#dev 2016-10-31

2016-10-31 UTC
KevinMarks, chrisaldrich_, KevinMarks_ and ChrisAldrich joined the channel
# 11:45 
@Naouak @Xowap @bortzmeyer @Lea_Lejeune Mieux avec la dernière version : https://www.w3.org/TR/micropub/ (twitter.com/_/status/793055326715179008)
bret joined the channel
# 13:12 
cweiske.de edited /2016/Berlin (+37) "/* Participating */" (view diff)
chrisaldrich1, tantek, KevinMarks and ChrisAldrich joined the channel
# 16:53 
www.funwhilelost.com edited /device-deaths (+661) "Adding notes about Apple's common iPhone obsolescence pattern" (view diff)
# 16:54 
ben.thatmustbe.me edited /2016/MIT2/Guest_List (+234) "/* Participants */  RSVPs via eventbright" (view diff)
KevinMarks, ben_thatmust, ben_thatmustbeme, KevinMarks_ and tantek joined the channel
# 19:34 
aaronparecki.com edited /events/2016-11-02-homebrew-website-club (+81) "pdx moved to nov 9" (view diff)
# 19:37 
KartikPrabhu aaronpk: the links to individual lines in the chat logs seem to be messed up due to timezone issue i think
# 19:38 
KartikPrabhu tantek: I left you a message but can't link to it due to timezone issues. it should be at the bottom here https://chat.indieweb.org/dev/2016-10-27
# 19:38 
KartikPrabhu repeating "saw your post-type-discovery algorithm draft https://www.w3.org/TR/2016/WD-post-type-discovery-20161028/#algorithm  . Any particular reason for the ordering of types as "rsvp > reply  > repost > like" ? I understand "reply" getting precedence but  don't understand the "rsvp > reply" and the ordering after "reply""
# 19:38 
Loqi [Tantek Çelik] Post Type Discovery
# 19:38 
aaronpk yeah, something about crossing the date barrier when viewing it in your local timezone
# 19:38 
tantek KartikPrabhu: reasoning is in the draft
# 19:38 
Loqi tantek: KartikPrabhu left you a message 3 days, 18 hours ago: saw your post-type-discovery algorithm draft https://www.w3.org/TR/2016/WD-post-type-discovery-20161028/#algorithm . Any particular reason for the ordering of types as "rsvp > reply > repost > like" ? I understand "reply" getting precedence but don't understand the "rsvp > reply" and the ordering after "reply"
# 19:39 
tantek KartikPrabhu: https://www.w3.org/TR/post-type-discovery/#order
# 19:39 
Loqi [Tantek Çelik] Post Type Discovery
# 19:40 
KartikPrabhu tantek: I don't see why "rsvp > reply" from that
# 19:40 
KartikPrabhu oh I see, because the author is expressing intent to be present at an event over simply online-replying
# 19:40 
KartikPrabhu gotcha, makes sense now
# 19:41 
tantek KartikPrabhu: an RSVP is richer than a reply since it contains a specific yes/no/maybe/interested piece of information in addition to a reply
# 19:41 
tantek yes
# 19:41 
KartikPrabhu yup makes sense. i didn't think of that while reading the spec
# 19:43 
tantek.com edited /MediaWiki:Sidebar (+51) "this week's HWC" (view diff)
# 19:54 
tantek.com edited /Events (+4383) "Nov and Dec HWCs" (view diff)
# 19:59 
tantek.com created /events/2016-11-16-homebrew-website-club (+7644) "draft from 2016-11-02" (view diff)
# 20:01 
tantek.com created /events/2016-11-30-homebrew-website-club (+7644) "draft from 2016-11-16" (view diff)
# 20:01 
tantek.com created /events/2016-12-14-homebrew-website-club (+7644) "draft from 2016-11-30" (view diff)
# 20:01 
tantek.com created /events/2016-12-28-homebrew-website-club (+7644) "draft from 2016-12-14" (view diff)
gRegorLove joined the channel
# 20:04 
tantek.com edited /events/2016-11-16-homebrew-website-club (-76) "no Portland on 11-16" (view diff)
KevinMarks joined the channel
# 20:27 
tantek.com edited /events/2016-11-30-homebrew-website-club (-77) "no Portland on 11-30" (view diff)
# 20:27 
tantek.com edited /Events (-29) "/* November */ -PDX 11-30" (view diff)
# 20:34 
gregorlove.com edited /Homebrew_Website_Club (+69) "/* Bellingham */ note holiday hiatus" (view diff)
# 20:36 
gregorlove.com edited /Homebrew_Website_Club (-21) "/* Bellingham */ flatten li hierarchy a bit" (view diff)
# 20:36 
gRegorLove tantek: ^ That look ok? Not sure we need the nested li since the city name is the heading
# 20:36 
tantek looking
# 20:37 
tantek one moment, queued
KevinMarks joined the channel
# 20:39 
gregorlove.com edited /events/2016-11-16-homebrew-website-club (+95) "Bellingham on hiatus through 2016 holidays" (view diff)
# 20:39 
gregorlove.com edited /events/2016-11-30-homebrew-website-club (+95) "Bellingham on hiatus through 2016 holidays" (view diff)
# 20:40 
gregorlove.com edited /events/2016-12-14-homebrew-website-club (+95) "Bellingham on hiatus through 2016 holidays" (view diff)
# 20:40 
tantek gRegorLove: commas in headings result in ugly fragment links - can you remove?
