#dev 2019-10-20

2019-10-20 UTC
jfoster, evantravers and [snarfed] joined the channel
#
[snarfed]
aaronpk when someone gives webmention.io a twitter URL, you're welcome to use bridgy's converter if you want, just needs a URL transformation. https://brid.gy/about#source-urls
gRegorLove and [snarfed] joined the channel
#
[snarfed]
working on an interesting part of bridgy publish for mastodon. when you want to posse reply/like/repost to a normal silo, you can identify it by the domain in the URL (eg u-in-reply-to). but for mastodon, any domain could be a mastodon instance.
#
[snarfed]
so you give each URL to your local mastodon instance's search API, and it determines whether or not it's a mastodon URL, and gives you a local post id to use with its API.
#
Loqi
[Jeff Kreeftmeijer] Got it. This is how federation works.You need the local ID for the status you’re replying to. https://mastodon.social/@jkreeftmeijer/101236371751163533 is posted on https://mastodon.social, but you need the ID from https://mastodon.technology/web/s...
#
[snarfed]
(you can also GET /api/v1/instance on the URL's domain to see if it's mastodon, but you wouldn't get your local instance's id for it, which you need if you want to POSSE a response to it)
#
[snarfed]
anyway. interesting federation rabbit hole. actually pretty clean and elegant, all things considered.)
#
GWG
Working on testing a function that tells me when it is dark outside.
[chrisaldrich], [Michael_Beckwit, KartikPrabhu, evantravers and [fluffy] joined the channel
#
[fluffy]
oh nice, I finally have bridgy working on my website and now twitter responses show up as webmentions. snarfed++
#
Loqi
snarfed has 44 karma in this channel over the last year (84 in all channels)
[Lewis_Cowles], gRegorLove, [Rose] and evantravers joined the channel
#
[Lewis_Cowles]
Not sure it's dev as it's essentially adding meta-tags, but I got web-mentions on my site today. I made the perhaps odd choice to put them on all generated pages
#
[Lewis_Cowles]
used webmention.io
#
[Lewis_Cowles]
I don't want to go programming systems until I understand the indieweb a lot better
#
[Rose]
I found the shortcuts bug. The Auth token is invalid. I presume this is because whatever Seb's site is doing for auth tokens broke the shortcut too.
BenLubar joined the channel
#
[Rose]
I may need IndieAuth debug assistance today, so I can publish this.
[tantek] and evantravers joined the channel
#
sebsel
[Rose]: did you describe the bug somewere? which bug? the token flow in the last session yesterday thay went wrong?
#
sebsel
because aaronpk and I saw what had gone wrong there in the session, can explain what it is if you want
#
sebsel
or is it a new bug?
[frank] joined the channel
#
[Rose]
So yesterday gimmeatoken gave me a token from I think IndieAuth.com? The token given to me through the Shortcut you created before also didn’t work last night
#
[Rose]
I’ve worked around it for now, but I suspect the same issue is happening.
#
sebsel
Well gimme a token does not do any discovery by itself, but it has defaults. I might have to remove the defaults to make the error more appearant
#
sebsel
let me look up the Shortcut
#
[Rose]
This is the one I’m using, in case I broke it: https://www.icloud.com/shortcuts/150421bd1d7842869d64da870297782c
#
sebsel
hm where do I allow shortcuts from untrusted sources?
#
[Rose]
Settings > Shortcuts
#
[Rose]
Urgh, I’m stymied by signing up to sign in with Apple. Some fields are greyed out which shouldn’t be.
#
[Rose]
Ahh, don’t do what the error message says, that’s the trick 😐
BenLubar joined the channel
#
[Lewis_Cowles]
vscode PHP debugging pro-tip. Don't use empty lines 😂
#
[Lewis_Cowles]
All I wanted to know was can it be an interactive debugger like pdb. The answer still seems to be no
#
aaronpk
[Rose]: My guide should still be up to date! Unless they made major changes
#
aaronpk
It's very picky
#
sebsel
[Rose]: the shortcut looks fine. It seems to use XRay to discover the token endpoint
#
[Rose]
I need to find out what’s going on there then
#
aaronpk
That's auth stuff so I can probably help :-)
#
[Rose]
Step 1: duplicate the shortcut.
