Re: could we have some sort of Is-Autonomous header?
Evert Pot <me@evertpot.com> Sun, 17 March 2024 15:54 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA622C14F5EB for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 17 Mar 2024 08:54:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.856
X-Spam-Level:
X-Spam-Status: No, score=-7.856 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="YN8blEuy"; dkim=pass (2048-bit key) header.d=w3.org header.b="OShBcnBv"; dkim=pass (2048-bit key) header.d=evertpot.com header.b="Jh70BZ9v"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="v6bR+vS/"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hkORAgYy3xsN for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 17 Mar 2024 08:54:05 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E857C14F5EA for <httpbisa-archive-bis2Juki@ietf.org>; Sun, 17 Mar 2024 08:54:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:In-Reply-To:From:References:To:MIME-Version:Date:Message-ID: Content-Type:Cc:Reply-To; bh=qBraThqazdhiyZLcPmY1ZENoxb/c/a1IGE8EDogsPhc=; b= YN8blEuyvuUF8ZpsMQAgFduDutamj9dCX4RqHvZxUw1qyo/ZjSr6wVdor3fpxiCgHEaGNDnEVI2m2 Zd2efh3ZDAn4Dqbgf7z9K6VMvBF3gwyRNhaiSuypFJ+KkCG02y3LmoakAgn7Vhr56uAIk1HkUyisE 40bvr4amETm7xjWspcM5VCSQswWMOZfbVsnCeeOzsUKzxecW385uMpTRNOEfruoTGvoIDzltOr6g3 iVVQVQY57ZTdqRDpL3XKSUQNfa38k7mayJ/Vp/8/BXp4khqzep2T+Aht1uTYc0Ujn8luYzrXajDjd djUg+EPQ8MsDs2wOS8sIvd8LDzPd937LZw==;
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1rlspa-00EmeU-2w for ietf-http-wg-dist@listhub.w3.org; Sun, 17 Mar 2024 15:53:50 +0000
Resent-Date: Sun, 17 Mar 2024 15:53:50 +0000
Resent-Message-Id: <E1rlspa-00EmeU-2w@lyra.w3.org>
Received: from pan.w3.org ([3.222.182.102]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <me@evertpot.com>) id 1rlspW-00EmdS-Uw for ietf-http-wg@listhub.w3.org; Sun, 17 Mar 2024 15:53:47 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=In-Reply-To:From:References:To:Subject:MIME-Version:Date:Message-ID: Content-Type:Cc:Reply-To; bh=qBraThqazdhiyZLcPmY1ZENoxb/c/a1IGE8EDogsPhc=; t=1710690826; x=1711554826; b=OShBcnBvyVjrr0/6+zWCKrDPnbTlg1mMjg/v2cdePTVJj3d 1QLEsME7KLveFla9AU1l+H6W6DVy7wsSE/MJ8/dTvZMX4VfwtABZ8M2D7XGCU7i41nJMvqu2gmX// zjQn+Q2/Qv00hAQn7pSNwgIMEsDgXu3KZSRl2qE3nJc1GMhmhhUOtnpWSjp7gCgREUmOeBRJ5K35l 32OZ5xMqfILc4vtC4bJo7hYtf8xj/ODhcPIe4hOqb6LbhrgvFiNAP3oHdRkVcrPA66A07xu8DUulp IN/rE94J8PgSt+kJLMQXcWlOQljvYUUtu3jwQ19mJjdZ29nYdPDHJsRy8ewtE5/w==;
Received-SPF: pass (pan.w3.org: domain of evertpot.com designates 66.111.4.25 as permitted sender) client-ip=66.111.4.25; envelope-from=me@evertpot.com; helo=out1-smtp.messagingengine.com;
Received: from out1-smtp.messagingengine.com ([66.111.4.25]) by pan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <me@evertpot.com>) id 1rlspW-00CNx2-0F for ietf-http-wg@w3.org; Sun, 17 Mar 2024 15:53:46 +0000
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id C36B95C0064 for <ietf-http-wg@w3.org>; Sun, 17 Mar 2024 11:53:42 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Sun, 17 Mar 2024 11:53:42 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evertpot.com; h= cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm1; t=1710690822; x=1710777222; bh=qBraThqazd hiyZLcPmY1ZENoxb/c/a1IGE8EDogsPhc=; b=Jh70BZ9vDYq6huMr1lWKbENeSY oSkpNnI9LhjJ6YPjtSQdr+j72cWs/NTs7OaGgpjJ22XSAu2I6SNlIsfi/mL5Vf4X jahKigPhYqyWk14QMZd8IifRd+KW2Bi0gb0hd5pphvP998Dq9ewfgutwrwt6GwZP SvC0JEjVGtGAuf6Nh3co3WrXQWsYN8Y2WY1V0o+7xStAtlfnFFND0YQf1cZvY/OP nawwmgkjProq82dDmbA2CZstEMCZ1hwuhJ8LHVTBcbodL8+Gtv9hZOFBeXjWkofh yI2ra6wZHMC2xGo4XtJJaYgdYssTMgTsvmkPekc2rNYLAw9/IhvN1DwDnDyQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1710690822; x=1710777222; bh=qBraThqazdhiyZLcPmY1ZENoxb/c /a1IGE8EDogsPhc=; b=v6bR+vS/QQMKb+0j1Xo62XKIX8PQNeTZUDUTT0mOBB9O 2PPpkuSJfE27e9xHYRuf/ZvEH2PwYiRjCdJfXER2MhOmbn8ZLKrfUyqSpcS+96E9 4XwQMW/UYaRmmLVFJhiEnIri9Apy9K1sehVgZPBblBRGLdyEhc5UMhX/Iqt5G80A RlTRnCggE4ijIDvoG+pXZ+9VhOXvVzxtV81o2KhTZOM0mi+g0GheT6SDqR3IlFGP dJXv+PxmGBLHt7nY8OP1peYMmJMymJ0qFWmrsMXcLgWh61+uvhh9z4/tei9p7QNP 9YJT5GlcIL+Xz1VGjuAzdn+fQa9mJd7emcc0SZSOUA==
X-ME-Sender: <xms:BhL3Zcgrs16vpDErzHn3-OrNREPbjmPhrWw6mxEUTqKXUvHGz1Jinw> <xme:BhL3ZVBw9V-EmkJt_4-kaTazvdBKEffl26MLXgqqkmtHZYCiJ6ZujO7LkBdwHKQq3 oy5OydUS2RptYTN>
