Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
You see a web, I see:
CLIENT: TCP SYN
SERVER: TCP SYN ACK
CLIENT: HTTP Get
SERVER: HTTP Response
...
CLIENT: TCP FIN
SERVER: TCP FIN ACK
All I’m saying is that this spider has a clear understanding of Transfer Control Protocol.
13 -
--- HTTP/3 is coming! And it won't use TCP! ---
A recent announcement reveals that HTTP - the protocol used by browsers to communicate with web servers - will get a major change in version 3!
Before, the HTTP protocols (version 1.0, 1.1 and 2.2) were all layered on top of TCP (Transmission Control Protocol).
TCP provides reliable, ordered, and error-checked delivery of data over an IP network.
It can handle hardware failures, timeouts, etc. and makes sure the data is received in the order it was transmitted in.
Also you can easily detect if any corruption during transmission has occurred.
All these features are necessary for a protocol such as HTTP, but TCP wasn't originally designed for HTTP!
It's a "one-size-fits-all" solution, suitable for *any* application that needs this kind of reliability.
TCP does a lot of round trips between the client and the server to make sure everybody receives their data. Especially if you're using SSL. This results in a high network latency.
So if we had a protocol which is basically designed for HTTP, it could help a lot at fixing all these problems.
This is the idea behind "QUIC", an experimental network protocol, originally created by Google, using UDP.
Now we all know how unreliable UDP is: You don't know if the data you sent was received nor does the receiver know if there is anything missing. Also, data is unordered, so if anything takes longer to send, it will most likely mix up with the other pieces of data. The only good part of UDP is its simplicity.
So why use this crappy thing for such an important protocol as HTTP?
Well, QUIC fixes all these problems UDP has, and provides the reliability of TCP but without introducing lots of round trips and a high latency! (How cool is that?)
The Internet Engineering Task Force (IETF) has been working (or is still working) on a standardized version of QUIC, although it's very different from Google's original proposal.
The IETF also wants to create a version of HTTP that uses QUIC, previously referred to as HTTP-over-QUIC. HTTP-over-QUIC isn't, however, HTTP/2 over QUIC.
It's a new, updated version of HTTP built for QUIC.
Now, the chairman of both the HTTP working group and the QUIC working group for IETF, Mark Nottingham, wanted to rename HTTP-over-QUIC to HTTP/3, and it seems like his proposal got accepted!
So version 3 of HTTP will have QUIC as an essential, integral feature, and we can expect that it no longer uses TCP as its network protocol.
We will see how it turns out in the end, but I'm sure we will have to wait a couple more years for HTTP/3, when it has been thoroughly tested and integrated.
Thank you for reading!26 -
Me: We should change the http response code to anything but 200 OK in the error response case of our API.
Other dev: No, it's fine.
Me: Why?
Other dev: The client successfully receives an error message.
Me: ┻━┻ ︵ヽ(`Д´)ノ︵ ┻━┻15 -
Can't ssh to my vps at work; hello new hobby project!
(server hosted on vps, http request -> shell -> http response)
Next up is supporting an interactive shell
18 -
HTTP return codes cheat sheet :
1** : Hold on
2** : Here you go
3** : Go away
4** : You fucked up
5** : I fucked up5 -
Misunderstanding is like running ftp server on port 80!
Ftp responses for http request!
In real life it happens like this
3 -
10 year old Bria suggests Elon Musk to hold a video contest(commercials) for Tesla since doesn't advertise on its own.
3 days later Tesla holds the video contest.
Musk nailed it!
Links:
http://bit.ly/bria_letter
http://bit.ly/musk_reply
http://bit.ly/tesla_project_loveday
3 -
Had a job interview recently that went well besides one little disagreement... and it has made me question my sanity. Tell me if I'm wrong.
They asked the difference between a GET and POST request.
Wow, that's an easy one, they're giving me a break, I thought to myself.
I said "GET is used to retrieve data from a server, whereas POST is used to add data to a server, via it's body, which a GET lacks" or something like that.
They were like "ya mostly, but GET can be used to enter data into the server too. We were just looking for the body thing."
And I'm like.... yeah, you could do that, but that's not what it's meant for.
