↳
In-reply-to
»
On the Subject of Feed Identities; I propose the following:
†Read More
@prologic@twtxt.net Some criticisms and a possible alternative direction:
Key rotation. Iâm not a security person, but my understanding is that itâs good to be able to give keys an expiry date and replace them with new ones periodically.
It makes maintaining a feed more complicated. Now instead of just needing to put a file on a web server (and scan the logs for user agents) I also need to do this. What brought me to twtxt was its radical simplicity.
Instead, maybe we should think about a way to allow old urls to be rotated out? Like, my metadata could somehow say that X used to be my primary URL, but going forward from date D onward my primary url is Y. (Or, if you really want to use public key cryptography, maybe something similar could be used for key rotation there.)
Itâs nice that your scheme would add a way to verify the twts you download, but https is supposed to do that anyway. If you donât trust https to do that (maybe you donât like relying on root CAs?) then maybe your preferred solution should be reflected by your primary feed url. E.g. if you prefer the security offered by IPFS, then maybe an IPNS url would do the trick. The fact that feed locations are URLs gives some flexibility. (But then rotation is still an issue, if I understand ipns right.)
@cuaxolotl@sunshinegardens.org Ah, thanks for reporting back! Okay, so youâre basically manually âcrawlingâ feeds right now. đ€ What do you think about the idea of adding something like # follow_notify = gemini://foo/bar to your feedâs metadata, so that clients who follow you can ping that URL every now and then? How would you even notice that, do you regularly read your gemini logs? đ€
↳
In-reply-to
»
@abucci appreciate it if you find the time to update again đ
†Read More
@prologic@twtxt.net My pod, which is running the same commit you are, does not return an error like that. It returns the same HTML it always has. Try it. I nuked my cache before restarting.
Edit: Oh wait, the plot thickens. I do get an error if I use curl or if I use a web browser that isnât logged in. Thatâs good!
↳
In-reply-to
»
There is a bug in
†Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net Hereâs a log entry:
Aug 27 15:59:43 buc yarnd[1200580]: [yarnd] 2024/08/27 15:59:43 (IP_REDACTED) "GET /external?nick=lovetocode999&uri=https://URL_REDACTED HTTP/1.1" 200 35442 14.554763ms
HTTP 200 status, not 404.
↳
In-reply-to
»
I'm happy with the current implementation though, because the only reason you should be hitting the external profile endpoint at all is a) you're logged in and happen to click on someone's profile that is external to the pod or b) you're anonymous and just clicking through the frontpage (see a)
†Read More
@prologic@twtxt.net Iâve just went in a case b) on @abucci@anthony.buc.ci âs pod, if I click on their nickname I get a Log-in page. And if I click on anyone elseâs I a profile page. Is that normal?
↳
In-reply-to
»
There is a bug in
†Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
Iâm happy with the current implementation though, because the only reason you should be hitting the external profile endpoint at all is a) youâre logged in and happen to click on someoneâs profile that is external to the pod or b) youâre anonymous and just clicking through the frontpage (see a)
↳
In-reply-to
»
There is a bug in
†Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
For some reason this nick lovetocode999 is frequently present in my log entries.
Introduire les thĂšmes de physique-chimie avec des films : https://si3t.ch/log/2024-08-20-Introduction-themes-physique-chimie-films.txt
↳
In-reply-to
»
@lyse Ahh so it's not just me! đ
†Read More
@prologic@twtxt.net @lyse@lyse.isobeef.org I checked my logs and all I see are 304 responses and a couple of delayed requests here and there due to rate limiting, but not that many. Iâll disable it (the rate limiting) for a couple of days, let me know if you still get the âforbidden accessâ thing đ«Ł I may have effed up my configuration trying to deal with some weird stuff.
↳
In-reply-to
»
Hmmm I'm a little concerned, as I'm seeing quite a few feeds I follow in an error state:
†Read More
@prologic@twtxt.net I am! đ Iâll check my logs and see if thereâs something I can do about that!
