#dev 2020-04-18

2020-04-18 UTC
geoffo, gRegorLove and hs0ucy joined the channel
#
dansup
!tell [snarfed] the latest version of pixelfed is out! Many of those bugs should be fixed now :) https://write.as/pixelfed/pixelfed-v0-10-9
#
Loqi
Ok, I'll tell them that when I see them next
[snarfed] joined the channel
#
[snarfed]
woo thanks dansup!
tomasparks and [Aaron_Klemm] joined the channel
#
[Aaron_Klemm]
Is there any way/place to test my indieauth token endpoint?
#
[Aaron_Klemm]
I get a 401 error loading endpoint.php in my browser, but I'm not sure that's a bad thing. Indigenous still gives me the Token Endpoint not found error. It might help to try it somewhere else as the configuration seems correct as I've checked it over several times.
#
[Aaron_Klemm]
After discovering Known, I guess it's likely I'll replace the auth and the token endpoint with the Known provider, but if that's a bad idea, please advise.
[fluffy] and KartikPrabhu joined the channel
#
Zegnat
Good morning [Aaron_Klemm]! It is fine to use whatever indieauth is built-in to known. Several people use it. What is the URL you are trying to login with? Did you add the token endpoint link to the html of that page?
swentel joined the channel
#
swentel
quick question re: micropub?q=source&url={url} - the 'content' property is an array right, not an object with optionally 'text' or 'html' ?
#
swentel
so basically 'content' => ['content here']
#
Zegnat
swentel: the property will always be an array, yes. But it could contain objects rather than strings as that would be valid mf2 JSON
#
swentel
aha, ok
#
Zegnat
swentel: https://micropub.net/draft/#source-content scroll down a little for an example with an object that has an HTML property
#
swentel
ok, I should have known as [grantcodes] actually mentioned that in the issue .. ;)
#
swentel
but thanks for confirming!
#
swentel
Zegnat++
#
Loqi
Zegnat has 17 karma in this channel over the last year (58 in all channels)
[grantcodes] joined the channel
#
[grantcodes]
Yep I always return and array with an object inside with the plain and html version.
#
[grantcodes]
Kind of a pain to have to handle all the possible variations but it's doable
#
swentel
[grantcodes], working a bit on this for drupal/indigenous
#
swentel
baby steps though
#
swentel
but getting there
#
swentel
lockdown + rainy day = indieweb full speed :)
#
swentel
+ weekend
jeremych_ joined the channel
#
Zegnat
[grantcodes]: wait until someone starts sending multiple content properties, that’ll be even more of a pain ;)
#
[grantcodes]
Heh, fortunately I've not seen that yet...
#
swentel
who knows WP might at some point, so you can target the multiple gutenburg blocks :P
#
swentel
anyway, indigenous now finally handles [{text: 'blah', html: '<p>blah<p>'}] for the overview of posts in q=source ;)
#
swentel
next step is getting the update screens working
#
swentel
that will be tricky
#
[grantcodes]
Depends on how you've got them set up. Mine I can just pass in a mf2 object, it shows the appropriate inputs based on the properties and then updates the mf2 object when inputs are changed.
#
[grantcodes]
Then if it's an update I think I normally compare start and end property values and send a replace request since it's generally easier than the other update types
jamietanna joined the channel
#
jamietanna
aaronpk: what are your thoughts on extending Telegraph to return the `Location` header from the downstream Webmention server when a post is syndicated? Just spotted that it doesn't (and it's called out in docs, I just didn't read them well enough) but would be useful to be able to then use it to know where that Webmention was syndicated to
#
jamietanna
Some webmention servers seem to return the URL in the $.url in the response body, so I could parse the Telegraph `$.http_body` as JSON, and then if that's there, use it, but given the `Location` header can be used too, that'd be nice, too!