They mention stuff about query parameters and I hold steady that GET and POST are different because GET has a specific purpose. Otherwise, we wouldn't need the "method" part of an HTTP request at all. We could just either include a body or not include a body.
I ended it with "Well, POST implies that you are adding data to a server, and GET implies you are querying data from the server. When I'm reading documentation, that's how I quickly determine what an endpoint does."
My confidence was a little shaken at this point. Crazy what two people with (I assume at least) 10+ years of experience telling you you're wrong will do to your confidence.21 -
I consider myself a web developer for over 7 years.
Today, I learnt that http features a HEAD request.
Wut.5 -
So lately I’ve been sending an http request with ajax instead of using classic form submit. Pdf and images need to be converted into byte64 string then send it to the backend, problem is if the size gets too big chrome crashes and showed me ‘Aw snap’, but it works on firefox. Thr file is size could be 3 to 100 mb (for pdf). So my question; is this my problem or just browser limitation?16
-
Alright, this is a new one to me, and wow am I blown away.
Working on upgrading an API that I did not build. Getting things running well enough and then an endpoint (which runs well enough in the tests) returns a `418 I'm a teapot`
Yeah, you read that right "I'm a (motherfucking) teapot"
The description is that...
"refuses to make coffee because it is a teapot"
It was an April fools joke in the beginning.
I couldn't return that error if I tried!
This shit is bizarre.
For your reading pleasure:
https://developer.mozilla.org/en-US...
3 -
!Rant
Fun links I've found today:
http://amzn.to/2xy5g49
http://amzn.to/2xzKEJb
http://amzn.to/2hwULGY
http://amzn.to/2fpO492
http://amzn.to/2y5JQP1
http://amzn.to/2wVelCm
There are more, but I feel like this is enough.23 -
Senior colleagues insisting on ALWAYS returning HTTP status 200 and sticking any error codes in the contained JSON response instead of using 4×× or 5×× statuses.
Bad input? Failed connections? Missing authorization? Doesn't matter, you get an OK. Wanna know if the request actually succeeded? Fuck you, parse potential kilobytes of JSON to get to the error code!
Am I the asshole or is that defeating the purpose of a status code?!13 -
Front end guy: Somethings wrong with your server. My app is crashing.
* proceed to check logs. Everything fine
Me: Ok send me a log, a printscreen something. What calls do you make?
*send a printscreen with a failling 404 request
* You dense motherfucker learn your fucking http status. They are there for a reason😤
3 -
A few days ago a friend of mine asked me to teach him to code. When I wanted to know which language he'd like to learn, he hesitantly replied "https".
Then I explained, this was a data transfer protocol. His next idea was "http". 🙄
Guess who will learn Python8 -
My first research publication! 😀
http://serialsjournals.com/serialjo...
Also at:
http://kaustubh.tech/docs/...12 -
Remember that time I taught a "senior" full stack developer what the HTTP PATCH verb was, DURING an interview?
Didn't get the job.
Yeah. Those were good times.2 -
Argh! What are HTTP status codes for if you're not using them in your API implementation?!
Fucking morons!15 -
About browsers and whole SSL CERT thing...
Most likely everyone here noticed, that https site with broken certificate will throw these big red warnings, in your face and there is so much wording like "ITS NOT SECUREEEE" or "ITS HACKEDDD" almost like it was written by passionate fanatic.
But when you are on plaintext http browsers reaction is like ¯\_(ツ)_/¯
Even if you have plaintext with password, it will for example in chromium put small little red thingy that almost no one notices.
I believe that broken cert with some error like invalid date is MORE secure than plaintext password, yet still there is this hypocracy with browsers...
I dont say that broken SSL cert is good, or something, Im just pointing out contrast of "broken" https vs plain http.... One looks for casual Joe like end of the world is coming and second is bearly noticable. Da fuck?
I disagree with this approach18 -
Me: please return http code 202 in your http service.
My collegue: ok.
After one hour...
Me: you are returning 200, I told you 202. Let me see the code:
OMFG she was writing the string "202" in the response body!!!
I do not know how to escape from all of this shit.1 -
“Fullstack dev morphs into a security expert”
We have a simple user registration system. Get the user details, generate an OTP, save in Oracle, email the OTP. The SMTP host is configured to send emails only to people who have an existing @a_very_famous_bank.com email address.
