# I am the Watcher. I am your guide through this vast new twtiverse.
# 
# Usage:
#     https://watcher.sour.is/api/plain/users              View list of users and latest twt date.
#     https://watcher.sour.is/api/plain/twt                View all twts.
#     https://watcher.sour.is/api/plain/mentions?uri=:uri  View all mentions for uri.
#     https://watcher.sour.is/api/plain/conv/:hash         View all twts for a conversation subject.
# 
# Options:
#     uri     Filter to show a specific users twts.
#     offset  Start index for quey.
#     limit   Count of items to return (going back in time).
# 
# twt range = 1 60515
# self = https://watcher.sour.is?uri=https://twtxt.net/user/prologic/twtxt.txt&offset=56391
# next = https://watcher.sour.is?uri=https://twtxt.net/user/prologic/twtxt.txt&offset=56491
# prev = https://watcher.sour.is?uri=https://twtxt.net/user/prologic/twtxt.txt&offset=56291
prologic
twtxt.net
View Thread
@abucci appreciate it if you find the time to update again ๐Ÿ™
prologic
twtxt.net
View Thread
@abucci appreciate it if you find the time to update again ๐Ÿ™
prologic
twtxt.net
View Thread
Now that's rolling out, I _think_ that's it. The only final way I can improve that /external endpoint/view is to refactor how it works a bit and add some HTMX magicโ„ข so it has a nice snappy UX to it as it dynamically tries to validate the feed and provide useful feedback to the user, that way I can avoid injecting it into the cache unnecessarily in the first place!
prologic
twtxt.net
View Thread
Now that's rolling out, I _think_ that's it. The only final way I can improve that /external endpoint/view is to refactor how it works a bit and add some HTMX magicโ„ข so it has a nice snappy UX to it as it dynamically tries to validate the feed and provide useful feedback to the user, that way I can avoid injecting it into the cache unnecessarily in the first place!
prologic
twtxt.net
View Thread
@bender Yeah but I found another bug and just squished that. CD pipeline is gonna roll this pod soonโ„ข -- Basically wasn't handling feeds that redirect properly. e.g: https://google.com => https://www.google.com (_though it's not a feed ๐Ÿคฃ_)=_
prologic
twtxt.net
View Thread
@bender Yeah but I found another bug and just squished that. CD pipeline is gonna roll this pod soonโ„ข -- Basically wasn't handling feeds that redirect properly. e.g: https://google.com => https://www.google.com (_though it's not a feed ๐Ÿคฃ_)=_
prologic
twtxt.net
View Thread
Hmm I see this in the cache again ๐Ÿคฆโ€โ™‚๏ธ Not sure how tbh -- Job for me later.
prologic
twtxt.net
View Thread
Hmm I see this in the cache again ๐Ÿคฆโ€โ™‚๏ธ Not sure how tbh -- Job for me later.
prologic
twtxt.net
View Thread
@bender https://google.com has been removed from the cache (_without nuking the entire cache_) @abucci if you need to selectively do this for some reason, there's a script in the tools directory for this:


$ ./tools/cache_delete_feed.sh 'https://google.com'


Anyway, that's gone. This is much much harder to exploit now, even if you're an authenticated user.
prologic
twtxt.net
View Thread
@bender https://google.com has been removed from the cache (_without nuking the entire cache_) @abucci if you need to selectively do this for some reason, there's a script in the tools directory for this:


$ ./tools/cache_delete_feed.sh 'https://google.com'


Anyway, that's gone. This is much much harder to exploit now, even if you're an authenticated user.
prologic
twtxt.net
View Thread
Time for workโ„ข, But I quickly hacked together a bit of a better solution here. Rolling it out to my pod so we'll see how it _actually_ goes. Still possible to abuse if you're a logged in user, etc, but at least now we delete the invalid/bad feed afterwards if it a) was not even a text//plain content-type or b) it errored out and was a new fetch of a HTTP feed.
prologic
twtxt.net
View Thread
Time for workโ„ข, But I quickly hacked together a bit of a better solution here. Rolling it out to my pod so we'll see how it _actually_ goes. Still possible to abuse if you're a logged in user, etc, but at least now we delete the invalid/bad feed afterwards if it a) was not even a text//plain content-type or b) it errored out and was a new fetch of a HTTP feed.
prologic
twtxt.net
View Thread
Yeah okay.
prologic
twtxt.net
View Thread
Yeah okay.
prologic
twtxt.net
View Thread
@bender Not possible ๐Ÿคฃ
prologic
twtxt.net
View Thread
@bender Not possible ๐Ÿคฃ
prologic
twtxt.net
View Thread
@abucci I mean it's only suppose to do one thing really. What are you thinking here?
