| 05:17 | <annevk> | igrigorik: GitHub was not interested in fixing the redirect issue because HTTPS support is not supported |
| 05:18 | <annevk> | igrigorik: I pointed out it clearly works, just not the redirects, no reply yet... |
| 05:22 | <annevk> | igrigorik: you might be right about CSP, I guess once the processing model is clear that should be easy enough to evaluate |
| 05:23 | <annevk> | igrigorik: I'm still worried that you can download something using img-src and if the cache doesn't store that you can then use it for script-src, but who knows |
| 05:35 | <MikeSmith> | annevk: did you take a look at https://github.com/zaach/jsonlint |
| 05:36 | <annevk> | MikeSmith: briefly |
| 05:36 | <annevk> | MikeSmith: did you listen to http://mozaic.fm/post/108439721723/14-whatwg? |
| 05:36 | <MikeSmith> | eh |
| 05:36 | <MikeSmith> | what is this |
| 05:36 | <annevk> | MikeSmith: I don't have npm I think |
| 05:36 | <MikeSmith> | oh it's Yakura-san, and Hiro |
| 05:37 | <MikeSmith> | annevk: well you should have npm... |
| 05:37 | <MikeSmith> | this seems like a good use case for setting it up |
| 05:38 | <annevk> | I really dislike software with tons of dependencies that infects all kinds of directories and I can never be sure whether it's gone from the OS or how it actually works |
| 05:38 | <annevk> | But I guess... |
| 05:39 | <MikeSmith> | yeah sadly that sorta describes npm pretty well |
| 05:39 | <MikeSmith> | but if you have to work with python you probably have had to use pip or whatever |
| 05:39 | <MikeSmith> | anyway |
| 05:40 | <MikeSmith> | wow this podcast is pretty interesting, even just from looking at the agenda, and listening to the first few minutes |
| 05:40 | <annevk> | MikeSmith: yes, I have the same problem with Python :-) |
| 09:48 | <annevk> | Yay, down to two open issues for https://encoding.spec.whatwg.org/ |
| 09:48 | <annevk> | And neither is something I can address |
| 09:50 | <MikeSmith> | "Filing this issue so hopefully one day a browser can experiment and figure out if this is doable." |
| 09:50 | <MikeSmith> | kind like putting a message in a bottle and throwing it into the ocean |
| 09:52 | <annevk> | hah |
| 09:52 | <annevk> | So hsivonen expressed interest in doing it at some point, that's why it's not completely dead |
| 09:52 | <annevk> | But it wasn't worth keeping the original bug open for that and therefore keep having the "legacy open bugs" link at the top of the Standard |
| 09:55 | <MikeSmith> | what blocks the other bug? |
| 09:55 | <MikeSmith> | needs further implementor feedback? |
| 10:08 | <annevk> | MikeSmith: yeah, need to figure out if it's actually feasible |
| 10:09 | <annevk> | I'm pretty happy to have resolved all bugs around encoders/decoders though |
| 10:09 | <annevk> | Was less work than expected |
| 11:17 | <annevk> | JakeA: how is progress on promise.abort() going? |
| 11:18 | <JakeA> | annevk: halted :( been given tight deadlines for other things, and I think Domenic is busy too |
| 11:18 | <JakeA> | Domenic: you got any spare time coming up? |
| 11:18 | <annevk> | If he does, perhaps IDL can finally get some love |
| 11:22 | <annevk> | JakeA: do you know balfanz from https://github.com/whatwg/fetch/issues/30? |
| 11:22 | <annevk> | JakeA: I'd like to help them out, but communication seems to be going rather poorly |
| 11:24 | <JakeA> | annevk: I don't know them. Not familiar with token binding at all, but will try to go through that doc |
| 11:31 | <annevk> | JakeA: don't worry about it if you have deadlines, this has been going on for a while now |
| 11:32 | <JakeA> | Maybe in a couple of weeks I'll feel more in control and wonder what I was panicking about. That's usually how it goes. |
| 11:34 | <annevk> | wanderview: where did the fetch() tests go from Chrome? |
| 12:32 | <annevk> | MikeSmith: https://www.w3.org/Bugs/Public/show_activity.cgi?id=27502 last activity looks suspect |
| 13:20 | <wanderview> | annevk: we have not imported them yet https://bugzilla.mozilla.org/show_bug.cgi?id=1186106 |
| 13:28 | <Huvet> | can I ask questions about html5lib here? |
| 13:29 | <Huvet> | (python implementation) |
