WTF Bites
-
-
Is it (based on) what I think it is?
Community Server?
Must be something different. Community Server that we know here was renamed to Telligent Community 10+ years ago.
-
-
@El_Heffe Yeah, it's something different.
They just told me, though, why the Docker installation did not work: I did the unforgivable deed of using the Docker from
apt
. No, you need to install their Docker...Gah.
-
@Rhywden Oh, and they're also doing stupid stuff with their repo:
E: Failed to fetch http://download.onlyoffice.com/repo/debian/pool/main/o/onlyoffice-documentserver-ie/onlyoffice-documentserver-ie_amd64.deb File has unexpected size (271864558 != 271955922). Mirror sync in progress? [IP: 13.35.254.88 80] Hashes of expected file: - SHA512:8c9625edec0bd9b0c850aa8e06a40a6b8354b0cf3af87f7a963bd1d73219ac98cd334348a4fc09de020534925cf87c3bbfead04478ca13c2f98ae440c7e23629 - SHA256:01a48be57ff7cf3f75cb99e09e08bd23629f355fd873524a9b049866e97a396a - SHA1:5d68e9fffae02c5d0b6951f0286223b4a34c242f [weak] - MD5Sum:ca66047cdb084f278f3b485c95ac151e [weak] - Filesize:271955922 [weak] E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
-
What, there is no red_flag emoji‽
Of course there is!
Filed under: IRC quote
-
@El_Heffe Yeah, it's something different.
They just told me, though, why the Docker installation did not work: I did the unforgivable deed of using the Docker from
apt
. No, you need to install their Docker...Gah.
TBF, using a 3 year old version of any development software is bound to cause problems. I've learned to avoid official repos for anything important long ago.
-
@Gąska Since I'm using Ubuntu and not Debian, I'd expect it to be more recent.
However, this also doesn't fill me with confidence:
Reading package lists... Done Building dependency tree Reading state information... Done 7 packages can be upgraded. Run 'apt list --upgradable' to see them. W: Conflicting distribution: http://download.mono-project.com/repo/ubuntu stable-bionic/snapshots/6.8.0.123 InRelease (expected stable-bionic/snapshots/6.8.0.123 but got bionic)
Keep in mind, that all I did was install Ubuntu 18.04 Server (and did not include anything but OpenSSH server), removed Postfix (due to the mentioned port shenanigans) and then executed their install script.
-
@Gąska Since I'm using Ubuntu and not Debian, I'd expect it to be more recent.
It is. 3 years out of date instead of 5.
-
Well, Linux really, really needs swap
All normal desktop OSes do, for rather similar reasons. Stuff that doesn't seem to be needed soon (so far as the OS can tell) gets moved to slower storage than main memory…
Need is a bit of a strong word-choise there. I still routinely disable swap on my laptop Linux installations. After all, I've only got like 120GB of hard drive space. So those 16GB of RAM had better suffice.
...And before you ask, my previous laptop had 32GB and 4GB, respectively. ...eMMC.
-
@Gąska Since I'm using Ubuntu and not Debian, I'd expect it to be more recent.
It is. 3 years out of date instead of 5.
Ah, yes. Misremembered. I used the Snap which is much more recent.
-
@Rhywden I've never got anything from Snap working either. And believe me, I tried.
-
It is. 3 years out of date instead of 5.
Was looking at a user support request this morning that related to a misleading error message. The message was removed from the codebase in question 9 years ago. I think I'm going to just tell them to get the current patch release.
-
@dkf We had a support ticket related to data being put into our system into the 'wrong' order (file listing not alphabetic). We fixed that in 2018.
-
@Rhywden Oh, good grief, how stupid does this get?
Now, due to current restrictions on our outside connection (we've gotten the almost-okay for an upgrade though - we'll get a symmetric true 200 Mbit business connection in addition to our current "best-effort" 100 Mbit, as well as 4 public external IPs) I've set up a reverse proxy.
Basically, all internal servers use port 80 and only allow the reverse proxy to connect who then takes care of https.
Moodle has no truck with this. Mahara has no truck with this. Rocket.Chat has no truck with this. Nextcloud has no truck with this. Big Blue Button has no truck with this.