prologic
twtxt.net
View Thread
@abucci I mean it's only suppose to do one thing really. What are you thinking here?
prologic
twtxt.net
View Thread
Yeah I was afraid of this. Technically can still be abused by "logged in" users. Hmmm

So we really not trust ourselves? ๐Ÿคฃ๐Ÿ™„
prologic
twtxt.net
View Thread
Yeah I was afraid of this. Technically can still be abused by "logged in" users. Hmmm

So we really not trust ourselves? ๐Ÿคฃ๐Ÿ™„
prologic
twtxt.net
View Thread
@abucci No worries! ๐Ÿ˜…
prologic
twtxt.net
View Thread
@abucci No worries! ๐Ÿ˜…
prologic
twtxt.net
View Thread
But this is super weird, should behave the same as my pod ๐Ÿคฆโ€โ™‚๏ธ
prologic
twtxt.net
View Thread
But this is super weird, should behave the same as my pod ๐Ÿคฆโ€โ™‚๏ธ
prologic
twtxt.net
View Thread
@abucci nuke the cache file before starring
prologic
twtxt.net
View Thread
@abucci nuke the cache file before starring
prologic
twtxt.net
View Thread
How did you nuke your cache?
prologic
twtxt.net
View Thread
How did you nuke your cache?
prologic
twtxt.net
View Thread
@abucci Hmmm weird ๐Ÿค”
prologic
twtxt.net
View Thread
@abucci Hmmm weird ๐Ÿค”
prologic
twtxt.net
View Thread
@abucci You don't actually appear to be running that sha hmmm? ๐Ÿค”
prologic
twtxt.net
View Thread
@abucci You don't actually appear to be running that sha hmmm? ๐Ÿค”
prologic
twtxt.net
View Thread
Hmmm
prologic
twtxt.net
View Thread
Hmmm
prologic
twtxt.net
View Thread
It appears to be working to ๐Ÿ‘Œ silly bots ๐Ÿ™„
prologic
twtxt.net
View Thread
It appears to be working to ๐Ÿ‘Œ silly bots ๐Ÿ™„
prologic
twtxt.net
View Thread
It appears to be working to ๐Ÿ‘Œ silly bots ๐Ÿ™„
prologic
twtxt.net
View Thread
@abucci Bo worries! If you curl it too it'll return a proper 494 ๐Ÿ‘Œ Should make bots go away ๐Ÿคž
prologic
twtxt.net
View Thread
@abucci Bo worries! If you curl it too it'll return a proper 494 ๐Ÿ‘Œ Should make bots go away ๐Ÿคž
prologic
twtxt.net
View Thread
@abucci Blah my cache was poisoned ๐Ÿคฆโ€โ™‚๏ธ it's fine now! And this is no monger possible to do now.
prologic
twtxt.net
View Thread
@abucci Blah my cache was poisoned ๐Ÿคฆโ€โ™‚๏ธ it's fine now! And this is no monger possible to do now.
prologic
twtxt.net
View Thread
@bender Did they win though? Did they?! ๐Ÿคฃ
prologic
twtxt.net
View Thread
@bender Did they win though? Did they?! ๐Ÿคฃ
prologic
twtxt.net
View Thread
@abucci This is already in place. It will error, return 404 Feed Not Found for non-browsers and external feeds are never fetched (_unless you are an authenticated/valid user of the pod_) -- I patched that hole a while ago, because I already picked up it was being abused by bots ๐Ÿค–
prologic
twtxt.net
View Thread
@abucci This is already in place. It will error, return 404 Feed Not Found for non-browsers and external feeds are never fetched (_unless you are an authenticated/valid user of the pod_) -- I patched that hole a while ago, because I already picked up it was being abused by bots ๐Ÿค–
prologic
twtxt.net
View Thread
Support (_and thus abuse reports_) are now disabled on this pod. There's now a new setting in Settings -> Poderator Settings called "Disable Support".
prologic
twtxt.net
View Thread
Support (_and thus abuse reports_) are now disabled on this pod. There's now a new setting in Settings -> Poderator Settings called "Disable Support".
