[fluffy]oops a while ago I started writing a tool for quickly generating reblogs/replies/etc. for Publ and Jekyll and other Markdown-based publishing engines and then I ended up forgetting to actually write the CLI for it and releasing it
[fluffy]although right now it depends on pandoc and that can be annoying as a dependency. Does anyone know of any Python library for converting HTML to Markdown without shelling out to pandoc?
GWGWhen pfefferle wrote the original code, and I took off on it subsequently, we kept to the way WordPress did Pingbacks. A webmention is not a pingback, so I'm looking to distance myself from that mindset by looking at non-WordPress webmention code
ZegnatI promise no good performance on that code, it was very much experimental. And I think jkphl wrote a hard-fork of that code himself, as mine was PHP7+ only
GWGWell, imagine someone worked very hard to separate two things so they worked independently and now you are trying to not just copy the files so they are loaded together, but make them work as one thing.
GWGWhich takes longer, but sets up something better in the future. And since the two plugin solution still works, there is no rush on merging them specifically.
GWGSo, the code does a head request to check whether the URL is valid and of an approved content type to avoid being tricked into downloading a video file or something large. That can be a separate thing.
ZegnatNote that the HEAD request can not guarantee you the size or file type if you are talking about an actively mallicious source. It is trivial to report different things on HEAD and GET requests.
ZegnatBut in general still a very good sanity check to have. The extra request on your end is probably cheap, and will catch people putting in random URLs.
Loqi[rmccue] Requests: Requests for PHP is a humble HTTP request library. It simplifies how you interact with other sites and takes away all your worries.
ZegnatOh interesting, it doesn’t seem to cancel the download if the file is too big, rather it just stops writing those bytes to memory. So that makes it sound like it will drain bandwidth and time.
ZegnatYou can actually cancel the request, but then curl errors out. It is overall just a big weird on how to handle protection against huge files, and I do not have a perfect answer *shrug* Interesting seeing how they did it though.
ZegnatI am not sure private webmentions are worth work. I much prefer working on something like AutoAuth. The webmention itself shouldn’t be responsible for marking something as private.
sknebelso it probably makes sense for AutoAuth clients to handle that, even if there's additional cost of logging in and discovering there's nothing there
Zegnat“Is there WWW-Authorize? Yes: there may be a different response code if you send authorize header along, so try that.” Initially feels like it makes sense. Though it is sad that you need to ignore the meaning of HTTP status codes :(
GWGRight now, if you get an Indieauth token, you get carte blanche access to everything unless the endpoint you are accessing stops you. I need to move scopes somehow further up the chain
ZegnatGWG, you have given me more work. I was looking at some recent bugs on rmccue/Requests to see how stable it is, and think I now may be forced to make a PR already.
LoqiIt looks like we don't have a page for "markdown dialect" yet. Would you like to create it? (Or just say "markdown dialect is ____", a sentence describing the term)
[tantek]sebsel, yes, > at start of line is a good blockquote equivalent for email, usenet, etc. however looks odd outside that context. I'm wondering can we make it even easier to read, in broader plain text contexts, e.g. POSSE tweet
sebselyea, you have this ``` thing, which creates a code-block in Github flavoured markdown. That one can take an optional word to denote the language, e.g. ```php
sebselas a user of markdown, I don't really care. I am now used to markdown and read `this` as a piece of code now. I use it in all my e-mails to co-workers
sebselI see the single backtics as just another kind of quotes. And these are just used for code. My assumption would be that most people who understand the code, would understand my use of markdown
@t“changes in … blood were potent but ‘transient,’ …. So activities would have to be repeated to provide any continuing [#cancer] protection, and it remains unclear how intense or prolonged that exercise ideally would need to be” — @nytimes ...
https://tantek.com/t50E1 (twitter.com/_/status/1122551773695074310)
@t“changes in … blood were potent but ‘transient,’ …. So activities would have to be repeated to provide any continuing [#cancer] protection, and it remains unclear how intense or prolonged that exercise ideally would need to be” — @nytimes ...
https://tantek.com/t50E1 (twitter.com/_/status/1122551773695074310)
Loqi[Tantek Çelik] “changes in … blood were potent but ‘transient,’ …. So activities would have to be repeated to provide any continuing [#cancer] protection, and it remains unclear how intense or prolonged that exercise ideally would need to be” — @nytim...
