# I am the Watcher. I am your guide through this vast new twtiverse.
#
# Usage:
# https://watcher.sour.is/api/plain/users View list of users and latest twt date.
# https://watcher.sour.is/api/plain/twt View all twts.
# https://watcher.sour.is/api/plain/mentions?uri=:uri View all mentions for uri.
# https://watcher.sour.is/api/plain/conv/:hash View all twts for a conversation subject.
#
# Options:
# uri Filter to show a specific users twts.
# offset Start index for quey.
# limit Count of items to return (going back in time).
#
# twt range = 1 60810
# self = https://watcher.sour.is?uri=https://twtxt.net/user/prologic/twtxt.txt&offset=56380
# next = https://watcher.sour.is?uri=https://twtxt.net/user/prologic/twtxt.txt&offset=56480
# prev = https://watcher.sour.is?uri=https://twtxt.net/user/prologic/twtxt.txt&offset=56280
Time for workโข, But I quickly hacked together a bit of a better solution here. Rolling it out to my pod so we'll see how it _actually_ goes. Still possible to abuse if you're a logged in user, etc, but at least now we delete the invalid/bad feed afterwards if it a) was not even a text//plain content-type or b) it errored out and was a new fetch of a HTTP feed.
@abucci I mean it's only suppose to do one thing really. What are you thinking here?
@abucci I mean it's only suppose to do one thing really. What are you thinking here?
Yeah I was afraid of this. Technically can still be abused by "logged in" users. Hmmm
So we really not trust ourselves? ๐คฃ๐
Yeah I was afraid of this. Technically can still be abused by "logged in" users. Hmmm
So we really not trust ourselves? ๐คฃ๐
But this is super weird, should behave the same as my pod ๐คฆโโ๏ธ
But this is super weird, should behave the same as my pod ๐คฆโโ๏ธ
@abucci nuke the cache file before starring
@abucci nuke the cache file before starring
How did you nuke your cache?
How did you nuke your cache?
@abucci You don't actually appear to be running that sha hmmm? ๐ค 
@abucci You don't actually appear to be running that sha hmmm? ๐ค
It appears to be working to ๐ 
silly bots ๐
It appears to be working to ๐ 
silly bots ๐
It appears to be working to ๐ silly bots ๐
@abucci Bo worries! If you curl it too it'll return a proper 494 ๐ Should make bots go away ๐ค
@abucci Bo worries! If you curl it too it'll return a proper 494 ๐ Should make bots go away ๐ค
@abucci Blah my cache was poisoned ๐คฆโโ๏ธ it's fine now! And this is no monger possible to do now.
@abucci Blah my cache was poisoned ๐คฆโโ๏ธ it's fine now! And this is no monger possible to do now.
@bender Did they win though? Did they?! ๐คฃ
@bender Did they win though? Did they?! ๐คฃ
@abucci This is already in place. It will error, return 404 Feed Not Found for non-browsers and external feeds are never fetched (_unless you are an authenticated/valid user of the pod_) -- I patched that hole a while ago, because I already picked up it was being abused by bots ๐ค
@abucci This is already in place. It will error, return 404 Feed Not Found for non-browsers and external feeds are never fetched (_unless you are an authenticated/valid user of the pod_) -- I patched that hole a while ago, because I already picked up it was being abused by bots ๐ค
Support (_and thus abuse reports_) are now disabled on this pod. There's now a new setting in Settings -> Poderator Settings called "Disable Support".
Support (_and thus abuse reports_) are now disabled on this pod. There's now a new setting in Settings -> Poderator Settings called "Disable Support".
This happens again today. This is twice just today alone. Hmm I'm reconsidering this feature entirely, rarely used and if it's just going to be abused by spammer, I don't see the value in it. I'm certainly not going to try to build some kind of "anti-spam" filters or anything, sounds cool, I'd learn a lot, but smells of effort and time I simply don't have ๐ข #spam #sucks
This happens again today. This is twice just today alone. Hmm I'm reconsidering this feature entirely, rarely used and if it's just going to be abused by spammer, I don't see the value in it. I'm certainly not going to try to build some kind of "anti-spam" filters or anything, sounds cool, I'd learn a lot, but smells of effort and time I simply don't have ๐ข #spam #sucks
@slashdot OMG! ๐ฆ What da hell is going on here?! I used to have a friend that came from North Carolina, this is terrible (attacking power grids) ๐คฌ wtf are these people smoking?! ๐ฌ
@slashdot OMG! ๐ฆ What da hell is going on here?! I used to have a friend that came from North Carolina, this is terrible (attacking power grids) ๐คฌ wtf are these people smoking?! ๐ฌ
Like why does spammers even bother?! Don't they realize how fucking futile and useless it is to be abuse something like a support form? I mean clearly nothing is going to come of this, except it's going to be clearly ignored and toss in the bin. ๐คฃ
Like why does spammers even bother?! Don't they realize how fucking futile and useless it is to be abuse something like a support form? I mean clearly nothing is going to come of this, except it's going to be clearly ignored and toss in the bin. ๐คฃ
Wow! My god spammers really try hard song they? ๐คฃ Geez ๐คฆโโ๏ธ 
Do we need to make the captcha harder? ๐
Wow! My god spammers really try hard song they? ๐คฃ Geez ๐คฆโโ๏ธ Do we need to make the captcha harder? ๐
@lyse to be fair the settings that you can change in the user interface are persisted to the settings YAML file and yes override any environmental command online options. This is always made sense to me because there are subset of settings that can be changed dynamically at runtime without requiring any restart.
