Me: GET /sleep
Baby: 307 Temporary Redirect
Baby: 204 No Content
Me: 200 OK

Me: GET /sleep
Baby: 307 Temporary Redirect
Baby: 413 Payload Too Large
Me: 102 Processing
Me: 200 OK

Me: GET /sleep
Baby: 307 Temporary Redirect
Baby: 444 Connection Closed Without Response
Me: 200 OK

Me: GET /sleep
Baby: 307 Temporary Redirect
Baby: 444 Connection Closed Without Response
Me: 429 Too Many Requests

Me: GET /sleep
Baby: 307 Temporary Redirect
Me: 101 Switching Protocols
Me: 408 Request Timeout
GF: 102 Processing

Me: GET /sleep
Sleep: 404 Not Found
Me: 406 Not Acceptable

(Morning)
Me: 501 Not Implemented

My 80 year old very absent minded dad made a website, all by himself, using a two decades old book he got from the thrift store.

He's even hosting it himself on an old laptop running Debian, including a redirect to a beautiful nostalgic /~username/index.htm url (not gonna share the link, because his personal details are on there).

The whole site is incredibly carefully crafted, and I'm super proud of him.

Who cares if it's not a React app? The 14 kilobytes of HTML 4.0 markup load in 20-30ms, and it renders pretty much perfectly in every browser including Internet Explorer 4 and Edge.

🤷‍♂❤️

I hate those fucking sites which make you login first and then redirect to their home page.

FOR FUCK'S SAKE, ITS 2017. CANT YOU BASTARDS WRITE A FEW LINES OF CODE SO THAT I AM AUTOMATICALLY REDIRECTED TO WHERE I WAS AND I NEED NOT BACKSPACE EVERY TIME I LOGIN?

Client: About this QR code for my website, can we change it?
Me: Well we could redirect, but what's wrong with it?
Client: I just dont like the pattern, it's too noisy...
Me: 🙃

More than half of all support calls and tickets we get are so fucking easily searchable through our own fucking website and search engines, it's really fucking annoying sometimes.

"how do I redirect a site?"
Type the fucking word redirect into our helpdesk page.

"how can i reset my email password?"
Literally fucking type the word EMAIL into fucking search bar?!

"hey the article said to go to yourdomain.com/webmail, I'm not getting anything!!!"
"what domain did you use?"
"yourdomain.com of course!"

😥🔫

"how can I add a domain to my hosting?"
Search for the FUCKING word DOMAIN on our online helpdesk.

IT'S REALLY NOT THAT HARD, PLEASE APPLY COMMON SENSE AND USE YOUR FUCKING BRAIN.

Developed an android app for the client. It was going great. Prototype for the initial (and static) content to show to the client was on the way. All until...

*goes back in time to when we were developing the prototype*

The asshole boss: "Wow this is good, just remove the login after the splash screen. Redirect it to the dashboard immediately."

Me: "What? Why?"

TAB: "He (the CEO of our company) said that the client doesn't need to see the login."

Me: "Well, alright." (Orders are orders, better remove it)

*A few days later, we present the prototype to the CEO. He'll be the one talking to the client. TAB isn't in this meeting.*

CEO: "Where is the login screen?"

Me: *dumbfounded and confused, in silence, and pressure rising*

The Good Boss: *whispers* "Where is the login screen? I thought I told you guys it should be there."

Me: *whispers* "TAB told us to remove it."

TGB: *Looks toward CEO* "TAB told us to remove it."

CEO: "Ugh. TAB is sick."

A little giggle. Nonetheless the meeting continued. He was displeased. I was a little guilty. The login screen's code was already there. Just couldn't show it since the app doesn't redirect there anymore.

*A discussion after the meeting*

TGB: "Why'd you guys remove the login?"

Me: "You and TAB had a meeting with the CEO the other day. After the discussion TAB went to us and told us to change it."

TGB: "But the CEO said no such thing! Anyway, let's go back to the office and straighten this out tomorrow."

*The next day, TAB was in the office*

TGB: *Chatting on messenger with me* "He is completely denying it."

Me: "WHAT?"

TGB: "He said he never told you guys anything. And he is persistent. I kept telling him it was his fault, but he denies all of it. He never approached you guys to change anything."

Me: "Well yeah. I guess we magically thought to ourselves and said, 'Hey, let's remove the login screen for fun. Let's show them less content because that's how we please our clients!' -_-"

Seriously, what kind of assholefuckery is this. This shit is a whole new level. I am so TRIGGERED.

I don't really care that the meeting didn't go as planned. Just MAN UP AND ADMIT YOUR MISTAKE YOU FILTHY SON OF A GOOSE. Never listening to this asshole again. Thought he could be trusted. I will always ask my good boss next time.

Had a former customer call a few (10) years ago, furious that we shut down their website.

Me: but you moved your website to another provider 2 years ago? We dont even provide webhosting any more?

Turns out, when they moved we put a redirect to their new site on our server.

