IndieWebCamp March 6-13, 2015
This is an automatically-generated summary of the IndieWebCamp wiki edits from March 6-13, 2015
Table of Contents
New Pages
Changed Pages
New Pages
Created by Loqi.me on March 9
- Mon, March 9 loqi.me prompted by ben_thatmustbeme https://indiewebcamp.com/irc/2015-03-09/line/1425936106862 and dfn added by ben_thatmustbeme
- Thu, March 12 ben.thatmustbe.me starting a documentation of logstore
- Thu, March 12 ben.thatmustbe.me adding questions to work out as I think them up
- Thu, March 12 ben.thatmustbe.me /* Questions */
- Thu, March 12 ben.thatmustbe.me /* Questions */
- Thu, March 12 ben.thatmustbe.me /* Questions */
This article is a stub. You can help the IndieWebCamp wiki by expanding it.
Logstore is an endpoint for storing and retrieving logs from an indieweb site. Web apps and native apps (e.g. iPhone, Android) can use Logstore to store chatroom messages or direct messages as well as recall that history to give context to messaging. It can also be used to store any dated log entries so that system logs and software logs can be stores as though the software or system is the author of the message.
IndieWeb Examples
Examples of IndieWeb sites that support the micropub API (in order of deployment).
Postly
Ben Roberts has started saving IRC chatroom logs directly to Postly as an initial test case.
How to implement
How to implement the Logstore API, both in a client that can discover an endpoint and publish to it, and on a server to support an endpoint to append/recall logs.
Endpoint Discovery
It should be possible to configure an API client by authenticating as your domain name using IndieAuth. After signing in, your domain needs a way to specify the API endpoint the client will use to create new posts.
Add a <link> tag in the HTML head of your home page, or send an HTTP Link header.
Link: <https://example.com/logstore>; rel="logstore"
HTML Head
<link rel="logstore" href="https://example.com/logstore">
Authentication
This is done exactly like Micropub#How_to_implement
Authorization: Bearer XXXXXXXX
Form-Encoded Body Parameter
access_token=XXXXXXXXX
Scope
Ben Roberts uses the scope 'logs' for access read/write from the logstore endpoint.
Log Storage Format
Logs are stored as h-feeds with h-entries (each containing an author) in microformats
Getting List of Log Feeds
Making an HTTP GET request without an 'h=' option should return a list of feeds that can be accessed in the form...
<a class="h-feed u-url" href="https://ben.thatmustbe.me/logstore?h=feed&url=irc://freenode.net/%23indiechat">
irc://freenode.net/#indiewebcamp
</a>
Remember to escape any Hash marks in the URL as they are needed for IRC room names.
Storing Log Entries
Making a POST request to the endpoint with
h=entry
should store the log entry.
Add the values to be stored similar to Micropub
h=entry
content=GWG not really on you?
in-reply-to=irc://freenode.net/#indiewebcamp
published=2015-03-11 07:37:07
author_name=pfefferle
Recalling Log Feed
Making an HTTP GET request with 'h=feed' and 'url=' for the feed identifier
Example Log Feed
<div class="h-feed">
<div class="h-entry">
<time class="dt-published" datetime="2015-03-11 07:37:07">
2015-03-11 07:37:07
</time>
<span class="p-author h-card">
<span class="p-nickname p-name">pfefferle</span>
</span>
<span class="e-content p-name">GWG not really on you?</span>
</div>
</div>
Brainstorming
This entire page is still under developement, and there are several pieces that still need to be worked out.
- Should there be a difference in read and write scope?
- Storing of direct messages should ideally be able to unify to an actual person. It would be nice to have a way to mark up on what method a message was delivered via.
- Should the be a way to delete / clear logs?
- There will need to be a method of paging when polling a log, or at least a method to say how much to limit to.
- Barnaby Walters suggested [1] using next/prev markup and have an extra value of before= and a timestamp so they are permanent. I would recommend something like ls-before to follow the prefix idea of micropub (mp-xxxx).
- Currently I am not logging chat entry/exit, there should probably be some markup for these.
- Currently I am not logging actions, there should be some markup for this.
- There should likely be a good way to store and recall a 'last-read' value for each feed so you can easily determine if there are any new messages.
Created by Kylewm.com on March 10
This article is a stub. You can help the IndieWebCamp wiki by expanding it.
CSRF or Cross-Site Request Forgery is an attack that OAuth and IndieAuth clients (relying parties) need to be aware of, wherein victims unknowingly follow a link to a relying party callback URL prepared by an attacker. This tricks the user to authenticate to the relying party with an account under the attacker's control and thus potentially leak private data to the attacker.
The most common prevention strategy involves generating a CSRF-token (state, nonce) storing it in the browser session, and passing it into the authorization endpoint. Then when receiving a callback from the authorization endpoint, relying parties can simply compare the token to the one stored in the session to confirm that the request originated at the authorization endpoint. [1]
In the context of IndieAuth, clients MUST use the state
parameter for this purpose. The value MUST not be guessable by an attacker and MUST be verified on the callback.
Reference
See Also
Created by David.shanske.com on March 10
- Tue, March 10 david.shanske.com prompted by tantek https://indiewebcamp.com/irc/2015-03-09/line/1425950137133
- Tue, March 10 tantek.com stub, bold dfn, expand a bit with tie to use in search results, linky, see also
- Tue, March 10 tantek.com dedup search from dfn
This article is a stub. You can help the IndieWebCamp wiki by expanding it.
Google Knowledge Graph is an attempt by Google to provide summary information and context about anything, and in particular, displayed as part of a search result for a specific term or phrase. When Google's Knowledge Graph has information regarding a subject, it displays a knowledge box, such as the one below, showing information on the topic/individual.
