#dev 2018-02-14

2018-02-14 UTC
KartikPrabhu, eli_oat and [cleverdevil] joined the channel
#
[cleverdevil] Blurgh. My fix for Known definitely fixed auth for Together / Aperture, but it seems to have broken things for Quill.
#
[cleverdevil] Sigh.
#
aaronpk orly? that is odd
#
aaronpk what'd you change?
#
grantcodes Well together now supports read / unread status πŸ™‚
#
aaronpk ooh wow
#
aaronpk which method did you do?
#
grantcodes Both the mark last read entry (for mark all as read) and individual read / unread
#
aaronpk sweet
#
grantcodes UI ain't great for it but it works.
#
[cleverdevil] [aaron_pk] so, the scope wasn't actually being passed back properly, and I changed it in one case and it works, and in this other case, now its not passing back scope at all.
#
aaronpk i'm getting an ssl error trying to log in on together.tpxl.io
#
[cleverdevil] `The token endpoint did not return a "scope" parameter. The scope parameter lets this client what permission the token represents.`
#
aaronpk huh
#
[cleverdevil] That's awesome, [grantcodes] πŸ™‚
#
[cleverdevil] Nice work.
#
[cleverdevil] So, now i need to figure out what's broken.
#
grantcodes Hmmm any more info on that ssl error. It's fine for me
#
grantcodes The only errors I get are mixed content related
#
aaronpk Looks like it was hitting a different hostname for the auth url thing and it was serving the wrong cert
#
[cleverdevil] Oy, I find this code very confusing.
#
aaronpk it was trying to hit https://togetherapi.tpxl.io/ but that has a cert for accounting.tpxl.io
#
aaronpk weird now it's fine
#
[cleverdevil] [aaron_pk] when I get that response from Quill, I am assuming it has already received the token, and is sending a request to my token endpoint to verify it?
#
aaronpk quill doesn't verify tokens, it just starts using them
#
[cleverdevil] Okay, then what would that response indicate?
#
aaronpk when it exchanges the auth code for the token it expects to also get the list of scopes for the token
#
[cleverdevil] Got it.
#
grantcodes oh aaronpk you had a cached version. PWA so you potentially need to reload twice to clear the caches
#
aaronpk yep confirmed that message is coming from the part where quill tries to get the access token
#
aaronpk sounds like the token endpoint is not returning the "scope" property or it's blank
#
aaronpk grantcodes: oh lol I guess that makes sense
#
[cleverdevil] The "raw response" it shows me looks like: "access_token=XXXXXXXXXXXXX&me=https%3A%2F%2Fcleverdevil.io%2F"
#
[cleverdevil] So, scope is entirely missing.
#
[cleverdevil] Though, I am not sure if Known is somehow stripping it out because the value is empty.
#
aaronpk that sounds likely
#
[cleverdevil] Also, this worked before, so I can definitely narrow it down to the same three lines I changed in my first attempt.
#
[cleverdevil] That's good news, since now I just need to determine why scope is empty.
#
[cleverdevil] (In some cases)
[tantek] joined the channel
#
[tantek] Answer to the multiple h-feeds per page question
#
grantcodes aaronpk: now seeing an error about missing scope for searching, is there an undocumented scope I'm missing?
#
[tantek] 1. The first h-feed you find on the page (document order) is the h-feed *of the page*
#
[tantek] 2. Any additional h-feeds may be ignored by anyone processing the h-feed of the page
#
aaronpk grantcodes: oooops nope. I think I just forgot something
#
[tantek] 3. If the publisher wants secondary h-feeds to be referenceable , they must put unique ID attributes on them
#
[tantek] 4. Thus if consuming code wants to reference a secondary h-feed on a page it must do so with a url with the fragment ID of that secondary h-feed
#
grantcodes Ha no worries. I did think i had every scope imaginable
#
aaronpk grantcodes: try now
#
aaronpk that seems reasonable [tantek]. also when I wrote my h-feed consuming code I didn't actually encounter any double h-feeds in the wild.
