though with browsers escaping ( and ) when copying to clipboard, I think it might even be viable to simply forbid () in URL regexes.✎
lovetox
its funny that there is no public available regex that can match all URIs in a text
jonas’
~though with browsers escaping ( and ) when copying to clipboard, I think it might even be viable to simply forbid () in URL regexes.~ doesn’t seem to be the case (anymore?) ✏
lovetox
there are some that are better than others
Zash
or http://[db8:f00::baa%eth0]:80/
Zash
are urls even regular?
jonas’
probably not
Zash
wasn't url parsing one of the first things mozilla rewrote in rust?
lovetox
so if you want to show clickable uris in your client, first accept you will not catch all valid urls :)
so is there a good reason to use the traditional tcp connection
lovetox
instead of websocket, if its available?
lovetox
there are some points that make websocket very appealing
lovetox
first, the a websocket message is its own parsable document
lovetox
which removes a lot of complexity with having to buffer or stream input
jonas’
depends on your criteria for good reason
jonas’
I consider "doesn’t need an HTTP stack" a good reason
lovetox
second, websocket implements its own keepalive mechanism so you dont have to do that yourself with sending whitespaces
lovetox
jonas’, i dont understand that argument, you need a networking lib
Zash
TCP has a keepalive mechanism too, your argument is invalid
jonas’
lovetox, not talking about libraries
jonas’
talking about the amount of technical cruft stacked onto each other
jonas’
"Resource Exhaustion"
asterixhas left
asterixhas joined
lovetox
ok so there are no real cons to using websocket
jonas’
I think that *is* a real con.
lovetox
with bosh it was, that there is too much overhead
lovetox
and its complex to implement
Zash
Everything you stated as positive is negative if you ask me
serge90has left
jonas’
Zash, message delimiting would be nice for parsing, but using a stream parser is in any case better for limit enforcement
lovetox
jonas’, your argument depends on the env your develop, i can talk about mine, and adding libsoup as dependency which handles all my http stuff not just websocket
lovetox
is not a con
jonas’
lovetox, except that you now have libsoup as dependency
jonas’
more code, more cpu cycles burnt
jonas’
you won’t get the Blauer Engel with that
lovetox
ok i hear you, but thats not a good "con" for me
lovetox
and dont know what you mean by limit enforcement
lovetox
but you can set a size limit on a websocket message
serge90has joined
jonas’
lovetox, stanzas which try to exhaust resources in your stanza processing. this isn’t always easily covered with a size limit
serge90has left
jonas’
for example, if tree depth is very expensive in your processing, you can get very deep messages with few bytes
jonas’
you can catch this easily when using a stream paresr✎
jonas’
you can catch this easily when using a stream parser ✏
serge90has joined
Zash
Let me tell you about the overhead and resource leaks of creating a parser for every message
lovetox
really? whats so expensive about a parser object?
lovetox
ah resource leaks
Zash
Bunch of allocations and callbacks and stuff for every message vs just feeding an existing parser
lovetox
good point, but websocket does not exclude stream parsing
lovetox
i can still do that
lovetox
but that pro is then gone :)
pulkomandyhas left
jonas’
(and once you have stream parsing, you also lose the size limit benefit)
Zash
Websockets would be nicer without the weird open and close elements. And the XOR masking madness
lovetox
jonas’, about http stack, i think there is no gui client or even xmpp client that is considered modern and can live without a http stack
jonas’
lovetox, yes, but I don’t need the HTTP stack for the XMPP connection.
jonas’
just for the HTTP things
Zash
Hammer says everything is a nail!
lovetox
Zash, to be honest, normally you dont have to care about that, your websocket lib should
jonas’
I don’t want to live in a world where everything is passed over HTTP(S).
Zash
jonas’: same
jonas’
(although it would be a good tale to tell the (grand-)kids)
jonas’
("back in ye olden days, where things were which were not JSON and not HTTP...")
Zash
Tell the story of why the number 443 is hard coded in the network stack
pulkomandyhas joined
ajhas joined
pulkomandy
Maybe when everything is inside https we can replace ipv4 with ipv6 and no one will notice
asterixhas left
asterixhas joined
jonas’
no, HTTP will just hard-codedly connect to 1.1.1.1 which does URL-level routing
Zash
Except thanks to SNI and ALPN there's no need to replace IP.
