2014-12-04 UTC
lukebrooker, modem, tantek and gRegor` joined the channel
# 00:41 gRegor` Hello from Chicago HWC
arlen and KartikPrabhu joined the channel
tantek joined the channel
Pea1, shiflett, tantek, caseorganic, cmhobbs and verdi_ joined the channel
# 01:53 aaronpk just realized something... "___ is invited" shouldn't really be an h-entry with the person who is invited as the author, since that's not who created the post
# 01:54 aaronpk ok yeah nobody is putting the invitee as the author in the markup
# 01:55 aaronpk but common display conventions people are displying the invitees the same way they would a comment author
indie-visitor joined the channel
# 02:28 Loqi Welcome, indie-visitor! Set your nickname by typing /nick yourname
mdik_ and stream7 joined the channel
tantek joined the channel
# 02:43 aaronpk danny - no website yet, builds websites as a consultant
# 02:47 aaronpk bret.io - site is a static website using jekyll, because it's free to host.
# 02:48 aaronpk ...started a project last week to generate sparklines from other data sources like the Nest thermostat
# 02:49 aaronpk ...also thinking about making a service to convert youtube videos to mp3 podcasts to be able to listen to youtube videos offline
# 02:51 aaronpk tantek.com - in pdx this week for mozilla, put "http://tantek.com/contact.html" on his nametag
Pea1 joined the channel
# 02:53 aaronpk ...now working on adding a firefox "hello" icon so you can call his firefox OS phone from a browser via webrtc
# 02:55 aaronpk ...we should clearly start calling them "communicators" instead of "phones" because that's already been predicted by star trek
# 02:56 aaronpk ... would like to redesign his site since it looks dated. been working on media-related things.
# 02:58 aaronpk ... letting the server choose what quality of video to stream depending on the quality of the signal
# 03:01 bret tracks all sorts of stuff... bike rides, eats, trips etc
# 03:02 bret bc skitch 2.0 only posts to evernote post acquisition
# 03:04 bret favorite tracker: jawbone... steps and sleep
# 03:04 aaronpk ... background in art school, recently completed the epicodus program
carlo_au joined the channel
# 03:13 bret discussing pingback, webmention and recent criticisms regarding vouch
# 03:14 bret solution for pingback spam was a Bayesian filter style spam filter
# 03:15 bret posts would get filtered when they included too many links
# 03:16 bret wordpress pingback is the target... not pingback in general
joshwnj, snarfed and KartikPrabhu joined the channel
# 03:35 tantek does the wordpress webmentio plugin have an expiring endpoint?
# 03:38 snarfed bret: re youtube-to-mp3 service, you're familiar with youtube-dl, right?
# 03:38 aaronpk snarfed: the difference is youtube-to-podcast :) for offline listening
# 03:39 bret snarfed: yeah thats what I would use... + a podcast feed to get it on my phone
# 03:39 snarfed aaronpk: confused. youtube-dl -x converts to .mp3
# 03:39 bret snarfed: i want a web app that wraps yt-dl
stream7 joined the channel
# 03:39 bret snarfed: for whatever.. random links, play lists, watch later list
# 03:41 GWG Along with Support for Verifying Client AP and a proposal about Comment author must have a previously approved comment...which is a WordPress setting, but essentially, whitelist.
# 03:41 snarfed aaronpk: bret: got it. agreed. if you're converting on the server and then serving the mp3 from there, that should work
# 03:41 bret plus i just wannt build some python web apps
# 03:42 snarfed GWG: tantek: re expiring wm endpoints, fwiw they make endpoint discovery less cacheable, which is sad for high volume senders
# 03:43 snarfed aaronpk: bret: the difficulty with any service like that is load. downloading from yt uses a lot of bandwidth, transcoding uses lots of cpu, etc