| 13:29 | <Ms2ger> | Sure |
| 13:30 | <Huvet> | I would like to write a small script that parses a html snippet, removes all style and script tags, and then serializes it out as a string with HTML again. This is how far I've come: http://dpaste.com/3CD5V55 |
| 13:31 | <Huvet> | but when serializing I get the error: AttributeError: 'TreeWalker' object has no attribute 'getroot'" |
| 13:31 | <Ms2ger> | Ah, the mess of python tree apis :/ |
| 13:32 | <Huvet> | yeah, if anyone has better ideas of how to get this done I'm all ears |
| 13:33 | <Ms2ger> | I wish |
| 13:34 | <Huvet> | the question becomes: how do i serialize a lxml tree? |
| 13:35 | <Ms2ger> | I wish I could say something useful, but I always have similar issues |
| 13:37 | <MikeSmith> | annevk: Thanks, disabled that bugzilla account |
| 13:38 | <Huvet> | I did it! http://dpaste.com/0PN6E5F |
| 14:51 | <wanderview> | annevk: is there any way for the body of an opaqueredirect to be actually used? its not exposed to script and it seems the UA won't look at it |
| 15:18 | <Domenic> | JakeA: no real spare time, but I've been trying to figure out Q4 goals and wondering if cancelable promises should be one of them... |
| 15:51 | <annevk> | wanderview: nope |
| 16:04 | <igrigorik> | annevk: re, Github.. wow, really? That's not like them. I might have to resort to public shaming. |
| 16:06 | <annevk> | igrigorik: I got another follow up |
| 16:06 | <annevk> | igrigorik: the problem is their CDN |
| 16:07 | <annevk> | igrigorik: which they have said before, so basically HTTPS is only partially supported... |
| 16:07 | <igrigorik> | when in doubt, always blame the CDN! Fastly? We can bug them too :) |
| 16:07 | <annevk> | igrigorik: but yeah, shaming might work, at some point they have to start offering HSTS et al |
| 16:07 | <annevk> | igrigorik: they didn't mention which CDN, could be |
| 16:08 | <igrigorik> | github.io maps to github.map.fastly.net, so it is Fastly. did they say what the issue actually is? |
| 16:09 | <JakeA> | Domenic: might be an idea, my end of year is looking messy :( |
| 16:09 | <annevk> | igrigorik: just that they're not in control |
| 16:09 | <annevk> | igrigorik: could shame Fastly asking when they'll finally properly support github.io |
| 16:09 | <igrigorik> | who are you talking to at Github? Any chance you can cc me and I can loop in the fastly crew? |
| 16:10 | <annevk> | was an exchange with someone from support |
| 16:10 | <igrigorik> | hmm, ok, I'll kick off a separate thread then |
| 16:11 | <annevk> | I forwarded you an email |
| 16:11 | <igrigorik> | cool, thanks. |
| 16:41 | <terinjokes> | anyone know whom i should talk to at w3 about upgrading the OpenSSL version used for their Feed Validation Service? |
| 16:42 | <Ms2ger> | systeam@? |
| 16:43 | <annevk> | and MikeSmith most likely |
| 16:43 | <terinjokes> | people have been reporting the bug to the list since at least last October |
| 16:43 | <annevk> | there's also #sysreq on irc.w3.org |
| 16:44 | <ccardona-work> | Good morning and happy friday WHATWG crew 😎✌🏽 |
| 16:44 | <terinjokes> | ccardona-work: morning |
| 16:44 | <terinjokes> | annevk: thanks, i'll try there |
| 16:45 | <annevk> | ccardona-work: good evening! |
| 16:45 | <ccardona-work> | annevk: :) Did I at least get the Friday bit correct? |
| 16:45 | <annevk> | ccardona-work: yes! |
| 16:45 | <ccardona-work> | score |
| 16:46 | <Ms2ger> | Not in Tokyo ;) |
| 16:46 | <annevk> | Yeah, seems MikeSmith is ahead of us |
| 16:46 | <ccardona-work> | :) |
| 16:46 | <annevk> | and hopefully asleep |
| 16:46 | <ccardona-work> | MikeSmith: is always ahead of us :) |
| 16:46 | <ccardona-work> | Thoughtleader && time leader |
| 16:46 | <igrigorik> | annevk: based on our chat yesterday: https://rawgit.com/w3c/preload/processing/index.html#processing - see 'obtain' section.. wdyt? |
| 16:48 | <annevk> | igrigorik: seems to be heading in the right direction |
| 16:48 | <igrigorik> | there are other details to work out there, but first want to resolve the as -> type mapping.. |
| 16:50 | <igrigorik> | as written, <link rel=preload as=image href=thing.jpg> would be initialized with Request.type=image and will be subject to image-src. |
