#dev 2021-10-18
2021-10-18 UTC
# 
@jackyalcine ↩️ This feels slightly (very slightly) similar to some thoughts around TicketAuth (https://indieweb.org/IndieAuth_Ticket_Auth) as a basis for consent for content access (twitter.com/_/status/1449924883366834178)
# 
GWG https://github.com/indieweb/indieauth/pull/102#discussion_r730551098 - Thinking about this. Should a requirement from the inspiring draft designed to allow disabling a security feature be present when the spec requires the feature going forward?
[jacky], hoenir, Nezteb9000[d], corenominal[d], eco, push-f and chee1 joined the channel
[jeremycherfas] joined the channel
# 
[jeremycherfas] Is there anything general to be said about rate limiting, like the kind of time period over which it is calculated. I am currently rate limited on a download and wonder how long to leave it before trying again.
[fluffy], jonnybarnes, jeremycherfas, kogepan, KartikPrabhu, alex_ and hendursa1 joined the channel
# jeremycherfas I don't think there is a retry-after in the headers.
kogepan joined the channel
# jeremycherfas Right. I was going to leave it for 24 hours before retrying.
# jeremycherfas Seems oodd though, because capjamesg[d] got rate limited when he tested my code, and about 18 hours later I was still rate limited. So maybe Marco is especially strict.
# 
capjamesg[d] How many times did you run your program jeremycherfas?
# capjamesg[d] Because it downloads the .opml file, I only needed to run the "get .opml" part of the code once.
# capjamesg[d] But it wouldn't have mattered anyway because I was rate limited after that.
# jeremycherfas I confess, I am lazy and so download it every time I made a change. I can definitely see the point of using the saved OPML file in future. Might be worth seeing whether it exists and deleting it at the end of the script.
# capjamesg[d] I think that might be a good idea for testing.
# capjamesg[d] In production, you'll need to fetch it every time so you can get the most recent data.
# capjamesg[d] But for testing there's no need to make that API call every time.
# jeremycherfas Right. In production I don't anticipate running it more than once a day.
# jeremycherfas As I say, pure laziness and failure to consider being rate limited.
# 
[KevinMarks] can you do an etg/lastmodified fetch?
# jeremycherfas I don't know, but I think that is an overcomplex approach, for me at least. As capjamesg[d] said, I don't need to fetch while I am testing, and thereafter will fetch only once a day.
# capjamesg[d] [KevinMarks] good suggestion.
# capjamesg[d] I have implemented etag/lastmodified fetches before jeremycherfas: https://github.com/capjamesg/microsub/blob/main/poll_feeds.py#L162
# capjamesg[d] If you do go down that route, let me know and I'll try and help you 🙂
# capjamesg[d] s[2] is equal to the etag stored in a database.
# [KevinMarks] That's less likely to get you rate limited
# jeremycherfas Studying your code, and will bear that in mind if I go further.
tetov-irc, jjuran, schmudde, kogepan and hendursa1 joined the channel
# capjamesg[d] [fluffy] Do you have any experience working with Flask session?
# capjamesg[d] For some reason, my flask session is not accessible in a module.
# jeremycherfas !tell capjamesg[d] Strange, but my CMS does not seem able to route to the url with 10 added characters. The most it will do is 2. But if I am adding the random characters per your suggestion, then I can get rid of the hours and minutes from the slug, which will give me a few more random to add, I hope.
# capjamesg[d] You could just make the slug a random string without the date, yes.
# capjamesg[d] I don't think two random characters adds enough space to prevent collisions.
# jeremycherfas There's something I clearly don't understand about how Overcast implements the time of userUpdateDate
# jeremycherfas I want the at least the day in there. And yes, two is not enough. So, rejigging slightly now.
# jeremycherfas It does seem an odd limitation, and much longer slugs are routed perfectly well.
Ramon[d] joined the channel
# jeremycherfas It is weird. I build a folder name from the date on which I updated details of a podcast. So, typically, 2021-10-15, and in PHP it was relatively easy to increment that to 2021-10-15-1 etc if I updated more than one on the same day. In Python I have not yet found a good way to increment the folder name in that fashion if it already exists.