# 20:41 
tantek also the headings make sense as shorthands, and then expand details in the content
# 20:42 
gregorlove.com edited /events/2016-12-28-homebrew-website-club (+95) "Bellingham on hiatus through 2016 holidays" (view diff)
# 20:42 
tantek agreed re: nested li - artifact of how it used to be
# 20:42 
gRegorLove Oh, so it's a MediaWiki workaround
# 20:42 
tantek clean that up in general
# 20:43 
gRegorLove The nested li was one thing, but I guess what I was thinking more was: there's a lot of redundant information with the full city/region listed under the shorthand
# 20:43 
gRegorLove But yeah, nasty MediaWiki anchors
KevinMarks joined the channel
# 20:43 
tantek gRegorLove: shorter heading in general are better, hence why I was only using city name there
# 20:44 
tantek and then leaving details up to contents
# 20:44 
gregorlove.com edited /Homebrew_Website_Club (+20) "/* Bellingham, WA */ rm comma from heading, put city/state back in bullet" (view diff)
# 20:47 
gregorlove.com edited /Homebrew_Website_Club (-23) "/* Regular Meetings */ flatten nested li, leave city/region names as first bullet" (view diff)
KevinMarks and KartikPrabhu joined the channel
# 20:58 
tantek KevinMarks, did you create a FB POSSE event for your HWC SF event this week? I see http://known.kevinmarks.com/2016/homebrew-website-club-san-francisco-2016-11-02 says "Facebook event:" but no link after ?
# 20:58 
Loqi Homebrew Website Club San Francisco 2016-11-02
# 20:58 
tantek wants to RSVP to both
KevinMarks_ joined the channel
# 21:23 
tantek.com edited /2016/LA/Guest_List (+537) "add my project info!" (view diff)
# 21:26 
tantek ok - going to RSVP just to the indie event for HWC this week - hopefully I can post an "update" if there's an FB POSSE copy eventually
# 21:28 
tantek.com edited /events/2016-11-02-homebrew-website-club (+8) "add self" (view diff)
ChrisAldrich and chrisaldrich1 joined the channel
# 21:34 
adactio.com edited /events/2016-11-02-homebrew-website-club (+14) "/* San Francisco */" (view diff)
# 21:38 
www.boffosocko.com edited /events/2016-11-02-homebrew-website-club (+137) "/* Details */  no HWC for LA this week in anticipation for IWC LA" (view diff)
# 21:46 
tantek.com edited /Events (-51) "move Oct events to recent, no HWC LA this week" (view diff)
# 21:46 
tantek !tell gRegorLove mind updating the home page indieweb.org with latest / next HWC / IWC event infos? Thanks!
# 21:46 
Loqi Ok, I'll tell them that when I see them next
# 21:48 
tantek.com edited /2016/LA (+18) "emojicon" (view diff)
# 21:50 
tantek ChrisAldrich: do you have food sponsors lined-up already and food ordering/delivery plans?
# 21:50 
tantek (for IWC)
# 21:51 
ChrisAldrich Pivotal is taking care of the lion's share. They're a relatively large company of programmers, so they've got lots of snacks/drinks in their kitchen area and will be catering lunch for us.
# 21:52 
ChrisAldrich They've got a large open area in the front for the opening/closing/demos (with pingpong tables), and half a dozen or so individual highly connected conference rooms for breaking into groups of 3-15+ for sessions.
# 21:55 
gregorlove.com edited /2016/LA (+648) "/* Organizers */ +Participating section" (view diff)
tantek joined the channel
# 22:01 
gregorlove.com created /2016/LA/Sessions (+366) "stub" (view diff)
# 22:06 
www.boffosocko.com edited /2016/LA (+994) "/* Where */ Parking and nearby entertainment" (view diff)
# 22:19 
sknebel hm, rereading the webmention spec the security section  focusses on the sender side in a few subsections (don't send WMs to localhost, don't send WMs to servers in private networks), but the same concerns apply similarly to webmention verification?
# 22:19 
sknebel (although it's GET requests there, not POSTs)
# 22:32 
GWG Examples?
# 22:32 
www.boffosocko.com edited /2016/LA (+319) "Gave Pivotal a sponsor spot at the bottom" (view diff)
# 22:37 
sknebel GWG: https://webmention.net/draft/#avoid-sending-webmentions-to-localhost and https://webmention.net/draft/#limit-access-to-protected-resources
# 22:37 
Loqi [Aaron Parecki] Webmention
# 22:38 
GWG I implemented those for verification.
# 22:38 
sknebel me too, and we've talked about it quite a bit
# 22:38 
sknebel so I was surprised that it isn't mentioned in the spec
# 22:39 
aaronpk i think the concern is less important with GET requests, since normally GET requests don't mutate state. tho for really poorly designed systems i guess that could still be a problem.
tantek joined the channel
# 22:42 
sknebel on localhost, you potentially could talk to e.g. a database using a non-HTTP protocol, there have been weird vulnerabilities where creative HTTP requests then are interpreted as commands. especially relevant if you accept HTTP urls including port numbers
# 22:43 
sknebel and if verification results are displayed, you could leak info from internal sites?
# 22:43 
aaronpk that's a stretch but i suppose so
# 22:43 
sknebel I agree that you need quite odd circumstances
# 22:43 
sknebel but I'd err on the side of caution and recommend blocking ALL access to such resources unless explicitly whitelisted
# 22:48 
sknebel I guess in an intranet you might want working webmentions between local sites
# 22:51 
calumryan.com edited /events/2016-11-02-homebrew-website-club (+17) "/* London */" (view diff)