Comments (13)
Isn't it bad to throw HTML around? This encourages API consumers to trust that the data is completely safe without filtering. One bad proxy can ruin it - this could become a vulnerable point for XSS attacks.
from api-spec.
That's a good point but the "html" field is not part of my suggestion, it's already in the spec.
I'm not sure if the protocol field is really needed - if you've got to filter out protocols then we might as well just use some common hashtag and have it as a convention to filter that if you only want human readable stuff. I quite like the idea of using #! e.g.
#! /games/chess E-2 E-4
from api-spec.
The keyword here is "Metadata". I think, it's a must-have feature – it would be reaaaaaly cool if we could ember some sort of meta-data objects and make it indexable.
from api-spec.
Metadata is a very broad thing. What sorts of use cases do you want metadata for and could they be covered by:
https://github.com/appdotnet/api-spec/blob/master/objects.md#annotations (which are not yet really defined).
What sort of indexing do you want, currently no filters are defined for annotations either, but that would be a natural progression. Might be worth creating a new issue?
from api-spec.
You're right, what I mean are annotations. Sorry, didn't see it before.
Simple use-case: an app posts a book review, has some annotations like { "ISBN":"73287328", "Rating":4}
The same app (or whatever client) makes a search for all posts with ISBN=73287328 && Rating > 3
from api-spec.
Binary payloads would go hand in hand with the idea that certain posts are only meant for certain (or certain groups of) applications.
from api-spec.
I'd really like to see private annotations like in #51. Your example of #! /games/chess works for "open" games like chess, but not for asynchornous games like Diplomacy or Apples To Apples, where each player commits to a move, but the moves aren't revealed until all players commit. Being able to add private annotatons that only certain groups/apps/users can see would allow this.
Maybe something like:
{
//...
"annotations": {
// @user:key annotations are only visible by @user
"@apples2apples:play-card" : {
"id" : 1234
},
// #!app:key annotations are visible by app
"#!diplomacy:move" : {
"army" : "Gal -> Vie"
},
// un-prefixed namespaces are public
"wellknown:geo": {
"type": "Point",
"coordinates": [102.0, .5]
}
}
//...
}
This would allow games and other apps with non-public information to use app.net as a platform.
from api-spec.
@ryanschneider Disagree, permissions on annotations is the wrong scope. It'd be better to simply have permissions on posts, like #33 is discussing, then your game client could sent a private message to the game bot or public comments to other players. I imagine most traditional asymmetrical game mechanics would be better off private messaging a game bot and the game bot rebroadcasting subsets of the message (commentary, or partial information states) to other game player clients.
from api-spec.
I'm in complete agreement with @JoshBlake on this one. I'd thought about Diplomacy (and similar games) specifically as a use case and concluded it would be best to do them via game bots. Architecturally I think having private parts of a public post is going to get very messy very fast.
I like the concept of per user/group and per "post type" or "protocol" access control that is evolving in #33.
from api-spec.
Yup #33 seems to meet my needs as well. My key requirements are structured data (which annotations offer) and limited visibility, which 33 offers and I agree sounds easier to architect.
On Aug 14, 2012, at 6:57 AM, Mark Wilcox [email protected] wrote:
I'm in complete agreement with @JoshBlake on this one. I'd thought about Diplomacy (and similar games) specifically as a use case and concluded it would be best to do them via game bots. Architecturally I think having private parts of a public post is going to get very messy very fast.
I like the concept of per user/group and per "post type" or "protocol" access control that is evolving in #33.
�
Reply to this email directly or view it on GitHub.
from api-spec.
@fields I agree with the binary payloads concept. This would essentially create unlimited possibilities for the types of posts, and built on top of a solution that addresses #33, we have a hugely robust API that would enable apps to format data however they want.
from api-spec.
@rrbrambley @fields JSON does't support binary payloads directly. They were very much included in my original thinking here but you have to base64 encode or similar on the client side.
from api-spec.
Is there any more movement around this? Particularly in relation to referenced issue #60 - headless peeps?
Non-text posts seem to be such an important step but the spec doesn't appear to have advanced much in that area in the last couple of weeks. Unless I've missed a discussion in another thread, of course.
from api-spec.
Related Issues (20)
- Modifying annotations on an existing file doesn't seem to trigger a user stream event HOT 1
- Add "Mentions" to a User's Counts object
- Feature Request: Report Wrong Account Type Endpoint HOT 6
- The documentation for creating a file is incomplete
- Add a way to get messages in a channel containing a hashtag
- Add starring functionality to Messages HOT 1
- Abstract away stars – support generic "actions" with associated counters
- Post Search docs mentions seemingly non-functional has_location parameter HOT 6
- More Stream Faceting parameters HOT 1
- Dead link on the Messaging Basics page HOT 1
- Posts API : Reposts? HOT 3
- Expose which posts/messages a file has been attached to/embedded in HOT 1
- Feature request: Reply to multiple posts HOT 1
- Bug in Interactions endpoint pagination when using interaction_actions without "reply" HOT 5
- Allow searching for posts in the users stream.
- Annotations are not returned when creating a channel HOT 3
- include_inactive ignored by https://api.app.net/channels?ids=… HOT 2
- Wikipedia Markdown link throws a 'Bad request' error HOT 1
- User streaming - Add post hashtag search HOT 1
- Streaming fails to recognise "Upgrade: WebSocket" case insensitive
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from api-spec.