# 03:43 snarfed which has killed many of these services when they get popular
# 03:44 snarfed regardless, i'd *kill* for this service myself. please do make it!!!
j12t joined the channel
# 03:47 GWG snarfed: It could be an optional feature
GWG joined the channel
gRegor` joined the channel
KartikPrabhu, lupinedev, benjamin-agaric and agaric joined the channel
# 04:49 aaronpk funny, I coulda sworn it mentioned him earlier. or at least in the whois or something
# 04:54 aaronpk kylewm: hey i'm really close to replacing the mf2 parser for webmention.io!
# 04:58 aaronpk the ruby parser made it easy cause it has a bunch of built-in methods for accessing things like the first h-entry on a page, or the first author in an h-entry
# 04:59 gRegor` what is questo.email?
swartwulf and saurik_ joined the channel
# 05:04 gRegor` what is questo?
julian`` joined the channel
gRegor` and mlncn joined the channel
# 05:07 snarfed aaronpk: finally got the schema set up w/ruby 2.1.5
# 05:07 aaronpk did you find a root problem? or just tried again and it worked?
# 05:08 snarfed eh, i've documented the individual 2.0.0 problems and workarounds, but i can't say i fully understand them
# 05:09 snarfed i haven't looked for smoking gun bug fixes or changes in ruby post 2.0.0, if that's what you mean
# 05:09 aaronpk huh, i was able to run it under 2.1.3 without any changes
# 05:10 snarfed oh i believe you on 2.1.3. my problems were under 2.0.0
reedstrm and indie-visitor joined the channel
# 05:13 GWG Almost done with my emergency extraction of my sites to their new home
# 05:19 snarfed aaronpk: indeed. also that new puts e.backtrace is also in my PR :P
# 05:20 aaronpk my plan was to inspect the post in this "if parsed" block and override the "message" variable if a better message can be generated
# 05:26 aaronpk okay that's live! hope it doesn't break anything :)
tantek and lukebrooker joined the channel
lupinedev and indie-visitor joined the channel
# 05:41 bret aaronpk: does it re parse old messages?
# 05:43 pwcc re 08:05 (Webmention into WordPress) there's nothing in trac but I can ask around re: thoguths from core committers.
# 05:44 pwcc WP 4.1 is due to be release very soon, so planning meetings for new features are due soonish.
julian`` joined the channel
# 05:52 bret if it does make it into wordpress, lets cross our fingers that short lived WM endpoint urls come by default.
# 05:53 GWG pwcc: I have a proposal on that though.
# 05:54 GWG 1. Webmentions replace pingbacks and trackbacks, which are discontinued
# 05:54 GWG 2. XMLRPC support is discontinued
# 05:54 GWG 3. JSON REST API replaces XMLRPC.
# 05:54 GWG Speaking of which, someone is probing XMLRPC on one of my sites.
# 05:57 pwcc GWG most of that makes sense to me but can't see it getting past on back compat grounds - the leads are very keen on it.
# 05:58 GWG pwcc: Why can't legacy be put into a plugin?
# 06:00 pwcc Just not the way the leads work, I am afraid.
snarfed joined the channel
# 06:02 GWG pwcc: How about offering a disable option? They took it out in 3.5
j12t joined the channel
# 06:07 pwcc On proposing webmentions to core, who's blessing would be needed in here? pfefferle is most obvious, as it's his plugin.
# 06:11 GWG pwcc: They may want a different integration method.
loic_m joined the channel
# 06:18 pwcc GWG: yeah, maybe, tho going with a plugin /implementation is a helpful start. Responsive images started as an unblessed plugin, for example
sanduhrs, KartikPrabhu, j12t, Deledrius and reedstrm joined the channel
gRegor`, cweiske, verdi_, stream7, friedcell, eschnou, loic_m, KartikPrabhu, elima, LauraJ, npdoty and sanduhrs joined the channel
krendil, KartikPrabhu, LauraJ, verdi_, stream7, j12t, Pierre-O, Sebastien-L and elf-pavlik joined the channel
verdi_, friedcell1, KartikPrabhu and alanpearce joined the channel
adactio, Pierre-O and marcthiele joined the channel
Garbee, verdi_, KartikPrabhu, j12t, mlncn, npdoty and eschnou joined the channel
reederz joined the channel
j12t, verdi_ and LauraJ joined the channel
# 13:50 marcthiele.com created /2015/Germany/Schedule (+2702) "Created page with "== Saturday 2015-05-09 == Schedule following soon … <!-- {|border="1" style="border-collapse: collapse;" cellpadding="5" width="100%" |width="60"|Time | A: Meeting Room<br /> ..."" (
view diff )
Sebastien-L, elf-pavlik, sanduhrs, Pierre-O and reedstrm joined the channel
elima, j12t, mlncn, KartikPrabhu and snarfed joined the channel
verdi_, richardlitt, adactio, cmhobbs, gRegor`, halorgium_, Leeky, fiatjaf, terminalpixel, Pierre-O, KartikPrabhu, j12t, romangeeko, npdoty, elf-pavlik, verdi, caseorganic, mlncn, hidgw and elima joined the channel