During the summer this server was decommisoned due to a failing harddrive but since we no longer had any active customers on it we just pulled the plug.

The customer had never actually redirected their domain name. :)

When we sent them a copy of their own cancellation letter we got an "oh hell, sorry".

:D

I am working on another developer's PHP code, and I found a new way that he done the redirect after the login with PHP!

We're using a ticket system at work that a local company wrote specifically for IT-support companies. It's missing so many (to us) essential features that they flat out ignored the feature requests for. I started dissecting their front-end code to find ways to get the site to do what we want and find a lot of ugly code.
Stuff like if(!confirm("blablabla") == false) and whole JavaScript libraries just to perform one task in one page that are loaded on every page you visit, complaining in the js console that they are loaded in the wrong order. It also uses a websocket on a completely arbitrary port making it impossible to work with it if you are on a restricted wifi. They flat out lie about their customers not wanting an offline app even though their communications platform on which they got asked this question once again got swarmed with big customers disagreeing as the mobile perofrmance and design of the mobile webpage is just atrocious.

So i dig farther and farthee adding all the features we want into a userscript with a beat little 'custom namespace' i make pretty good progress until i find a site that does asynchronous loading of its subpages all of a sudden. They never do that anywhere else. Injecting code into the overcomolicated jQuery mess that they call code is impossible to me, so i track changes via a mutationObserver (awesome stuff for userscripts, never heard of it before) and get that running too.

The userscript got such a volume of functions in such a short time that my boss even used it to demonstrate to them what we want and asked them why they couldn't do it in a reasonable timeframe.

All in all I'm pretty proud if the script, but i hate that software companies that write such a mess of code in different coding styles all over the place even get a foot into the door.

And that's just the code part: They very veeeery often just break stuff in updates that then require multiple hotfixes throughout the day after we complain about it. These errors even go so far to break functionality completely or just throw 500s in our face. It really gives you the impression that they are not testing that thing at all.

And the worst: They actively encourage their trainees to write as much code as possible to get paid more than their contract says, so of course they just break stuff all the time to write as much as possible.
Where did i get that information you ask? They state it on ther fucking career page!

We also have reverse proxy in front of that page that manages the HTTPS encryption and Let's Encrypt renewal. Guess what: They internally check if the certificate on the machine is valid and the system refuses to work if it isn't. How do you upload a certificate to the system you asked? You don't! You have to mail it to them for them to SSH into the system and install it manually. When will that be possible you ask? SOON™.
At least after a while i got them to just disable the 'feature'.

While we are at 'features' (sorry for the bad structure): They have this genius 'smart redirect' feature that is supposed to throw you right back where you were once you're done editing something. Brilliant idea, how do they do it? Using a callback libk like everyone else? Noooo. A serverside database entry that only gets correctly updated half of the time. So while multitasking in multiple tabs because the performance of that thing almost forces you to makes it a whole lot worse you are not protected from it if you don't. Example: you did work on ticket A and save that. You get redirected to ticket B you worked on this morning even though its fucking 5 o' clock in the evening. So of course you get confused over wherever you selected the right ticket to begin with. So you have to check that almost everytime.

Alright, rant over.
Let's see if i beed to make another one after their big 'all feature requests on hold, UI redesign, everything will be fixed and much better'-update.

You want to know what fucking pisses me off? This fucking router thinking it can just inject itselft and redirect into any fucking page that it wants..my fucking bank account? Yep, my fucking google docs? YEP, Fucking CSGO? YOU BET BRO

It's maddening how few people working with the internet don't know anything about the protocols that make it work. Web work, especially, I spend far too much time explaining how status codes, methods, content-types etc work, how they're used and basic fundamental shit about how to do the job of someone building internet applications and consumable services.

The following has played out at more than one company:

App: "Hey api, I need some data"
API: "200 (plain text response message, content-type application/json, 'internal server error')"
App: *blows the fuck up

