Me: GET /sleep
Baby: 307 Temporary Redirect
Baby: 204 No Content
Me: 200 OK

Me: GET /sleep
Baby: 307 Temporary Redirect
Baby: 413 Payload Too Large
Me: 102 Processing
Me: 200 OK

Me: GET /sleep
Baby: 307 Temporary Redirect
Baby: 444 Connection Closed Without Response
Me: 200 OK

Me: GET /sleep
Baby: 307 Temporary Redirect
Baby: 444 Connection Closed Without Response
Me: 429 Too Many Requests

Me: GET /sleep
Baby: 307 Temporary Redirect
Me: 101 Switching Protocols
Me: 408 Request Timeout
GF: 102 Processing

Me: GET /sleep
Sleep: 404 Not Found
Me: 406 Not Acceptable

(Morning)
Me: 501 Not Implemented

My 80 year old very absent minded dad made a website, all by himself, using a two decades old book he got from the thrift store.

He's even hosting it himself on an old laptop running Debian, including a redirect to a beautiful nostalgic /~username/index.htm url (not gonna share the link, because his personal details are on there).

The whole site is incredibly carefully crafted, and I'm super proud of him.

Who cares if it's not a React app? The 14 kilobytes of HTML 4.0 markup load in 20-30ms, and it renders pretty much perfectly in every browser including Internet Explorer 4 and Edge.

🤷‍♂❤️

I hate those fucking sites which make you login first and then redirect to their home page.

FOR FUCK'S SAKE, ITS 2017. CANT YOU BASTARDS WRITE A FEW LINES OF CODE SO THAT I AM AUTOMATICALLY REDIRECTED TO WHERE I WAS AND I NEED NOT BACKSPACE EVERY TIME I LOGIN?

Client: About this QR code for my website, can we change it?
Me: Well we could redirect, but what's wrong with it?
Client: I just dont like the pattern, it's too noisy...
Me: 🙃

More than half of all support calls and tickets we get are so fucking easily searchable through our own fucking website and search engines, it's really fucking annoying sometimes.

"how do I redirect a site?"
Type the fucking word redirect into our helpdesk page.

"how can i reset my email password?"
Literally fucking type the word EMAIL into fucking search bar?!

"hey the article said to go to yourdomain.com/webmail, I'm not getting anything!!!"
"what domain did you use?"
"yourdomain.com of course!"

😥🔫

"how can I add a domain to my hosting?"
Search for the FUCKING word DOMAIN on our online helpdesk.

IT'S REALLY NOT THAT HARD, PLEASE APPLY COMMON SENSE AND USE YOUR FUCKING BRAIN.

Developed an android app for the client. It was going great. Prototype for the initial (and static) content to show to the client was on the way. All until...

*goes back in time to when we were developing the prototype*

The asshole boss: "Wow this is good, just remove the login after the splash screen. Redirect it to the dashboard immediately."

Me: "What? Why?"

TAB: "He (the CEO of our company) said that the client doesn't need to see the login."

Me: "Well, alright." (Orders are orders, better remove it)

*A few days later, we present the prototype to the CEO. He'll be the one talking to the client. TAB isn't in this meeting.*

CEO: "Where is the login screen?"

Me: *dumbfounded and confused, in silence, and pressure rising*

The Good Boss: *whispers* "Where is the login screen? I thought I told you guys it should be there."

Me: *whispers* "TAB told us to remove it."

TGB: *Looks toward CEO* "TAB told us to remove it."

CEO: "Ugh. TAB is sick."

A little giggle. Nonetheless the meeting continued. He was displeased. I was a little guilty. The login screen's code was already there. Just couldn't show it since the app doesn't redirect there anymore.

*A discussion after the meeting*

TGB: "Why'd you guys remove the login?"

Me: "You and TAB had a meeting with the CEO the other day. After the discussion TAB went to us and told us to change it."

TGB: "But the CEO said no such thing! Anyway, let's go back to the office and straighten this out tomorrow."

*The next day, TAB was in the office*

TGB: *Chatting on messenger with me* "He is completely denying it."

Me: "WHAT?"

TGB: "He said he never told you guys anything. And he is persistent. I kept telling him it was his fault, but he denies all of it. He never approached you guys to change anything."

Me: "Well yeah. I guess we magically thought to ourselves and said, 'Hey, let's remove the login screen for fun. Let's show them less content because that's how we please our clients!' -_-"

Seriously, what kind of assholefuckery is this. This shit is a whole new level. I am so TRIGGERED.

I don't really care that the meeting didn't go as planned. Just MAN UP AND ADMIT YOUR MISTAKE YOU FILTHY SON OF A GOOSE. Never listening to this asshole again. Thought he could be trusted. I will always ask my good boss next time.

Had a former customer call a few (10) years ago, furious that we shut down their website.

Me: but you moved your website to another provider 2 years ago? We dont even provide webhosting any more?

Turns out, when they moved we put a redirect to their new site on our server.

During the summer this server was decommisoned due to a failing harddrive but since we no longer had any active customers on it we just pulled the plug.

The customer had never actually redirected their domain name. :)

When we sent them a copy of their own cancellation letter we got an "oh hell, sorry".

:D

I am working on another developer's PHP code, and I found a new way that he done the redirect after the login with PHP!

We're using a ticket system at work that a local company wrote specifically for IT-support companies. It's missing so many (to us) essential features that they flat out ignored the feature requests for. I started dissecting their front-end code to find ways to get the site to do what we want and find a lot of ugly code.
Stuff like if(!confirm("blablabla") == false) and whole JavaScript libraries just to perform one task in one page that are loaded on every page you visit, complaining in the js console that they are loaded in the wrong order. It also uses a websocket on a completely arbitrary port making it impossible to work with it if you are on a restricted wifi. They flat out lie about their customers not wanting an offline app even though their communications platform on which they got asked this question once again got swarmed with big customers disagreeing as the mobile perofrmance and design of the mobile webpage is just atrocious.

So i dig farther and farthee adding all the features we want into a userscript with a beat little 'custom namespace' i make pretty good progress until i find a site that does asynchronous loading of its subpages all of a sudden. They never do that anywhere else. Injecting code into the overcomolicated jQuery mess that they call code is impossible to me, so i track changes via a mutationObserver (awesome stuff for userscripts, never heard of it before) and get that running too.

The userscript got such a volume of functions in such a short time that my boss even used it to demonstrate to them what we want and asked them why they couldn't do it in a reasonable timeframe.

All in all I'm pretty proud if the script, but i hate that software companies that write such a mess of code in different coding styles all over the place even get a foot into the door.

And that's just the code part: They very veeeery often just break stuff in updates that then require multiple hotfixes throughout the day after we complain about it. These errors even go so far to break functionality completely or just throw 500s in our face. It really gives you the impression that they are not testing that thing at all.

And the worst: They actively encourage their trainees to write as much code as possible to get paid more than their contract says, so of course they just break stuff all the time to write as much as possible.
Where did i get that information you ask? They state it on ther fucking career page!

We also have reverse proxy in front of that page that manages the HTTPS encryption and Let's Encrypt renewal. Guess what: They internally check if the certificate on the machine is valid and the system refuses to work if it isn't. How do you upload a certificate to the system you asked? You don't! You have to mail it to them for them to SSH into the system and install it manually. When will that be possible you ask? SOON™.
At least after a while i got them to just disable the 'feature'.

While we are at 'features' (sorry for the bad structure): They have this genius 'smart redirect' feature that is supposed to throw you right back where you were once you're done editing something. Brilliant idea, how do they do it? Using a callback libk like everyone else? Noooo. A serverside database entry that only gets correctly updated half of the time. So while multitasking in multiple tabs because the performance of that thing almost forces you to makes it a whole lot worse you are not protected from it if you don't. Example: you did work on ticket A and save that. You get redirected to ticket B you worked on this morning even though its fucking 5 o' clock in the evening. So of course you get confused over wherever you selected the right ticket to begin with. So you have to check that almost everytime.

Alright, rant over.
Let's see if i beed to make another one after their big 'all feature requests on hold, UI redesign, everything will be fixed and much better'-update.

It's maddening how few people working with the internet don't know anything about the protocols that make it work. Web work, especially, I spend far too much time explaining how status codes, methods, content-types etc work, how they're used and basic fundamental shit about how to do the job of someone building internet applications and consumable services.