# 17:19 gRegor` Thinking about questo.email, as webmention picks up it might be an easier spam attack
# 17:20 gRegor` Though I guess it still requires gathering domains with known wm support
# 17:21 gRegor` Email-to-webmention
# 17:22 ben_thatmust was just reading it, i visited it once and though it was just a domain squatter
# 17:22 gRegor` Not to be confused with queso email
# 17:23 gRegor` Going through the logs, aaronpk indicated it was fiatjaf's
LauraJ joined the channel
# 17:23 ben_thatmust its really just a person's choice to accept from there or not at that point
# 17:24 gRegor` How so? You vouch for *any* conent from questo.email?
# 17:24 ben_thatmust well vouch has the assumption that there are sites you might not want to add to your whitelist automatically
snarfed and wagle joined the channel
# 17:25 ben_thatmust i just assume that twitter has its own filtering in there. if it becomes a problem i just start to always decline twitter
# 17:26 Loqi ben_thatmust meant to say: ideally you never auto-accept from sites with (m)any author
# 17:26 gRegor` As sucky as Twitter's spam threshold is, email's is worse though
# 17:27 ben_thatmust yes, but then it could also be more a complaint to questo.email to start implementing some minimum spam filtering
# 17:27 gRegor` Has anyone tried questo.email yet?
# 17:27 ben_thatmust and sadly I don't see questo being viable. Its taking all the burden of receiving and all the burden of sending, if it gets spammed heavily it will end up pretty expensive
# 17:28 gRegor` I'm about to try it. Curious to see what it sends for the author info
wolftune joined the channel
# 17:35 snarfed i like that we've been thinking about spam so much recently…but i wonder if it's too much
# 17:35 snarfed given that we've seen *zero* actual native wm spam so far
# 17:35 snarfed granted, there's lots of precedent and concrete examples in other domains (email, blog comments, etc), so we're not totally in the dark
# 17:36 snarfed maybe i just wonder whether we should be prioritizing it so highly right now
# 17:36 aaronpk we know pingback is a spam target, and webmention is analogous
# 17:36 snarfed analogous technically but (so far) not culturally or adoption wise yet
# 17:36 aaronpk stuart made a great point though and i'm curious to put it to the test
# 17:36 snarfed spammers target big installed bases. they don't care nearly as much about the underlying protocol, etc
# 17:36 gRegor` I'm interested in thinking/working on it, but it's not a top item for me
# 17:37 aaronpk it's not necessarily that pingback itself is a spam target, it's the fact that all wordpress blogs have the same xmlrpc.php endpoint, so you can just pick domains and send pings to that URL regardless of whether it actually exists
# 17:37 gRegor` I saw chatter about wanting to get wm into core WordPress recently, though I think that would be a looong road
# 17:37 gRegor` (chatter in here)
# 17:37 snarfed aaronpk: eh yeah. it's a point, but i don't know how much it actually matters. if every site had a unique one, you'd introduce a discovery step, which costs a bit, but it's probably not prohibitive
# 17:38 aaronpk the theory is if you run a wordpress site and rename the xmlrpc endpoint, you'd reduce most of your spam
# 17:38 snarfed esp for botnet spam where costs are externalities
# 17:38 snarfed yeah but that's a narrow view. works for individuals, not for the ecosystem
# 17:38 aaronpk no that totally works for the ecosystem! that's the whole point of the expiring webmention endpoint, which could work just as well with pingback
# 17:39 gRegor` aaronpk: indieauth.com is showing a broken TLS icon for me in Chrome "verified by PositiveSSL CA 2 but does not have public audit records"
# 17:39 snarfed i'm not convinced. see my discovery/cost msgs just now P:
# 17:40 aaronpk stuart was saying that they often build up large lists of wordpress sites then hand that off to a botnet
# 17:40 aaronpk anyway I really want to test this. anyone with a wordpress site want to give it a shot?
# 17:40 snarfed and again, if they have to introduce a discovery step per spam comment, that is an additional small fixed cost, but i doubt that's prohibitive
# 17:41 aaronpk snarfed: you're in a great position to test it because you get so much spam pingback
# 17:41 snarfed aaronpk: i'll look at my logs right now. i suspect most of my spam comments are comment form POSTs, not xml-rpc
# 17:41 snarfed regardless, both of those are well known and fixed, so there's no big difference
# 17:43 fiatjaf well, about questo.email, I'm assuming emails are already a platform with a lot of spam-filtering technology. and that mailgun automatically filters inbound email for me, but I can actually do some kind of filtering by address, the webmention receiver also can also block/allow webmentions by individual email addresses, if he wants it, I'm assuming.