| 16:51 | <annevk> | igrigorik: so... say I have CSP img-src: example.com elsewhere.com; script-src: elsewhere.com |
| 16:51 | <annevk> | igrigorik: <link rel=preload as=image href=example.com> |
| 16:51 | <annevk> | example.com redirects to elsewhere.com |
| 16:51 | <annevk> | I then do <script src=elsewhere.com>, does it get the preloaded resource? |
| 16:52 | <igrigorik> | annevk: no, it shouldn't.. when you request it via <script> the request.type won't match, since that was set to image. |
| 16:53 | <annevk> | igrigorik: so you store the type in the preload cache? |
| 16:54 | <igrigorik> | annevk: yeah, we'll need that to get the plumbing right.. afaik, SW caches api does that already? |
| 16:55 | <annevk> | the Cache API stores the Request, but it doesn't use everything when matching |
| 16:55 | <annevk> | it won't use type for instance |
| 16:56 | <igrigorik> | I see, then yeah we might need to sort out that plumbing and include that check. As I noted later in that doc the 'preload/fetch cache' is a bit of a magical thing in the browsers today.. we need to figure out how to spec-explain it :) |
| 16:57 | <annevk> | Perhaps you can reuse some stuff from the CORS cache |
| 16:57 | <annevk> | It's not that hard to define a cache in prose, you just need to be clear about when writing and reading happens and what happens for misses and such |
| 16:58 | <annevk> | And the conditions of course, such as whether type needs to match :-) |
| 17:00 | <annevk> | https://twitter.com/jacobrossi/status/634768416088424448 this is great |
| 17:00 | <annevk> | igrigorik: why do you have nigiri as favicon? :-) |
| 17:01 | <igrigorik> | thanks for the tip, I'll take a look.. On that note though, seems like the lookup logic should live in Fetch? Since, implicitly what we have today is: prefetch cache -> HTTP cache -> network |
| 17:01 | <annevk> | ooh, that's from rawgit.com |
| 17:01 | <igrigorik> | yeah :) |
| 17:01 | <annevk> | igrigorik: yeah, the lookup needs to happen in Fetch someplace |
| 17:02 | <igrigorik> | you're looking at a branch.. I haven't landed those updates yet. wanted to get a sanity check first. |
| 17:02 | <annevk> | igrigorik: ideally just a simple hook where I invoke something in preload |
| 17:02 | <annevk> | igrigorik: and preload returns me a response, and if I have a response I simply don't go to the network (or the service worker?) |
| 17:03 | <igrigorik> | annevk: yep, makes sense.. since SW could have served the prefetch response ^_^ |
| 17:03 | <annevk> | right |
| 17:05 | <igrigorik> | annevk: Ok, well, sounds like the 'as' bits are in a reasonably good place. I'll land that as a start and we can iterate on the cache bits to define all the matching + hooks semantics. |
| 17:18 | annevk | curses blob URLs |
| 19:03 | <annevk> | nox: is https://twitter.com/nokusu/status/634686055548100608 your work? |
| 19:03 | <annevk> | nox: sounds pretty cool |
| 19:03 | <nox> | annevk: That's me yes. |
| 19:03 | <nox> | @RustLang RT'd it, I keep getting notifications now, hah. |
| 19:09 | <annevk> | nox: it's kind of cool that even encoding/decoding can use this stuff |
| 21:24 | <jamesr___> | convert ASCII to UTF-8 |
| 21:24 | <jamesr___> | ? |
| 21:24 | <jamesr___> | is that not memcpy() ? |
| 21:26 | <jamesr___> | oh, the input bytes are maybe ASCII but you still have to check? |
| 23:05 | <MikeSmith> | terinjokes: I would guess that whatever version of openssl running on that host is whatever security-patched version is currently in debian stable |
| 23:58 | <TabAtkins> | annevk: I'm rewriting the serializer to be more opinionated about formatting (and as a result, no longer strew bonus newlines everywhere). |
| 23:58 | <TabAtkins> | Since you care about the output, what do you prefer in the situation where a block element contains only inline content: |
| 23:59 | <TabAtkins> | (a) the block's start tag, content, and end tag are all on the same line, or |
| 23:59 | <TabAtkins> | (b) the block's start tag is on one line, the content is indented on the next line, and the end tag is on a third line |