*msg service team*

Me: "Getting a 200 with a plaintext response containing an internal server exception"
Team: "Yeah, what's the problem?"
Me: "...200 means success, the message suggests 500. Either way, it should be one of the error codes. We use the status code to determine how the application processes the request. What do the logs say?"
Team: "Log says that the user wasn't signed in. Can you not read the response message and make a decision?"
Me: "That status for that is 401. And no, that would require us to know every message you have verbatim, in this case, it doesn't even deserialize and causes an exception because it's not actually json."
Team: "Why 401?"
Me: "It's the code for unauthorized. It tells us to redirect the user to the sign in experience"
Team: "We can't authorize until the user signs in"
Me: *angermatopoeia* "Just, trust me. If a user isn't logged in, return 401, if they don't have permissions you send 403"
Team: *googles SO* "Internet says we can use 500"
Me: "That's server error, it says something blew up with an unhandled exception on your end. You've already established it was an auth issue in the logs."
Team: "But there's an error, why doesn't that work?"
Me: "It's generic. It's like me messaging you and saying, "your service is broken". It doesn't give us any insight into what went wrong or *how* we should attempt to troubleshoot the error or where it occurred. You already know what's wrong, so just tell me with the status code."
Team: "But it's ok, right, 500? It's an error?"
Me: "It puts all the troubleshooting responsibility on your consumer to investigate the error at every level. A precise error code could potentially prevent us from bothering you at all."
Team: "How so?"
Me: "Send 401, we know that it's a login issue, 403, something is wrong with the request, 404 we're hitting an endpoint that doesn't exist, 503 we know that the service can't be reached for some reason, 504 means the service exists, but timed out at the gateway or service. In the worst case we're able to triage who needs to be involved to solve the issue, make sense?"
Team: "Oh, sounds cool, so how do we do that?"
Me: "That's down to your technology, your team will need to implement it. Most frameworks handle it out of the box for many cases."
Team: "Ah, ok. We'll send a 500, that sound easiest"
Me: *..l.. -__- ..l..* "Ok, let's get into the other 5 problems with this situation..."

Moral of the story: If this is you: learn the protocol you're utilizing, provide metadata, and stop treating your customers like shit.

>>> print(whoSaid("OlderFriend"))
About 20ish years ago I was working in IT, and it was about around this time where CD-Roms were hitting the stores and becoming the newest craze. However, Microsoft did not write the drivers correctly for this new hardware.

In a nutshell, the driver would be installed and the user would lose the sound to their speaker.

How did this happen? By altering the way the interrupts worked on the computer. At the time there only existed a few unreserved IRQs or Interrupt ReQuests. The installer package would redirect IRQ 5 which is "User Selectable (Sound Cards)" to work with the CD-Rom. This was fine and all unless you wanted to listen to your speakers.

I had come up with a clever hack through rewriting a config file that would be run during bootup. So at the time of boot up IRQ 5 would be dedicated to the sound card, and IRQ7 (which was usually for the Lpt1 Printer) would be dedicated to the CD-Rom. This worked.
And because I was IT at the time, I would get a lot of calls for fixing this problem.

So, as you can imagine, I've gotten **really** good at doing this. I didn't even need to be at a computer to walk someone through the problem.

I receive a call one day, it was a problem with the CD-Rom and sound card. I walk him through the problem and he reboots his computer. I could hear him on the other side jumping with joy when he was able to put in his music CD and hear sound coming from the speakers.

He asks me, how in the hell did you figure this out!? You're a fucking Genius!

And I said, It's not rocket science it's just a computer.

There was a long pause of silence.

Uhhh... Hello? Did I say something wrong?

Sir, I work at NASA I deal with Rocket Science on a daily basis.

So me and my wife offered a friend to build and host a website for him for free for the first year when he was starting his business. We all agreed and wife started to build it.
The only thing that she had left was getting pictures and texts from him that would be on the site. That was 10 month ago.

And Today - it was suddenly SUPER IMPORTANT to get the site up because he has left alot of Business cards at a conference.
Wife - who is studying answered that she can fix it in a few weeks because she does'nt simply have time.

The dude sent this now:
"Ok no worries, I have solved it myself"

So I checked:
The domain he bought, is just a redirect to "randomshit.wixsite.com"

Why the hell do people make websites with VALID SSL certs redirect BACK TO HTTP? What the fuck is wrong with them?!

I saw someone handle redirect on every anchor link on server side. Yes, they handle onclick on serverside and then decide where to redirect. No they don’t use href or any sort that’s stated on the HTML. And this guy is my senior.

Hashedram's compilations #1
List of most annoying website designs.

1) Pages with AUTO PLAYING VIDEOS.

Yes I'm looking at you Netflix. Along with every news website known to man. I'm looking to read a fucking article, so why would you even waste your money and bandwidth trying to shove a video of some shit I don't care about in my face, and make it follow me as I scroll down like a fucking insecure puppy. Also, fuck you Instagram.

2) Pages that redirect once immediately after you visit them, thereby fucking with the browser history and the BACK BUTTON just leads back to the same fucking site.

I mean, just why. Did you think I would just go "Hey the back button doesn't work so let's stay on the site and read their awesome content"?

3) Sites showing things in a SLIDESHOW, when it actually should be in a list.

Slideshows are for progressive stories or for showing lists where you don't care about what's in them. Top 10 foods that reduce weight. Slideshow 1/15. Fuck you.

4) LOOKS LIKE YOU'RE USING AN AD BLOCKER

Yes. Yes I am. No I will not turn it off for you, you narcissistic snowflake fuck. And don't even try to guilt shame me into turning it off, because I know you're just going to bombard me with videos of sexy singles in the area if I do.

5) Pages where I see the first 3 lines of an article and have to SUBSCRIBE to see more.

Yes. Brilliant fucking idea. A user wants to see what your site has to offer, so within the first three seconds, don't show him exactly that.