#
[tantek] Have to run but feel free to write that up on the wiki and/or message Brent and let him know
#
[tantek] Pretty sure some of that is already documented somewhere
#
[tantek] The use case for this is potentially comments on an item when shown in a stream of items, eg a home page that also shows the first few comments in each post
#
[tantek] But we should likely make it part of the formal h-feed spec
#
[tantek] (Assuming no objections)
#
grantcodes yep works now thanks aaronpk
#
[cleverdevil] Found the exact line where things are failing.
#
[cleverdevil] Now I just have to figure out why scope is being cleared out.
#
aaronpk [tantek]: ah the "how to consume" section says "look for the first h-feed" maybe that's what you were thinking of https://indieweb.org/feed#How_To_Consume
#
aaronparecki.com edited /h-feed (+466) "/* Brainstorming */ copy multiple h-feed from irc" (view diff)
#
[cleverdevil] Bizarre... scope isn't even being passed *into* my endpoint.
#
[cleverdevil] So, this is weird. When I authorize with Together on my latest code, a token gets created with the proper scope.
#
[cleverdevil] When I authorize with Quill, a token gets created with a *blank* scope.
renem joined the channel
#
[cleverdevil] [grantcodes] also, the unread counts look a little weird in Safari - https://cleverdevil.io/s/F1gyexP1pU.png πŸ˜€
#
grantcodes Yeah that's just how they look for now
#
[cleverdevil] Oh! Gotcha πŸ™‚
#
[cleverdevil] It works great, though. Very nicely done.
#
[cleverdevil] So, I just double checked, and when I auth with Together, it works great, but with Quill, the scope is empty. I have zero clue what they are doing differently. The scope is not being passed in for some reason.
#
aaronpk What scope is quill requesting?
#
aaronpk haha nice emoji in the channel names
#
Loqi rofl
#
[cleverdevil] Thanks for the idea, [aaron_pk];)
#
[cleverdevil] It says "create update"
#
[cleverdevil] And I see that in Known when it hits the approval page.
#
[cleverdevil] But, somewhere along the line, its just disappearing.
#
aaronpk I got the idea from Anomalily cause she put emoji in all here Todoist list names
#
[cleverdevil] anomalily ++
#
[cleverdevil] anomalily++ too.
#
Loqi anomalily has 1 karma in this channel (15 overall)
#
[cleverdevil] Its just so *strange* that it works with Together.
#
aaronpk What scopes is Together requesting?
#
[cleverdevil] post create delete update read follow mute block channels
#
aaronpk I bet known doesn’t know about β€œcreate” from quill
#
aaronpk can you tell which scopes known thinks it’s assigned to the tokens?
#
[cleverdevil] Yes.
#
[cleverdevil] Its... not that smart.
#
[cleverdevil] So, it doesn't really know anything about scopes afaict,.
#
[cleverdevil] It just takes whatever is requested in.
#
[cleverdevil] Then, displays it to the user.
#
[cleverdevil] Then, stores the token along with its scopes.
#
aaronpk Can you check in the database to see what it thinks the scopes are on both tokens?
#
[cleverdevil] (Just verified I get the same behavior with OwnYourGram)
#
[cleverdevil] In the database, its stored with an empty string for scope.
#
[cleverdevil] Which matches what I see being passed in as its saving the token.
#
aaronpk Okay, where does that come from? Maybe it’s storing it wrong in the auth code?
#
[cleverdevil] That's where I am a bit out of my depth in the code.
#
[cleverdevil] FWIW, here is the commit that I made that *fixed* Together. -> https://github.com/cleverdevil/Known/commit/cb54e13cfa0019a80c7e9286afb1cd38efd2b1d4
#
[cleverdevil] It basically had hardcoded the scopes to "post".
#
[cleverdevil] I changed it to read them from whatever is passed into the endpoint, and then to save them.
#
[cleverdevil] For Together, this resulted in the proper scopes getting saved, rather than just "post."
#
[cleverdevil] But, now, Quill/OYG break.
