#dev 2020-05-28

2020-05-28 UTC
[chrisaldrich] joined the channel
#
[LewisCowles]
a PR, to a PR branch.. Can I get a yo-dawg meme?
fredcy_, geoffo, flex14, callMeBaby, beko, tantek_, Sonia, chrisaldrich, nickodd, [tw2113] and [fluffy] joined the channel
#
[fluffy]
I’m poking at IndieAuth/AutoAuth authorization token flow again and I’m a bit confused, as usual. In IndieAuth, a successful token request responds with an HTTP 200, but in AutoAuth, it seems to do HTTP 202 instead? Is there any reason for this?
#
Loqi
[fluffy]: jgmac1106 left you a message on 2020-04-28 at 10:58am UTC: would it be hard in your webmention tool to seperate mentions and replies?
#
[fluffy]
… wow that’s… old
#
[fluffy]
loqi is really not a great way to send me questions 😛
#
[fluffy]
!tell jgmac1106 loqi is a terrible way to get in touch with me. 😛 Pushl doesn’t actually parse the link types, so no, it couldn’t separate mentions from replies.
#
Loqi
Ok, I'll tell them that when I see them next
#
gRegorLove
I think the authorization code verification and access token callback parts can happen async after that 202 response
#
aaronpk
Right, in autoauth the token is delivered later
#
aaronpk
I hope I am remembering that right
#
gRegorLove
yeah, had to refresh myself on the spec
#
gRegorLove
it says it can be sync, but don't know if that's been implemented
vilhalmer joined the channel
#
jacky
is excited to implement autoauth lol
#
jacky
it's like the one of the few pre-reqs for private / protected feeds for me
#
nekr0z
I've been toying with an idea of an IndieWeb-compatible site hosted fully in IPFS. Would need to outsource the dynamic components (like any static-generated site), but looks doable.
#
jacky
nekr0z: yup! tbh that _base_ that's needed is just the content entry itself
#
jacky
I've been writing my wrapper libraries for indieweb stuff to not know _too_ much about HTTP (only focusing on HTML and URLs) so having a Dat/Hypercore URL shouldn't be impossible or improbable
#
nekr0z
But then I realized one MUST control http-headers to support webmentions (to send 410s for deleted content), so no, an IndieWeb site can't be hosted on something like IPFS - at all.
#
nekr0z
Which frustrates me, because I don't really understand _why_ it has to be this way.
#
jacky
so that _might_ be still doable with an async webmention tbh
#
jacky
a dat site can lean on a proxy to send that 410 out (like if it checks a dat:// URL and it comes up as gone, it can considered it deleted and proxies that as a 410)
#
Zegnat
Is there a dat native equivalent for 410 Gone? Because that seems like a pretty straight forward extension to make it we mention compatible, if it is just that.
#
jacky
not explicitly - afaik dat doesn't have a concept of HTTP verbs
#
nekr0z
jacky: True, but needing such a proxy seems to defeat the whole point. At this moment, IPFS is not a hosting solution anymore, it's just a database that holds your content.
nickodd left the channel
#
jacky
tbh that's a stop-gap until a reliable and friendlier solution can come into play
#
jacky
agh that page is so annoyingly built using that weird Javascript for links
#
jacky
there's no true concept of deletion anyway (dat is an append-only thingy)
[chrisaldrich] joined the channel
#
aaronpk
Wait there is a thing
#
aaronpk
what is deleted
#
Loqi
A deleted is a post that has been removed https://indieweb.org/deleted
#
jacky
OOH yes
#
jacky
good memory aaronpk
#
jacky
using `dt-deleted` can work here
#
jacky
like if that's visible, it's as good as deleted
#
jacky
everything else can be ignored (essentially)
#
aaronpk
what is http-equiv
#
Loqi
It looks like we don't have a page for "http-equiv" yet. Would you like to create it? (Or just say "http-equiv is ____", a sentence describing the term)
#
aaronpk
there's a meta tag
#
aaronpk
this predates webmention by far
#
jacky
ha I remember using that to do manual refreshes of a page
#
Zegnat
The meta tag might be better, wouldn't be surprised if that also predates microformats. Probably what I would pick.
