One of the things we talked about in the Social Web Working Group was how to include binary data in the ActivityPub objects, like an `Image`. One proposed technique was to base64-encode the data and include it in `content`; another option was to use `data:` URLs in the `url` property of the object. Do any ActivityPub processors currently include inline images or other binary data?
Conversation
Notices
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Sunday, 26-May-2024 11:31:51 JST 
Evan Prodromou
-
Embed this notice
Eugen Rochko (gargron@mastodon.social)'s status on Sunday, 26-May-2024 11:35:19 JST 
Eugen Rochko
@evan Not us. What would it be for?
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Sunday, 26-May-2024 11:46:27 JST
Evan Prodromou
@Gargron Stuffing a binary object into a text medium. It's not very efficient, but if you don't want to host some small images, like an `icon`, it might be useful.
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Sunday, 26-May-2024 11:48:20 JST
Evan Prodromou
@Gargron It was one of the features from Activity Streams 1.0 that didn't really survive into 2.0.
-
Embed this notice
Eugen Rochko (gargron@mastodon.social)'s status on Sunday, 26-May-2024 11:49:28 JST
Eugen Rochko
@evan Probably the closest we've got is the blurhash property, which is a base-something encoded representation of a placeholder image.
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Sunday, 26-May-2024 12:10:12 JST
Evan Prodromou
@jamie I don't understand your question. Are you asking, why does the data from Server 1 get transferred to Server 2, instead of just being loaded by a client when the user looks at it? It's totally OK to do it either way, but fetching private data in the client is hard if the server hasn't implemented the `proxyUrl` endpoint.
-
Embed this notice
Jamie Gaskins (jamie@zomglol.wtf)'s status on Sunday, 26-May-2024 12:10:13 JST 
Jamie Gaskins
@evan What are the reasons behind transferring the data to the receiving server at all rather than linking to it?
Honest question, I’ve never been a fan of Mastodon downloading images and videos from other servers, but I recognize I don’t know all the tradeoffs of doing it one way vs the other. I only see how it impacts my hosting bill.
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Sunday, 26-May-2024 12:10:56 JST
Evan Prodromou
@Gargron OK, interesting!
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Monday, 27-May-2024 00:44:55 JST
Evan Prodromou
@jamie I'd definitely recommend reading my book on ActivityPub, which can give a lot of context on how the protocol works.
https://www.oreilly.com/library/view/activitypub/9781098162733/
-
Embed this notice
Jamie Gaskins (jamie@zomglol.wtf)'s status on Monday, 27-May-2024 00:44:56 JST
Jamie Gaskins
@evan Yeah, that’s what I was asking. When you say “private data”, do you mean attachments sent via DM? IIRC you mentioned a bit ago you were working on something for that, but I’m not sure if these two things are related.
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Monday, 27-May-2024 00:46:51 JST
Evan Prodromou
@jamie in particular, on the topic of copying binary files from one server to another, as @monnier mentioned, it can help with limiting the amount of information shared with the remote server. It can also help limit the number of hits to that remote server, by caching on the receiving server. For private data, I'm particularly referring to followers-only posts, but it could also be relevant for DMs.
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Monday, 27-May-2024 00:55:20 JST
Evan Prodromou
@jamie Cool. So, you know that clients usually authenticate to their own servers using something like cookies (for dedicated web apps) or OAuth for web and mobile apps. However, clients can only authenticate to their *own* servers, not remote servers. For objects marked available to the Public, they can fetch objects from remote servers directly, without authentication. For objects marked as followers-only, or in DMs, they need to authenticate.
-
Embed this notice
Jamie Gaskins (jamie@zomglol.wtf)'s status on Monday, 27-May-2024 00:55:21 JST
Jamie Gaskins
@evan To be clear, I do know how ActivityPub works. 🙂 I’ve implemented it a couple times, one of which was a proof of concept for solving the “server migration problem” that people often associate with AP. Thread here:
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Monday, 27-May-2024 00:56:24 JST
Evan Prodromou
@jamie The best way is to request it from their own server, using cookies or OAuth, which then fetches it using HTTP Signatures for authentication. There's a standard way, using `proxyUrl`, or you can use a per-server API, which is what Mastodon does. Either way, it's your server fetching the file (and usually caching it).
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Monday, 27-May-2024 00:57:38 JST
Evan Prodromou
@jamie Again, there's a whole section about this in my book.
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Monday, 27-May-2024 00:59:08 JST
Evan Prodromou
@dolmen @Gargron I was asking if any apps use the pattern, not trying to justify why the pattern would be useful.
-
Embed this notice
Olivier Mengué (dolmen@mamot.fr)'s status on Monday, 27-May-2024 00:59:09 JST 
Olivier Mengué
@evan @Gargron data: URLs seems a good fit for icons.
But the initial post didn't mention a size limit for the binary object.
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Tuesday, 28-May-2024 22:47:26 JST
Evan Prodromou
@jamie An implementation might push the binary data at delivery time if it wanted to save some HTTP hits later. It's the same reason that some web pages use data: urls or inline SVG.
You may not agree that it's ever necessary, and I actually don't care if it is or not.
It's a feature that Activity Streams 1.0 had, that the AS2 spec hints at, and that I vaguely remember discussing in the WG. I want to make sure I cover it correctly in my book.
-
Embed this notice
Jamie Gaskins (jamie@zomglol.wtf)'s status on Tuesday, 28-May-2024 22:47:27 JST
Jamie Gaskins
@evan I do understand all this. What I thought you were getting at in the original post was along the lines of sending it over as part of the initial activity. That’s what I didn’t understand.
But it sounds like you’re talking about pulling it from the sender rather than pushing to the receiver? Or does that distinction matter here?
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Wednesday, 29-May-2024 10:58:43 JST
Evan Prodromou
@jasnell does this ring a bell at all? I feel like we had this conversation at some point during AS2 development.
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Wednesday, 29-May-2024 11:11:34 JST
Evan Prodromou
@jasnell Right. But I don't think we have a way to specify the encoding, although I guess one could just use some heuristics and assume base64 unless proven otherwise. Like this:
{
"type": "Image",
"name": "1-pixel GIF",
"mediaType": "image/gif",
"content": "R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7"
} -
Embed this notice
James M Snell (jasnell@fosstodon.org)'s status on Wednesday, 29-May-2024 11:11:35 JST 
James M Snell
@evan data URLs weren't that common back then but absolutely would work. The main thing we discussed back then was base64 encoding of the content inline.
-
Embed this notice
James M Snell (jasnell@fosstodon.org)'s status on Wednesday, 29-May-2024 11:51:42 JST
James M Snell
@evan yeah I remember that coming up a few times. I don't think we ever settled on a solution
-
Embed this notice
Evan Prodromou (evan@cosocial.ca)'s status on Wednesday, 29-May-2024 11:51:42 JST
Evan Prodromou
@jasnell Thanks!
-
Embed this notice
All GNU social JP content and data are available under the