#
swentel
[grantcodes], I need to parse the response and decided based on the properties to open a specific activity which has the properties available for it
#
swentel
I guess you have to parse anyway
#
swentel
but I'm thinking to change my screens, now they are 10 different ones, instead I just want a single screen where you can then toggle new inputs
#
swentel
but I'll get there :)
#
swentel
I currently only use it to publish/unpublish stuff
#
swentel
not to fix typo's or so
#
swentel
but maybe that will start to happen when it actually works of course .. :)
#
swentel
anyway, back to desktop now, almost ready for building new packages, made a lot of progress
#
[grantcodes]
Yeah generally with the UI simpler is better. But all the parts are in place 🙂
#
swentel
been thinking about some new properties also for microsub responses
#
swentel
especially for managing channels/feeds
#
swentel
simple ones though: a 'last fetched' property, which indicates when the last time a post was saved for a source
#
swentel
a 'total count' of all posts per channel/feed
#
swentel
and, last, but not least, a request which returns the full tree, easier for creating a UI to manage feeds/channels
#
swentel
although I could do multiple requests of course for the last one, but it's a less ideal (I think)
#
jamietanna
swentel re the q=source handling, I'm not sure if you've looked at https://www.w3.org/TR/micropub/#html-content which shows that it should be `html` as the only element in the list
swentel joined the channel
#
swentel
jamietanna, so, the drupal server returns both (which I guess is fine). Indigenous will look for html
#
swentel
and maybe fallback to text, not sure yet
#
jamietanna
Wouldn't it be safer to fallback to it just being `["regular mf2 string array"]` instead of `[{"text": ["object"]}]` ?
#
swentel
that it does too :)
#
jamietanna
ah perfect
#
swentel
that was the problem I fixed this morning
#
swentel
I assumed it was [string]
#
swentel
but now handles all cases
#
jamietanna
Actually while we're talking about Indigenous - I recently set up https://www-api.jvt.me/micropub?q=categories (unauthenticated) but when enabling it with Indigenous' settings for categories autocomplete, I don't seem to see anything
#
Zegnat
All cases (well, minus the image case, haven’t written it up yet): http://microformats.org/wiki/microformats2-json#properties
#
swentel
jamietanna, hmm so, when you start typing, you don't see the autocomplete kicking in?
#
jamietanna
no I don't, swentel
#
swentel
hmm, ok, let me check if it still works here ..
#
swentel
ok seems to work
#
Loqi
[jamietanna] #31 Telegraph should return the webmention server's `Location` header
#
swentel
jamietanna, q=category
#
swentel
instead of categories
#
jamietanna
thanks haha
#
swentel
just noticed when I called mine locally hehe
#
swentel
this could have been one of those weird ones spending way to much time on :)
#
Zegnat
jamietanna: oh, wow, I think that indieweb news implementation actually goes against the webmention spec
#
jamietanna
Oh really? Because `Location` is meant to be for the status URL?
#
Zegnat
Unless that page somehow is a status page too
#
Zegnat
jamietanna: https://github.com/aaronpk/Telegraph/issues/31#issuecomment-615857548 - that might be closer to what I would expect on the Webmention side of things
#
Loqi
[Zegnat] Leaving aside the question of whether IndieNews is doing the right thing with that `Location` header… If Telegraph were to pass on the webmention endpoint’s `Location` header I would expect for it to be some sort of “external status” prope...
#
Zegnat
It always gets a little murky when Webmentions are used for some specific other task, like syndication in this case.
#
jamietanna
That's reasonable
#
Zegnat
I don’t think there is any specification for the status page themselves. Otherwise Telegraph could actually poll it and know when asynchronous handling is done
[schmarty], loicm, jamietanna and [Aaron_Klemm] joined the channel
#
[Aaron_Klemm]
Good morning, [Zegnat]! I do have the endpoint linked from the URL I'm trying to login with: https://aaronklemm.me/
#
[Aaron_Klemm]
Possible problems are my php+nginx isn't configured correctly, the the selfauth index.php and an info.php page work in that directory. Also perhaps Indigenous has a bug after all, but at the moment I'm out of ideas for further debugging my php setup and also unclear where else I could test my endpoint.
swentel joined the channel
#
[Aaron_Klemm]
And of course I could have something wrong in my mintoken setup, though your install instruction were clear and concise, so not sure what i might have missed.
