#dev 2024-09-04

2024-09-04 UTC
#
[tantek] [snarfed] custom webfinger setup definitely seems like a deep #indieweb-dev thing
#
[snarfed] agreed! thanks for the nudge
#
[tantek] I have this problem now where any time I'm writing any kind of semi-structured plain text, I can't help but think about "how will my markdown replacement process this semi-structuring" and how should it or how should I write my semi-structured plain text so the thing I'm building will eventually "do the right thing" with it
#
[tantek] Which probably means I'm thinking too hard about it, because if it's properly designed (backcompat, forgiving, low/no surprises), the I shouldn't have to think in advance
#
[schmarty] https://enhance.dev/blog/posts/2024-05-03-portable-ssr-components
#
[schmarty] Ooh this speaks to me for making reusable bits of browser UI (e.g. for Micropub clients)
#
Loqi [preview] Portable Server Rendered Web Components with Enhance SSR
#
[tantek] I can't helped but cringe every time I see SSR or even "Server Rendered"
#
[tantek] [snarfed] check the two most recent logs if you can (I get "No log found!" when I click on the links) for the two most recent posts here: https://fed.brid.gy/web/tantek.com
#
[tantek] The latest one got delivered and is shown in Mastodon servers e.g. https://w3c.social/@tantek.com@tantek.com and mentions "Kevin Marks"
#
Loqi [preview] Tantek Çelik
#
[tantek] whereas the penultimate one got delivered and is NOT shown in Mastodon servers (same e.g.) and mentions @-KevinMarks-.-com (without the "-"s) which is auto-linked to:
#
[tantek] with this markup
#
[tantek] ```<a class="auto-link" href="https://KevinMarks.com">@KevinMarks.com</a>```
#
[tantek] ^ so there is something about the AS2 that Bridgy Fed is generating from that HTML that is causing Mastodon to choke
#
[tantek] [snarfed] I'm going to leave my recent posts as-is and take a break from posting until you've had a chance to take a look at the logs etc. and see what you can discern from how Bridgy Fed converts that markup ^ to AS2 to see if there's a bug to file with Mastodon, and/or a workaround to put into Bridgy Fed so we can use @-domain mentions in our posts without Mastodon dropping them on the floor.
#
[tantek] Maybe related to recent Bridgy Fed improvements to send @-mention notifications?
#
[tantek] "recent" - heh since this has been going on since early this year
#
[tantek] Possibly related: https://github.com/snarfed/bridgy-fed/issues/760
#
Loqi [preview] [snarfed] #760 Relax AP mention req't that text is full handle
#
[schmarty] tantek: I agree in general. But I've been thinking about 11ty's webc and other ways to combine markup, styles, and behavior. The thing I like about this enhance-ssr-php thing is that it lets you use components as HTML custom elements and you define them in single files. It injects the markup, dedupes and scopes styles, and any frontend js is handled by defining the custom element.
#
[tantek] that sounds like potentially useful and maintainable modularity. I will defer judgment
#
[snarfed] awesome sleuthing [tantek]! you did indeed narrow it down massively
#
[0x3b0b] Point of additional reference for [tantek] and [snarfed] : Tantek's profile as viewed on my site also jumps from 2024/246/t1 (Adventures in...Bridging) to 2024/238/t1 (All setup here at IndieWebCamp Portland), too. There have been a few things y'all have debugged that affected Mastodon and some other implementations but _not_ Microblogpub, but this doesn't seem to be one of them.
#
[snarfed] looks like the issue is indeed the https://kevinmarks.com link. his site doesn't serve SSL, so when BF tries to fetch that URL, it waits for 15s and then times out
#
[snarfed] it also tries to do that when a fediverse instance fetches the AS2 version of the post, with conneg. I'm guessing many Mastodon servers also time out at 15s or less, so they never get the AS2 post that BF serves after its own 15s cutoff
#
[snarfed] [tantek] I'll work on a fix, but in the short term, I expect you can fix this on your end by linking to either http://kevinmarks.com/ (no https) or https://www.kevinmarks.com/ , since both of those serve ok
#
[0x3b0b] I might look through my logs tomorrow to see if I can find when/if the activity came in and what exactly mbp did, for curiosity's sake if nothing else. Or I might put that in a later might-do list and spend some time trying to 3d print a gaming miniature. Neither one before bed though.
