I was writing a long general description of my thought, deleted everything, I’ll just write a simple example
In my web app, when the server receives an Undo activity via C2S, one of the things it can do is to verify that if the Undo is undoing a Follow, then the unfollowed object (or the actor managing it) is listed in the recipients. And I’m wondering whether to check for that, and for such details in all the activities received in C2S:
- If I do, I write more code and think harder
- If I don’t, I just need to code the side effects, and otherwise send the activity straight to asynchronous delivery system for S2S delivery etc.
- If I do, I prevent the publishing of weird and useless activities, such as undoing a follow but not sending it to the actor you’re unfollowing
- If I don’t, weird activities would be published, but, maybe that’s fine and it saves lines-of-code and coding time spent checking the tiny details of activities, details that are easy to miss anyway
I’m finding that the primary reason I do code the checks every time, is some fear of ruining the cleanliness of the application and the database, like, keeping out data that doesn’t make sense. Now that I’m more conscious of this tendency, I’m questioning it and considering to just mentally accept that ActivityPub is kind of like structured Email and I should just let the user publish whatever weird stuff they please, and leave those checks to the C2S client app.