#dev 2019-10-20

2019-10-20 UTC
jfoster, evantravers and [snarfed] joined the channel
#
[snarfed] aaronpk when someone gives webmention.io a twitter URL, you're welcome to use bridgy's converter if you want, just needs a URL transformation. https://brid.gy/about#source-urls
gRegorLove and [snarfed] joined the channel
#
[snarfed] working on an interesting part of bridgy publish for mastodon. when you want to posse reply/like/repost to a normal silo, you can identify it by the domain in the URL (eg u-in-reply-to). but for mastodon, any domain could be a mastodon instance.
#
[snarfed] so you give each URL to your local mastodon instance's search API, and it determines whether or not it's a mastodon URL, and gives you a local post id to use with its API.
#
[snarfed] discovered via https://mastodon.social/@jkreeftmeijer/101245063526942536
#
Loqi [Jeff Kreeftmeijer] Got it. This is how federation works.You need the local ID for the status you’re replying to. https://mastodon.social/@jkreeftmeijer/101236371751163533 is posted on https://mastodon.social, but you need the ID from https://mastodon.technology/web/s...
#
[snarfed] (you can also GET /api/v1/instance on the URL's domain to see if it's mastodon, but you wouldn't get your local instance's id for it, which you need if you want to POSSE a response to it)
#
[snarfed] anyway. interesting federation rabbit hole. actually pretty clean and elegant, all things considered.)
#
GWG Working on testing a function that tells me when it is dark outside.
[chrisaldrich], [Michael_Beckwit, KartikPrabhu, evantravers and [fluffy] joined the channel
#
[fluffy] oh nice, I finally have bridgy working on my website and now twitter responses show up as webmentions. snarfed++
#
Loqi snarfed has 44 karma in this channel over the last year (84 in all channels)
#
[fluffy] for example http://beesbuzz.biz/blog/7221-Gah
[Lewis_Cowles], gRegorLove, [Rose] and evantravers joined the channel
#
[Lewis_Cowles] Not sure it's dev as it's essentially adding meta-tags, but I got web-mentions on my site today. I made the perhaps odd choice to put them on all generated pages
#
[Lewis_Cowles] used webmention.io
#
[Lewis_Cowles] I don't want to go programming systems until I understand the indieweb a lot better
#
[Rose] I found the shortcuts bug. The Auth token is invalid. I presume this is because whatever Seb's site is doing for auth tokens broke the shortcut too.
BenLubar joined the channel
#
[Rose] I may need IndieAuth debug assistance today, so I can publish this.
[tantek] and evantravers joined the channel
#
sebsel [Rose]: did you describe the bug somewere? which bug? the token flow in the last session yesterday thay went wrong?
#
sebsel because aaronpk and I saw what had gone wrong there in the session, can explain what it is if you want
#
sebsel or is it a new bug?
[frank] joined the channel
#
[Rose] So yesterday gimmeatoken gave me a token from I think IndieAuth.com? The token given to me through the Shortcut you created before also didn’t work last night
#
[Rose] I’ve worked around it for now, but I suspect the same issue is happening.
#
sebsel Well gimme a token does not do any discovery by itself, but it has defaults. I might have to remove the defaults to make the error more appearant
#
sebsel let me look up the Shortcut
#
[Rose] This is the one I’m using, in case I broke it: https://www.icloud.com/shortcuts/150421bd1d7842869d64da870297782c
#
sebsel hm where do I allow shortcuts from untrusted sources?
#
[Rose] Settings > Shortcuts
#
[Rose] Urgh, I’m stymied by signing up to sign in with Apple. Some fields are greyed out which shouldn’t be.
#
[Rose] Ahh, don’t do what the error message says, that’s the trick 😐
BenLubar joined the channel
#
[Lewis_Cowles] vscode PHP debugging pro-tip. Don't use empty lines 😂
#
[Lewis_Cowles] All I wanted to know was can it be an interactive debugger like pdb. The answer still seems to be no
#
aaronpk [Rose]: My guide should still be up to date! Unless they made major changes
#
aaronpk It's very picky
#
sebsel [Rose]: the shortcut looks fine. It seems to use XRay to discover the token endpoint
#
[Rose] I need to find out what’s going on there then
#
aaronpk That's auth stuff so I can probably help :-)
#
[Rose] Step 1: duplicate the shortcut.