# 17:43 snarfed (ie you can also use a unique endpoint for the comment form)
# 17:43 snarfed fiatjaf++ for piggybacking on existing spam filtering solutions
# 17:45 snarfed fiatjaf: more like prioritizing. scratch itches that exist today, try to minimize guessing about itches that are too far out
# 17:45 snarfed ok, looking at WP spam vectors, comment form is the clear winner. for 11/2014, i saw avg 40k comment form POSTs per day vs just 20 (!) xmlrpc
# 17:46 snarfed man, that's .5 qps of spam. not huge, but nontrivial
# 17:48 gRegor` aaronpk: See my note about indieauth? Just want to make sure it didn't get lost in the conversation.
# 17:49 gRegor` Shows up fine for me in Firefox
# 17:50 aaronpk wtf the ssl cert is valid til 2018? I sure don't remember getting a 5-year cert
# 17:52 gRegor` fiatjaf: What's the turnaround for questo sending wm?
# 17:55 snarfed aaronpk: jealous! i'd love to avoid renewing all of mine every year
# 17:57 aaronpk unfortunately I have to replace it now because sha1
# 17:58 snarfed all this security hoopla is such a waste. we should just tell everyone to be nice. then we can get back to more useful stuff
# 18:00 gRegor` snarfed: Why can't we all just get along?? :)
# 18:05 aaronpk gRegor`: replaced the cert and no warning anymore!
cmhobbs joined the channel
tantek and LauraJ joined the channel
# 18:28 aaronpk snarfed: I wonder if the same trick would work with wp-comments-post.php, renaming the file and updating the references to it
# 18:28 snarfed (and again, individual vs ecosystem…but individual solutions definitely count)
# 18:29 aaronpk again, that technique could be applied across all of wordpress
Pea1, j12t, KartikPrabhu, shiflett, npdoty, richardlitt, hidgw and Sebastien-L joined the channel
# 19:02 gRegor` time from email receipt to sending the wm
# 19:03 gRegor` I sent an email about an hour and a half ago
# 19:04 fiatjaf gRegor`: I don't know, less than 5min in my experience.
# 19:04 fiatjaf gRegor`: did you get a reply telling you the email was sent as webmention?
# 19:05 fiatjaf do you email has a <a href=... linking to some post in its body?
# 19:06 gRegor` Logged in to questo and it shows up there.
# 19:06 gRegor` No, just text. "Just sending a test questo."
# 19:07 gRegor` Let me confirm my wm endpoint is shown on my homepage
# 19:07 fiatjaf it should have a url for it to be sent as a webmention
# 19:07 fiatjaf should it be sent as a webmention without a link?
# 19:08 fiatjaf should it be sent as a webmention to the home page?
richardlitt_ joined the channel
# 19:08 gRegor` My interpretation of the questo page is "just email gregorlove.com@questo.email to send a message to them"
# 19:08 aaronpk i assumed that's what it did... an email would get sent as a home page mention
# 19:09 gRegor` should probably clarify you mean some-url, not just some-domain.com
# 19:09 gRegor` Your explanation makes sense though. Not many support home page wm
# 19:09 gRegor` So questo needs a link in the email body, correct?
# 19:10 gRegor` (Sorry, re-reading and I think I was just lacking coffee)
tantek joined the channel
# 19:10 gRegor` I was focused on the some-domain part
# 19:11 aaronpk snarfed: something weird is happening with bridgy and my site. the bridgy likes have both http and https URLs for my site, but I'm not sure where they are coming from
# 19:11 fiatjaf do you think it would be better if I just sent the webmention to the home page when no link was present, gRegor`?
# 19:12 gRegor` fiatjaf: I think it's a good idea.
# 19:12 kylewm fiatjaf: nice touch using gravatar for the email author image
# 19:13 gRegor` I was thinking of it as a shortcut for private messaging, not commenting on posts.
# 19:13 gRegor` The latter is pretty cool, though. Allow anyone to comment on a post whether they support wm or not.
# 19:13 gRegor` And no requirement for a social media account, either.
# 19:15 aaronpk my "see original" facebook link is to the http version
# 19:15 snarfed gRegor`: fiatjaf: agreed! love the idea of letting anyone comment, no need for wm etc. (fwiw, that's why i still have a comment form :P)
# 19:15 snarfed aaronpk: i was looking at that tweet, not an fb comment
# 19:15 gRegor` Same here, snarfed
# 19:16 gRegor` I'm migrating my site currently and now I'm wondering if I should replace the comment form with a questo mailto: link :)
# 19:16 aaronpk i'm not sure it's happening for tweets. it just happened for that facebook post though
# 19:16 snarfed gRegor`: yeah. inline comment form is probably the easiest, so i suspect the primary use cases for questo are a bit different
# 19:17 snarfed not sure of the root cause, but i should probably follow barnabywalters's lead and strip scheme before deduping