prologic
twtxt.net
View Thread
This happens again today. This is twice just today alone. Hmm I'm reconsidering this feature entirely, rarely used and if it's just going to be abused by spammer, I don't see the value in it. I'm certainly not going to try to build some kind of "anti-spam" filters or anything, sounds cool, I'd learn a lot, but smells of effort and time I simply don't have ๐Ÿ˜ข #spam #sucks
prologic
twtxt.net
View Thread
This happens again today. This is twice just today alone. Hmm I'm reconsidering this feature entirely, rarely used and if it's just going to be abused by spammer, I don't see the value in it. I'm certainly not going to try to build some kind of "anti-spam" filters or anything, sounds cool, I'd learn a lot, but smells of effort and time I simply don't have ๐Ÿ˜ข #spam #sucks
prologic
twtxt.net
View Thread
@slashdot OMG! ๐Ÿ˜ฆ What da hell is going on here?! I used to have a friend that came from North Carolina, this is terrible (attacking power grids) ๐Ÿคฌ wtf are these people smoking?! ๐Ÿšฌ
prologic
twtxt.net
View Thread
@slashdot OMG! ๐Ÿ˜ฆ What da hell is going on here?! I used to have a friend that came from North Carolina, this is terrible (attacking power grids) ๐Ÿคฌ wtf are these people smoking?! ๐Ÿšฌ
prologic
twtxt.net
View Thread
Like why does spammers even bother?! Don't they realize how fucking futile and useless it is to be abuse something like a support form? I mean clearly nothing is going to come of this, except it's going to be clearly ignored and toss in the bin. ๐Ÿคฃ
prologic
twtxt.net
View Thread
Like why does spammers even bother?! Don't they realize how fucking futile and useless it is to be abuse something like a support form? I mean clearly nothing is going to come of this, except it's going to be clearly ignored and toss in the bin. ๐Ÿคฃ
prologic
twtxt.net
View Thread
Wow! My god spammers really try hard song they? ๐Ÿคฃ Geez ๐Ÿคฆโ€โ™‚๏ธ Do we need to make the captcha harder? ๐Ÿ™„
prologic
twtxt.net
View Thread
Wow! My god spammers really try hard song they? ๐Ÿคฃ Geez ๐Ÿคฆโ€โ™‚๏ธ Do we need to make the captcha harder? ๐Ÿ™„
prologic
twtxt.net
View Thread
@lyse to be fair the settings that you can change in the user interface are persisted to the settings YAML file and yes override any environmental command online options. This is always made sense to me because there are subset of settings that can be changed dynamically at runtime without requiring any restart.
prologic
twtxt.net
View Thread
@lyse to be fair the settings that you can change in the user interface are persisted to the settings YAML file and yes override any environmental command online options. This is always made sense to me because there are subset of settings that can be changed dynamically at runtime without requiring any restart.
prologic
twtxt.net
View Thread
@abucci It's good enough IMO ๐Ÿคž
prologic
twtxt.net
View Thread
@abucci It's good enough IMO ๐Ÿคž
prologic
twtxt.net
View Thread
@aelaraji It is if he's turned off open profiles ๐Ÿ‘Œ
prologic
twtxt.net
View Thread
@aelaraji It is if he's turned off open profiles ๐Ÿ‘Œ
prologic
twtxt.net
View Thread
@lyse thank you! ๐Ÿ™‡โ€โ™‚๏ธ
prologic
twtxt.net
View Thread
@lyse thank you! ๐Ÿ™‡โ€โ™‚๏ธ
prologic
twtxt.net
View Thread
@quark Thanks! ๐Ÿ˜…
prologic
twtxt.net
View Thread
@quark Thanks! ๐Ÿ˜…
prologic
twtxt.net
View Thread
I'm happy with the current implementation though, because the only reason you should be hitting the external profile endpoint at all is a) you're logged in and happen to click on someone's profile that is external to the pod or b) you're anonymous and just clicking through the frontpage (see a)
prologic
twtxt.net
View Thread
I'm happy with the current implementation though, because the only reason you should be hitting the external profile endpoint at all is a) you're logged in and happen to click on someone's profile that is external to the pod or b) you're anonymous and just clicking through the frontpage (see a)
prologic
twtxt.net
View Thread
@bender The problem with this is we just don't know until we try. That's why if the external feed you're looking for isn't found in the cache, it'll try to fetch it in the background. It's a bit of a sucky UX really, but its better than the experience of "waiting, waiting waiting and then timeout".
prologic
twtxt.net
View Thread
@bender The problem with this is we just don't know until we try. That's why if the external feed you're looking for isn't found in the cache, it'll try to fetch it in the background. It's a bit of a sucky UX really, but its better than the experience of "waiting, waiting waiting and then timeout".
prologic
twtxt.net
View Thread
I've pushed a slightly improved version of this that will return a HTTP 404 Not Found if the UserAgent is determined to NOT be a Browser.
prologic
twtxt.net
View Thread
I've pushed a slightly improved version of this that will return a HTTP 404 Not Found if the UserAgent is determined to NOT be a Browser.
