())).parse().unwrap_or_default()
 }

+// Join items in chunks of 4000 bytes in length for cookies
+pub fn join_until_size_limit<T: std::fmt::Display>(vec: &[T]) -> Vec<std::string::String> {
+	let mut result = Vec::new();
+	let mut list = String::new();
+	let mut current_size = 0;
+
+	for item in vec {
+		// Size in bytes
+		let item_size = item.to_string().len();
+		// Use 4000 bytes to leave us some headroom because the name and options of the cookie count towards the 4096 byte cap
+		if current_size + item_size > 4000 {
+			// If last item add a seperator on the end of the list so it's interpreted properly in tanden with the next cookie
+			list.push('+');
+
+			// Push current list to result vector
+			result.push(list);
+
+			// Reset the list variable so we can continue with only new items
+			list = String::new();
+		}
+		// Add separator if not the first item
+		if !list.is_empty() {
+			list.push('+');
+		}
+		// Add current item to list
+		list.push_str(&item.to_string());
+		current_size = list.len() + item_size;
+	}
+	// Make sure to push whatever the remaining subreddits are there into the result vector
+	result.push(list);
+
+	// Return resulting vector
+	result
+}
+
 // Sub, filter, unfilter, or unsub by setting subscription cookie using response "Set-Cookie" header
 pub async fn subscriptions_filters(req: Request<Body>) -> Result<Response<Body>, String> {
 	let sub = req.param("sub").unwrap_or_default();
@ -184,34 +274,37 @@ pub async fn subscriptions_filters(req: Request<Body>) -> Result<Response<Body>,
 	if sub == "random" || sub == "randnsfw" {
 		if action.contains(&"filter".to_string()) || action.contains(&"unfilter".to_string()) {
 			return Err("Can't filter random subreddit!".to_string());
-		} else {
-			return Err("Can't subscribe to random subreddit!".to_string());
 		}
+		return Err("Can't subscribe to random subreddit!".to_string());
 	}

 	let query = req.uri().query().unwrap_or_default().to_string();

-	let preferences = Preferences::new(req);
+	let preferences = Preferences::new(&req);
 	let mut sub_list = preferences.subscriptions;
 	let mut filters = preferences.filters;

 	// Retrieve list of posts for these subreddits to extract display names
-	let posts = json(format!("/r/{}/hot.json?raw_json=1", sub), true).await?;
-	let display_lookup: Vec<(String, &str)> = posts["data"]["children"]
-		.as_array()
-		.map(|list| {
-			list
-				.iter()
-				.map(|post| {
-					let display_name = post["data"]["subreddit"].as_str().unwrap_or_default();
-					(display_name.to_lowercase(), display_name)
-				})
-				.collect::<Vec<_>>()
-		})
-		.unwrap_or_default();
+
+	let posts = json(format!("/r/{sub}/hot.json?raw_json=1"), true).await;
+	let display_lookup: Vec<(String, &str)> = match &posts {
+		Ok(posts) => posts["data"]["children"]
+			.as_array()
+			.map(|list| {
+				list
+					.iter()
+					.map(|post| {
+						let display_name = post["data"]["subreddit"].as_str().unwrap_or_default();
+						(display_name.to_lowercase(), display_name)
+					})
+					.collect::<Vec<_>>()
+			})
+			.unwrap_or_default(),
+		Err(_) => vec![],
+	};

 	// Find each subreddit name (separated by '+') in sub parameter
-	for part in sub.split('+') {
+	for part in sub.split('+').filter(|x| x != &"") {
 		// Retrieve display name for the subreddit
 		let display;
 		let part = if part.starts_with("u_") {
@ -221,9 +314,13 @@ pub async fn subscriptions_filters(req: Request<Body>) -> Result<Response<Body>,
 			display
 		} else {
 			// This subreddit display name isn't known, retrieve it
-			let path: String = format!("/r/{}/about.json?raw_json=1", part);
-			display = json(path, true).await?;
-			display["data"]["display_name"].as_str().ok_or_else(|| "Failed to query subreddit name".to_string())?
+			let path: String = format!("/r/{part}/about.json?raw_json=1");
+			display = json(path, true).await;
+			match &display {
+				Ok(display) => display["data"]["display_name"].as_str(),
+				Err(_) => None,
+			}
+			.unwrap_or(part)
 		};

 		// Modify sub list based on action
@ -252,36 +349,109 @@ pub async fn subscriptions_filters(req: Request<Body>) -> Result<Response<Body>,

 	// Redirect back to subreddit
 	// check for redirect parameter if unsubscribing/unfiltering from outside sidebar
-	let path = if let Some(redirect_path) = param(&format!("?{}", query), "redirect") {
-		format!("/{}/", redirect_path)
+	let path = if let Some(redirect_path) = param(&format!("?{query}"), "redirect") {
+		format!("/{redirect_path}")
 	} else {
-		format!("/r/{}", sub)
+		format!("/r/{sub}")
 	};

-	let mut response = redirect(path);
+	let mut response = redirect(&path);

-	// Delete cookie if empty, else set
+	// If sub_list is empty remove all subscriptions cookies, otherwise update them and remove old ones
 	if sub_list.is_empty() {
+		// Remove subscriptions cookie
 		response.remove_cookie("subscriptions".to_string());
+
+		// Start with first numbered subscriptions cookie
+		let mut subscriptions_number = 1;
+
+		// While whatever subscriptionsNUMBER cookie we're looking at has a value
+		while req.cookie(&format!("subscriptions{}", subscriptions_number)).is_some() {
+			// Remove that subscriptions cookie
+			response.remove_cookie(format!("subscriptions{}", subscriptions_number));
+
+			// Increment subscriptions cookie number
+			subscriptions_number += 1;
+		}
 	} else {
-		response.insert_cookie(
-			Cookie::build("subscriptions", sub_list.join("+"))
-				.path("/")
-				.http_only(true)
-				.expires(OffsetDateTime::now_utc() + Duration::weeks(52))
-				.finish(),
-		);
+		// Start at 0 to keep track of what number we need to start deleting old subscription cookies from
+		let mut subscriptions_number_to_delete_from = 0;
+
+		// Starting at 0 so we handle the subscription cookie without a number first
+		for (subscriptions_number, list) in join_until_size_limit(&sub_list).into_iter().enumerate() {
+			let subscriptions_cookie = if subscriptions_number == 0 {
+				"subscriptions".to_string()
+			} else {
+				format!("subscriptions{}", subscriptions_number)
+			};
+
+			response.insert_cookie(
+				Cookie::build((subscriptions_cookie, list))
+					.path("/")
+					.http_only(true)
+					.expires(OffsetDateTime::now_utc() + Duration::weeks(52))
+					.into(),
+			);
+
+			subscriptions_number_to_delete_from += 1;
+		}
+
+		// While whatever subscriptionsNUMBER cookie we're looking at has a value
+		while req.cookie(&format!("subscriptions{}", subscriptions_number_to_delete_from)).is_some() {
+			// Remove that subscriptions cookie
+			response.remove_cookie(format!("subscriptions{}", subscriptions_number_to_delete_from));
+
+			// Increment subscriptions cookie number
+			subscriptions_number_to_delete_from += 1;
+		}
 	}
+
+	// If filters is empty remove all filters cookies, otherwise update them and remove old ones
 	if filters.is_empty() {
+		// Remove filters cookie
 		response.remove_cookie("filters".to_string());
+
+		// Start with first numbered filters cookie
+		let mut filters_number = 1;
+
+		// While whatever filtersNUMBER cookie we're looking at has a value
+		while req.cookie(&format!("filters{}", filters_number)).is_some() {
+			// Remove that filters cookie
+			response.remove_cookie(format!("filters{}", filters_number));
+
+			// Increment filters cookie number
+			filters_number += 1;
+		}
 	} else {
-		response.insert_cookie(
-			Cookie::build("filters", filters.join("+"))
-				.path("/")
-				.http_only(true)
-				.expires(OffsetDateTime::now_utc() + Duration::weeks(52))
-				.finish(),
-		);
+		// Start at 0 to keep track of what number we need to start deleting old filters cookies from
+		let mut filters_number_to_delete_from = 0;
+
+		for (filters_number, list) in join_until_size_limit(&filters).into_iter().enumerate() {
+			let filters_cookie = if filters_number == 0 {
+				"filters".to_string()
+			} else {
+				format!("filters{}", filters_number)
+			};
+
+			response.insert_cookie(
+				Cookie::build((filters_cookie, list))
+					.path("/")
+					.http_only(true)
+					.expires(OffsetDateTime::now_utc() + Duration::weeks(52))
+					.into(),
+			);
+
+			filters_number_to_delete_from += 1;
+		}
+
+		// While whatever filtersNUMBER cookie we're looking at has a value
+		while req.cookie(&format!("filters{}", filters_number_to_delete_from)).is_some() {
+			// Remove that filters cookie
+			response.remove_cookie(format!("filters{}", filters_number_to_delete_from));
+
+			// Increment filters cookie number
+			filters_number_to_delete_from += 1;
+		}
 	}