eschnou joined the channel
# 19:18 aaronpk hm ok cool. let me know if i'm doing something wrong/weird too.
# 19:19 aaronpk nice find with the reference to that mailing list post
# 19:20 snarfed aaronpk: "open question: which do we keep? the http one or the https one?"
# 19:20 snarfed so i assume both work? i don't fetch them so i don't know
# 19:21 snarfed more complicated answer would be to try one, and iff it fails, try the other
# 19:22 gRegor` Nice, got questo to work
# 19:24 gRegor` I wonder if the h-card url should be mailto:email
# 19:24 gRegor` s/should/shouldn't/
# 19:24 Loqi gRegor` meant to say: I wonder if the h-card url shouldn't be mailto:email
# 19:24 gRegor` I wouldn't want to be publishing their email address
bjorn joined the channel
# 19:25 aaronpk if someone wants to email me, I am more than happy to publish their email address ;)
# 19:26 tantek I think that's a reasonable tradeoff to them not using their own website
# 19:26 tantek also it becomes an encouragment to use your URL instead of email for commenting
# 19:27 gRegor` I don't think it's reasonable if it's not advertised in advance.
# 19:27 aaronpk add a note on the questo.email home page, since they have to read that to know how to send the email anyway
# 19:28 gRegor` Common behavior with comment forms has been the email address, if entered, isn't published
# 19:30 tantek I see it the other way - as discouraging evil sockpuppets a bit more
Gold joined the channel
# 19:33 gRegor` evil sockpuppets that don't know how to set a from: address or a throwaway email? :)
# 19:34 gRegor` It's not ordinary comment form, but it's analogous as I'm thinking about it. I have the commenter's email in either situation, which is enough "accountability" for me
# 19:35 tantek gRegor` don't be silly. every incremental barrier reduces misbehavior like that. you know that.
# 19:35 tantek don't be absolutist about it "that don't know how"
# 19:35 gRegor` I don't actually know that in this case. I guess I don't understand.
# 19:36 tantek it makes it clear that others will keep them accountable too
# 19:36 gRegor` Should local comment forms also display commenter's email addresses?
# 19:42 tantek has anyone implemented "Report Abuse" buttons on comments on their site? E.g. so *others* can click and report bad comments to you? (maybe only for users logged into your site with indieauth)
# 19:43 tantek e.g. on Instagram, anyone (logged in obv) can report a comment as abuse (red square button with white outline stop sign inside with white exclamation point inside)
# 19:48 tantek ben_thatmustbeme: re: first person-tag - I think Kevin Marks posted first person-tags on his summary of notes from 15 days ago HWC
# 19:49 gRegor` Now a report abuse tool makes sense for accountability and I'm behind that.
# 19:49 Loqi A person tag (AKA people tag) is a special kind of tag that refers to a specific person by URL rather than just a word or phrase, and is done as an explicit tag by the user, beyond just mentioning a person via hyperlink / h-card http://indiewebcamp.com/person-tag
# 19:50 aaronpk of course my first thought is would it be useful if it were a separate service that you could easily drop in to your site?
mlncn joined the channel
# 19:55 gRegor` How about an "online abuse" page, or perhaps "cyberbullying" (wikipedia's term for it), with a section on reporting abuse?
Leeky joined the channel
# 19:59 aaronpk i'm thinking a little JS widget you could drop in to your page (with regular link fallback of course) which would handle showing the UI for reporting abuse, and collect the reports.
agaric joined the channel
# 20:00 aaronpk then you could log in and review reports, or the service could send an HTTP request if a comment is reported more than your threshold or something
# 20:06 tantek gRegor' that sounds more conceptual than feature
# 20:06 tantek I specifically asked about "report abuse" because that's a *feature* in many (most?) social network silos
# 20:06 tantek documenting a real world feature like that is more factual and doesn't need to wade into long handwringing conceptual discussions
# 20:07 tantek gRegor-hwc: because the backtick won't autocmplete while this nickname is in the channel
# 20:07 gRegor` kicks gRegor-hwc
# 20:08 gRegor` I only thought of an "online abuse" page because it seems the next 'what is' question after 'what is report abuse?' :)
# 20:09 gRegor` Thought there might be some use in documenting types of online abuse. Examples are all over, though.
snarfed joined the channel
# 20:10 gRegor` Those web chat nicknames stick around forever, eh? That was from 4 weeks ago
tantek, j12t, richardlitt, verdi_, reedstrm and krendil joined the channel
verdi_ joined the channel
verdi__ and j12t joined the channel
verdi_ joined the channel
pwcc joined the channel
# 22:30 pwcc @aaronpk: willing to give renaming the WP xmlrpc endpoint if you have no takers. Worth noting most of my spam is via comment form.
