2016-09-15 UTC
doesntgolf, KevinMarks_, miklb, tantek, KevinMarks and AngeloGladding joined the channel
KevinMarks and cweiske joined the channel
cmal, loicm_, gRegorLove, KevinMarks_, KevinMarks, AngeloGladding, kants, doesntgolf and bear joined the channel
singpolyma, Zegnat and cweiske joined the channel
# 16:17 Zegnat Surprised Kevin Marks’ rel-me verify doesn’t work in Firefox. plindner and doesntgolf joined the channel
# 17:22 Zegnat Some headscratching was involved, but it seems to work now. Just want to get someone else to take a look as well. # 17:24 rascul wow kevinmarks.com takes forever for me to load # 17:24 rascul appears to work correctly though on rascul.xyz aaronparecki.com and bear.im # 17:25 rascul there we go, it seems to work correctly on kevinmarks.com # 17:27 Zegnat I should probably package the “buggy” version too, to see if it was a local issue or something odd with Firefox plugins gRegorLove joined the channel
# 17:44 Zegnat Maybe I do need to get normal-Firefox for a fair test # 17:44 Zegnat But apparently it will not work without scheme in either 50 or 51 then # 17:44 Zegnat I am on Nightly (albeit a slightly outdated one, because I only opened it now to test) plindner joined the channel
# 18:31 Zegnat I still need to test the XPI on Firefox for Android. It might work, as I think content scripts are 100% supported there # 18:35 Zegnat I… don’t know? Is it complaining? I made sure to sign the XPI... # 18:49 Zegnat Alright, I can confirm the add-on works on mobile, but I could only get it installed by getting it from AMO # 18:53 Zegnat So either there is something wrong with my XPI on GitHub. Or Firefox for Android has some limitation I cannot find documented anywhere. # 18:57 cweiske didn't firefox recently changed their plugin installation rules? # 18:57 cweiske only-from-official-store-unless-developer-build`? cmal joined the channel
# 19:00 sknebel cweiske: I think you can distribute packages signed by Mozilla outside the store, but they have to go through mozilla once # 19:01 Zegnat Yeah, you have to provide your personal API key when you do $ web-ext sign # 19:01 cweiske I remember reading that - unless you're using a firefox developer build - you can't install install addons outside the mozilla store anymore # 19:03 Zegnat cweiske, any source? Self-hosted is still a thing they talk about on MDN # 19:04 sknebel I think 48 and later won't have a switch to turn off the signature check anymore, but I can't find anything about any version being limited to the store only # 19:05 Zegnat Yeah. And it is signed. I just confirmed. The download I can access on AMO gives me a file with the same md5sum as the XPI in the GitHub repo # 19:05 Zegnat But when I downloaded the XPI on my phone from AMO it worked, from GitHub it was blocked. So it does feel like an origin base check # 19:13 Zegnat I don’t really like what they are doing to browser extensions :( Firefox now requires signing by Mozilla, Safari requires you to pay for a developer certificate... cmal joined the channel
# 19:27 sknebel download it, open file:///downloads/folder, click on the .xpi there # 19:30 Zegnat That URI is not working for me. Do I need to discover the path to my downloa folder somewhere? # 19:30 sknebel yes, sorry, you have to insert your actual folder # 19:32 Zegnat file:///storage/emulated/0/Download/verify-me.xpi # 19:36 Zegnat Please tell me you found an obscure article about that, sknebel, and not figured that out by trial-and-error just now :p # 19:36 Zegnat ping KevinMarks_ : you can now run the extension on Firefox, if you follow sknebel’s instructions # 19:41 Zegnat It is odd that you would need to do that for a signed extension though # 19:44 sknebel you can whitelist domains in about:config as well # 19:58 Zegnat I will probably get the source to my extension up tomorrow - with in browser rel verification. It correctly resolves redirects now (pages linking to kevinmarks.com without www. came up verified) but there still seem to be some differences between it and indiewebify # 19:58 Zegnat Twitter still doesn’t resolve. The t.co URL gives a 200, not a 30* redirect. # 20:04 Loqi cweiske has 55 karma (5 in this channel) # 20:05 ben_thatmustbeme actually, if I had an ability to discover server version string or something i could use that and this to auto-configure the micropub client for the person # 20:09 sknebel Zegnat: are you using the fetch-api for the redirect-discovery? # 20:09 Zegnat I am doing a HEAD request with window.fetch(), yes # 20:10 Zegnat which will automatically follow redirects and turn my response.url into the final url. So then I compare that. # 20:10 sknebel then you can solve the twitter-issue at least in firefox by setting a different user-agent string # 20:10 sknebel chrome hasn't gotten around to implementing that yet, but firefox does # 20:10 Zegnat Wait, seriously? Twitter is giving different t.co pages depending on UA? That sounds … ridiculous # 20:15 Loqi [ben_thatmustbeme] with user agent > meta refresh, without user agent > location header # 20:16 Zegnat I am sticking to what I just said: ridiculous. # 20:17 Zegnat So, what, they try to specifically cater to cURL or something? # 20:17 sknebel also, re-reading it seems like changing the user-agent for fetch triggers a CORS-check, so I'm not sure if it works AngeloGladding joined the channel
# 20:20 cweiske ben_thatmustbeme, are you building a new micropub client? # 20:21 Zegnat CORS should not be a problem, sknebel. My fetching happens in a background script, which means I can always fetch from any domain # 20:30 Zegnat I haven’t checked, KevinMarks_. Because I