The following has played out at more than one company:

App: "Hey api, I need some data"
API: "200 (plain text response message, content-type application/json, 'internal server error')"
App: *blows the fuck up

*msg service team*

Me: "Getting a 200 with a plaintext response containing an internal server exception"
Team: "Yeah, what's the problem?"
Me: "...200 means success, the message suggests 500. Either way, it should be one of the error codes. We use the status code to determine how the application processes the request. What do the logs say?"
Team: "Log says that the user wasn't signed in. Can you not read the response message and make a decision?"
Me: "That status for that is 401. And no, that would require us to know every message you have verbatim, in this case, it doesn't even deserialize and causes an exception because it's not actually json."
Team: "Why 401?"
Me: "It's the code for unauthorized. It tells us to redirect the user to the sign in experience"
Team: "We can't authorize until the user signs in"
Me: *angermatopoeia* "Just, trust me. If a user isn't logged in, return 401, if they don't have permissions you send 403"
Team: *googles SO* "Internet says we can use 500"
Me: "That's server error, it says something blew up with an unhandled exception on your end. You've already established it was an auth issue in the logs."
Team: "But there's an error, why doesn't that work?"
Me: "It's generic. It's like me messaging you and saying, "your service is broken". It doesn't give us any insight into what went wrong or *how* we should attempt to troubleshoot the error or where it occurred. You already know what's wrong, so just tell me with the status code."
Team: "But it's ok, right, 500? It's an error?"
Me: "It puts all the troubleshooting responsibility on your consumer to investigate the error at every level. A precise error code could potentially prevent us from bothering you at all."
Team: "How so?"
Me: "Send 401, we know that it's a login issue, 403, something is wrong with the request, 404 we're hitting an endpoint that doesn't exist, 503 we know that the service can't be reached for some reason, 504 means the service exists, but timed out at the gateway or service. In the worst case we're able to triage who needs to be involved to solve the issue, make sense?"
Team: "Oh, sounds cool, so how do we do that?"
Me: "That's down to your technology, your team will need to implement it. Most frameworks handle it out of the box for many cases."
Team: "Ah, ok. We'll send a 500, that sound easiest"
Me: *..l.. -__- ..l..* "Ok, let's get into the other 5 problems with this situation..."

Moral of the story: If this is you: learn the protocol you're utilizing, provide metadata, and stop treating your customers like shit.

You want to know what fucking pisses me off? This fucking router thinking it can just inject itselft and redirect into any fucking page that it wants..my fucking bank account? Yep, my fucking google docs? YEP, Fucking CSGO? YOU BET BRO

>>> print(whoSaid("OlderFriend"))
About 20ish years ago I was working in IT, and it was about around this time where CD-Roms were hitting the stores and becoming the newest craze. However, Microsoft did not write the drivers correctly for this new hardware.

In a nutshell, the driver would be installed and the user would lose the sound to their speaker.

How did this happen? By altering the way the interrupts worked on the computer. At the time there only existed a few unreserved IRQs or Interrupt ReQuests. The installer package would redirect IRQ 5 which is "User Selectable (Sound Cards)" to work with the CD-Rom. This was fine and all unless you wanted to listen to your speakers.

I had come up with a clever hack through rewriting a config file that would be run during bootup. So at the time of boot up IRQ 5 would be dedicated to the sound card, and IRQ7 (which was usually for the Lpt1 Printer) would be dedicated to the CD-Rom. This worked.
And because I was IT at the time, I would get a lot of calls for fixing this problem.

So, as you can imagine, I've gotten **really** good at doing this. I didn't even need to be at a computer to walk someone through the problem.

I receive a call one day, it was a problem with the CD-Rom and sound card. I walk him through the problem and he reboots his computer. I could hear him on the other side jumping with joy when he was able to put in his music CD and hear sound coming from the speakers.

He asks me, how in the hell did you figure this out!? You're a fucking Genius!

And I said, It's not rocket science it's just a computer.

There was a long pause of silence.

Uhhh... Hello? Did I say something wrong?

Sir, I work at NASA I deal with Rocket Science on a daily basis.

So me and my wife offered a friend to build and host a website for him for free for the first year when he was starting his business. We all agreed and wife started to build it.
The only thing that she had left was getting pictures and texts from him that would be on the site. That was 10 month ago.

And Today - it was suddenly SUPER IMPORTANT to get the site up because he has left alot of Business cards at a conference.
Wife - who is studying answered that she can fix it in a few weeks because she does'nt simply have time.

The dude sent this now:
"Ok no worries, I have solved it myself"

So I checked:
The domain he bought, is just a redirect to "randomshit.wixsite.com"

Why the hell do people make websites with VALID SSL certs redirect BACK TO HTTP? What the fuck is wrong with them?!

Hashedram's compilations #1
List of most annoying website designs.

1) Pages with AUTO PLAYING VIDEOS.

Yes I'm looking at you Netflix. Along with every news website known to man. I'm looking to read a fucking article, so why would you even waste your money and bandwidth trying to shove a video of some shit I don't care about in my face, and make it follow me as I scroll down like a fucking insecure puppy. Also, fuck you Instagram.

2) Pages that redirect once immediately after you visit them, thereby fucking with the browser history and the BACK BUTTON just leads back to the same fucking site.

I mean, just why. Did you think I would just go "Hey the back button doesn't work so let's stay on the site and read their awesome content"?

3) Sites showing things in a SLIDESHOW, when it actually should be in a list.

Slideshows are for progressive stories or for showing lists where you don't care about what's in them. Top 10 foods that reduce weight. Slideshow 1/15. Fuck you.

4) LOOKS LIKE YOU'RE USING AN AD BLOCKER

Yes. Yes I am. No I will not turn it off for you, you narcissistic snowflake fuck. And don't even try to guilt shame me into turning it off, because I know you're just going to bombard me with videos of sexy singles in the area if I do.

5) Pages where I see the first 3 lines of an article and have to SUBSCRIBE to see more.

Yes. Brilliant fucking idea. A user wants to see what your site has to offer, so within the first three seconds, don't show him exactly that.

6) Looking up an article and having to read through the entire motivational life story of the author.

I just want to know how to boil eggs, not read about your journey across Africa learning how to make difference recepies using boiled rhino dung.

7) CLICK BAIT.

Title: School boy designs blockchain machine learning game engine

Actual Content: Tic tac toe program made using linked lists

I saw someone handle redirect on every anchor link on server side. Yes, they handle onclick on serverside and then decide where to redirect. No they don’t use href or any sort that’s stated on the HTML. And this guy is my senior.

My parents are real sticklers for who is allowed to be on Netflix. They only let people on when they are present, and they never click 'save password'.

Me being a poor college student and desperate for the Netflix password, created a fake website for one of my parents to sign into.

How did I do this? I created my own localhost server with a backend database for the password to go to. I then copied the Netflix home screen and log in and asked them to log me into their account.

They said I can be on for one hour, and then they were signing me out.

I agreed to these terms.

As a small twist, I had also copied the no internet tab from Chrome for the page to redirect to. Knowing that once they logged in they would be expecting the main UI.

They logged in and then waited for the page to load. I, of course, put in a delay for the page to load and then displayed the no internet tab. They were confused and asked me to refresh, still nothing. I asked them if the router was out, and they went to check.

While they were away I quickly switched back to the real Netflix website and yelled back saying I got it working again. They came back over and saw that it was asking for a password again. They signed in and saw the main homepage and none were the wiser that day.

Once they left I checked inside the DB and found the plaintext password they typed in... The damn password was so simple, I cursed myself for not having figured it out sooner. No matter, I had my parents Netflix password.

So you're probably wondering how they didn't see the URL above and think something was off?

I pressed F11 and fullscreened my entire browser. They did ask, and I simply replied with, I don't like seeing all the crap up above when I'm streaming. No further questions, perhaps I was lucky.

Worst experience with a higher up?

At an old contract job (around 2013), I was contracted by the company to help guide their developers with me to rewrite their software (it was buggy as shit, they didn't know better.).

So, a month later, we are in the middle of the rewrite and the boss flies in pissed that it's not done yet, he had the audacity to accuse me of stealing contract work with no experience in the area.

I told him flat out, "you don't know what the hell you are talking about. If you didn't hire a JV coding team, you wouldn't need me to redirect your damn rewrite."

He fired me, so I went to his superior and told her the situation. She told me i completely deserved it.

Worse part was I got paid half of my contract. Didnt make that mistake again. 😒😒

Found out later that the company failed, declared bankruptcy. Felt pretty happy.

In the old days switching accounts was as simple as logging out and logging in

Now, logging out redirects you to 20 different pages, doesn't redirect you to the original page, and sometimes it doesn't even log you out

!!oracle

I'm trying to install a minecraft modpack to play with a friend, and I'm super psyced about it. According to the modpack instructions, the first step is to download the java8 jre. Not sure if I actually need it or not, but it can download while I'm doing everything else, so I dutifully go to the download page and find the appropriate version. The download link does point to the file, but redirects to a login page instead. Apparently I need an oracle account to download anything on their site. stupid.

So I make an account. It requires my life story, or at least full name and address and phone number. stupid. So my name is now "fuck off" and I live in Hell, Michigan. My email is also "gofuckyourself" because I'm feeling spiteful. Also, for some reason every character takes about 3/4ths of a second to type, so it's very slow going. Passwords also cannot contain spaces, which makes me think they're doing some stupid "security" shenanigans like custom reversible encryption with some 5th grade math. or they're just stupid. Whatever, I make the stupid account.