# jeremycherfas So capjamesg[d] suggested I just add a random string to the slug to avoid duplicates.
# jeremycherfas But strangely, Grav does not seem to like long random strings, and rather than find out why that may be, I've been trying to find the shortest random string that grav will process.
# capjamesg[d] I have a snippet for you...
# capjamesg[d] You can keep track of all the slugs in a dictionary.
# capjamesg[d] If a date is in the dict, you can change the key value to count how many have been stored. And then change the slug so that it is date + number of times used.
# capjamesg[d] That will give you an incrementing logic.
# capjamesg[d] Where "slug" is equal to the one your logic already creates.
# capjamesg[d] That code should not add much onto your execution time. Dictionaries are very efficient for this sort of thing.
# jeremycherfas Does the dictionary not need to be stored from run to run?
# capjamesg[d] It would need to be, yes. Ah, I didn't think about that.
# capjamesg[d] But in any case, you could just store it in a .json file.
# capjamesg[d] Read the file at the start, save at the end.
# jeremycherfas I think a better option is for me to look more closely at the meaning of the date I am using to build the slug. I'm even wondering if it might make a difference to have the random digits in front of the date.
# jeremycherfas Doesn't seem to make any difference
# jeremycherfas Even weirder. Seems that it Grav will process effectively; I had to clear the cache. But the very weird part is that those items should never have been part of the cache as they had never before been called.
kogepan and alex11 joined the channel
# capjamesg[d] I have a file accessing session (what I meant by "a module") and for some reason session is always blank when I access it in that file.
# capjamesg[d] I haven't dug deep enough yet though. I might be missing something obvious.
# [KevinMarks] does the route need to pass the session info down? (I've had that issue with other frameworks)
# capjamesg[d] That might be the issue.
schmudde joined the channel
# capjamesg[d] I'll need to see how Flask treats wrapper functions and session inheritance.
# 
@DenverProphitJr ↩️ Create <aside> https://gist.github.com/inetbiz/dbeac8261949a30324cbb455d1588bb8 to notify new webmention. 4/4 @5t3ph (twitter.com/_/status/1450117007400218625)
# @DenverProphitJr ↩️ I'd say fork https://github.com/martymcguire/morris convert to JavaScript. Extend extra JSON fields for extraction. Base64 pet image to keep storage low/XSS injections. 3/4 https://gist.github.com/inetbiz/dbeac8261949a30324cbb455d1588bb8 to notify new webmention. @5t3ph (twitter.com/_/status/1450117003944017927)
# @DenverProphitJr ↩️ @5t3ph JSON store in-reply-to with custom artifacts. Store the pet bio on their site. They just need to mention your URL as a webmention. Negates having to fork repo. 2/4 (twitter.com/_/status/1450117000605442049)
# @DenverProphitJr @5t3ph I read https://css-tricks.com/a-community-driven-site-with-eleventy-building-the-site/ Have you thought about implimenting https://daily-dev-tips.com/posts/implementing-webmentions-on-a-11ty-blog/ by @DailyDevTips1 1/4 (twitter.com/_/status/1450116996536877058)
hs0ucy joined the channel
# 
[jacky] let's say I received a Webmention whose page has a limited visibility (like if in order to access it, we have to go through a TicketAuth dance), how would I show that on _my_ site? I immediately went to thinking "I'd probably need to allow people to sign into my site so I can probably begin some sort of 'authorization' on content"
# @DenverProphitJr ↩️ @DailyDevTips1 Using what I described, do you think that would be a better solution than a #github fork? Create your pet page on your on website and web mention it to her project. Send extra Json fields in #webmention to populate her pages (twitter.com/_/status/1450138492655349760)
KartikPrabhu and jonnybarnes joined the channel
# 
@DailyDevTips1 ↩️ Would be an option, but you loose all control that way.