Below is an example of of a Knowledge Graph box for an individual, retrieved 2015-03-09.
See Also
Created by Loqi.me on March 11
- Wed, March 11 loqi.me prompted by gRegor` https://indiewebcamp.com/irc/2015-03-11/line/1426110039356 and dfn added by gRegor`
- Wed, March 11 aaronparecki.com real dfn
This article is a stub. You can help the IndieWebCamp wiki by expanding it.
Spiderpig is a web crawler for archiving a website as static HTML files.
https://github.com/esripdx/spiderpig
Created by Eric.pdxhub.org on March 11
- Wed, March 11 eric.pdxhub.org Created page with "<span class="h-card">{{sparkline|http://eric.pdxhub.org/assets/avatar.jpeg}}[[User:Eric.pdxhub.org|Eric Drechsel]]</span>"
- Wed, March 11 eric.pdxhub.org
Eric Drechsel
Created by Loqi.me on March 9
- Mon, March 9 loqi.me prompted by tantek and dfn added by tantek
This article is a stub. You can help the IndieWebCamp wiki by expanding it.
three processes that all applications need is described by https://kylewm.com/2015/03/looking-for-web-frameworks-that-provide-1-server
Created by Tantek.com on March 10
Evan Prodromou
Created by Acegiak.net on March 13
- Fri, March 13 acegiak.net Created page with "[[user:acegiak.net|Ashton McAllan]]"
Ashton McAllan
Created by Loqi.me on March 11
- Wed, March 11 loqi.me prompted by KevinMarks_ https://indiewebcamp.com/irc/2015-03-10/line/1426033786809 and dfn added by KevinMarks_
This article is a stub. You can help the IndieWebCamp wiki by expanding it.
WebID is http://webid.info/
Created by Tantek.com on March 10
Evan Prodromou as of 2012 when he participated in IndieWebCamp 2012.
Created by Loqi.me on March 10
This article is a stub. You can help the IndieWebCamp wiki by expanding it.
js;dr is JavaScript required; Didn’t Read. See also: http://tantek.com/2015/069/t1/js-dr-requires-javascript-dead
Changed Pages
4 edits by johannesdachsel.com, tuxed.net, jansauer.de
4 edits by john.onolan.org- Tue, March 10 john.onolan.org Removing complete crap. We rejected a PR to the default theme so that we could add Microformats in *every single* theme: http://blog.ghost.org/structured-data/
- Tue, March 10 john.onolan.org Removing complete crap. ghost.onolan.org was the first production Ghost blog in the entire world - it literally wasn't possible to "selfdogfood" anything before that site existed. This entire thing is incredibly poorly researched.
- Tue, March 10 john.onolan.org Removing more crap. See last edit.
- Tue, March 10 john.onolan.org Rewrote page with accurate information
4 edits by david.shanske.com, petermolnar.eu
3 edits by kylewm.com, acegiak.net
3 edits by tantek.com, eric.pdxhub.org- Mon, March 9 tantek.com cleaning up venue dupe labels, note quietish writing hour for SF, cleanout some comments for this meetup, possible topics: IWC Cambridge 2015 is next week!
- Wed, March 11 eric.pdxhub.org /* RSVP */
- Wed, March 11 eric.pdxhub.org /* Notes */
2 edits by david.shanske.com
2 edits by tyler.cat
2 edits by cweiske.de, kylewm.com- Tue, March 10 cweiske.de /* Software implementing the authorization endpoint spec */
- Tue, March 10 kylewm.com /* Does the auth server have to support the state parameter */ linkify CSRF
2 edits by dustin.younse.com
2 edits by david.shanske.com
2 edits by pierre-o.fr- Thu, March 12 pierre-o.fr Idea about pgp messaging /* Private, Transient, Async Messaging */
- Thu, March 12 pierre-o.fr Adds a concrete example /* Possible Solution */
2 edits by colintedford.com- Fri, March 13 colintedford.com /* Porting to the IndieWeb */ Feed of others' activity on your repos for potential PESOS
- Fri, March 13 colintedford.com /* IndieWeb Examples */ my modest manual methods
1 edits by tantek.com- Mon, March 9 tantek.com expanded itches guidance just a bit to encourage broader thinking of what "online" may mean, include personal digital devices when offline - another challenge for owning your data, and a step for things to get to your indieweb site
1 edits by david.shanske.com
1 edits by kylewm.com
1 edits by kylewm.com- Mon, March 9 kylewm.com /* APIs that support webhooks */ + Known
1 edits by tantek.com- Mon, March 9 tantek.com add an explicit itches section, based on experience 2015-065..067 camping off the grid with very minimal digital device usage
1 edits by tommorris.org- Mon, March 9 tommorris.org /* Pingback2hook */ redlinking [[webhooks]]
1 edits by tyler.cat
1 edits by aaronparecki.com- Mon, March 9 aaronparecki.com /* Self-Encoded Tokens */ clarify
1 edits by kevinmarks.com
1 edits by tommorris.org
1 edits by david.shanske.com
1 edits by eric.pdxhub.org
1 edits by kylewm.com- Wed, March 11 kylewm.com update to explicitly cover "IndieWebCamp spaces, online and off" discussed in IRC http://indiewebcamp.com/irc/2015-03-11/line/1426096428729
1 edits by david.shanske.com
1 edits by peterwilson.cc
1 edits by david.shanske.com
1 edits by kylewm.com
1 edits by tuxed.net
1 edits by tantek.com- Tue, March 10 tantek.com /* IndieWeb Examples */ use user templates
1 edits by tantek.com
1 edits by tantek.com