#
[Aaron_Klemm]
The endpoint returns 401 Unauthorized
#
[Aaron_Klemm]
If that's unexpected, it will be good to know and I'll focus on that problem.
#
Zegnat
GET requests, like a browser would do, always require a Bearer token. So getting a 401 is pretty much expected.
#
Zegnat
The WWW-Authenticate response header will contain more information about the 401, in accordance with the HTTP spec.
#
Zegnat
Mintoken is really, uuh, minimal, so it never exposes any more information than absolutely neccessary. Which is a bit of a pain when debugging ;)
#
Zegnat
[Aaron_Klemm]: the endpoint seems to work. If I submit a faulty bearer token, I get the expected error message back
#
GWG
Does anyone return a WWW-Authenticate in an IndieAuth endpoint?
#
GWG
I know I don't right now
#
Zegnat
I do not think IndieAuth defines errors through WWW-Authenticate? But now I start doubting myself.
#
Zegnat
Mintoken does it because it is an OAuth token endpoint
#
swentel
hmm I only return a response status
#
swentel
could be possible symfony adds a standard message
#
Zegnat
[Aaron_Klemm]: you could test doing the manual requests for a token with help of https://gimme-a-token.5eb.nl/ and see if you end up with a token. If you can get through those steps, it might be a bug in Indigenous.
#
[Aaron_Klemm]
Good good, very helpful. Thanks!
#
Zegnat
Upon a cursory reading of the IndieAuth spec, I guess WWW-Authenticate could have OAuth error messages in case you reply with a 40[013] on the verification step. But I do not see much other reason to put it in place for other requests
#
swentel
android or ios indigenous?
#
swentel
if, android, what's the error message? :)
#
swentel
(in case there's a meaningful one of course, I know I haven't made those perfect yet)
#
[Aaron_Klemm]
iOS, and everything checked out at manual token request tool Zegnat listed so I think I can move on assuming the Indigenous on iOS is causing the problem. Thank y'all!
#
GWG
I have issues with meaningful error messages in debugging IndieAuth
#
Zegnat
That is goo bad [Aaron_Klemm] :( If Mintoken was not issueing the token I could have looked into why
#
Zegnat
Any Indigenous iOS users with any guesses what might be up? What does it require?
#
swentel
what's the url you try to connect with?
#
swentel
maybe I can see something in the android version
#
swentel
ok, give me a minute
#
[Aaron_Klemm]
Well, I just re-installed the app and get a new error: "Micropub Endpoint not found" so that's enough progress to keep me going into the rabbit hole.
#
swentel
hmm yeah, it doesn't find all endpoints here too
#
swentel
let me quickly check
jamietanna joined the channel
#
jamietanna
GWG I believe I do return it for flows that enforce authentication
#
jacky
TIL about WWW-Authenticate
#
swentel
[Aaron_Klemm], ah yes, you need a micropub endpoint
#
jamietanna
`curl https://www-api.staging.jvt.me/micropub -H 'Content-type: application/x-www-form-urlencoded; charset=utf-8' -d 'h=entry&content=Micropub+test+of+creating+a+basic+h-entry' -i`
#
[Aaron_Klemm]
It must've been caching the response when the token endpoint wasn't available, so now that's solved, and I don't have a "micropub" endpoint yet.
#
swentel
you only defined authorization and token enpoint
#
jacky
it looks like you can suggest URLs as the realm
#
jacky
er rather a description
#
[Aaron_Klemm]
Boom! Exactly. I'll move onto that and might get Indigenous working after all!
