#dev 2021-01-01
2021-01-01 UTC
[Raphael_Luckom], geoffo and [snarfed] joined the channel
# gRegorLove [snarfed], trying out the Bridgy Chrome extension, think I got my first webmention from it!
# gRegorLove The logs on https://brid.gy/instagram/gregorlove don't show it yet, but maybe that part is delayed
# gRegorLove [snarfed]++
hoschi, gRegorLove_, [chrisaldrich] and [snarfed] joined the channel
# [snarfed] [gRegorLove] hmm not if your user page doesn’t show it. i have a new version that should work in chrome though! https://chrome.google.com/webstore/detail/bridgy/lcpeamdhminbbjdfjbpmhgjgliaknflj
gRegorLove_ joined the channel
# gRegorLove_ That's the one I have, I uninstalled the previous one
# gRegorLove_ oh, looks like it was a twitter backfeed, nevermind
[chrisaldrich], [fluffy], oodani, maxwelljoslyn, [tantek], [jeremycherfas], nickodd and [Emma_Humphries] joined the channel
# drhitchcock[m] Happy new year! I'm in the process of working through Sia's tutorial in setting up webmentions on an 11ty website, https://sia.codes/posts/webmentions-eleventy-in-depth/. As far as I can tell the code is set up correctly but there seems to be an issue connecting to webmentions.io or it isn't writing to the cache properly? The dashboard in websockets.io can see that likes have been posted in Twitter. Can anyone
# drhitchcock[m] help?? 🙏
hoschi, h0sch1, hoschi-it, leg and [KevinMarks] joined the channel
[snarfed] joined the channel
gxt, [KevinMarks] and geoffo joined the channel
# jeremycherfas is starting 2021 by snarling at Day One and looking around again at open-source journalling.
[Raphael_Luckom] joined the channel
# [Raphael_Luckom] I have some kinda basic-level questions about authn after looking around a little bit. First, I'm looking at the differences between tokens and cookies for session storage. Am I correct to think that cookies are more "indieweb" most of the time? It seems like cookies are better protected by the browser (but you need to watch out for csrf).
# [Raphael_Luckom] yeah that's true.
# [Raphael_Luckom] I did mean stateless, but I think you're right that this may not be the venue...nvm
hoschi joined the channel
# [Raphael_Luckom] This article is what I think I needed: http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ --to [Zegnat]’s point, the relevant line is "The correct comparisons are "_sessions_ vs. JWT" and "cookies vs. Local Storage"."
# [Raphael_Luckom] the problem is that many resources that give advice on this conflate those terms as well. For instance, so far this morning I've seen places that recommend _never_ storing "tokens" on the browser. But by "tokens" I believe they're referring to something like JWTs (which makes sense if you decide that "tokens" and "session ids" are different, but not if you think they can both be called "tokens")
# [Raphael_Luckom] yeah, I think of that as the "lex" meaning.
KartikPrabhu, maxwelljoslyn and [KevinMarks] joined the channel
# Loqi aaronpk: jeremycherfas left you a message 1 day, 7 hours ago: Just started getting an error from Telelgraph `cURL error 23: Unrecognized content encoding type. libcurl understands deflate, gzip content encodings. (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)` but as far as I know nothing at my site has changed. Not sure how to troubleshoot this.
