Auto-import of deny lists
Technical Discussion
7
Posts
3
Posters
46
Views
-
NodeBB has a very simple allow/deny list capability at present. You paste in a bunch of newline-separated domains, and we block (or optionally, only allow) them all.
On the road to more fine-grained controls, I discovered that IFTAS publishes a Do Not Interact list in an importable CSV format.
As maintenance of these lists is important (adding new entries as well as handling removals), it looks to be increasingly important that I add into NodeBB the functionality to follow these lists automatically and update as necessary.
-
The problem with the CSV format, is that it doesn't tell you what was removed, only the current state of the data, so you'd need to store previous CSV files to detect removals by diffing new versus old.
-
@julian you might want to check out what GoToSocial does on this front -- it seems very well thought out
-
This is not an issue if you are rebuilding the instance wide deny list every time it is updated.
In that case, whenever the list is rebuilt any removed entries will simply not appear in the new list.
-
julian in which case you loose anything you manually needed to add. We've had so many conversations about this..
-
thisismissem not necessarily, I'm planning to build this out as a separate collection of CSV lists, in addition to a list you manually curate. 🙂
-
Just spend the tiny bit of extra time and implement basic support for federation policies. Keep track of data snd where it comes from, such that you can react to changes over time
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
I think the wrapping in <p> is just plain good practice because otherwise rendered content could be injected somewhere resulting in invalid HTML.
Not that browsers ever reject bad HTML anyway heh</p>
-
>Can you explain what goes on in mitra?
When mediaType is text/markdown, the entire content is wrapped in a <p> tag. This was done for compatibility with PeerTube. I think <p> was needed to create a space between the title (name) and the content, since title is prepended to content in Mitra (also a compatibility hack -- for Mastodon API clients).
-
I'd generally discourage RFC7591 in decentralized systems due to the fact that it creates client sprawl (this is currently a problem with Mastodon's client registration mechanism, which is why we created CIMDs) — every client in RFC7591 is a distinct client, with its own client_id and client_secret, which can make client management interfaces difficult to implement (e.g., every time you login on a mobile device or SPA, you'll get a brand new client_id). CIMDs solve this by anchoring client metadata to a URI, and using that URI as the client_id.
If you need to test clients using CIMDs in development, there is cimd-service however, it's currently targeting the AT Protocol ecosystem (so has a few specifics that at present there that would not necessarily make sense of ActivityPub)
-
Speaking of handling markdown. I created funfedi.dev Media Types a while ago (and just added it to the navigation). I lost interest when I saw that nobody properly handled the mediaType attribute of a note. Not that I know what I expected.
Can you explain what goes on in mitra? When mediaType is text/markdown. It changes __bold__ to <p>__bold__</p>, otherwise no paragraph tags. I'm pretty sure, I was once told to use __ for bold and * for emphasize. So my markdown should be good.
Full example ... input activity -> mitra api response
Final note: I am not sure what I would want a proper data format to do. I find the solution of W3C ActivityPub (not W3C ActivityStreams) proposes of putting HTML in content and adding source with the original, from which the HTML was generated ok. Of course, this leaves the existence of the summary and name field superfluous.
-
@reiver@mastodon.social add in NodeBB as well. Markdown first, and probably HTML too, although it will probably be sanitized to death on the way out.
-
@mariusor that's too bad. All I have left is mussels, French fries, large-scale bureaucracy, and peeing statues.
-
@reiver #WriteFreely uses Markdown by default too, but of course sends out HTML to the fediverse
-
@reiver Markdown or its subset is supported by almost every platform except Mastodon.
But PeerTube is the only software I know that puts markdown in content instead of HTML.
