#dev 2023-12-28

2023-12-28 UTC
[KevinMarks], ovid and trwnh joined the channel
#
[tantek] [snarfed] wow re video copy to Masto host. That has many implications
#
[snarfed] I know, many people have been digging into it for a while
#
[snarfed] notably Stamos's lab at Stanford
#
[tantek] Presumably that happens if you reply to someone on a site hosted on Masto host also
#
[tantek] Yes that lab
#
[tantek] Here I am not wanting to host copies of random people's icons/avatars in reply contexts or likes or favorites they're like sure we'll copy and host full resolution videos
#
[snarfed] lol
#
[snarfed] hotlinking images etc is the obvious middle ground
#
[snarfed] and interestingly it's not full res, they down-sampled it or something, 52MB => 20MB
#
aaronpk there's definitely arguments both ways
#
aaronpk hotlinking is a privacy issue, downloading is a copyright issue
#
[snarfed] huh, I'm curious about both of those
#
[snarfed] computers make copies of everything to do anything, users' browsers and hosting services and CDNs etc all copy videos etc during normal use, afaik that's all generally been accepted as fair use
#
[snarfed] the hotlinking privacy issue is that the remote server can change what it's serving and unpleasantly surprise you?
#
[snarfed] or, that you as the author can't easily manage those remote copies?
#
[tantek] No the hotlinkjng privacy issue is that the remote server then knows your users IP addresses (and whatever it can determine from your HTTP headers about you). It can tell who viewed your post/page because you hotlinked it
#
[snarfed] ah yes
#
[tantek] Like image bugs in HTML emails
#
[snarfed] I wonder what the current breakdown of copied vs hotlinked is for webmention author photos
#
[snarfed] I bet the vast majority is hotlinked
#
[snarfed] would be pretty straightforward to query Indie Map for
#
gRegor # copied will go up, recent Webmention for WordPress update caches them I think
#
gRegor GWG was showing us that on the 25th
#
GWG gRegor: It is not enabled by default, and while [pfefferle] published it on Monday, it isn't in the readme.
#
gRegor ahh
#
t​enshi.dev I have a question for the webmention protocol. Often times the person who would like to know about the mention is the target (aka. original page owner). However, expecting every source to actively push the webmention is tricky (eg. the source site like mine, might be a static site, the owner might not be aware, etc).
#
t​enshi.dev What is your opinion for a webmention sending mechanism based on crawling sites for links? I imagine a separate program that would asynchronously scrape pages, search for the links, checks for the webmention capability of the target, and send the mention. Is this something that is encouraged (it seems to be allowed by design, is there an existing project that does just this?), or consent from both source and target
#
IWDiscord <t​enshi.dev#0>
#
GWG [snarfed]: Do you want to experiment with it?
#
gRegor what is telegraph
#
Loqi Telegraph is an open source API and service for sending webmentions, part of the p3k suite https://indieweb.org/Telegraph
#
gRegor ^ Doesn't scrape, but can be used to assist sending webmentions
#
GWG Also, some of us have a form you can fill out
#
gRegor Webmention does support re-sending webmentions for a page, so receivers should be able to handle that (e.g. for updates or deletes) without creating duplicate comments, etc.
#
t​enshi.dev I see, yeah I'm aware of the manual mechanism of sending webmention. However it requires additional effort to be made from the source side. Just wondering the stance and implications of having an automatic discovery mechanism (crawling) to support automatic webmention delivery, where the source might not even be aware of such mechanism.
[tantek] and ovid joined the channel
#
gRegor Crawling just your own site?
#
t​enshi.dev gRegor: nope, letting it run loose and crawl any site. I could provide seed sites, eg. those who enroll to receive webmention, then follow scrape every link those seed sites have, so on and forth. Could also be limited to certain platforms and such (eg. those in a particular webring).
#
gRegor Ah, interesting
#
gRegor Generally sounds like it would be ok if it's being a respectful bot. If a page advertises a webmention endpoint, that's basically consent to receive a webmention.
#
gRegor It might be nice if it keeps track of the response and if it's a 2xx, don't re-send the webmention again next time it crawls
#
gRegor I think Bridgy might do something like this with Reddit. If a target site opts in, it can send a wm when your domain is linked on reddit.
