WTF Bites
-
-
Status: the conversations I get pulled into...
-
I was on a trip with some friends last weekend and some people took some photos. One of them uploaded them to MEGA.
You can view them on the site, but I wanted to save everything locally. No problem, there's a helpful link that allows you to download the whole album in a zip.
HOWEVER, when you click that, instead of your browser's download dialog (or just starting the download into a pre-set location), it somehow starts downloading using its own, in-browser dialog, presumably to /tmp or wherever the browser cache is. Only when this pseudo-download reaches 100%, the browser shows you its own built-in download dialog, and that download completes instantly.
Why? Why did they reinvent functionality that browsers have had forever on their site? I'm lost. Who would think this is a good idea, or necessary at all?
-
@blek they're using HTML5 APIs.
Doesn't Mega do client-side encryption/decryption for password protected links? That's why they're using HTML5, I think.
-
@blek AIUI, it's a hell of a lot faster, and back when it was written Chrome did some real stupid things with download pause/resume whereas Mega's version works perfectly.
-
Stupid WebAssign math homework has now marked me off on an assignment because apparently, unlike every other equation interpreter out there, including ones that I can copy and paste its equations directly into and have them interpreted properly, sin(x)² means sin(x²) instead of sin²(x). Why does everything suck?
-
-
@pie_flavor said in WTF Bites:
sin²(x)
Be careful that that doesn't get read as sin(sin(x)).
It doesn't. Still, though.
-
@pie_flavor said in WTF Bites:
Stupid WebAssign math homework has now marked me off on an assignment because apparently, unlike every other equation interpreter out there, including ones that I can copy and paste its equations directly into and have them interpreted properly, sin(x)² means sin(x²) instead of sin²(x). Why does everything suck?
Should've been (sin x)² :face_with_stuck-out_tongue_winking_eye:
-
I have now found a great use for the multiple desktops feature of Windows. I can easily put this and Discord in one desktop, and WebAssign/Piazza/et al in another one, and make sure I'm only interacting with school-related windows.
Except I have to reassign every window every time I turn on my computer. Come the fuck on. You can remember that there were multiple Chrome windows, and restore the tabs in each one properly, you can remember that there is a second desktop, but you can't restore the window into the desktop?
-
-
@pie_flavor said in WTF Bites:
You can remember that there were multiple Chrome windows, and restore the tabs in each one properly
what makes you think Windows did that?
-
@ben_lubar said in WTF Bites:
@pie_flavor said in WTF Bites:
You can remember that there were multiple Chrome windows, and restore the tabs in each one properly
what makes you think Windows did that?
Well, obviously it happened when he turned on Windows, so of course it was Windows that did the remembering!
-
@ben_lubar said in WTF Bites:
what makes you think Windows did that?
Well, it automatically launches chrome on my laptop. Ofc, I am well aware that windows 10 is a spectrum or continuum, with each person receiving a slightly different set of features, but still. Just my 0.0159¢.
-
@ben_lubar said in WTF Bites:
@pie_flavor said in WTF Bites:
You can remember that there were multiple Chrome windows, and restore the tabs in each one properly
what makes you think Windows did that?
I don't care. It's supposed to be extensible. If the second window is in the same screen location as I left it, then either I'm angry at Chrome for not putting the window in Desktop #2, or if that's not possible then I am angry at Windows for not having the capability for the window to be placed in Desktop #2, or if Windows did the screen positioning thing then I am angry at Windows for not placing it in the Desktop #2.
It's a facepalm no matter how you slice it, and it's much easier if I just get angry at the computer instead of having to pick between the things on it.
-
-
@hungrier what about URNs?
You can serve coffee from them.
From urin?
No, it just tastes like it.
-
Ah, the wonders of the Single Sign On system.
https://i.imgur.com/iyUPHfV.png
-
@pie_flavor said in WTF Bites:
Ah, the wonders of the Single Sign On system.
https://i.imgur.com/iyUPHfV.pngSeems to be working properly!
-
@anotherusername said in WTF Bites:
If I'm not mistaken, every URL is also a URI, and a URI is a URL if it includes a scheme (http://, ftp://, file://, etc.).
Every URI includes a scheme. But if the scheme is something like
isbn:
, it still does not say where to actually get the resource and therefore isn't a URL.
-
This post is deleted!
