|
|
#
?
Jan 16, 2018 19:57
|
|
|
|
| # ? May 8, 2024 14:30 |
|
|
There should have been a checkbox or a confirm alert something
|
|
#
?
Jan 16, 2018 20:03
|
|
|
There should have been a lot of things. There also shouldn't have been 40 minutes between doing it and acknowledging it.
|
|
#
?
Jan 16, 2018 20:14
|
|
|
Nolgthorn posted:There should have been a checkbox or a confirm alert something On the real web alert thing the employee was using, there was a confirmation page. This is just a gif making a joke, but it's also serious...don't let your ads move buttons and links around!
|
|
#
?
Jan 16, 2018 20:22
|
|
|
The Dave posted:There should have been a lot of things. There also shouldn't have been 40 minutes between doing it and acknowledging it. Pushing the button probably triggered an insane series of events though, i.e. confirming that it was false by doing a defensive sweep of the entire Western pacific ocean from every available vector, waking up absolutely every Skipper on every US ship in the pacific, as well as signing off up and down the line from Generals, Admirals, and possibly White House staff. Once something like that is fired off its probably a huge deal to roll it back.
|
|
#
?
Jan 16, 2018 20:41
|
|
|
Ape Fist posted:Pushing the button probably triggered an insane series of events though, i.e. confirming that it was false by doing a defensive sweep of the entire Western pacific ocean from every available vector, waking up absolutely every Skipper on every US ship in the pacific, as well as signing off up and down the line from Generals, Admirals, and possibly White House staff. Once something like that is fired off its probably a huge deal to roll it back. Since the other day they already added a link to cancel the alert.
|
|
#
?
Jan 16, 2018 21:19
|
|
|
Thermopyle posted:On the real web alert thing the employee was using, there was a confirmation page. This is just a gif making a joke, but it's also serious...don't let your ads move buttons and links around! Waaaaaay back in the pre-CSS day there were HTML style guides that talked about the supreme importance of fully annotating your <img> tags with title attribs for screen-readers and such, and width and height attribs to allow the page to layout without reflowing when images finished loading. I wish this gif had been around then, it would have been equally appropriate 20 years ago.
|
|
#
?
Jan 16, 2018 21:28
|
|
|
Thermopyle posted:Since the other day they already added a link to cancel the alert. Given all the other poo poo we've seen lately, I would not be the least bit surprised if the link was just a GET to an unsecured PHP endpoint that kicked off a Twilio message
|
|
#
?
Jan 16, 2018 21:30
|
|
|
Ape Fist posted:Pushing the button probably triggered an insane series of events though, i.e. confirming that it was false by doing a defensive sweep of the entire Western pacific ocean from every available vector, waking up absolutely every Skipper on every US ship in the pacific, as well as signing off up and down the line from Generals, Admirals, and possibly White House staff. Once something like that is fired off its probably a huge deal to roll it back. I don't think information about incoming ballistic missiles flows from HI civil defense to the Navy
|
|
#
?
Jan 16, 2018 21:49
|
|
|
Data Graham posted:Waaaaaay back in the pre-CSS day there were HTML style guides that talked about the supreme importance of fully annotating your <img> tags with title attribs for screen-readers and such, and width and height attribs to allow the page to layout without reflowing when images finished loading. This is still a good idea for exactly the same reason and also for Javascripty/DOM purposes. Honestly, if you know an image's dimensions I have a hard time understanding why you wouldn't define them unless you specifically wanted it to be warped or something crazy like that.
|
|
#
?
Jan 16, 2018 22:32
|
|
|
I'm not gonna get all conspiracy here but there's no way a missile alert for an entire state could have been triggered by a single person acting alone. That whole thing was theatre done on purpose by the reptilians and deep state and you know it.
|
|
#
?
Jan 17, 2018 01:03
|
|
|
Have any of ya'll worked with a content migration firm you really like? I have a potential project that would involve moving a large amount of content from Sharepoint to WordPress and I learned long ago that migration from any platform to another is a loving horrible task 99% of the time and I'd rather pay someone else to do it.
|
|
#
?
Jan 17, 2018 02:32
|
|
|
kedo posted:Have any of ya'll worked with a content migration firm you really like? I have a potential project that would involve moving a large amount of content from Sharepoint to WordPress and I learned long ago that migration from any platform to another is a loving horrible task 99% of the time and I'd rather pay someone else to do it. The client: “surely it’s as simple as copy/paste drag and drop??”
|
|
#
?
Jan 17, 2018 05:08
|
|
|
I'm looking for reading on making web sites! To be specific, I don't need to learn HTML or JS, I need any sort of reading about the process of going from "this person needs an about page" or "this business needs a presence on the web" to an actual site. Not really interested in how to work with a client. I'm more looking at coming up with ideas that will work. I seem to recall reading a blog series at some point in the past where a designer/developer kind of live-blogged his whole process and how he scrapped ideas, came up with new ones, ran into technical limitations, etc. Now I can't remember any details but I do remember really liking it.
|
|
#
?
Jan 17, 2018 20:40
|
|
|
I think what you're looking for is UX Development?
|
|
#
?