#
jacky
can see using a URL there as a useful way to put info here
#
swentel
[Aaron_Klemm], it might be possible it wants a microsub endpoint too
#
swentel
I'm not 100% sure if the iOS version runs in case one is available
#
[Aaron_Klemm]
will do
#
swentel
(android can, let me quickly check the ios source)
#
jamietanna
I also return on i.e. `insufficient_scope`: `Www-Authenticate: Bearer error="insufficient_scope", error_description="The request requires higher privileges than provided by the access token.", error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"`
#
jacky
See, I didn't know you could do this
#
jacky
I figured putting in the payload was enough
#
swentel
[Aaron_Klemm], microsub seems optional (unless I'm reading the code wrong heh)
#
Zegnat
jacky: some straight-forward examples from my token endpoint https://github.com/Zegnat/php-mintoken/blob/master/endpoint.php#L221-L238
#
Zegnat
There I am using the error_description to specify *why* a token was invalid
#
Zegnat
Which has helped me a tonne in debugging
#
Zegnat
Although I have noticed some issues with debugging tools. I think a coworker was using Postman for HTTP testing the other day and it would not expose the response headers on a 4xx page at all. So he had to constantly switch to curl
#
jacky
Zegnat++
#
Loqi
Zegnat has 18 karma in this channel over the last year (59 in all channels)
#
jacky
I'll look into adding this into my site
#
aaronpk
If you just add a placeholder micropub endpoint you should be able to sign in, it just won't be able to do anything like post, but you should at least get past the login stage
#
swentel
and if you want a quick test for microsub, you can use https://indigenous.realize.be/indieweb/microsub
#
swentel
it allows for anonymous channels and timeline
#
swentel
hmm actually, it won't work ..
#
swentel
as the client will send a token hehe
#
swentel
should probably fix that in the code, it only works if there's no authorization header
[kimberlyhirsh], [grantcodes], [chrisaldrich] and [LewisCowles] joined the channel
#
aaronpk
i think it's time to look at some open github issues this morning
[snarfed] joined the channel
#
[snarfed]
isolation productivity
#
aaronpk
i still keep thinking about making a webmention game
#
Loqi
[snarfed] #9 back off to lowest polling tier if no h-feed/h-entry's found
#
aaronpk
gonna do some maintenance first tho
#
aaronpk
ooh good one
#
aaronpk
polling tier logic always stresses me out
#
aaronpk
so hard to test
#
[snarfed]
really? you use some task scheduler, right? just look at the newly enqueued task's ETA?
#
aaronpk
i mean it's doable, but it's not like unit tests
#
[snarfed]
huh. i check task ETAs in unit tests 🤷
#
aaronpk
i think the problem is i use beanstalkd for the job queue which isn't super inspectable
#
[snarfed]
ah. mocks here you come
#
aaronpk
ah right now i remember the problem with that issue
#
aaronpk
watchtower doesn't actually look for microformats at all, it just cares about whether the page has changed
#
aaronpk
i wonder if i should move the feed fetching into Aperture
#
aaronpk
would make it easier for other people to set up aperture :)
swentel joined the channel
#
Zegnat
I guess you could look into https://github.com/aaronpk/Watchtower/issues/1 instead, and have it stop polling in case a websub endpoint is advertised. Then bridgy could advertise a (dummy) websub endpoint and Watchtower would not have to poll at al
#
Loqi
[aaronpk] #1 subscribe to WebSub hubs if available
SpencerDub and swentel joined the channel
#
swentel
hmm so xray strips dangerous tags, which makes sense
#
swentel
in this case, I'm seeing it from rss feeds
#
swentel
and an iframe was stripped, even though it's fine (vimeo player)
#
aaronpk
XRay is pretty strict on sanitization
#
swentel
would it make sense to try and extract and add it to video property for instance? (although I don't know if vimeo urls can work with video tag)
#
aaronpk
i don't think they can, most video players that use iframes do that so they can embed their JS players that include tracking and such
#
swentel
hmm true
#
swentel
hmm well, my girlfriend can always go the site ;)
#
swentel
she pointed me to it (she's the best tester I've ever had haha)
#
aaronpk
iframes are a tricky one
#
swentel
hmmm chromium apparently supports lazy-load
#
swentel
but that's no a solution of course
#
swentel
oh well, no big problem
#
aaronpk
i could see possibly adding an explicit list of allowed iframe domains to enable certain things to work, but i'd probably also make that an opt-in flag for the thing using xray
#
swentel
I'd love to see how feed.ly handles it (as that rss import there works)
#
swentel
that might be an option yes
#
swentel
+1 on a flag too
#
swentel
[snarfed], question for you too, does granary, when parsing a twitter feed, know if the account is private or not? If so, do we have an an mf2 class to put that on the the author h-card?
