Aaron Parecki

Ben Balter http://Ben.Balter.com • Aug 8
What do people use these days to plan complex, multi-stop personal travel? Are travel agents still a thing? Some fancy new app? Just internet a bunch and book it yourself?

Google flight search + a cocktail + a few hours on the couch

Portland, Oregon, USA • 90°F

Wed, Aug 8, 2018 3:48pm -07:00
Andy Baio https://xoxo.zone/@andybaio • Aug 8
Is there any way to post a message SOLELY to your local timeline? That would be pretty cool.

I was actually just thinking the same thing but addressing a specific server. I wanted to say hi to all the xoxo.zone people but my account is on my own website!

Portland, Oregon, USA • 82°F

Wed, Aug 8, 2018 12:15pm -07:00
Khor https://twitter.com/neth_6 • Aug 8
The link you shared is for Implicit? Implicit does not use client secret. Does this mean IndieAuth is more similar to Implicit than Auth Code but is more secure as the client id has to be redirect uri?

Regular OAuth 2.0 also supports the Authorization Code flow with no secret. In fact, many companies recommend Auth Code w/no secret instead of Implicit.

IndieAuth is like taking Auth Code w/no secret and adding back some layers of security because of the client ID being a URL.

Portland, Oregon, USA • 64°F

1 like 1 reply

Wed, Aug 8, 2018 7:42am -07:00
Khor https://twitter.com/neth_6 • Aug 8
Got a #IndieAuth question. Since there is no client pre-registration, there is no client secret. Thus during code/access token exchange no client secret is used. Less secure than Authorization Code and more like Implicit perhaps?

But, most importantly, the fact that IndieAuth uses a URL for the client ID means that you *do* authenticate the client in the initial Auth Code request, since the redirect URL has to match the domain or be registered. That's an improvement over OAuth with no secret.

Portland, Oregon, USA • 64°F

1 like 1 reply

Wed, Aug 8, 2018 6:28am -07:00
Khor https://twitter.com/neth_6 • Aug 8
Got a #IndieAuth question. Since there is no client pre-registration, there is no client secret. Thus during code/access token exchange no client secret is used. Less secure than Authorization Code and more like Implicit perhaps?

Without the secret, there is no authentication of the client. PKCE solves this by using essentially an on-the-fly secret safe for use by mobile apps. IndieAuth *could* adopt the PKCE extension as well, tho afaik noone has done that yet.

Portland, Oregon, USA • 64°F

Wed, Aug 8, 2018 6:26am -07:00
Khor https://twitter.com/neth_6 • Aug 8
Got a #IndieAuth question. Since there is no client pre-registration, there is no client secret. Thus during code/access token exchange no client secret is used. Less secure than Authorization Code and more like Implicit perhaps?

Good question! The OAuth Authorization Code flow doesn't require a secret either. For example mobile apps can't use a secret, but still use the Auth Code flow. There are many benefits to the Auth Code flow over Implicit, I wrote some about that here https://developer.okta.com/blog/2018/05/24/what-is-the-oauth2-implicit-grant-type#when-to-use-the-implicit-grant-type

Portland, Oregon, USA • 64°F

3 replies

Wed, Aug 8, 2018 6:25am -07:00
Ricky Munroe https://twitter.com/rimunroe • Aug 6
xantham gum is pretty much indispensable for folks with celiac disease. There’s nothing wrong with using it

it also thickens hot sauce nicely

https://aaronparecki.com/2018/08/05/14/

Portland, Oregon • 87°F

Mon, Aug 6, 2018 3:54pm -07:00
Ben Garvey http://www.bengarvey.com • Aug 6
And xanthan gum was one of their favorite foods

I actually used xanthan gum in a recipe I made today

Portland, Oregon, USA • 91°F

6 likes 3 replies

Sun, Aug 5, 2018 6:44pm -07:00
Aug 4
We had a thrilling afternoon at the newly remodeled Space Needle. 🤩

The floor is glass! The walls are glass! The benches are glass too.

oh that is very cool! It's been at least 15 years since I've been there so now I have a good excuse to visit again!

Portland, Oregon • 72°F

Sun, Aug 5, 2018 10:39am -07:00
bradenslen https://micro.blog/bradenslen • Aug 4
@aaronpk They made the Blue Screen of Death much prettier in the last 20 years.

Yeah I almost didn't recognize it!

Portland, Oregon • 80°F

Sat, Aug 4, 2018 3:33pm -07:00
ᛚᛖᛁᚠ Warner http://leifwarner.net • Aug 4
There was already RDFa and microformats, but that wasn't enough, so Google put out microdata to go with http://schema.org... I fear open data and the web in general seems to be going downhill, these days. Just corporate silos, some of which have their proprietary APIs.