6) Looking up an article and having to read through the entire motivational life story of the author.

I just want to know how to boil eggs, not read about your journey across Africa learning how to make difference recepies using boiled rhino dung.

7) CLICK BAIT.

Title: School boy designs blockchain machine learning game engine

Actual Content: Tic tac toe program made using linked lists

My parents are real sticklers for who is allowed to be on Netflix. They only let people on when they are present, and they never click 'save password'.

Me being a poor college student and desperate for the Netflix password, created a fake website for one of my parents to sign into.

How did I do this? I created my own localhost server with a backend database for the password to go to. I then copied the Netflix home screen and log in and asked them to log me into their account.

They said I can be on for one hour, and then they were signing me out.

I agreed to these terms.

As a small twist, I had also copied the no internet tab from Chrome for the page to redirect to. Knowing that once they logged in they would be expecting the main UI.

They logged in and then waited for the page to load. I, of course, put in a delay for the page to load and then displayed the no internet tab. They were confused and asked me to refresh, still nothing. I asked them if the router was out, and they went to check.

While they were away I quickly switched back to the real Netflix website and yelled back saying I got it working again. They came back over and saw that it was asking for a password again. They signed in and saw the main homepage and none were the wiser that day.

Once they left I checked inside the DB and found the plaintext password they typed in... The damn password was so simple, I cursed myself for not having figured it out sooner. No matter, I had my parents Netflix password.

So you're probably wondering how they didn't see the URL above and think something was off?

I pressed F11 and fullscreened my entire browser. They did ask, and I simply replied with, I don't like seeing all the crap up above when I'm streaming. No further questions, perhaps I was lucky.

The solution for this one isn't nearly as amusing as the journey.

I was working for one of the largest retailers in NA as an architect. Said retailer had over a thousand big box stores, IT maintenance budget of $200M/year. The kind of place that just reeks of waste and mismanagement at every level.

They had installed a system to distribute training and instructional videos to every store, as well as recorded daily broadcasts to all store employees as a way of reducing management time spend with employees in the morning. This system had cost a cool 400M USD, not including labor and upgrades for round 1. Round 2 was another 100M to add a storage buffer to each store because they'd failed to account for the fact that their internet connections at the store and the outbound pipe from the DC wasn't capable of running the public facing e-commerce and streaming all the video data to every store in realtime. Typical massive enterprise clusterfuck.

Then security gets involved. Each device at stores had a different address on a private megawan. The stores didn't generally phone home, home phoned them as an access control measure; stores calling the DC was verboten. This presented an obvious problem for the video system because it needed to pull updates.

The brilliant Infosys resources had a bright idea to solve this problem:

- Treat each device IP as an access key for that device (avg 15 per store per store).
- Verify the request ip, then issue a redirect with ANOTHER ip unique to that device that the firewall would ingress only to the video subnet
- Do it all with the F5

A few months later, the networking team comes back and announces that after months of work and 10s of people years they can't implement the solution because iRules have a size limit and they would need more than 60,000 lines or 15,000 rules to implement it. Sad trombones all around.

Then, a wild DBA appears, steps up to the plate and says he can solve the problem with the power of ORACLE! Few months later he comes back with some absolutely batshit solution that stored the individual octets of an IPV4, multiple nested queries to the same table to emulate subnet masking through some temp table spanning voodoo. Time to complete: 2-4 minutes per request. He too eventually gives up the fight, sort of, in that backhanded way DBAs tend to do everything. I wish I would have paid more attention to that abortion because the rationale and its mechanics were just staggeringly rube goldberg and should have been documented for posterity.

So I catch wind of this sitting in a CAB meeting. I hear them talking about how there's "no way to solve this problem, it's too complex, we're going to need a lot more databases to handle this." I tune in and gather all it really needs to do, since the ingress firewall is handling the origin IP checks, is convert the request IP to video ingress IP, 302 and call it a day.

While they're all grandstanding and pontificating, I fire up visual studio and:

- write a method that encodes the incoming request IP into a single uint32
- write an http module that keeps an in-memory dictionary of uint32,string for the request, response, converts the request ip and 302s the call with blackhole support
- convert all the mappings in the spreadsheet attached to the meetings into a csv, dump to disk
- write a wpf application to allow for easily managing the IP database in the short term
- deploy the solution one of our stage boxes
- add a TODO to eventually move this to a database

All this took about 5 minutes. I interrupt their conversation to ask them to retarget their test to the port I exposed on the stage box. Then watch them stare in stunned silence as the crow grows cold.

According to a friend who still works there, that code is still running in production on a single node to this day. And still running on the same static file database.

#TheValueOfEngineers

In the old days switching accounts was as simple as logging out and logging in

Now, logging out redirects you to 20 different pages, doesn't redirect you to the original page, and sometimes it doesn't even log you out

Worst experience with a higher up?

At an old contract job (around 2013), I was contracted by the company to help guide their developers with me to rewrite their software (it was buggy as shit, they didn't know better.).