#
[Rose] [qubyte] The current shortucts:
#
[Rose] * [Fetch MicroPub Endpoint](https://www.icloud.com/shortcuts/e3680cea46c74492b0b88366d5a5e78f)
#
[Rose] * [Get IndieAuth Token](https://www.icloud.com/shortcuts/24f7b4eb708b4aa094a8d0fc2b5fdcaf)
#
[Rose] * [MicroPub Post](https://www.icloud.com/shortcuts/02cae0afe95f43078708a80e88fb68a8)
#
[Rose] * [Fetch Media Endpoint](https://www.icloud.com/shortcuts/e3680cea46c74492b0b88366d5a5e78f)
#
[Rose] * [Media Endpoint Upload](https://www.icloud.com/shortcuts/470b70536c1d4f0299f7edac4304bcc6)
#
[Rose] * [Fetch Syndication Targets](https://www.icloud.com/shortcuts/98adff9520d5439e868c1d1355aa5c47)
[qubyte] joined the channel
#
[qubyte] Thanks! 🌟
#
[Rose] known working (and following spec) indieauth shortcut: https://www.icloud.com/shortcuts/f8e7b48172ab4585ad3f69fce065dd06
[frank]1 joined the channel
#
[Lewis_Cowles] today I'm working on encrypted content. I may only get a walking skeleton or convoluted example working
#
[Lewis_Cowles] ```
#
[Lewis_Cowles] <section data-encrypted-content-href="fqdn" cipher="RSA-4096">
#
[Lewis_Cowles] </section>
#
[Lewis_Cowles] <!-- Fallback HTML -->
#
[Lewis_Cowles] ```
#
[Lewis_Cowles] After modifying that plugin https://cdn.dribbble.com/users/242562/screenshots/7684433/media/b0741950ee797135c0c8831acdb10909.png, I don't think it's useful, or that providing the encrypted content for those that don't want it will do much more than waste bytes
#
[Rose] Better Media Upload: https://www.icloud.com/shortcuts/c2d8710f2617469280e17181e9b0d179
#
sknebel [Rose]: https://www.w3.org/TR/micropub/#add
PhoenixDiscord[m, rafadc, evantravers and [jgmac1106] joined the channel
#
[jgmac1106] any project left of my website is too big and past my understanding for a single hack day (micropub endpoint, send, receive, display webmentions) guess I could return to adding a guestbook....may just continue the code break and push a bunch of content
#
[qubyte] I think the fetch micropub endpoint one above is a media one by mistake.
evantravers and [Rose] joined the channel
#
[qubyte] Oops, forgot to [Rose].
#
[Rose] Possibly [qubyte]! Thanks, I’ll fix that
evantravers joined the channel
#
[jgmac1106] excited for this: https://github.com/idno/known/pull/2536 thx jbove
#
Loqi [johanbove] #2536 Adds h-feed support to `tag` lists for #2340
babaitDiscord[m], kingpapa_, [tonz], jlelse, evantravers and [snarfed] joined the channel
#
[snarfed] [fluffy] nice! next: link to the u-url instead of the source url. https://brid.gy/about#appspot
[dougbeal] joined the channel
#
petermolnar [Rose]: I forgot to mention, I have an auto (to OS)/hand set dark/light theme switcher on my site and I'm happy to help with that, should you ever need it.
#
aaronpk [snarfed]: so I made webmention.io swap the twitter URL for a bridgy URL but it didn't do what I want
#
aaronpk I think I know why, and I think I can't fix it
#
aaronpk this was the original webmention they attempted that failed https://webmention.io/andy-bell.design/webmention/1_-J54iEdKi7HM-JN8SY
#
aaronpk I was hoping I could make webmention.io swap that source URL for a bridgy URL
#
aaronpk but that didn't work: https://webmention.io/andy-bell.design/webmention/59rwfgRIC81kDe6Bo7h2
#
[snarfed] hmm looking
#
[snarfed] oh yeah true, their username won't work if they're not signed up.
#
[snarfed] you can use your username: https://brid.gy/post/twitter/aaronpk/1180072044890902529 ...but it won't do the right original post discovery to get the target link in there
#
Loqi [overflow:hidden] I would avoid changing display on img and do this instead: img { max-width: 100%; vertical-align: middle; } Also, the flow-selector should have a margin-top of 2em to adhere to WCAG 2.1 AA standards: w3.org/TR/WCAG21/#tex…
dougbeal|mb1 and [tonz] joined the channel
#
[snarfed] aaronpk: this one works: https://brid.gy/comment/twitter/aaronpk/1179046764218847233/1180072044890902529 ...but that first (extra) number in the URL is id of the in-reply-to-tweet, which you can't get just from a URL transformation. you'd need to fetch the tweet (API or however) to find it.