#
aaronpk
Weird that I can't find it on the wiki
#
aaronpk
but there's a meta tag that's supposed to mean the same thing as the http response code
#
jacky
leaned on DDG
#
Loqi
ok, I added "/meta_http-equiv_status#410_Gone" to the "See Also" section of /deleted https://indieweb.org/wiki/index.php?diff=70093&oldid=63263
#
nekr0z
but that wouldn't be spec-compliant, would it? since the spec reads _SHOULD_ return a 410
#
aaronpk
Oops it doesn't support fragment links
#
aaronpk
SHOULD means should unless there's a reason not to
#
aaronpk
and this sounds like a reason not to
#
jacky
relearns the power of the word 'SHOULD'
#
Zegnat
!tell [LewisCowles] I am super confused by LIBXML_PARSEHUGE fixing anything. But I'm fine with including it when the tests say it works. We might need to add a test where the html does not have a root node, as mentioned by [KevinMarks]
#
Loqi
Ok, I'll tell them that when I see them next
#
jacky
nekr0z++ for bringing this up tbh!
#
Loqi
nekr0z has 2 karma in this channel over the last year (4 in all channels)
#
jacky
this combined with the work of unwalled-garden might be a legit bridge for dat/hypercore and indieweb stuff
#
jacky
it's like a hypercore/dat equiv to some parts micropub and some parts microsub
#
nekr0z
aaronpk: yep, my RFC2119 became rusty somehow
#
jacky
not the RFC number, lol!
#
nekr0z
Great, then. I know what my next hosting provider will be ;)
#
jacky
hahah
#
jacky
actually thank you nekr0z for bringing this back to light
#
jacky
because I forgot that unwalled garden is like built into beaker browser
#
jacky
which means if a scheme for http is leveraged, one could use beaker browser as a micropub client of sorts
#
jacky
(like it'd transparently lean on indieweb tech for the http land and dat for dat://)
#
jacky
is restricting making this into a task
#
jacky
they have a _lot_ of stuff going too
[LewisCowles] joined the channel
#
[LewisCowles]
Hey Zegnat,
#
[LewisCowles]
I believe some of your tests already omit the DTD and doctype
#
[LewisCowles]
I don't know about HTML root node, but it sounds like something to be ticketed
#
nekr0z
jacky: oh no, now I know what beaker browser is
#
jacky
lmfao
#
nekr0z
has a lecture to give in less than 2 hours
#
nekr0z
hates jacky
#
jacky
aaronpk: random - how come http://micropub.spec.indiewb.org/ isn't a valid URL?
#
jacky
or at least gets that redirect luv ?)
#
[LewisCowles]
Zegnat. I believe it's an oddity, that we should not need control of, but it's better for us to take control in the scripting language than to expect a runtime to alter behaviour or fix their **** It is unfortunate indeed, and has gained more reasons why I try not to PHP too often
[snarfed] joined the channel
#
Zegnat
[LewisCowles]: just adds another reason to recommend userland html parser until PHP adds an actual html parser
#
[LewisCowles]
gRegorLove++
#
Loqi
gRegorLove has 13 karma in this channel over the last year (81 in all channels)
#
Loqi
Zegnat has 21 karma in this channel over the last year (55 in all channels)
#
[LewisCowles]
Thanks for posting in the open. I enjoyed that yesterday
#
Zegnat
It is cathartic to put despair spirals in the open ;)
#
[LewisCowles]
I hope it's now a spiral staircase
swentel, [KevinMarks] and [tw2113] joined the channel
#
[fluffy]
oops iddn’t see the followup conversation about autoauth. So, then, it’s necessary for my token endpoint to issue the call to the callback_url?
#
[fluffy]
I’m so confused by the wording of the specs
#
[fluffy]
I thought the autoauth mechanism would issue the token request to my token endpoint, and then would forward the response it gets along to the callback_url
#
dansup
After some thought, I've decided to add Webmention support to Pixelfed, users will be able to opt out
leg joined the channel
#
[fluffy]
okay I just re-re-re-read both the transactional diagram and [sknebel]’s example transaction log at https://www.svenknebel.de/temp/autoauth.html and I think I see what’s going on. gosh there’s a lot of moving parts.