So, a month later, we are in the middle of the rewrite and the boss flies in pissed that it's not done yet, he had the audacity to accuse me of stealing contract work with no experience in the area.

I told him flat out, "you don't know what the hell you are talking about. If you didn't hire a JV coding team, you wouldn't need me to redirect your damn rewrite."

He fired me, so I went to his superior and told her the situation. She told me i completely deserved it.

Worse part was I got paid half of my contract. Didnt make that mistake again. 😒😒

Found out later that the company failed, declared bankruptcy. Felt pretty happy.

When you redirect every movie link to XXX links on your rip-off netflix school project and nobody suspects a thing

!!oracle

I'm trying to install a minecraft modpack to play with a friend, and I'm super psyced about it. According to the modpack instructions, the first step is to download the java8 jre. Not sure if I actually need it or not, but it can download while I'm doing everything else, so I dutifully go to the download page and find the appropriate version. The download link does point to the file, but redirects to a login page instead. Apparently I need an oracle account to download anything on their site. stupid.

So I make an account. It requires my life story, or at least full name and address and phone number. stupid. So my name is now "fuck off" and I live in Hell, Michigan. My email is also "gofuckyourself" because I'm feeling spiteful. Also, for some reason every character takes about 3/4ths of a second to type, so it's very slow going. Passwords also cannot contain spaces, which makes me think they're doing some stupid "security" shenanigans like custom reversible encryption with some 5th grade math. or they're just stupid. Whatever, I make the stupid account.

Afterwards, I try to log in, but apparently my browser-saved credentials are wrong? I try a few more times, try enabling all of the javascripts, etc. No beans. Okay, maybe I can't use it until I verify the email? That actually makes some sense. Fine, I go check the throwaway inbox. No verification email. It's been like five minutes, but it's oracle so they probably just failed at it like everything else, so I try to have them resend the email. I find the resend link, and try it. Every time I enter my email address, though, it either gives me a validation error or a server error. I try a few mores times, and give up. I try to log in again; no dice. Giving up, I go do something else for awhile.

On a whim later, I check for the verification email again. Apparently it just takes bloody forever, but it did show up. Except instead of the first name "Fuck" I entered, I'm now "Andrew", apparently. okay.... whatever. I click the verify button anyway, and to my surprise it actually works, and says that I'm now allowed to use my account. Yay!

So, I go back to the login page (from the download link) and enter my credentials. A new error appears! I cannot use redirects, apparently, and "must type in the page address I want to visit manually." huh? okay, i go to the page directly, and see the same bloody error because of course i do because oracle fucking sucks. So I close the page, go back to the download list, click the link, wait for the login page redirect (which is so totally not allowed, apparently, except it works and manual navigation does not. yay backwards!), and try to log in.

Instead of being presented with an error because of the redirect, it lets me (try to) log in. But despite using prefilled creds (and also copy/pasting), it tells me they're invalid. I open a new tab container, clear the cache (just to be thorough), and repeat the above steps. This time it redirects me to a single signon server page (their concept of oauth), and presents me with a system error telling me to contact "the Administrator." -.- Any second attempts, refreshes, etc. just display the same error.

Further attempts to log in from the download page fail with the same invalid credentials error as before.

Fucking oracle and their reverse Midas touch.

> Be me
> Desperate for a driver
> Find nothing useful
> Oh a GitHub repo, hmmh
> '𝐃𝐨𝐰𝐧𝐥𝐨𝐚𝐝 𝐡𝐞𝐫𝐞 ===> tinyurl.com/XXXXXX'
> Nope
> It's time to report!

Context:

- The url is a redirect chain to a phishing site

- Repo is completely empty except for a single folder with 1000+ files all named after drivers, with the same 'download' link, and probably scraped website text at the bottom (probably to increase searchability)

- The 'user' joined just a couple days ago and has no other repos

My friend and I have been debugging this server issue where the server can't find the input file.

30 minutes passed, we checked, restarted everything, still no avail.

When I saw his safari browser, THE FULL URL WASNT SHOWING. The server was working, we just didn't see a redirect behavior because of apple fucking trying to fucking prettify everything.

GOD DAMMIT.

/rant

deadmau5 exclusive on tidal streaming.

Fuck, okay.

*Sign up*

>> enters email, password
>> redirect to different signup page
>> enters email, password
>> redirect to original signup page
>> ????
>> enters email, password
>> redirect to second signup page again
>> ????????????
>> try to login
>> enters email, password
>> nope

>> listen to preview of album
>> please enable flash
>> okay, fuck you, deadmau5.

Devrant is the only Social Media interaction I have been using lately, rather than others. Every time I feel the urge to open other social media apps, I redirect my actions to Devrant.

Meet 'SBI Online' app from Play Store, in their own words:

What they were supposed to do?
"Experience the new Retail Internet Banking of SBI"

What they do?
"SBI online app will redirect to SBI Retail Internet Banking (online SBI) site"

Why do they have app?
"No need to remember URL",
"Less memory space required on device"

App storage space?
F**king 2.6 MB, just to redirect users to their website, in third-party browser.