↳
In-reply-to
»
@abucci / @abucci Any interesting errors pop up in the server logs since the the flaw got fixed (unbounded
†Read More
receieveFile())? đ€
he emailed my ISP about causing logging abuse. This is the only real ISP in my area, its gonna basically send me back to dialup.
@abucci@anthony.buc.ci / @abucci@anthony.buc.ci Any interesting errors pop up in the server logs since the the flaw got fixed (unbounded receieveFile())? đ€
↳
In-reply-to
»
@prologic 10 Gbytes has accumulated since I made that last post. It's coming in at a rate of 55 Mbits/second !
†Read More
@prologic@twtxt.net There are a lot of logs being generated by yarnd, which is something I havenât seen before too:
Jul 25 14:32:42 buc yarnd[1911318]: [yarnd] 2024/07/25 14:32:42 (162.211.155.2) "GET /twt/ubhq33a HTTP/1.1" 404 29 643.251”s
Jul 25 14:32:43 buc yarnd[1911318]: [yarnd] 2024/07/25 14:32:43 (162.211.155.2) "GET /twt/112073211746755451 HTTP/1.1" 400 12 505.333”s
Jul 25 14:32:44 buc yarnd[1911318]: [yarnd] 2024/07/25 14:32:44 (111.119.213.103) "GET /twt/whau6pa HTTP/1.1" 200 37360 35.173255ms
Jul 25 14:32:44 buc yarnd[1911318]: [yarnd] 2024/07/25 14:32:44 (162.211.155.2) "GET /twt/112343305123858004 HTTP/1.1" 400 12 455.069”s
Jul 25 14:32:44 buc yarnd[1911318]: [yarnd] 2024/07/25 14:32:44 (168.199.225.19) "GET /external?nick=lovetocode999&uri=http%3A%2F%2Fwww.palapa.pl%2Fbaners.php%3Flink%3Dhttps%3A%2F%2Fwww.dwnewstoday.com HTTP/1.1" 200 36167 19.582077ms
Jul 25 14:32:44 buc yarnd[1911318]: [yarnd] 2024/07/25 14:32:44 (162.211.155.2) "GET /twt/112503061785024494 HTTP/1.1" 400 12 619.152”s
Jul 25 14:32:46 buc yarnd[1911318]: [yarnd] 2024/07/25 14:32:46 (162.211.155.2) "GET /twt/111863876118553837 HTTP/1.1" 400 12 817.678”s
Jul 25 14:32:46 buc yarnd[1911318]: [yarnd] 2024/07/25 14:32:46 (162.211.155.2) "GET /twt/112749994821704400 HTTP/1.1" 400 12 540.616”s
Jul 25 14:32:47 buc yarnd[1911318]: [yarnd] 2024/07/25 14:32:47 (103.204.109.150) "GET /external?nick=lovetocode999&uri=http%3A%2F%2Fampurify.com%2Fbbs%2Fboard.php%3Fbo_table%3Dfree%26wr_id%3D113858 HTTP/1.1" 200 36187 15.95329ms
Iâve seen that nick=lovetocode999 a bunch.