 	Ok(response)
@ -296,22 +466,22 @@ pub async fn wiki(req: Request<Body>) -> Result<Response<Body>, String> {
 	}

 	let page = req.param("page").unwrap_or_else(|| "index".to_string());
-	let path: String = format!("/r/{}/wiki/{}.json?raw_json=1", sub, page);
+	let path: String = format!("/r/{sub}/wiki/{page}.json?raw_json=1");
 	let url = req.uri().to_string();

 	match json(path, quarantined).await {
-		Ok(response) => template(WikiTemplate {
+		Ok(response) => Ok(template(&WikiTemplate {
 			sub,
 			wiki: rewrite_urls(response["data"]["content_html"].as_str().unwrap_or("<h3>Wiki not found</h3>")),
 			page,
-			prefs: Preferences::new(req),
+			prefs: Preferences::new(&req),
 			url,
-		}),
+		})),
 		Err(msg) => {
-			if msg == "quarantined" {
-				quarantine(req, sub)
+			if msg == "quarantined" || msg == "gated" {
+				Ok(quarantine(&req, sub, &msg))
 			} else {
-				error(req, msg).await
+				error(req, &msg).await
 			}
 		}
 	}
@ -327,29 +497,29 @@ pub async fn sidebar(req: Request<Body>) -> Result<Response<Body>, String> {
 	}

 	// Build the Reddit JSON API url
-	let path: String = format!("/r/{}/about.json?raw_json=1", sub);
+	let path: String = format!("/r/{sub}/about.json?raw_json=1");
 	let url = req.uri().to_string();

 	// Send a request to the url
 	match json(path, quarantined).await {
 		// If success, receive JSON in response
-		Ok(response) => template(WikiTemplate {
-			wiki: rewrite_urls(&val(&response, "description_html").replace("\\", "")),
+		Ok(response) => Ok(template(&WikiTemplate {
+			wiki: rewrite_urls(&val(&response, "description_html")),
 			// wiki: format!(
 			// 	"{}<hr><h1>Moderators</h1><br><ul>{}</ul>",
-			// 	rewrite_urls(&val(&response, "description_html").replace("\\", "")),
+			// 	rewrite_urls(&val(&response, "description_html"),
 			// 	moderators(&sub, quarantined).await.unwrap_or(vec!["Could not fetch moderators".to_string()]).join(""),
 			// ),
 			sub,
 			page: "Sidebar".to_string(),
-			prefs: Preferences::new(req),
+			prefs: Preferences::new(&req),
 			url,
-		}),
+		})),
 		Err(msg) => {
-			if msg == "quarantined" {
-				quarantine(req, sub)
+			if msg == "quarantined" || msg == "gated" {
+				Ok(quarantine(&req, sub, &msg))
 			} else {
-				error(req, msg).await
+				error(req, &msg).await
 			}
 		}
 	}
@ -392,7 +562,7 @@ pub async fn sidebar(req: Request<Body>) -> Result<Response<Body>, String> {
 // SUBREDDIT
 async fn subreddit(sub: &str, quarantined: bool) -> Result<Subreddit, String> {
 	// Build the Reddit JSON API url
-	let path: String = format!("/r/{}/about.json?raw_json=1", sub);
+	let path: String = format!("/r/{sub}/about.json?raw_json=1");

 	// Send a request to the url
 	let res = json(path, quarantined).await?;
@ -406,14 +576,85 @@ async fn subreddit(sub: &str, quarantined: bool) -> Result<Subreddit, String> {
 	let icon = if community_icon.is_empty() { val(&res, "icon_img") } else { community_icon.to_string() };

 	Ok(Subreddit {
-		name: esc!(&res, "display_name"),
-		title: esc!(&res, "title"),
-		description: esc!(&res, "public_description"),
-		info: rewrite_urls(&val(&res, "description_html").replace("\\", "")),
+		name: val(&res, "display_name"),
+		title: val(&res, "title"),
+		description: val(&res, "public_description"),
+		info: rewrite_urls(&val(&res, "description_html")),
 		// moderators: moderators_list(sub, quarantined).await.unwrap_or_default(),
 		icon: format_url(&icon),
 		members: format_num(members),
 		active: format_num(active),
 		wiki: res["data"]["wiki_enabled"].as_bool().unwrap_or_default(),
+		nsfw: res["data"]["over18"].as_bool().unwrap_or_default(),
 	})
 }
+
+pub async fn rss(req: Request<Body>) -> Result<Response<Body>, String> {
+	if config::get_setting("REDLIB_ENABLE_RSS").is_none() {
+		return Ok(error(req, "RSS is disabled on this instance.").await.unwrap_or_default());
+	}
+
+	use hyper::header::CONTENT_TYPE;
+	use rss::{ChannelBuilder, Item};
+
+	// Get subreddit
+	let sub = req.param("sub").unwrap_or_default();
+	let post_sort = req.cookie("post_sort").map_or_else(|| "hot".to_string(), |c| c.value().to_string());
+	let sort = req.param("sort").unwrap_or_else(|| req.param("id").unwrap_or(post_sort));
+
+	// Get path
+	let path = format!("/r/{sub}/{sort}.json?{}", req.uri().query().unwrap_or_default());
+
+	// Get subreddit data
+	let subreddit = subreddit(&sub, false).await?;
+
+	// Get posts
+	let (posts, _) = Post::fetch(&path, false).await?;
+
+	// Build the RSS feed
+	let channel = ChannelBuilder::default()
+		.title(&subreddit.title)
+		.description(&subreddit.description)
+		.items(
+			posts
+				.into_iter()
+				.map(|post| Item {
+					title: Some(post.title.to_string()),
+					link: Some(format_url(&utils::get_post_url(&post))),
+					author: Some(post.author.name),
+					content: Some(rewrite_urls(&decode_html(&post.body).unwrap())),
+					pub_date: Some(DateTime::from_timestamp(post.created_ts as i64, 0).unwrap_or_default().to_rfc2822()),
+					description: Some(format!(
+						"<a href='{}{}'>Comments</a>",
+						config::get_setting("REDLIB_FULL_URL").unwrap_or_default(),
+						post.permalink
+					)),
+					..Default::default()
+				})
+				.collect::<Vec<_>>(),
+		)
+		.build();
+
+	// Serialize the feed to RSS
+	let body = channel.to_string().into_bytes();
+
+	// Create the HTTP response
+	let mut res = Response::new(Body::from(body));
+	res.headers_mut().insert(CONTENT_TYPE, hyper::header::HeaderValue::from_static("application/rss+xml"));
+
+	Ok(res)
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_fetching_subreddit() {
+	let subreddit = subreddit("rust", false).await;
+	assert!(subreddit.is_ok());
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_gated_and_quarantined() {
+	let quarantined = subreddit("edgy", true).await;
+	assert!(quarantined.is_ok());
+	let gated = subreddit("drugs", true).await;
+	assert!(gated.is_ok());
+}
--- a/src/user.rs
+++ b/src/user.rs
@ -1,75 +1,107 @@
+#![allow(clippy::cmp_owned)]
+
 // CRATES
 use crate::client::json;
-use crate::esc;
 use crate::server::RequestExt;
-use crate::utils::{error, filter_posts, format_url, get_filters, param, template, Post, Preferences, User};
-use askama::Template;
+use crate::utils::{error, filter_posts, format_url, get_filters, nsfw_landing, param, setting, template, Post, Preferences, User};
+use crate::{config, utils};
+use chrono::DateTime;
+use htmlescape::decode_html;
 use hyper::{Body, Request, Response};
-use time::OffsetDateTime;
+use rinja::Template;
+use time::{macros::format_description, OffsetDateTime};

 // STRUCTS
 #[derive(Template)]
-#[template(path = "user.html", escape = "none")]
+#[template(path = "user.html")]
 struct UserTemplate {
 	user: User,
 	posts: Vec<Post>,
 	sort: (String, String),
 	ends: (String, String),
+	/// "overview", "comments", or "submitted"
+	listing: String,
 	prefs: Preferences,
 	url: String,
+	redirect_url: String,
 	/// Whether the user themself is filtered.
 	is_filtered: bool,
 	/// Whether all fetched posts are filtered (to differentiate between no posts fetched in the first place,
 	/// and all fetched posts being filtered).
 	all_posts_filtered: bool,
+	/// Whether all posts were hidden because they are NSFW (and user has disabled show NSFW)
+	all_posts_hidden_nsfw: bool,
+	no_posts: bool,
 }

 // FUNCTIONS
 pub async fn profile(req: Request<Body>) -> Result<Response<Body>, String> {
+	let listing = req.param("listing").unwrap_or_else(|| "overview".to_string());
+
 	// Build the Reddit JSON API path
 	let path = format!(
-		"/user/{}.json?{}&raw_json=1",
+		"/user/{}/{listing}.json?{}&raw_json=1",
 		req.param("name").unwrap_or_else(|| "reddit".to_string()),
-		req.uri().query().unwrap_or_default()
+		req.uri().query().unwrap_or_default(),
 	);
 	let url = String::from(req.uri().path_and_query().map_or("", |val| val.as_str()));
+	let redirect_url = url[1..].replace('?', "%3F").replace('&', "%26");