Customer has thousands of clients - puts each client site under a subdomain of the main domain on a shared server. What happens to every single website when the server runs out of space?
But that'll never happen, right? We have lots of space. It certainly won't happen on day one of the main tech dev's holiday.
...twice...
It's fine, there's a backup, or atleast a redirect, right
.....right?

Putting chatgpt to some good use. Writing a complaint mail to the idiots maintaining my banking app in the style of shakespare.

Hark thee, App Support Team,

With grave disquiet and vexation doth I write to thee concerning thy recent update of the application. As a software developer, the option to enable developer settings on mine own mobile device is of paramount importance for mine work. Yet thy latest update hath impeded mine access to mine own bank account until I disable this setting. Upon launching the app, it doth redirect me to a browser tab, where I am compelled to deactivate the developer setting to avail of thy services.

This conduct of thine is most unacceptable and unprofessional in mine eyes. It doth seem a transgression of privacy, for thy app doth dictate what settings I may or may not have on mine own personal phone. How canst thou deny me access to mine own bank account information merely on the grounds of having enabled developer options? How doth this option interfere with thy application, such that thou must needs coerce thy users to forsake their phone settings to utilize thy app?

I beseech thee to rectify this issue with all due haste, so that I may access mine own bank account without hindrance. If thou art incapable of doing so, then prithee, might thou recommend a more user-friendly banking application to which I may gladly switch?

With frustration and discontent at this time,
A locked-out person.

Backstory : So recently one of my banking app stopped working and forced me to update to their latest version. As soon as i opened the newer version , it shut down and redirected to my browser with a shitty html page with just one message : Disable developer options on your device to continue using our app. I was extremely frustated and couldnt understand what kind of idiots were maintaining this app.So i decided to write up an email hoping to find some solution for this.

My own personal hell was a html page that had a script tag that called a rest endpoint that sent back a text block of JavaScript that was then dynamically executed to redirect the user to a php 3 page that was the exact same thing as the original page but with an extra bit of css to make the buttons blue and slightly rounded

You can’t make this shit up

When I call another dev and he give me another dev's number and the second one give me another and that one gives another num. :
I feel like "ERR_TOO_MANY_REDIRECTS"

FUUUUUUCCCKKK, now the websites have new features, where no matter how many time you try to go back from their website, they will redirect back to their SHITTY FUCKING WEBSITE. FUUUUCCCKKKK YOU

#7

The former dev tried to implement redirects. He created dozens of routes wich lead to a 'redirectXY' method within the 'mainController'. There he returned a redirect Instance.

😓🔨

Realizing that the former so-called PHP developers based the entirety of their so-called dashboard framework (self-written of course) on GET requests.

Every. Controller. Only. Accepts. Get. Requests.

It creates stuff? So what! It does update? No matter! It deletes? Who cares!

Just call that URL, and it will release all hell, plagued with multiple side-effects, and then issue a redirect.

Of course that one delete button was inside some twitter bootstrap tabs, and due to the redirect the page always reloaded and the content manager landed on a very different tab. Meaning if they wanted to delete multiple records, they had to hit "activate tab" and "delete" and "activate tab" and "delete" -- rinse and repeat.

It's our *job* to make things easier for our users! Not to waste their time. (Unless you are browser game developer. Then do your thing.)

And we are talking basic CRUD! Basic CRUD! I am not even demanding for it to be restful or to have some parts of a HTML page being updated on the fly with such rad and new technologies like ajax!

There is just question I would like to ask whoever build this: Seriously!?

TL;DR : do we need a read-only git proxy

Guys, I just thought about something and this potential gitpocalypse.

There is no doubt anymore that regardless of Microsoft's decisions about Github, some projects will or already have migrated to the competition.

I'm thinking : some projects use the git link to fetch the code. If a dependency gets migrated, it won't be updated anymore, or worse, if the previous repo gets deleted, it can break the project.

Hence my idea : create some repository facade to any public git repository (regardless of their actual location).
Instead of using github.com/any/thing.git, we could use opensourcegit.com/any/thing.git. (fake url for the sake of the example).
It would redirect to the right repository (for public read only), and the owner could change the location of the actual repository in case of a migration.

What do you think ? If I get enough ++'s, I'll create a git repo about this.

Websites that redirect you to a custom /404 page after you've typed their way too fucking long URL and misspelled a single word deserve to be nuked from orbit.
Holy fucking shit, why is this a thing? Has this ever helped ANYBODY?

I wonder if it's legal to intercept and redirect a drone hovering around your private property..

I’m LOLing at the audacity of one of our vendors.

We contract with a vendor to build and maintain a website. Our network security team noticed there was a security breach of the vendor’s website. Our team saw that malicious users gained access to our Google Search console by completing a challenge that was issued to the vendor’s site.