You'd probably get a kick out of this https://aaronparecki.com/2016/12/17/8/owning-my-reviews

Portland, Oregon • 80°F

1 like

Sat, Aug 4, 2018 3:24pm -07:00
Randall Degges https://www.rdegges.com • Aug 4
Switching to windows? Oo

noooo I just use Windows for QuickBooks, but that is all about to change cause I'm switching to QuickBooks Online because this is nonsense

Portland, Oregon • 74°F

1 reply

Sat, Aug 4, 2018 1:57pm -07:00
chrislopez https://micro.blog/chrislopez • Aug 4
@aaronpk sad-trombone.mp3

SADTRM~1.WAV

Portland, Oregon • 66°F

Sat, Aug 4, 2018 1:17pm -07:00
Rich Griese https://twitter.com/RichGriese • Aug 4
Get yourself a Mac... they just work. I think it has something to do with magic. :)

I actually run Windows in a VM just so that I can use Quickbooks Desktop. That is literally the only reason I use Windows.

In other news, I'm going to the Apple Store on Tuesday to get both of my Mac's keyboards replaced cause they're doubling up a bunch of keypresses.

Portland, Oregon, USA • 66°F

1 reply

Sat, Aug 4, 2018 1:07pm -07:00
Tantek Çelik http://tantek.com/ • Aug 2
Gave my lightning talk at the #DWebSummit:

#IndieWeb. Taking back your content with practical #decentralization steps

Outline & links: https://indieweb.org/dweb2018

Great questions everyone! Thanks @benwerd for posts and photo!
https://twitter.com/benwerd/status/1025134936016076800

Portland, Oregon, USA • 65°F

11 likes 1 reply

Thu, Aug 2, 2018 3:22pm -07:00
David Shanske https://david.shanske.com/ • Jul 31

Your Endpoint Did Not Return a Location Header

Thanks for writing this up! I've made some minor changes to how Quill displays error messages now, as well as tweaked some copy to make it address users rather than developers.

Quill started out as a tool to help debug Micropub implementations, so all the copy was phrased to address the developer of a Micropub endpoint. That was before https://micropub.rocks existed. Quill later evolved to be a much more robust client that can create a bunch of kinds of content, and I hadn't yet gone back through and updated the text.

It's clear this has become necessary, so hopefully these changes make a difference now!

Portland, Oregon • 86°F

Wed, Aug 1, 2018 7:23pm -07:00
https://github.com/indieweb/php-mf2

Ensure URLs returned are properly encoded

The change in https://github.com/indieweb/php-mf2/pull/170 means it's possible to return URLs like http://example.com/foo bar with a space instead of the URL-encoded %20.
continue reading...

Wed, Aug 1, 2018 9:19am -07:00
Zegnat https://github.com/Zegnat • Apr 20

#170 Move resolve step last in u-* parsing

I think I'm in favor of merging this as is, even if it still returns invalid URLs, because it won't return anything more broken than the current version. I do think it should properly escape URLs in the parsed result though, since that's what would happen if you included a link in an <a> tag in a browser that included spaces. (The browser converts those to %20.

Portland, Oregon, USA • 61°F

Wed, Aug 1, 2018 9:12am -07:00
HACKER TEEN PUCKIPEDIA 👩‍💻 http://puckipedia.com • Aug 1
I should probably support micropub in kroeg's frontend somewhen when that's working better... Also this is giving me some cool concepts now

that'd be awesome. I just wrote an ActivityStreams-to-Microformats JSON converter which wasn't that hard. It shouldn't be that hard to go the other way around.

Portland, Oregon, USA • 61°F

2 likes

Wed, Aug 1, 2018 7:14am -07:00
Darius Kazemi https://social.tinysubversions.com/@darius • Jul 31
One fun thing I just learned is that ActivityPub has almost no implementations, certainly no barebones modules I can tell except maybe https://github.com/Arkanosis/microstatus ? except I can't even tell if that is a module or a full-fledged server or both or what
I am a professional software developer and this shit is so byzantine, no wonder the indie web is having such a rough time

Don't forget that ActivityPub isn't even all of indieweb! It gets even more confusing once you throw the other half of the specs into the mix (webmention, micropub, indieauth, etc).

But that's what happens when this stuff is all built up by a bunch of unrelated people on their own time, rather than being a well-crafted developer experience made by a single company with a bunch of VC funding.

It will get better, it just takes a lot of work to make this stuff work, much less make good docs for it on top!

Portland, Oregon, USA • 87°F

2 likes

Tue, Jul 31, 2018 3:30pm -07:00

older

Aaron Parecki

Your Endpoint Did Not Return a Location Header

Ensure URLs returned are properly encoded

#170 Move resolve step last in u-* parsing