#petermolnarI see rhiaro is embracing the "machine first" directive
#petermolnaradvice for many: the setup of having a host which forwards with iptables into an lxc container, which has an nginx, which proxies based on domain into other lxc containers on the same host effects your network quite bad
#myfreewebheh i'm planning the setup for moving unrelenting.technology to a new vps… i think i'll set up an nginx in a jail with host networking, proxying to apps in their own jails over unix sockets
#myfreewebfreebsd's veth like thing (vimage/vnet) was buggy for a while, they fixed it now… but there always was the other option — you just assigned ip addresses to jails, and they were set up as aliases on your net interface. i don't think linux has such a setup?
#myfreewebwhat exactly was the issue with veth? more latency?
#petermolnarlatenxy for sure, not rare enough cases of connection reset
#petermolnarI've been planning to move to freebsd for more than a year, but never got the time to learn the bare minimums enough :(
#petermolnarnice, I see ips trying to reach my no-more-existing wp-admin.php ... shall I assume those are not visitors? :D
#GWGpetermolnar, I see that from bots on sites run on and off WordPress
#cweiskethe 404 list on my page is very long, mostly from bots checking if I run some vulnerable software
#aaronpkis there something i can do to punish bots that probe for wp-login.php? can i send back like super large files or something? redirect them to a 100mb video file?
#aaronpksadly this is not a visible improvement so won't count towards #100daysofindieweb
#petermolnarwell... that depends where you cross the line with indieweb
#petermolnarif you run your own server, I'd count this in
#aaronpkeh, the goal was visible improvements specifically
#aaronpk"It must be something with a publicly visible result (e.g. has a visible effect on the presentation of your web page, or is an improvement to an open source tool)"
#LoqigRegorLove: tantek left you a message 2 weeks, 2 days ago: not seeing the link to LA/Planning from /Planning#Completed but that approach sounds good
#tantekit could call out to a custom @-name auto-link function
#tantekif provided, otherwise it would just do its default @-name linking
#aaronpkyeah maybe the cassis way of doing it would be to check for the existence of a named function (either window.whatever in JS or function_exists('whatever') in PHP)
#tantekforget auto-linking, you need to know for escaping
#aaronpkalso even if HTML is provided, I can't be sure that the author has linked hashtags or @-names in their HTML so I want to do a pass on those too
#tantekthat's a different problem and I'm totally not going to solve that one
#tantekprocessing arbitrary HTML -> HTML is definitely not on my list
#aaronpkthat's already mostly done for me by XRay. it sanitizes HTML, and leaves only a small list of tags as well as mf2 classes.
#tantekauto-linking arbitrary (even semi-processed) HTML requires a very different approach. You basically have to parse the HTML completely, and then apply plain-text auto-linking to each text-node.
#aaronpkeach text-node that is not in an anchor tag
#ben_thatmustbemealthough i clicked it and it created that room, so i guess thats technically the correct thing to do if IRC supports chat names like that
#tantekI think my IRC client auto-handles clicks on any #-name or use of a nickname in plain text, and either joins that room or opens a pm window respectively
#tantekcursor just changes from arrow to hand with pointer finger, no other visual cue
#ben_thatmustbemei have underline on room names and people names, blue on urls
#ben_thatmustbemeerr underline when hovering on both of those things actually
#aaronpkokay yeah i can see dropping autolinking plaintext URLs in HTML
#aaronpkso then the problem is just: avoid autolinking @-names and #hashtags if they are inside specific HTML elements
#aaronpkand then a separate issue for p3k is knowing whether the comment was parsed as HTML vs plaintext which it does not right now
#tanteka-ha! yes that's key information to pass along from the microformats parsing
#aaronpki think it gets lost from the webmention.io web hook to p3k so that should be easy
#tantekavoid *any* auto-linking inside specific HTML elements (A, AREA, BUTTON, SCRIPT, TEXTAREA, ... ?)
#tantekaaronpk, I'd want to see some security testimonials on their home page
#tantekfrom security professionals who have code-reviewed and or tried to exploit it
#tantekthat being said, it would be interesting to try to develop a subset of HTML that was "safe" as it were, a profile that could be used as the target of a purifier like that
#tantek(nevermind that any security professional will first balk at them not using https!)
#tantekKevinMarks, you'll have to disambiguate known
#tantekwaits for aaronpk to build his own personal taggregator
#KevinMarksAh, with known you get an html comment, so it links to the hashtags on my known site
#tantekaaronpk, how much work would it be for Loqi to ping internet archive for all the links in anything said in IRC that it is saving / showing in the logs?
#tanteke.g. if we paste a tweet here, then Loqi pings internet archive to archive it as well as saving the IRC text to its logs database
#tantekthe goal/effect is that all links in our IRC logs get save in the internet archive, so if (when?) those links die, the IRC log could redirect to the internet archive version instead
#KevinMarksSvgur.com now pings Internet archive for each svg uploaded
#LoqiThe Internet Archive is a non-profit organization that is building a digital library, including archival copy of much of the public web https://indieweb.org/Internet_Archive
#Loqisanitize, specifically "sanitizing HTML", "sanitizing for (display inside) HTML", or "sanitization" is a common operation performed by any site which displays content from external sources, including user entry https://indieweb.org/sanitize
#Loqiok, I added "http://htmlpurifier.org/" to the "See Also" section of /sanitize
#tantekKevinMarks: in this case I don't think I made the mistake *before* someone else did *and* I pointed it out! It was like pointing out the mistake trained my brain to then repeat it!
#Loqi[@Pinboard] @printfJess delete whatever you can, don’t collect data, if you have to collect it, don’t store it, if you store it, don’t store it for long
#tantekThere's a natural tension between that and caching though
#tantekHow shall we document this for indieweb? E.g. what are best practices, examples thereof, software implementations etc.