-
@anotherusername said in WTF Bites:
If I'm not mistaken, every URL is also a URI, and a URI is a URL if it includes a scheme (http://, ftp://, file://, etc.).
Every URI includes a scheme.
A "URI Reference" is an abbreviated form of a URI which may omit the scheme. Example:
/post/1306126
-
@anotherusername said in WTF Bites:
A "URI Reference" is an abbreviated form of a URI which may omit the scheme. Example:
/post/1306126
But “URI reference” is not an “URI”. It is just a reference to one. It says so on the tin.
-
Over two months ago, we set up automatic payments with our natural gas provider, but when we got our next bill with a late fee and the previous month's amount tacked on, we double-checked and realized that the account we used to set it up was my savings account, but our financial institution does not support direct payments from savings. That was our mistake, so we called the company, explained the mistake, and got the account number corrected to my checking account. We also scheduled a one-time payment for the bill since the auto-pay had failed.
So this month, for last month's bill, we checked, and the checking account didn't have even an attempted charge. O.o So I called up the gas company again and asked what happened. Everything was set up correctly for our auto-payment, so why didn't it go through?
When you make a change to a payment method, it puts a lock on the automatic payments, so it'll take effect after the next billing cycle.
So, then what's the point of setting up auto-pay? I can understand allowing a few business days, but if it's any longer than that, why wouldn't the desired payment method be used? Especially if the client called in about it! (I forgot to ask about cancelling my auto-pay enrollment and setting it up afresh.)
-
The 1** codes shouldn't ever be returned to you, and are pretty rare in reality
Once some stupid proxy was sending me "100 continue" answers, and it was breaking things.
-
-
what about URNs?
Those name resources, uniformly. It's in the plain expansion of the abbreviation. Obvious!
URNs and URLs are both URIs, but are totally distinct from each other (as a URN never says how to get the resource and a URL always says how to get it). It's also possible to have URIs that are neither URLs nor URNs; they must identify something yet neither name it (uniquely) nor locate it.
Have some examples:
- URL:
http://dx.doi.org/10.1038/nphys1170
- URN:
doi:10.1038/nphys1170
- URI:
results_from_last_week.xlsx.bak
It's possible to convert a URN into a URL using a resolution service, but the resolution is never authoritative. Converting a non-URN non-URL URI into something useful requires context.
Bonus related — If you're working with Java then be aware that its
URL
class has a completely fucked implementation ofequals(Object)
(it doesn't understand virtual hosting at all and compares hostnames by converting them to IP addresses; that's both semantically wrong and utterly terrible for performance in some cases). Never compare twojava.net.URL
classes if you want a working program. Thejava.net.URI
class is correct, but the resource it identifies can't be accessed without going viaURL
(which isn't a real problem, toby faire; thetoURL()
method is right there).
- URL:
-
The only time I've ever seen this is when Firefox updates. So yeah, when it apparently starts timing from the moment I hit the shortcut, through the UAC popup asking me to let it update, to when it finally starts, that takes longer than just starting. Good observation, Firefox, but I don't think the "Learn how to speed it up" button will tell me anything useful.
-
- URI:
results_from_last_week.xlsx.bak
No, this is just a URI reference. The URI means the absolute one (and without fragment) and that must have a scheme.
- URI:
-
@bulb Err, no. I actually went and checked. If it is absolute then it is either a URL or a URN, and I specifically wanted something that was neither.
-
@anotherusername said in WTF Bites:
A "URI Reference" is an abbreviated form of a URI which may omit the scheme. Example:
/post/1306126
But “URI reference” is not an “URI”. It is just a reference to one. It says so on the tin.
Then perhaps you can explain: what's the difference between a URI and a URL?
-
Have some examples:
- URL:
http://dx.doi.org/10.1038/nphys1170
- URN:
doi:10.1038/nphys1170
- URI:
results_from_last_week.xlsx.bak
Nope, that's not a URI. It's a URI reference.
A URI must have at least a scheme.
- URL:
-
-
@anotherusername (Huh. TIL that URI really does require a scheme. It's just that virtually all practical uses of URIs in software also handle URI fragments in the same code.) Well, that's already wrong as it excludes URNs. The general syntax for URIs is:
<scheme>:<scheme-specific-part>
But digging deeper indicates that URI is really the superclass of URL and URN that is intended to obsolete both (and Wikipedia has an outdated reference, as per usual with web things).