#
aaronpk Wow github takes forever to load on a 3g connection
#
[cleverdevil] Heh, I am at 30k feet flying back to LA from DC.
#
[cleverdevil] πŸ˜‰
#
aaronpk I see the problem
#
[cleverdevil] Oh?
#
aaronpk that’s just echoing back whatever scope the client sends when it requests the token, which is not right on either side
#
aaronpk Known needs to keep track of what scope was requested when the auth code was generated and pass that back
#
[cleverdevil] Ah. Welp. Sounds like it needs more of a refactor.
#
aaronpk Ooh it might have it already
#
[cleverdevil] Ah hah
#
[cleverdevil] It does
#
[cleverdevil] Sec.
#
[cleverdevil] I think I can grab it from the Auth::verifyCode result.
#
aaronpk Yep that
#
[cleverdevil] πŸŽ‰
#
[cleverdevil] Thank you for your extra set of eyes!
#
[cleverdevil] I didn't fully grasp the flow, [aaron_pk]++
#
aaronpk So I think the reason Together was working is that it’s sending scope in the token request which it should not
#
[cleverdevil] This should now work in *both* cases.
#
aaronpk https://indieauth.spec.indieweb.org/#token-request
#
[cleverdevil] Prepping an updated PR to Known.
#
aaronpk Yay
#
Loqi πŸ˜„
bengo, [xavierroy], KartikPrabhu and tantek joined the channel
#
KartikPrabhu j12t: here is that blog post https://kartikprabhu.com/articles/href-in-svg
#
Loqi [Kartik Prabhu] <href> in SVG
tantek and bengo joined the channel
#
j12t KartikPrabhu: Excellent! Another thing this tells me is that not many people use SVG ... otherwise somebody would have cleaned those implementations up!
#
KartikPrabhu SVG is gaining more steam due to all the screen-sizes for devices now so hopefully this gets fixed
#
j12t Thanks again for sleuthing!
#
j12t KartikPrabhu++
#
Loqi kartikprabhu has 10 karma in this channel (162 overall)
#
KartikPrabhu of course no worries
[mifga], [mrkrndvs], tantek, [pfefferle], bengo, barpthewire and [gerwitz] joined the channel
#
[gerwitz] In defense of SVG, I built a side project using inlined SVG and it is *crazy fast* considering the graphics load. (toicon.com) I am now a firm believer in it.
#
KartikPrabhu [gerwitz]: yes I am a big fan of SVG
#
Ruxton if only it had good cross-browser support :(
#
KartikPrabhu Ruxton: for modern browsers it does
#
Ruxton IE9-11 doesn't scale properly
#
Ruxton much prefer to use them though, saves space/time/bandwidth, huzzah.
#
KartikPrabhu oh yeah I have almost forgotten about IE :P
AngeloGladding joined the channel
#
Zegnat purposefully forgets about IE
#
Ruxton I don't get that joy :(
tantek, jeremycherfas and [kevinmarks] joined the channel
#
[kevinmarks] How does ie mess up?
[gerwitz], barpthewire, [xavierroy], [mrkrndvs], leg and jeremych_ joined the channel
#
@sadboy_e hoje o bob estΓ‘ muito web-anti social, ele nΓ£o responde minhas webmensagens e webmentions (twitter.com/_/status/963777094697259009)
#
sarahmundy.com created /User:Sarahmundy.com (+136) "Created page with " <span class="h-card">{{sparkline| https://sarahmundy.com/wp-content/uploads/2018/02/me.jpg}} [[User:sarahmundy.com|Sarah Mundy]]</span>"" (view diff)
#
aaronparecki.com edited /Content_delivery_network (+356) (view diff)
eli_oat and sebsel joined the channel
#
petermolnar.net edited /site-deaths (+263) "adding sudden death of dasklub.com to 2017 deaths" (view diff)
gobengo, eli_oat, AngeloGladding, KartikPrabhu, Zegnat and Kaja_ joined the channel
#
grantcodes Hey Zegnat you about just now. I'm just trying to fix https://github.com/grantcodes/micropub/issues/7#issuecomment-362311625 and need some info on link headers
#
Loqi [Zegnat] From my testing (using the master branch here as a dependency in Omnibear), this fixes relative URLs in headers! πŸŽ‰ Unrelated to relative URLs, but my testing turned up a small bug in the rel matching logic: https://github.com/grantcodes/microp...
