Let’s get the AMAs kicked off on Lemmy, shall we.
Almost ten years ago now, I wrote RFC 7168, “Hypertext Coffeepot Control Protocol for Tea Efflux Appliances” which extends HTCPCP to handle tea brewing. Both Coffeepot Control Protocol and the tea-brewing extension are joke Internet Standards, and were released on Apr 1st (1998 and 2014). You may be familiar with HTTP error 418, “I’m a teapot”; this comes from the 1998 standard.
I’m giving a talk on the history of HTTP and HTCPCP at the WeAreDevelopers World Congress in Berlin later this month, and I need an FAQ section; AMA about the Internet and HTTP. Let’s try this out!
You must log in or register to comment.
How do you feel about 418 being included in many legitimate http libraries?
It’s great: the Internet should have a bit of that sense of whimsy, and knowing that there’s official support in many libraries for “you’re asking me for coffee, but I’m a teapot” is one of those things that gets me through the day.
Ironically, it’s a cup of coffee that gets me through the day
I have no questions, but I want to let people here know that there are two excellent websites related to this: http.cat and http.dog, for looking up HTTP status codes.
For an example, if http.cat/418 doesn’t brighten your day, I don’t think there’s much that can.
I love this. Thank you so much.
You’re welcome! I try to share this with people whenever I can, hoping that it makes someone’s day better. It certainly gives me a lot of joy when I can respond to something with a relevant http cat, though the few people I do it to might be getting a little annoyed.
Congratulations on creating such a cool piece of Internet arcana!
What do you think the silliest/most useless response status code is aside from
418?Were there any codes you wish had been included that haven’t been for some reason?
I always rather enjoyed the double entendre of “420 Enhance Your Calm”, which was an unofficial response from Twitter’s original API before “429 Too Many Requests” was standardized.
But I can’t think of any codes which aren’t already in there, that I’d use; there are a bunch that don’t see much use, like “410 Gone”, so the list could do with trimming down if anything.
I had been an advocate of getting just an ordinary person to do the first Lemmy ama but apparently we’ve got an absolute legend.
Have you ever had a favourite reference to your joke come up?
I did go to a conference once where they were handing out laptop stickers, and in the pack was a 418 teapot.
Of course, a week after I stuck that to my machine, it died. Telling the laptop it was a teapot didn’t agree with it, I guess.
What’s your take on the fediverse frontier?
I think it’s excellent out here. I was stuck on Reddit for the longest time, and this recent debacle has pushed me to explore the networks at the edge; this feels a lot more like the Internet of old. The analogy of email is apt, I think, with the accounts on multiple servers and the interplay between.
You awaken my nostalgia, curiosity and sense of adventure when you say “explore the networks at the edge”. Are there any other networks than lemmy / mastodon that you would suggest checking out?
Internet Relay Chat’s been one of those things that’s always felt out on the edge. I’ve been on EFnet since perhaps '03, and it’s a lot quieter than it was…
With people moving en masse away from the centralized sites and their Firebase-implemented chats, we may see a pick up in traffic on the IRC networks, which would be good to see.
What are some interesting channels on EFnet? I basically grew up on Foonetic, but moved to Slashnet when #xkcd did. I don’t pay near as much attention to IRC as I used to, but would like to change that
I haven’t been exploring in the depths of EFnet in …many years. I’m confined to the programming-related channels I found in the Way Back When, nowadays: at the moment, #c is probably the most active and it’s almost all old-timers.
Are you tingly anywhere?
What was the inspiration for these internet standards?
That’s actually the topic of the talk! Around 1995-96, HTTP was picking up all kinds of use outside the academic community, and people were tacking extensions on left and right; one of the biggest was file upload support, which was done by throwing HTTP and email into a room and having them fight it out. Which is how we ended up with the monstrosity that is “sending emails over HTTP”, also known as “posting a form”.