#
gRegor s/it can send/Bridgy can send/
#
t​enshi.dev oh the bridgy use case is interesting. For me personally I'm going to propose this mechanism in my community, I think we could use some interactivity across our blogs and static sites. most of us use handcrafted html static sites, most are not technical sort of person, i personally use Hugo for my site (https://rai.so)
#
t​enshi.dev (i think I could reuse webmention for the receiving part)
#
[snarfed] http://tenshi.dev it's a good idea! at least I thought so. I did it a bit ago for Reddit and Hacker News, large scale, across historical posts and comments. I got much more negative feedback than positive so I eventually stopped. https://github.com/snarfed/hackermention
#
[snarfed] if you wanted to do it web-wide, you could use something like https://commoncrawl.org/
#
[snarfed] the problem is that still only a tiny fraction of web sites support webmentions, so you end up doing a ton of compute and network traffic to send what ends up being a small number of wms
#
[snarfed] lots of overlap there with https://indiemap.org/ . it's old, but you could use that to enrich and seed the set of wm receivers. still a ton of network and compute though
#
t​enshi.dev [snarfed]: that's one interesting project and yes it seems really similar to what I'm trying to achieve, perhaps just a different scope! If you'd like to share, could you elaborate on the negative feedback that you received? I'd imagine there would be issue with spam and such, but it might be something else I haven't foreseen
#
[snarfed] sure! I just heard from a couple people that the wms were a somewhat unpleasant surprise, and that they wanted to opt out
#
[snarfed] example: https://github.com/snarfed/hackermention/issues/1
#
Loqi [preview] [edent] #1 This has started spamming my blog
#
[snarfed] also re aaronpk's telegraph, https://telegraph.p3k.io/superfeedr is a related idea, looks for links to a specific site from anywhere and sends wms for them
#
t​enshi.dev [snarfed]: I see, yeah this is something I have thought about. Although I'd say it's more on the receiving side to make such policy rather than cutting out the source (same as muting mention on discord - it doesn't prevent anyone from mentioning you in the first place). But I could see why it could be unpleasant for a popular blog with decent amount of traffic
[chrisaldrich], geoffo, CRISPR, ovid, AramZS and [jacky] joined the channel
#
[jacky] https://hachyderm.io/@hrefna/111656696610548132
#
[tantek] Lol
#
c​apjamesg tenshi_dev[d] I made https://github.com/capjamesg/hn-webmention to poll the HN API and send me a Webmention to say my site was posted to HN.
#
c​apjamesg This script only sends webmentions for my domain. This is in contrast to [snarfed]'s script which aimed to send webmentions to everyone.
#
t​enshi.dev capjamesg[d]: thanks for sharing, much appreciated 😄
#
t​enshi.dev I think in a sense my use case would be somewhat in the middle - not exactly everyone, but maybe spanning a few webrings. I'll try to make a PoC for my site
#
c​apjamesg Yay!
#
Loqi :D
#
c​apjamesg I love your website by the way tenshi_dev[d] !
#
t​enshi.dev capjamesg[d]: thanks 😄 I love your writing on encouraging personal pages on the web as someone who's recently influenced by this thinking (otherwise I won't be here duh).
#
t​enshi.dev hopefully I can write consistently, would certainly be a challenge 😄
#
IWDiscord <t​enshi.dev#0>
#
c​apjamesg Why thank you!
#
c​apjamesg Consistently writing is a challenge.
#
c​apjamesg I wrote no posts between the end of October and the end of November, then I wrote lots of posts in December.
#
c​apjamesg I have tried to write every day in the past but I find I'm at my best when I instead focus on writing as soon as I have an idea.
#
t​enshi.dev capjamesg[d]: I have a feeling that I'm going down on the same route - I'm absolutely horrible at trying to do something consistently for the sake of being consistent hahah
#
c​apjamesg When I try to force myself to write, I sometimes have an idea. But most of the time I end up feeling bad about not being able to write.
kleb, gRegor and geoffo joined the channel
#
[KevinMarks] tenshi - something I do with mention.tech is both send the webmentions and store them there for the sites so it will verify the mention and store it without the site having an endpoint, as well as being an endpoint if you want it to be. That kind of approach might suit your static site group, as they'll need an external webmention provider anyway.
#
t​enshi.dev [KevinMarks] agreed, a platform that handles both might provide better UX for the users. And yeah definitely they need to have some external provider
#
[KevinMarks] mention.tech has crappy UI, but you could fork it to do what you need
#
t​enshi.dev thanks! much appreciated 😄
[tw2113], AramZS, [schmarty], gRegor, [pfefferle] and [0x3b0b] joined the channel
#
gRegor [manton], fyi I think the h-entry classes on your homepage got dropped, the properties from each post are grouping together under the h-feed: https://pin13.net/mf2/?url=https%3A%2F%2Fwww.manton.org%2F
[manton] joined the channel
#
[manton] gRegor: Thanks, you’re right. I have been messing with theme templates… Will fix.
#
[manton] Better now.
#
gRegor Nice, looks good in Monocle
#
c​apjamesg is thinking about what to build.
geoffo joined the channel
#
[tantek] We do still need a Gift Calendar contribution for today!
#
[snarfed] I may be ready to launch BF's new front page later today
#
[tantek] oooh! I forgot to check the new prototypes!
