#dev 2024-05-11
2024-05-11 UTC
prologic joined the channel
# prologic Q: Is ?me= no longer a required query string parameter in the auth endpoint call?
# prologic My old indieauth handler accepts it, but hecdias's indielib toolkit (https://github.com/hacdias/indielib) doesn't send it
# prologic it also appears unused anyway yin my code, was it kind of useless information?
geoffo, [naturestudy], [Jo], [schmarty], [benatwork], [tantek], [Murray], [snarfed], [marksuth], [Joe_Crawford], [KevinMarks], [pfefferle], IWSlackGateway and strugee_ joined the channel
# capjamesg [snarfed] Do you know why https://granary.io/url?input=jsonfeed&output=rss&url=https://jamesg.blog/google-research.json?d doesn't load properly?
jeremycherfas joined the channel
# prologic Can anyone answer my IndieAuth question?
[Paul_Robert_Ll] joined the channel
# [Paul_Robert_Ll] Yes it is now optional. This post is a good summary of the more recent IndieAuth spec changes https://aaronparecki.com/2020/12/03/1/indieauth-2020
# prologic Thank you! 🙏
barnaby joined the channel
# prologic sandra activitypub and signed requests aren't hard to understand
# prologic I can probably help clear up your understanding
# prologic the worst part of activitypub isn't how it works, it's the unexpected side effects of "federating" IMO
# prologic umm yeah sure, you're right
# prologic I'm just emphasising with sandra , I was in the same boat too not that long ago :)
# prologic sandra Ahh no, it does not. It uses HMAC + either RSA or ED25519 and SHA
# prologic I believe most implements actually usa ESA + SHA
# prologic Err RSA I mean
# prologic a HMAC is essentially a shared secret key and hash function
# prologic used for authenticating messages
# prologic Worth reading: https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures
# prologic I'm trying to find a web page that really helped me understand this myself
# prologic it was like mastodon by hand or activity pub from scratch or something
# prologic Also if you prefer to understand from reading code you're welcome to pull apart what I did here: https://git.mills.io/yarnsocial/yarn/src/branch/main/internal/activitypub
# prologic It's written in Go for the yarnd (part of Yarn.social); but I'm going to drop this code soon™ in favour of building something more akin to and like bridy
# prologic I mean Bridgy Fed: https://indieweb.org/Bridgy_Fed
# [tantek] Sandra here's the spec that Evan and [snarfed] have written up: https://www.w3.org/wiki/ActivityPub/Primer/Authentication_Authorization
# prologic Ahh brilliant!
# prologic IT's also not a lot of code to wrap your head around, so it might help you :)
# prologic Although it's also not "feature complete" by any means or even "spec compliant"
# prologic I found interoperability is hard in practise, because the spec isn't exactly followed (when is it ever?) and Mastodon does it's own thing and other implementation do their own things and other fit somewher ein-bwetween
# prologic I also found GotoSocial to be the best server to stand up locally to test my own implementation against: https://github.com/superseriousbusiness/gotosocial
# sandra prologic: Wait a minute… Why was that draft 12? There seems to be a full rfc: https://datatracker.ietf.org/doc/draft-cavage-http-signatures/
# prologic Oh I probably linked to an old version
# prologic sorry :)
GuestZero joined the channel
# [tantek] mentioned http://fed.brid.gy/ ✅ a second ago could not fetch https://fed.brid.gy/ '555' "
# [tantek] [snarfed] is http://fed.brid.gy blocking mention.tech?
# [tantek] also http://webmention.app is failing to find any links to webmention in my post https://tantek.com/2024/131/t1/mozilla-origin-trials which is obviously false since there's a link to http://fed.brid.gy in that post
# Loqi It looks like we don't have a page for "tools for sending webmentions" yet. Would you like to create it? (Or just say "tools for sending webmentions is ____", a sentence describing the term)
# Loqi It looks like we don't have a page for "services for sending webmentions" yet. Would you like to create it? (Or just say "services for sending webmentions is ____", a sentence describing the term)
# [tantek] telegraph is also failing to find any links to webmention from my post: https://telegraph.p3k.io/dashboard/send?url=https%3A%2F%2Ftantek.com%2F2024%2F131%2Ft1%2Fmozilla-origin-trials&account=993
# [tantek] my post has a link to https://fed.brid.gy/ which if you view source does have a rel=webmention endpoint so both http://webmention.app and telegraph are failing here
# [tantek] mentioned http://fed.brid.gy/ ✅ 2 seconds ago mention sent '202' "
# [tantek] to-do << [[Webmention]] page needs a specific subsection for services for sending webmentions and then redirects from https://indieweb.org/s/12Uj and https://indieweb.org/s/12Ui to that specific subsection fragment identifier, for easier discoverability to help folks who have a static site or similar send webmentions without having to setup webmention sending directly on their website
# Loqi ok, I added "[[Webmention]] page needs a specific subsection for services for sending webmentions and then redirects from https://indieweb.org/s/12Uj and https://indieweb.org/s/12Ui to that specific subsection fragment identifier, for easier discoverability to help folks who have a static site or similar send webmentions without having to setup webmention sending directly on their website" to the "See Also" section of /to-do https://indieweb.org/wiki/index.php?diff=95034&oldid=95033
[tantek] joined the channel
# [KevinMarks] I think they're both hosted on appengine so if may be Google failing at self routing
Smi, stefan1, sonja, nikkin, cophee, barnaby and [Joel_Auterson] joined the channel
# [Joel_Auterson] Hi all, kind of struggling to work out what to do with images in MF2. For example, this post: https://www.joelotter.com/notes/2024/05/10-lights/
# [Joel_Auterson] All renders fine, Bridgy can interpret things great, but when it comes to mf2 parsing for other things like webmentions it whacks the image alt text into the content directly
# [Joel_Auterson] has anyone managed to solve this on their own site? Thanks 😄
# [Joel_Auterson] i swear this used to work differently but i may be misremembering
# [Joel_Auterson] another weird note is the validator says i'm not using `e-content`, but i definitely am and have tried this on a few posts from other folks, same result