Afterwards, I try to log in, but apparently my browser-saved credentials are wrong? I try a few more times, try enabling all of the javascripts, etc. No beans. Okay, maybe I can't use it until I verify the email? That actually makes some sense. Fine, I go check the throwaway inbox. No verification email. It's been like five minutes, but it's oracle so they probably just failed at it like everything else, so I try to have them resend the email. I find the resend link, and try it. Every time I enter my email address, though, it either gives me a validation error or a server error. I try a few mores times, and give up. I try to log in again; no dice. Giving up, I go do something else for awhile.

On a whim later, I check for the verification email again. Apparently it just takes bloody forever, but it did show up. Except instead of the first name "Fuck" I entered, I'm now "Andrew", apparently. okay.... whatever. I click the verify button anyway, and to my surprise it actually works, and says that I'm now allowed to use my account. Yay!

So, I go back to the login page (from the download link) and enter my credentials. A new error appears! I cannot use redirects, apparently, and "must type in the page address I want to visit manually." huh? okay, i go to the page directly, and see the same bloody error because of course i do because oracle fucking sucks. So I close the page, go back to the download list, click the link, wait for the login page redirect (which is so totally not allowed, apparently, except it works and manual navigation does not. yay backwards!), and try to log in.

Instead of being presented with an error because of the redirect, it lets me (try to) log in. But despite using prefilled creds (and also copy/pasting), it tells me they're invalid. I open a new tab container, clear the cache (just to be thorough), and repeat the above steps. This time it redirects me to a single signon server page (their concept of oauth), and presents me with a system error telling me to contact "the Administrator." -.- Any second attempts, refreshes, etc. just display the same error.

Further attempts to log in from the download page fail with the same invalid credentials error as before.

Fucking oracle and their reverse Midas touch.

When you redirect every movie link to XXX links on your rip-off netflix school project and nobody suspects a thing

deadmau5 exclusive on tidal streaming.

Fuck, okay.

*Sign up*

>> enters email, password
>> redirect to different signup page
>> enters email, password
>> redirect to original signup page
>> ????
>> enters email, password
>> redirect to second signup page again
>> ????????????
>> try to login
>> enters email, password
>> nope

>> listen to preview of album
>> please enable flash
>> okay, fuck you, deadmau5.

Meet 'SBI Online' app from Play Store, in their own words:

What they were supposed to do?
"Experience the new Retail Internet Banking of SBI"

What they do?
"SBI online app will redirect to SBI Retail Internet Banking (online SBI) site"

Why do they have app?
"No need to remember URL",
"Less memory space required on device"

App storage space?
F**king 2.6 MB, just to redirect users to their website, in third-party browser.

My friend and I have been debugging this server issue where the server can't find the input file.

30 minutes passed, we checked, restarted everything, still no avail.

When I saw his safari browser, THE FULL URL WASNT SHOWING. The server was working, we just didn't see a redirect behavior because of apple fucking trying to fucking prettify everything.

GOD DAMMIT.

/rant

Devrant is the only Social Media interaction I have been using lately, rather than others. Every time I feel the urge to open other social media apps, I redirect my actions to Devrant.

When I call another dev and he give me another dev's number and the second one give me another and that one gives another num. :
I feel like "ERR_TOO_MANY_REDIRECTS"

FUUUUUUCCCKKK, now the websites have new features, where no matter how many time you try to go back from their website, they will redirect back to their SHITTY FUCKING WEBSITE. FUUUUCCCKKKK YOU

#7

The former dev tried to implement redirects. He created dozens of routes wich lead to a 'redirectXY' method within the 'mainController'. There he returned a redirect Instance.

😓🔨

TL;DR : do we need a read-only git proxy

Guys, I just thought about something and this potential gitpocalypse.

There is no doubt anymore that regardless of Microsoft's decisions about Github, some projects will or already have migrated to the competition.

I'm thinking : some projects use the git link to fetch the code. If a dependency gets migrated, it won't be updated anymore, or worse, if the previous repo gets deleted, it can break the project.

Hence my idea : create some repository facade to any public git repository (regardless of their actual location).
Instead of using github.com/any/thing.git, we could use opensourcegit.com/any/thing.git. (fake url for the sake of the example).
It would redirect to the right repository (for public read only), and the owner could change the location of the actual repository in case of a migration.

What do you think ? If I get enough ++'s, I'll create a git repo about this.

Realizing that the former so-called PHP developers based the entirety of their so-called dashboard framework (self-written of course) on GET requests.

Every. Controller. Only. Accepts. Get. Requests.

It creates stuff? So what! It does update? No matter! It deletes? Who cares!

Just call that URL, and it will release all hell, plagued with multiple side-effects, and then issue a redirect.

Of course that one delete button was inside some twitter bootstrap tabs, and due to the redirect the page always reloaded and the content manager landed on a very different tab. Meaning if they wanted to delete multiple records, they had to hit "activate tab" and "delete" and "activate tab" and "delete" -- rinse and repeat.

It's our *job* to make things easier for our users! Not to waste their time. (Unless you are browser game developer. Then do your thing.)

And we are talking basic CRUD! Basic CRUD! I am not even demanding for it to be restful or to have some parts of a HTML page being updated on the fly with such rad and new technologies like ajax!

There is just question I would like to ask whoever build this: Seriously!?

I wonder if it's legal to intercept and redirect a drone hovering around your private property..

My boss says to me this morning.

Boss: Can you add these links as a redirect 301 to this link.

Me: Ok, I'm not the developer for that domain but I guess I can do it. Let's try to update apache htaccess for that domain through my account.

(After a swift ssh connection to the server to check out that domain.)

Me: Er...boss, we don't own that domain. We cannot redirect it's links to our other domains.

Boss: Why? What do you mean?!

Me: well if we don't own that domain, than it is not on our server and we cannot update it's server config files. So we cannot redirect that domain to our other domains.

Boss: Are you sure?

It went on like this for a while. I had a laugh break after.

Okay, I love Laravel, but sometimes it just pisses me the fuck off.
I needed to check a cookie in a middleware and redirect to a page if that cookie is set to 1. Sounds easy, right? A simple if(request()->cookie("pshield") === "1") should do it, right?

Wrong.

To make this even worse, that code would work without any sort of problems in a view and controller. Hell, it would even work in inline PHP without importing anything!

Now here's the thing. Laravel encrypts all cookies with a previously generated AES-256-CBC key.

Of course that means they have to be decrypted. Reasonable, hm? Well, in controllers and views, that has already been taken care of. The cookies are decrypted and usable as plaintext. Now, you could expect that to be the case in middlewares too, hm?

Nah, that'd be easy. Middlewares do not decrypt cookies. Took me around 20 minutes to figure out since you cannot echo data from a middleware either.

Corrected that.
if(Crypt::decryptCookie(request()->cookie("pshield")) === "1")
FATAL EXCEPTION: String failed to serialize

**cue loud screaming after 30 minutes of debugging**

For some godforsaken reason, the Laravel framework requires you to not use the normal fucking cookie decryption function, but the one to decrypt text.

if(Crypt::decryptString(request()->cookie("pshield")) === "1")

That works.

I don't get why they didn't just make it expected behavior and I fucking hate how it looks.

**mic drop**

Hell is not enough for people who create scripts that forcefully redirect you, while scrolling.

EAT A SPIKY CACTUS FOR EVERY DAMM TIME I HAD TO HIT THE BACK BUTTON BEVAUSE OF YOU

My idiot friend nearly destroyed his install because of me.

He was complaining to me about some program he was running in terminal writing too much lines to terminal he didn't care about.

So I wrote to him verbatim:
"Just redirect the output to /dev/null by running it like ```cmd > /dev/null```.
Or better yet do ```cmd > /dev/sda``` it will be more fun ;)"

Three minutes later I get a screenshot from him where he's trying to run ```cmd > /dev/sda```, but it keeps saying Permission denied. He's tried to use sudo in the screenshot like million different ways.

Thank god he doesn't know how to use sudo with redirects...

Trying to log in as a vendor on a client's timesheet web portal,

Web only accessible on safari,

Latest Java must be installed,

Java security must be set to highest, but Java applet for 2 very specific domain must be allowed,

An Avast antivirus must be installed for reason as below,

Must access the web, wait for applet to run and check computer's security settings, only if it's satisfactory will then redirect to a login page,

In which I spent an hour trying to figure out why I cannot login with my username, until another friend has same problem, what in common between us is both our names are long, and after experimenting, we found out that inputting only 20 characters of our name enabled us to login,

After login another tiny app will be installed and activate a VPN, in which then we are able to access the actual system,

The VPN will only active for 15-20 minutes tops, after that we will be kicked out and had to repeat the whole process,

Sometimes it works, sometimes it's not, even worse sometimes the only way to make it work again is to restart the computer, and redo the steps in exact same way

*sigh

The layout for my little side project was working fine in IE last week. Made some server side additions over the weekend and now the layout is broken... in IE only. Guess who's putting in a user-agent redirect to a "Works best in Chrome or Firefox" page? 😉

My mom got infected with one of those stupid you have a virus redirect viruses. Malware bytes isn't useful.
To make matters worse it doesn't redirect in Edge, so she's forced to use Edge until further notice.
It's going to be a long week.