get the final URL back really easy so I went with that # 20:30 Zegnat Aah. Alright. Sounds like I have some work left to do on the redirect resolving then ;) # 20:33 Zegnat I am “borrowing” your SVGs, KevinMarks_. Can I assume those to be CC0? # 20:33 Zegnat (Want to ask before I go an release the source tomorrow.) # 20:39 KevinMarks_ I was thinking we could add a grey tick if it links back but has no rel-me # 20:43 cweiske hm. known doesn't care if I send content or content[html]; it automatically detects if its html # 20:47 Zegnat cweiske, is that wrong? People submitting Markdown might do so as content and that can contain HTML as well. I don’t think content MUST be plain text? # 20:47 Zegnat KevinMarks_: nice, thanks for clearing up licensing :) Grey tick might be interesting # 20:48 aaronpk if you interpret content=<foo> as html then it's super easy to accidentally get javascript or other bad content into the post # 20:48 aaronpk or the non-mailcious case, it becomes impossible for the user to include characters in their post that need to be escaped # 20:49 cweiske e.g. when someone asks "how do I do a headline in html" and I want to reply "use <h1>" # 20:51 Zegnat Hmm. So if I am using Markdown or Wiki-Markup or something that allows for intermingled HTML, it can’t go in content= ? # 20:52 aaronpk well if you write your own server, you can ultimately decide to do whatever you want. but clients will be expecting they are sending you plaintext content # 20:52 aaronpk you *can* make that work, but you're going to have to handle the edge cases and failure modes yourself, and may lead to some unexpected results # 20:53 aaronpk rhiaro sometimes uses my micropub clients to edit YAML blocks so... you know # 20:54 Zegnat Interesting. So as far as clients should be (or are) concerned every endpoint supports only plain text (content) and HTML (content[html])? # 20:54 voxpelli makes sense considering that Micropub doesn't define the format but rather the mf2 parser output does tantek joined the channel
# 20:56 cweiske so user writes markdown -> client converts markdown to html -> sends to MP endpoint -> endpoint converts HTML to markdown -> saves into git -> static site generator converts markdown to html # 20:57 aaronpk i don't think any clients are currently "markdown-aware" # 20:58 voxpelli yeah, one should simply not describe the flow in a flow chart because the full flow because totally crazy # 20:58 cweiske aaronpk, commentpara.de will get its own "comment box" client, which will accept markdown # 20:59 voxpelli cweiske: I btw very much do write my posts in markdown as well ;) so that flow is totally real # 21:01 Zegnat I am going to say goodnight as well. Have a good one, everyone! # 21:02 Loqi Ok, I'll tell them that when I see them next cmal, Loqi and KevinMarks joined the channel
# 22:33 aaronpk ? i think the unicode 8 emoji aren't supported by mysql # 22:34 aaronpk maybe not. but for some reason, webmention.io is failing with those. KevinMarks joined the channel
# 23:45 tantek that makes me wonder, since I'm considering publishing a u-uid WITHOUT slug, and I publish a u-url WITH slug, could slug be implied ? # 23:45 tantek (the point of the u-uid without slug is for readers to assert uniqueness on the post even if/when I change the slug) # 23:46 tantek (also helps with /deleted posts - only have to keep the u-uid in the u-url, and can dump the slug completely as part of deleting all content of the post) # 23:47 aaronpk I don't think anybody should be parsing the path of URLs # 23:47 tantek if A is a prefix of B, then the remainder of B is the slug # 23:48 tantek sure, I'm trying to see if establishing a pattern would help in the future # 23:48 aaronpk what's the value of implying the slug based on string matching uid vs url? # 23:48 tantek I think the "slug is part of the id" approach will die over time, as more folks admit that the slug is or should bepart of user-editable content of the post # 23:49 aaronpk wordpress has a unique ID for each post, and the slug can be used in the URL # 23:49 aaronpk if you edit the slug, it keeps the history and redirects the old slug to the new slug # 23:50 aaronpk wordpress' "rel=shortlink" sometimes links to the integer ID version KevinMarks joined the channel
# 23:56 GWG aaronpk, did you catch up on logs? # 23:56 aaronpk if there is anything important, I hope it either made it into a github issue, the wiki, or will be repeated again later # 23:57 tantek I plan to re-read logs from during XOXO weekend # 23:57 GWG aaronpk, there was a question about the license for php-comments and why it is Apache. # 23:58 aaronpk i think that was the default license i was using at the time, so no particular reason # 23:59 GWG aaronpk, the second question is who is looking at PRs?
cweiske.de edited /Micropub/Servers (+48) "/* Implementation status */ known supports 1 syndication target" (view diff)
julieannenoying.com edited /events/2016-09-14-homebrew-website-club (+219) "/* Photos */" (view diff)
Zegnat rascul, could you give https://github.com/Zegnat/verify-me/blob/master/verify-me.xpi a go for me and see if it works for you?
KevinMarks_ That's odd
gRegorLove Slack's new "All Unread" view is pretty nice
ben_thatmustbeme oh wow, i just looked back at https://indieweb.org/Micropub/Servers#Implementation_status
ben.thatmustbe.me edited /Micropub-brainstorming (+408) "/* Query for other information */" (view diff)
aaronparecki.com edited /Micropub (-8) "/* h-entry */ remove slug since it's not a property of h-entry" (view diff)
tantek.com edited /Facebook (+1179) "/* Criticism */ add new Weaning section for how to" (view diff)