#
sknebel grantcodes: ask :)
#
sknebel (either I know or Zegnat can see it later and answer)
#
grantcodes Ok think the main thing is can `rel=` contain multiple values eg `Link: </endpoint>; rel="token_endpoint authorization_endpoint"`
#
aaronpk I have a bunch of test cases for that here https://github.com/indieweb/link-rel-parser-php/blob/master/tests/BasicTest.php
#
sknebel yes, they can
#
grantcodes Cool, then the fix that Zegnat suggested might not work πŸ€” not sure it's even an issue to be honest
#
sknebel hm, the suggested fix looks right to me - split the rel on spaces, check the array elements if they are identical to what you want
#
sknebel ah, no, your regex would still fail if you mixed <url>-rels
#
sknebel but the principle does
#
grantcodes Yeah I just realised it would work because of the space between the two rel values.
eli_oat joined the channel
#
grantcodes Don't understand the "mixed <url>-rels", can you give an example
snarfed and tantek joined the channel
#
sknebel nvm, I was wrong. I somehow thought url-based rels also had to be in <>, but they don't
#
sknebel so all good
#
grantcodes Cool thanks
[eddie] joined the channel
#
[eddie] aaronpk: Do you have a list of all the possible xray β€œtype” values? Or should I just look through all the Format files at what gets assigned to type?
snarfed joined the channel
#
grantcodes Next challenge is a test suite so I don't have to think so much about all this...
#
aaronpk [eddie]: hm I do not... tho there is a hint of that here https://github.com/aaronpk/XRay#discovering-content
#
Loqi [aaronpk] XRay: X-Ray returns structured data from any URL
#
aaronpk looks like the list is: entry, event, review, recipe, product, item, card, app, feed
#
aaronpk from https://github.com/aaronpk/XRay/blob/master/lib/XRay/Formats/Mf2.php#L27
#
[eddie] Gotcha. Yeah, I noticed my share sheet was breaking on GitHub, and realized there were values I had missed πŸ™‚ I’ll just do some quick searches through the files
#
[eddie] because GitHub returns pull, repo, comment, issue, etc
#
aaronpk ooh yeah huh
#
[eddie] Although I do wonder if github comments should be β€œentry”
#
[eddie] Not a big deal though πŸ™‚
#
aaronpk everything from github is entry or repo
#
aaronpk https://github.com/aaronpk/XRay/blob/master/lib/XRay/Formats/GitHub.php#L107
#
aaronpk github issues and comments are both "entry"
snarfed1 joined the channel
#
[eddie] ohhhh the type is just github type
#
[eddie] and then you do split to default non repo types to entry
#
[eddie] gotcha
#
[eddie] I missed that
#
[eddie] Makes sense πŸ˜„
#
aaronpk yeah it's not obvious in the code :)
#
[eddie] :crossed_fingers: hopefully this solves my crashing share sheet issue
#
[eddie] If so, then I should be able to push my bug fix release. (Finally got the code signing issues fixed)
#
Zegnat grantcodes, sorry, I was (am) at a meeting. Happy to check code later though.
#
grantcodes No problem, think it's all fine. Published an updated version on npm
#
grantcodes Going to test on sink with omnibear just now
[kevinmarks] joined the channel
#
Zegnat If it still, let me know
#
Zegnat Still breaks
Kaja_ joined the channel
#
grantcodes Yep, same for me. I'll investigate a little
snarfed joined the channel
#
snarfed wow xray has some interestingly niche handlers. not just github but xkcd, hackernews
#
snarfed but surprisingly (knowing aaronpk) no flickr
#
tantek or maybe Flickr "just worked" and then they broke everything in a frontend change
#
aaronpk yeah, I think cause I mostly stopped using all the social aspects of flickr
#
aaronpk I dont really have conversations there anymore like I used to
#
snarfed tantek: i don't think i'd ever be generous enough to say a scraper "just works," even if it does work, due to exactly that brittleness :P
#
aaronpk ironically flickr's API has been probably the most stable API in the history of APIs
#
snarfed true!
