Only 8? Those are rookie numbers
Only 8? Those are rookie numbers
JavaScript is a language that runs on a user’s computer, when they visit a web page. It is often used for dynamic functionality, ie when you click “like” on a comment… JavaScript running in your web browser will make a request to the server letting it know that you liked the post, then the server will respond with a total number of people who liked it or something.
But, the server needs to know how to authenticate which user liked the comment (so you can’t like it twice etc). There are various authentication mechanisms to do this, with their own trade-offs. Over all, there’s secret information that the browser and the server have to share with each other, and we don’t want that information being accessed by the wrong people.
There’s also a common problem with web apps called “cross site scripting”. Basically somebody might craft a cleverly formatted comment that exploits a bug in the web page and causes the attacker’s code to run. One trivial example might be if every time a person read a comment thread, the attackers code caused that person to “like” a request. A more serious exploit would be one that finds out that secret authentication information I mentioned and shares it with the attacker. They can then pose as the victim user and do anything they want as that person. This would be bad.
So, on to the different approaches and their tradeoffs.
Anyhow, one common solution here is to set very short expiration dates on those bearer tokens. That way if somebody steals it, they can’t use it for long.
Another strategy is to limit what each token can do. OP needs to make it so you can like a comment using one of those bearer tokens, but more dangerous actions like purchasing things, deleting content, etc, should be guarded by a more secure mechanism. Then the damage is mitigated if the bearer token leaks.
I think the problem is that unions are famous for fighting for equal pay across the board for the workers they represent regardless of individual competency or market demand. For this example they’ll give COBOL developers a raise to 120K and give web developers a pay cut to 120K.
Or best case scenario they give the COBOL developers a short-term raise to 150, then raises across the industry stagnate in coming years to offset the fact that employers feel like they’re overpaying for some people. But sure, a few years later the union can come in to look like a hero arguing for a fraction of the raise the web devs could have already gotten.
Nah, they’re going to “solve” it by paying web developers less, not paying cobol developers more
Only 20 tickets? Sounds pretty stable
I use a “real name” domain. My last name ends in the letters “in”, so I bought a .in
domain, such that the domain name is my last name with a dot in it.
Can’t honestly recommend that approach. It’s a cute gimmick, but when non-technical people ask for your email address and it doesn’t end in a TLD they recognize, their heads explode. I usually give out my gmail address.
“I could rewrite this in a week!”
~ junior dev, 3 months ago
Later on when I want to look productive I’ll delete all those printfs then pay myself on the back for committing a lot of code changes that sprint and for reducing our log storage costs by 75%
Value watching is just printf; change my mind
Is gmail still considered beta?
I appreciate the quick hack, but with a little more foresight you could have just put up a blurry jpeg with that number and changed the prompt so it looks like a CAPTCHA. Nobody would have given it a second thought.
Must be nice working at a place where that ticket doesn’t just get dropped into the dev backlog as-is.
My favorite pastime is arguing about which JavaScript runtime is faster while I wait for my app to finish running O(n^n) table scans of my database.
The question is more about “how much” of PD they support right? Like PD has standards for charging at higher or lower currents.
My understanding of the current-gen MacBook Pro is that they support some kind of “fast charging”, but only if you use their MagSafe port. You can still charge on the USB-C ports, but not as fast as you could with MagSafe. I’m not sure if that’s a violation of the regulations, or if PD simply doesn’t have support for the amount of power they’re pushing through the MagSafe.
But I think the point is that they’ll continue to look for ways to offer a better experience with their proprietary stuff, even if they’re forced to support a standard in addition.
The real test on this one is going to be in how well those regulations support the eventual transition from USB-C to something else.
There’s inevitably going to be a use case for new connectors that have some yet-unidentified advantage over USB-C for certain devices, and there’s going to be hurdles convincing regulators to grant exceptions for those devices or to adopt one of them as the new standard for everybody.
There’s plenty of examples of government regulations gone wrong trying to transition from an old technology to a new one. (i.e. the REAL ID format in the US, or the switch from analog to digital broadcast TV).
Who says you have to drop it? I’ve got stuff from 2007 in there somewhere.
Your corporate IT guy
Y’all gonna regret this when Ron DeSantis gets put in charge of deciding which information is false enough to be deleted.
Hmm, does lemmy have username filters?
I tend to think people shit on Musk more than they should, but holy shit does it bug me when a CEO talks about engineering problems with such bravado.