#
[Rose]
[qubyte] The current shortucts:
[qubyte] joined the channel
#
[qubyte]
Thanks! 🌟
#
[Rose]
known working (and following spec) indieauth shortcut: https://www.icloud.com/shortcuts/f8e7b48172ab4585ad3f69fce065dd06
[frank]1 joined the channel
#
[Lewis_Cowles]
today I'm working on encrypted content. I may only get a walking skeleton or convoluted example working
#
[Lewis_Cowles]
```
#
[Lewis_Cowles]
<section data-encrypted-content-href="fqdn" cipher="RSA-4096">
#
[Lewis_Cowles]
</section>
#
[Lewis_Cowles]
<!-- Fallback HTML -->
#
[Lewis_Cowles]
```
#
[Lewis_Cowles]
After modifying that plugin https://cdn.dribbble.com/users/242562/screenshots/7684433/media/b0741950ee797135c0c8831acdb10909.png, I don't think it's useful, or that providing the encrypted content for those that don't want it will do much more than waste bytes
PhoenixDiscord[m, rafadc, evantravers and [jgmac1106] joined the channel
#
[jgmac1106]
any project left of my website is too big and past my understanding for a single hack day (micropub endpoint, send, receive, display webmentions) guess I could return to adding a guestbook....may just continue the code break and push a bunch of content
#
[qubyte]
I think the fetch micropub endpoint one above is a media one by mistake.
evantravers and [Rose] joined the channel
#
[qubyte]
Oops, forgot to [Rose].
#
[Rose]
Possibly [qubyte]! Thanks, I’ll fix that
evantravers joined the channel
#
Loqi
[johanbove] #2536 Adds h-feed support to `tag` lists for #2340
babaitDiscord[m], kingpapa_, [tonz], jlelse, evantravers and [snarfed] joined the channel
#
[snarfed]
[fluffy] nice! next: link to the u-url instead of the source url. https://brid.gy/about#appspot
[dougbeal] joined the channel
#
petermolnar
[Rose]: I forgot to mention, I have an auto (to OS)/hand set dark/light theme switcher on my site and I'm happy to help with that, should you ever need it.
#
aaronpk
[snarfed]: so I made webmention.io swap the twitter URL for a bridgy URL but it didn't do what I want
#
aaronpk
I think I know why, and I think I can't fix it
#
aaronpk
this was the original webmention they attempted that failed https://webmention.io/andy-bell.design/webmention/1_-J54iEdKi7HM-JN8SY
#
aaronpk
I was hoping I could make webmention.io swap that source URL for a bridgy URL
#
[snarfed]
hmm looking
#
[snarfed]
oh yeah true, their username won't work if they're not signed up.
#
[snarfed]
you can use your username: https://brid.gy/post/twitter/aaronpk/1180072044890902529 ...but it won't do the right original post discovery to get the target link in there
#
Loqi
[overflow:hidden] I would avoid changing display on img and do this instead: img { max-width: 100%; vertical-align: middle; } Also, the flow-selector should have a margin-top of 2em to adhere to WCAG 2.1 AA standards: w3.org/TR/WCAG21/#tex…
dougbeal|mb1 and [tonz] joined the channel
#
[snarfed]
aaronpk: this one works: https://brid.gy/comment/twitter/aaronpk/1179046764218847233/1180072044890902529 ...but that first (extra) number in the URL is id of the in-reply-to-tweet, which you can't get just from a URL transformation. you'd need to fetch the tweet (API or however) to find it.
#
Loqi
[overflow:hidden] I would avoid changing display on img and do this instead: img { max-width: 100%; vertical-align: middle; } Also, the flow-selector should have a margin-top of 2em to adhere to WCAG 2.1 AA standards: w3.org/TR/WCAG21/#tex…
[qubyte] joined the channel
#
[Rose]
petermolnar I have auto light and dark mode, but not with a toggle yet 🙂
#
[Rose]
Definitely interested in adding a toggle
#
petermolnar
the trouble with the toggle is that you need to store the setting
#
[Rose]
I like [tantek]’s approach of adding it as a URL parameter
[tantek] joined the channel
#
[tantek]
I store nothing
evantravers joined the channel
#
aaronpk
Hm yeah then I can't add this to webmention.io, that's what I was afraid of
#
aaronpk
but it means someone can add it to their own form since their site will know their bridgy username
[Lewis_Cowles] joined the channel
#
GWG
Who posts an email on their h-card?