As a part of an enhancement request, the other day, we were trying to register a non-bank email address. As expected, it failed.
Manager: Meeting... meeting... meeting
Me: (Explained the problem)
Fullstack dev: so the thing is.. it’s like.. (doesn’t falter to open with these lines)...what I can do is...I can send you an HTTP security header in the HTTP request. It’ll work!
Me: (I hope an adult giraffe fucks you in your belly button)
More to come!3 -
Right, I've been here before.
Our app requires an internet connection, and one of our clients wants to roll it out on a strictly managed network.
We told them which addresses our app communicates with and their network team opened them up for traffic. Should work, right?
Nope, doesn't work.
So I request them to use Fiddler to do some debugging of the network traffic, and lo and behold, it does work when Fiddler is active.
One important detail is that Fiddler uses it's own SSL certificate to debug HTTPS communications. I've had moments where expired certificates were the cause of things not working and running Fiddler "fixes" this because of their own certificate.
So I point this out in numerous mails to their network team, every time I get a response saying "nah, that can't be it".
I keep insisting "I have had this before, please check if any installed Root CA Certificates is expired"
At this point I'm certain they have updates turned off on these machines, and their certificates must not have been updated for a long time.
At one point they come back to me. "Hey, when Fiddler is off, WireShark shows the app communicating with ICMP calls, but when it's on it shows HTTP calls instead".
...YOU'RE THE SUPPOSED NETWORK EXPERTS?! You think data can be send via ICMP? Do you even know what ICMP is? Of course you'll see ICMP calls when the network is rejecting the packages instead of HTTP calls when everything's fine.
(ICMP is used to communicate errors)
I'm trying to keep my patience with these guys until they find exactly what's wrong because even I am somewhat grasping at straws right now. But things like this makes me doubt their expertise...6 -
I am currently in a bit of a (well-deserved) lull at work, both of my projects are finishing up/ finished, so tomorrow should be pretty light, as the latter half of today was.
And I have really gotten interested in the HTTP protocol. It's so interesting learning how it all works under the hood.
So I think I'm going to be researching/ messing around with creating a cpp project that essentially implements cURL from the ground up, creating sockets, reading from them, parsing the HTTP requests... all that. I don't expect to actually get it done, but it should be an immense learning experience. I have a clear goal: implement this function:
std::string get(const std::string&);
Once I'm able to just GET as simple as that, I know I have achieved my goal!3 -
"200 Internal Server Error"
Yep, I did that. Because the lousy crapheads I work with were too lazy to handle any other HTTP status so anything else breaks the whole thing. And it's a pain to roll out another release of their part of the backend so "this isn't a priority". Also, they don't feel the need to check the JSON body of the response for the "status":"ok"/"fail" because what could ever go wrong, right? I effectively have no way of conveying to them that there was an error on this end of the API so they show success toast on the frontend irrespective of what really happened.6 -
I want to learn more about this community, it seems like there is a diverse group of devs here, so I wanted to create some polls about for everyone to see below (it would be helpful if you vote!). Here are a few for everyone:
OS: http://www.strawpoll.me/14004183
Programming language: http://www.strawpoll.me/14004228
Time on devRant: http://www.strawpoll.me/14004247
IDE of choice: http://www.strawpoll.me/14004260
Topic you find most interesting: http://www.strawpoll.me/14004295
---For specific devs---
Web: http://www.strawpoll.me/14004315
Android: http://www.strawpoll.me/14004324
Backend: http://www.strawpoll.me/14004342
Add any polls you want answered, were surprised about, or tag someone10 -
Soo.. yeah.. I've just build a fully functional http webserver with BASH :) Yippee!!
Proof in the comments29 -
Java dev here. I rewrote an app and replaced a system call to ssh with a modern jaxrs post for uploading a file and (new) some additional data.
I even used a stream.
1 hour in production, first client doesn't get his file. Log says OutOfMemoryError: heap.
Me: wtf? I already use streams.
Looking at the Jersey library. Docs say nothing. An issue from 2013 says: oh if you silly don't use the Apache httpclient addon, we disable chunking and buffer the whole body, because our tests fail with the jdk included http client otherwise.
Me: meh.