#
tantek snarfed true!
#
tantek s/just worked/happened to work
#
snarfed or works due to a lot of sustained effort, like bridgy and OYG with instagram, but may still break at any time
#
snarfed to be fair, the undocumented IG JSON we scrape has been very stable for years, likely since it's not HTML...but still not as good as an API with a published deprecation policy and timeline
#
tantek snarfed, I'd say likely since their own JS *depends* on their JSON. if their JS depended on their HTML (e.g. with microformats), then that would likely be (more) stable as well
#
snarfed maybe! the JSON is also largely a graphql serialization, and schemas (like graphql's) tend to be more stable than either emitted markup or code...but internal undocumented plumbing is all still sand. if it's not an API with a published deprecation policy/timeline, it's scraping
#
snarfed (oh hey look how bitter i sound! wonder why! :P)
#
tantek all I heard was voice of experience, no bitterness
#
tantek but this is text so
#
snarfed warm fuzzies
eli_oat, tantek, jackjamieson and [eddie] joined the channel
#
[eddie] aaronpk and others interested, I created a github issue for cross-site replies in micro.blog that contained all the potential options brought up in micro.blog slack: https://github.com/microdotblog/issues/issues/75
#
Loqi [EdwardHinkle] #75 Adding support for cross-site replies
#
[eddie] Put snarfed’s latest bridgy code to work and add your experiences and thoughts πŸ™‚
#
snarfed [eddie]++
#
Loqi eddie has 19 karma in this channel (37 overall)
#
[eddie] I have to say, I’ve been really enjoying GitHub publishing in Bridgy. Thanks snarfed πŸ™‚
#
snarfed wow i'm pleasantly surprised that all the formatting etc translated over from https://eddiehinkle.com/2018/02/14/5/reply/ to https://github.com/microdotblog/issues/issues/75
#
Loqi [Eddie Hinkle] Adding support for cross-site replies
#
snarfed aww welcome!
#
tantek I *think* I've figured out the UX of how I want posting issues / comments on issue to work including with POSSEing, and I (just) need to write it down (on the wiki)
#
[eddie] I know! I wasn’t sure about the formatting but I thought I’d try it out! and it worked great
#
tantek and I'm about half done implementing too
#
[eddie] awesome, tantek!
#
snarfed woo!
#
tantek tl;dr summary: replies to issues will just be like "normal" /reply /note posts, except they *will not* be POSSEd to Twitter (new functionality for me lol). issues will be /reply /article posts that will *both* not be shown in my "articles only" views (sidebar box, articles Atom feed), and *also* not POSSEd to Twitter.
#
tantek (both will still be in my home page composite stream to start with (MVP launch) and then I'll iterate accordingly depending on how it looks/feels in practice)
#
snarfed tantek++. i've hidden my replies, likes, etc from front page, search, etc like that forever too
#
Loqi tantek has 25 karma in this channel (421 overall)
#
tantek snarfed, for front page I feel they would be useful with some minimal inline reply-context, which is TBD (to be designed)
#
snarfed vive la difference
#
tantek yes! in particular to gain experience / feedback with different UX approaches. and provide different examples for others to consider as starting points.
#
tantek diversity++
#
Loqi diversity has 1 karma in this channel (4 overall)
#
tantek snarfed, things I have not considered: converting plain text to markdown because that's what GitHub expects
#
tantek including sanitizing / escaping plain text because MD (and GitHub MD) often "over converts" stuff
#
snarfed optional, right? and you author in HTML? do you mean s/plaintext/HTML/?
#
snarfed ah, just escaping. got it
#
tantek might put that in the category of "fix as needed in experience"
#
snarfed manual until it hurts
#
tantek I author notes / replies in plain text. articles in HTML.