-	// Retrieve other variables from Libreddit request
+	// Retrieve other variables from Redlib request
 	let sort = param(&path, "sort").unwrap_or_default();
 	let username = req.param("name").unwrap_or_default();
+
+	// Retrieve info from user about page.
 	let user = user(&username).await.unwrap_or_default();

+	let req_url = req.uri().to_string();
+	// Return landing page if this post if this Reddit deems this user NSFW,
+	// but we have also disabled the display of NSFW content or if the instance
+	// is SFW-only.
+	if user.nsfw && crate::utils::should_be_nsfw_gated(&req, &req_url) {
+		return Ok(nsfw_landing(req, req_url).await.unwrap_or_default());
+	}
+
 	let filters = get_filters(&req);
 	if filters.contains(&["u_", &username].concat()) {
-		template(UserTemplate {
+		Ok(template(&UserTemplate {
 			user,
 			posts: Vec::new(),
 			sort: (sort, param(&path, "t").unwrap_or_default()),
-			ends: (param(&path, "after").unwrap_or_default(), "".to_string()),
-			prefs: Preferences::new(req),
+			ends: (param(&path, "after").unwrap_or_default(), String::new()),
+			listing,
+			prefs: Preferences::new(&req),
 			url,
+			redirect_url,
 			is_filtered: true,
 			all_posts_filtered: false,
-		})
+			all_posts_hidden_nsfw: false,
+			no_posts: false,
+		}))
 	} else {
 		// Request user posts/comments from Reddit
 		match Post::fetch(&path, false).await {
 			Ok((mut posts, after)) => {
-				let all_posts_filtered = filter_posts(&mut posts, &filters);
-
-				template(UserTemplate {
+				let (_, all_posts_filtered) = filter_posts(&mut posts, &filters);
+				let no_posts = posts.is_empty();
+				let all_posts_hidden_nsfw = !no_posts && (posts.iter().all(|p| p.flags.nsfw) && setting(&req, "show_nsfw") != "on");
+				Ok(template(&UserTemplate {
 					user,
 					posts,
 					sort: (sort, param(&path, "t").unwrap_or_default()),
 					ends: (param(&path, "after").unwrap_or_default(), after),
-					prefs: Preferences::new(req),
+					listing,
+					prefs: Preferences::new(&req),
 					url,
+					redirect_url,
 					is_filtered: false,
 					all_posts_filtered,
-				})
+					all_posts_hidden_nsfw,
+					no_posts,
+				}))
 			}
 			// If there is an error show error page
-			Err(msg) => error(req, msg).await,
+			Err(msg) => error(req, &msg).await,
 		}
 	}
 }
@ -77,12 +109,13 @@ pub async fn profile(req: Request<Body>) -> Result<Response<Body>, String> {
 // USER
 async fn user(name: &str) -> Result<User, String> {
 	// Build the Reddit JSON API path
-	let path: String = format!("/user/{}/about.json?raw_json=1", name);
+	let path: String = format!("/user/{name}/about.json?raw_json=1");

 	// Send a request to the url
 	json(path, false).await.map(|res| {
 		// Grab creation date as unix timestamp
-		let created: i64 = res["data"]["created"].as_f64().unwrap_or(0.0).round() as i64;
+		let created_unix = res["data"]["created"].as_f64().unwrap_or(0.0).round() as i64;
+		let created = OffsetDateTime::from_unix_timestamp(created_unix).unwrap_or(OffsetDateTime::UNIX_EPOCH);

 		// Closure used to parse JSON from Reddit APIs
 		let about = |item| res["data"]["subreddit"][item].as_str().unwrap_or_default().to_string();
@ -90,12 +123,71 @@ async fn user(name: &str) -> Result<User, String> {
 		// Parse the JSON output into a User struct
 		User {
 			name: res["data"]["name"].as_str().unwrap_or(name).to_owned(),
-			title: esc!(about("title")),
+			title: about("title"),
 			icon: format_url(&about("icon_img")),
 			karma: res["data"]["total_karma"].as_i64().unwrap_or(0),
-			created: OffsetDateTime::from_unix_timestamp(created).format("%b %d '%y"),
-			banner: esc!(about("banner_img")),
+			created: created.format(format_description!("[month repr:short] [day] '[year repr:last_two]")).unwrap_or_default(),
+			banner: about("banner_img"),
 			description: about("public_description"),
+			nsfw: res["data"]["subreddit"]["over_18"].as_bool().unwrap_or_default(),
 		}
 	})
 }
+
+pub async fn rss(req: Request<Body>) -> Result<Response<Body>, String> {
+	if config::get_setting("REDLIB_ENABLE_RSS").is_none() {
+		return Ok(error(req, "RSS is disabled on this instance.").await.unwrap_or_default());
+	}
+	use crate::utils::rewrite_urls;
+	use hyper::header::CONTENT_TYPE;
+	use rss::{ChannelBuilder, Item};
+
+	// Get user
+	let user_str = req.param("name").unwrap_or_default();
+
+	let listing = req.param("listing").unwrap_or_else(|| "overview".to_string());
+
+	// Get path
+	let path = format!("/user/{user_str}/{listing}.json?{}&raw_json=1", req.uri().query().unwrap_or_default(),);
+
+	// Get user
+	let user_obj = user(&user_str).await.unwrap_or_default();
+
+	// Get posts
+	let (posts, _) = Post::fetch(&path, false).await?;
+
+	// Build the RSS feed
+	let channel = ChannelBuilder::default()
+		.title(user_str)
+		.description(user_obj.description)
+		.items(
+			posts
+				.into_iter()
+				.map(|post| Item {
+					title: Some(post.title.to_string()),
+					link: Some(format_url(&utils::get_post_url(&post))),
+					author: Some(post.author.name),
+					pub_date: Some(DateTime::from_timestamp(post.created_ts as i64, 0).unwrap_or_default().to_rfc2822()),
+					content: Some(rewrite_urls(&decode_html(&post.body).unwrap())),
+					..Default::default()
+				})
+				.collect::<Vec<_>>(),
+		)
+		.build();
+
+	// Serialize the feed to RSS
+	let body = channel.to_string().into_bytes();
+
+	// Create the HTTP response
+	let mut res = Response::new(Body::from(body));
+	res.headers_mut().insert(CONTENT_TYPE, hyper::header::HeaderValue::from_static("application/rss+xml"));
+
+	Ok(res)
+}
+
+#[tokio::test(flavor = "multi_thread")]
+async fn test_fetching_user() {
+	let user = user("spez").await;
+	assert!(user.is_ok());
+	assert!(user.unwrap().karma > 100);
+}
--- a/src/utils.rs
+++ b/src/utils.rs
--- a/static/apple-touch-icon.png
+++ b/static/apple-touch-icon.png
--- a/static/check_update.js
+++ b/static/check_update.js
@ -0,0 +1,58 @@
+async function checkInstanceUpdateStatus() {
+    try {
+        const response = await fetch('/commits.atom');
+        const text = await response.text();
+        const parser = new DOMParser();
+        const xmlDoc = parser.parseFromString(text, "application/xml");
+        const entries = xmlDoc.getElementsByTagName('entry');
+        const localCommit = document.getElementById('git_commit').dataset.value;
+
+        let statusMessage = '';
+
+        if (entries.length > 0) {
+            const commitHashes = Array.from(entries).map(entry => {
+                const id = entry.getElementsByTagName('id')[0].textContent;
+                return id.split('/').pop();
+            });
+
+            const commitIndex = commitHashes.indexOf(localCommit);
+
+            if (commitIndex === 0) {
+                statusMessage = '✅ Instance is up to date.';
+            } else if (commitIndex > 0) {
+                statusMessage = `⚠️ This instance is not up to date and is ${commitIndex} commits old. Test and confirm on an up-to-date instance before reporting.`;
+                document.getElementById('error-318').remove();
+            } else {
+                statusMessage = `⚠️ This instance is not up to date and is at least ${commitHashes.length} commits old. Test and confirm on an up-to-date instance before reporting.`;
+                document.getElementById('error-318').remove();
+            }
+        } else {
+            statusMessage = '⚠️ Unable to fetch commit information.';
+        }
+
+        document.getElementById('update-status').innerText = statusMessage;
+    } catch (error) {
+        console.error('Error fetching commits:', error);
+        document.getElementById('update-status').innerText = '⚠️ Error checking update status: ' + error;
+    }
+}
+
+async function checkOtherInstances() {
+    try {
+        const response = await fetch('/instances.json');
+        const data = await response.json();
+        const randomInstance = data.instances[Math.floor(Math.random() * data.instances.length)];
+        const instanceUrl = randomInstance.url;
+        // Set the href of the <a> tag to the instance URL with path included
+        document.getElementById('random-instance').href = instanceUrl + window.location.pathname;
+        document.getElementById('random-instance').innerText = "Visit Random Instance";
+    } catch (error) {
+        console.error('Error fetching instances:', error);
+        document.getElementById('update-status').innerText = '⚠️ Error checking other instances: ' + error;
+    }
+}
+
+// Set the target URL when the page loads
+window.addEventListener('load', checkOtherInstances);
+
+checkInstanceUpdateStatus();
--- a/static/copy.js
+++ b/static/copy.js
@ -0,0 +1,9 @@
+async function copy() {
+    await navigator.clipboard.writeText(document.getElementById('bincode_str').value);
+}
+
+async function set_listener() {
+    document.getElementById('copy').addEventListener('click', copy);
+}
+
+window.addEventListener('load', set_listener);
--- a/static/favicon.ico
+++ b/static/favicon.ico
--- a/static/favicon.png
+++ b/static/favicon.png
--- a/static/highlighted.js
+++ b/static/highlighted.js
@ -0,0 +1 @@
+document.querySelector('#commentQueryForms').scrollIntoView();
--- a/static/hls.min.js
+++ b/static/hls.min.js
--- a/static/logo.png
+++ b/static/logo.png
--- a/static/logo.svg
+++ b/static/logo.svg
@ -0,0 +1,7 @@
+<svg version="1.1" viewBox="0 0 512 512" xmlns="http://www.w3.org/2000/svg">
+  <g transform="matrix(1 0 0 -1 0 512)">
+    <circle cx="256" cy="256" r="256" fill="#1a1a1a"/>
+    <path d="M144,96 v320 h224 v-70 h-152 V96 z" fill="#d54455"/>
+    <path d="M240,96 v226 h70 v-156 h58 V96 z" fill="#f9f9f9"/>
+  </g>
+</svg>
--- a/static/manifest.json
+++ b/static/manifest.json
@ -1,10 +1,11 @@
 {
-	"name": "Libreddit",
-	"short_name": "Libreddit",
+	"name": "Redlib",
+	"short_name": "Redlib",
 	"display": "standalone",
 	"background_color": "#1f1f1f",
 	"description": "An alternative private front-end to Reddit",
 	"theme_color": "#1f1f1f",
+	"start_url": "/",
 	"icons": [
 		{
 			"src": "logo.png",
@ -20,4 +21,4 @@
 			"sizes": "32x32"
 		}
 	]
-}
+}
--- a/static/opensearch.xml
+++ b/static/opensearch.xml
@ -0,0 +1,11 @@
+<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/"
+                       xmlns:moz="http://www.mozilla.org/2006/browser/search/">
+  <ShortName>Search Redlib</ShortName>
+  <Description>Search for whatever you want on Redlib, awesome Reddit frontend</Description>
+  <InputEncoding>UTF-8</InputEncoding>
+  <Image width="32" height="32" type="image/x-icon">https://localhost:8080/favicon.ico</Image>
+  <Url type="text/html" template="https://localhost:8080/search">
+    <Param name="q" value="{searchTerms}"/>
+  </Url>
+  <moz:SearchForm>https://localhost:8080/search</moz:SearchForm>
+</OpenSearchDescription>
--- a/static/playHLSVideo.js
+++ b/static/playHLSVideo.js
@ -1,5 +1,7 @@
 // @license http://www.gnu.org/licenses/agpl-3.0.html AGPL-3.0
 (function () {
+    const configElement = document.getElementById('video_quality');
+    const qualitySetting = configElement.getAttribute('data-value');
    if (Hls.isSupported()) {
        var videoSources = document.querySelectorAll("video source[type='application/vnd.apple.mpegurl']");
        videoSources.forEach(function (source) {
@ -9,7 +11,7 @@
            var autoplay = oldVideo.classList.contains("hls_autoplay");

