#indiewebcamp 2015-12-20

2015-12-20 UTC
#
matrrix So is webmention.io essentially unsupported? Every time I've asked about it, folks have recommended switching to webmention.herokuapp
#
matrrix In this case, Bridgy says it forwarded the above RT that Loqi mentions, but webmention.io hasn't exposed it
#
Loqi grins profusely
#
gRegorLove webmention.io is still supported. aaronpk has made updates recently, even
#
matrrix Good afternoon Loqi ;-)
#
matrrix I should reach out to aaronpk about missing mentions, then, I guess?
#
Loqi it is probable
#
GWG Loqi, tell me a joke?
#
gRegorLove matrrix: What's your URL that got mentioned?
#
@erikpischel RT @rrrrrrrix: Matrix and IndieWeb: A match made in heaven? 👼 http://whatthefuck.computer/blog/2015/12/19/matrix-and-indieweb/ (twitter.com/_/status/678324656936480768)
#
matrrix er, didn't mean to yank the whole line
#
matrrix Are brid.gy log URLs public?
#
kylewm yes
#
matrrix https://brid.gy/log?start_time=1450569257&key=aglzfmJyaWQtZ3lyNQsSCFJlc3BvbnNlIid0YWc6dHdpdHRlci5jb20sMjAxMzo2NzgzMjQ2NTY5MzY0ODA3NjgM
#
matrrix is the brid.gy job for that webmention
#
gRegorLove Hm. Yeah, something seems off https://webmention.io/api/mentions?jsonp=?target=http://whatthefuck.computer/blog/2015/12/19/matrix-and-indieweb/
#
matrrix Yup
#
kylewm well the jsonp=? is a jquery thing
#
gRegorLove Ohh
#
kylewm gets replaced with http://webmention.io/api/mentions?target=http://whatthefuck.computer/blog/2015/12/19/matrix-and-indieweb/&jsonp=webMention.elements[0].postProcess
#
kylewm which is still blank
#
gRegorLove Maybe an issue recognizing the .computer TLD
#
matrrix Other URLs have been mentioned though
#
matrrix http://whatthefuck.computer/blog/2015/12/06/polynomial-a-decentralized-webring/ for example
#
matrrix which was the first URL I posted after adding webmentions
#
GWG I'll ask again. How does this look? https://tiny.n9n.us/2015/12/09/twitter-like-test/
#
kylewm hmm, in the bridgy log, webmention.io only says it queued the mention for processing
#
matrrix oh is that the webmention side? I assumed it was the bridgy side
#
kylewm i wonder if there is a way to check whether processing succeeded
#
matrrix so maybe it's a processing delay
#
kylewm going to try sending the wm via curl
#
matrrix GWG: seems a bit awkward on wide screens... maybe a max-width CSS thinger?
#
matrrix kylewm: feel free
#
kylewm nah same thing
#
matrrix (apropos to nothing, I'm curious what the indieweb folks thing about that matrix & indieweb article...)
#
GWG matrrix: Still experimenting with the design. But I'm specifically looking at the presentation of the like. The rest is just a blank theme.
#
matrrix kylewm: well, I'll sit tight; if it's still not working the next time I see aaronpk around I'll poke him.
#
GWG So basically, the bookmark section.
#
matrrix oh oh
#
gRegorLove I don't think webmention.io has status URLs
#
matrrix seems A+
#
GWG I build in WordPress. I have to build each piece.
#
matrrix just cut his thumb tearing down a box, brb
#
kylewm GWG: it looks like a bookmark more than a like?
#
GWG I changed it.
#
GWG The difference between a bookmark and a like right now is a switch.
#
GWG I plan to change that. But right now, I'm recreating the default presentation in the new design before creating the type specific ones
#
gRegorLove The duplicate text is odd, GWG
#
GWG Which duplicate text?
#
gRegorLove Otherwise looking good, presuming the icon will be a star vs bookmark
#
gRegorLove (or heart or whatever)
#
GWG gRegorLove: I redid all my icons.
#
GWG The duplicate text is because the title = tweet on Twitter.
#
gRegorLove KevinMarks original tweet is linked and then below it is the same text.
