Home Services Wiki About 
A sandboxed, creative micro-social platform
Weboneko reimagines social media through intentional constraints and creative expression. Every post is a fully customizable HTML/CSS webpage with optional PanSpark scripting, rendered in a sandboxed iframe. It combines the creative freedom of early web culture with a modern safety net.
No algorithms, no followers, no recommendations. Just a single reverse-chronological feed where everyone shares the same space.
Users get a 256KB data budget per day, resetting at midnight UTC. This encourages intentional, thoughtful posts rather than endless scrolling and spam.
Posts are raw HTML and CSS — no templates, no character limits. Express yourself with the full power of the web, minus JavaScript.
No comments section. Responses are chained posts, giving every reply the same creative weight as the original.
Weboneko features a simple currency called Nibbles. Earn them through engagement — nibbling posts, hitting milestones, and daily login streaks. Spend them on cosmetics from the in-app shop: username styles, profile borders, sticker effects, and more.
Posts can include interactive scripts written in PanSpark, Weboneko's built-in programming language. With 40 virtual peripherals for counters, animations, canvas drawing, and persistent storage, users create tiny interactive experiences — all running securely inside sandboxed iframes without JavaScript access.
A built-in 32x32 pixel art editor with palette tools, mirroring, and undo. Users draw pixel art stickers and place them on any post at exact pixel coordinates. Additional sticker slots can be earned through activity or purchased with Nibbles. Stickers persist across posts and appear on user profiles as a showcase.
Spend earned Nibbles in the in-app shop on cosmetic items: username styles with gradients and glows, profile borders, background theme upgrades, and sticker visual effects. All cosmetics are applied client-side via CSS custom properties — no server-side re-rendering required. A live preview shows changes before purchase.
Every post can be remixed — create a derivative work that credits the original author. Each remix is a full HTML/CSS canvas building on someone else's creation. This encourages collaborative creativity rather than passive consumption.
An in-app notification system tracks meaningful interactions: when someone chains to your post, places a sticker, sends nibbles, or remixes your work. No vanity metrics, no engagement scores — just genuine creative exchanges.
A 3-column desktop layout with fixed sidebars and a scrollable feed center. An ambient Three.js wireframe starfield background creates a signal-station aesthetic. The dark amber-on-black palette paired with DynaPuff display type and IBM Plex Mono body type gives the platform a warm, handcrafted feel. Flat surfaces, 2px borders, and amber glow feedback on interaction.
A three-stage moderation pipeline keeps the platform safe, all running locally. First, a keyword blocklist catches obvious violations. Then, IBM Granite Guardian HAP 38M classifies text for hate, abuse, and profanity. Finally, Falconsai NSFW Image Detection checks embedded images. The system is fail-closed — if anything goes wrong, content is flagged for manual review rather than published. No data is sent to external services.
All user-generated content renders inside fully sandboxed iframes with zero JavaScript execution. Posts are sanitized server-side, stripping scripts, event handlers, and other attack vectors while preserving rich HTML5 and CSS creativity. Sessions use HMAC-SHA256 signed tokens, and passwords are hashed with Argon2id.