Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

handle www subdomain #52

Open
snarfed opened this issue May 17, 2019 · 9 comments

Comments

Projects
None yet
2 participants
@snarfed
Copy link
Owner

commented May 17, 2019

@kickscondor reported that following their site from Mastodon isn't completing. i reproduced from @snarfed@mastodon.technology. looking at the bridgy fed logs, we get the AP Follow request, and send this Accept:

{
  "@context": "https://www.w3.org/ns/activitystreams",
  "object": {
    "object": "https://fed.brid.gy/www.kickscondor.com",
    "type": "Follow",
    "actor": "https://mastodon.technology/users/snarfed"
  },
  "type": "Accept",
  "id": "tag:fed.brid.gy:accept/kickscondor.com/https://mastodon.technology/1b4f5bd8-7f3b-4501-89cc-b9b223a09e37",
  "actor": "https://fed.brid.gy/www.kickscondor.com"
}

...to which mastodon returns HTTP 401 with no body. 😢

i suspect the problem is that we're mixing kickscondor.com and www.kickscondor.com.

https://kickscondor.com/ itself redirects to https://www.kickscondor.com/ , which is fine. both domains redirect bridgy fed's paths (webfinger etc) to bridgy fed directly, which should also be fine.

however, note that the actor in the AS2 activity above is www, but the id is the naked domain. we also store and return different public keys via webfinger for www vs naked, below, which is probably the root cause of the 401.

subject: acct:kickscondor.com@kickscondor.com
data:application/magic-public-key,RSA.oYe2XI8f3TdSI9Laagw7kPPvXr_GSN5h6F6XLA3STBlYpqqaZTXp8Xe6lp8U0BTkG8-NF9ueSO1chbDOx5rCICUaLawSKK8eI18_DqgrOy9xHS28Z_TWXJSiHZEvBpI3hmEZPpDwgdnnaNZCC5MsmdSepl7mH9WWkPxYOiC7vMk=.AQAB

subject: acct:www.kickscondor.com@www.kickscondor.com
data:application/magic-public-key,RSA.rCiWTbbPprgvZJMdVbvWzCRDHw6ebGtc1BxLcWJIYhkqrQjx5YFBec2Owzn16Ht6yg_dnGQmL1p5mgS8O_f3Ghin1WGC4aShUnKkU1Ia2Hkv-1wEt757GvUhpFgXwPg3xvCTrJwBs_Ypxb5MbMqrBoRQVHXU0tg5XJIkFpiFNU8=.AQAB

(#29 is somewhat related, but probably not the same thing, since its error actually included the message Public key not found.)

@kickscondor

This comment has been minimized.

Copy link

commented May 17, 2019

Okay, wow, thanks for looking at this! I have really not wanted to bother you, considering all of the projects you have going on.

I'm okay to just use @www.kickscondor.com@www.kickscondor.com then - however, I wonder why that also isn't working. The 'actor' and 'id' should match in that case.

@snarfed

This comment has been minimized.

Copy link
Owner Author

commented May 20, 2019

looks like a handful of www sites have nudged bridgy fed, so it has registered users and keys for them, but barely any actual usage. so i may globally drop www from domains in AS2 ids and AP usernames and hosts.

aka, "Just drop the [www]. It's cleaner." :trollface:

@kickscondor

This comment has been minimized.

Copy link

commented May 20, 2019

I would love to drop the 'www' but there's a trouble with Webmentions: I don't want my blog to refire all the Webmentions without the 'www' and create a bunch of duplicates. This was a dumb decision on my part - I liked the 'www' (nostalgia), but now I don't care (practicality).

How does bridgy handle blogs at other subdomains - such as 'blog.kickscondor.com'?

@snarfed

This comment has been minimized.

Copy link
Owner Author

commented May 20, 2019

@kickscondor bridgy fed hasn't (successfully) federated any posts from your site, so afaik there wouldn't be any duplicates. (technically it's federation, not POSSE, so there aren't any "copies" of posts anywhere anyway, but that's a minor point.)

How does bridgy handle blogs at other subdomains - such as 'blog.kickscondor.com'?

you mean bridgy fed? it doesn't do anything special for any subdomains, it treats all domains/hostnames equally, regardless of level. www is the only one i'm considering special casing right now. open to thoughts.

@kickscondor

This comment has been minimized.

Copy link

commented May 20, 2019

I'm sorry - by 'copies' I was referring to all of the other sites (not brid.gy) that I interact with. I don't want to send them dupes. There are ways around this - but I'd rather just live with my mistake, if I can.

You mean bridgy fed? it doesn't do anything special for any subdomains, it treats all domains/hostnames equally, regardless of level. www is the only one i'm considering special casing right now. open to thoughts.

Yes, Bridgy Fed. I guess I'm back to my original question: if other subdomains work fine, then why wouldn't @www.kickscondor.com@www.kickscondor.com work right now? It has no redirects.

Thank you for your replies - I am so sorry to take your time.

@snarfed

This comment has been minimized.

Copy link
Owner Author

commented May 20, 2019

np!

re why www isn't working, as mentioned earlier, bridgy fed is currently mixing www and naked domain when it talks AP:

however, note that the actor in the AS2 activity above is www, but the id is the naked domain. we also store and return different public keys via webfinger for www vs naked, below, which is probably the root cause of the 401.

that's just a bug i'll fix.

@kickscondor

This comment has been minimized.

Copy link

commented May 20, 2019

Hey, thank you for your replies, Ryan - and for all of your very useful projects.

@snarfed snarfed changed the title mastodon replying 401 to AP Accept of Follow handle www subdomain May 21, 2019

@snarfed

This comment has been minimized.

Copy link
Owner Author

commented May 30, 2019

I've been looking at this more, and i think i was actually wrong before. the idof the activity we send is indeed the naked domain even for a follow of www, but that shouldn't matter. Mastodon should still look up the actor's key from the instance hostname, which afaict it does.

so, it still seems like following the www version should work. Mastodon is returning 401, which implies that it's unhappy with our signature for some reason. so maybe it is getting the wrong key somehow, or maybe it's something else altogether.

@kickscondor

This comment has been minimized.

Copy link

commented Jun 6, 2019

Cool - I appreciate you digging around. It's times like this that I wish ActivityPub and Mastodon weren't so complex. Thanks for all you're doing!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.