            // If HLS is supported natively then don't use hls.js
-            if (oldVideo.canPlayType(source.type)) {
+            if (oldVideo.canPlayType(source.type) === "probably") {
                if (autoplay) {
                    oldVideo.play();
                }
@ -28,14 +30,36 @@

            oldVideo.parentNode.replaceChild(newVideo, oldVideo);

+            function getIndexOfDefault(length) {
+                switch (qualitySetting) {
+                    case 'best':
+                        return length - 1;
+                    case 'medium':
+                        return Math.floor(length / 2);
+                    case 'worst':
+                        return 0;
+                    default:
+                        return length - 1;
+                }
+            }
+
            function initializeHls() {
                newVideo.removeEventListener('play', initializeHls);
-
                var hls = new Hls({ autoStartLoad: false });
                hls.loadSource(playlist);
                hls.attachMedia(newVideo);
                hls.on(Hls.Events.MANIFEST_PARSED, function () {
-                    hls.loadLevel = hls.levels.length - 1;
+                    hls.loadLevel = getIndexOfDefault(hls.levels.length);
+                    var availableLevels = hls.levels.map(function(level) {
+                        return {
+                            height: level.height,
+                            width: level.width,
+                            bitrate: level.bitrate,
+                        };
+                    });
+
+                    addQualitySelector(newVideo, hls, availableLevels);
+
                    hls.startLoad();
                    newVideo.play();
                });
@ -61,6 +85,30 @@
                });
            }

+            function addQualitySelector(videoElement, hlsInstance, availableLevels) {
+                var qualitySelector = document.createElement('select');
+                qualitySelector.classList.add('quality-selector');
+                var defaultIndex = getIndexOfDefault(availableLevels.length);
+                availableLevels.forEach(function (level, index) {
+                    var option = document.createElement('option');
+                    option.value = index.toString();
+                    var bitrate = (level.bitrate / 1_000).toFixed(0);
+                    option.text = level.height + 'p (' + bitrate + ' kbps)';
+                    if (index === defaultIndex) {
+                        option.selected = "selected";
+                    }
+                    qualitySelector.appendChild(option);
+                });
+                qualitySelector.selectedIndex = defaultIndex;
+                qualitySelector.addEventListener('change', function () {
+                    var selectedIndex = qualitySelector.selectedIndex;
+                    hlsInstance.nextLevel = selectedIndex;
+                    hlsInstance.startLoad();
+                });
+
+                videoElement.parentNode.appendChild(qualitySelector);
+            }
+
            newVideo.addEventListener('play', initializeHls);

