#wordpress 2020-06-28

2020-06-28 UTC
[chrisaldrich], test and paulopinto joined the channel
# 01:37 
jgmac1106 probably no one cares about 403 or 401 as long as unauthorized can’t get the 411
# 01:43 
GWG It's a matter of revealing the existence of the page or not
[jacky], nickodd, [Chaitanya], [fluffy], gRegorLove, jamietanna and [jgmac1106] joined the channel
# 11:34 
jamietanna GWG not a WordPress user, but I'd say 404 otherwise you risk enumeration of private URLs
# 11:38 
jamietanna Or I guess are you thinking the UX of it redirecting you to log in, instead of a URL just failing to load i.e. if you've been sent a URL by a friend?
# 12:44 
GWG It would display that it was a private url and that you'd have to authenticate to view
# 12:45 
GWG jamietanna: That enumeration is the question
rebelle, [schmarty] and nickodd joined the channel
# 14:36 
jgmac1106 going to make a new series of SemPress how-to videos for all our participants. Mine haven’t been updated in two years.
[LewisCowles], [manton], [tantek], [chrisaldrich] and [KevinMarks] joined the channel
# 16:21 
jgmac1106 gwg what happens in this situation. I am a member of your sit you are a member of my site, I publish a private post you read it, and send me a reply but make it private. Does the webmention show on the first private post?
# 16:22 
GWG jgmac1106: In theory. But for me, I don't have private posts yet.
# 16:22 
GWG That's the question I asked.
# 16:23 
GWG WordPress's version of private posts hides the fact the post even exists.
# 16:23 
GWG So, either I add a new post status, or change the behavior of private to return a landing page that shows it exists, but not what it is about.
# 16:23 
GWG There are also issues with slug data leakage
# 16:23 
GWG It is a stumbling block for me going forward on the matter
# 16:24 
GWG Access control requires something to access
# 16:29 
jgmac1106 I a, happy to with you. I need to know explictly what happens around privacy and webmentions for our club
# 16:30 
jgmac1106 I am not too worried about the logistics as long as it is hidden. otherwise I will say native comments only on private posts
# 16:36 
GWG It would have to be to start
# 16:36 
GWG Private webmentions might be a later stage
# 16:36 
GWG So, the order I'd probably try to build it in would be:
# 16:37 
GWG 1. Decide on Post Status...am I changing the behavior of private to admit the URL exists, but refuse to show it or not or created a custom post status...both having potential problems.
# 16:38 
GWG 2. Implement access control measures, beginning with site users(subscribers have no privileges) and moving to autoauth or what have you
# 16:47 
sknebel GWG: I'd stick with the default 404 unless you have a strong reason to change it
[Beto], [grantcodes], jamietanna, [hibs], gRegorLove, [Paulo_Pinto] and [asuh] joined the channel
# 18:29 
[asuh] I agree with sknebel, 404 seems best here. When could you show a 401? If a private email or webmention contains some kind of extra info, maybe a randomized query string on the URL?
mjordancodes, [jgmac1106], [mJordan], chrisaldrich, [Chaitanya] and Hibs joined the channel; nickodd left the channel
# 19:11 
petermolnar GWG: curiosity question, what's the size of a database export of your WordPress? (Or, if that's not part of your backup process, how do you do backups?)
# 19:12 
GWG I've been backing up the SQL database and the drive separately.
# 19:12 
GWG I'm not sure the size, as I've automated it
# 19:48 
GWG Just made the rounds and did some maintenance work on several items used in my website.
[Paulo_Pinto] and [scottgruber] joined the channel
# 20:46 
[jgmac1106] petermolnar I can not migrate or use any of the WP to static page plugins because of database sizes
# 20:49 
petermolnar wget --mirror? :)
# 20:49 
Loqi wget has -1 karma in this channel over the last year (-2 in all channels)
# 20:49 
petermolnar oh, Loqi
# 20:49 
petermolnar wget++
# 20:49 
sknebel wget++
# 20:49 
Loqi wget has 0 karma in this channel over the last year (-1 in all channels)
gRegorLove, [fluffy], [grantcodes] and [KevinMarks] joined the channel
# 22:27 
[chrisaldrich] [pfefferle] I love your new feed page! https://notiz.blog/feed/ Is it essentially adding XSL like this? https://indieweb.org/OPML#XSL_.28making_an_OPML_file_look_like_HTML.29
# 22:31 
[chrisaldrich] From a usability perspective using "Subscribe" (or translated equivalents) on your SubToMe button may more sense to people as many are unlikely to know what SubToMe is.
# 22:31 
[chrisaldrich] I meant to thank you for your post a week or so back when I saw your mention, but I've somehow been more swamped than usual...
# 22:43 
[chrisaldrich] [pfefferle] I also appreciate the subtle changes to the UI when viewing separately in chrome versus firefox. Don't have safari on this machine to see that version though.
rebelle and [schmarty] joined the channel
# 23:11 
[KevinMarks] previously: http://epeus.blogspot.com/2008/05/mixing-degrees-of-publicness-in-http.html
gRegorLove and [David_Bryant] joined the channel