prologic
twtxt.net
View Thread
Now responds with an error page; but still a 200 OK which I'm not entirely sure I agree with or am happy with? Hmm
prologic
twtxt.net
View Thread
Now responds with an error page; but still a 200 OK which I'm not entirely sure I agree with or am happy with? Hmm
prologic
twtxt.net
View Thread
@abucci I've fixed this and pushed a commit to main. Will test it on my pod and see how it goes. Basically reporting an error if the feed isn't in the cache and you're unauthenticated (anonymous).
prologic
twtxt.net
View Thread
@abucci I've fixed this and pushed a commit to main. Will test it on my pod and see how it goes. Basically reporting an error if the feed isn't in the cache and you're unauthenticated (anonymous).
prologic
twtxt.net
View Thread
@movq Yup! ๐Ÿ‘Œ
prologic
twtxt.net
View Thread
@movq Yup! ๐Ÿ‘Œ
prologic
twtxt.net
View Thread
@abucci Hmmm I'll have a look at this today, hopefully. ๐Ÿคž Thanks for bringing this up! ๐Ÿ™‡โ€โ™‚๏ธ
prologic
twtxt.net
View Thread
@abucci Hmmm I'll have a look at this today, hopefully. ๐Ÿคž Thanks for bringing this up! ๐Ÿ™‡โ€โ™‚๏ธ
prologic
twtxt.net
View Thread
@xuu we really must invest more time and effort into salty im ๐Ÿคฃ
prologic
twtxt.net
View Thread
@xuu we really must invest more time and effort into salty im ๐Ÿคฃ
prologic
twtxt.net
View Thread
@aelaraji good morning! Are you wake up that early?! ๐Ÿคฃ
prologic
twtxt.net
View Thread
@aelaraji good morning! Are you wake up that early?! ๐Ÿคฃ
prologic
twtxt.net
View Thread
@movq it looks like it would kill you. ๐Ÿ˜…
prologic
twtxt.net
View Thread
@movq it looks like it would kill you. ๐Ÿ˜…
prologic
twtxt.net
View Thread
@lyse Definately! Next time I'll make sure I announce it a few days in advance. ๐Ÿ™„๐Ÿ˜…
prologic
twtxt.net
View Thread
@lyse Definately! Next time I'll make sure I announce it a few days in advance. ๐Ÿ™„๐Ÿ˜…
prologic
twtxt.net
View Thread
This โ˜๏ธ
prologic
twtxt.net
View Thread
This โ˜๏ธ
prologic
twtxt.net
View Thread
@movq I certainly am ๐Ÿคฃ I wonder whether she is one of the yontest? ๐Ÿค”
prologic
twtxt.net
View Thread
@movq I certainly am ๐Ÿคฃ I wonder whether she is one of the yontest? ๐Ÿค”
prologic
twtxt.net
View Thread
My 9yr old daughter just made her Git commit today, her first website, setup two-factor authentication and used several credentials (_which I helped her with_) ๐Ÿคฃ -- next lessons: password hygiene/management.
prologic
twtxt.net
View Thread
My 9yr old daughter just made her Git commit today, her first website, setup two-factor authentication and used several credentials (_which I helped her with_) ๐Ÿคฃ -- next lessons: password hygiene/management.
prologic
twtxt.net
View Thread
@movq It's all in this single [Converge()](https://git.mills.io/yarnsocial/yarn/src/commit/4f8a3570cf93dd02d1a4652131a6ac4f3ac22884/internal/cache.go#L1403-L1456) method. Let me see if I can decipher and document wtf is going on here...
prologic
twtxt.net
View Thread
@movq It's all in this single [Converge()](https://git.mills.io/yarnsocial/yarn/src/commit/4f8a3570cf93dd02d1a4652131a6ac4f3ac22884/internal/cache.go#L1403-L1456) method. Let me see if I can decipher and document wtf is going on here...
prologic
twtxt.net
View Thread
@movq Yeah, they should rotate though, but yes.
prologic
twtxt.net
View Thread
@movq Yeah, they should rotate though, but yes.
prologic
twtxt.net
View Thread
@hacker-news-newest Oh! Wow! ๐Ÿ˜ฎ Does anyone know or have any insight as to the arrest of the Telegram CEO (Pavel Durov)? ๐Ÿค” #Telegram
prologic
twtxt.net
View Thread
@hacker-news-newest Oh! Wow! ๐Ÿ˜ฎ Does anyone know or have any insight as to the arrest of the Telegram CEO (Pavel Durov)? ๐Ÿค” #Telegram
prologic
twtxt.net
View Thread
@aelaraji Please do! ๐Ÿ˜