            if (autoplay) {
@ -74,4 +122,4 @@
        });
    }
 })();
-// @license-end
+// @license-end
--- a/static/style.css
+++ b/static/style.css
--- a/static/themes/black.css
+++ b/static/themes/black.css
@ -0,0 +1,14 @@
+/* Black theme setting */
+.black {
+	--accent: #bb2b3b;
+	--green: #00a229;
+	--text: white;
+	--foreground: #0f0f0f;
+	--background: black;
+	--outside: black;
+	--post: black;
+	--panel-border: 2px solid #0f0f0f;
+	--highlighted: #0f0f0f;
+	--visited: #aaa;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
--- a/static/themes/dark.css
+++ b/static/themes/dark.css
@ -0,0 +1,14 @@
+/* Dark theme setting */
+.dark{
+	--accent: #d54455;
+	--green: #5cff85;
+	--text: white;
+	--foreground: #222;
+	--background: #0f0f0f;
+	--outside: #1f1f1f;
+	--post: #161616;
+	--panel-border: 1px solid #333;
+	--highlighted: #333;
+	--visited: #aaa;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.5);
+}
--- a/static/themes/doomone.css
+++ b/static/themes/doomone.css
@ -0,0 +1,13 @@
+.doomone {
+	--accent: #51afef;
+	--green: #00a229;
+	--text: #bbc2cf;
+	--foreground: #3d4148;
+	--background: #282c34;
+	--outside: #52565c;
+	--post: #24272e;
+	--panel-border: 2px solid #52565c;
+	--highlighted: #686b70;
+	--visited: #969692;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
--- a/static/themes/dracula.css
+++ b/static/themes/dracula.css
@ -0,0 +1,14 @@
+/* Dracula theme setting */
+.dracula {
+	--accent: #bd93f9;
+	--green: #50fa7b;
+	--text: #f8f8f2;
+	--foreground: #3d4051;
+	--background: #282a36;
+	--outside: #393c4d;
+	--post: #333544;
+	--panel-border: 2px solid #44475a;
+	--highlighted: #4e5267;
+	--visited: #969692;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
--- a/static/themes/gold.css
+++ b/static/themes/gold.css
@ -0,0 +1,14 @@
+/* Gold theme setting */
+.gold {
+	--accent: #f2aa4c;
+	--green: #5cff85;
+	--text: white;
+	--foreground: #234;
+	--background: #101820;
+	--outside: #1b2936;
+	--post: #1b2936;
+	--panel-border: 0px solid black;
+	--highlighted: #234;
+	--visited: #aaa;
+	--shadow: 0 2px 5px rgba(0, 0, 0, 0.5);
+}
--- a/static/themes/gruvboxdark.css
+++ b/static/themes/gruvboxdark.css
@ -0,0 +1,13 @@
+/* Gruvbox-Dark theme setting */
+.gruvboxdark {
+	--accent: #8ec07c;
+	--green: #b8bb26;
+	--text: #ebdbb2;
+	--foreground: #3c3836;
+	--background: #282828;
+	--outside: #3c3836;
+	--post: #3c3836;
+	--panel-border: 1px solid #504945;
+	--highlighted: #282828;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.5);
+}
--- a/static/themes/gruvboxlight.css
+++ b/static/themes/gruvboxlight.css
@ -0,0 +1,18 @@
+/* Gruvbox-Light theme setting */
+.gruvboxlight {
+	--accent: #427b58;
+	--green: #79740e;
+	--text: #3c3836;
+	--foreground: #ebdbb2;
+	--background: #fbf1c7;
+	--outside: #ebdbb2;
+	--post: #ebdbb2;
+	--panel-border: 1px solid #d5c4a1;
+	--highlighted: #fbf1c7;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.25);
+}
+
+html:has(> .gruvboxlight) {
+	/* Hint color theme to browser for scrollbar */
+	color-scheme: light;
+}
--- a/static/themes/icebergDark.css
+++ b/static/themes/icebergDark.css
@ -0,0 +1,14 @@
+/* icebergDark theme setting */
+.icebergDark {
+	--accent: #85a0c7;
+	--green: #b5bf82;
+	--text: #c6c8d1;
+	--foreground: #454d73;
+	--background: #161821;
+	--outside: #1f2233;
+	--post: #1f2233;
+	--panel-border: 1px solid #454d73;
+	--highlighted: #0f1117;
+	--visited: #0f1117;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.5);
+}
--- a/static/themes/laserwave.css
+++ b/static/themes/laserwave.css
@ -0,0 +1,14 @@
+/* Laserwave theme setting */
+.laserwave {
+	--accent: #eb64b9;
+	--green: #74dfc4;
+	--text: #e0dfe1;
+	--foreground: #302a36;
+	--background: #27212e;
+	--outside: #3e3647;
+	--post: #3e3647;
+	--panel-border: 2px solid #2f2738;
+	--highlighted: #302a36;
+	--visited: #91889b;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
--- a/static/themes/libredditBlack.css
+++ b/static/themes/libredditBlack.css
@ -0,0 +1,14 @@
+/* Libreddit black theme setting */
+.libredditBlack {
+	--accent: #009a9a;
+	--green: #00a229;
+	--text: white;
+	--foreground: #0f0f0f;
+	--background: black;
+	--outside: black;
+	--post: black;
+	--panel-border: 2px solid #0f0f0f;
+	--highlighted: #0f0f0f;
+	--visited: #aaa;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
--- a/static/themes/libredditDark.css
+++ b/static/themes/libredditDark.css
@ -0,0 +1,14 @@
+/* Libreddit dark theme setting */
+.libredditDark{
+	--accent: aqua;
+	--green: #5cff85;
+	--text: white;
+	--foreground: #222;
+	--background: #0f0f0f;
+	--outside: #1f1f1f;
+	--post: #161616;
+	--panel-border: 1px solid #333;
+	--highlighted: #333;
+	--visited: #aaa;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.5);
+}
--- a/static/themes/libredditLight.css
+++ b/static/themes/libredditLight.css
@ -0,0 +1,19 @@
+/* Libreddit light theme setting */
+.libredditLight {
+	--accent: #009a9a;
+	--green: #00a229;
+	--text: black;
+	--foreground: #f5f5f5;
+	--background: #ddd;
+	--outside: #ececec;
+	--post: #eee;
+	--panel-border: 1px solid #ccc;
+	--highlighted: white;
+	--visited: #555;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
+
+html:has(> .libredditLight) {
+  /* Hint color theme to browser for scrollbar */
+  color-scheme: light;
+}
--- a/static/themes/light.css
+++ b/static/themes/light.css
@ -0,0 +1,19 @@
+/* Light theme setting */
+.light {
+	--accent: #bb2b3b;
+	--green: #00a229;
+	--text: black;
+	--foreground: #f5f5f5;
+	--background: #ddd;
+	--outside: #ececec;
+	--post: #eee;
+	--panel-border: 1px solid #ccc;
+	--highlighted: white;
+	--visited: #555;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
+
+html:has(> .light) {
+  /* Hint color theme to browser for scrollbar */
+  color-scheme: light;
+}
--- a/static/themes/midnightPurple.css
+++ b/static/themes/midnightPurple.css
@ -0,0 +1,14 @@
+/* midnightpurple theme setting */
+.midnightPurple{
+	--accent: #be6ede;
+	--green: #268F02;
+	--text: white;
+	--foreground: #222;
+	--background: #000000;
+	--outside: #1f1f1f;
+	--post: #000000;
+	--panel-border: 1px solid #4E1764;
+	--highlighted: #333;
+	--visited: #aaa;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.5);
+}
--- a/static/themes/nord.css
+++ b/static/themes/nord.css
@ -0,0 +1,14 @@
+/* Nord theme setting */
+.nord {
+	--accent: #8fbcbb; 
+	--green: #a3be8c;
+	--text: #eceff4;
+	--foreground: #3b4252;
+	--background: #2e3440;
+	--outside: #434c5e;
+	--post: #434c5e;
+	--panel-border: 2px solid #4c566a;
+	--highlighted: #3b4252;
+	--visited: #a3a5aa;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
+}
--- a/static/themes/rosebox.css
+++ b/static/themes/rosebox.css
@ -0,0 +1,13 @@
+/* Rosebox theme setting */