At first, the vendor tried to convince us that their site wasn’t comprised and it was the Google search Console that was compromised. Nah dude. Our Search Console got compromised via the website you maintain for us. Luckily our network team was able to remove the malicious users from our search console.

That vendor site accepts credit card payments and displays the user’s contact info like address, email, and phone. The vendor uses keys that are tied to our payment gateway. So now my employer is demanding a full incident report from the vendor because their dropping the ball could have compromised our users’ data and we might be responsible for PCI issues.

And the vendor tried to shit on us even more. The vendor also generates vanity urls for our users. My employer decided to temporarily redirect users to our main site (non vendor) because users already received those links and in order to not lose revenue. The vendor’s solution is to build a service that will redirect their vanity urls to our main site. And they wanted to charge us $5000 usd for this. We already pay them $1000 a month already.

WTAF we are not stupid. Our network service team said we could make the argument that they do this without extra charge because it falls in the scope of our contract with them. Our network team also said that we could terminate the contract because the security breach means they didn’t render the service they were contracted to do. Guess it’s time for us to get our lawyer’s take on this.

So now it looks like my stakeholders want me to rebuild all of this in house. I already have a lot on my plate, but I’m going to be open to their requests because we are still in the debrief phase.

Hell is not enough for people who create scripts that forcefully redirect you, while scrolling.

EAT A SPIKY CACTUS FOR EVERY DAMM TIME I HAD TO HIT THE BACK BUTTON BEVAUSE OF YOU

The layout for my little side project was working fine in IE last week. Made some server side additions over the weekend and now the layout is broken... in IE only. Guess who's putting in a user-agent redirect to a "Works best in Chrome or Firefox" page? 😉

My company decided to reinvent the wheel by writing its own queue system instead of using the existing message queue service.

And it uses plain PHP with exec() to run the workers.

Where do we store the job? We use mongoDB which is already used in our existing projects. We can query the collection/table each time the queue service start, execute the jobs, and let it exit if there's no job anymore. Don't worry, systemd will start the queue service again once it exits.

How to monitor the workers? Yep, we use ps and grep to check if the worker's PID still exists in the OS.

What about error stack traces? Nice question, we redirect the stdout and stderr when exec()-ing into a file.

What about timeout? We don't need it, let's just assume no one is going to write while(true).

It works flawlessly! /s

My boss says to me this morning.

Boss: Can you add these links as a redirect 301 to this link.

Me: Ok, I'm not the developer for that domain but I guess I can do it. Let's try to update apache htaccess for that domain through my account.

(After a swift ssh connection to the server to check out that domain.)

Me: Er...boss, we don't own that domain. We cannot redirect it's links to our other domains.

Boss: Why? What do you mean?!

Me: well if we don't own that domain, than it is not on our server and we cannot update it's server config files. So we cannot redirect that domain to our other domains.

Boss: Are you sure?

It went on like this for a while. I had a laugh break after.

My mom got infected with one of those stupid you have a virus redirect viruses. Malware bytes isn't useful.
To make matters worse it doesn't redirect in Edge, so she's forced to use Edge until further notice.
It's going to be a long week.

Also I don't have much experience with Windows viruses especially these redirect ones, so yay!

My idiot friend nearly destroyed his install because of me.

He was complaining to me about some program he was running in terminal writing too much lines to terminal he didn't care about.

So I wrote to him verbatim:
"Just redirect the output to /dev/null by running it like ```cmd > /dev/null```.
Or better yet do ```cmd > /dev/sda``` it will be more fun ;)"

Three minutes later I get a screenshot from him where he's trying to run ```cmd > /dev/sda```, but it keeps saying Permission denied. He's tried to use sudo in the screenshot like million different ways.

Thank god he doesn't know how to use sudo with redirects...

Redirect that crossed my path today

We are required to use corporate SSO for any authenticated internal websites, and one of the features they require you to implement is a "logout" button.

They provide a whole slew of specifications, including size and placement/visibility, etc. They provide an SSO logout URL you must redirect to after you take care of your own application logout tasks.

Makes sense... except the logout URL they provide to serve the actual SSO logout function broke over 3 months ago, and remains non-functional to this day.

Apparently I'm the first person (and perhaps one of the only people) who reported it, and was told "just not to worry about it".

So, we have a standing feature request to provide a button... that doesn't actually work.

Corporate Security - Making your corporation _appear_ more secure every day...

Fucking Square Enix Website is just a huge pile of shit. NOTHING WORKS!

Wanna change your password? Nah sorry an error occured.

Wanna change your username? Nah sorry I'll just show you a loading symbol forever.

Wanna add a game to your collection? Nah sorry the "add" button is on fucking holiday and doesn't do anything.

Wanna change your avatar? Nah sorry I'll just redirect you and don't do anything.

Most amazing part is where you log in, then get redirected to the home page but it still shows the "Log in" button. Then you click on that "Log In" button and wosh! Home page reloads and tada! You're logged in!

