#dev 2017-08-02

2017-08-02 UTC
KevinMarks_, leg, [kevinmarks], https_GK1wmSU, KevinMarks, j12t_, gRegorLove, [jeremycherfas] and cweiske joined the channel
#
TheGillies
Finally got this freaking webmention to show up how I want
#
TheGillies
[kevinmarks]: wow that's really cool
#
TheGillies
the kinda thing that only comes about out of nescessity
barpthewire joined the channel
#
@NewsAsterisk
Hola everyone! Interested in learning more about #webmentions? Here is all you want to know! #asterisknews ? #devs https://allinthehead.com/retro/378/implementing-webmentions
(twitter.com/_/status/892654531514949632)
#
Zegnat
jeremycherfas, eli_oat, glad you both found my advice helpful :)
tantek_ and KevinMarks joined the channel
#
petermolnar
I'm looking at the follow up of that mastodon ddos tweet: https://twitter.com/mulander/status/874370124932943874
#
@mulander
Very creepy @WhatsApp, someone was apparently typing in an URL and WhatsApp was fetching it off my server char-by-char https://pbs.twimg.com/media/DCJi5tWXYAE6QI8.jpg
(twitter.com/_/status/874370124932943874)
#
petermolnar
I'm fairly certain fail2ban would block whatsapp from my side and it would be completely valid
#
cweiske
fail2ban bans clients that fetch 404 pages?
#
petermolnar
I used to, if they are hitting too many 404s within a certain timeframe
#
petermolnar
maybe not right now
#
petermolnar
human wouldn't do that in theory, would they?
#
petermolnar
apparently they would
#
petermolnar
though not intentionally
#
@dr4ys3n
@mulander @fenkt @WhatsApp Just set up a php page with the following code: <?php header("Location: data:text/plain,hello"); ?> That will crash whatsapp on your iPhone
(twitter.com/_/status/874725257722179584)
#
Zegnat
Wait. Why is WhatsApp fetching 404s?
#
petermolnar
it looks up the url char by char
#
petermolnar
though the thread is a month old
#
cweiske
whatsapp shows instant previews of URLs typed int othe message field
#
petermolnar
don't know if it's still the case
#
petermolnar
there should be a cooldown seconds or milliseconds after a char typed to actually look that url up
#
petermolnar
this is mad
#
cweiske
telegram waits a second until it tries
#
petermolnar
which makes sense
#
petermolnar
still a bit invasive though
#
Zegnat
We could test easy enough. Happen to have your logs open, petermolnar? ;)
#
petermolnar
although /me is using telegram via bitlbee
#
Zegnat
Seriously?!
#
Zegnat
As WhatsApp user nothing in the UI suggests it is doing background fetching
#
cweiske
chatting without clicking "send"
#
cweiske
that's awesome!
#
cweiske
nearly as cool as chatting via SEPA bank transfer messages
#
petermolnar
logwatch -> push messages to phone
#
Zegnat
does select all + backspace so peter doesn’t get all the requests again in reverse
#
petermolnar
not really a problem, nginx is fast
#
petermolnar
but this is clearly a ddos vector
#
petermolnar
Zegnat can I try crashing it?
#
petermolnar
with that php
#
Zegnat
exits all other apps
#
Zegnat
Just tell me where to go
#
petermolnar
just try typing again
#
Zegnat
not while typing. Maybe if I sent
#
Zegnat
(sorry sebsel you are my testing person today)
#
Zegnat
Nothing. No link preview either
#
Zegnat
Oh, crap, did I miss the httpS? That might have invalidated it
#
petermolnar
no, it seems to be ok
#
Zegnat
No crashes. At least they fixed that
#
Zegnat
“ERR_UNSAFE_REDIRECT” when I try to open it in Chrome for Android
#
Zegnat
Apparently redirects to data URLs are a no-no
#
petermolnar
right, but if you do this to an uncached wordpress from a lot of clients within a short time that can end bad
#
petermolnar
wp does a lot of magic trying to figure out where you actually wanted to go
#
petermolnar
unlike my site
#
loqi.me
edited /Mastodon (+107) "tantek_ added "2017-08-01 [https://medium.com/@Gargron/m-for-mastodon-4269c0bf6c8b M for Mastodon: A new logo and v1.5]" to "See Also""
(view diff)
j12t joined the channel
#
@antistatique
#Webmentions to help decentralising the web again﹣How and why Implementing this W3C recommendation https://allinthehead.com/retro/378/implementing-webmentions
(twitter.com/_/status/892674007539077120)
[tantek] joined the channel
#
sebsel
saw Zegnat's Whatsapp messages and is surprised by what was being tested
#
sebsel
The iOS version does it too, and even the web client, but the web client has some delay: https://seblog.nl/temp/media-endpoint/a57d6a-web-client.jpg
#
sebsel
It still does a GET for every keystroke, but based on the current typed URL, after the delay.
j12t, KevinMarks, jeremycherfas, [kevinmarks] and Defenestrate joined the channel
#
@kevinmarks
Is this the kind of metadata that @sherylsandberg is promising to give @AmberRuddHR in those "complicated" meetings? #ownyourdata QT [@mulander] Very creepy @WhatsApp, someone was apparently typing in an URL and WhatsApp was fetching it off my server char-by-char https://pbs.twimg.com/media/DCJi5tWXYAE6QI8.jpg
(twitter.com/_/status/892700776006639618)
j12t and jeremycherfas joined the channel
#
vanderven.se martijn
edited /Do_Not_Track (+363) "Reddit is dropping DNT support."
(view diff)
#
@rolle
ronilaukkarinen starred pfefferle/wordpress-webmention https://github.com/pfefferle/wordpress-webmention #github
(twitter.com/_/status/892731536000389120)
tantek_, [kevinmarks], KevinMarks, j12t, KevinMarks_, singpolyma, eli_oat and [miklb] joined the channel
#
tantek.com
edited /peername (+67) "linky linky, see also"
(view diff)
#
tantek.com
edited /namecoin (+73) "linky linky, see also"
(view diff)
#
tantek.com
edited /blockchain (+252) "upgrade original snarkinition with a tweeted definition, cite source"
(view diff)
tantek_, j12t, barpthewire, jeremycherfas_ and KevinMarks joined the channel
#
snarfed.org
edited /blockchain (+328) "another definition"
(view diff)
#
sknebel
snarfed++
#
Loqi
snarfed has 8 karma in this channel (293 overall)
KevinMarks, arush, [cleverdevil], [kevinmarks], gRegorLove, [colinwalker], https_GK1wmSU and [chrisaldrich] joined the channel