#
GWG
It's apparently enough of a rarity we didn't find a problem with consuming it till recently
#
GWG
Curious about the wild
#
[Lewis_Cowles]
finally tested encrypt / decrypt working with in-browser plugin + changed styling. Need to work on non-PGP message signing, separate network resource encrypted message(s), testing rich content
[dmitshur] joined the channel
#
[dmitshur]
does anyone know the correct HTTP status code to use when serving a request where the host is invalid/unsupported? is it 404 or is there a more specific status code for "host not found"?
#
GWG
Unsupported?
#
[dmitshur]
a host where no website exists
#
[dmitshur]
but the DNS happens to be pointing at some server
#
GWG
I should see what mine does
#
GWG
It has been so long
#
Loqi
totally
#
[dmitshur]
I'm not finding anything more specific than 404 but wanted to ask in case I overlooked something
#
dougbeal
well, why are you serving up a http status code if it isn't a valid webserver?
#
[dmitshur]
because that was the most reasonable thing I could think of. what do you suggest instead?
#
dougbeal
I would say not responding to port 80 is a clear indication that no website exists on that port
#
[dmitshur]
the server exists and hosts multiple hosts. so it's a question of what to do when the request host is not one of the ones it serves.
#
[dmitshur]
serves* multiple hosts
#
dougbeal
Would a diagnostic/error page be useful? i.e. http://asoshared.com
#
[dmitshur]
interesting option, I haven't thought about that. it's viable, but I think I'd prefer a simpler and more empty response, at least for now.
#
dougbeal
You could also have differnt/active 404 to indicate no domain mapping vs valid mapping but nothing found
#
[dmitshur]
I'm fine with 404, I just wanted to check if there was maybe something more specific (e.g., like there's 405 for when the method is unsupported).
#
[Lewis_Cowles]
4xx suggests it's the client at fault
#
[dmitshur]
it is kinda their fault for making a request to a host that doesn't exist. it's certainly not the server's fault.
#
[Lewis_Cowles]
it is in my view 100% the server admin fault
#
[Lewis_Cowles]
but also I can see how the requester shares responsibility
#
[dmitshur]
who is the server admin of e.g. https://thiswebsitedoesnotexist.com ? if you do GET https://thiswebsitedoesnotexist.com it's the client's fault IMO.
#
[Lewis_Cowles]
try example.com AFAIK its protected against registration
#
[Lewis_Cowles]
if that is a case
#
[dmitshur]
similarly it's the client's fault when they do a GET https://example.com/thispagedoesnotexist.html, and they get a 404
#
[Lewis_Cowles]
there is no reason to expect any response at all
#
[dmitshur]
agreed. but if I'm in a position to serve a response, it's better to serve an error than 200 ok.
#
[Lewis_Cowles]
how would the client get this undesired server URL?
#
[dmitshur]
I don't know. they probably wouldn't. but they if do, by trying URLs made of random strings
#
[Lewis_Cowles]
would deny, not be a better pattern? http://nginx.org/en/docs/http/ngx_http_access_module.html
#
[Lewis_Cowles]
you could use that on default host and specify named virtualhosts for other services
#
[dmitshur]
that page sounds like it's more about limiting what clients can access a resource, not about making a resource unavailable to all.
#
[Lewis_Cowles]
It looks like 403 and 404 are the recommended defaults https://tools.ietf.org/html/rfc2616#section-10.4.4
#
[dmitshur]
unrelated, I always want to roll my eyes whenever I see the word "permanently" in HTTP specs. as if anything can be truly permanent... it's always relative.