Jan 17, 2018 20:56
|
|
|
Maybe this is up your alley?: My company has a lot of people that follow the Jobs to be Done framework and there are a ton of resources and stories of how people adapt it for their workflow.
|
|
#
?
Jan 17, 2018 21:16
|
|
|
Thermopyle posted:I'm looking for reading on making web sites! Out of curiosity, what’s your goal in looking for these articles? Learning new or different processes than the ones you already use?
|
|
#
?
Jan 17, 2018 21:19
|
|
|
kedo posted:Out of curiosity, what’s your goal in looking for these articles? Learning new or different processes than the ones you already use? Just curious about other people's approaches and I was thinking today about the blog post(s) I mentioned and how much I liked it(them).
|
|
#
?
Jan 17, 2018 22:18
|
|
|
Is there a name for the validation pattern that: 1) runs through validation, 2) if errors are found, remove the field(s) from submitted data, 3) save the successfully validated data, then 4) return the successfully saved data along with a list of fields that failed validation from step (2)? I know there's a name for this, but Google is failing me.
|
|
#
?
Jan 21, 2018 01:49
|
|
|
I've built a whole API based on Websockets. I built loosely around some specification I found online about a best practice for communication. Where if you wanted to wait for a response you sent an `id` attribute along with the request. Then there was also a `method` attribute which was required. There was some other stuff like how to format error responses and how I should allow arrays of requests, which could be run in any order. What was I looking at. Because at the time there was no javascript library available that did all that stuff, and I'd like to either check again or build one.
|
|
#
?
Jan 21, 2018 18:51
|
|
|
Websockets are cool and good, but there's a tendency to just throw out all of the stuff you get for free with HTTP and rebuild it in websockets just because.
|
|
#
?
Jan 21, 2018 19:04
|
|
|
Nolgthorn posted:I've built a whole API based on Websockets. The best I've seen is basically doing HTTP over Websockets. It removes the burden of inventing a protocol from whole cloth and allows you to talk to another developer (if there are more than 2) about adding new commands without having to specify down to the letter every detail. Thermopyle posted:Websockets are cool and good, but there's a tendency to just throw out all of the stuff you get for free with HTTP and rebuild it in websockets just because. This is not to say throw out HTTP, it does give a lot for free. But if you need a websocket protocol, HTTP is a pretty good guideline for how to structure it.
|
|
#
?
Jan 21, 2018 19:04
|
|
|
In this case it's a notification api, so I had to either use HTTP and poll the server all the time, or use Websockets. Websockets are pretty sweet rear end at handling idle connections, nearly the same as no connection at all, and I get to send data to the client. So I'm poo-pooing HTTP.
|
|
#
?
Jan 21, 2018 19:11
|
|
|
WAMP! I was looking at WAMP. http://wamp-proto.org/ http://wamp-proto.org/static/rfc/draft-oberstet-hybi-crossbar-wamp.html On second thought, I was looking at a different subprotocol before I think because this is nothing like my API. Actually I think it's JSON-RPC and now I'm conflicted about what I should be using. http://www.jsonrpc.org/specification Nolgthorn fucked around with this message at 01:31 on Jan 22, 2018 |
|
#
?
Jan 21, 2018 19:26
|
|
|
Not sure if this is the right thread but it’s website related so… If I have a website example.com, and I host something on it at say example.com/a_string_of_100+_random_letters_and_numbers.html, is it possible for web crawlers(? is that the right term) to know that this particular page exists? This assumes that I don’t link to this page on anything.
|
|
#
?
Jan 22, 2018 15:04
|
|
|
Boris Galerkin posted:Not sure if this is the right thread but it’s website related so… Technically no, but assume yes if it's linked to some important or sensitive functionality. There's no way for a crawler to find it... until someone visits it that you give the link to, their history ends up online or their dodgy browser reports it, or a directory index somewhere gets switched on by accident and lists it or something and somehow it gets indexed.
|
|
#
?
Jan 22, 2018 16:47
|
|
|
Boris Galerkin posted:Not sure if this is the right thread but it’s website related so… I'm not sure if you're asking "if I publish this on the downlow can I be certain Google won't find it on its own" or "do I have to SEO this link somehow to get it noticed". I'm going to assume the former. It shouldn't show up as long as you don't include it in a Sitemap with webmaster tools or if it doesn't get linked from elsewhere. Watch out if you're using a CMS like Wordpress, Django, etc since those can "leak" category pages and tag indexes if Google decides to spider it.
|
|
#
?
Jan 22, 2018 19:38
|
|
|
I'm starting to learn about web security and how to protect sites that I work on. The first few chapters of the book I'm reading talk about how hackers use web crawlers and brute forcing common route names to map a site. I have error reporting setup and this catches any 404 errors a person on one of the sites encounters. I know that not all attacks involve the mapping phase but I was curious how dumb/smart would it be to rely somewhat on the 404 reporting as an indication of an attack?
|
|
#
?