#
Loqi [overflow:hidden] I would avoid changing display on img and do this instead: img { max-width: 100%; vertical-align: middle; } Also, the flow-selector should have a margin-top of 2em to adhere to WCAG 2.1 AA standards: w3.org/TR/WCAG21/#tex…
[qubyte] joined the channel
#
[Rose] petermolnar I have auto light and dark mode, but not with a toggle yet 🙂
#
[Rose] Definitely interested in adding a toggle
#
petermolnar the trouble with the toggle is that you need to store the setting
#
[Rose] Yes
#
[Rose] I like [tantek]’s approach of adding it as a URL parameter
[tantek] joined the channel
#
[tantek] I store nothing
evantravers joined the channel
#
aaronpk Hm yeah then I can't add this to webmention.io, that's what I was afraid of
#
aaronpk but it means someone can add it to their own form since their site will know their bridgy username
[Lewis_Cowles] joined the channel
#
GWG Who posts an email on their h-card?
#
GWG It's apparently enough of a rarity we didn't find a problem with consuming it till recently
#
GWG Curious about the wild
#
[Lewis_Cowles] finally tested encrypt / decrypt working with in-browser plugin + changed styling. Need to work on non-PGP message signing, separate network resource encrypted message(s), testing rich content
[dmitshur] joined the channel
#
[dmitshur] does anyone know the correct HTTP status code to use when serving a request where the host is invalid/unsupported? is it 404 or is there a more specific status code for "host not found"?
#
GWG Unsupported?
#
[dmitshur] a host where no website exists
#
[dmitshur] but the DNS happens to be pointing at some server
#
GWG I should see what mine does
#
GWG It has been so long
#
Loqi totally
#
[dmitshur] I'm not finding anything more specific than 404 but wanted to ask in case I overlooked something
#
dougbeal well, why are you serving up a http status code if it isn't a valid webserver?
#
[dmitshur] because that was the most reasonable thing I could think of. what do you suggest instead?
#
dougbeal I would say not responding to port 80 is a clear indication that no website exists on that port
#
[dmitshur] the server exists and hosts multiple hosts. so it's a question of what to do when the request host is not one of the ones it serves.
#
[dmitshur] serves* multiple hosts
#
dougbeal Ah
#
dougbeal Would a diagnostic/error page be useful? i.e. http://asoshared.com
#
[dmitshur] interesting option, I haven't thought about that. it's viable, but I think I'd prefer a simpler and more empty response, at least for now.
#
dougbeal You could also have differnt/active 404 to indicate no domain mapping vs valid mapping but nothing found
#
[dmitshur] I'm fine with 404, I just wanted to check if there was maybe something more specific (e.g., like there's 405 for when the method is unsupported).
#
[dmitshur] thanks
#
[Lewis_Cowles] 4xx suggests it's the client at fault
#
[dmitshur] it is kinda their fault for making a request to a host that doesn't exist. it's certainly not the server's fault.
#
[Lewis_Cowles] it is in my view 100% the server admin fault
#
[Lewis_Cowles] but also I can see how the requester shares responsibility
#
[dmitshur] who is the server admin of e.g. https://thiswebsitedoesnotexist.com ? if you do GET https://thiswebsitedoesnotexist.com it's the client's fault IMO.
#
[Lewis_Cowles] try example.com AFAIK its protected against registration
#
[Lewis_Cowles] if that is a case
#
[dmitshur] similarly it's the client's fault when they do a GET https://example.com/thispagedoesnotexist.html, and they get a 404
#
[Lewis_Cowles] there is no reason to expect any response at all
#
[dmitshur] agreed. but if I'm in a position to serve a response, it's better to serve an error than 200 ok.
#
[Lewis_Cowles] how would the client get this undesired server URL?
#
[dmitshur] I don't know. they probably wouldn't. but they if do, by trying URLs made of random strings
#
[Lewis_Cowles] would deny, not be a better pattern? http://nginx.org/en/docs/http/ngx_http_access_module.html
#
[Lewis_Cowles] you could use that on default host and specify named virtualhosts for other services
#
[dmitshur] that page sounds like it's more about limiting what clients can access a resource, not about making a resource unavailable to all.
#
[Lewis_Cowles] It looks like 403 and 404 are the recommended defaults https://tools.ietf.org/html/rfc2616#section-10.4.4
#
[dmitshur] 👍
#
[dmitshur] unrelated, I always want to roll my eyes whenever I see the word "permanently" in HTTP specs. as if anything can be truly permanent... it's always relative.