#
GWG It's a Twitter specific issue.
#
gRegorLove title?
#
GWG I'm using the php-mf2-shim for Twitter
#
KevinMarks well, it's also common in indie notes too
#
GWG https://tiny.n9n.us/2015/09/02/hydrox/
#
GWG How about this one?
#
gRegorLove Oh, you mean the WordPress "title" field is being filled in with the tweet text?
#
GWG gRegorLove: No. p-name = p-summary/p-content
#
GWG When I parse the URL
#
GWG I may have to fiddle with that. If the name is blank, it will say 'a tweet'.
#
KevinMarks eg http://www.unmung.com/mf2tojs2?url=http%3A%2F%2Fwww.unmung.com%2Fmf2%3Furl%3Dhttp%253A%252F%252Fknown.kevinmarks.com%252F2015%252Fhiring-and-interviewing-are-much-more-akin-to-literary-criticism%26html%3D%26pretty%3Don&pretty=on
#
KevinMarks p-name ~= p-content
#
gRegorLove I'd say if it's a note, display the text, otherwise say "liked [title]"
#
GWG I haven't gotten to teaching it the type of the thing it is responding to.
#
GWG I really should get to that.
#
gRegorLove In the second one is "The "original Oreo" is coming back very soon." your comment on the like?
#
GWG Yes, in this case.
#
GWG Actually, wait.
#
GWG That is the summary of the URL liked
#
GWG My comment would be below that
#
GWG This is basically the design I started out with last time, only refined a bit. The next step is to improve it further.
#
GWG For example, here is the old version running on acegiak's site
#
GWG https://acegiak.net/kind/like/
#
acegiak morning!
#
GWG Morning, acegiak. I was just speaking of you
#
GWG I could use your feedback
#
acegiak sure thing!
#
GWG How does this look so far? Starting the refining of the display. https://tiny.n9n.us/2015/12/09/twitter-like-test/
#
acegiak GWG: I use blockquote rather than p for e-summary but it looks promising
#
GWG Well, this is still the generic design. But I rewrote the code. Tried to make it simpler to work with.
#
acegiak neato!
#
GWG Lots of stuff going into the next version, which I hope to get before 2016.
#
acegiak very cool
#
GWG This is the list so far in the changelog.
#
GWG * Attempt to fix emoji issue reported by @acegiak
#
GWG * Duration to be deprecated and replaced by start date and end date. The presence of a duration field will still be used.
#
GWG * Start/Published Date and End/Updated Date have an updated input field instead of a text string
#
GWG * Response caching removed due limited utility
#
GWG * Removal of older code in favor of new templating system for each kind
#
GWG * Font icon replaced with SVG icons.
#
GWG * Retrieve button now generates an alert if the URL box is blank or does not have a URL.
#
GWG * Start of contextual help system
#
GWG * Hooks for possible future author data to be stored/retrieved from a nicknames cache
#
acegiak awesome!
#
GWG Tell me if there is anything else I can stick in. I've put in a lot for this next version.
#
GWG The time fields set up for all sorts of activities.
#
GWG I still need to add a bunch more in terms of options. I have featured images, original publish date, etc.
arlen, squeakytoy and [aaronpk] joined the channel
#
[aaronpk] Everyone keeps recommending webmention.herokuapp because it has a JS widget that actually renders comments, not just an API like <http://webmention.io|webmention.io ;-)
#
[aaronpk] But there will be lots of features coming to <http://webmention.io|webmention.io soon because that's all I'm gonna be using to receive webmentions for my site soon
#
[aaronpk] Like status URLs
#
GWG aaronpk, sometimes I wonder where you find the time.