No warning in the logs. Thank you soooooo much! Who could have known?4 -
Just went to book something online. About to click the "Pay" button and noticed the page wasn't secure. Who the hell, in 2017, captures credit card details via insecure 'http'??? And 'https' worked on the home page but not the payment page!! Backed out of that, messaged them and we'll see if anything comes of it.3
-
So here I am reinventing the wheel making an HTTP server in C.
Finished implementing HTTP/1.1 and WebSockets support and now I find out the current thingy is HTTP/2.
Well that's fine, I'll add support for that later. In fact I kinda dig it since it uses binary conventions instead of plain text ones.
I dig a little bit and find out there already is an HTTP/3 going around which uses UDP.
Why me.5 -
NO, YOU ABSOLUTE DISGUSTING GREMLIN OF A JS HTTP CLIENT, I DON'T WANT YOU TO "JsOn.StRiNgiFy" MY PAYLOAD OR DOING ANY WEIRD SHIT
I NEED TO SEND THIS THING EXACTLY AS IT'S WRITTEN, STOP TRYING TO GUESS WHAT I'M TRYING TO DO I'M A DEV WITH SOME 7 YEARS OF EXPERIENCE WRITING CODE, I'M SENDING A STRING CUZ I NEED TO SEND A STRING2 -
Writing a Unit test to test the Unit test that's testing your application, because you can never be sure about anything.
6 -
My new workstation is ready 💪🏼
Table top: http://m.ikea.com/us/en/...
Sit/stand electric frame: https://autonomous.ai/diy-smart-des...
Shelf: http://m.ikea.com/us/en/...
Shelf legs: http://m.ikea.com/us/en/...
2 -
RFC for 700 HTTP Status Codes
https://github.com/joho/7XX-rfc
o 703 - Explosion
o 728 - It works in my timezone
o 732 - Fucking Unic💩de
o 791 - The Internet shut down due to copyright restrictions
o 797 - This is the last page of the Internet. Go back3 -
http requests
literally the bread and butter of any software engineer building applications, you would ASSUME they know what they are doing...
and you're gonna write a seperate http get and post function for every type you have?
apparently stuff like this that is written by "senior" developers? you don't even have a basic understanding of software...
i'm won't do it that way, becuase i'm an adult, not a child
what i'm going to do is write a HTTP request util function that can be used for any type and HTTP verb. DRY, single responsibility, etc.
imagine making the http request itself a responsibility coupled to the type 😂😂😂😂
get a clue and come back later
i can't tell anymore if my thoughts are so outlandish compared to everyone else that no one understands them, or if i've been doing this so long that i just immediately understand what needs to be done and don't know how to explain it to anyone else anymore (or take the mental effort to)
peace out
oh P.S.: imagine thinking the SOLID principles are only applicable to OOP
stay safe out there folks, its getting more painful every day
8 -
I just found out there's a 418 HTTP status code that stands for "I'm a teapot", specified by RFC2324 which "describes HTCPCP, a protocol for controlling, monitoring, and diagnosing coffee pots". I know it's an april fools joke but I still find it hilarious that there is an RFC for that.9
-
Hey guys, some of you might know this but for those who do not, there is an april fools HTTP error code which is 418, it's description is 'I\'m a teapot' #TheMoreYouKnow
(felt the need to escape sorry not sorry)4 -
Just started using the Dropbox API. Want to do a simple directory listing of my files. Sends HTTP GET request at https://api.dropboxapi.com/2/files/....
"Error in call to API function "files/list_folder": Your request's HTTP request method is "GET". This function only accepts the HTTP request method "POST"."
What. The. Fuck. Dropbox.
HTTP POST is for creating a new instance of a resource. HTTP GET is for reading. GET guarantees server state is not changed while POST does not. I want to fucking list a directory, not put stuff in it.1 -
Why do people still use both curl or wget? There's httpie and it's awesome!
http PUT your-host.com header-name:value parameter=value
Profit!
And it formats the response for json without jq. It will just show binary for binary content and you download by adding the download flag.
Yet why is curl still the default!?4 -
Webdeveloper:
"I want that http://somedomain/something should point to your environment but http://somedomain should still be hosted on one.com."