[fluffy][sknebel] pandoc has more options than html2txt but unfortunately they’re all pretty awful, I’m finding. At least with regards to `<ul>` and so on.
[fluffy]for inline code you can use backticks i.e. ``` `$x = 1;` ``` (unfortunately Slack’s not-quite-Markdown has no way of properly handling backticks in its own inline backtick thing, really annoying!)
[fluffy]in the various Markdown implementations I’ve used, backticks translate directly to <code> while fences translate into <pre><code> and if there’s a language specified that gets further sent through pygments or whatever.
sknebel(re pandoc vs html2txt: yeah, lists seem to be a major source of problems. commonmark and the original markdown slighty differ there, so it's problematic. had some issues with bridgy publish because of that: html2txt does gruber-style, github uses an extended CommonMark)
ZegnatMany thoughts, haha. But currently I am feeling like token and auth endpoints really win from being connected. And as Microsub endpoint you need to be able to always trust the token endpoint. So they may as well be all within the same system for such a usecase.
ZegnatRephrase that question to: “is it worth for Microsub and Micropub to support external auth and token endpoints?” And then find someone who actually needs that ability at all and ask them why they need it.
LoqiIt looks like we don't have a page for "3 versions, out of interest" yet. Would you like to create it? (Or just say "3 versions, out of interest is ____", a sentence describing the term)
sknebelalso, what was the upgrade path like when you added the internal endpoint? do people that had indieauth.com configured before still use that if they never changed it?
ZegnatAfter a little more thinking, I think I personally like the option of having external endpoints available. But I honestly have a hard time thinking of why anyone who is not a power-user, or otherwise (freakishly) invested in plaing with their IndieAuth endpoints, needs that option. Feels like something a WP plugin developer should be able to safely drop.
ZegnatTrue. I guess it would just be "Login with IndieAuth" then? If you want to login with GitHub or another identity provider, it would make sense to pick dedicated plugins for that anyway
sknebeljust to clarify, there's two scenarios for using another site: one would be only replacing the sign in into wordpress with indieauth - the wordpress site authenticates you using indieauth, but provides its own endpoints to the client. the second is using the endpoints from the other site entirely, disabling the internal ones. (and technically, you could have a hybrid where auth endpoint is one and token endpoint another...)
ZegnatLot of mixed cases, sknebel. I am just trying to think about which ones are actually worth supporting by GWG. Some freeform combination could exist, but people using them maybe should just code-dive themselves
sknebelZegnat: I wanted to clarify because of "The only use case presented for allowing an external site was…what if I want to sign into Site A with the credentials of Site B?" - and to me there's two different things in that realm
ZegnatTrue GWG. But those users can't host micropub or microsub themselves either. So they just need a plugin that can add Link headers / meta elements (like the Aperture plugin)
[fluffy] ah, this looks promising: https://github.com/Alir3z4/html2text
GWG I know it uses https://github.com/rmccue/Requests below the hood
Zegnat GWG, opened PR number 30 for the review queue ;) https://github.com/rmccue/Requests/pull/339
Loqi It looks like we don't have a page for "markdown dialect" yet. Would you like to create it? (Or just say "markdown dialect is ____", a sentence describing the term)
[tantek] Anyone have good plain text design for /quotation posts?
@t “changes in … blood were potent but ‘transient,’ …. So activities would have to be repeated to provide any continuing [#cancer] protection, and it remains unclear how intense or prolonged that exercise ideally would need to be” — @nytimes ...
https://tantek.com/t50E1 (twitter.com/_/status/1122551773695074310)
sebsel lol, nice how Slack uses markdown here to even obscure this discussion more https://seblog.nl/temp/media-endpoint/09266c-irc-vs-slack-markdown.jpg
@dshanske IndieAuth for WordPress Question: https://di5.us/b/mS (twitter.com/_/status/1122597068806205440)
sknebel just to clarify, there's two scenarios for using another site: one would be only replacing the sign in into wordpress with indieauth - the wordpress site authenticates you using indieauth, but provides its own endpoints to the client. the second is using the endpoints from the other site entirely, disabling the internal ones. (and technically, you could have a hybrid where auth endpoint is one and token endpoint another...)
doubleloop I'm trying bridgy fed, but getting this error from webfinger: Couldn't find a representative h-card on https://solarsailer.doubleloop.net/