X-ME-Received: <xmr:BhL3ZUEKiT9okiYUYDgSk1HAbchuJCP5IQjFAROo2SOAxIYYO9c4fuOTLQOI6631hQs>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrkeehgdehlecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurheptgfkffggfgfuvfhfhfgjsegrtderre dtvdejnecuhfhrohhmpefgvhgvrhhtucfrohhtuceomhgvsegvvhgvrhhtphhothdrtgho mheqnecuggftrfgrthhtvghrnhepheffueduvddugedufedvueejleevteehiedtveehke egfeeiffdtteefkeejgefhnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehm rghilhhfrhhomhepmhgvsegvvhgvrhhtphhothdrtghomh
X-ME-Proxy: <xmx:BhL3ZdQvX0MUji7NDM4V35T2coES87Os_Pq8Y8XPAqYeAuNXCqbyqg> <xmx:BhL3ZZyZM2ADfHobAQpz5GOUuEA-iu9pdL2zPZNrdxp4VxRpOK5BSg> <xmx:BhL3Zb4rsbaTf_LzcqL4HfJMe1nuTBg_AE6qJ9pU_1K-Kw7rsI06Tw> <xmx:BhL3ZWzlgYB6zzj7PW4ODuayyYNjEMz4DjPXC-nG5R_xIp4P2vMQnA> <xmx:BhL3ZXbOulABnMZuwA9qUyalmBehSONkLB2zYvLgVFpeRIKdIFQk4A>
Feedback-ID: i525c409a:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <ietf-http-wg@w3.org>; Sun, 17 Mar 2024 11:53:42 -0400 (EDT)
Content-Type: multipart/alternative; boundary="------------L7oIKe30bTetmW2tkOgDAFoc"
Message-ID: <8715d343-a547-49f0-857c-459bad7a4844@evertpot.com>
Date: Sun, 17 Mar 2024 11:53:41 -0400
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: ietf-http-wg@w3.org
References: <cac456fe-6385-4afb-913e-e730f68439d8@gmail.com>
From: Evert Pot <me@evertpot.com>
In-Reply-To: <cac456fe-6385-4afb-913e-e730f68439d8@gmail.com>
X-W3C-Hub-DKIM-Status: validation passed: (address=me@evertpot.com domain=evertpot.com), signature is good
X-W3C-Hub-DKIM-Status: validation passed: (address=me@evertpot.com domain=messagingengine.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-4.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: pan.w3.org 1rlspW-00CNx2-0F 4690bedb009d6c3a1ee18a725c65f372
X-Original-To: ietf-http-wg@w3.org
Subject: Re: could we have some sort of Is-Autonomous header?
Archived-At: <https://www.w3.org/mid/8715d343-a547-49f0-857c-459bad7a4844@evertpot.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51888
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 2024-03-16 07:51, Soni L. wrote: > hello! > > one of the issues with fediverse is how each instance caches other > instances' posts, but when you copy the link to a post it gives you a > link to your own instance. this link then either does a redirect > (which is dangerous and mastodon is deprecating it), shows an > interstitial (new versions of mastodon do this), or shows the cached > content (most other instances do this). > > doing a redirect is bad because it paves way for certain kinds of > phishing attacks. but it preserves the original opengraph metadata, > allowing for seamless link previews. > > an interstitial is great because it reduces the chances of those > phishing attacks. but it breaks the opengraph metadata, so you don't > get link previews. > > the third case we don't talk about because it's not really relevant to > this post. (except minimally it is, more on that in a bit.) > > so the Is-Autonomous header would ideally be set by link preview > systems and not by anyone else (explicitly not by browsers). when a > server sees Is-Autonomous, it could change its behaviour in any of the > following ways: > > - instead of showing an interstitial, it could do a redirect. > - instead of rendering an entire regular page template, it could > render just the opengraph metadata. > - it could reject the request altogether. > > the first 2 of these are great incentives to use the Is-Autonomous > header: the first one makes link previews work, and the second one > saves bandwidth both on the server and on the link preview system. we > believe these benefits outweigh the drawback of the third for anyone > interested in deploying this. > > but enough with what we believe, what does the http wg think? Based on the use-case, this seems more like a job for a 'preview'-related media-type in an Accept header.
- could we have some sort of Is-Autonomous header? Soni L.
- Re: could we have some sort of Is-Autonomous head… Soni L.
- Re: could we have some sort of Is-Autonomous head… Soni L.
- Re: could we have some sort of Is-Autonomous head… Evert Pot
- Re: could we have some sort of Is-Autonomous head… Soni L.
- Re: could we have some sort of Is-Autonomous head… Watson Ladd