#
swentel
would help me to block actions in my feed I don't want to like/reply/repost such a tweet for instance on my site, potentially exposing info
hs0ucy joined the channel
#
[snarfed]
swentel, yes! and no clue if we have that in mf2. not that i know of
#
[snarfed]
it's very necessary for bridgy though so that it only backfeeds known public stuff
#
swentel
[snarfed], and if I reply to a private account, and push to brid.gy, does it arrive?
#
swentel
s/push/notify
leg joined the channel
#
[snarfed]
swentel you mean with bridgy publish? hmm, maybe? i've never tried
deathrow1 and geoffo joined the channel
#
[snarfed]
oh, sorry, _reply_ to a private account. yeah that should work
[tantek], gRegorLove, geoffo, leg, petermolnar and [fluffy] joined the channel
#
[fluffy]
Speaking of which, does bridgy have any support for autoauth or whatever? Currently there’s no way for bridgy to send me notifications for twitter or mastodon responses to my private posts because the webmention to bridgy never happens.
#
[fluffy]
I need to add token or autoauth support to pushl for that to happen of course.
#
[fluffy]
Heck, are there any indieauth endpoints that support autoauth yet?
#
Zegnat
AFAIK there is only one implementation that has successfully negotiated autoauth?
#
Zegnat
sknebel: do you remember if we ended up demoing it on video?
#
sknebel
uhh...
#
[fluffy]
autoauth feels like it’s been a long time coming for so long now
#
[fluffy]
but it’s very chicken-eggy right now
#
sknebel
indeed
#
sknebel
and tbh life kind of has gotten in the way of pushing it forward
#
[fluffy]
understandable
#
[fluffy]
I mean I haven’t had time to work on it either, so
#
sknebel
+ it has noticably more moving parts than most things we do
#
sknebel
which really doesn't help
#
[fluffy]
yeah. last tim eI worked on this stuff I had Publ accepting c2s-flow bearer tokens but I never figured out how to validate my s2s implementation.
#
[fluffy]
except by seeing that it almost certainly isn’t correct 😛
#
Zegnat
Yeah, a lot of stuff needs to come together just right. And even then there are still parts of the brainstormy spec that feel kinda shoehorned in? Like the use of WWW-Authenticate and so on? A lot of stuff based on using existing tech, but not in a way any of it was actually being used by itself
#
aaronpk
i wish there was some way to make it have fewer moving parts
#
Zegnat
Hmm, we have video from Berlin 2018, which is where it was demod, but not sure we have video of the demos
#
[fluffy]
oh wait actually I did add bearer token support to pushl, I just never got around to using it in anything 😛
#
[fluffy]
because I wanted to wait until I had an idea of how to actually grant the tokens, and I wanted it to actually be useful for anything (which it currently isn’t)
#
[fluffy]
since the webmention validation step will just get a 401, because nobody implements autoauth 😛
#
sknebel
Zegnat: I feel like we demoed it at intros of something too
#
sknebel
I should at least take time to validate that my examples still work and match the current document
#
Zegnat
I think I found it!
#
sknebel
(even cooler would be bringing them in a state that the code can be shared, but that's a bit more effort)
#
[fluffy]
From a pragmatic standpoint my current ad-hoc thing (show a stub entry to atom and twitter, ask people to log in to see it) has been Good Enough but it isn’t, y’know, great.
#
Zegnat
Conveniently we started the demos with the proto AutoAuth
#
Zegnat
Or, I guess, conveniently I was voluntold to start?
#
aaronpk
i kinda want to take a look at the docs again and see if all the design constraints still hold
#
[fluffy]
I recall it making sense to me last time I poked at it, for whatever that’s worth, but I’m not even remotely an auth expert
#
Zegnat
Did we use voluntelling in 2018? If we did not, there is a definitive example at 2:28 when [tantek] literally points at me :P
#
Zegnat
Oh, and within a minute it looks like seb got volunteered to keep scribing the whole thing to IRC. Good times!