Also I don't have much experience with Windows viruses especially these redirect ones, so yay!

Redirect that crossed my path today

I took like 3 years to my company to get this huge-ass client to ask us to remake their website (the client is already our client for other purposes).

The old website was hosted on their local machine, behind a proxy that was there for other 30 website servers.

The old website took like 30-40 seconds to load on a browser and had a google score of 3-6/100.

We made the new website in wordpress, since it was basically a blog and managed all of the older links to redirect to the new pages so that SEO wouldn't get affected.

We then asked the previous developers to let their domain redirect to the new one (it was like example.com => ex.example.com and now it's just example.com, so we needed them to make ex.example.com redirect to example.com).

What they did was making a redirection to the 404 page of the new website, making everything go to fuck itself.

Damn this might be the first time I despise other developers, but this move was fucking awful.

I mean, I get it, we stole your big client, but it's not our fault if we made the google score go up to 90/100 in a week just by changing server and CMS.

Get an email from a client, who has been stringing me along for about 6 months, but ringing me up for advice on tonnes of different shit for free. Basically did his original website but his business model has changed to make his existing site irrelevant. Suggested months back doing a simple one pager as a stop gap with key messages. The bastard said no to that "just take it down for now and redirect to my LinkedIn page". He keeps saying we are getting stuff together and we hope to get together in September. However, yesterday he sends an email "we are getting a student in over the summer (not a Dev or designer or anything). Could you recommend any "web builders" so we can get on with the website in August. By that he means those drag and drop fucking pieces of shit website templates full of wysiwyg editors for creating shit typography. I give them free help and guidance and they think that I'm not going to want to smash him in his fucking face for his last email. The cunt.
I have an idea for 'having the last laugh' but I am open to suggestions from some devRanters, all legal of course.
P.S. I post quite a bit here about shitty clients, but I do have a number of really good clients who value my work and experience and have been with me for many years. It's just some that treat the profession with disdain and that they can easily do it themselves if only they had the time. These fuckers then wonder why their businesses fail.

We are required to use corporate SSO for any authenticated internal websites, and one of the features they require you to implement is a "logout" button.

They provide a whole slew of specifications, including size and placement/visibility, etc. They provide an SSO logout URL you must redirect to after you take care of your own application logout tasks.

Makes sense... except the logout URL they provide to serve the actual SSO logout function broke over 3 months ago, and remains non-functional to this day.

Apparently I'm the first person (and perhaps one of the only people) who reported it, and was told "just not to worry about it".

So, we have a standing feature request to provide a button... that doesn't actually work.

Corporate Security - Making your corporation _appear_ more secure every day...

Fucking Square Enix Website is just a huge pile of shit. NOTHING WORKS!

Wanna change your password? Nah sorry an error occured.

Wanna change your username? Nah sorry I'll just show you a loading symbol forever.

Wanna add a game to your collection? Nah sorry the "add" button is on fucking holiday and doesn't do anything.

Wanna change your avatar? Nah sorry I'll just redirect you and don't do anything.

Most amazing part is where you log in, then get redirected to the home page but it still shows the "Log in" button. Then you click on that "Log In" button and wosh! Home page reloads and tada! You're logged in!

Seriously who let this code into production? Also I know that you're using GraphQL now, due to an error message. Thank you!

Fucking bullshit...

Oh boy, this is gonna be good:

TL;DR: Digital bailiffs are vulnerable as fuck

So, apparently some debt has come back haunting me, it's a somewhat hefty clai and for the average employee this means a lot, it means a lot to me as well but currently things are looking better so i can pay it jsut like that. However, and this is where it's gonna get good:

The Bailiff sent their first contact by mail, on my company address instead of my personal one (its's important since the debt is on a personal record, not company's) but okay, whatever. So they send me a copy of their court appeal, claiming that "according to our data, you are debtor of this debt". with a URL to their portal with a USERNAME and a PASSWORD in cleartext to the message.
Okay, i thought we were passed sending creds in plaintext to people and use tokenized URL's for initiating a login (siilar to email verification links) but okay! Let's pretend we're a dumbfuck average joe sweating already from the bailiff claims and sweating already by attempting to use the computer for something useful instead of just social media junk, vidya and porn.

So i click on the link (of course with noscript and network graph enabled and general security precautions) and UHOH, already a first red flag: The link redirects to a plain http site with NOT username and password: But other fields called OGM and dossiernumer AND it requires you to fill in your age???
Filling in the received username and password obviously does not work and when inspecting the page... oh boy!

This is a clusterfuck of javascript files that do horrible things, i'm no expert in frontend but nothing from the homebrewn stuff i inspect seems to be proper coding... Okay... Anyways, we keep pretending we're dumbasses and let's move on.

I ask for the seemingly "new" credentials and i receive new credentials again, no tokenized URL. okay.

Now Once i log in i get a horrible looking screen still made in the 90's or early 2000's which just contains: the claimaint, a pie chart in big red for amount unpaid, a box which allows you to write an - i suspect unsanitized - text block input field and... NO DATA! The bailiff STILL cannot show what the documents are as evidence for the claim!

Now we stop being the pretending dumbassery and inspect what's going on: A 'customer portal' that does not redirect to a secure webpage, credentials in plaintext and not even working, and the portal seems to have various calls to various domains i hardly seem to think they can be associated with bailiff operations, but more marketing and such... The portal does not show any of the - required by law - data supporting the claim, and it contains nothing in the user interface showing as such.
The portal is being developed by some company claiming to be "specialized in bailiff software" and oh boy oh boy..they're fucked because...

The GDPR requirements.. .they comply to none of them. And there is no way to request support nor to file a complaint nor to request access to the actual data. No DPO, no dedicated email addresses, nothing.

But this is really the ham: The amount on their portal as claimed debt is completely different from the one they came for today, for the sae benefactor! In Belgium, this is considered illegal and is reason enough to completely make the claim void. the siple reason is that it's unjust for the debtor to assess which amount he has to pay, and obviously bailiffs want to make the people pay the highest amount.

So, i sent the bailiff a business proposal to hire me as an expert to tackle these issues and even sent him a commercial bonus of a reduction of my consultancy fees with the amount of the bailiff claim! Not being sneery or angry, but a polite constructive proposal (which will be entirely to my benefit)

So, basically what i want to say is, when life gives you lemons, use your brain and start making lemonade, and with the rest create fertilizer and whatnot and sent it to the lemonthrower, and make him drink it and tell to you it was "yummy yummy i got my own lemons in my tummy"

So, instead of ranting and being angry and such... i simply sent an email to the bailiff, pointing out various issues (the ones

!rant

I've seen some rants about people complaining about websites using the 'www' subdomain, so I'd like to take this opportunity to try to explain my opinion about why sites might use it.

I use to feel the same way about not having the www subdomain. It felt like an outdated standard that serves no purpose. But I have changed my option...

Sometimes certain servers have other services running other than just the website, such as ssh, ftp, sql, etc., running on different ports. What if you want to use a web proxy and caching service similar to cloudflare or a cdn? We'll you can't, because they won't allow traffic to flow through to your other ports.

That's where the www subdomain comes in. Enable your caching and cdn on your www subdomain, and slap a 301 redirect from your primary domain on port 80 or 443 to the www subdomain. This still allows you to access your other services via the domain name while still gaining the benefits of using a cdn.

Now I know you could use an 'ftp' subdomain or the like, but to each their own in that regard.

One of my websites is under a brute attack.

If I were to redirect failed logins to an illegal website (drugs, child pornography, terrorism support, etc...), will the feds come after me? Or will they go after the attacker?

What the fuck Microsoft !! Your android apps are total piece of shit! Fucking outlook Android app don't have support to view doc file which is created using your shitty Microsoft teams portal.

If I click on that doc file link through my outlook app, you redirect me to chrome.
Ok that's still acceptable. But the real shit starts now. You tell me that your browser isn't supported! Is this fucking joke?? Who in the world develops a website which can't support latest version of Android chrome?
Now that I have installed your shitty Microsoft teams app, it doesn't show up in "open with" options. Clicking on that link is still redirecting to the chrome saying that browser is unsupported.

Also, your shitty Microsoft teams app can't edit fucking doc file. When I click on your Microsoft word icon, You again ask me to install Android app for Microsoft word.
Seriously fuck you Microsoft and your shitty apps!

Hey, what really makes me want to download your app is when you redirect me to the download screen of it when I'm in the middle of a task. That's great. Keep doing that.

I always use this quick redirect function on my projects:

function go($location){
header("location: ".$location);
}

That moment when you click a Google link at the same time your code finally launches your app ... and you say "Hmmm, how did Google redirect me to localhost:8000?"

