LoqiA push notification (AKA client notification) is a notification that shows up on one or more of your client devices without you having to explicitly request it — it's "pushed" to you, instead of you having to poll for it https://indieweb.org/push_notifications
Loqi[kevinmarks] Rather than elaborate new id structures, what is stopping an instance doing a 301 redirect when a user that has migrated to another is requested?
Then the requesting instance can update the mapping from the local /user/[n] to the remote url to fetch...
tantekpush notifications << 2015-08-18 {{iambismark}}: [https://iambismark.net/post/1439931152/ APNS Authentication] <blockquote>Apple’s push notification service got authentication all wrong (I’m assuming Google’s service is similarly broken but I’m less familiar with it).</blockquote>
@damiengwalterDear people who make web browsers, Absolutely nobody in the world wants any website to send alerts to our web browser. PLEASE stop them from asking. Yours, Damo. (twitter.com/_/status/1030807683291471877)
LoqiIt looks like we don't have a page for "notification fatigue" yet. Would you like to create it? (Or just say "notification fatigue is ____", a sentence describing the term)
[chrisaldrich], acegiak, mblaney, [manton], [tantek], renem and [eddie] joined the channel
eli_oatoh my goodness! never mind! I think I found the solution. this is 100% my fault. I've been using a firefox extension that allows me to sandbox certain sites from one another, and github, my main auth provider, is sandboxed away from indieauth, whoops!
ZegnatI used to have that problem with my cookie clearer. I would be on indielogin, getting recirected to my endpoint. After the redirect, the extension cleared the indielogin cookie, so when I came back after authenticating I got state errors
KevinMarks, snarfed and ms782129 joined the channel
[eddie]haha, so right now I just use the first one. But I’m thinking in the future I’d like to parse the sizes provided and go for the one closest to a specified size
[eddie]My requirement for a manifest to get the checkmark will be that they have the accurate app name under “name” and have at least one icon in the icons array. Sound good Zegnat?
ZegnatThat might even be preferable over a link, as this way the user does not leak their actual IP / UA information when loading an external live image on their authentication page
ZegnatI implemented a generic HTTP request cache the other day. Basically I just store the raw response in a file where the name is a hash of the request. Same could work for images, just fetch a URL and store it locally with the name being the URL. Any time you need an image from the same URL, check if it exists in the cache already
ZegnatI would probably just stick a default time on there as a first step. Say 7 days. If the same URL is requested and my cached result for it is more than 7 days old, refresh it.
@rakyll🙅♀️ There are two hard problems in computer science: - I have static website, serve it. - I have a stateless simple web server, take it, serve it, autoscale it. (twitter.com/_/status/1031785226517676032)
[grantcodes]I discussed with schmarty at some point, it would be great to have the various "indieweb endpoints" as express routers so other people can just drop them in their projects maybe your auth endpoint could be a start for that 🙂
[eddie]Yeah, definitely something I could try to spin off. I try to keep everything modularized, so all the IndieAuth stuff is part of an IndieAuth module with it’s own subrouter
[eddie]I’m sure there is some stuff I need to tweak but essentially the only part of the IndieAuth module that interacts with the rest of my routing system is router.use(‘/auth’, authRouter);
[eddie]I have a Token Endpoint in my site too. Might be interesting to compare them as well. We might be able to combine ours into a package we could both share
[eddie]I do a bunch of poor choice when duct-taping my site together but the one thing I’m happy with is all my sensitive data is in a JSON config file
[grantcodes]The only other difference I noticed is that mine includes checking the auth endpoint (although it is hard coded) I guess yours is done elsewhere? Or even internally if you have your own now
[eddie]But it would probably be useful to have it check the authorization endpoint dynamically to be more rounded out (in case someone decided to use just the token or just the auth, although that would probably be rare)
[grantcodes]I don't know how you'd get stuff like the large or small images to work across sites, unless it adds classes and you either style it or you dont
miklb_I mused last night that I would just like to be able to add Automator actions to the share sheet, and wonder if something like Shortcuts would come to macOS
ZegnatFor the last two quality of life extensions I did I just documented how they were different from the spec. So hopefully future me can get them fixed up when the spec and browsers align