#dev 2023-05-09
2023-05-09 UTC
# 
[KevinMarks] [manton]++ for writing up the Bluesky integration code he was using as the official docs I could find were unhelpful data structure dumps
# [KevinMarks] [capjamesg] once you merge and deploy this fix, bsky.link will stop failing after 30 minutes. nect fix would be to check for actual expiration
geoffo, KMF and IWSlackGateway joined the channel
# 
bkil aaronpk rubenwardy [snarfed] : I know of a white label gratis PHP hosting provider who protects against spam, abuse and misuse of their web hosting offering by only serving web pages to a visitor who enables cookies and JavaScript and has a sort of tongue in cheek checking for it before first page load. That breaks most M2M interactions. Anyway, all such techniques basically try to do a form of browser detection to tell apart a bot coded by hand vs. one
# bkil puppeteer a full headless browser engine. It raises the bar, but not by much. There would be variations to this that worked without JavaScript but instead relied on just HTML5 itself or maybe sprinkled with a little CSS dynamic mechanisms to still remain zero-click.
# bkil [snarfed]: Thanks for the link about the `loop etiquette`! We should link it from the wiki as well. Not sure where to put it and cross link it from, though. Sounds somewhat related to yak shaving and these: https://indieweb.org/web_hosting#Is_using_3rd_party_hosting_still_indieweb https://indieweb.org/self_hosting https://indieweb.org/personal_cloud#Why https://indieweb.org/admin_tax https://indieweb.org/home_server
[tantek] joined the channel
# bkil [capjamesg]: How would you reimplement this without JavaScript? https://evy.garden/hello/ Generate a few hundred random permutations of pre-made styled `<audio>` elements. Make CSS that only reveals the first one initially. Generate CSS rules that reveal the next one after each click by :target selectors and manipulating the anchor with `<a href>`.
# bkil You can actually create a random number in CSS for the initial seed as well by creating a very fast animation that stops after you click on it.
# bkil And/or by asking the user to click on a "canvas" on start that in reality is composed of a huge number of radio buttons and the coordinates (button) would determine the seed. up to 10 bits of entropy would be plausible (1k buttons arranged in a 32x32 grid, partially randomly overlapping and more dense in the middle for a bit more uniform distribution).
pharonix71, [Ana_Rodrigues], ShoesNSocks, [jamietanna], holiday_medley and [KevinMarks] joined the channel
# [KevinMarks] [capjamesg] did you deploy my fix? Also, do you want more PR's as there was a bit more tidying up I could do.
[jacky], cambridgeport90 and [snarfed] joined the channel
# [KevinMarks] I didn't change that, it was in James's original code. Switching to a "renew when token fails" would make more sense.
# [KevinMarks] Manton said "Sessions do not last very long, only a couple hours last time I checked" in https://www.manton.org/2023/04/29/getting-started-with.html
[manton] joined the channel
# [KevinMarks] does that show up as a 401? I seemed to be getting 502 when I passed null tokens
geoffo joined the channel
# IWDiscordRelay <capjamesg#4492> Two hours sounds right.
[tw2113_Slack_] joined the channel
# [KevinMarks] Feels like there should be a 304 in there somewhere meaning keep using what you have, but if that's how it's working we can do that.
gRegor, geoffo, gRegorLove_, gRegorLove__, KMF and jose_ joined the channel
# [KevinMarks] That's encouraging - I'll have another look later on tonight
# [snarfed] confirmed, bluesky access tokens have 2h expiration: https://github.com/snarfed/atproto/blob/5b0c2d7dd533711c17202cd61c0e101ef3a81971/packages/pds/src/auth.ts#L46
# [snarfed] and refresh tokens are 90d: https://github.com/snarfed/atproto/blob/5b0c2d7dd533711c17202cd61c0e101ef3a81971/packages/pds/src/auth.ts#L65
Ruxton joined the channel
Ruxton joined the channel
# [KevinMarks] they could rnable the github one
gxt__, Gorro_Rojo[theyi and geoffo joined the channel