#
jacky
dansup++
#
Loqi
dansup has 7 karma in this channel over the last year (9 in all channels)
[itsjustk] joined the channel
#
Zegnat
[fluffy]: yeah, we would love to limit the moving parts. But there are just so many actors. The resource you are requesting can only trust tokens originating from a trusted token endpoint (ie. their own), while you need the requestee’s website to attest that it really is them making the request through an endpoint they trust to verify identity (ie. their authorization endpoint)
#
Zegnat
For token endpoint to issue a token to you, it needs to check your site to find your correct authorization endpoint, and then ask that authorization endpoint if the token request was really made by you. We haven’t really thought of a way to introduce shortcuts there yet. Although there was a little brainstorm about maybe pub-priv keypairs so the initial token request already includes the proof that only needs to be verified
moppy, [prtksxna], ketudb, jeremycherfas, gRegorLove, [tantek], dckc and [jgmac1106] joined the channel
#
@danielmies
@TheGreenGreek looks like it is not possible to send a webmention to your blog. The URL in the hidden input has a slash too much
(twitter.com/_/status/1265964665496055814)
[itsjustk], [KevinMarks], [LewisCowles], dckc, geoffo and [fluffy] joined the channel
#
[fluffy]
What’d be really great is a test suite that you can run on localhost or something, to verify any of the moving parts. Like, I have no way to actually test AutoAuth right now because I have no client that would use it and my IndieAuth endpoint doesn’t support AutoAuth.
#
[fluffy]
so I’m just sort of flying blind and hoping for the best.
jolvera and [snarfed] joined the channel
#
[snarfed]
dansup++ webmention support in pixelfed! exciting! i assume you just mean directly, ie receiving and sending with links to/from posts? not bridgy-style backfeed for posts that are syndicated from people's web sites?
#
Loqi
dansup has 8 karma in this channel over the last year (10 in all channels)
KartikPrabhu joined the channel
#
petermolnar
oh, my, this is one interesting blog design: https://www.gwern.net/ - hover the titles
#
petermolnar
and it's a surprisingly pleasant, definitely non common theme
[prtksxna] joined the channel
#
[jgmac1106]
[Zegnat] is the workflow easier than just doing an account creation on a site for semi-private/public posts? what is the benefit to logging on with domains?
#
Loqi
[jgmac1106]: [fluffy] left you a message 10 hours, 26 minutes ago: loqi is a terrible way to get in touch with me. 😛 Pushl doesn’t actually parse the link types, so no, it couldn’t separate mentions from replies.
#
[jgmac1106]
thx fluffy, consider it a feature request, may have to go add an issue
#
[fluffy]
[jgmac1106] do you have a reason for wanting to separate mentions from replies when doing a push?
#
[fluffy]
like, why would you ever want to send only one or the other?
#
[jgmac1106]
no more on my displaying the webmention, not sending, when a page gets a ton of mentions is sometimes hides the replies, one sec
#
[jgmac1106]
lemme see if I can find example
#
[fluffy]
oh, is this about webmention.js?
#
[fluffy]
I thought you were talking about pushl
#
[jgmac1106]
ahh thx zegnat
[Zegnat] joined the channel
#
[Zegnat]
[jgmac1106] you asking the benefit of autoauth? Your feed reader can log in as you and you never create accounts. So you just starting to follow a site will automatically have a way to authenticate to that site and start reading protected content. That at least is the idea.
#
[jgmac1106]
sounds amazing
#
[fluffy]
autoauth is also useful for sending private mentions 🙂
#
[jgmac1106]
no webemention.js sorry
#
[fluffy]
webmention.js already shows replies separately from mentions.
#
[jgmac1106]
reactions and responses get separated, just would like to separate or maybe even just count mentions
#
Loqi
notes_for_radio_show
#
[fluffy]
er, no, never mind
#
[fluffy]
a mention shows up as a reply, right
#
[fluffy]
Separating mentions from replies would be possible but I don’t want to make the configuration more complicated than it already is.
#
[Zegnat]
The problem with autoauth is not the use cases, I think, it is how not-straight-forward the flow is. I wish we had filmed it when sknebel and I explained it to sebsel on a whiteboard at IWC Åmål.
#
[jgmac1106]
cool, love the tool
#
[fluffy]
I don’t think a video would be any easier to follow than the current docs 😛
#
[jgmac1106]
I was at that session I think
#
jeremycherfas
Gwern is my idea of the almost-perfect site.