#
[dmitshur]
more unrelated, sweet, github lets you prepopulate the login value on their sign in form. https://github.com/login?login=foobar
[Rose] joined the channel
#
dougbeal
Does anyone use fontawesome svg icons? They seem half-baked compared to all the formatting options webfonts/svg+js
[tantek] joined the channel
#
[Rose]
I know [aaronpk] does
#
[Rose]
In Monocle.
evantravers joined the channel
#
GWG
I use a few of them for my plugins
#
[dmitshur]
working on my sign in form (to replace https://dmitri.shuralyov.com/login), still a WIP, but here's what I got so far
#
[dmitshur]
constructive feedback is always welcome. keep in mind I'm transitioning from GitHub as the only sign in provider, so for now I want to prioritize that. over time, I'll consider de-emphasizing signing in via github.
#
[dmitshur]
my goal is let people who want to login via github continue to be able to do that, but also give an opportunity to someone who gets curious like "wait a minute, I can sign in with my own shorter URL instead of github.com/blah...!? let me learn about this indieauth thing."
#
[dmitshur]
so, I should probably make it a hyperlink 😛
[snarfed] joined the channel
#
[snarfed]
[dmitshur] cool! not working for me with https://snarfed.org though, i get 405 Method Not Allowed. method should be GET
#
[dmitshur]
it's just an HTML page, it's not functional yet. I'm working on the HTML/CSS
gRegorLove joined the channel
#
[dmitshur]
"https://you.example" is kinda long though. maybe I should use "https://you.com" as the example.
KartikPrabhu joined the channel
#
gRegorLove
I like "example.com" in those, personally
#
gRegorLove
Looking good!
#
[dmitshur]
hmm, should I use "github.com/example" too then? to match "example.com"
#
gRegorLove
maybe, or "username". Up to you. I think most will understand either way, though
BenLubar joined the channel
#
[dmitshur]
another option might be "github.com/user" and "user.com"
#
[dmitshur]
I'll go with example for both for now
#
sebsel
it's better to use example.com and user.example, as these domains are reserved to be used as examples.
#
sebsel
user.com and you.com are actually valid and registered domainnames that are owned by someone.
#
sebsel
what is example?
#
Loqi
It looks like we don't have a page for "example" yet. Would you like to create it? (Or just say "example is ____", a sentence describing the term)
#
gRegorLove
Didn't know about user.example
#
Loqi
[sknebel] #3 use guaranteed invalid redirect_url
#
sebsel
so .test domains will not have the problems the .dev domains have now, because they are also reserved :)
#
[dmitshur]
I'm familiar with that, the problem is that "user.example" doesn't look like a URL to most people, because .example is a rare and unfamiliar TLD. that's why I'll go with example.com for now, it looks more like a URL and it's reserved.
#
gRegorLove
Yeah, probably makes more sense in technical documentation vs in a UI
#
jacky
random aaronpk have you made any progress with event sourcing via HTTP?
#
jacky
I'm toying around with it for lwa (it's still a bit busted so it only works locally for me)
#
jacky
well, not it directly, but websockets
jjuran joined the channel
#
Loqi
Lwa is a in-progress social reader by Jacky Alciné at https://lwa.black.af that aims to provide an adaptive approach to rendering social feeds https://indieweb.org/Lwa
#
jacky
yeah it's a social reader
#
jacky
I'm debugging something right now for indieauth
#
jacky
that I'm actually planning to then move into another project lol
#
jacky
but soon :)
[jgmac1106], KartikPrabhu, evantravers and jjuran joined the channel
#
gRegorLove
[jgmac1106], With that note, because you have an e-* (e-content), the parser does not imply the p-name. You could put p-name on the same element as e-content
#
aaronpk
dougbeal: I just switched to fontawesome's svg icons in monocle and they're way faster
#
GWG
aaronpk: From what?
#
aaronpk
Whatever their default JS thing is
#
jacky
the whole element swapping thing
#
aaronpk
[jgmac1106] gRegorLove the markup on that post looks right, no p-name necessary
#
aaronpk
The post on https://news.indieweb.org/en correctly displays it as a note. Loqi just doesn't copy the text of a note into the IRC notification
[Rose], [tantek], evantravers, [Michael_Beckwit and [chrisbergr] joined the channel
KartikPrabhu joined the channel