This is why I do not trust "webdevelopers".1 -
DevRant doesn't let you choose the protocol for your website. Seeing http:// on my profile makes me feel insecure.6
-
JFrog Artifactory uses HTTP POST for updating and HTTP PUT for creating.
... I'm correct to be offended by this yes?2 -
I once wanted to participate in a free activity that requires signing up for a crappy website.
Unfortunately all spots for the activity I wanted were filled, so I gave it a few minutes and it turned out that the registration is done by sending an HTTP request to a domain with all of the details. So I changed the activity details and selected the hours I wanted and boom - "Thanks for signing up with our site, did you like it ?" Yes.😈 -
So i found this the other day and thought i would share it with you.
It's a collection of short little songs inspired by HTTP status codes.
Neat idea but is a little rough around the edges.
https://thingsinjars.bandcamp.com/a...1 -
Fuck you apache server...
Why did your dumb ass developers decide it was a good idea to not support "expect 100 continue headers". I seriously suspect that the devs were high smoking dragon dildo ashes like they were getting ready to get a whole chair shoved up their asses.
I wasted alot of time thinking i was getting a 417 http code because i fucked up my API implementation... No, it was the dumb apache server that decided to give me the finger.
Also, whoever built the HttpClient for .net framework 4... Fuck you too for automatically adding that dumb header to PUT requests and not properly documenting this or allowing for it to be disabled in a non hacky way.
I appreciate and enjoy solving coding problems... I, however, can't stand dumb decisions like the two above. -
PSA: If you do reverse proxying stuff, prefer unix domain sockets over localhost internet sockets, if it's on the same machine (and if it's forwarded over ssh too). You can even serve HTTP as a unix socket.
Unix domain sockets don't have the overhead of IP, so generally speaking, data will flow to your other process with much less overhead.
I've recently stopped being lazy at this, and it's worth it.3 -
So I just spent 2 hours debugging a script that fetches data from an API. Thats all it was supposed to do. Http get some data.
It wasnt working and was giving a "parse error". Worked fine in browser.
So it turns out it was using http 0.9 (first documented http version, defined in 1991) and wasnt sending any headers. And js cant do no headers...
So yea I now have to write a tcp / http 0.9 client in js10 -
Finally upgraded my webserver and php modules to support HTTP/2 ^^ Everything works fine.
Found out devrant.com doesn't support it though. @dfox
8 -
I would like to call out the moron who decided to control docker through HTTP when the maximum time the server can take to finish the task is longer than the HTTP timeout.
If you expect things might time out, you don't use a HTTP request. You use a resource and poll it, or Websockets, or possibly SSE.
Shoehorning your API into a frame that obviously doesn't fit doesn't help anyone. Just admit that you don't know what HTTP is and use a regular TCP socket with regular pings.2 -
Today I have created a server application on Python Tornado which can forward TCP Packets directly to HTTP request queue without any intermediate caching.
Our remote IOT devices (microcontrollers with sensors attached) send sensor reading over TCP Socket to our server and all the connected web applications can show the data instantly using long polling and the above mentioned technique.1 -
Imagine requesting something from a girl/boy you're interested in, and getting replies in Http codes...
What are the funniest?
402: Payment required
403: Forbidden15 -
Today I wasted hours trying to do a HTTP POST request by using a query string in the URL. After some hours I realised what I was doing wrong. I'm so stupid.2
-
Optionsbleed - HTTP OPTIONS method can leak Apache's server memory
https://blog.fuzzing-project.org/60... -
!rant
Browse the first website like The Ancients:
http://line-mode.cern.ch/www/...
(Source: http://info.cern.ch/) -
Can we please normalise using JSON bodies for GET requests? Makes life way more easy to just have one uniform way to communicate with API's and having different parameter formats between GET and POST request. I mean, In my opinion it is not logical to do one request with query params and others with data in the request body6
-
http://www.rainymood.com/
https://youtube.com/watch/...
http://endlessvideo.com/watch/...
>Open all 3 in seperate tabs
>My ultimate coding zone
3 -
I need a framework that does http and websockets for C++. I have seen many that offer a crap load of stuff like widgets, Json, templates... I only need the protocols!
Do you guys have any experience in this?5 -
When you are surfing on a website (a provider for mail-sending) and you suddenly get a HTTP 503.