# 22:30 aaronpk pwcc: sweet. yeah if your stats are like snarfed's then there isn't actually much pingback spam happening
Pierre-O joined the channel
# 22:31 aaronpk I don't know what it would take, but would also be interesting to see if you could do the same with the comment endpoint
# 22:33 GWG pwcc: I would suggest you see if it can be done as part of a plugin. Changing core is always a bad idea
# 22:33 pwcc was just checking that. It's a hard coded file in core but there must be a way to rewrite in the htaccess.
# 22:33 GWG pwcc: What about those of us who use Nginx?
# 22:34 GWG pwcc: It may have to be two parts. .htaccess or Nginx configuration notes, plus a plugin to change the <link>
# 22:35 tantek oh man - just as I was writing up Instagram abuse heh
# 22:35 GWG pwcc: Since I joined IWC, I've been very much about WordPress standards.
# 22:36 tantek (of course I was being too detail oriented ;) )
KartikPrabhu joined the channel
# 22:37 pwcc GWG: cool, noob to the irc channel but been lurking in the logs for a while. Isn't a filter to change the comment form URL but could be hacked with the WP comment_form_top action.
yobj joined the channel
# 22:39 GWG I don't think it is the top action...
# 22:40 GWG pwcc: Either way, you can shut off the comment form, but most bots don't use it
# 22:41 GWG aaronpk: Some do. But many just hook directly, if they know it is a WordPress installation
# 22:42 aaronpk interesting. one of my wordpress sites curently has 650 spam pingbacks and 2000 spam comments
# 22:43 GWG aaronpk: They try to submit the form data without the form.
# 22:43 pwcc @aaronpk they go direct to the submission script.
# 22:43 aaronpk oh yeah of course. that's what we're talking about. but need to update the comment form to point to the new comment php file
# 22:44 pwcc GWG, htaccess/nginx rules can be set up the return a 403 forbidden on accessing wp-comments-post.php
reedstrm joined the channel
# 22:47 GWG I just want to try to find a way that doesn't break every time you update WordPress
# 22:56 pwcc found a comment/support request re: using nonces too - is concern re caching. This, too, applies to expriging end points in the web mention plugin..
# 22:56 aaronpk i just hacked up a wordpress install to change the comment endpoint
# 22:57 aaronpk I guess they fetched the page and found the form!
# 22:58 GWG snarfed's solution is to render the form in javascript
# 22:58 GWG snarfed: Isn't that what that plugin you use does?
lukebrooker joined the channel
# 22:59 snarfed oh, i see, no. in the form submit handler, it checks something the client has to do in JS
# 22:59 GWG You said used javascript. I bookmarked it. My mistake
# 23:01 GWG Either way, rendering in javascript would reduce more bots than not
# 23:04 pwcc In terms of webmentions, is the protocol to check the endpoint each time or to cache?
# 23:06 tommorris mutters something about not having comments because of signal:noise ratio.
# 23:06 snarfed is saddened by the rediscovery, not by tommorris's muttering :P
# 23:06 tommorris I spent this evening getting frustrated by both WordPress and Squarespace.
# 23:07 tommorris I really wish there was a sane and acceptable normal-person-friendly and reasonably customisable website-as-a-service offering for artists, designers and other image-based creatives. :)
# 23:08 tantek tommorris: I thought that was squarespace. Interested in hearing about specific frustrations.
# 23:08 tommorris Squarespace is marginally better but it is too Ajaxy for my liking - hash URLs for content ffs.
# 23:08 tommorris the Gallery page types on Squarespace are very limited and not very customisable.
# 23:08 tantek ah - architectrual problems rather than UI problems
# 23:09 pwcc rediscovery allows for use of nonces. I can see implementers ignoring this and cahcning though. By which I mean I would :)
# 23:09 tommorris so if your art fits within what Squarespace works for, awesome. If not... sucks to be you.
# 23:10 tommorris Squarespace is a better fit and because it sucks less than anything else I've tried, it's my current recommendation to non-technical folk but it is expensive and a long way from my dream of a great experience.