So some asshole keeps sending phishing emails to every student and prof in our university and the IT department is too pathetic to block it. They all come from the same email and contain the same text yet they cant filter it and just send warnings not to click it.

Im getting sick of recieving 5 of these a day, i scanned and viewed the page and its just a simple form copying the outlook login page with a redirect to the actual page after submission.

Whats the easiest way to write a script that will spam them with thousands of fake accounts? How can i fuck with these guys?

You never know pain untill your website redirect is working on edge and not chrome... Yet it's all google hosted...

*Eye twitches*

I suggest that .c0m should always redirect to .com

Change my mind.

Yesterday I helped in a college final project. To be done using PHP and MySQL.

- they were taught to create a login page and when submitted just check the values against username and password from DB table and redirect to a dashboard page. No session created.
- in the dashboard, session is not checked. Shows links to other pages.
- each page is a separate php file
- the app allows users to issue books to customers. They were taught to delete the book from book table and save all the info in issue table, when a book is issued
- when a book is returned, book info is saved in a return table and also saved to book table again and deleted from issue table

I asked this student to change it to the right way, to use sessions and includes. He said that then the lecturer would know, he didn't do the project. It's a diploma level course.

Old unused military satellite to make international calls free. Local tv station to leak episodes. 4500 hosts zombie net with autoreplicant bots that scans for vulnerability to populate the net to do distributed denial of service attacks. Jumper on the neighborhood cabin to redirect the school's call for being absent, an older friend pretended to be my father.

So let's talk about CNAs, Captive Network Assistants, these downsized browser that open on Smartphones when you try to login to a free wifi which requires you to buy sometging or accept some terms.

I fucking hate them. I'm a web dev which has to deal with these dumbfucks.

Back in the time, there was this dumbfuck who had the idea to capture http requests on network level and response with a redirect to his own landing page. Fuck this guy. Then some dudes had the idea of the CNA as a privacy security feature. A good idea. But also this guys: "hey, let's make them a huge pain to develop for".Fuck them, too. But then came the companies saying: "hey make us a huge SPA with all features we can think of for this fucktard of a browser."

I hate fucking CNAs

When writing code that has to be evaluated by a college prof, redirect all the best practices to /dev/null

A Client's hotshot webmaster just asked us to provide a JavaScript 301 redirect script for a CMS we don't own/have admin access at all.

"Must be 301 style for SEO benefits... "

So, hows your day going? 🤣🤣

When you're web scraping and the site suddenly redirect their url to their second site so your codes becomes useless.

What the f*ck Microsoft, you made me go trough whole shitton of troubles just to play a music into microphone so I can play music in VRChat while pulseaudio in Linux can redirect the audio without any hassle. You total piece of shit!

About 5 years ago I worked at a small company developing websites and .NET applications.

They haven't changed any passwords which means, I still have access to ALL of their customers DNS setups.

Of course I wouldn't do anything.

But just the thought, that I could make an infinite loop, by redirecting the domains, is amazing.

Or redirecting them to a porn site.

Our Joomla-based site just got a redesign. The developer who did it did something wrong. Articles no longer are attached to their parent categories and are now all referenced at the root level in URLs.

I pulled up the 404 log and now see that some website or bot or whatever is hitting up each category for each article, which screws with our SEO 404 report in Google Search Console.

Which means I have to find a way to programmatically redirect every article within every category "up" a level to the root where each article is now found.

And I have no way of knowing which article belongs to which category anymore. Even if I did, a test shows that articles attached to categories still want to come up at the root level, not in their categories.

Joomla is G.A.R.B.A.G.E.

I used to work in a Tech Support department where everybody was constantly pranking each other.

In one of the iterations of such events one of the guys actually forked the source of a login page, in one instance of the app that was running in a VM, and edited the code so it would redirect the user to a lemon party'ish website.

It was quite an upgrade to the old M.O. where people would just email themselves messages with seemingly bureaucratic call to actions containing hyperlinks to the same lemon party'ish websites.

And the most direct approach, which is to type those directly into one's browser if the laptop is left unattended & unlocked due to a trip to the toilet.

if($user->dead()){
$user->redirect('heaven');
}

I just remembered that 2 years ago I found an open-redirect vulnerability in one of Google's old pages.

I decided to not submit it to Google because it's too much effort (even though I knew they pay for these things) and told about it to a friend who deals with these things.

I was SO. DAMN. STUPID.

414 rants since your last visit,

Alright devrant, here we go.

> client adds a home button to the subdomain
> asks to add a feature from which user can come to the homepage of subdomain
> naturally, add "/" in the href of the home
> client gets frenzy
> "that home button was supposed to redirect users to the main domain"
> I'm like wtf bro
> anyways adds another home button to redirect to the home of the subdomain.

now let's see how confused the users get

Webdev, I should send a form to a site that gets the results and redirects back to the webpage that stands in an invisible form data (very weird!).
Okay, I did...
When I was finished the site didn't redirect to the URL I gave in the form, instead it showed parts(!) of the webpage's HTML.
Okay, I was a little bit surprised and mailed the dev of this weird thing. He answered with this:
"In this Internet thingy, you know, URLs start with 'http://', it's the newest shit!"
Holy shit! Is he serious!? Who the heck programmes such a site that needs a 'http://' in the beginning? (Does this guy know about https?)
And why, why!?, did it show contents of the target URL's site if you give it one without http!?

I, I will go now and get a mild tea, yeah...

For all the cheap-ass sys admins:
I wouldn’t pay 100$ a year to apple just to have push notifications when my server fucks up or an user fill my support form but I want to know that in real time but I have iPhone(forget about FCM).

So I downloaded pushbullet to my phone and integrated its API in my server and when something important happen I get completely free notification which (thanks to url schemes in ios) redirect me to my server administration app.

Note: I used xamarin for my management app to be ready for the moment when I switch back to android.

This weeks question fits me well, as I am still unsure about the full details of how the fuck this all came together and was about to just rant about it anyway.

Ever since this companies network equipment and cabling has been updated, a lot of vital tools went down and bug out every now and then, at seemingly random times.

The codebase is a horrible mess to begin with and random things execute at random times and at random places spread all over different resources that get random hooks from random physical values etc.

Turns out (or at least what it so far seems like) all of them somehow sync their clock and other variables based on how many (valid-?) requests it gets per measured time and similar oddities, so when the network equipment got updated, that meant that multiple processes now could reach each other much faster and therefore threw off thousands of values and internal clocks.

There's a total of like 600 systems that are all "separate" from each other but all need to communicate in-sync for the production chain to properly work. Thankfully I didn't sign anything yet, so might actually just redirect them to somebody else, I am not ready to age 20 years, even for the amount that would pay.

Whoo, 4 days into my new project, and a lot of mess already happening all over the place, in short, everyone in here consisted of the human population that fill up the average (and below) margin on everything (especially their IQ, seriously, by the time I finished telling this story, you'll wonder how the hell are these guys able to finish uni, not to mention working in IT)

Okay so, backstory, I was cut off from my previous project (the product was finally launched, but only a handful developers are kept to maintain & do enhancements, why wasn't I included? That's a story for another time), and I was sent to a new (shitty) project, by the order of the (shitty) manager, in the same institute, but different division, whom tries to copy paste everything the golden child (my previous project) has been doing, technology, environment, work culture, etc

And I'm faced with another react native application (let's call it project N), in which the team leader was so proudly explained to me, that it got released way earlier than my previous project (let's refer to it project X) even though X started a long time before they have any plan for N, N was passed down from a vendor to the internal devs whom has very little knowledge of react native, and I was supposed to "help" them with it

Day one, I learned a new english term for this, sinecure, nothing done on the first day, just introductions, a long boring meeting and got assigned to the project N, I did skim through the source code for a while, at a glance it looks like a student's assignment done overnight, reminds me of the first website I made, and this is supposed to be an app that handles monetary transactions,

Day 2, still no task given, due to their "end of sprint" session, 4 days of not having anything to work on, I analyzed the code further, and yep, it's rubbish,

- first, the code convention is shit, based on the git log, only 2 guys were working on this and neither of them had any standards with their coding, spaces, semicolons, indentations, everything is a mess, folder & file names and their placement too, not to mention redundancy everywhere, nothing is reusable, this is the first time I saw a react application that keeps defining & creating new components on every pages, and no documentation at all

- second is, the warnings, I was in awe with the disappearance of yellow warnings in the app since I found a bunch of yellow box errors on the debugger console, then I checked the main app.js file and lo and behold

console.disableYellowBox = true

Whoooo, a new breakthrough in software debugging, you won't find any potential bugs if you hide the warnings altogether, fuck, not even any config to diferentiate debugging & release environments (my last project had one)

Well worse is that ALL of the components doesn't have any proptype checking (prop is something like an attribute that is inherited from parent component to child component, CMIIW), and this cause for some issues that already happened a bit later,

- third, but not last, the software is buggy as hell, not to mention the flow & logic is messy as fuck, who the hell put a splash screen as it's own navigation entity,

After opening the app, splash screen is showing, then redirect to login page, and if user pressed back button while on login page, they'll be stuck on the splash screen, unable to navigate anywhere

Then, later that evening, one of the PO suddenly came to me and said something about telling him if I had any issues/concerns, given the opportunity, I immediately pointed out the problems, only to add up to my dissapointment, the conversation went like this,

Me: I do have concerns, 3 of them at the moment (explained like above but with more polite words)

PO: really? Well, us from the product team doesn't really care for cleanliness as long as it works

Me: bla blah (explaining about current & potential bugs and maintainability)

PO: like I said it's not urgent, we have more important goals to achieve

Me: blah blah (up to you, but I insist that at least consider this matter)

PO: A foreigner made this you know?