#
tantek my notes / replies are auto-linked
#
tantek hmm - so that's interesting, how will Bridgy convert my HTML content to GitHub MD?
#
snarfed intelligently :P just like it did with [eddie]
#
snarfed ...'s above
[mlopatka] joined the channel
#
snarfed plug https://eddiehinkle.com/2018/02/14/5/reply/ into https://brid.gy/github/EdwardHinkle and click preview to see
#
Loqi [Eddie Hinkle] Adding support for cross-site replies
#
tantek looks
#
tantek wtf a repo named "issues" ?!?? that's not confusing at all on github lol
#
[eddie] hahaha yeah it made me look twice πŸ™‚
#
Loqi hehe
#
tantek yo dawg https://github.com/microdotblog/issues/issues/ I can't even
#
KartikPrabhu what if the github username is issues too
#
tantek wow
#
sknebel KartikPrabhu: doesn't work, reserved word
#
KartikPrabhu gaah!
#
tantek snarfed++
#
Loqi snarfed has 35 karma in this channel (343 overall)
#
tantek eddie++
#
Loqi eddie has 20 karma in this channel (38 overall)
#
sknebel (I *just* tried if it is registerable ;))
#
[eddie] That’s too bad issues^3 would be fun
#
KartikPrabhu yeah
#
KartikPrabhu also a github clone called issues.com
#
KartikPrabhu inssue-ception
#
[eddie] haha
#
[eddie] snarfed: new idea: github reacji support!
#
[eddie] πŸ˜„
#
snarfed [eddie]: yup!
#
snarfed backfeed first
#
[eddie] True, definitely more important
[sebsel], [mrkrndvs], KartikPrabhu and tantek joined the channel
#
KartikPrabhu if anyone wants to test browsers other than Firefox, Safari, Chrome, Opera for this https://kartikprabhu.com/articles/href-in-svg feel free to reply with results
#
Loqi [Kartik Prabhu] <href> in SVG
gRegorLove, [kevinmarks], snarfed, [eddie] and sebsel joined the channel
#
aaronpk [grantcodes] i'm getting a react crash loading my instagram feed
#
aaronpk other than that, really enjoying the updates!
#
GWG Evening
#
grantcodes Oh yeah fixed that, just not pushed it yet. Trying to improve the maps just now.
#
aaronpk ah cool
[kevinmarks] and [cleverdevil] joined the channel
#
aaronpk email << [https://blog.fastmail.com/2018/02/14/email-is-your-electronic-memory/ Email is your electronic memory]
#
Loqi ok, I added "[https://blog.fastmail.com/2018/02/14/email-is-your-electronic-memory/ Email is your electronic memory]" to the "See Also" section of /email
[chrisaldrich] joined the channel
#
snarfed re unread indicators in readers...i vaguely remember a postmortem from a google reader PM, or someone similar, describing how people have multiple, fundamentally different usage models for readers, and feel strongly about using theirs, and how it's very difficult (maybe impossible) for a single app to support them all well, since they conflict so much
#
aaronpk i vaguely remember that as well
#
snarfed eg "river of news" vs "todo list"
#
snarfed probably similar to email or many other domains
#
snarfed worth considering for everyone working on microsub readers
#
aaronpk i was definitely considering that when figuring out what the API for unread should be
#
snarfed oops, meant to post that in #indieweb, ah well
#
aaronpk the current API supports both models, the client can choose which UI to use around it
#
snarfed understood, agreed, primarily a UX thing
#
aaronpk as already demonstrated by eddie and grant already having built opposing mechanisms :)
#
snarfed oh funny. river vs todo list?
#
snarfed the pattern and challenge is worth documenting, but not sure where
#
snarfed wish i could find the original post
#
aaronpk well together shows a read/unread dot on each post, so you can treat that as a todo list
#
[kevinmarks] I wrote a bit about that in j.mp/twittertheory
#
GWG How do I convince a company to give me access to the data they've collected about me.