#
[aaronpk] It's tough sometimes
#
[aaronpk] Today I did not make as much progress on Telegraph as I had hoped
gRegorLove and snarfed joined the channel
#
@kevinmarks I'd says this was an #ownyourdata issue, but what they are fighting over is surveillance data on voters https://berniesanders.com/press-release/statement-jeff-weaver/ (twitter.com/_/status/678447460960722945)
#
@dangillmor RT @kevinmarks: I'd says this was an #ownyourdata issue, but what they are fighting over is surveillance data on voters https://t.co/Txifk4… (twitter.com/_/status/678447577579188224)
#
@FixDemocracy16 RT @kevinmarks: I'd says this was an #ownyourdata issue, but what they are fighting over is surveillance data on voters https://t.co/Txifk4… (twitter.com/_/status/678447834979540992)
#
@lisarein RT @kevinmarks: I'd says this was an #ownyourdata issue, but what they are fighting over is surveillance data on voters https://t.co/Txifk4… (twitter.com/_/status/678448154384044032)
#
@raypride RT @kevinmarks: I'd says this was an #ownyourdata issue, but what they are fighting over is surveillance data on voters https://t.co/Txifk4… (twitter.com/_/status/678448168980336640)
#
KevinMarks hm, it wouldn't take much to adapt the webmention.herokuapp.com script
#
matrrix [aaronpk]: http://webmention.io/api/mentions?target=http://whatthefuck.computer/blog/2015/12/19/matrix-and-indieweb/ still has no links appearing despite what the response Brid.gy got seems to think; can you prod webmention.io for me?
#
matrrix FWIW https://github.com/bcomnes/webmention.js is quite facile
[aaronpk] joined the channel
#
[aaronpk] I will have to look in the morning . Can you paste the link to the Bridgy log?
#
matrrix https://brid.gy/log?start_time=1450569257&key=aglzfmJyaWQtZ3lyNQsSCFJlc3BvbnNlIid0YWc6dHdpdHRlci5jb20sMjAxMzo2NzgzMjQ2NTY5MzY0ODA3NjgM
#
matrrix is one
#
matrrix There were a couple of push attempts that responded with {"result":"Webmention was queued for processing"}
KevinMarks__, snarfed, KevinMarks_, squeakytoy and squeakytoy2 joined the channel
#
@witchbabe23 RT @kevinmarks: I'd says this was an #ownyourdata issue, but what they are fighting over is surveillance data on voters https://t.co/Txifk4… (twitter.com/_/status/678496639846236160)
eschnou, catsup, loic_m, e-lima, elima, loic_m_, strugee, elf-pavlik, KartikPrabhu, nitot, Pierre-O, fkooman, tvn, j12t, KartikPrabhu1, ttepasse, tvn_ and Pierre-O1 joined the channel
#
aaronpk matrrix: looks like it was crashing because the title of you blog post has an emoji o.O
j12t joined the channel
#
aaronpk matrrix: should be fixed now!!
wolftune joined the channel
#
GWG Good afternoon all
#
aaronpk reviewing the open issues on webmention.io, it looks like a few of them i'm blocked on because they are actually issues with the Ruby mf2 parser :-(
#
kylewm aaronpk: think the mf2 parser can be fixed or easier for someone to write a new one from scratch?
#
aaronpk probably can be fixed, but I haven't really looked at the guts of it
#
kylewm i got the impression at one point that it was vocabulary-aware
#
aaronpk not exactly
#
aaronpk but it is doing "ruby" things, and creates helper methods for accessing a single value vs an array with methods such as "like" vs "likes"
#
kylewm ok, just doing some magic with property names that look plural
#
kylewm got it
#
aaronpk which is cute, but actually pretty annoying
#
aaronpk I just had an interesting thought
#
aaronpk kylewm: you did something recently where you wanted an indieauth client to get a URL back that was different from what the user entered, right?
#
kylewm yes
#
kylewm i wanted to give my indieauth my url as multiusersite.com and it would return multiusersite.com/profiles/kylewm as "me"
#
aaronpk what's to stop your multiusersite.com returning a "me" url of "aaronparecki.com'?
#
aaronpk doing this opens up this security hole. we'd need to ensure that an indieauth client only allows the server to return a "me" url on the same domain. problem is there is no technical way of doing that.
j12t joined the channel
#
kylewm I *think* it only opens up the security hole if you cache the indieauth/token endpoints between requests
#
kylewm if you rediscover the endpionts with the new "me" url, then your request for verification or aaronparecki.com with aaronparecki.com's token endpoit will fail
#
aaronpk ah good call
#
aaronpk so the callback includes "me" and "code", and you MUST use the new "me" and discover the token endpoint from there
#
aaronpk I'm gonna make Telegraph support this
#
aaronpk since it's really just a matter of the client doing something differently
#
kylewm awesome! what are you going to use it for out of curiosity?