I guess, I'll wait then. -
So, today a developer from a web app consuming our services requested to fix a 429 http error code (too many requests) they are seeing. The request is on an email with our managers cc'ed4
-
I built my first web server literally from scratch (standard socket lib) today! In Python <3.
It is able to execute php and get the stdout to use it in the Python script afterwards and make use of parallel connections.
Now to the real rant...
I am using HTTP/1.1. I want to use h2 (aka HTTP/2) tho. I am stuck on this. Found the papers to the specs of the h2 and spdy protocols, but they are not really helpful.
Is anyone good in this field? Please let me know :/3 -
Contrary to popular opinion, I still firmly stand by my belief that you should thoroughly study something in-depth before you attempt to do anything serious with it. Failure to do so will have an enormous cost of waste of time attached to it.
Here's an example:
I was using AJAX to post a multi-part request containing a file.
Now here was the problem: no matter what code I forced in the backend, the browser would in all cases refuse to prompt a SaveFileDialog (and I had turned on the option in the browser to ask the user if download). This took me two entire days and at least 100 Google queries and several RFCs to figure out.
From StackOverflow:
The cause was simply that you can't (typically) make a browser prompt a SaveFileDialog via an AJAX request, even if you set the necessary headers. Why? The browser will just dump everything back into the XmlHttpRequest object..
If you make a regular request with Content-Disposition: attachment; and so on, then it works, but yeah, not with an XmlHttpRequest.
Conclusion:
Had I better studied the HTTP spec, networking and AJAX in-depth, I would have instantly known what the cause was.7 -
I‘m currently writing a http proxy server (something like the proxy mod in Apache, but more special). One the one hand is is nice that HTTP 1.1 can use one TCP connection multiple times, but on the other hand it is very annoying. Because I need to rewrite the Host header. And therefore I need the start of the HTTP header. I solved it after some time, but now my code is more complicated than before.
-
Hello fellow Devs,
I have developed a small Android library for handling HTTP POST and GET requests. Anyone who is looking for an easy way to perform HTTP calls, can use this library. It supports post requests with JSON and Multipart Form data, file uploading and Get request with URL parameters.
Hope it will help you guys.
https://github.com/shubhadeepb14/...8 -
Do you guys return 200 when a search function in your API returns a not found and you attach a response in the object saying "success: false", or do you return 404? I'm confused. Thanks.
https://softwareengineering.stackexchange.com/...3 -
I have an odoo instance inside docker. Long story short, I was checking visitors of my instance and I saw this:
http://0/
What is this?8 -
Why the fuck do I need an Accept, A content-type AND and responseType (which, by the way doesn't go with the rest of the request headers, it has to sit outside them just to fuck you up). Just so angular will stop trying to parse absolutely fucking every request as JSON?
I'm well aware my knowledge of http protocols and angulars apis's are not the best but for fuck sake. What dark book of secrets must I uncover to illuminate the strategies behind these choices?
Why, when the Accept type is text, the Content-Type is text. When the request itself is handwritten beautifully on parchment and sent via fucking carrier pigeon to the backend and returned by horse and carriage, does ANGULAR STILL TRY TO PARSE IT AS FUCKING JSON. JUST STOP.16 -
Coming from NodeJS, writing APIs with Express, I now do my first steps writing APIs in golang with gin.
Now I know, Express is not the fastest solution out there, but I mean - a good 30ms is alright for non-high-performance backends. And I always thought that's on the faster end of HTTP handling..
..but then I used gin. A GET request doing a MongoDB-write and returning some json. 3ms response time. THREE MILISECONDS. holy fuck. By it's debug logs the actual handling took 540 MICROSECONDS. holy fuck I'm in love.8 -
The whole API service relies on a token obtained by posting to a http URL: http:// blah/get_token?User=malleable?Password=longandcomplicatedpasswordforsecurity
🤔👌👏2 -
I don't get it
why is it that people still use FTP?
Like, in current, fairly recent (2018) projects, for public downloads.
I get that when you're just hosting public files without any authentication you don't need to worry about the unencrypted passwords, but like
the random ports are a shitty and annoying practice and also http exists just let your custom patcher program download the release from github where it's already available21 -
The documentation of scala akka http may be just gibberish as far as I am concerned. You would think that hooking into the marshalling process (aka de/serialization) would be straight forward, I've dealt with similar problems before and solved it.