Not sure if that's the goal, but indeed you could enable webmentions for people to add a very specific string of elements. (twitter.com/_/status/1450148262586028035)
# 
hs0ucy pwd
# hs0ucy ls -la
# hs0ucy oups
# hs0ucy sorry
# hs0ucy ^^
# hs0ucy wrong pane
# hs0ucy first time this year
# capjamesg[d] Today I learned the Linux Kernel can "oops" 😄
# capjamesg[d] (I didn't recognize oups as a command so I googled it)
# capjamesg[d] "An "oops" is a Linux kernel problem bad enough that it may affect system reliability."
gRegor joined the channel
# hs0ucy capjamesg[d]: good to know :P
gRegor joined the channel
# @DenverProphitJr ↩️ The json could be stored for admin approval then move json to approve. There is a domain block list that can be submitted to http://webmention.io linked to your account. (twitter.com/_/status/1450151141522780170)
kogepan and sp1ff joined the channel
# capjamesg[d] Is there any easy way to do Yubikey auth in the browser?
# capjamesg[d] I found a Webauthn Python library but it wasn’t what I was looking for.
# capjamesg[d] Yeah. I thought that might be the case.
# capjamesg[d] I just thought it would be a cool IndieAuth extension for my server.
hendursaga joined the channel
Darius_Dunlap[d], jonnybarnes and [chrisaldrich] joined the channel
# capjamesg[d] It’s not impossible but looks very difficult.
# capjamesg[d] I am not going to implement that 😦
# capjamesg[d] I saw that line and was very discouraged,
# capjamesg[d] And all of that would need tested.
# capjamesg[d] Rigorously.
# capjamesg[d] When I could just use another auth provider.
# capjamesg[d] I have great appreciation for services that implement 2FA via physical key auth.
# capjamesg[d] Google, GitHub, etc.
# capjamesg[d] And now I know why more sites don’t support it,
# capjamesg[d] There is an issue on GitHub about h-x-app and indieauth. I was wondering if implementing on my clients it made sense.
# capjamesg[d] Ah, mobile typing! Always a mistake.
# capjamesg[d] Is h-x-app likely to be removed? I liked the ideas about having some kind of manifest rather than microformats.
# capjamesg[d] This isn’t for indexing, rather for my own consumption.
# capjamesg[d] I would add the markup to my Micropub server, etc. so that my indieauth server can read the data.
# capjamesg[d] I am not going to index any right now. Angelo got me thinking about /store. It’s such a promising idea but we would need more adoption of a common markup / manifest.
jamietanna joined the channel
# 
jamietanna I think the discussion last time was call it h-app and h-x-app with the preference that we stop using x- experimental as it takes a while to get folks moved once its no longer experimental
# jamietanna But also yes, add it! More folks using it leads to more consumers ☺
KartikPrabhu joined the channel
tetov-irc joined the channel
# [jacky] think there's a typo in https://www.w3.org/TR/webmention/#webmention-verification-p-3
rockorager joined the channel
# 
[tantek] in other news, I think I finally have a solid use-case for implementing reacji backfeed display, this comment got more reactions than I think anything I've posted to GitHub: https://github.com/mozilla/standards-positions/issues/453#issuecomment-888225596
# 
Loqi reactions refer to the subset of responses/interactions with a post that are quicker, more impulsive, but still a conscious act, typically a simple UI gesture without writing any content, such as likes (reacji), reposts, bookmarks, or perhaps multiple simple UI gestures, such as selection a text range and posting a quotation of part of a post, or picking a person from a list to post an invitation as a response to seeing an event https://indieweb.org/reactions
[snarfed] joined the channel
# [snarfed] looks like they're in the API, https://docs.github.com/en/rest/reference/reactions#list-reactions-for-an-issue-comment . feel free to file a feature request!