+.rosebox {
+	--accent: #a57562;
+	--green: #a3be8c;
+	--text: white;
+	--foreground: #222;
+	--background: #262626;
+	--outside: #222;
+	--post: #222;
+	--panel-border: 1px solid #222;
+	--highlighted: #262626;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.5);
+}
--- a/static/themes/tokyoNight.css
+++ b/static/themes/tokyoNight.css
@ -0,0 +1,14 @@
+/* Tokyo Night theme setting */
+.tokyoNight {
+	--accent: #565f89;
+	--green: #73daca;
+	--text: #a9b1d6;
+	--foreground: #24283b;
+	--background: #1a1b26;
+	--outside: #24283b;
+	--post: #1a1b26;
+	--panel-border: 1px solid #a9b1d6;
+	--highlighted: #414868;
+	--visited: #414868;
+	--shadow: 0 1px 3px rgba(0, 0, 0, 0.5);
+}
--- a/static/themes/violet.css
+++ b/static/themes/violet.css
@ -0,0 +1,14 @@
+/* Violet theme setting */
+.violet {
+	--accent: #7c71dd;
+	--green: #5cff85;
+	--text: white;
+	--foreground: #1F2347;
+	--background: #12152b;
+	--outside: #181c3a;
+	--post: #181c3a;
+	--panel-border: 1px solid #1F2347;
+	--highlighted: #1F2347;
+	--visited: #aaa;
+	--shadow: 0 2px 5px rgba(0, 0, 0, 0.5);
+}
--- a/templates/base.html
+++ b/templates/base.html
@ -1,46 +1,60 @@
+{% import "utils.html" as utils %}
+
 <!DOCTYPE html>
-<html lang="en">
+<html lang="en" class="{% if prefs.fixed_navbar == "on" %}fixed_navbar{% endif %}">
 	<head>
 		{% block head %}
-		<title>{% block title %}Libreddit{% endblock %}</title>
+		<title>{% block title %}Redlib{% endblock %}</title>
 		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-		<meta name="description" content="View on Libreddit, an alternative private front-end to Reddit.">
+		<meta name="description" content="View on Redlib, an alternative private front-end to Reddit.">
 		<meta name="viewport" content="width=device-width, initial-scale=1.0">
+		{% if crate::utils::disable_indexing() %}
+		<meta name="robots" content="noindex, nofollow">
+		{% endif %}
 		<!-- General PWA -->
 		<meta name="theme-color" content="#1F1F1F">
 		<!-- iOS Application -->
-		<meta name="apple-mobile-web-app-title" content="Libreddit">
+		<meta name="apple-mobile-web-app-title" content="Redlib">
 		<meta name="apple-mobile-web-app-capable" content="yes">
 		<meta name="apple-mobile-web-app-status-bar-style" content="default">
 		<!-- Android -->
 		<meta name="mobile-web-app-capable" content="yes">
 		<!-- iOS Logo -->
 		<link href="/touch-icon-iphone.png" rel="apple-touch-icon">
+		<!-- OpenSearch description file -->
+		<link rel="search" type="application/opensearchdescription+xml" title="Search Redlib" href="/opensearch.xml">
 		<!-- PWA Manifest -->
 		<link rel="manifest" type="application/json" href="/manifest.json">
 		<link rel="shortcut icon" type="image/x-icon" href="/favicon.ico"> 
-		<link rel="stylesheet" type="text/css" href="/style.css">
+		<link rel="stylesheet" type="text/css" href="/style.css?v={{ env!("CARGO_PKG_VERSION") }}">
+		<!-- Video quality -->
+		<div id="video_quality" data-value="{{ prefs.video_quality }}"></div>
 		{% endblock %}
 		</head>
 	<body class="
 		{% if prefs.layout != "" %}{{ prefs.layout }}{% endif %}
 		{% if prefs.wide == "on" %} wide{% endif %}
-		{% if prefs.theme != "system" %} {{ prefs.theme }}{% endif %}">
+		{% if prefs.theme != "system" %} {{ prefs.theme }}{% endif %}
+		{% if prefs.fixed_navbar == "on" %} fixed_navbar{% endif %}">
 		<!-- NAVIGATION BAR -->
-		<nav>
+		<nav class="
+			{% if prefs.fixed_navbar == "on" %} fixed_navbar{% endif %}">
 			<div id="logo">
-				<a id="libreddit" href="/"><span id="lib">lib</span><span id="reddit">reddit.</span></a>
-				<span id="version">v{{ env!("CARGO_PKG_VERSION") }}</span>
+				<a id="redlib" href="/"><span id="red">red</span><span id="lib">lib.</span></a>
 				{% block subscriptions %}{% endblock %}
 			</div>
 			{% block search %}{% endblock %}
 			<div id="links">
-				<a id="reddit_link" href="https://www.reddit.com{{ url }}" rel="nofollow">
+				<a id="reddit_link" {% if prefs.disable_visit_reddit_confirmation != "on" %}href="#popup"{% else %}href="https://www.reddit.com{{ url }}" rel="nofollow"{% endif %}>
 					<span>reddit</span>
 					<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-						<path d="M23 12.0737C23 10.7308 21.9222 9.64226 20.5926 9.64226C19.9435 9.64226 19.3557 9.90274 18.923 10.3244C17.2772 9.12492 15.0099 8.35046 12.4849 8.26135L13.5814 3.05002L17.1643 3.8195C17.2081 4.73947 17.9539 5.47368 18.8757 5.47368C19.8254 5.47368 20.5951 4.69626 20.5951 3.73684C20.5951 2.77769 19.8254 2 18.8758 2C18.2001 2 17.6214 2.39712 17.3404 2.96952L13.3393 2.11066C13.2279 2.08679 13.1116 2.10858 13.016 2.17125C12.9204 2.23393 12.8533 2.33235 12.8295 2.44491L11.6051 8.25987C9.04278 8.33175 6.73904 9.10729 5.07224 10.3201C4.63988 9.90099 4.05398 9.64226 3.40757 9.64226C2.0781 9.64226 1 10.7308 1 12.0737C1 13.0618 1.58457 13.9105 2.4225 14.2909C2.38466 14.5342 2.36545 14.78 2.36505 15.0263C2.36505 18.7673 6.67626 21.8 11.9945 21.8C17.3131 21.8 21.6243 18.7673 21.6243 15.0263C21.6243 14.7794 21.6043 14.5359 21.5678 14.2957C22.4109 13.9175 23 13.0657 23 12.0737Z"/>
+						<path d="M22 2L12 22"/>
+						<path d="M2 6.70587C3.33333 8.07884 3.33333 11.5971 3.33333 11.5971M3.33333 19.647V11.5971M3.33333 11.5971C3.33333 11.5971 5.125 7.47817 8 7.47817C10.875 7.47817 12 8.85114 12 8.85114"/>
 					</svg>
 				</a>
+				{% if prefs.disable_visit_reddit_confirmation != "on" %}
+					{% call utils::visit_reddit_confirmation(url) %}
+				{% endif %}
 				<a id="settings_link" href="/settings">
 					<span>settings</span>
 					<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
@ -48,13 +62,6 @@
 						<circle cx="12" cy="12" r="3"/><path d="M19.4 15a1.65 1.65 0 0 0 .33 1.82l.06.06a2 2 0 0 1 0 2.83 2 2 0 0 1-2.83 0l-.06-.06a1.65 1.65 0 0 0-1.82-.33 1.65 1.65 0 0 0-1 1.51V21a2 2 0 0 1-2 2 2 2 0 0 1-2-2v-.09A1.65 1.65 0 0 0 9 19.4a1.65 1.65 0 0 0-1.82.33l-.06.06a2 2 0 0 1-2.83 0 2 2 0 0 1 0-2.83l.06-.06a1.65 1.65 0 0 0 .33-1.82 1.65 1.65 0 0 0-1.51-1H3a2 2 0 0 1-2-2 2 2 0 0 1 2-2h.09A1.65 1.65 0 0 0 4.6 9a1.65 1.65 0 0 0-.33-1.82l-.06-.06a2 2 0 0 1 0-2.83 2 2 0 0 1 2.83 0l.06.06a1.65 1.65 0 0 0 1.82.33H9a1.65 1.65 0 0 0 1-1.51V3a2 2 0 0 1 2-2 2 2 0 0 1 2 2v.09a1.65 1.65 0 0 0 1 1.51 1.65 1.65 0 0 0 1.82-.33l.06-.06a2 2 0 0 1 2.83 0 2 2 0 0 1 0 2.83l-.06.06a1.65 1.65 0 0 0-.33 1.82V9a1.65 1.65 0 0 0 1.51 1H21a2 2 0 0 1 2 2 2 2 0 0 1-2 2h-.09a1.65 1.65 0 0 0-1.51 1z"/>
 					</svg>
 				</a>
-				<a id="code" href="https://github.com/spikecodes/libreddit">
-					<span>code</span>
-					<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-						<title>code</title>
-						<polyline points="16 18 22 12 16 6"/><polyline points="8 6 2 12 8 18"/>
-					</svg>
-				</a>
 			</div>
 		</nav>
 		
