Ben Buchwald (sparkyb) wrote in lj_dev,
Ben Buchwald
sparkyb
lj_dev

Status of Anonymous and OpenID comments

First to introduce myself. I'm a programmer working on a masters in Entertainment Technology, CS undergrad. In my spare time I work on my gobs and gobs of side programming projects, most of which are php+mysql webapps. So many in fact that I never have enough time to make any of them completely not crappy (well, that and I have no free time). I'm just starting to use livejournal but I've been poking around and I've come up with some questions, suggestions, and bugs about anonymous comments and the new OpenID consumer support.

1. BUG: when a link <a href="example.com">something</a> in an anonymous comment gets expanded the end tag is kept. This becomes something (example.com)</a> . I was actually able to find the very simple bug/fix in cleanhtml.pl by browsing the CVS but I'm not sure the procedure for checking it out and submitting a change.

2. I was trying to write a bot that would occasionally post a certain comment to an entry on my journal. Anonymous comments with links triggered a captcha that I can't pass. Removing the links made it work only sometimes. I wrote an OpenID server for my website. That seems to work most of the time without links, but still give the captcha for links. Adding the OpenID identity to my friends list makes it work even with links, but the links still get expanded (see above bug). What is the status on a journal level preference for disabling captcha checking for anonymous/OpenID comments? I know that OpenID is not a trust system, but shouldn't it be trusted enough to post actual links if they're on my friends list?

3. When using export_comments.bml to fetch comments, the usernames for OpenID comments is the internal ext_1191 variety. I suppose that is the user and the actual OpenID identity is just the name but it would make a client fetching this data inconsistent with what is displayed on LJ's comments page. Is there any plans or timeline for better integrating OpenID into this and many other deficient areas?

4. Reading many of the OpenID docs I understand that OpenID itself doesn't not provide for fetching more information (such as name) about the user, but perhaps an OpenID consumer could fetch that information from other metadata (RSS, FOAF, etc) provided by the authenticated URL. Is there anywhere a list of which if any of these extra resources the LJ OpenID consumer currently uses? I noticed that for some OpenID identities it was displayed on LJ as username [identity] and thought that might be due to some file the remote site had that mine doesn't.
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 7 comments