But, no, this stupid OnlyOffice thing, that one has to be the special snowflake. It listens on port 80. And I then plonk nginx as a reverse proxy in front of it, set to automatically upgrade everything that's http to https. This works fine as long as you: Do settings stuff, look at the calendar, do a blog entry, play with the Kanban board. Everything gets served up over https.
But as soon as you want to actually edit a document, every modern browser will yell at you. Because the morons seemingly have hardcoded some absolute links to
http
somewhere and modern browsers (rightfully) don't like it when you try to load stuff via http inside a https page...Argh.
The pièce de résistance: Their nginx config example is actually wrong and does not work.
-
-
-
Yeah. If only.
-
@Rhywden So they told me: Since I want to use it for Nextcloud integration, why not use their Integration Edition?
Okay, I came prepared: Virgin Ubuntu 20.04 Server, installed Docker from the official Docker repo, plonked in their docker install script, booted up the reverse proxy once again aaaaaand:
Mixed Content: The page at 'https://onlyoffice.foo.bar/example/editor?fileName=new.docx' was loaded over HTTPS, but requested an insecure frame 'http://onlyoffice.foo.bar/5.6.5-3/web-apps/apps/documenteditor/main/index.html?_dc=5.6.5-3&lang=en&customer=ONLYOFFICE&frameEditorId=iframeEditor'. This request has been blocked; the content must be served over HTTPS.
How wonderful!
-
How wonderful!
Looks like you need to add a URL rewriter to the nginx config.
-
How wonderful!
Looks like you need to add a URL rewriter to the nginx config.
Yah. Fun. The MS Office Online on-premise-server begins to look better and better, considering that they explicitly make mention of load-balancers and reverse proxies in their installation docs. It would also be free (well, sort of. "Free" as in "already included in our existing licenses"), in contrast to OnlyOffice.
I'm kind of wondering though, why this part of the nginx config does not catch the http request:
server { if ($host = onlyoffice.foo.bar) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name onlyoffice.foo.bar; return 404; # managed by Certbot }
-
TBF, using a 3 year old version of any development software is bound to cause problems. I've learned to avoid official repos for anything important long ago.
Debian currently has 18.09 in Stable (Buster) and 19.03 in Testing, and the later is the latest that the official upstream repository has as well. So it's up-to-date, actually.
Since I'm using Ubuntu and not Debian, I'd expect it to be more recent.
Ubuntu has 18.09 in Xenial, including updates, and Bionic, and 19.03 in Bionic updates and Focal. So it's about the same, really.
On the other hand Fedora and CentOS have long since switched to Podman.
Почему?
… mmmkay, you'd actually need to use Focal to get a sensible version (Bionic has 4.6.2.7, only Focal has 6.8.0.105).
Of course better question is why they didn't switch to dotnet-core yet.
Ah, yes. Misremembered. I used the Snap which is much more recent.
It's 19.03 just like Focal and Testing. There ain't nothing newer.
However I strongly suspect that would be the problem. The
docker
snap is not classic, which means it runs sandboxed and therefore won't be able to get some privileges granted to it. Depends on what they need.
Basically, all internal servers use port 80 and only allow the reverse proxy to connect who then takes care of https.
So exactly like everybody does these days even when they have plenty of IP addresses and everything. Application that does not expect a reverse proxy in front of itself should return back to Triassic.
-
I still routinely disable swap on my laptop Linux installations. After all, I've only got like 120GB of hard drive space. So those 16GB of RAM had better suffice.
The memory may suffice, but the performance suffers. With such anaemic disk though…
-
It must be a really slow news day at the Not the Bee offices:
Edit: I didn't notice that this could have gone in another thread, but it's here now.
-
@Rhywden Missing location specifier?
-
The pièce de résistance: Their nginx config example is actually wrong and does not work.
@Tsaukpaetra said in WTF Bites:
Yeah I personally gave up. It kinda-worked once and then... never really did ever. No idea why.
I tried really hard for almost a full week....
-
I'm kind of wondering though, why this part of the nginx config does not catch the http request:
It would, but the browser is refusing to actually make that request, since the page was started HTTPS.