I have an object, it should be transformed into a Json and vice versa. Should be easy as pie.
Not with scala and akka-http. The docs tell you how to achieve something in dozen different ways yet lack a complete example. My first custom marshaller I created in a "marshall" package in my! namespace, but it was breaking scala compilation due to some black magic.
It's not clear how when and why marshallers are added, they just somehow are. Why do I have to deal with entity marshallers vs response marshallers. I just want each instance of a certain type to be transformed into a specific Json presentation.
Asking on stackoverflow also only yields in incomplete hints of "just do boargh" presupposing certain knowledge while sounding borderline condescending.
Currently, I just want to burn the project and rebuild it with fucking PHP. Flame all you want, at least I would get things done and the JMS serializer library has decent documentation and it works in an expected way.
Akka-http, combined with Scala, looks from my current rage-driven perspective like a solution worse than the problem. -
I'm just testing out some code for Spring Boot with Spring web. Whilst inspecting Spring's HttpStatus enum I suddenly realized there are a lot more HTTP status codes than I had estimated. I knew there were many, but woah that's a lot.
Check it:
https://en.wikipedia.org/wiki/...
On a side note, it really helps to debug work stuff at home. More concentration, more time and such.
Fun fun.4 -
CGI is fun, websockets are fun, why on earth is it so fucking hard to have both of them with proper switching using at most one extra program apart from my handlers?
By proper switching I mean that you actually track connections and upgrade headers to decide what to do, rather than forcing websocket connections onto a separate HTTP resource just to tell the difference.4 -
You gotta love PHP:
<?php
$bool = true && false;
var_dump($bool); // false, that's expected
$bool = true and false;
var_dump($bool); // true, ouch!
Source: http://php.net/manual/de/...
http://php.net/manual/de/...3 -
If your code is giving HTTP 500 error on a production server, go kill yourself, until you are having a development environment on the production server. In that case, kill your manager! 💢
-
Phillip Hallam-Baker and Roy Fielding misspelled "referer" in the HTTP specification. Are there any other misspellings in core/popular libraries that you know of?
-
I just discovered that the site "http://whocouldthat.be/visualizing-..."
match strings. But what about if you go over "http://whocouldthat.be"? So sad -
Wifi used to be an issue in my incubator. Like I had mentioned in my earlier rant. There are many wifi's available now, but once when there was only one wifi available. That wifi network, was so terrible that it asks for human verification number of times even on google searches.
And the person responsible for wifi, is one of the most useless, undeserved person, I had ever seen
When a team from incubator talked to him about the issue, that this particular wifi's is pathetic, too many blocks and always asking for human verification, his reply was
"Just write 'S' after 'http', then it will work"
No doubt, everybody hates that guy.
But that guy cant be fired from job, because government. But he can be FIRED -
(!rant && user_input)
I have been pondering for the last couple of days on how to validate whether a referring http request is actually coming from the referrer it claims to come from. Any ideas on this?3 -
What do you use to make a http request ? ,
This is the comparison about axios vs ky vs superagent.
4 -
Has anyone maybe a link to HTTP security topics in general?
I find often breadcrumbs, like in several different attack possibilities, but nothing comprehensive.
Mostly regarding HTTP 1.1 / HTTP 2 (h2c) and proxying.
I'm currently unclogging an whole ecosystem of proxies, endpoints, edge nodes and so on...
My knowledge is limited and it's frustrating to Google cause seemingly I get always just pieces of the puzzles but not a collection -.-
(Looking for specific information, e.g. regarding attacks like H2C Smuggling, HPACK attacks, stuff regarding Cookies / Headers / Encoding... But please not spread over several dozen pages where it becomes frustrating to read the same shit over and over again without learning something new :( )3 -
!rant
hey, thought i'd share the love - there's an arch discord i'm a part of. everyone's free to join!
http://discord.gg/YuqQf8v
( also, a general linux discord here http://discord.gg/Xcn9yVK ) -
Is there any free software / database / API which can be used for something like get_maliciousness_score(request_method, url) => [0..1]?2
Top Tags
Weekly Rant
View