@ -65,5 +72,14 @@
 			{% endblock %}
 		</main>
 		{% endblock %}
+
+		<!-- FOOTER -->
+		{% block footer %}
+			<footer>
+				<div class="footer-buttons">
+					<p><span id="version">v{{ env!("CARGO_PKG_VERSION") }}&emsp;</span><a href="/info" title="View instance information">ⓘ View instance info</a>&emsp;<a href="https://github.com/redlib-org/redlib" title="View code on GitHub">&lt;&gt; Code</a></p>
+				</div>
+			</footer>
+		{% endblock %}
 	</body>
 </html>
--- a/templates/comment.html
+++ b/templates/comment.html
@ -1,26 +1,32 @@
 {% import "utils.html" as utils %}

 {% if kind == "more" && parent_kind == "t1" %}
-<a class="deeper_replies" href="{{ post_link }}{{ parent_id }}">&rarr; More replies</a>
+<a class="deeper_replies" href="{{ post_link }}{{ parent_id }}">&rarr; More replies ({{ more_count }})</a>
 {% else if kind == "t1" %}
 <div id="{{ id }}" class="comment">
 	<div class="comment_left">
-		<p class="comment_score" title="{{ score.1 }}">{{ score.0 }}</p>
-		<div class="line"></div>
+    <p class="comment_score" title="{{ score.1 }}">
+         {% if prefs.hide_score != "on" %}
+         {{ score.0 }}
+         {% else %}
+         &#x2022;
+         {% endif %}
+    </p>
+        <div class="line"></div>
 	</div>
 	<details class="comment_right" {% if !collapsed || highlighted %}open{% endif %}>
 		<summary class="comment_data">
 			{% if author.name != "[deleted]" %}
 				<a class="comment_author {{ author.distinguished }} {% if author.name == post_author %}op{% endif %}" href="/user/{{ author.name }}">u/{{ author.name }}</a>
 			{% else %}
-				<span class="comment_author">u/[deleted]</span>
+				<span class="comment_author {{ author.distinguished }}">u/[deleted]</span>
 			{% endif %}
 			{% if author.flair.flair_parts.len() > 0 %}
 				<small class="author_flair">{% call utils::render_flair(author.flair.flair_parts) %}</small>
 			{% endif %}
-			<a href="{{ post_link }}{{ id }}/?context=3" class="created" title="{{ created }}">{{ rel_time }}</a>
+			<a href="{{ post_link }}{{ id }}/?context=3#{{ id }}" class="created" title="{{ created }}">{{ rel_time }}</a>
 			{% if edited.0 != "".to_string() %}<span class="edited" title="{{ edited.1 }}">edited {{ edited.0 }}</span>{% endif %}
-			{% if !awards.is_empty() %}
+			{% if !awards.is_empty() && prefs.hide_awards != "on" %}
 			<span class="dot">&bull;</span>
 			{% for award in awards.clone() %}
 			<span class="award" title="{{ award.name }}">
@ -32,10 +38,10 @@
 		{% if is_filtered %}
 		<div class="comment_body_filtered {% if highlighted %}highlighted{% endif %}">(Filtered content)</div>
 		{% else %}
-		<div class="comment_body {% if highlighted %}highlighted{% endif %}">{{ body }}</div>
+		<div class="comment_body {% if highlighted %}highlighted{% endif %}">{{ body|safe }}</div>
 		{% endif %}
-		<blockquote class="replies">{% for c in replies -%}{{ c.render().unwrap() }}{%- endfor %}
-		</blockquote>
+		<blockquote class="replies">{% for c in replies -%}{{ c.render().unwrap()|safe }}{%- endfor %}
+		</bockquote>
 	</details>
 </div>
 {% endif %}
--- a/templates/duplicates.html
+++ b/templates/duplicates.html
@ -0,0 +1,113 @@
+{% extends "base.html" %}
+{% import "utils.html" as utils %}
+
+{% block title %}{{ post.title }} - r/{{ post.community }}{% endblock %}
+
+{% block search %}
+	{% call utils::search(["/r/", post.community.as_str()].concat(), "") %}
+{% endblock %}
+
+{% block root %}/r/{{ post.community }}{% endblock %}{% block location %}r/{{ post.community }}{% endblock %}
+{% block head %}
+	{% call super() %}
+{% endblock %}
+
+{% block subscriptions %}
+	{% call utils::sub_list(post.community.as_str()) %}
+{% endblock %}
+
+{% block content %}
+    <div id="column_one">
+		{% call utils::post(post) %}
+
+        <!-- DUPLICATES -->
+        {% if post.num_duplicates == 0 %}
+            <span class="listing_warn">(No duplicates found)</span>
+        {% else if post.flags.nsfw && prefs.show_nsfw != "on" %}
+            <span class="listing_warn">(Enable "Show NSFW posts" in <a href="/settings">settings</a> to show duplicates)</span>
+        {% else %}
+            <div id="duplicates_msg"><h3>Duplicates</h3></div>
+            {% if num_posts_filtered > 0 %}
+            <span class="listing_warn">
+                {% if all_posts_filtered %}
+                    (All posts have been filtered)
+                {% else %}
+                    (Some posts have been filtered)
+                {% endif %}
+            </span>
+            {% endif %}
+
+            <div id="sort">
+                <div id="sort_options">
+                    <a {% if params.sort.is_empty() || params.sort.eq("num_comments") %}class="selected"{% endif %} href="?sort=num_comments">
+                        Number of comments
+                    </a>
+                    <a {% if params.sort.eq("new") %}class="selected"{% endif %} href="?sort=new">
+                        New
+                    </a>
+                </div>
+            </div>
+
+            <div id="posts">
+            {% for post in duplicates -%}
+                {# TODO: utils::post should be reworked to permit a truncated display of a post as below #}
+                {% if !(post.flags.nsfw) || prefs.show_nsfw == "on" %}
+                <div class="post {% if post.flags.stickied %}stickied{% endif %}" id="{{ post.id }}">
+                        <p class="post_header">
+                            {% let community -%}
+                            {% if post.community.starts_with("u_") -%}
+                                {% let community = format!("u/{}", &post.community[2..]) -%}
+                            {% else -%}
+                                {% let community = format!("r/{}", post.community) -%}
+                            {% endif -%}
+                            <a class="post_subreddit" href="/r/{{ post.community }}">{{ post.community }}</a>
+                            <span class="dot">&bull;</span>
+                            <a class="post_author {{ post.author.distinguished }}" href="/u/{{ post.author.name }}">u/{{ post.author.name }}</a>
+                            <span class="dot">&bull;</span>
+                            <span class="created" title="{{ post.created }}">{{ post.rel_time }}</span>
+                            {% if !post.awards.is_empty() && prefs.hide_awards != "on" %}
+                                {% for award in post.awards.clone() %}
+                                <span class="award" title="{{ award.name }}">
+                                    <img alt="{{ award.name }}" src="{{ award.icon_url }}" width="16" height="16"/>
+                                </span>
+                                {% endfor %}
+                            {% endif %}
+                        </p>
+                        <h2 class="post_title">
+                            {% if post.flair.flair_parts.len() > 0 %}
+                                <a href="/r/{{ post.community }}/search?q=flair_name%3A%22{{ post.flair.text }}%22&restrict_sr=on"
+                                    class="post_flair"
+                                    style="color:{{ post.flair.foreground_color }}; background:{{ post.flair.background_color }};"
+                                    dir="ltr">{% call utils::render_flair(post.flair.flair_parts) %}</a>
+                            {% endif %}
+                            <a href="{{ post.permalink }}">{{ post.title }}</a>{% if post.flags.nsfw %} <small class="nsfw">NSFW</small>{% endif %}
+                        </h2>
+      
+                        <div class="post_score" title="{{ post.score.1 }}">
+                          {% if prefs.hide_score != "on" %}
+                          {{ post.score.0 }}
+                          {% else %}
+                          &#x2022;
+                          {% endif %}
+                        <span class="label"> Upvotes</span></div>
+                        <div class="post_footer">
+                            <a href="{{ post.permalink }}" class="post_comments" title="{{ post.comments.1 }} comments">{{ post.comments.0 }} comments</a>
+                        </div>
+
+                </div>
+                {% endif %}
+            {%- endfor %}
+            </div>
+
+            <footer>
+                {% if params.before != "" %}
+                <a href="?before={{ params.before }}{% if !params.sort.is_empty() %}&sort={{ params.sort }}{% endif %}" accesskey="P">PREV</a>
+                {% endif %}
+
+                {% if params.after != "" %}
+                <a href="?after={{ params.after }}{% if !params.sort.is_empty() %}&sort={{ params.sort }}{% endif %}" accesskey="N">NEXT</a>
+                {% endif %}
+            </footer>
+        {% endif %}
+    </div>
+{% endblock %}
--- a/templates/error.html
+++ b/templates/error.html
@ -2,8 +2,23 @@
 {% block title %}Error: {{ msg }}{% endblock %}
 {% block sortstyle %}{% endblock %}
 {% block content %}
-	<div id="error">
-		<h1>{{ msg }}</h1>
-		<h3>Head back <a href="/">home</a>?</h3>
-	</div>
-{% endblock %}
+<div id="error">
+	<h1>{{ msg }}</h1>
+	<h3><a href="https://www.redditstatus.com/">Reddit Status</a></h3>
+	<br />
+	<h3 id="update-status"></h3>
+	<br />
+	<h3 id="update-status"><a id="random-instance"></a></h3>
+	<br>
+	<div id="git_commit" data-value="{{ crate::instance_info::INSTANCE_INFO.git_commit }}"></div>
+	<script src="/check_update.js"></script>
+	
+	<h3>Expected something to work? <a
+			href="https://github.com/redlib-org/redlib/issues/new?assignees=&labels=bug&projects=&template=bug_report.md&title=%F0%9F%90%9B+Bug+Report%3A+{{ msg }}">Report
+			an issue</a></h3>
+	<br />
+	<p id="error-318">If you're getting a "Failed to parse page JSON data" error, please check <a href="https://github.com/redlib-org/redlib/issues/318" target="_blank">#318</a></p>
+	<br />
+	<h3>Head back <a href="/">home</a>?</h3>
+</div>
+{% endblock %}
--- a/templates/info.html
+++ b/templates/info.html
@ -0,0 +1,20 @@
+{% extends "base.html" %}
+{% import "utils.html" as utils %}
+
+{% block title %}Info: {{ msg }}{% endblock %}
+{% block sortstyle %}{% endblock %}
+
+{% block subscriptions %}
+	{% call utils::sub_list("") %}
+{% endblock %}
+
+{% block search %}
+	{% call utils::search("".to_owned(), "") %}
+{% endblock %}
+
+{% block content %}
+<div id="error">
+	<h2>{{ msg }}</h2>
+	<br />
+</div>
+{% endblock %}
--- a/templates/message.html
+++ b/templates/message.html
@ -0,0 +1,10 @@
+{% extends "base.html" %}
+{% block title %}{{ title }}{% endblock %}
+{% block sortstyle %}{% endblock %}
+{% block content %}
+	<div id="message">
+		<h1>{{ title }}</h1>
+		<br>
+		{{ body|safe }}
+	</div>
+{% endblock %}
--- a/templates/nsfwlanding.html
+++ b/templates/nsfwlanding.html
@ -0,0 +1,30 @@
+{% extends "base.html" %}
+{% block title %}NSFW content gated{% endblock %}
+{% block sortstyle %}{% endblock %}
+{% block content %}
+<div id="nsfw_landing">
+    <h1>
+        &#128561;
+        {% if res_type == crate::utils::ResourceType::Subreddit %}
+        r/{{ res }} is a NSFW community!
+        {% else if res_type == crate::utils::ResourceType::User %}
+        u/{{ res }}'s content is NSFW!
+        {% else if res_type == crate::utils::ResourceType::Post %}
+        This post is NSFW!
+        {% endif %}
+    </h1>
+    <br />
+
+    <p>
+        {% if crate::utils::sfw_only() %}
+        This instance of Redlib is SFW-only.</p>
+        {% else %}
+        Enable "Show NSFW posts" in <a href="/settings">settings</a> to view this {% if res_type == crate::utils::ResourceType::Subreddit %}subreddit{% else if res_type == crate::utils::ResourceType::User %}user's posts or comments{% else if res_type == crate::utils::ResourceType::Post %}post{% endif %}. <br>
+        {% if res_type == crate::utils::ResourceType::Post %} You can also temporarily bypass this gate and view the post by clicking on this <a href="{{url}}&bypass_nsfw_landing">link</a>.{% endif %}
+        {% endif %}
+    </p>
+</div>
+{% endblock %}
+{% block footer %}
+{% endblock %}
+
--- a/templates/post.html
+++ b/templates/post.html
@ -1,7 +1,13 @@
 {% extends "base.html" %}
 {% import "utils.html" as utils %}

-{% block title %}{{ post.title }} - r/{{ post.community }}{% endblock %}
+{% block title %}
+	{% if single_thread %}
+		{{ comments[0].author.name }} comments on {{ post.title }} - r/{{ post.community }}
+	{% else %}
+		{{ post.title }} - r/{{ post.community }}
+	{% endif %}
+{% endblock %}