thegreekgeek joined the channel
#
[tantek] oh wow that is so weird
#
[tantek] ok [KevinMarks] I am not linking to your .com any more with https until you get that working
#
[tantek] not going to @-www.kevinmarks.(com)
#
[tantek] [snarfed] this implies that if a post of mine links to anything that takes 15s or longer to respond, my post may not show up in Mastodon
#
aaronpk That's an interesting fail
#
aaronpk Sounds like a good bug to report in mastodon
#
[tantek] what should Bridgy Fed be doing better here? and what should Mastodon be doing better here? I'm not sure what the right answer is tbh
#
[tantek] such timeout based bugs are super hard because rarely are specs explicit about what should happen
#
aaronpk Possibly related to this? https://github.com/mastodon/mastodon/issues/24695
#
Loqi [preview] [renchap] #24695 Mentions of unreachable accounts can break processing remote posts
thegreekgeek_ joined the channel
#
[tantek] hmm, going to recommend https://validator.w3.org/checklink before federating a post with Bridgy Fed
#
[tantek] [snarfed] confirmed, the one post that Mastodon dropped on the floor but did NOT mention Kevin Marks instead had a different broken https link to a mistyping of Doctorow's pluralistic domain.
#
[tantek] W3C link checker found both errors
#
[tantek] Next experiment, to see if fixing that old post from June and and changing its permalink slug will get Bridgy Fed to federate it as a new post, and have it thus show up on Mastodon instances (and mention notifications!)
#
[tantek] (instead of doing a new post now)
#
[tantek] ok sent to Bridgy Fed, let's see what percolates in the new few minutes
#
[tantek] since it's such an old post (from June), I'm also curious if it will show up at all in people's feed readers or Mastodon clients if they are just "following", or if it will be lost to the past
#
[snarfed] yeah we've narrowed this down a lot but not all the way
#
[tantek] so it did show up in Mastodon profile views, interestingly at the top, as if it was most recent, however with the explicit date still June 21st as it says in the post
#
[snarfed] I see at least three possible root causes, if not more
#
[tantek] I think I'm going to advise using the W3C link checker for sure, and fixing any red link errors, before pinging Bridgy Fed to federate.
#
[snarfed] 1) the timeout we mentioned
#
[tantek] that should avoid many (most?) of the instances of this problem
#
[snarfed] 2) the bad https link is the first one in content, and Mastodon tries to generate a link preview from the first link in content
#
[tantek] ^ so that's not it because the bad https link in the "Happy" post was in the middle, not the first one in content
#
[tantek] fixing that link made it work
#
[snarfed] 3) the AS2 includes a Mention tag for the bad link, ie {"type": "Mention", "name": "@KevinMarks.com", "href": "https://KevinMarks.com"}
#
[tantek] that's possible yes
#
[snarfed] ok! then 2 wasn't the cause for at least that post
#
[tantek] phew we're getting closer
bret, gRegorLove_, [mattl], [mattl]2, thegreekgeek, _fluffy, AramZS, gRegorLove__, cuibonobo, ttybitnik and sp1ff joined the channel
#
[tantek] Well the link checker tip was popular at least. Need to build that into authoring tools
gRegorLove_ joined the channel
#
[jacky] I forget who it was that had linked an example of them handling or wrangling MF2 properties from SQL
#
[jacky] something where one could find which page had a particular property by doing some sort of query
#
[jacky] I imagine it involved putting the parsed MF2 _into_ the database and doing some 'mf2' ->> 'your.thing.here' kind of work
#
[jacky] I _think_ it was [cweiske]?
gRegorLove__ and doesnm joined the channel
#
pcarrier doesnm: by tilde you mean https://tilde.club/ ?
#
doesnm tidle-like server. I'm using https://psf.lt
#
doesnm *https://psf.lt/pubnix
#
pcarrier doesnm: I guess you'll have to confirm it supports BYOD (Bring Your Own Domain)?
#
doesnm no
#
doesnm it give nickname.p.psf.lt and *-nickname
#
[jacky] could you put that behind a cname?
#
doesnm tried. Gives 404
#
[jacky] that sucks 😞
#
pcarrier (sorry if y'all already know this) CNAME operates at the DNS level, to determine which machine to contact for the name. then the machine needs to know which certificate to use for HTTPS (TLS-NI), and which content to serve for HTTP (often referred to as virtual hosts).