*how the fuck is that information even relevant? Fucking victim mentality

Me: So? It's still rubbish (continue explaining the current bugs)

PO: do you know how much this project has cost?

*cool, now you want to justify this farce by overpricing it?

Me: nope

PO: this much (after googling, it's around 3 years worth of average salary for senior dev in US)

*well my previous project cost almost twenty times that

Me: o...kay?

PO: bla blah (saying something like, And don't go introducing changes and new stuff too much, since you're the new guy, unless you want to be seen as a show off, you gotta mingle with the devs first and once you got in a friendlier term, then you can give your opinion)

I just nods and didn't continue the convo after that, but suddenly the PO reaffirms

PO: OKAY? (in a tone like "capische?")

Okay, I'll consider that as a warning,

To be continued...

Literally redirect domain name to heroku app.

it was the last time i used PHP for an school project. i and an other group decided to make an website. it was luck that no input was required. Because i already knew PHP and HTML i need to help them. the code they made was the cause i quit php. the site only worked after an redirect. it was irony that tje code looked like it was written from a junkey and the theme was drugs.

Welp, who wants to see my first website? tiny.cc/copo
It was made almost entirely during english class, for blocked games. It's the most hits I've ever got one a site I've made. But the best part? I achieved my goal: respect from the teachers. And why did they respect me? *Because it got blocked*. Yup, across the entire county (our county is one of the top five in the USA for schools I believe). We, as the students, found a way around the teacher's technological control, and finally got some technological freedom. Just a small story.
P.S. not named by me, and sorry bout that JS redirect. I redesigned it while I was supposed to be writing about the theme but the original is couchpotato not cppremium. I can't change it now but I'll change it later. I trust you guys know how to stop it without me changing it though :)

Modifying .htaccess for WordPress multisite so that my custom url(slug) will redirect to wp-login for security reasons.
It is like performing a neuro surgery where the slightest of mistake will get u paralyzed.
I have already reached a vegetative state..
I wonder what more damage I could do? FML.

This asshole is out of his fucking mind if he thinks I am going to waste my Friday night waiting around to update a URL on the employee intranet.

News flash if it’s a tool people use everyday they have it bookmarked. No uses the fucking employee intranet because it’s old and it sucks.

You get a list of the users and email them telling them of the update if you are too dumb to figure out a redirect.

Let me rant! I don’t usually do this but this is just frustrating and draining. Please tell me if im wrong. We have authentication that needs to be refactored. I was assigned on this issue. Im a junior btw. I also attached an image of my proposals. The issue of the old way of our signup process is that when validation fails they will keep on accepting the TaC (terms and conditions) and on our create method we have the validation and creating the user. Basically if User.create(user_params) create else throw invalid end. (Imma take a photo later and show it you)which needs to be refactored. So I created a proposal 1. On my first proposal I could create a middleware to check if the body is correct or valid if its valid show the TaCs and if they accept thats the moment the user is created. There is also additional delete user because DoE told me that we dont need middlewares we have before and after hooks! (I wanted to puke here clearly he doesn’t understand the request and response cycle and separation of concerns) anyway, so if middleware is not accepted then i have to delete the user if they dont accept the TaCs. Proposal 2. If they dont want me to touch the create method i could just show the TaCs and if they dont accept then redirect if they do then show form and do the sign process.

This whats weird (weird because he has a lot of experience and has master or phd) he proposes to create a method called validate (this method is in the same controller as the create, i think hes thinking about hooks) call it first and if it fails then response with error and dont save user, heres the a weird part again he wants me to manually check on each entity. Like User.find_by_email(bs@g.com) something like that and on my mind wtf. Isnt it the same as User.create(user_params) because this will return false if paras are invalid?? (I might be wrong here)

This is not the first time though He proposes solutions that are complex, inefficient, unmaintainable. And i think he doesnt understand ruby on rails or webdev in particular. This the first time i complained or I never complained because im thinking im just a junior and he hs more experience and has a higher degree. This is mot the case here though. I guess not all person who has a higher degree are right. To all self thought and bachelors im telling you not all people who went to prestige university and has a higher degree are correct and right all the time. Anyway ill continue later and do what he says. Let me know if im wrong please. Thanks

So, it's been a while since I've been working on my current project and I've never had the "luck" to touch the legacy project wrote in PHP, until this week when I got my first issue.

And damn, this goddamn issue. It was a bug, a very strange bug, that only happens in production and that nobody has any idea what was happening, so yeah, I didn't have anyone to ask and I got less time than usual ( because Thanksgiving ).

And thus, I have no starting point, no previous knowledge on PHP and less time! I expected a very fun week 😀 and it was beyond my expectations.

First I tried to understand what might be causing the issue, but there wasn't any real clue to star with, so no choice, time to read the flow on the code and see what are they're doing and using ( 1k line files, yay, legacy ). Luckily I got some clues, we're using a cookie and a php session variable for the session, ok, let's star with the session variable. Where it's that been initialize ? Well, spoiler alert, I shouldn't start with that, because my search end up in the login method of the API that set a that variable and for some reason in the front end app it was always false and that lead me to think that some of the new backend functions were failing, but after checking the logs I got no luck.

Ok, maybe the cookie it's the issue, I should try open the previous website on the brow...redirect to new project login, What? Why ? I ask around and it's a new feature push on Monday, ok I got Chrome Dev tools I can see which value of the cookie it's been set and THERE IT WAS it has a wrong domain! After 2 days ( I resume a lot of my pain ) I got what I've been looking for, so now I should be able to fix the bug. Then where is the cookie initialized ? In the first file the server hits whenever you tried to enter any page of the app, ok, I found the method, but it's using a function that process the domain and sets it correctly? wtf ? Then how in heaven do I get the incorrect domain ? Hello? Ok, relax, you still have one more day to fix this, let's take it easy.

Then, at the end of the Wednesday, nope I still have no clue how this is happening. I talked with the Devops guy and he explain me how this redirection happens and with what it depends on, I followed the PHP code through and nothing, everything should works fine, sigh. Ok I still have 2 days, because I'm not from US and I'm not in US, so I still have time, but the Sprint is messed up already, so whatever I'm gonna had done this bug anyhow.

Thursday ! I got sick, yay, what else could happen this week. Somehow I managed to work a little and star thinking in what external issue could affect the processing, maybe the redirection was bringing a wrong direction, let's talk with the Devops guy again, and he answer me that the redirection it was being made by PHP code, IN A FILE THAT DOESN'T EXIST IN THE REPOSITORY, amazing, it's just amazing. Then he explained me why this file might be missing and how it's the deployment of this app ( btw the Devops guy it's really cool and I will invite him a beer ) . After that I checked the file and I see a random session_star in the first line of the code, without any configuration, eureka ! There was the cause and I only need to ask someone If that line it's necessary anymore, but oh they're on holiday, damn, well I'll wait till Monday to ask them. But once and for all that bug was done for ! 🎉

What do I learn ? PHP and that I don't want any more tickets of PHP 😆.

!rant

I don't know if we already had a weekly rant about petty revenge or anything, but I did just pull some petty bullshit maybe 30 minutes ago.

A couple people I know are trying to start a clothing brand (think I posted something about it on here before) and asked me to build the website cause one of them found out I write code. (Well, he asked if I was good with computers and I told him that I am, and he basically said "you're building our website then")

Basically these people are..not good people. One of them has a history of sexually harassing girls (some of which are really close friends of mine), the other one is basically following in his footsteps. They also like to go to the parking lot of an elementary school (the one that my little sister goes to actually) and get high.

Both of them have fucked me over at some point in the few years I've known them. And so now my silent indirect petty revenge begins. Earlier I bought the domain name for the online store they're trying to (make me) build. Considering having the site redirect to a gay porn site.

One of them is currently getting into shit having to do with drugs, which is not my doing, but I can probably find a way to get them into trouble. Especially the fact that they're doing drugs in the parking lot of an elementary school. That shit's just fucked up, no exceptions.

Anyone have any suggestions for shit I could do to them?

I love tracking down the source of a redirect!

5 hours later....

=\

Wanted to share a devrant post to a non-dev friend. Sent URL link. His phone sends him to the app store to download devRant. Can we not?

I feel like crying because I couldn't configure ERPNext on windows (Virtual Box). Damn thing showed this error "Already Registered, There were problems" and redirect me to homepage.