# 23:11 tantek I met the CEO at Brooklyn Beta and he was very pro on automatically adding microformats for people etc.
# 23:12 snarfed (pwcc: yup, we've discussed it a few times. bridgy does the same endpoint caching, intentionally, and i'd rather not change that)
# 23:13 GWG pwcc: You are't on the IRC People list, are you? I was going to look up your site
mlncn joined the channel
# 23:17 pwcc GWG, to answer your question - peterwilson.cc
# 23:18 GWG pwcc: What are your top interests in working on in the Indieweb space with WordPress? As that is my area of interest?
wowaname and elima joined the channel
# 23:19 tantek wanted to have at least one documented silo example like that so others could try to do the same for other silos
# 23:20 pwcc GWG I worked in WP client services for years & am active in Melbourne community. Jeremy Keith got me interested in indieweb,
# 23:25 snarfed !tell KartikPrabhu yup, sounds right. that's a pretty unusual structure. not sure how to handle it, but kylewm and i could definitely listen or accept a PR!
# 23:25 Loqi Ok, I'll tell them that when I see them next
KartikPrabhu joined the channel
# 23:27 KartikPrabhu snarfed: maybe only use the u-syndication links that are the properties of the first-h-entry
# 23:27 Loqi KartikPrabhu: snarfed left you a message 1 minute ago: yup, sounds right. that's a pretty unusual structure. not sure how to handle it, but kylewm and i could definitely listen or accept a PR!
# 23:27 tantek tommorris: that manifest is a joke because it itself is not an single-page-site / app :P
# 23:28 Loqi tantek meant to say: tommorris: that manifest is a joke because it itself is not on a single-page-site / app :P
# 23:29 tantek "NOPE. You don't get to be creative professional today, you get to be a tired diplomat."
# 23:30 KartikPrabhu question if I embed my note into my article should the embed be marked as h-cite?
# 23:31 GWG pwcc: I am a neophyte in development. But I do a few indieweb-themed plugins.
KevinMarks joined the channel
# 23:31 GWG pwcc: That and file issues for Indieweb developers
# 23:31 GWG Like making aaronpk upgrade his ruby version.
# 23:32 GWG But I think that affected more than me
# 23:32 KevinMarks !tell Tantek I added person tag generation to noterlive.com, so anyone who uses that will get them too
# 23:32 Loqi Ok, I'll tell him that when I see him next
# 23:33 Loqi tantek: KevinMarks left you a message 38 seconds ago: I added person tag generation to noterlive.com, so anyone who uses that will get them too
# 23:33 KartikPrabhu aaronpk: the question becomes what does reportabuse.club do with the reports?
# 23:34 aaronpk well if you're using the script tag, it could hide the comment for that user by cookie-ing them
# 23:34 snarfed i'm going to regret this…but that manifesto does make a bit more sense if you limit it to wholly private webapps, e.g. gmail.
# 23:35 aaronpk also it could ping the website which could then decide what to do with the report (deleting the comment, or hiding it for everyone, etc)
# 23:35 GWG Is there a standard endpoint for abuse reports?
# 23:36 KartikPrabhu aaronpk: why make a central cite for abuse reports? why not have people handle it themselves?
# 23:36 aaronpk the idea would be to encourage people to handle it themselves, but sometimes building that much UI stuff is just annoying
# 23:36 GWG Like webmention, couldn't there be a format that sites could advise they receive reports in?
# 23:36 tantek snarfed - disagreed - even for private web "apps", permalinking specific things (like a particular email message in gmail) is useful!
# 23:37 KartikPrabhu I sometimes want to go directly to a particular gmail folder and I can't remember what horrid internal url scheme they have
# 23:37 tantek GWG, no idea - that's why we start with documenting existing examples first
# 23:37 snarfed tantek: KartikPrabhu: you don't have to forego permalinks. he discusses that in the manifesto. gmail has had them per email for a long time
# 23:37 tantek snarfed, OTOH - games may be an exception to the SPI-antipattern
# 23:38 snarfed granted, they have fragments, but for the end user use case - link to a specific email - it works fine
# 23:38 tantek and only "threads" - specific emails don't have permalinks
# 23:38 KartikPrabhu snarfed: so then, it seems SPI is about plumbing. And replacing markup by programming
# 23:39 aaronpk so ReportAbuse club would provide all the UI and interaction, but would result in sending report pings to your website where you'd do whatever you want with the info.
# 23:39 snarfed more importantly though, we're now discussing missing gmail features. i'll happily concede those, but they don't affect the larger point that SPI may be appropriate for private webapps
# 23:40 tantek snarfed - oh neat - ok. then we're just debating how good the /URL_design is - which is s different debate
# 23:40 aaronpk and it could also provide a simple UI for reviewing reports it's collected, in case you don't want it to ping your website
# 23:40 snarfed right. *ideally*, ajax vs page loads don't affect UX. but *in the real world*, ajax is often faster and feels more seamless. hence my point.