 {% block search %}
 	{% call utils::search(["/r/", post.community.as_str()].concat(), "") %}
@ -13,16 +19,28 @@
 	<!-- Meta Tags -->
 	<meta name="author" content="u/{{ post.author.name }}">
 	<meta name="title" content="{{ post.title }} - r/{{ post.community }}">
-	<meta property="og:type" content="website">
-	<meta property="og:url" content="{{ post.permalink }}">
 	<meta property="og:title" content="{{ post.title }} - r/{{ post.community }}">
-	<meta property="og:description" content="View on Libreddit, an alternative private front-end to Reddit.">
-	<meta property="og:image" content="{{ post.thumbnail.url }}">
-	<meta property="twitter:card" content="summary_large_image">
+	<meta property="og:description" content="View on Redlib, an alternative private front-end to Reddit.">
+	<meta property="og:url" content="{{ post.permalink }}">
 	<meta property="twitter:url" content="{{ post.permalink }}">
 	<meta property="twitter:title" content="{{ post.title }} - r/{{ post.community }}">
-	<meta property="twitter:description" content="View on Libreddit, an alternative private front-end to Reddit.">
+	<meta property="twitter:description" content="View on Redlib, an alternative private front-end to Reddit.">
+	{% if post.post_type == "image" %}
+	<meta property="og:type" content="image">
+	<meta property="og:image" content="{{ post.thumbnail.url }}">
+	<meta property="twitter:card" content="summary_large_image">
 	<meta property="twitter:image" content="{{ post.thumbnail.url }}">
+	{% else if post.post_type == "video" || post.post_type == "gif" %}
+	<meta property="twitter:card" content="video">
+	<meta property="og:type" content="video">
+	<meta property="og:video" content="{{ post.media.url }}">
+	<meta property="og:video:type" content="video/mp4">
+	{% else %}
+	<meta property="og:type" content="website">
+	{% if single_thread %}
+	<script src="/highlighted.js" defer></script>
+	{% endif %}
+	{% endif %}
 {% endblock %}

 {% block subscriptions %}
@ -31,120 +49,47 @@

 {% block content %}
 	<div id="column_one">
-
-		<!-- POST CONTENT -->
-		<div class="post highlighted">
-			<p class="post_header">
-				<a class="post_subreddit" href="/r/{{ post.community }}">r/{{ post.community }}</a>
-				<span class="dot">&bull;</span>
-				<a class="post_author" href="/user/{{ post.author.name }}">u/{{ post.author.name }}</a>
-				{% if post.author.flair.flair_parts.len() > 0 %}
-					<small class="author_flair">{% call utils::render_flair(post.author.flair.flair_parts) %}</small>
-				{% endif %}
-				<span class="dot">&bull;</span>
-				<span class="created" title="{{ post.created }}">{{ post.rel_time }}</span>
-				{% if !post.awards.is_empty() %}
-				<span class="dot">&bull;</span>
-				<span class="awards">
-					{% for award in post.awards.clone() %}
-					<span class="award" title="{{ award.name }}">
-						<img alt="{{ award.name }}" src="{{ award.icon_url }}" width="16" height="16"/>
-						{{ award.count }}
-					</span>
-					{% endfor %}
-				</span>
-				{% endif %}
-			</p>
-			<p class="post_title">
-				<a href="{{ post.permalink }}">{{ post.title }}</a>
-				{% if post.flair.flair_parts.len() > 0 %}
-					<a href="/r/{{ post.community }}/search?q=flair_name%3A%22{{ post.flair.text }}%22&restrict_sr=on"
-						class="post_flair"
-						style="color:{{ post.flair.foreground_color }}; background:{{ post.flair.background_color }};">{% call utils::render_flair(post.flair.flair_parts) %}</a>
-				{% endif %}
-				{% if post.flags.nsfw %} <small class="nsfw">NSFW</small>{% endif %}
-			</p>
-
-			<!-- POST MEDIA -->
-			<!-- post_type: {{ post.post_type }} -->
-			{% if post.post_type == "image" %}
-			<a href="{{ post.media.url }}" class="post_media_image" >
-				<svg
-					width="{{ post.media.width }}px" 
-					height="{{ post.media.height }}px" 
-					xmlns="http://www.w3.org/2000/svg">
-						<image width="100%" height="100%" href="{{ post.media.url }}"/>
-						<desc>
-							<img loading="lazy" alt="Post image" src="{{ post.media.url }}"/>
-						</desc>
-				</svg>
-			</a>
-			{% else if post.post_type == "video" || post.post_type == "gif" %}
-			{% if prefs.use_hls == "on" && !post.media.alt_url.is_empty() %}
-			<script src="/hls.min.js"></script>
-			<video class="post_media_video short {% if prefs.autoplay_videos == "on" %}hls_autoplay{% endif %}" width="{{ post.media.width }}" height="{{ post.media.height }}" poster="{{ post.media.poster }}" preload="none" controls>
-				<source src="{{ post.media.alt_url }}" type="application/vnd.apple.mpegurl" />
-				<source src="{{ post.media.url }}" type="video/mp4" />
-			</video>
-			<script src="/playHLSVideo.js"></script>
-			{% else %}
-			<video class="post_media_video" src="{{ post.media.url }}" controls {% if prefs.autoplay_videos == "on" %}autoplay{% endif %} loop><a href={{ post.media.url }}>Video</a></video>
-			{% call utils::render_hls_notification(post.permalink[1..]) %}
-			{% endif %}
-			{% else if post.post_type == "gallery" %}
-			<div class="gallery">
-			{% for image in post.gallery -%}
-				<figure>
-					<a href="{{ image.url }}" ><img loading="lazy" alt="Gallery image" src="{{ image.url }}"/></a>
-					<figcaption>
-						<p>{{ image.caption }}</p>
-						{% if image.outbound_url.len() > 0 %}
-						<p><a class="outbound_url" href="{{ image.outbound_url }}" rel="nofollow">{{ image.outbound_url }}</a>
-						{% endif %}
-					</figcaption>
-				</figure>
-			{%- endfor %}
-			</div>			
-			{% else if post.post_type == "link" %}
-			<a id="post_url" href="{{ post.media.url }}" rel="nofollow">{{ post.media.url }}</a>
-			{% endif %}
-
-			<!-- POST BODY -->
-			<div class="post_body">{{ post.body }}</div>
-			<div class="post_score" title="{{ post.score.1 }}">{{ post.score.0 }}<span class="label"> Upvotes</span></div>
-			<div class="post_footer">
-				<ul id="post_links">
-					<li><a href="/{{ post.id }}">permalink</a></li>
-					<li><a href="https://reddit.com/{{ post.id }}" rel="nofollow">reddit</a></li>
-				</ul>
-				<p>{{ post.upvote_ratio }}% Upvoted</p>
-			</div>
-		</div>
+		{% call utils::post(post) %}

 		<!-- SORT FORM -->
+       <div id="commentQueryForms">
 		<form id="sort">
-			<select name="sort" title="Sort comments by"> 
+			<p id="comment_count">{{post.comments.0}} {% if post.comments.0 == "1" %}comment{% else %}comments{% endif %} <span id="sorted_by">sorted by </span></p>
+			<select name="sort" title="Sort comments by" id="commentSortSelect"> 
 				{% call utils::options(sort, ["confidence", "top", "new", "controversial", "old"], "confidence") %}
-			</select><button id="sort_submit" class="submit">
-				<svg width="15" viewBox="0 0 110 100" fill="none" stroke-width="10" stroke-linecap="round">
-					<path d="M20 50 H100" />
-					<path d="M75 15 L100 50 L75 85" />
-					&rarr;
-				</svg>
-			</button>
-		</form>
+      </select>
+        <button id="sort_submit" class="submit">
+          <svg width="15" viewBox="0 0 110 100" fill="none" stroke-width="10" stroke-linecap="round">
+              <path d="M20 50 H100" />
+              <path d="M75 15 L100 50 L75 85" />
+              &rarr;
+          </svg>
+      </button>
+      </form>
+      <!-- SEARCH FORM -->
+      <form id="sort">
+        <input id="search" class="commentQuery" type="search" name="q" value="{{ comment_query }}" placeholder="Search comments">
+        <input type="hidden" name="type" value="comment">
+      </form>
+      </div>
+  
+      <div>
+      {% if comment_query != "" %}
+      Comments containing "{{ comment_query }}"&nbsp;|&nbsp;<a id="allCommentsLink" href="{{ url_without_query }}">All comments</a>
+      {% endif %}
+      </div>

 		<!-- COMMENTS -->
 		{% for c in comments -%}
 		<div class="thread">
 			{% if single_thread %}
-			<p class="thread_nav"><a href="/{{ post.id }}">View all comments</a></p>
+			<p class="thread_nav"><a href="{{ post.permalink }}">View all comments</a></p>
 			{% if c.parent_kind == "t1" %}
 			<p class="thread_nav"><a href="?context=9999">Show parent comments</a></p>
 			{% endif %}
 			{% endif %}
 			
-			{{ c.render().unwrap() }}
+			{{ c.render().unwrap()|safe }}
 		</div>
 		{%- endfor %}

--- a/Show more
+++ b/Show more
				`@ -0,0 +1 @@`
				`document.querySelector('#commentQueryForms').scrollIntoView();`