Jan 23, 2018 20:58
|
|
|
huhu posted:I'm starting to learn about web security and how to protect sites that I work on. The first few chapters of the book I'm reading talk about how hackers use web crawlers and brute forcing common route names to map a site. I have error reporting setup and this catches any 404 errors a person on one of the sites encounters. I know that not all attacks involve the mapping phase but I was curious how dumb/smart would it be to rely somewhat on the 404 reporting as an indication of an attack? Just because someone is mapping your site doesn't mean you're getting "attacked". Just like a lot of these indicators, you should be monitoring all of the things and then get alerts on out of the ordinary activity. You'll likely have a baseline amount of 404 activity and any single malicious attacker isn't going to stand out from the noise.
|
|
#
?
Jan 23, 2018 21:13
|
|
|
Yeah 404s are only useful in context of their quantity really, and even then there's so many misbehaving bots, automated scrapers, and exploit scanners out there that it is an almost useless signal. Baidu and Yandex used to be really bad netizens about this kind of stuff back when I looked at those logs. The only way it might be useful is if your 404s increase tenfold overnight, but that to me would still be a "holy crap did a bunch of pages just get unpublished" concern about discoverability than it would be about potential exploits.
|
|
#
?
Jan 24, 2018 20:33
|
|
|
Nolgthorn posted:I've built a whole API based on Websockets. It sounds like JSON RPC 2.0 http://www.jsonrpc.org/specification I use it on my WebSocket apps. However, when I work with node.js I use socket.io, which has a lot of cool stuff built in.
|
|
#
?
Jan 24, 2018 21:01
|
|
|
Is there a Javascript test runner that isn't awful? I like Jasmine, but trying to set it up with Karma is agonizing. The config settings are barely documented, and running anything in it means going through a plugin system consisting entirely of barely-documented npm modules.
|
|
#
?
Jan 25, 2018 00:16
|
|
|
Main Paineframe posted:Is there a Javascript test runner that isn't awful? I like Jasmine, but trying to set it up with Karma is agonizing. The config settings are barely documented, and running anything in it means going through a plugin system consisting entirely of barely-documented npm modules. Jest is nice.
|
|
#
?
Jan 25, 2018 00:18
|
|
|
For fucks sake. If you’re making an app, don’t inject your own version of jQuery in the script, therefore breaking another scripts on the site. Because then it leads me to throw my computer out, trying to troubleshoot And yes. This is seriously something I have to troubleshoot in 2018.
|
|
#
?
Jan 25, 2018 00:48
|
|
|
Main Paineframe posted:Is there a Javascript test runner that isn't awful? I like Jasmine, but trying to set it up with Karma is agonizing. The config settings are barely documented, and running anything in it means going through a plugin system consisting entirely of barely-documented npm modules. code:code:JavaScript code:code:
|
|
#
?
Jan 25, 2018 01:03
|
|
|
Ava is really good, too. The key benefit is that tests are run concurrently so it's stupid fast. You can also write tests in ES2017 without config and, most importantly to me, the execution model prevents implicit global state in tests so you don't run into situations where previous tests affect the outcome of other tests.
|
|
#
?
Jan 25, 2018 08:24
|
|
|
Weird question. Haven't done web development in years, used to write PHP but that language got some problems and I want to get away from it. But I feel lost, so many different languages these days and not sure where to begin. I learned a lot of the front-end stuff last year, but back-end is a mystery to me and I haven't written anything in years. I learned some MVC frameworks with PHP but it just sounds gross to me now and I want something modern. Someone mentioned Heroku in another thread, which looks interesting (and a lot to learn itself), but not sure what language to pair with it. Kind of leaning towards Python or Go, any thoughts? And my project is mainly an educational one for me, I have an idea in mind of what I want to create (it's going to sound silly, but a simulated cryptocurrency, with a virtual PoW system - not real though). One thing is I actually want a process that runs 24/7 to simulate block discovery, with inputs from the web interface. Just sounds fun to me to learn cryptography and some other ideas I have. Have no idea what language is suited to something like this though.
|
|
#
?
Jan 25, 2018 12:28
|
|
|
Python, C#, Java are all good choices.
|
|
#
?
Jan 25, 2018 15:03
|
|
|
Alpha Mayo posted:Weird question. Haven't done web development in years, used to write PHP but that language got some problems and I want to get away from it. But I feel lost, so many different languages these days and not sure where to begin. I learned a lot of the front-end stuff last year, but back-end is a mystery to me and I haven't written anything in years. I learned some MVC frameworks with PHP but it just sounds gross to me now and I want something modern. If you're leaning towards Python I'd recommend Flask. There's also Django but the learning curve is quite steep compared to Flask. It also sounds like you don't want to build your typical website where you'd need like user authentication and an admin panel and such which is what you get my default with Django. Flask lets you pick and choose all the things individually you need for your project.
|
|
#
?
Jan 25, 2018 16:30
|
|
|
|
| # ? May 8, 2024 14:30 |
|
|
For another viewpoint, being able to pick and choose is the worst thing about Flask for beginners and Django is easier to learn. In other words, you're going to have to look into both to see what you want to use and be prepared to back out of your choice. The same holds for your choice of programming language.
|
|
#
?
Jan 25, 2018 16:50
|
|