@lyse to be fair the settings that you can change in the user interface are persisted to the settings YAML file and yes override any environmental command online options. This is always made sense to me because there are subset of settings that can be changed dynamically at runtime without requiring any restart.
@aelaraji It is if he's turned off open profiles ๐
@aelaraji It is if he's turned off open profiles ๐
@lyse thank you! ๐โโ๏ธ
@lyse thank you! ๐โโ๏ธ
I'm happy with the current implementation though, because the only reason you should be hitting the external profile endpoint at all is a) you're logged in and happen to click on someone's profile that is external to the pod or b) you're anonymous and just clicking through the frontpage (see a)
I'm happy with the current implementation though, because the only reason you should be hitting the external profile endpoint at all is a) you're logged in and happen to click on someone's profile that is external to the pod or b) you're anonymous and just clicking through the frontpage (see a)
@bender The problem with this is we just don't know until we try. That's why if the external feed you're looking for isn't found in the cache, it'll try to fetch it in the background. It's a bit of a sucky UX really, but its better than the experience of "waiting, waiting waiting and then timeout".
@bender The problem with this is we just don't know until we try. That's why if the external feed you're looking for isn't found in the cache, it'll try to fetch it in the background. It's a bit of a sucky UX really, but its better than the experience of "waiting, waiting waiting and then timeout".
I've pushed a slightly improved version of this that will return a HTTP 404 Not Found if the UserAgent is determined to NOT be a Browser.
I've pushed a slightly improved version of this that will return a HTTP 404 Not Found if the UserAgent is determined to NOT be a Browser.
Now responds with an error page; but still a 200 OK which I'm not entirely sure I agree with or am happy with? Hmm 
Now responds with an error page; but still a 200 OK which I'm not entirely sure I agree with or am happy with? Hmm
@abucci I've fixed this and pushed a commit to main. Will test it on my pod and see how it goes. Basically reporting an error if the feed isn't in the cache and you're unauthenticated (anonymous).
@abucci I've fixed this and pushed a commit to main. Will test it on my pod and see how it goes. Basically reporting an error if the feed isn't in the cache and you're unauthenticated (anonymous).
@abucci Hmmm I'll have a look at this today, hopefully. ๐ค Thanks for bringing this up! ๐โโ๏ธ
@abucci Hmmm I'll have a look at this today, hopefully. ๐ค Thanks for bringing this up! ๐โโ๏ธ
@xuu we really must invest more time and effort into salty im ๐คฃ
@xuu we really must invest more time and effort into salty im ๐คฃ
@aelaraji good morning! Are you wake up that early?! ๐คฃ
@aelaraji good morning! Are you wake up that early?! ๐คฃ
@movq it looks like it would kill you. ๐
@movq it looks like it would kill you. ๐
@lyse Definately! Next time I'll make sure I announce it a few days in advance. ๐๐
@lyse Definately! Next time I'll make sure I announce it a few days in advance. ๐๐
@movq I certainly am ๐คฃ I wonder whether she is one of the yontest? ๐ค
@movq I certainly am ๐คฃ I wonder whether she is one of the yontest? ๐ค
My 9yr old daughter just made her Git commit today, her first website, setup two-factor authentication and used several credentials (_which I helped her with_) ๐คฃ -- next lessons: password hygiene/management.
My 9yr old daughter just made her Git commit today, her first website, setup two-factor authentication and used several credentials (_which I helped her with_) ๐คฃ -- next lessons: password hygiene/management.
@movq Yeah, they should rotate though, but yes.
@movq Yeah, they should rotate though, but yes.
@hacker-news-newest Oh! Wow! ๐ฎ Does anyone know or have any insight as to the arrest of the Telegram CEO (Pavel Durov)? ๐ค #Telegram
@hacker-news-newest Oh! Wow! ๐ฎ Does anyone know or have any insight as to the arrest of the Telegram CEO (Pavel Durov)? ๐ค #Telegram
@movq All good! ๐ I totally get it ๐
@movq All good! ๐ I totally get it ๐
@movq This is fair ๐
Most development with Twtxt / Yarn.socail continues to be "asynchronous" and "slow" in nature ๐คฃ -- regardless of whether we see you on IRC or not ๐
@movq This is fair ๐
Most development with Twtxt / Yarn.socail continues to be "asynchronous" and "slow" in nature ๐คฃ -- regardless of whether we see you on IRC or not ๐
@movq This is gone though right? ๐ค
@movq This is gone though right? ๐ค