# [Raphael_Luckom] good clarification, thank you!
# [KevinMarks] hence the original logo of an NYC subway token?
nickodd joined the channel
# jamietanna[m] <drhitchcock[m] "Happy new year! I'm in the proce"> Did you get a reply to this?
shoesNsocks, shoesNsocks1, [Rose], [tw2113_Slack_], [Raphael_Luckom] and maxwelljoslyn joined the channel; nickodd left the channel
# maxwelljoslyn smh all of us over here building "reply from your website", meanwhile Iif I try to reply to the author of a sub stack mailing list the email To:field doesn't fill in and I can't figure how to do it
# maxwelljoslyn they offer a reply-to: field... which my email provider (Gmail,ssigh) refuses to recognize as a mail address. dammit
[KevinMarks], [jeremycherfas] and gRegorLove joined the channel
# jacky I wonder if this is a bug in indielogin https://github.com/aaronpk/indielogin.com/issues/71
[tantek] joined the channel
# lahacker was there any resolution to the whole IndieAuth through browser extension? runtime.getURL() will give you a valid moz-extension:// URL but Firefox will not allow for the redirection
geoffo and [Rose] joined the channel
# lahacker the server can't fetch a moz-extension:// URL either so both `client_id` and `redirect_uri` cannot be relied upon in this case however i *can* poll the server for a `code`
# @clawfire En train d'essayer d'implémenter webmentions sur mon blog. Ça a l'air chiant. Et difficile à tester autrement qu'en prod. (twitter.com/_/status/1345128431592333314)
# lahacker that's what i'm thinking
# lahacker i thought i'd bring it up; i'm finally bringing my framework's IA implementation up to spec and i have an extension ready to fit itself into the puzzle
# lahacker goes to look up "device flow" and find's Aaron Parecki in the first result
# lahacker so i know nothing about device flows other than i'm pretty sure they existed
# lahacker hah great question; i have no experience.. you mean just signing in to Twitter from within an extension? i can try to find one
# Loqi It looks like we don't have a page for "Day One" yet. Would you like to create it? (Or just say "Day One is ____", a sentence describing the term)
# lahacker whoa aaronpk maybe you can make more sense of this; did you know it existed? https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/identity#Getting_the_redirect_URL
# lahacker i'll do some more investigating; thanks for the pointer
# drhitchcock[m] <sknebel "drhitchcock: can you share an ex"> Sure thing.
# drhitchcock[m] uploaded an image: Screen Shot 2021-01-02 at 11.30.52 AM.png (194KiB) < https://matrix.org/_matrix/media/r0/download/matrix.org/QpRyyCrhaOEsesbdadzrtykn/Screen Shot 2021-01-02 at 11.30.52 AM.png >
# drhitchcock[m] sent a long message: < https://matrix.org/_matrix/media/r0/download/matrix.org/kuUQQqVvjxmwaYZejVUDciIH/message.txt >
# drhitchcock[m] sent a long message: < https://matrix.org/_matrix/media/r0/download/matrix.org/EcGRcLJNGipBHHnQWLjSTuFD/message.txt >
# drhitchcock[m] sent a long message: < https://matrix.org/_matrix/media/r0/download/matrix.org/kGylvyrRLLjHcQCfloyMRxwX/message.txt >
# drhitchcock[m] sent a long message: < https://matrix.org/_matrix/media/r0/download/matrix.org/eUWqNUPMFSJxkcAeykDgXkbZ/message.txt >
[KevinMarks] joined the channel
# drhitchcock[m] sent a long message: < https://matrix.org/_matrix/media/r0/download/matrix.org/FCsXeebvjypnrAiSkJeNzFva/message.txt >
[schmarty] joined the channel
[snarfed] joined the channel
hoschi joined the channel
# lahacker this looks promising: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/identity/launchWebAuthFlow#Examples
# lahacker response_type=token
# lahacker browser.identity.getRedirectURL() == "https://c2da413af4461a7b2dad47ed791c118f0c4137c2.extensions.allizom.org/"
# lahacker and it actually went through my server and seemed to succeed; accidental benefit of having a null implementation
# lahacker except i have no clue what dimension i'm in with that url
# lahacker oh i just reran it.. yeah this should work
# lahacker response_type=token
# lahacker aaronpk does that mean anything to you?
# jamietanna[m] That's recently been removed from IndieAuth and I want to say OAuth2.1 too?
# jamietanna[m] Although I guess if there isn't an alternative 🤷🏽♂️
# lahacker k
# jamietanna[m] Ah my bad, I was thinking about response_type=id
# jamietanna[m] On oauth.net there are a few code snippets that use `&` instead of `&` is that expected? I don't mind raising a change request if it's OSS 👍🏽
# jamietanna[m] Sorry yep I did mean that
jamietanna joined the channel
# jamietanna https://www.oauth.com/oauth2-servers/indieauth/sign-in/ and https://www.oauth.com/oauth2-servers/device-flow/token-request/ are the ones I've definitely spotted today
# jamietanna Also should https://www.oauth.com/oauth2-servers/indieauth/discovery/ point to a https://indieauth.spec.indieweb.org/ ?