Replace and fix broken links with hugos relref (#801)

As discussed in #764 there are quite a lot of outdated links in the mastodon documentation. In basically all cases this was resolved by simply wrapping the old plain markdown link in hugos `relref` function[^0]. While quite a lot of links on the `/zh-cn/` also appear to be broken, these can not be fixed by just wrapping them in `relref`[^0]. Those are all links to `/spec/` subpages which are just not translated to `/zh-cn/` version. Therefore, `/zh-cn/spec/` has been excluded from the automated checking as described in the next section. The page has been checked using the linkchecker[^1] utility. One process is running `hugo serve` in order to see all changes in real time and notice errors directly in your browser. In a separate command prompt the command `linkchecker http://localhost:1313 --ignore-url=/zh-cn/spec` is being fired up. Note the `--ignore-url=/zh-cn/spe` to exclude the just not existing parts of the page as mentioned in the previous paragraph. There still is some ToDo on the table since quite a lot of the anchors appear to not be set or at least differ from previous versions. One example: on `/client/authorized/` is a link to `/client/token/#creating-our-application` while the id of referenced heading is `app`. These changes **do not** fix those Issues as it would require way more time. [^0]: https://gohugo.io/functions/relref/ [^1]: https://github.com/linkchecker/linkchecker Close #764
2020-08-10 23:01:50 +02:00 · 2020-08-10 23:01:50 +02:00 · 5ebc8ad418
commit 5ebc8ad418
parent 3375a76538
30 changed files with 99 additions and 95 deletions
--- a/content/en/spec/activitypub.md
+++ b/content/en/spec/activitypub.md
@ -67,10 +67,10 @@ Some other Object types are converted as best as possible. The transformer uses
 | icon | Used as profile avatar. |
 | image | Used as profile header. |
 | manuallyApprovesFollowers | Will be shown as a locked account. |
-| discoverable | Will be shown in the profile directory. See [Discoverability flag](activitypub.md#discoverable). |
-| publicKey | Required for signatures. See [Public key](activitypub.md#public-key). |
-| featured | Pinned posts. See [Featured collection](activitypub.md#featured). |
-| attachment | Used for profile fields. See [Profile metadata](activitypub.md#profile-metadata) and [Identity proofs](activitypub.md#identityproof). |
+| discoverable | Will be shown in the profile directory. See [Discoverability flag]({{< relref "activitypub.md#discoverable" >}}). |
+| publicKey | Required for signatures. See [Public key]({{< relref "activitypub.md#public-key" >}}). |
+| featured | Pinned posts. See [Featured collection]({{< relref "activitypub.md#featured" >}}). |
+| attachment | Used for profile fields. See [Profile metadata]({{< relref "activitypub.md#profile-metadata" >}}) and [Identity proofs]({{< relref "activitypub.md#identityproof" >}}). |
 | alsoKnownAs | Required for Move activity. |

 ## HTML sanitization {#sanitization}
@ -117,7 +117,7 @@ Contains ActivityStreams extended properties that have been proposed but not off

 ### W3ID Security Vocabulary \(`sec:`\) {#sec}

-Contains properties used for HTTPS Signatures and Linked Data Signatures. Also used for identity proofs. See [Security](security.md) for more information.
+Contains properties used for HTTPS Signatures and Linked Data Signatures. Also used for identity proofs. See [Security]({{< relref "security.md" >}}) for more information.

 * sec:publicKey
 * sec:publicKeyPem
@ -145,7 +145,7 @@ Contains properties used for profile metadata.

 ### Public key {#publicKey}

-Public keys are used for HTTPS Signatures and Linked Data Signatures. This is implemented using an extra property `publicKey` on actor objects. See [Security](security.md) for more information. Example:
+Public keys are used for HTTPS Signatures and Linked Data Signatures. This is implemented using an extra property `publicKey` on actor objects. See [Security]({{< relref "security.md" >}}) for more information. Example:

 ```javascript
 {
@ -220,7 +220,7 @@ Mastodon supports arbitrary emojis, that is, small images uploaded by admins and

 ### Focal points {#focalPoint}

-Mastodon supports setting a focal point on uploaded images, so that wherever that image is displayed, the focal point stays in view. This is implemented using an extra property `focalPoint` on `Image` objects. The property is simply an array of two floating points between -1.0 and 1.0, with 0,0 being the center of the image, the first value being x \(-1.0 is the left edge, +1.0 is the right edge\) and the second value being y \(-1.0 is the bottom edge, +1.0 is the top edge\). See [Focal points](../methods/statuses/media.md#focal-points) for more information. Example:
+Mastodon supports setting a focal point on uploaded images, so that wherever that image is displayed, the focal point stays in view. This is implemented using an extra property `focalPoint` on `Image` objects. The property is simply an array of two floating points between -1.0 and 1.0, with 0,0 being the center of the image, the first value being x \(-1.0 is the left edge, +1.0 is the right edge\) and the second value being y \(-1.0 is the bottom edge, +1.0 is the top edge\). See [Focal points]({{< relref "../methods/statuses/media.md#focal-points" >}}) for more information. Example:

 ```javascript
 {
--- a/content/en/spec/oauth.md
+++ b/content/en/spec/oauth.md
@ -17,7 +17,7 @@ Mastodon supports the following OAuth 2 flows:
 * **Password grant flow**: For bots and other single-user applications
 * **Client credentials flow**: For applications that do not act on behalf of users

-To obtain an OAuth token for a Mastodon website, make sure that you allow your users to specify the domain they want to connect to before login. Use that domain to [acquire a client id/secret](../methods/apps/#create-an-application) and then [proceed with normal OAuth 2]({{< relref "../methods/apps/oauth.md" >}}).
+To obtain an OAuth token for a Mastodon website, make sure that you allow your users to specify the domain they want to connect to before login. Use that domain to [acquire a client id/secret]({{< relref "../methods/apps/#create-an-application" >}}) and then [proceed with normal OAuth 2]({{< relref "../methods/apps/oauth.md" >}}).

 ## OAuth 2 endpoints implemented {#implementation}

@ -25,15 +25,15 @@ The following descriptions are taken from the [Doorkeeper documentation](https:/

 {{< caption-link url="https://github.com/tootsuite/mastodon/blob/master/config/initializers/doorkeeper.rb" caption="Doorkeeper config initializer" >}}

-### [GET /oauth/authorize](../methods/apps/oauth.md#authorize-a-user)
+### [GET /oauth/authorize]({{< relref "../methods/apps/oauth.md#authorize-a-user" >}})

 Displays an authorization form to the user. If approved, it will create and return an authorization code, then redirect to the desired `redirect_uri`, or show the authorization code if `urn:ietf:wg:oauth:2.0:oob` was requested.

-### [POST /oauth/token](../methods/apps/oauth.md#obtain-a-token) {#post-oauth-token}
+### [POST /oauth/token]({{< relref "../methods/apps/oauth.md#obtain-a-token" >}}) {#post-oauth-token}

 Obtain an access token. This corresponds to the token endpoint, section 3.2 of the OAuth 2 RFC.

-### [POST /oauth/revoke](../methods/apps/oauth.md#revoke-token) {#post-oauth-revoke}
+### [POST /oauth/revoke]({{< relref "../methods/apps/oauth.md#revoke-token" >}}) {#post-oauth-revoke}

 Post here with client credentials to revoke an access token. This corresponds to the token endpoint, using the OAuth 2.0 Token Revocation RFC \(RFC 7009\).

--- a/content/en/spec/security.md
+++ b/content/en/spec/security.md
@ -28,7 +28,7 @@ headers="(request-target) host date",
 signature="Y2FiYW...IxNGRiZDk4ZA=="
 ```

-The `keyId` should correspond to the actor and the key being used to generate the `signature`, whose value is equal to all parameters in `headers` concatenated together and signed by the key, then Base64-encoded. See [ActivityPub &gt; Public key](activitypub.md#public-key) for more information on actor keys. An example key looks like this:
+The `keyId` should correspond to the actor and the key being used to generate the `signature`, whose value is equal to all parameters in `headers` concatenated together and signed by the key, then Base64-encoded. See [ActivityPub &gt; Public key]({{< relref "activitypub.md#public-key" >}}) for more information on actor keys. An example key looks like this:

 ```javascript
 "publicKey": {
@ -101,7 +101,7 @@ Mastodon verifies the signature using the following algorithm:

 [Linked Data Signatures 1.0](https://w3c-dvcg.github.io/ld-signatures/) is a specification for attaching cryptographic signatures to JSON-LD documents. LD Signatures are not used widely within Mastodon, but they are used in the following situations:

-* When running a [self-destruct](../admin/tootctl.md#tootctl-self-destruct) sequence to send Delete activities to all known peers, the payload will use LD Signatures because HTTP Signatures will not be available. Receiving servers will process the signature by validating it against the locally cached actor key, since the HTTP server will no longer be hosting old actor information.
+* When running a [self-destruct]({{< relref "../admin/tootctl.md#tootctl-self-destruct" >}}) sequence to send Delete activities to all known peers, the payload will use LD Signatures because HTTP Signatures will not be available. Receiving servers will process the signature by validating it against the locally cached actor key, since the HTTP server will no longer be hosting old actor information.
 * When accepting activities from a relay. Public activities can optionally be sent to a relay with LD Signatures, and any server subscribing to a relay does not have to manually refetch the activity from the origin. This prevents having potentially infinite servers attempt to load the status from your instance.

 ### Creating LD signatures {#ld-sign}