#
[fluffy]
someday I also need to get around to implementing micropub for Publ, which was the other reason I added bearer token support
#
Zegnat
goes on an IWC video binge to feel connected with everyone
#
KartikPrabhu
so.... had an online conference today. The "people" set the "watch now" links to appear just before the presentations were live. And.... somehow it was all tied to EDT, so people in the midwest and west coast never got the "watch now" links :P
[chrisaldrich] joined the channel
#
aaronpk
timezones are hard 😂
#
Zegnat
aaronpk: I really want to have a look at autoauth again after taking a refresher on oauth.xyz, just to see if there is any streamlining we can borrow
#
aaronpk
good point
#
Zegnat
Any XYZ talks coming up? 😇
#
aaronpk
just the one from a couple weeks ago where i briefly mentioned it :)
#
Zegnat
Darn, guess I need to fall back to good old reading then
#
sknebel
Zegnat: if you buy Animal Crossing you need to do the "OAuth theatre play" aaronpk always talks about with him and others in game :P
#
Zegnat
“Martijn will now travel to Aaron’s island to pick up a token, represented by this peach”
#
aaronpk
oh gosh
#
Zegnat
I don’t know what objects are available in AC. I just saw someone running around collecting peaches in a random YT video, so going with that
#
[fluffy]
peaches are a rare fruit that become quite readily available once you start cultivating them, so, take that for what it’s worth
#
[fluffy]
bamboo shoots might work better, because once you plant them you run the risk of your entire island being taken over by bamboo without reasonable care being taken.
#
[fluffy]
… we’re talking about Animal Crossing materials being allegories for communication protocols, right?
#
sknebel
aaronpk mentioned a few times that we should a video explaining IndieAuth and AutoAuth with people for the different roles, passing things around
#
aaronpk
my coworker made a game for that for oauth
#
GWG
I am thinking of the SWAT0 demo
#
[tantek]
GWG, we still need to recreate it! Feels like something we should have as a challenge for every Summit until its an "everpresent" thing that "just works" with modern solutions
#
[tantek]
I wonder what it would take to get micro.blog as a SWAT0 participant as player A, B, or C
#
aaronpk
haha i don't know who that was but we completed it!
#
GWG
I was talking about for autoauth, but yes
#
Zegnat
I was in as lurker, so not me!
#
Zegnat
But I got to watch from the sidelines
#
sknebel
I was Yelp
#
aaronpk
it's actually meant to be something we use while on a zoom call with people, but nice to know it mostly works even without someone walking through it
#
Zegnat
I was thinking I had to join in when it said Google had to take action, as there were only players for Pat and Yelp.
#
Zegnat
Who got control of Google?
#
aaronpk
i was jumping back and forth between them since i know the cheat code
#
jacky
yooo I'd be down for that lol
#
jacky
re: animal crossing + indieauth lol
#
[tantek]
Did this somehow switch from literal proper nouns to figures based on those?
#
aaronpk
hm, webmention verification question
#
[tantek]
maybe -> chat?
#
[tantek]
ah that sounds more ontopic
#
aaronpk
if a source document is recognized as having microformats, i "upgrade" to a much more strict verification process where it requires the microformats content contains a link, rather than just anywhere on the page
#
aaronpk
in other words, it looks at the parsed mf2 tree rather than the HTML of the source document
#
aaronpk
i guess the idea is that it cuts out noise of webmentions from page navigation and such
#
aaronpk
however, if the source document's microformats are broken, like is the case in many wordpress installs, for example if the blog post contents does not have e-content, this then causes the verification to fail even though there is a link in the blog post
#
aaronpk
so i guess the question is should I not be doing that more strict version of webmention verification because of these edge cases?