What would be needed here would be a filtering proxy that ham-fists http to https URLs in served content, but only for the static pages.
Either that or rewriting the affected pages, they're scattered, I think about 12 in total? I forget. Gave up you know.
-
@Tsaukpaetra said in WTF Bites:
What would be needed here would be a filtering proxy that ham-fists http to https URLs in served content, but only for the static pages.
This is what I was thinking of. It's a horrible thing to do, but I remember seeing that it can do it.
Fortunately, I managed to not need it when I was last tinkering with these sorts of things. I discovered a not-very-well-documented option on the problem service that made it use the right address. I still needed an nginx wrapper, but it was just a gather-several-things-under-one-umbrella job to defeat cross-site scripting idiocy.
-
@Rhywden Missing location specifier?
No. Turns out that my script was almost right, it just needed one slightly different setting in the https section.
Which they don't tell you about in their installation section. No, that part is hidden away in a Github repo specifically for proxy setups. Which they don't link to anywhere and which I only got because I mailed their support.
-
it just needed one slightly different setting in the https section.
Which they don't tell you about in their installation section.Stop bringing back the bad memories!
-
Community Server that we know here was renamed to Telligent Community 10+ years ago.
And, as we all know, the "in-" (or "im-") prefix means the opposite of the rest of the word (e.g. possible / impossible).
-
Was looking at a user support request this morning that related to a misleading error message. The message was removed from the codebase in question 9 years ago. I think I'm going to just tell them to get the current patch release.
I realised recently that the minor release of our software that's going out sometimes later this year forked out from the main branch (trunk) around summer 2017. And has had almost none of the later changes done to the trunk ported to it.
I'm soooooo glad I'm not officially doing support for clients so that when someone comes to me with an issue on that branch I can just tell them LOL GTFO.
-
@Zerosquare said in WTF Bites:
Somehow I doubt that Facebook will simply walk away from 25% of their revenue.
Very much so.
-
WTF of my day: Now, when I have to include 3rd party Javascript libraries (like, say, jQuery), I put them in the head of the
index.html
and reference them relatively, like<script src="/lib/jquery.js" />
That way I have all external dependencies registered in one spot, it's easily readable and foolproof. It also doesn't care about http or https. It just works.
Not so Mahara. Their special snowflake PHP script seemingly uses 20 different PHP files to construct the head of the page, using five different functions to create a link to those 3rd party files, using absolute URLs which are also using http by default. Now, this might be reasonable if you wanted to put those libraries into a CDN or something but there's no provision for that. It's also completely impossible to easily see where the http is hardcoded.
Why do those things have to be so mindboggingly stupid?
-
-
reference them relatively, like
<script src="/lib/jquery.js" />
[...]. It also doesn't care about http or https. It just works.If you omit just the protocol it should still absolutely work:
<script src="//code.jquery.com/jquery-3.5.1.min.js"></script>
On the other hand I dislike self-closing script tags, perhaps for no good reason.
-
<script src="/lib/jquery.js" />
The file should have a (possibly short) hash in its name and there should be an
integrity
attribute with full hash. That prevents stale versions cached in browser during upgrade and provides a bit of extra resilience to errors and spoofing (though spoofing is more of a concern when referencing, usually upstream, CDN).I dislike self-closing script tags, perhaps for no good reason
Could it be because HTML does not actually have that syntax (or maybe didn't; I've lost track of what is now in the Live “Standard”*).
-
@Bulb Self-closing script tags certainly didn't used to work 'correctly' (like XML), and afaik it's not in the HTML standard. With most browsers now being XHTML and general purpose XML aware, they probably do now.
-
So, apparently the Win 10 2004 update changed Remote Desktop so if you maximize then restore down, the window is taller than when you maximized it.
-
-
WTF of the day: Job screening questionnaire.
Identify the bugs in a trivial C function.
Write a trivial C function.
Write a 1-line shell script.
Write a couple of scripts to parse log files.All easy. Actually run all the code I'm writing, even though it's trivial, just to make sure I'm not making any dumb mistakes.
Second log parser is specifically in Python and does some date arithmetic; there must be a library for that.