The author of HTCPCP decided to codify some of his concerns with these, partly as a joke; I noticed long afterward that his joke was only standardized for coffee, which Personally Offended me as a citizen of a tea-drinking nation.
What other such joke standards (by you or others) do you like?
A little lower down the stack, I always liked the Evil Bit in TCP, a standard which removes all need for firewalls heuristics by requiring malware or packets with evil intent to set the Evil Bit. The receiver can simply drop packets with the Evil Bit set, and thus be entirely safe forever from bad traffic.
At the physical interface layer where data meets real life, I especially enjoy IP over Avian Carrier; that link in particular is to the QoS definition which extends the original spec for carrying packets by carrier pigeon.
Someone tested the evil bit and found a selection of real-world networks that react to its presence
Fun read, thanks for the link!
With the advances on SDcards, IPoAC is getting better and better.
As the saying goes, “for bandwidth, nothing beats a truck full of
tapes1TB MicroSDs hurtling down the highway”.
The Evil Bit sounds like the real Do Not Track header field
Wow. Never knew about these :)
Not a question, but we use 418 in production! We have a nginx router that routes pages based on its path to either old frontend or new frontend. I wanted some easy way to handle the routing (and to not repeat myself), so I set the new frontend as a handler for 418 error and then just return 418 in the nginx for any page I want on new UI. I chose 418 because the others could be actually used by the old frontend and it could get all weird.
This is actually a good use of 418 in production, and one I’ve come across before: if you need to perform some custom handling and throwing a HTTP error is the only sensible way to do it, 418 is always available.
Unless your server really is a coffeepot, which is …unlikely.
Getting more likely with each passing year.
The number one question I would ask about HTTP would be: Why was the “Referer” header initially added and why wasn’t it removed from standard to this day. In my opinion the server, I’m going to, should never know where I came from.
I’ve just done some quick browsing to see if there’s a written-down motivation for Referer existing, and there’s this on the Wikipedia: “Many blogs publish referrer information in order to link back to people who are linking to them, and hence broaden the conversation.”
Which I guess makes sense, in the context of the original use of HTTP as an academic publishing protocol, but it’s gained cruft and nefariousness since wider adoption came about.
There are good arguments for stripping Referer from the standard, and yours is one of the most cogent; if Referer is still a thing in another 30 years, I’d be surprised.
Follow-up question. Shouldn’t it be spelled “referrer”?
It should, certainly. But the original draft introducing the header had a typo, and now we’re all stuck with it.
In the early days of hypertext there was also a lot of talk of “the semantic web”, where one proposal was that all links should be two-way, refer may have been a compromise to let people try to implement that on top of the one-way HTTP/HTML
I hope that user agent will be gone too. It does nothing except demand that you install chrome or spy on you
There are far more robust methods of fingerprinting to spy on users anyway (adding up all the details of screen size, available fonts, language, os, etc, etc), so I don’t think removing the user agent would have much impact in reducing fingerprinting alone. It’s also useful as a quick and simple way to check the type of device, os, or browser the user is on and serve the correct content (download link for one’s OS) or block troublesome clients (broken bots)
(adding up all the details of screen size, available fonts, language, os, etc, etc),
not if you just simply turn off javascript.
I bet you can detect window size with css media queries and invisible “background-url” values for rendered items.
I don’t know if “display: none” prevents loading of background-url targets though.
Then browsers should just download ALL background-url images beforehand
I need an ELI5 for this I’m a stupid Gen Z
You know sometimes you click on a link and it says “404 not found?” 404 is an HTTP status code. basically when you click on a website your browser makes an “HTTP request” to that website to get the web page, and it’ll respond with a code to tell the status. 2xx is ideal, since it means OK. 4xx means it’s an error on your end. (404, you requested a nonexistent link.) 5xx means it’s a server error.
This person made 418, a status code for “I’m a teapot”. It was intended as an april fools joke but it’s used sometimes for when the server doesn’t want to handle a request from the client.
I need one too and I’m a stupid Gen Y
As a late millennial and a programmer, I’ve got you.
