Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
@eval ok whose next to jump on https hype tain?
-
@zemaitis for me it's not even about the whole privacy thing (where i'm much less concerned than most people here), but i don't want anyone to steal:
My credit card
My login
My session token
😑 -
@zemaitis It's about the fact that you ever made a webshop without https. Just remember not to state this on the internet next time.
It's pretty much like whining about what an asshole the doctor was, and how he gave obligatory vaccines to your child even though you told him you're an anti-vaxxer. -
@Fast-Nop nice :D. Didnt know about CAA. This is cool if it can prevent rogue CA's from breaking stuff.
-
@eval Actually, it can't - a CA gone completely rogue would not respect the CAA header. But it can help when people try to trick a regular CA into issueing a certificate, e.g. via social engineering or so.
-
@Fast-Nop ah shit i thought it would be checked by Browsers, not the CA's themselves.
-
@eval But that would also be pointless because if there is a MITM who has managed to get a fraudulent certificate, then he would also fake the DNS responses.
-
@Fast-Nop true. Not with DNSSEC though.
-
@eval DNSSEC prevents DNS spoofing, but not MITM attacks because the MITM attacker can just fake a DNS without DNSSEC support. Or am I mistaken here?
-
@Fast-Nop i don't really know much about DNSSEC but i guess you could do some thing like HSTS where you use say 1.1.1.1 always and then 1.1.1.1 tells the OS to never accept an unencrypted response in the future...
when your code is a mess but everything work out in the end
When you keep getting +1s on a rant you posted a month ago.
Go big or go home.
Attention: incomming resentful boiled up for months rant.
Hands down G2APAY is the worst because:
Merchant account aproval takes fcking months. It starts with unreasonable delays in documents approval. I mean insane nitpicking. They want to see merchants name surname and address on every god damn document that you submit even if for example bank statement doesnt include these details. I had to manually edit pdf’s just so that they would fck off and approve the merchant application. Insane requirements for document check also combined with their email only support answering only once a week you will have to wait one month just to get your account approved.
Then you get to the fun part, approval proccess for vendor gateway and webhook integration. They are nitpicking everything you can imagine: about website not having https, website forum missing some icons, merchants phone number being from another country then he is, and bunch of other hundreds of problems imagined only by them. Again combined with their one email reply per week policy you will waste atleast one month to finish up your integration.
Now finally you are their client and you think you can chill and go back to focusing on your business? Nope bro. Prepare for threatening emails. Last time I got a request to install https or my merchant application will be shut down. I was given 3 days notice on a fcking friday and had to do it.
Then g2a backend is crashing quite often. Combined with their one email per week policy you are fcked in the ass if your users were not able to pay through g2a and you will get no compensation.
Their backend documentation is shiet. Not clear how to integrate everything and after you integrate they make changes without publishing any changesets. Your integration is working? Good luck if it will still be working tomorrow.
And the very worst part is that they stopped proccessing credit cards like month ago with zero notice. Its been weeks and still zero news about bringing card proccessing back. They sad that they were acquired by some other company so shitty support got even shittier now while they are in a proccess of handover.
So yeah thats the worst vendor I have ever seen in my life. For example integrating paypal took me 30 minutes. Integrating stripe and getting all documents reviewed took me one business day. Same with paymentwall integration and document approval took 1 business day. Support is amazing and even have a phone number that I can reach if urgent problems arise. Thats how it should be. Thats why I can pay percentage of my transactions with a smile for them.
Sorry for the typos since im typing on my shiet phone while driving.
Eat a bag of dicks g2apay. I hope you go bankrupt and shutdown.
rant
wk185