↳
In-reply-to
»
@abucci Oh hey! đ
†Read More
There are also a bunch of log messages scrolling by. Iâve never seen this much activity in the log:
Jul 25 01:37:39 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:39 (149.71.56.69) "GET /external?nick=lovetocode999&uri=https://pagez.co.uk/services/your-own-100-fully-owned-online-vi>
Jul 25 01:37:39 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:39 (162.211.155.2) "GET /twt/112135496802692324 HTTP/1.1" 400 12 826.65”s
Jul 25 01:37:40 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:40 (51.222.253.14) "GET /conv/muttriq HTTP/1.1" 200 36881 20.448309ms
Jul 25 01:37:40 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:40 (162.211.155.2) "GET /twt/112730114943543514 HTTP/1.1" 400 12 663.493”s
Jul 25 01:37:40 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:40 (27.75.213.253) "GET /external?nick=lovetocode999&uri=http%3A%2F%2Falfarah.jo%2FHome%2FChangeCulture%3FlangCode%3Den>
Jul 25 01:37:40 buc.ci yarnd[829]: time="2024-07-25T01:37:40Z" level=error msg="http://bynet.com.br/log_envio.asp?cod=335&email=%21%2AEMAIL%2A%21&url=https%3A%2F%2Fwww.almanacar.c>
Jul 25 01:37:40 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:40 (162.211.155.2) "GET /twt/111674756400660911 HTTP/1.1" 400 12 545.106”s
Jul 25 01:37:40 buc.ci yarnd[829]: time="2024-07-25T01:37:40Z" level=warning msg="feed FetchFeedRequest: @<lovetocode999 http://alfarah.jo/Home/ChangeCulture?langCode=en&returnUrl>
Jul 25 01:37:41 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:41 (162.211.155.2) "GET /twt/112507964696096567 HTTP/1.1" 400 12 838.946”s
Something really weird is going on?
Pour les racistes: https://si3t.ch/log/2024-06-30-pour-les-racistes.txt
Eyes on logs⊠Waiting for the first s-kiddo to knock on my door. Got a Huge treat, just for them. *wink*
@prologic@twtxt.net hey mate, all working well here so far. The login issue isnât really an issue as far as actually logging in goes, rather if I get my password wrong it gives the response error code in console, the response of which contains the HTML for the wrong password page if you inspect it, but on the frontend itself nothing actually happens which is the confusion. Just stays on the login page as if it was never submitted. Am I alone in having this issue as well?
↳
In-reply-to
»
@prologic It's weird though cos I could reproduce it on any of my browsers on either my laptop or phone đ€
†Read More
@prologic@twtxt.net Yes very very strange! I truly donât know where to start on that one đ€Ł Must be one of those really weird edge cases. Thanks for your help on this, I can at least post normally now.đ
Iâll check logging in etc tomorrow, time for bed lol đŽ
↳
In-reply-to
»
Unfortunately not on that front. Still the same 404 posting errors and oddly occasional login errors.
†Read More
@prologic@twtxt.net The login issue I cant yet narrow down as to when it happens as sometimes I login fine. But it gives off a 401 forbidden error. Anyway Iâve been focusing on the posting error as I figured it must be related. Registering and logging in as a new user works every time, which is weird.
I just typed something that took me a while to enter, hit post, and lost everything because I was logged out. Can that be disabled? Let me be logged in for as long as I want (or for a very long time), unless I hit logout, or account for the previously entered text, and present it (or run the post action), after having to re-login?
Les rues sont vides : https://si3t.ch/log/2024-06-10-les-rues-sont-vides.txt
Une semaine de merde, de lâĂ©cologie et un projet de code: https://si3t.ch/log/2024-05-31-traces-1.txt
↳
In-reply-to
»
Hello @bmallred I hope you're doing well.
I dunno if it's normal, but it seems like I am unable to access your twtxt.tx file... đ
†Read More
@bmallred@staystrong.run No I was trying the other one I got from logs, itâs missing the /user subdirectory:
"GET /twtxt.txt HTTP/1.1" 200 27110 "-" "nahongvita/0.1.0 (+https://staystrong.run/bmallred/twtxt.txt; @bmallred)"
Base: 7.01 miles, 00:09:43 average pace, 01:08:08 duration
just logging the miles and time. last day of kidsâ school so a lot of chaos has settled only to be replaced i am sure!
#running #treadmill
If you want to talk about (self) hosting with #OpenBSD, fell free to join the mailing list I just made: https://si3t.ch/log/2024-05-10-ah-mailing-list.txt #selfhost
Nouvel article avec au menu du #retrogaming, des #citations et du bazar https://si3t.ch/log/2024-05-06-vagues-2.txt
prx parle de twtxt et dmenu https://si3t.ch/log/archives/2020-10-21.txt
Choisir un gestionnaire de fichiers https://si3t.ch/log/archives/2020-10-07.txt
↳
In-reply-to
»
my first twtxt from spain!!! wow im feeling good!