#
[fluffy]
The high-level view is useful for explaining how it works and how it’s secure. What I really want as an implementor is a straightforward guide to “what do I need to write to make this work”
#
[jgmac1106]
separating mentions from replies could be default, no configuration necessary, but an edge case so totally get not wanting to change
#
[fluffy]
like, the current HTTP transaction log that sknebel linked to on https://github.com/sknebel/AutoAuth/issues/19 is a good start but it still is really hard to, like, parse through. I’d love to see an addition to the spec which just shows what contracts need to be fulfilled by each part (client, resource, auth endpoint, token endpoint)
#
Loqi
[fluffy-critter] #19 Provide a full HTTP request/response transaction example
#
[jgmac1106]
on unrelated note I took screenshots of the Blogger process of adding blogs to your blog roll: https://quickthoughts.jgregorymcverry.com/2020/05/28/screenshots-of-adding-blog-to-blos-i-follow-in-blogger
#
Loqi
[Greg McVerry] Screenshots of adding blog to "Blogs I Follow"in Blogger #indieweb
#
[fluffy]
[jgmac1106] if you just want mentions to appear in the reactions list, that’s easy to do in a local change - in `getData` change the mapping for `mention-of'` to `collects` instead of `comments`
#
[fluffy]
I guess I could make a simple config flag for that, too
#
[fluffy]
I should also rename `collects` to make it more clear. I forget why I called it that, but it made sense at the time.
#
Loqi
I agree
#
Loqi
fluffy has 22 karma in this channel over the last year (65 in all channels)
#
[fluffy]
feel free to open an issue on webmention.js for that I guess
#
[fluffy]
or better yet a PR 🙂
deathrow1 joined the channel
#
[jgmac1106]
I love how the reactions display horizontal and the responses verticals...worried about messing that up mixing in the mentions
#
petermolnar
Zegnat: re html parser: (/me makes Jedi handwave): there are no html parsers, only xml parsers
[tw2113] and [schmarty] joined the channel
#
[schmarty]
sgml parsers 😄
#
[fluffy]
reactions don’t get their text displayed at all, so moving a mention to reactions won’t mess that up
#
[fluffy]
Basically I’m categorizing things on: is there text to display? If so it’s a response, otherwise it’s a reaction.
#
[fluffy]
like… is it a comment, or is it a verb?
#
[jgmac1106]
ahh cool, will try a PR tomorrow or Friday, good distinction
#
[jgmac1106]
now to figure out how to add an emoji for a mention, maybe a megaphone?
#
[fluffy]
emoji choices are hard 🙂
#
[fluffy]
I’d probably stick with the speech bubble
#
[fluffy]
but I guess having a different emoji for `mention-of` would make it easier to distinguish them in the responses section, too
#
[jgmac1106]
yeah to me speech bubble is a reply, a conversation, megpahone for a mention bc it is more a shout out or citation
#
[jgmac1106]
you amplify my site
#
@RubyInside
webmention-client-ruby: A Ruby Gem for Sending Webmention Notifications - https://github.com/indieweb/webmention-client-ruby
(twitter.com/_/status/1266035758005092352)
#
Zegnat
petermolnar: the great work of getting an HTML parser to PHP has been started though! https://code.cjwillcock.ca/php-extensions/html
#
[LewisCowles]
Have them make it consistent with no oddball flags please
#
@fernandokosh
#Webmention is a “web standard for mentions and conversations across the web” so you can federate comments, likes, and other social media interactions without having to rely on a specific platform. https://lnkd.in/eigfsJh
(twitter.com/_/status/1266046703360188416)
gRegorLove joined the channel
#
@jgmac1106
↩️ Get a family domain and talk to each other through webmentions, no extra service needed. Everybody gets their own website to own their own story. I just did this with my 9 year old son: https://quickthoughts.jgregorymcverry.com/2020/05/28/hey-here-is-the-info-about (https://quickthoughts.jgregorymcverry.com/s/ZpfiO)
(twitter.com/_/status/1266054554292047873)
dopplerg-, nickodd, davepeck, KartikPrabhu, [manton], strugee, [jgmac1106], [itsjustk] and [chrisaldrich] joined the channel; nickodd left the channel
#
[jgmac1106]
I can't figure out what I am doing wrong in CSS Grid here: https://jgregorymcverry.com/articles/2020/05posts
#
[jgmac1106]
trying to use autofill: grid-template-columns: repeat(auto-fill, 250px, 1fr);
#
jacky
what is a podcast
leg and [KevinMarks] joined the channel
#
[KevinMarks]
Has anyone looked at azure for static hosting? https://github.com/Azure/static-web-apps
#
Loqi
[Azure] static-web-apps: Azure Static Apps
oenone and KartikPrabhu joined the channel
#
@BillSeitz
So I put http://webmention.io snippets in my WikiLog pages to support WebMention, but what's next? http://webseitz.fluxent.com/wiki/FrontPage
(twitter.com/_/status/1266135116763598849)
KartikPrabhu and oenone joined the channel