So when you request a web page, before anything else, the server gives you a 3 digit status code.
100s means you asked for metadata
200s mean it went ok
300s means you need to go somewhere else (like for login, or because we moved things around)
400s mean you messed up
500s mean I messed up
So this is in the 400s. Each specific code means something - you’ve probably seen 404, which means you asked for a page that isn’t there. And maybe 405, which means you’re not allowed to see this
418 means you asked for coffee, but I’m a teapot
I can’t say enough how amazing your explanation was. Im not a programmer but I have worked on websites (self taught) and I never knew this. Thank you!
What’s the most impactful 418-related incident you’ve witnessed? I remember a few years ago npm went down and was returning 418 which spawned jokes and chaos across the web
The incident you mention is probably the most impactful, but there’s also the time the Russian military blocked IPs outside Russia by returning 418 instead of the more logical 403.
Yeah, I’ve seen people refer to this as the “fuck off” of response codes, especially during that incident. How does that make you feel?
It’s not up to Mr Masinter or myself to police the usage of anything defined in the standard; if people feel like being assholes regarding the issuance of 418 errors, at least they’re being whimsical assholes.
Could be worse; could be 200 with an error message inside, negating the entire point of error codes. I see that all the time.
When I was fixing up a legacy API app at an old job, I realized they did exactly that. I cleared it with my boss and started fixing up our error codes - pretty much all 401, 403, and 422. This blew up an integration with another app that literally threw exceptions on those codes rather than handling them. I died inside as it was my first software dev job. My first rollback of a change as well.
Yeah, GraphQL has adopted this practice as a standard and it’s kind of sad.
I know russian a bit and jargon for russian word “teapot” is also commonly used as “dummy” or “novice”. 418 for foreigners might have been on purpose there which brings Your April’s fool joke to a nation wide level :)
Well there is really only one question…
Pineapple on Pizza?
Out.
Can’t stand pineapple at the best of times, on pizza is another level of wrong.
Hear hear
Yes, obviously. Where else should it be at if not my pizza?
Getting really tired of this meme
Thank you for fixing a critical flaw in the original RFC.
What did you think about the Save 418 Movement? Were you involved in it in any way?
My endorsement is at the bottom of that page, in fact. I wasn’t an active campaigner, but a word in favor was the least I could do.
Oops, RTFM. Well, thanks for fighting the good fight with the power of your reputation.
Was it hard to get this standardized back in the good ol’ days?
Do you think it would be as easy to do it now? If not, what challenges and hurdles would a RFC have to overcome?
The last thing I know that was pretty “significant” is the GNU Terry Pratchett header (https://en.m.wikipedia.org/wiki/Terry_Pratchett#Death) and that was a community effort.
There are joke RFCs almost every year, so it’s not unprecedented to add to the standards. This year, one of the additions was a Death Flag to TCP, to indicate when a connection is about to terminate. The RFC Editors are very approachable when it comes to the Apr 1st RFCs: a “real” standard would need to be drafted by someone actually in the field, but the Apr 1st’s are open to public submissions as long as you’re willing to redraft/edit in accordance with the documentation standards.
It’s worth noting that the Clacks header is an unofficial campaign, and hasn’t been standardised; the 'Pedia states that some 84,000 sites return X-Clacks-Overhead, and my own is one.
Thank you for contributing to the magic of the old school internet.
My question: How does one get to write an RFC? Do you have to become part of a certain group, or just be known in certain circles, or do you just start writing and then submit it somewhere? If I had a great idea that I think should become an RFC, what is the process to make this a reality?
For Apr 1st RFCs in particular, the process is that you write your document in conformance to the RFC Editor’s Style Guide and email it to the editor directly. If you have a not-a-joke standard that you’d like to be considered, that’ll go through as an Internet Draft first, and then there are stages of review.
I haven’t been through the latter, but the editors are very approachable over email; I had no issues submitting my RFC for review and revision.