Zash
Just route on those
jonas’
Zash, ^5
jonas’
in the end, quad1 is cloudflare. everything goes through cloudflare either way.
jonas’
(okay, this turned way more realistic than I anticipated when I wrote my comment)
sonnyhas joined
Zash
Better stop talking before you bring that nightmare closer to really than it already is✎
Zash
Better stop talking before you bring that nightmare closer to reality than it already is ✏
goffihas joined
pulkomandyhas left
pulkomandyhas joined
ajhas left
pulkomandyhas left
pulkomandyhas joined
tskhas joined
lovetoxhas left
asterixhas left
asterixhas joined
lovetoxhas joined
kikuchiyohas left
pulkomandyhas left
asterixhas left
asterixhas joined
pulkomandyhas joined
UsLhas left
kikuchiyohas joined
pulkomandyhas left
pulkomandyhas joined
Zashhas left
Zashhas joined
tskhas left
tskhas joined
lovetoxhas left
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
pulkomandyhas left
pulkomandyhas joined
tskhas left
goffihas left
goffihas joined
asterixhas left
asterixhas joined
lovetoxhas joined
asterixhas left
strarhas left
strarhas joined
lovetoxhas left
lovetoxhas joined
asterixhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
pulkomandyhas left
lovetoxhas left
pulkomandyhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
debaclehas left
lovetoxhas joined
asterixhas left
asterixhas joined
kikuchiyohas left
Wojtekhas left
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
debaclehas joined
pulkomandyhas left
Neustradamushas left
asterixhas left
asterixhas joined
asterixhas left
asterixhas joined
pulkomandyhas joined
asterixhas left
asterixhas joined
dendanghas joined
tskhas joined
lovetox
is there a good reason to keep a BOSH impl as non-webclient, if you also have a websocket impl?
jonas’
I don’t think there’s a good reason to keep a http-based impl on a non-webclient
jonas’
but if anything, you should probably keep BOSH over websocket. someone said that on-list in the discussion about the 2020 compliance suites
lovetox
that argument was about page reloads in browsers
Zash
BOSH is probably more compatible with random weird web middleboxes
lovetox
does not concern desktop clients
Zash
The kind that the weird websocket XOR masking was meant to defeat and prevent from doing funking weirdness.
jonas’
lovetox, no
jonas’
maybe it was at a different place, too
jonas’
I think someone had some (at least anecdotal) data that BOSH is the most-likely to succeed mechanism in troublesome networks
jonas’
can’t find it though, and I don’t really want to argue in favour of any http-crap
Zash
jonas’, how do you feel about direct tls on port 443?
jonas’
Zash, similarly bad
jonas’
but not as bad as websockets
Zash
I have it deployed, which means free fuzzing by random web spiders
Zash
ALPN even! mod_net_multiplex \o/
asterixhas left
asterixhas joined
lovetox
i think may people use bosh because they hope to circumvent some firewalls
lovetox
not sure if websockets can be used for that
Zash
depending on the firewall you can get past by having normal xmpp on port 80 or 443, or direct tls, websocket on 443, and bosh should be the most compatible
lovetox
no probably not, because xmpp protocol is already announced in the header
Zash
depends if it's just port based or a full on http proxy
lovetox
hm, no this should work the http message is tls encrypted
lovetox
so how would a firewall know its an xmpp server
pulkomandyhas left
moparisthebest
I specifically wrote XEP-0368 because my work proxy let me connect to any TLS but only if it was on port 443
Zash
name in cert being jabber.something or xmpp.something?
pulkomandyhas joined
lovetox
yeah but in that case bosh does also not help
moparisthebest
and whatever firewall-from-hell they implemented that with is surely some black box that other orgs also have
lovetox
im still thinking about reasons to keep bosh
Zash
moparisthebest, open a change request with the department of ports
moparisthebest
I just yell at my desk instead, same effect
lovetox
my whole websocket code is 120 lines of code
lovetox
and thats boilerplate included
lovetox
so from that angle i really love websockets :)
moparisthebest
I think like Zash said, there likely exists HTTP middleboxes that would allow through BOSH and not Websocket
Zash
lovetox, how much code to tunnel XMPP over DNS?
moparisthebest
XMPP over DNS over XMPP ?
moparisthebest
XoDoX
Zash
Eh, why does searching for TCP over DNS give me HTTP servers?
jonas’
lovetox, you forgot to count all the thousand lines of code in the HTTP stack on top of TCP
moparisthebest
Zash, https://code.kryo.se/iodine/ is the only one I know of
Zash
Found now
Zash
First hit was https://github.com/boazsegev/iodine
asterixhas left
asterixhas joined
tskhas left
lovetoxhas left
rionhas left
rionhas joined
asterixhas left
asterixhas joined
debaclehas left
Neustradamushas joined
Marc Laportehas joined
Marc Laportehas left
dendanghas left
sonnyhas left
sonnyhas joined
sonnyhas left
sonnyhas joined
strarhas left
strarhas joined
dendanghas joined
strarhas left
debaclehas joined
strarhas joined
sonnyhas left
pulkomandyhas left
pulkomandyhas joined
paulhas left
asterix
I do use bosh because at my work there is a port based firewall that prevent me to connect to normal XMPP port.