Oh, there's even a function that parses the date string in exactly the format I have; I don't need to pick the pieces of the date out of the string myself. What? No such function?
Oh, "New in 3.8" Why am I still using 3.6? Run Cygwin update to automatically update everything that's out of date.
Still no such function? Still 3.6. Run Cygwin update again, look at what's available in the Python section. 2.7, 3.6, 3.7 and 3.8 are completely separate, side-by-side installs. That makes sense for having 2 and 3, since they're not quite compatible, but 3.x will never update to 3.y. It won't even tell you 3.y is available. Install 3.8 and various packages.
Still no such function! /usr/bin/python3 is still linked to /usr/bin/python3.6. I just installed 3.8; update the (*&^%$#@ symlink, installer!!!!
But the :
More questions on the questionnaire.Describe how to debug a test failure. Provide as much technical detail as possible.
The answer to that could fill a small book. Except it's one of those "choose your own adventure" books, because everything depends on the answer to the previous question. What are the symptoms of the failure? What info is in the log file? Did it hang and time-out? Was the data not what you expected? Was there a protocol error reported by the test infrastructure? Was a protocol error reported by your end of the bus when the infrastructure wasn't supposed to inject one? Was a protocol error not reported when it should have been? So many questions; so little context in the questionnaire.
More "describe your process/strategy" questions with huge "it depends" holes without context, as well as some "design this test infrastructure" questions. Good thing I don't have any real tasks to do at my current job </sarc>.
-
@ChaosTheEternal said in WTF Bites:
So, apparently the Win 10 2004 update changed Remote Desktop so if you maximize then restore down, the window is taller than when you maximized it.
Don't worry, 20H2 is coming real soon now.
-
@HardwareGeek said in WTF Bites:
It must be a really slow news day at the Not the Bee offices:
Edit: I didn't notice that this could have gone in another thread, but it's here now.
What about temples?
https://www.tripadvisor.com/Attraction_Review-g1405573-d2173673-Reviews-Wat_Larn_Kuad_Beer_Bottle_Temple-Sisaket_Sisaket_Province.html
-
@bobjanova said in WTF Bites:
@Bulb Self-closing script tags certainly didn't used to work 'correctly' (like XML), and afaik it's not in the HTML standard. With most browsers now being XHTML and general purpose XML aware, they probably do now.
It's simple. It's not valid HTML (either 4 or 5) to self-close them, except it is valid XML (and therefore valid XHTML), except browsers don't support it. HTML doesn't have self-closing tags (but XHTML does, except when browsers treat it like HTML). HTML4 and prior have the SGML "short tag" syntax which lets you write something like
<b/ foo /
, a feature no one understands or uses. HTML5 basically ignores/>
and treats it like>
, unless you give thexmlns
attribute on thehtml
element, in which case it's required for void elements but still a no-op.Basically, HTML4 and before are subsets of SGML, and have the peculiarities from it. XHTML is a subset of XML, and has its foibles. HTML5 is neither but pretends to be both.
-
-
Also, you can self-close them in JSX (eg React), and it will render a closing tag as the browser wants.
-
@HardwareGeek said in WTF Bites:
Cygwin
Cygwin updater has always been a massive pile of poo. The MSys2 for exists for at least 8 or 10 years (the git-for-windows is based on it, that's how I found it back then) and uses
pacman
for saner package management. Or just switch to WSL2 now that it is complete paravirtual Linux and use whatever distribution you consider sanest.
-
-
@HardwareGeek said in WTF Bites:
Still no such function! /usr/bin/python3 is still linked to /usr/bin/python3.6. I just installed 3.8; update the (*&^%$#@ symlink, installer!!!
There's a separate command to make the links (because some software is sensitive to exact versions). Just invoke with
python3.8
instead ofpython
. And remember to use a virtual environment if you're going to install many third-party packages. It's so much easier. (It also makes it so thatpython
uses the version you pick when setting up.)
-
@TwelveBaud Indeed, but I ass-u-me'd that using Cygwin means a full unixy environment is desired.
For native apps my preferred solution was this, but I still had Win 7 till relatively recently and then I said it makes no sense to develop Linux software on Windows and switched to Linux for most of my job use too, so I never got around to getting used to the store.