One of the developers of Sunlit, a photo-sharing app that is part of the Micro.blog ecosystem, contacted me to say that “the images on your site have a MIME type of application/data”. I’d like to say I understood immediately what the problem was and what it meant, but I had to do some learning first. It wasn’t as simple as the extension, the bit after the filename that indicates whether it is a JPEG or PNG kind of image. Rather, it was about what my server tells your browser about the image.

To backtrack, Known stores all files as blobs that contain the actual file data, the 1s and 0s. Your browser, when it receives a post from my server, can often sniff out what kind of thing (image, audio, text etc) that blob of data represents and do a good job of showing it to you. Normally, you wouldn’t even notice. One clue is that if you right-click on an image, and ask to open it in a new tab, it actually gets downloaded instead, I suppose because the new tab doesn’t know what else to do with it.

Anyway, I confirmed that the source file for most images did not have an extension (which would have told the browser directly how to deal with it). Most, but not all. Files I had uploaded to my site directly did have an extension and the correct MIME type. The “bad” files had come from OwnYourGram or Quill, both of which are part of the joyful #IndieWeb. They use a standard called Micropub to send things to a suitably equipped website.

It seemed unlikely that both Quill and OYG would fail to send the requisite information to identify a photo, so I went digging into the code that Known uses to decide what to do with a post sent by Micropub. I made a bit of progress but although I could see more or less what was happening, I couldn’t see how to make it right.

Fortunately Aaron Parecki, who built Quill and OwnYourGram (and so much else), was around and gave me the clue I needed to investigate: curl -I example.com/file.

One beautiful feature of Quill is that if it is sending a photo and if the receiving site has a media endpoint for receiving files (which Known does) it uploads the file, shows you a preview and tells you the location of the file. With that, the curl command shows that the temporary file has the correct description of Content-Type: image/jpeg. Once Known has processed the whole post from Quill, though, the file that contains the image shows as Content-Type: application/data.

Somewhere between receiving the temporary file from Quill and storing it permanently, Known fails to give it the proper MIME type.

I wish I knew enough to discover where the problem lies. Most likely Marcus Povey – who keeps the wheels spinning at Known – will be able to do the needful, now that I have submitted an issue. And Sunlit will be able to share my photos far and wide.

@phoneboy kindly shared a screenshot of the "webmention" spam he said he had received.

As I suspected, it looks to me like common or garden spam, hence the scare quotes. Of course, I can't be absolutely certain without digging further into the actual URLs, which I'm not about to do, but everything about these comments screams pingbacks or trackbacks. And the solution is obviously Akismet which, to be honest, I am suprised Phoneboy has not already installed and activated.

The day may come when webmention spam is a thing, and #indieweb people have been thinking about a protocol called Vouch for that eventuality.

A couple of days ago, @phoneboy mentioned the fun he had deleting the spam webmentions he had received on WordPress.

I asked him to document them.

Now Phoneboy replies:

Once I figure out the right settings, I’ll let you know.

And I’m not sure what that means. What right settings? Doesn’t WordPress keep a copy of all comments it receives? It would be really useful to see the contents of those “spam webmentions,” where they came from, what they contained, who sent them, simply because, as I said before, so few of these imagined evils have so far been spotted in the open. Not sure what settings that requires.

Also, the irony of this question has not escaped me:

Also, where did you post this comment? Didn’t see it in micro.blog.

I posted it here. Where else would I post it?

#indieweb

If you're looking for a really good introduction to the #IndieWeb and insights into how it all works, you could do a lot worse than listen to Jeena's podcast with Martijn. They do a tip-top job of explaining for people less knowledgeable than they are, and the audio quality is very acceptable.

I think I just need to remind myself and others of the natural progresion of things.

1. Everything not forbidden is permitted.
2. Everything not permitted is forbidden.
3. Everything not forbidden is compulsory

That is all. #indieweb