Your comments

The counting doesn't distinguish between users. It just counts clicks per publication, where publications are identified using their bibbase-id constructed from author names, title, and year (the last part of the url when you click the "link" link). So no, it doesn't reset ever.

We just count the number of times users have clicked one of the links listed in the publication's url fields, which are rendered as little icons in the default style, e.g., for PDF.

Thanks for reporting this. It has been fixed now.

Thanks for sharing! We've looked these over and found that they do not apply to us, because the conditions described in these vulnerabilities are not met in our case (we do not compile templates from untrusted sources). So there doesn't seem to exist any urgency fixing these. It certainly doesn't hurt to upgrade these libraries and we will do so eventually.

Hi Hakase,

Sorry for the delayed response. Can you share more about the severity of the found vulnerability? Since BibBase is not showing anything sensitive or confidential -- quite the opposite actually -- I don't quite understand the possible damage a malicious actor could do based on these vulnerabilities. Did your IT support share more details?

Thanks,

Christian

Unfortunately we've been getting a lot of spam on this ticket specifically, so I'll disable commenting. I believe the upshot here is clear: this is something people want. If there is anything specific you want to say or add, please create a new ticket.

Hi Daniel,

If you are ok with enabling this behavior for all links on your page, not just the bibbase ones, then you can just add this to your page:  

<base target="_blank" />

(reference).

I don't think we currently have an option to enable it for the links generated by BibBase only.

Regarding the Extra content, if I use .bibbase_paper_content { display: none; }, I also hide the link icon and the abstract

Then I misunderstood by Extra content. Can you explain what it is you want to hide?


It looks like the bibtex format Zotero exposes via it's API doesn't include the links to the external PDFs you are using in those 2023 publications. Here is what we are receiving:

@article{uribe-arias_radial_2023,
  title = {Radial astrocyte synchronization modulates the visual system during behavioral-state transitions},
  copyright = {CC0 1.0 Universal Public Domain Dedication},
  issn = {1097-4199},
  url = {https://www.cell.com/neuron/abstract/S0896-6273(23)00709-2},
  doi = {10.1016/j.neuron.2023.09.022},
  abstract = {...},
  language = {eng},
  journal = {Neuron},
  author = {Uribe-Arias, Alejandro and Rozenblat, Rotem and Vinepinsky, Ehud and Marachlian, Emiliano and Kulkarni, Anirudh and Zada, David and Privat, Martin and Topsakalian, Diego and Charpy, Sarah and Candat, Virginie and Nourin, Sarah and Appelbaum, Lior and Sumbre, Germán},
  month = oct,
  year = {2023},
  pages = {S0896--6273(23)00709--2}
}


If you want more control and that's an option for you, you can always use a bibtex file directly as the data-source for BibBase, i.e., do without Zotero. That would allow you to link to your PDFs no matter where they are.




Thanks for the link. And not sure I understand your comment about "No Data". I see this when I open your page right now and it seems to be using Zotero:

Image 162

Getting back to the original question: which of these publications have an external PDF link in Zotero?