#
[dmitshur] more unrelated, sweet, github lets you prepopulate the login value on their sign in form. https://github.com/login?login=foobar
[Rose] joined the channel
#
dougbeal Does anyone use fontawesome svg icons? They seem half-baked compared to all the formatting options webfonts/svg+js
[tantek] joined the channel
#
[Rose] I know [aaronpk] does
#
[Rose] In Monocle.
evantravers joined the channel
#
GWG I use a few of them for my plugins
#
[dmitshur] working on my sign in form (to replace https://dmitri.shuralyov.com/login), still a WIP, but here's what I got so far
#
[dmitshur] https://dmitri.shuralyov.com/temp/sign-in.html
#
[dmitshur] constructive feedback is always welcome. keep in mind I'm transitioning from GitHub as the only sign in provider, so for now I want to prioritize that. over time, I'll consider de-emphasizing signing in via github.
#
[dmitshur] my goal is let people who want to login via github continue to be able to do that, but also give an opportunity to someone who gets curious like "wait a minute, I can sign in with my own shorter URL instead of github.com/blah...!? let me learn about this indieauth thing."
#
[dmitshur] so, I should probably make it a hyperlink 😛
#
[dmitshur] (done)
[snarfed] joined the channel
#
[snarfed] [dmitshur] cool! not working for me with https://snarfed.org though, i get 405 Method Not Allowed. method should be GET
#
[dmitshur] it's just an HTML page, it's not functional yet. I'm working on the HTML/CSS
gRegorLove joined the channel
#
[dmitshur] "https://you.example" is kinda long though. maybe I should use "https://you.com" as the example.
KartikPrabhu joined the channel
#
gRegorLove I like "example.com" in those, personally
#
gRegorLove Looking good!
#
[dmitshur] hmm, should I use "github.com/example" too then? to match "example.com"
#
gRegorLove maybe, or "username". Up to you. I think most will understand either way, though
BenLubar joined the channel
#
[dmitshur] another option might be "github.com/user" and "user.com"
#
[dmitshur] I'll go with example for both for now
#
sebsel it's better to use example.com and user.example, as these domains are reserved to be used as examples.
#
sebsel user.com and you.com are actually valid and registered domainnames that are owned by someone.
#
sebsel what is example?
#
Loqi It looks like we don't have a page for "example" yet. Would you like to create it? (Or just say "example is ____", a sentence describing the term)
#
gRegorLove Didn't know about user.example
#
gRegorLove Interesting https://en.wikipedia.org/wiki/.example
#
sebsel I draw from https://github.com/sebsel/gimme-a-token/issues/3
#
Loqi [sknebel] #3 use guaranteed invalid redirect_url
#
sebsel so .test domains will not have the problems the .dev domains have now, because they are also reserved :)
#
[dmitshur] I'm familiar with that, the problem is that "user.example" doesn't look like a URL to most people, because .example is a rare and unfamiliar TLD. that's why I'll go with example.com for now, it looks more like a URL and it's reserved.
#
gRegorLove Yeah, probably makes more sense in technical documentation vs in a UI
#
jacky random aaronpk have you made any progress with event sourcing via HTTP?
#
jacky I'm toying around with it for lwa (it's still a bit busted so it only works locally for me)
#
jacky well, not it directly, but websockets
jjuran joined the channel
#
[dmitshur] what is lwa? https://indieweb.org/lwa is 404
#
Loqi Lwa is a in-progress social reader by Jacky Alciné at https://lwa.black.af that aims to provide an adaptive approach to rendering social feeds https://indieweb.org/Lwa
#
[dmitshur] oh 😞
#
jacky yeah it's a social reader
#
jacky I'm debugging something right now for indieauth
#
jacky that I'm actually planning to then move into another project lol
#
jacky but soon :)
[jgmac1106], KartikPrabhu, evantravers and jjuran joined the channel
#
gRegorLove [jgmac1106], With that note, because you have an e-* (e-content), the parser does not imply the p-name. You could put p-name on the same element as e-content
#
gRegorLove re: https://chat.indieweb.org/2019-10-20#t1571607126549600
#
Loqi [Loqi] [indienews] New post: https://jgregorymcverry.com/notes/2019-10-20-2
#
aaronpk dougbeal: I just switched to fontawesome's svg icons in monocle and they're way faster
#
GWG aaronpk: From what?
#
aaronpk Whatever their default JS thing is
#
jacky the whole element swapping thing
#
aaronpk [jgmac1106] gRegorLove the markup on that post looks right, no p-name necessary
#
aaronpk The post on https://news.indieweb.org/en correctly displays it as a note. Loqi just doesn't copy the text of a note into the IRC notification
[Rose], [tantek], evantravers, [Michael_Beckwit and [chrisbergr] joined the channel
#
[jgmac1106] thx
KartikPrabhu joined the channel