#
[tantek] [snarfed] re: examples 1-5, I think #4 with the full table is helping best communicate the full extent of things possible in a good summary: https://20231226t135650-dot-bridgy-federated.uc.r.appspot.com/ though I would add at least cell/heading borders to make the cells more clear, otherwise it's a bit hard to follow where text begins/ends that applies to anything in particular. Also a white background on the table to draw it out from the
#
[tantek] decorative deep blue background, and normal black text would be easier to quickly grasp
#
[tantek] https://chat.indieweb.org/2023-12-26#t1703630842812500 for reference for #4
#
Loqi [preview] [[snarfed]] 4) table with all protocols (unstyled): https://20231226t135650-dot-bridgy-federated.uc.r.appspot.com/
#
[snarfed] I was afraid you'd say that 😁
#
[tantek] lol
#
[snarfed] I get the idea, but even with styling, it feels like too much ugly jargon-y looking text with too little explanation to feature as the front page, above-the-fold intro to the service
#
[snarfed] not to mention that it doesn't fit on phones without horizontal scrolling, and I don't know how to fix that
#
[snarfed] fortunately I can probably punt this decision for at least a few months. consensus was pretty clear on omitting bluesky and nostr until they're actually supported, which collapses this down to either the text instructions or the 2x2 grid
#
gRegor I like 2 and 3 in those examples
#
[snarfed] thanks!
#
gRegor 4 I find overwhelming
#
[snarfed] right
#
gRegor My eye is drawn first to all the @-@s and I'm wondering "what is @example.com@atp.brid.gy", only when I look left do I get more context
#
gRegor Actually I think I see the text input with your domain first, then look under that, then left
#
[snarfed] yup. granted, styling will help, as will more a detailed explanation, but I think those are just bandaids on something that's still too complicated for front page above the fold
#
[snarfed] I'll definitely keep that full table prominent in the docs regardless
#
gRegor agreed
#
[jacky] https://mozilla.social/@wedistribute/111660443230760980 this feels very non-Webby
#
c​apjamesg I find the table on https://20231226t135650-dot-bridgy-federated.uc.r.appspot.com/ overwhelming.
#
c​apjamesg There is too much information and I really need to focus to figure out the small differences between each item in the table.
#
[snarfed] [jacky] content negotiation strikes again 😠 looks like the AP plugin isn't including Accept in the Vary header, so caches are sometimes storing and serving AS2 JSON instead of HTML
#
[snarfed] as discussed in https://snarfed.org/2023-03-24_49619-2
#
[snarfed] I'll reply
#
[snarfed] thanks capjamesg
#
Loqi [preview] [Ryan Barrett] Content negotiation considered harmful https://snarfed.org/matilda-used-car-salesman-harry-wormwood.jpg
#
gRegor conneg--
#
Loqi conneg has -22 karma in this channel over the last year (-29 in all channels)
#
[jacky] Sheesh -29 lol
#
[snarfed] ugh I still can't interact with mozilla.social because of *another* conneg bug, Elk's broken Accept header parsing: https://github.com/elk-zone/elk/issues/2463
#
[snarfed] the irony 😡
#
Loqi [preview] [snarfed] #2463 Improve content negotiation handling for forwarding AS2 requests
#
[snarfed] [tantek] lmk if it would help for me to file an issue on https://github.com/MozillaSocial/elk too, or submit this to the feedback form https://survey.alchemer.com/s3/7470063/mozilla-social-feedback-form , or whatever
#
[snarfed] [pfefferle] looks like this is another instance of https://github.com/Automattic/wordpress-activitypub/issues/580#issuecomment-1830443110 . I suspect this will hit many of the plugin's users. you might want to consider setting the Vary header yourself to fix it
#
Loqi [preview] [uk3] Hi, thanks for the pointers. It seems that the solution is quite simple: ``` # .htaccess <IfModule mod_headers.c> Header merge Vary "Accept" </IfModule> ``` Now (since i was able to reproduce it with the hints), it seems to be fixed an...
#
[pfefferle] [snarfed] I am not really sure what it might break on the other hand! It will vary for every Accept header and because browsers often use different ones, it might flood caches.
#
[snarfed] but you have to add Accept to Vary to prevent this bug, right?
#
[snarfed] and caches are designed to manage their contents. seems like a straightforward choice of correctness over (possible) cache efficiency
#
[tantek] [snarfed] yes please do file the bug there on MozillaSocial and cc my GH @ tantek
#
[snarfed] thx, will do
#
[snarfed] [tantek] oh https://github.com/MozillaSocial/elk is a fork so it doesn't have issues. any idea where else you want it?
#
Loqi [preview] [MozillaSocial] elk: A nimble Mastodon web client
#
[tantek] Forks can't have issues? That doesn't make sense because presumably a fork can have its own problems since it has different code
#
[snarfed] oh they can, I think they're just disabled by default
#
[tantek] Does Mozilla.social not have an obvious file bugs / feedback here link?
#
[snarfed] it does, I mentioned it above. it looked more user-level but I can do that if you want
#
[snarfed] submitted on https://survey.alchemer.com/s3/7470063/mozilla-social-feedback-form
#
[tantek] did you get an issue/bug link you can reference later or was it one of those black hole forms?
#
[snarfed] damn, I didn't see a link or id, but I didn't look closely. I did mention your name though
#
[tantek] hah awesome hopefully that will mean someone internally will reach out 🙂
#
[tantek] I mean not awesome that there was no link or id, that's something I'd like to see improve
#
[snarfed] np! I may have missed it