Hate this when there are no error codes or no proper documentation.

Tried every possible solution in past 4~5 hours. I'll sleep

The old method of how to deal with semi close friends needing support still works:
1) Redirect their call to voice mail.
2) If the mention computer problems, ignore them for now.
3) Call back in at least 4 hours. By then, they've probably solved it using Google.

(Why "semi close friends"? Because if they're close, I take their calls and if they're not close, I'm not their free support service. And if they're close and want a lot of free labour, they'll soon find themselves distant.)

!rant but wondering,
this time I did not get my self blocked out of my server lol
But I have set up nginx to receive url then redirect to another server, my question is:

I ran tracert on the url but it ended on the nginx server, is there a way I can find out if my nginx IP is forwarding?

I have a webservice on server z, and nginx on server x, tracert end at server x, so does dev tools in chrome/firefox they show host ip header as server x. Is there a way where I can trace my call to server x if it is forwarded to another server?

I know I'm forwarding it, but if someone wants to know, can they?

From today, I'm gonna post infrequent-devLogs of the project i am currently doing, I have been thinking about it the past couple of months, and I am finally moving it into action!

I wish writing devLogs will make me to finish the project, at least a working prototype.

It is a C# block coding application that is made in 100% C# that generates human-readable C# code for C# begineers.

If you want to follow me along, make sure to subscribe to my rants by going to my Profile (cozyplanes) > More icon in top right > Subscribe

All devLogs posted directly via devRant API integration from CZedit, a simple edit program for geeks

=========================

devLog #0 - Block coding in C#

Done:
- Made the console output to redirect to textbox
- Ability to save output to external storage

WIP:
Compile C# code directly at runtime with Roslyn

Notes:
open-source??

Every once in a while, I find myself having to redirect both stdout and stderr to a file (or to stdout) in bash. Every time I have to Google it.

I'm thinking about creating a central login system for all my websites, where you get redirected to and then login/sign up and then be redirect back. A bit like oAuth.

I have a few websites (and more in development) that use a login system, so that could be really useful to have... Especially because all of them are built from scratch and have their pros and cons. And security wise it's easier to concentrate on one system instead of all of them.

Another benefit is that you save some DB space, if you have lots of users!
And of course the users benefit from it as they'll be able to use all my websites with a single account.

What do you think about it?
I'll still need to do a bit of research on security but other than that, I only see benefits!

OK.... I don't mind ads but when I'm on a mobile device n you just redirect without opening a new window...

You leave me no choice... You just earned 100% IP level blocking.

I'm confused... where am I supposed to be going again?

if (userInfo.isAdmin) {
return (<Redirect to="/my" />);
}

if (userInfo.isSuperUser) {
return (<Redirect to="/my" />);
}

return (<Redirect to="/my" />);

fuck the overengineered bulshit that ZF2 is... fuck crappy mvc in web, fuck shitty design, tuck events, fuck 'security feature' that obfuscates the fucking redirect login/logout urls fuck not having your full link, but just the path everywhere, fuck whitelabeling, fuck somebody's sister, fuck me and fuck you....

Bug Report:
Collab link posted in Rants doesn't redirect to Collab posts.

Am I missing something here? Lets Encrypt auto renews SSL every 90 days....BUT it will fail if you have .htaccess re-direct set up to https. So you would have to switch off the https redirect, manually renew, then switch it back on again. Thats fucking crazy. I can’t find a way round this. The hosting co set this up but are encouraging people to buy one of theirs when the renewal fails. a cunning plot to get more of their own SSLs. Any ideas?

Hey, privacy guys, I've recently decided to switch to DDG, and I just came across this DDG browser addon. It promises things like
"block all the hidden trackers", which is what AdBlock can also do, "force sites to use an encrypted connection", which makes no sense since most websites using https will redirect to https automatically, "Search Privately", which is already supported by them without installing the add-on, and "Decode Privacy Policies" which is the only feature that seems to be useful. Should I use it?

>finally gets around to installing vsftpd on home server RPi
>doesn't work
hmm.mp2
>configurating
>confusing as fuck template documentation
>man page isn't much better
>gets it working
>goes to log in
User: pi
Password: a
(What? It's a home file/command server isolated from the Internet. Sue me.)
nope.avi
>why
>tries again
nope.svg
>FUCK
>sees small raw-command log in bottom-right of phone FTP client
hmm.flac
>tries again, watches log
PASS *****
>the fuck
>goes to change user pass over SSH
# passwd
"Current password?"
about half a second later
"passwd: auth token manipulation denied"
>the delay tho
>WAIT A SECOND
one time i got past some parental software bullshit on a tablet by abusing the delay between opening a banned app and the redirect to the normal software at like age 7. (Doing so let me enable remote wipe through Google. bye bye software!)
>*inner 7 year old has autistic screech*
# nano temp
a
abcdefghi
abcdefghi
^O Y ^X
# passwd < temp
>fucking works
>logs in to FTP server successfully
>does the one file download that was needed

why and how did that fucking work

Once I redirect all hosted websites on a server to a old website without know about it . Off course the clients realize it.

Google's Testmysite is piece of shit.

Tested website got 6-7 sec, then built Mobile page and set redirection for mobile users.

Tested Mobile page got around 3-4 sec then tested homepage (which just redirect Mobile user to mobile page) it got fcking 6-7 seconds

FCK you Google, page redirection should not be considered in YOUR FCKING speedtest.

!rant

Anyone here experienced with Route53?

I have a small issue I'm trying to think through on how to achieve with minimum effort and maintenance, essentially set once and walk away and never care about it again solution.

Basically what I have is:

sub.domain.com

and I need to get it to redirect over to

otherdomain.com/folderToGetTo/

Using a 301 would be ideal but how for the life of me do I go about serving a 301 redirect over a dns entry - short answer is I can't unless I'm missing something!

Both domains are owned by the same company so no issue in hijacking a subdomain... well besides internal politics but that's just another day 😏

First thoughts include setting up a S3 bucket with hosting and forcing the dns to that and then, redirect out of the bucket... seems overkill but will work.

Hoping to find a smaller solution that I don't have to justify a S3 bucket being used for a single file - audits suck alright🤷‍♂️

Oh and setting up a redirect at the originating domain will take longer then it's worth to setup and get approvals for so not worth the effort internally.

Yes I will accept "fuck off @C0D4" as an answer.

Logging into my schools blackboard using selenium is only redirected on school WiFi

Outside school WiFi I go directly to the site. But on the school WiFi it pauses on a redirect page with a link that loops back to the redirect when grabbed by selenium And selenium fails

Fucking hell

So I was working with the Laravel framework and the Mollie API for selling products and accepting payments. I was working on localhost and get redirected to the thank you page when I got an error. Unsupported SSL request. So I was debugging and talked to my rubber duck. Two hours later I literally started over. But I got the same error for over 4 hours and was totally done. The next day I started up the project again and it worked, but got the error again when I came to the thank you page. What was the API doing: redirect to https. And when I fixed it to http it worked just fine.. I feel so FUCKING stupid! I wasted a whole day of work for nothing! Just a fucking typo. Really guys I feel so dumb and stupid!

i might not have ssh access to live instances but i can redirect live traffic to test instances and debug my shit there!

... no but i really do that

Ever mistype a 301 redirect?

Visual Studio Code is a joke.
it's always auto update but always fail and then delete itself.
When i ask what happened or post a discussion on the official site they close it and send /redirect it to fucking different issue like changing language code or adding extension while the real issue about auto update failure is ignored or discarded/deleted/closed without solving anything

I need help to share this to everyone until they fix this shitty perfomance

ps: i always need to redownload that fucking visual studio code everytime it has update

So today I thought to polish things on a former colleagues code. I noticed he wrote JavaScript inside PHP file to redirect header to another URL. I don't know what the fuck he was thinking. Why didn't he used PHP Header to redirect the URL why JavaScript?

Had a script that imported an Excel file, even though it'd succeed and import just fine, we'd get a property of non object error and since those are fatal the application would stop, wrapped it in a try catch with a return redirect with success for the try and the catch

Trying to explain to (a more experienced) dev why it's not a god idea to do a exec( php '/var/www/xxx >> /dev/null) and then redirect the visitor.

The script is running a query that take some time and he want's to redirect the visitor and then fetch the result with jquery.

Tried to explain parent and child processes and pointed him in the direction with pipes and bakground process. After some discussion about forking and all the cons with that.

yes its PHP ;)

Gonna be exiting to see his next idea :S

I have a question regarding file redirects 2>&1 and 1>&2. I know that file descriptor 1 is std o/p and 2 is std error and that we're redirecting one file descriptor to another.

But why do we do it? What are their use cases? Wouldn't the file to which redirection is setup get too clunky?
Analysis of the file would also become a bit difficult. And wouldn't having errors stored in a separate file make it easier to interpret and fix them?