# [Paul_Robert_Ll] Not sure what parser IndieWebify uses; here’s the output from Node, Ruby and PHP parsers:
prologic left the channel
# [Joel_Auterson] Mm I think it’s the PHP one, I tried it on pin13 too. Seems like they’re all consistent then ?
# [Paul_Robert_Ll] Looks like the Ruby one doesn’t include `alt` text from photos in `value`; the other’s do. I’d expect alt text not to be included in the `value`, wonder if it’s a bug with the PHP and Node parsers?
# [Joel_Auterson] I wonder if it’s because u-photo is on the img and not the surrounding a tag
cophee joined the channel
# [Paul_Robert_Ll] I tested it on one of my photo posts, which doesn’t link photos, and the `alt` text is still pulled through to the `value` property: https://php.microformats.io/?url=https%3A%2F%2Fpaulrobertlloyd.com%2F2024%2F131%2Fp1%2F
# [Joel_Auterson] Hmm I was wondering how the comment on this post got interpreted correctly https://www.joelotter.com/posts/2023/10/bridgy-bluesky/
# [Joel_Auterson] As in it has images in, not the alt text
# [Joel_Auterson] Webmention presumably uses the PHP one
# [Joel_Auterson] So I wonder if something has perhaps changed
# [Joel_Auterson] Because I ran that post through the validator and the same thing happens
stefan1, win0err and [qubyte] joined the channel
# aaronpk imagine "authorization-server.com" is the domain of the new service https://media.aaronpk.com/2024/05/11065916-9131.png
# cophee aaronpk: This would be so epic
# cophee aaronpk: I can make some cool designs/promo vids for it over the winter break here (starting in a week in Australia)
[Joe_Crawford] joined the channel
# [snarfed] [capjamesg] https://granary.io/url?input=jsonfeed&output=rss&url=https://jamesg.blog/google-research.json?d doesn't work because granary doesn't (yet) support the `description` JSON Feed field. it's an optional field, and from my reading of https://www.jsonfeed.org/version/1.1/#top-level , maybe only expected if `title` is also there, which it isn't
[Al_Abut] and stefan1 joined the channel
# aaronpk well this is promising https://media.aaronpk.com/2024-05-11-fedcm-indieauth.mp4
[dominik] joined the channel
[KevinMarks] joined the channel
# [KevinMarks] Looks like json feed used the ambiguous rss field names?
# aaronpk opened an issue suggesting DNS option instead of hosting the .well-known file required https://github.com/fedidcg/FedCM/issues/580
# pcarrier [edit] What is the objection to .well-known? Figure DNS would be similarly namespaced, using a single h2/h3 for arbitrary lookups and not requiring touching something most people don't fully understand (like SRV, TXT, HTTP, etc. records) and isn't easy to reproduce in your dev env are big benefits?
[capjamesg] and [pfefferle] joined the channel
barnaby and GuestZero joined the channel
# IWDiscord <pcarrier>
# pcarrier > Warning: the proposed use of .well-known therein is IMO a bad mistake. Unnecessary reinvention (most handled by existing rel values¹⁴), more complex to author (requires sidefiles¹⁵), harder to publish (requires site admin root access), likely to become inaccurate (Ruby’s postulate¹⁶), and fragile (site admins frequently break .well-known for individual pages). A full critique likely requires its own blog post.
# IWDiscord <pcarrier>
[Stefan_Rudersd] joined the channel
barnaby joined the channel
geoffo, GuestZero, chimo and rrix joined the channel
# pcarrier https://signali.ng has the body height adjust to its content, but https://0pw.me doesn't. I can't figure out why. driving me a bit nuts.
# pcarrier [edit] https://signali.ng has the body height adjust to its content, but https://0pw.me doesn't. I can't figure out why. driving me a bit nuts.
barnaby, amyiscoolz, JadedBlueEyes and Tiffany joined the channel