#
doesnm indieauth has problems with email?
#
pcarrier doesnm: nope, just went through an indielogin.com email flow to confirm
#
doesnm im tried use email challenge. Didnt receive code
#
aaronpk check your spam folder?
#
doesnm didnt have spam system
#
pcarrier smells like a custom mail setup. give me the address if you'd like a quick review of best practices, it's easy to get rejected by other mail systems.
#
doesnm doesnm@0ut0f.space
#
pcarrier https://gist.github.com/pcarrier/4160a492435952d92c4778794413697a
#
pcarrier your server doesn't have the "right" PTR record
#
pcarrier and it doesn't send a greeting when I connect to it over SMTP
#
doesnm lol, who changed ptr to this
#
pcarrier might want to talk to your ISP / double check your firewall for DROP rules?
#
pcarrier (PTR is more important for sending than receiving)
#
doesnm greeting should be showing
#
pcarrier yup got it
#
doesnm setting to subdomain or domain? i forgot
jimw joined the channel
#
doesnm has anyone implemented ssh signatures auth?
[aciccarello] joined the channel
#
pcarrier doesnm: what do you mean exactly? having to sign something, eg with the SSH agent, or getting a URL by SSHing somewhere?
#
pcarrier doesnm: srv.us is built on SSH :)
#
doesnm pcarrier: indieauth.com has gpg auth
#
doesnm what about like this but ssh?
#
pcarrier could do for sure
#
pcarrier I think gpg is broken BTW
#
sebbu i remember it being possible to convert *some* ssh key to gpg
#
sebbu using monkeysphere (abandonned project)
#
pcarrier I converted SSH keys to SSL certificates, worked great
#
doesnm pcarrier: btw sumular service (serveo.net) closed due phishing
#
pcarrier doesnm: well, I have 76 connections right this second and AFAICT no phishing problems
#
pcarrier doesnm: we shall see what happens…
#
doesnm i mean it used for phishing. Do you get abuse reports?
#
pcarrier not once yet
#
sebbu ssl ? x509 ?
#
pcarrier yup
#
pcarrier https://github.com/pcarrier/identify was the project
#
Loqi [preview] [pcarrier] identify: Generate vCards and SSL certificates for LDAP accounts (unmaintained)
#
sebbu interesting, if that project got updated i could see it being promoted to use with https://github.com/yrutschle/sslh ;)
#
Loqi [preview] [yrutschle] sslh: Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
#
sebbu i'm not sure if L3 filtering / QoS can detect which (public) key is used for ssl/tls
#
[schmarty] for PHP folks that use GuzzleHttp (or even curl directly, I guess), do you have a wrapper or pattern that you like for ensuring that you don't make unexpected requests to localhost or other not-generally-routable-but-maybe-on-your-local-network IPs?
#
[schmarty] thinking about https://indieauth.spec.indieweb.org/#client-identifier-p-1
#
pcarrier [schmarty]: what I've done in the past is use an unprivileged proxy
#
gRegor [schmarty], In ProcessWire plugin I have an isClientIdValid method which checks that in part: https://github.com/gRegorLove/ProcessWire-IndieAuth/blob/main/src/IndieAuth/Server.php#L119
#
gRegor doesn't use Guzzle for the requests, but PW's built-in methods
#
[schmarty] thanks, gRegor! does that mean your PW IndieAuth server will fetch a client ID of `http://127.0.0.1`? 😅
#
[schmarty] pcarrier: sounds reasonable, but requires running an extra service?
#
pcarrier [schmarty]: yup
#
gRegor I think so, isn't that what the spec says?
#
[schmarty] gRegor the spec says a server must not fetch a client_id with host 127.0.0.1 (or ::1) https://indieauth.spec.indieweb.org/#client-information-discovery
#
[schmarty] allow it as client_id, but don't attempt to fetch metadata from it.
#
gRegor Aha. Welp.
#
[schmarty] cuz you'll be fetchin' from your own server!!
#
[tantek] 🔁
#
gRegor Right. I'd missed that part of 4.2 somehow
#
[sebbu] [snarfed] [tantek] for webfinger, it's also used by openid, gnu social, dispora, mastodon, owncloud/nextcloud, and a few others
rozenglass, Virtual and JadedBlueEyes joined the channel
#
[snarfed] openid uses webfinger?! cc [aaronpk]?