When your redirect url passed as get parameter to 'secure' the login you pass bade64 envoded string with path, length and (salted) md5 hash ....

why God why you secure a redirect you do 302 to on success

How do you guys perform program tests or build your test env? Like redirect writing sqls towords private tables whilst keeping reading sqls towords to general test tables

Just read that if you try to access stackoverflow.com/admin.php it will redirect you to a funny youtube vid

JS/HTML QUESTION:

I wanna create a html page wich redirect us into a certain website and execute Javascript on the new website opened.

So i should use window.open i think, but how do i like execute js on this website after opened?

Oh god I just experienced the horrors of returning 301....

Thank god it's not on production yet...

I despise news sites that redirect you to the mobile homepage instead of just showing you the article you actually clicked on

I spent hours setting up Laravel Valet on Ubuntu (virtual hosts with a custom TLD) e.g myproject.dev

I just found out why it was not working. Because fucking Google bought 100+ domains in the .dev gTLD and added them in Google Chrome Hosts as well. Now they redirect the url automatically to HTTPS.

Any ideas on a new test development TLD?
I was thinking .fuckgoogle but that's too long

I like to teach sites that don't escape HTML/js in input fields a lesson, and put in a redirect. Where would you redirect them?

I tend to go SFW, like redirecting to a competitor or the NSA.

Was debugging a php project (for a friend) the header(location) wasn't working for some reason, and I didn't want to go through his 1000 lines of code to see where the trouble was, so I just inserted JavaScript to redirect the page to a location he wanted.

Now he thinks I'm a genius😂😂

I've gotten started with web dev in the past and learned HTML and CSS and started learning JS but I never could understand what I could use for a code editor to practice and pretty much forgot all of that stuff. Now I'm trying to learn Python, but what's pissing me off is paying for a phone app that doesn't teach you to write code in these lessons, rather interactive multiple choice questions and "put this in the right order". sequences. This is not learning for me, this is informing. Which is info I don't retain. And If i'm paying for it why is there so little to these lessons? Barely covering anything. I've done every lesson Mimo had for python but it didn't really explain the practicality of what it was teaching me and they skipped a lot of shit. Changing the pace of the lesson from Print this and that and heavily explain the most basic stuff 3x over to only explaining the more advanced stuff one fucking time.

I would really like learning python while being walked through a project as a lesson. Teach the terminology, structure, application, process, rinse and repeat, and outcome all in one. With a project target to look forward to. I need a goal to keep my interest.

So far all I know about python is its a programming language used to create Youtube. And I'm trying to learn it because I keep reading that its the recommended starting line. But I need to be able to visualize what this code can be used for. Explanations in terminology I haven't been taught yet just frustrates me. And I read everyone's posts and see many people mention being frustrated, but I haven't even started coding yet. Feel free to comment and redirect me to page that can help. Links are appreciated. Nay, encouraged!

it puts the binding redirect in the app.config
or else it gets the FileNotFoundException again

I have a windows vps with a server that I want to protect from DDoS and hide from outside world. Is there a way by using PHP IIS webserver on another vps to somehow whitelist ips or redirect only clean traffic to my windows vps?

Fucking hate to explain basic shit to computer illiterate. Usually I don't mind, but right know I working on the project, want to automate one thing I need to do every morning, put two numbers to web page(I will explain details maybe in next rant). So I am only one who fix, buys computers, printer(for some problems I call for other repair man.). Generally speaking working as IT guy. Firm has like 50 computers, some of them has SCADA software. Some computers have Win 7, some win 8 and others win 10, can't upgrade those computers, not enough money(I can deal with this problem). And yes, computer buying is not the fastest, easiest thing too. Because is public firm, I need to do public buying(I don't know how to translate to english), and most of the time wins the lowest price, I am ok with that. But I can't on item specification write I want that model pc or it components. Example: I can't write I want intel processor, however I can write number of cores, frequency. But it's not that bad, usually i have template for all things I buy. One of the worst thing is this, our firm bought new bookkeeping software version, old version was using visual foxpro framework. Good thing I didn't initiate the purchase, because right know I would be jobless, not because I would be fired, but because our senior accountant would drive me crazy. In fact accountants drive me crazy, but I can handle it for now. As I wrote before our form has about 120 workers, major part of workers are old, like my parents age. (I am 28 btw. Mom is 55.). As you all know what happens if you say you work with computers. So our accountants are like 60 years old, got new program, don't know how to work with it, and they ask me how to do certain things. if I don't know how to I ask program's support, every question is like 90 Eur. So in short accountants expect I should know their work and how program works. If I try say something they don't like, they try to make my day hard. Next thing is our billing program. Man that worked before me done some payments import. And when I came everyone expect me to do that. Ok I did that because that people working with billing program would probably fuck it up. And I semi automated that, so I don't mind that much. Sometimes that program fucks up, like it happened yesterday, it send email invoices attachment without filename. Example: people got this attachment ".pdf"(no filename, only extension), And if you save it you need do OPEN WITH command and then select pdf reader or rename file (I don't know what easier). And surprise surprise our firm, customer support redirects all phone calls, emails to me. But I did explain to customer support what to say to people. Still they redirect it to me.
PS: This is my first job after school. I work as part time.
TL;DR Thinking my life, carrier choices. accountants are not the nicest people.

my worst mistake was when I was using Ansible with AWS tags and I accidentally termianted a server that had been provisioned to handle users authentication and redirect them to their proper applications.

No, sorry you can't get a torrent link of the new version of the torrent client. But, we're happy to redirect you to our website and then reopen that client once we're done.

This had just happened, I was trying to increase the default timeout of an nginx running in a container for a proxy pass and always got a 504-gateway timeout response. I was setting proxy_connect_timeout, proxy_send_timeout, proxy_read_timeout, send_timeout, keepalive_timeout, etc. and nothing worked, after two hours of adding and removing lines of configuration (and waiting 1 minute for every time I tried a request), then I realized I have a local nginx for redirect server names to local ports (the container), that nginx was the one that actually responds with the 504 error, after that I tried a request with the port of the container ALL WORKED!!!!

Which ons is less risky and which one Is most profitable to succeed ?

0- telling the admin you forgot your password and as he's logging in, sniff his password (you already placed sslstrip)

1- gain access to router using its vulnerabilities and redirect the traffic to a fake page and get the password.

2- exploiting smb port of admin's system and placing a krylogger or stealing his cookies if available

3- brute forcing admin password :/

4- pressing forgot password on admin account and staying close to him and sniff the SMS containing the otp using rtl-sdr (and of course you will be prompted to set a new password)

5- any other way .

Also the website itself is almost secure.
It is using iis 8.5 and windows server 2012
Only open ports are 80 and 443.

I need to have domainB show the contents of domainsA without redirect. Oh and its WordPress if that makes it worse.

Support just said "You gotta clone the website" but there's gotta be a better way.

It's cloud hosting from HostGator so I don't have access to virtualhosts.

Any startup founders/co-founders, I'm curious to know if there are any good serious websites that offer explanations on various aspects of running a startup and common pitfalls and the like. I've looked at some but I figure it would be best if anyone who has done it before could redirect me to something :)

! Rant

Recently received my ESP8266 and for bad or for worse quickly flashed it to use thingsSDK and espruino.

I have setup a webserver on it but at the moment you need to go to its local ip to see the page, does any one have tryed this before and overcome to redirect all requests to that page? Any ideas are welcome, i know this can be done easly with LUA but cant code LUA, yet...

i have a question. when a user logs in, the app should have the "logged in" effect. so when he tries to navigate go login page it should redirect him to home page. but how can the app know if he has logged in? should i store the jwt token in sharedprefs and check if hes logged in locally on the phone or is the backend rest api supposed to handle that (and how)?

Msal.js. I give it 3/10..

The docs are duplicated, and in various states of out of date. Half the library seems to be undocumented based on how many edge case bugs I've hit, it offers a popup login but you have to have a set specified white list of urls you can launch the popup from which makes a popup login pointless...

Ontop of that my colleagues shat the bed on it and fucked the whole implementation including the azure b2c setup... We do not even have a backend app listed in the azure b2c apps. The redirect also won't work if you don't instantiate an object in a hidden iframe of your own website that fetches a token... This does not make life easy when you use a SPA framework and you have already implemented a whole pipeline abstracting the creation of this object behind layers dependency injection.. Nice.

After sifting through endless shit I finally have a solution. What a week.

!rant
I am trying to write a program in c which forks a process and exec another program i wrote. I want to redirect output of child program to parent program then after getting that output parent will check some conditions and if they are true then it will resume child program and will do more stuff. I have successfully redirected output of child to parent using pipes then I wrote code which should be read in child program but it isn't getting read. I tried by passing pipe read and write ends as cmdline arguments to child program but it isn't reading. It is blocking at that particular point. Stuck for more than 5 hours at this. Can anyone help me here? Fml :-(

MRW I deploy to production server and forget to add a server domain in "OAuth redirect domains" in Firebase.
Before that I was debugging for 6 hours without success.