#
jacky
tbh the stricter case is something I do as well because I keep a 'copy' of mf2 for context presentation
#
jacky
_but_ if there's a way to run the parser again and just consume it all then yeah
#
[tantek]
better to fail early than get only one step further and then face weirder failures
#
[tantek]
sounds reasonable
#
jacky
just pulls very barebones info about a page if the mf2 seems 'off'
#
aaronpk
well the reason this came up is someone filed an issue saying why is it saying no link is found when there is a link
#
aaronpk
but yeah like jacky said, if it passes webmention verification but then returns an mf2 document that doesn't contain the link, that seems weird too
#
jacky
yeah b/c IIRC a url is like _needed_ for an entry (or even a card)
#
jacky
what is an entry
#
Loqi
Post or posts may refer to individual pieces of content published on an indieweb site such as notes, articles, & responses, or the act of creating the aforementioned content (present tense), or Posts about the IndieWeb https://indieweb.org/entry
#
Loqi
[szpak] #150 Status: No Link Found - while the link is there
#
jacky
oh that's not true
#
jacky
> All properties are optional.
#
Loqi
[Tantek Çelik] h-entry is a simple, open format for episodic or datestamped content on the web. h-entry is often used with content intended to be syndicated, e.g. blog posts. h-entry is one of several open microformat standards suitable for embedding data in HTML. ...
#
jacky
that feels _kinda_ bad in this case tbh
#
aaronpk
that wordpress.com link does contain a link to the new .pl domain, but not if you look at the parsed mf2 document
#
aaronpk
the h-entry has only a "category" property heh
#
jacky
:( that seems like it's incomplete tho tbh
deathrow1 joined the channel
#
aaronpk
so should i be like well this is clearly not a complete h-entry and ditch it?
#
jacky
imho yeah
#
aaronpk
and fall back to HTML verification?
#
jacky
_tbh_ in this case, I think it's okay to be strict about needing mf2
#
Zegnat
I guess that fallback depends: do you usually accept webmentions from non-mf2 pages?
#
jacky
I can see that fallback opening a can of worms in the future like [tantek] mentioned
#
Zegnat
Then it seems to make sense to demote (?) it to a normal mention again
#
aaronpk
yes it accepts non mf2 webmentions, but if the page says there is mf2 then it requires stricter verification
#
aaronpk
if it fails that strict verification and i fall back to html validation then i might as well not do strict verification at all
#
jacky
yeah then failing hard (and hinting as to why) should be good (because then they can fix that)
#
aaronpk
yeah maybe the answer here is just a better error message
#
jacky
is also being slightly selfish and wanting people to fix their MF2 :)
#
jacky
I know my site generates some wonky forms of it too
#
[tantek]
this is false: "then i might as well not do strict verification at all", because when something passes "strict verification", that's when you bother to actually treat it as more meaningful than "just" a "mention"
#
Zegnat
What does it do if there is an h-card but no h-entry? Weird hypothetical there, but that means the page includes mf2, just not for articles.
#
Zegnat
Something I could see happen if people just slowly add mf to their pages.
#
[tantek]
reply, like, etc.
#
[tantek]
yeah not worth the theoretical rabbithole
#
aaronpk
right now it's not vocabulary aware
#
Zegnat
Just wondering how strict aaronpk’s “strict” check is
#
jacky
edgecase galore :)
#
aaronpk
but if there are microformats, then it only looks at the microformats tree
#
Zegnat
Gotcha
#
[tantek]
I think that's the right way to do it
#
[tantek]
the earlier people get a signal that they have bugs to fix, usually the cheaper it is to fix it
#
Zegnat
aaronpk: do you do synchronous webmention checking? If not: how do you communicate failure in a good way if you have just answered with a 201 Created?
#
aaronpk
yeah i'm leaning towards making this error message better
#
aaronpk
Zegnat: see the screenshot in the linked issue :)
#
Zegnat
Oh woops, missed the Github link, ty
#
aaronpk
so instead of "the source document" i'm going to rewrite this so that it mentions microformats specifically
#
Zegnat
Yes, +1 on that distinction :)
#
aaronpk
(even though in this particular case there isn't much that can be done, because the source document is on wordpress.com and they were migrating their blog anyway)