#
[snarfed] [sebbu] I'm definitely familiar with the extended fediverse (eg including diaspora) usage. I guess I meant more, what other things do you specifically want to do with webfinger on your own server?
#
[sebbu] i'm planning for the future !
#
[sebbu] premature optimization and all that 😄
#
[snarfed] lol ok
#
[snarfed] I'd love to see someone self host their webfinger and still use BF to bridge their site. feel free to try!
#
aaronpk there is an openid connect discovery spec that uses webfinger: https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery
#
aaronpk I don't know how widely supported this actually is in practice
#
aaronpk oh wow i had no idea okta supports this https://developer.okta.com/docs/reference/api/webfinger/
#
[snarfed] TIL
[Joe_Crawford] joined the channel
#
ptramo [marksuth] seeing markup in my feed reader for your feeds
[marksuth] joined the channel
#
[marksuth] hmm, someone mentioned the same thing at HWC this evening, I’ll do some poking
#
[tantek] ptramo RSS or Atom?
#
ptramo RSS
#
ptramo well
#
ptramo eg https://marksuth.dev/feed/stream.xml
#
[tantek] ah yes with the ambiguous HTML escaping rules. yay!
#
Loqi giggles
#
ptramo miniflux shows 3 feeds when adding your domain, "Posts", "Photos", and "Stream". the purpose of the last one isn't super clear
#
ptramo looks like this: https://srv.us/ahc75stmctzcgqflmfpqnpcgjsx2kfz6
#
aaronpk gives Loqi an unescaped <
#
Loqi steps on the unescaped <
#
ptramo Just realized it's not obvious at all… ptramo=pcarrier=π, just depends on which platform I'm using and which platform you're using.
#
[tantek] you can fix that in /chat-names !
#
pcarrier I think I fixed it by making my discord handle my usual nickname
#
pcarrier who needs pseudonymity in the gaming community
#
[marksuth] I have either now fixed my feed issue or broken it in a different way, from checking in a couple of clients I think it's sorted
#
pcarrier [marksuth]: also is your feed unbounded? All the history there, not just the last N entries?
#
[marksuth] it should everything in there as I don't set a limit on it
#
pcarrier Yeah that's a bit wild
#
pcarrier Downloading a copy of your whole website on every refresh feels suboptimal :)
ttybitnik joined the channel
#
pcarrier Happy to report your markup is now interpreted as markup in my miniflux
#
[marksuth] out of interest, how much post history do folk have in their site's rss feed, cos I can easily set a limit
#
[mattl]2 10 posts is standard for WordPress.
#
pcarrier I put 10
#
[tantek] 16
#
aaronpk always the contrarian
#
[tantek] what? I'm a programmer, power of 2 is the norm
#
[marksuth] 13 it is
#
[tantek] 31 on my home page h-feed tho
[benatwork] joined the channel
#
aaronpk off by one, another programmer classic
#
[Joe_Crawford] Baker's Dozen seems properly English Mark.
#
sebbu [tantek], yeah, i also give my age in hex
#
sebbu that makes me younger
#
pcarrier Tbh I picked 10 because I had 11 posts when I implemented the limit
#
[tantek] I do kinda make it vary by post type tho
#
[tantek] like give notes maybe a 0.2 score towards the number of posts
#
gRegor 42 is the correct answer
#
pcarrier I kinda wish it kept just enough to stay below 64kB compressed
#
pcarrier Which is a lot of posts but also negligible overhead
#
[tantek] is there a tool to check the size of your feed in bytes compressed?
#
pcarrier Not that I can think of. curl should be able to do it
#
pcarrier 24759 8756 8808
#
pcarrier > for enc in identity gzip br; curl -sHAccept-Encoding:$enc https://nothing.pcarrier.com/feed.json|LANG=C wc -c; end|xargs
#
sebbu it's sad that br still doesn't have a signature by default
#
pcarrier sebbu: what do you mean by signature in this context?
#
sebbu https://datatracker.ietf.org/doc/html/draft-vandevenne-shared-brotli-format-10 there's is a rfc draft, based on https://github.com/madler/brotli/blob/master/br-format-v3.txt
#
sebbu file / libmagic