#
aaronpk use what for?
#
kylewm returning a different me than given
#
aaronpk just making it part of the signin flow
#
aaronpk my auth server won't be returning a different URL, but someone else's might
#
kylewm oh ok
#
aaronpk actually this is one way to solve the http vs https issue too
#
aaronpk if my auth endpoint always returns https for "me" then it won't matter what I typed in at the start
#
kylewm i think that is maybe why I originally wanted it^
#
aaronpk also solves the trailing slash issue
j12t joined the channel
#
aaronpk this also means that proper handling/validation of the "state" parameter is *super* important, so that you can't trick clients in to logging people in without the client expecting it
#
kylewm hmm, how is that different from before?
#
kylewm actually you'd probably need to explain the whole attack, so i will just take your word for it :P
#
aaronpk maybe it isn't different from before
#
aaronpk it's still important tho :P
snarfed joined the channel
#
aaronpk well dang now I need a server that does this to test with
#
aaronpk looks like i'm gonna have to build an auth endpoint into my new site
mlncn joined the channel
#
matrrix aaronpk: 💞 thank you for the help
#
kylewm aaronpk: do you want an account on known.kylewm.com?
#
kylewm to test with
#
aaronpk does it do that?
#
kylewm yeah
#
kylewm weird, it worked with Quill :P
#
aaronpk sure that would be an easy way to test
#
kylewm I attempted to invite you
#
aaronpk got it thx
#
aaronpk LOL
#
aaronpk okay so Quill already works that way without me trying to do that explicitly
#
kylewm I can't remember why I never sent a pull request for this plugin...
#
kylewm nice!
#
aaronpk oh you modified it?
#
kylewm yeah, the regular one delegates to indieauth.com
#
kylewm my version implements its own auth server
#
aaronpk ah right
#
aaronpk hm i am getting an error signing in to monocle
#
kylewm monocle may not like a path != /
#
aaronpk it doesn't explicitly reject that
#
aaronpk ah monocle does use the session's "me" instead of the one returned in the token
#
aaronpk wait no i read that wrong
#
kylewm ah ha, this is why i didn't pull request it https://kylewm.com/2015/06/awesome-thanks-fair-warning-it-s-kind-of-a-proof
#
aaronpk aha
#
aaronpk well at least it doesn't only work with woodwind :)
#
kylewm true! that was before https://github.com/aaronpk/Quill/issues/28
#
aaronpk aha!
#
aaronpk well one easy thing if you don't want to switch to JWT auth codes is you can delete them after they're used once, or you can set an expiration time and then every time a new one is generated, delete all the old ones that expired
#
kylewm ah yeah definitely makes sense. i will poll the Known folks for interest
catsup joined the channel
#
aaronpk i'm a huge +1 for known being its own auth server and token endpoint instead of relying on indieauth.com
[kevinmarks] joined the channel
#
[kevinmarks] or it being part of Convoy?
kousu_xmpp and [shaners] joined the channel
#
[shaners] <@U03QR2B3P kylewm: if either or both if you are willing to work on the mf2 ruby parser, I'll work with you on it and get it released. I still have release credentials, I think.
#
[shaners] The singular/plural seemed like a good idea and for our internal uses it was, but clearly it turned out not to be in the longer run.
#
[shaners] We could break compatibility and release a 3.0 (to comply with SemVer).
Pierre-O, j12t, snarfed, kousu[xmpp] and kousu_xmpp joined the channel
#
ben_thatmustbeme pokes his head in... ruby mf2 parser
#
ben_thatmustbeme I'd help too
kousu[xmpp], j12t, eli_oat, snarfed, kousu_xmpp and lukebrooker joined the channel
#
GWG What's the personal punishment for failure to achieve your 2016 commitment?
#
@Shoq .@kevinmarks It's getting easier and easier to understand why @indiewebcamp was a pretty important idea. https://twitter.com/Shoq/status/678718988562501632 (twitter.com/_/status/678722681471000576)
j12t joined the channel