fu: Close-up of Fu, bringing a scoop of water to her mouth (Default)
fu ([personal profile] fu) wrote2011-01-11 12:54 am
  • Add Memory
  • Share This Entry

Supporting Atom Publishing Protocol

I've been working on updating our implementation of the Atom Publishing Protocol for Bug 852, and I have a patch up there now.

Have several longish comments, but the short version is that our implementation was old to the point where I don't think any clients could use it, so I have felt free to break the old URLs while updating our implementation.

That is, I've removed support for:
http://www.dreamwidth.org/interface/atomapi/username/* (completely broken;
username had no effect on which journal the interface would use)
http://www.dreamwidth.org/interface/atom/feed
http://www.dreamwidth.org/interface/atom/post
http://www.dreamwidth.org/interface/atom/...

And I've implemented a new interface:

http://www.dreamwidth.org/interface/atom
GET: service document / used to discover the APP URLs we provide

http://www.dreamwidth.org/interface/entries
GET : lists the entries
POST: makes a new entry

http://www.dreamwidth.org/interface/entries/tags
GET: lists the journal's tags

http://www.dreamwidth.org/interface/entries/123
GET: retrieves entry 123
PUT: edits entry 123
DELETE: deletes entry 123


Does anyone have any concrete reasons I shouldn't push forward with this?

Also, any suggestions for how / whether to support posting to communities? What URL should we use? :-)
Flat | Top-Level Comments Only
matgb: Artwork of 19th century upper class anarchist, text: MatGB (Default)

[personal profile] matgb 2011-01-10 05:05 pm (UTC)(link)
Second set of URLs has some broken code , I think it's a missing " in the cut text.

Definitely need to support posting to comms, but client protocol stuff is completely beyond me (trying to learn it though, in the process of updating Delicious Glue, simple enough for a newbie to get working, only, well, I can't do anything beyond the basics). Essentially, if a client won't let me post to a comm, it's not a client I can use. And I'm not a heavy Comm user.
fu: Close-up of Fu, bringing a scoop of water to her mouth (Default)

[personal profile] fu 2011-01-10 05:17 pm (UTC)(link)
Thanks, fixed!

And I can take care of the backend stuff, but trying to figure out a "nice" way to present it in terms of URLs -- perhaps

http://www.dreamwidth.org/interface/atom/entries (personal journal)
http://www.dreamwidth.org/interface/atom/afuna/entries (also personal journal)
http://www.dreamwidth.org/interface/atom/communityname/entries (some comm communityname)?
matgb: Artwork of 19th century upper class anarchist, text: MatGB (Default)

[personal profile] matgb 2011-01-10 05:21 pm (UTC)(link)
I would say the latter two work to be consistent, the former might be a good shortcut, but could be confusing, especially for client authors that aren't normally DW users?

On most other platforms that I know of, username and blogname are always separate, so having a shortcut for people posting to just their journal may confuse those used to those standards.

But, given my complete lack of knowledge of this field, I don't know.
matgb: Artwork of 19th century upper class anarchist, text: MatGB (Default)

[personal profile] matgb 2011-01-10 05:40 pm (UTC)(link)
Thought occurs. Why not put them on the subdomains themselves?

matgb.dreamwidth.org/interface/atom/entries

Is that possible or would it require too much duplication/redirecting?

Or does ATOM include auto detection in some way? I'm partially thinking mid term, if/when we get domain mapping setup, there will be some that'll make their setup appear completely separate from DW.
fu: Close-up of Fu, bringing a scoop of water to her mouth (Default)

[personal profile] fu 2011-01-11 04:12 am (UTC)(link)
The way it is coded right now, it would be the work of a few lines to change, and no redirects *g*

I need to think about the security implications though; maybe post to dw-dev as well. The big problem with domain cookies is that we generally keep as much as possible out of that space, so that if someone steals your domain-specific cookie (but not your master cookie), they can't make you do stuff to that journal.

This may not be an applicable concern since we use WSSE and/or digest auth for these.

But well, frankly I don't know enough off the top of my head to say with any certainty, so I'll want to look into it first.

And yes, there's auto detection. The service document lists available collections you can manipulate (edit, etc), which includes all the relevant links that you should need.
mark: A photo of Mark kneeling on top of the Taal Volcano in the Philippines. It was a long hike. (Default)

[staff profile] mark 2011-01-12 06:55 am (UTC)(link)
I am 100% for "username.dreamwidth.org/interface/atom" ... that's what we use for everything else, right?
fu: Close-up of Fu, bringing a scoop of water to her mouth (Default)

[personal profile] fu 2011-01-13 12:22 pm (UTC)(link)
Hmm, we use it for everything else that's display related, but not for anything that requires further action.

I do like the subdomain for the atom interface though, and the only thing I want to make sure of is that we're clear on potential security-related issues!
Flat | Top-Level Comments Only