friendica/friendica-directory
7
3
Fork 3
Code Issues 17 Pull requests Releases 17 Wiki Activity

Remove obsolete profile.dfrn_request field #87

Merged
heluecht merged 8 commits from MrPetovan/friendica-directory:task/86-remove-dfrn_request into stable 2022-05-11 06:17:42 +02:00
Conversation 8 Commits 8 Files changed 20 +181 -60
MrPetovan commented 2022-04-26 04:09:53 +02:00
Owner
Copy link

Closes #86

This PR replaces the zrl query parameter with the srl parameter which is supposed to contain the subscribe URL as described in the requesting Friendica node XRD output.

@heluecht Should I keep the zrl parameter around for backward compatibility or is the subscribe URL old enough to skip this?

Closes #86 This PR replaces the zrl query parameter with the srl parameter which is supposed to contain the subscribe URL as described in the requesting Friendica node XRD output. @heluecht Should I keep the zrl parameter around for backward compatibility or is the subscribe URL old enough to skip this?
👍 1 🚀 1
heluecht was assigned by MrPetovan 2022-04-26 04:09:53 +02:00
MrPetovan added the
enhancement
 label 2022-04-26 04:10:06 +02:00
MrPetovan requested review from heluecht 2022-04-26 04:10:14 +02:00
heluecht was unassigned by MrPetovan 2022-04-26 04:10:16 +02:00
heluecht commented 2022-04-26 06:13:43 +02:00
Owner
Copy link

Friendica is providing this "subscribe" functionality for many, many years.

But I have got a question: Why don't we perform a webfinger request via /.well-known/webfinger?resource={uri} with {uri} set to the value of zrl and fetch the value for http://ostatus.org/schema/1.0/subscribe from there? This would provide support for most of the Friendica servers.

Friendica is providing this "subscribe" functionality for many, many years. But I have got a question: Why don't we perform a webfinger request via `/.well-known/webfinger?resource={uri}` with `{uri}` set to the value of `zrl` and fetch the value for ` http://ostatus.org/schema/1.0/subscribe` from there? This would provide support for most of the Friendica servers.
MrPetovan commented 2022-04-26 14:02:58 +02:00
Author
Owner
Copy link

I see what you mean, but with your idea this would also deteriorate the frontend experience that would depend on a remote node lookup.

Instead I think we can store the subscribe URL for each server, and replace the zrl parameter with the srl parameter by matching the profile URL with the server base. This way the remote lookup will be done in the background as part of the server polling.

I see what you mean, but with your idea this would also deteriorate the frontend experience that would depend on a remote node lookup. Instead I think we can store the subscribe URL for each server, and replace the zrl parameter with the srl parameter by matching the profile URL with the server base. This way the remote lookup will be done in the background as part of the server polling.
MrPetovan removed review request for heluecht 2022-04-26 14:03:04 +02:00
heluecht commented 2022-04-27 05:46:46 +02:00
Owner
Copy link

Couldn't it be a security issue when we pass that value without processing?

Couldn't it be a security issue when we pass that value without processing?
MrPetovan commented 2022-04-27 13:21:13 +02:00
Author
Owner
Copy link

Unfortunately, you are right, I guess we have to use the XRD fetch then, which will prevent accounts coming from nodes the directory doesn't know about to have a direct follow link.

Unfortunately, you are right, I guess we have to use the XRD fetch then, which will prevent accounts coming from nodes the directory doesn't know about to have a direct follow link.
MrPetovan changed title from Remove obsolete profile.dfrn_request field to WIP: Remove obsolete profile.dfrn_request field 2022-04-27 14:01:51 +02:00
heluecht commented 2022-04-28 12:42:18 +02:00
Owner
Copy link

When someone is calling the directory directly, we could do it like Mastodon does: https://social.network.europa.eu/explore

When you click on "follow", some window opens where you enter your handle. Then the system performs this XRD request and the follow action is executed.

When someone is calling the directory directly, we could do it like Mastodon does: https://social.network.europa.eu/explore When you click on "follow", some window opens where you enter your handle. Then the system performs this XRD request and the follow action is executed.
MrPetovan commented 2022-04-29 12:42:03 +02:00
Author
Owner
Copy link

It looks like we could open the target server's /remote_follow page to do this instead of having to create a directory page for it, it's been available since February 2020.

It looks like we could open the target server's `/remote_follow` page to do this instead of having to create a directory page for it, it's been available since February 2020.
MrPetovan commented 2022-05-01 14:23:32 +02:00
Author
Owner
Copy link

And /dfrn_request has been available until July 2021, so I could check the version tag to show either.

And `/dfrn_request` has been available until July 2021, so I could check the version tag to show either.
MrPetovan force-pushed task/86-remove-dfrn_request from 69f08e68d1 to 46083b2a49 2022-05-01 15:31:02 +02:00 Compare
MrPetovan force-pushed task/86-remove-dfrn_request from 46083b2a49 to 9e1984e3d6 2022-05-07 22:04:34 +02:00 Compare
MrPetovan force-pushed task/86-remove-dfrn_request from 9e1984e3d6 to bd6c9e20b0 2022-05-07 22:05:21 +02:00 Compare
MrPetovan changed title from WIP: Remove obsolete profile.dfrn_request field to Remove obsolete profile.dfrn_request field 2022-05-07 22:06:10 +02:00
MrPetovan force-pushed task/86-remove-dfrn_request from bd6c9e20b0 to e65bb660ce 2022-05-07 22:10:55 +02:00 Compare
MrPetovan requested review from heluecht 2022-05-07 22:12:55 +02:00
MrPetovan commented 2022-05-07 22:14:30 +02:00
Author
Owner
Copy link

I feel better about this new version. No more SRL parameter, we just use the ZRL as before, from which we try to get the relevant subscribe URL from the data the directory has. If we don't have it, we show the /remote_follow URL if the target node's version allows it.

No changes required in the base Friendica repository for maximum backward compatibility.

I feel better about this new version. No more SRL parameter, we just use the ZRL as before, from which we try to get the relevant subscribe URL from the data the directory has. If we don't have it, we show the `/remote_follow` URL if the target node's version allows it. No changes required in the base Friendica repository for maximum backward compatibility.
heluecht merged commit 3f38b3adea into stable 2022-05-11 06:17:42 +02:00
MrPetovan deleted branch task/86-remove-dfrn_request 2022-05-12 15:09:33 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
heluecht
Labels
Clear labels   
bug

Something isn't working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature or request

  
good first issue

Good for newcomers

  
help wanted

Extra attention is needed

  
invalid

This doesn't seem right

  
question

Further information is requested

  
wontfix

This will not be worked on

No labels
bug
duplicate
enhancement
good first issue
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: friendica/friendica-directory#87
No description provided.
Delete branch "MrPetovan/friendica-directory:task/86-remove-dfrn_request"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?