†Read More
@prologic@twtxt.net I guess, you donât get to check the logs if you host your feed file on a pubnix âŠ
↳
In-reply-to
»
Oh, nevermind... it did! I've just checked my twtxt.txt file. Now I have to figure out replays đ«€
†Read More
Oh! thank you @movq@www.uninformativ.de and @bender@twtxt.net ! Iâve noticed your replays by chance checking my logs đ
Avec du retard jâĂ©coute les #fdr de <@fredg@pouet.chapril.org>, je dĂ©couvre avec plaisir HIRAE, ça soulage un truc coincĂ© dans lâestomac: https://galusik.fr/log/2024-02-16-frm.txt
Nouvel article, âMon fils mâa envoyĂ© un courrierâ : https://si3t.ch/log/2024-03-24-mon-fils-m-a-envoye-un-courrier.txt #solarpunk #fiction
sloweb partie 2 : les flux. https://si3t.ch/log/2024-03-14-sloweb-part-2-feeds.txt
sloweb partie 1 : run_cmds. https://si3t.ch/log/2024-03-13-sloweb-part-1-run-cmds.txt
sloweb : comment je réduis mon temps passé en ligne: https://si3t.ch/log/2024-03-12-sloweb-le-web-sans-s-essoufler.txt
Moi, je pollue. Et toi? https://si3t.ch/log/2024-03-06-moi-je-pollue.txt
En attendant le #frm du jour: https://galusik.fr/log/2024-02-18-fridayrockmetal-playlists.txt
HĂ© oui ^^. Je suis curieux de voir comment ça fonctionne. JâapprĂ©cie de voir une configuration trĂšs semblable Ă httpd. LâidĂ©e de relĂ©guer les cgi Ă slowcgi me semble intelligente. Il y a des logs plus courants Ă parser. Et surtout, ça Ă©vite le cumul de relayd+inetd. <@https://im-in.space/web/@solene@bsd.network/112020802069845381>
Fallait que ça sorte : Dune partie 2, le garçon pas content qui voulait se venger. https://si3t.ch/log/2024-03-01-dune-partie-2.txt #dune
#gemini readers, I wrote a tool to download new gemfeeds entries instead of opening a client: gemini://si3t.ch/log/2024-02-28-gemfeeds-downloader.txt
Nouvel article : Jâaimerais plus ou moins que tu ailles te faire cuire le cul. https://si3t.ch/log/2024-02-23-j-aimerais-que-tu-ailles-te-faire-cuire-le-cul.txt
New article: show mastodon toot title in #sfeed feed reader. http://si3t.ch/log/2024-02-20-sfeed-mastodon-title.txt
à chaque fois que je bidouille mon site avec les logs en temps réel à cÎté, je suis effaré de voir tous ces bots tenter encore sur des 404 oO
Thereâs something really annoying me on #openbsd httpd: to set custom headers, one need to use relayd. Yes, it works, but it is so complex for this task. And it breaks logs for analysis with goaccess or webalizer: the forwarded log format put the original IP at the end, but there is still 127.0.0.1 at the beginning :/. httpd should be able to set headers. âhstsâ instruction already does
Log Cabin
â Read more
Log Alignment
â Read more
Doing this thing where I do one-word status reports and logging them in a file.
↳
In-reply-to
»
I've been thinking of how to notify someone else that you've replied to their twts.
†Read More
@lyse@lyse.isobeef.org Iâm also on the e-mail wagon here. On http://darch.dk/timeline/conv/oe3howa I have added a âComment via emailâ botten if uses are not logged in. This feature could be extend to other places in the various UIs. Like we already got the âDoes not follow yourâ / âFollow youâ on the profile page in yarnd, so this detection could be used to sugget the user to email that person, when mentioning them.
Un peu de dessert en physique chimie https://si3t.ch/log/2023-11-15-un-peu-de-dessert-physique-chimie.txt #education #sciences
My cli work-apps: note, plan, dlog (daily log), status and twt.