-
@anotherusername said in WTF Bites:
Then perhaps you can explain: what's the difference between a URI and a URL?
_
-
It's just that virtually all practical uses of URIs in software also handle URI fragments in the same code.
Yeah. The distinction between a URI and a URI Reference seemed like pedantic dickweedery to me, but that's what we do here I guess.
-
@anonymous234 said in WTF Bites:
According to my post office, a large box containing a computer is not a "package", it's a "letter", as long as it weighs less than 2kg.
Yeah that makes perfect sense.
What kind of computer do you have that weighs less than 2 kg but comes in a large box? https://www.cbsnews.com/news/the-worlds-smallest-computer-university-of-michigan-micro-mote/ ?
-
@ben_lubar said in WTF Bites:
@LB_ because programming language file file extensions are usually typed by humans and therefore shorter is better?
I think it goes back to the days when file names were no longer than 8 letters, plus three for the extension.
-
@ben_lubar said in WTF Bites:
@LB_ because programming language file file extensions are usually typed by humans and therefore shorter is better?
I think it goes back to the days when file names were no longer than 8 letters, plus three for the extension.
Holy crap, you have a long way to catch up...
-
@pie_flavor I just made another Windows user altogether for use at school. I don't know how hard it is to make a local user on Windows 10 though...
-
@coderpatsy said in WTF Bites:
@pie_flavor I just made another Windows user altogether for use at school. I don't know how hard it is to make a local user on Windows 10 though...
Not hard. You say "I don't have a microsoft account" then "No, just create a local account" (both are small text-links and not buttons) during the OOBE setup.
-
@tsaukpaetra said in WTF Bites:
@ben_lubar said in WTF Bites:
@LB_ because programming language file file extensions are usually typed by humans and therefore shorter is better?
I think it goes back to the days when file names were no longer than 8 letters, plus three for the extension.
Holy crap, you have a long way to catch up...
You might be surprised how many applications still adhere to the old three character extension limit.
-
@tsaukpaetra said in WTF Bites:
@ben_lubar said in WTF Bites:
@LB_ because programming language file file extensions are usually typed by humans and therefore shorter is better?
I think it goes back to the days when file names were no longer than 8 letters, plus three for the extension.
Holy crap, you have a long way to catch up...
You might be surprised how many applications still adhere to the old three character extension limit.
I meant in relation to your apparent thread position, actually. ;)
-
@tsaukpaetra said in WTF Bites:
@tsaukpaetra said in WTF Bites:
@ben_lubar said in WTF Bites:
@LB_ because programming language file file extensions are usually typed by humans and therefore shorter is better?
I think it goes back to the days when file names were no longer than 8 letters, plus three for the extension.
Holy crap, you have a long way to catch up...
You might be surprised how many applications still adhere to the old three character extension limit.
I meant in relation to your apparent thread position, actually. ;)
We need to have a Random Comment navigator link for the forums.
-
So, Admins can XSS from their own jenkins installation using tool names. ?
Maybe they should have provided an example, I don't see how this would be a problem normally... Unless your Admins are untrustworthy...
-
Therefore this vulnerability only really affects installations that don’t grant administrators the Run Scripts, Configure Update Sites, and/or Install Plugins permissions.
If you have an installation with special, restricted administrators that don't have permission to administrate, they might use this exploit to be able to do their jobs
-
they might use this exploit to be able to do their jobs
But... how though?
I mean, as far as I can tell, this would allow you to XSS a user who visited the job configuration page to force them to execute an action, and the only way that would have any different effect than themselves doing that is if they cajoled a real administrator into visiting said page with the XSS performing an action they that themselves can't do...
Am I picturing that right?
-
@tsaukpaetra I stopped applying all the updates. They have one every week and I just don't need it. It works as I got it now and there's really no threat scenario where I'd care about something like that.
Fucking threadmill.
-
@tsaukpaetra I stopped applying all the updates. They have one every week and I just don't need it. It works as I got it now and there's really no threat scenario where I'd care about something like that.
Fucking threadmill.But... but... Big Red Number and Scary Warnings and Alerts!!
-
@tsaukpaetra Yeah, there's a large OCD part of me that wants to get rid of it, just because of the red numbers.
It says 4 right now.
Can't change it anyway because it's deprecated something (slave connection by JNLP? not sure) that I've got running and don't want to configure differently.Maybe a greasemonkey script to hide the red number is in order. ;)