# 23:40 tantek snarfed - when a SPI starts updating history and URL location with specific "permalinks" for states - it becomes more like progressive enhancement than actual SPI.
# 23:40 KevinMarks The advantage akismet has is that it gets all the spam reports from WordPress
# 23:41 snarfed tantek: definitely! and he specifically calls out exactly those features
# 23:41 KartikPrabhu I am still inclined to have at least a few indie implementations before a common site like that aaronpk
# 23:41 KevinMarks So there is an advantage in centralising some kinds of abuse reporting
# 23:41 tantek KevinMarks: meh. Akismet is a giant fail for me.
# 23:41 aaronpk if I build a "report abuse" feature for my site, I will build it as a separate component like that, and anyone can use it if they want :)
# 23:42 tantek still see lots of stuff I have to moderate, and when I try to post a reasoned comment with citations, I get rejected
# 23:42 KartikPrabhu if you can replicate everything that normal pages do by writing this long list of codes to do it... @snarfed
# 23:42 aaronpk the idea is not for this service to own the abuse reports, just to be a proxy service and provide the UI for it
# 23:42 tantek I think centralized report abuse is problematic because of *both* the burden it puts on that centralized party, and the power it grants them
# 23:42 pwcc GWG: good to meet you, thatnls for been so welcoming.
# 23:43 snarfed KartikPrabhu: see my ideal vs real world msg. :P in general, *in practice*, good ajax webapps often feel faster and more responsive, which is important for web*apps*, as opposed to just pages
# 23:43 tantek aaronpk - anyway, seems easier to build it first as a baked in feature before making a "proxy"
# 23:43 aaronpk nah cause then I have to build it twice. like my note posting UI.
# 23:43 tantek snarfed - then I have yet to see "good ajax webapps" except maybe fb.com - as all the rest seem *slower* than just page loading
# 23:44 tantek snarfed - my web browsing experience is so much faster with NoScript
# 23:44 snarfed tantek: sure! but i expect the majority of that is pages, not apps
# 23:44 tantek because frankly, web devs typically don't know how to do fast network loading / processing code (what you need for "good ajax")
# 23:44 KartikPrabhu snarfed: yes. so SPI manifest seems to be saying "forget all this HTML, CSS stuff. Lets all do JS"
# 23:44 aaronpk KevinMarks: I don't think it really has anything to do with webmention
# 23:45 aaronpk if the report lived at a URL of its own then mayyybe
# 23:45 tantek I've also thought about how an "untagging" could be a type of webmention too
# 23:45 tantek e.g. if you want to untag yourself from a post that tags you
# 23:45 snarfed for truly complex apps - e.g. gmail, feed readers, maybe fb/twitter - i'd contend that average programmers using common tools will deliver a somewhat faster-feeling UX with ajax than with page loads
# 23:46 tantek especially a post that tags you via a 3rd party person-tag!
# 23:46 GWG If we all keep our abuse reports retrievable from a URL that can be discovered on our site...
# 23:46 tantek GWG - so far there is no prior work for report abuse permalinks
# 23:46 tantek e.g. no sign of them in FB all activities feed
# 23:50 KartikPrabhu kylewm: snarfed: could you point me to the code that bridgy uses to find u-syndication links? I am not familiar with bridgy code organisation
# 23:50 GWG tantek: I'm theorizing. Not an itch for me right now
# 23:51 KartikPrabhu snarfed: thanks. will see what can be done for that error i pointed out
# 23:51 tantek GWG, cool. doing distributed "abuse report" posts that are verifiable could be quite useful. of course you'd have to use rel-nofollow to link to the items of abuse, which is yucky too.
# 23:51 tantek as someone that reports abuse, I'd prefer *not* to provide any more discoverability to the abusive items
# 23:52 snarfed KartikPrabhu: thanks! might be worth discussing w/kylewm first, and/or making a minimal example test case. it's such an unusual structure that i'd be a bit worried about it affecting other behavior
# 23:52 KevinMarks Hm. Pointing out abuse in-channel is a report worth a permalink
# 23:55 kylewm KartikPrabhu: rel-syndication is scoped to the page
# 23:56 kylewm I don't understand what I'm looking at in the context of your article
# 23:57 KartikPrabhu kylewm: yes. the embedded styling needs to be better. this is the first time i have done it
# 23:57 GWG tantek: While I might not be ready to build it, I like brainstorming. But, I'm pondering how someone wanting to gather abuse reports would trust the source.
# 23:58 KartikPrabhu vouch can be used as a general mechanism for social graph based trust