Seriously who let this code into production? Also I know that you're using GraphQL now, due to an error message. Thank you!

Fucking bullshit...

Get an email from a client, who has been stringing me along for about 6 months, but ringing me up for advice on tonnes of different shit for free. Basically did his original website but his business model has changed to make his existing site irrelevant. Suggested months back doing a simple one pager as a stop gap with key messages. The bastard said no to that "just take it down for now and redirect to my LinkedIn page". He keeps saying we are getting stuff together and we hope to get together in September. However, yesterday he sends an email "we are getting a student in over the summer (not a Dev or designer or anything). Could you recommend any "web builders" so we can get on with the website in August. By that he means those drag and drop fucking pieces of shit website templates full of wysiwyg editors for creating shit typography. I give them free help and guidance and they think that I'm not going to want to smash him in his fucking face for his last email. The cunt.
I have an idea for 'having the last laugh' but I am open to suggestions from some devRanters, all legal of course.
P.S. I post quite a bit here about shitty clients, but I do have a number of really good clients who value my work and experience and have been with me for many years. It's just some that treat the profession with disdain and that they can easily do it themselves if only they had the time. These fuckers then wonder why their businesses fail.

Oh boy, this is gonna be good:

TL;DR: Digital bailiffs are vulnerable as fuck

So, apparently some debt has come back haunting me, it's a somewhat hefty clai and for the average employee this means a lot, it means a lot to me as well but currently things are looking better so i can pay it jsut like that. However, and this is where it's gonna get good:

The Bailiff sent their first contact by mail, on my company address instead of my personal one (its's important since the debt is on a personal record, not company's) but okay, whatever. So they send me a copy of their court appeal, claiming that "according to our data, you are debtor of this debt". with a URL to their portal with a USERNAME and a PASSWORD in cleartext to the message.
Okay, i thought we were passed sending creds in plaintext to people and use tokenized URL's for initiating a login (siilar to email verification links) but okay! Let's pretend we're a dumbfuck average joe sweating already from the bailiff claims and sweating already by attempting to use the computer for something useful instead of just social media junk, vidya and porn.

So i click on the link (of course with noscript and network graph enabled and general security precautions) and UHOH, already a first red flag: The link redirects to a plain http site with NOT username and password: But other fields called OGM and dossiernumer AND it requires you to fill in your age???
Filling in the received username and password obviously does not work and when inspecting the page... oh boy!

This is a clusterfuck of javascript files that do horrible things, i'm no expert in frontend but nothing from the homebrewn stuff i inspect seems to be proper coding... Okay... Anyways, we keep pretending we're dumbasses and let's move on.

I ask for the seemingly "new" credentials and i receive new credentials again, no tokenized URL. okay.

Now Once i log in i get a horrible looking screen still made in the 90's or early 2000's which just contains: the claimaint, a pie chart in big red for amount unpaid, a box which allows you to write an - i suspect unsanitized - text block input field and... NO DATA! The bailiff STILL cannot show what the documents are as evidence for the claim!

Now we stop being the pretending dumbassery and inspect what's going on: A 'customer portal' that does not redirect to a secure webpage, credentials in plaintext and not even working, and the portal seems to have various calls to various domains i hardly seem to think they can be associated with bailiff operations, but more marketing and such... The portal does not show any of the - required by law - data supporting the claim, and it contains nothing in the user interface showing as such.
The portal is being developed by some company claiming to be "specialized in bailiff software" and oh boy oh boy..they're fucked because...

The GDPR requirements.. .they comply to none of them. And there is no way to request support nor to file a complaint nor to request access to the actual data. No DPO, no dedicated email addresses, nothing.

But this is really the ham: The amount on their portal as claimed debt is completely different from the one they came for today, for the sae benefactor! In Belgium, this is considered illegal and is reason enough to completely make the claim void. the siple reason is that it's unjust for the debtor to assess which amount he has to pay, and obviously bailiffs want to make the people pay the highest amount.

So, i sent the bailiff a business proposal to hire me as an expert to tackle these issues and even sent him a commercial bonus of a reduction of my consultancy fees with the amount of the bailiff claim! Not being sneery or angry, but a polite constructive proposal (which will be entirely to my benefit)

So, basically what i want to say is, when life gives you lemons, use your brain and start making lemonade, and with the rest create fertilizer and whatnot and sent it to the lemonthrower, and make him drink it and tell to you it was "yummy yummy i got my own lemons in my tummy"

So, instead of ranting and being angry and such... i simply sent an email to the bailiff, pointing out various issues (the ones

I took like 3 years to my company to get this huge-ass client to ask us to remake their website (the client is already our client for other purposes).

The old website was hosted on their local machine, behind a proxy that was there for other 30 website servers.

The old website took like 30-40 seconds to load on a browser and had a google score of 3-6/100.

We made the new website in wordpress, since it was basically a blog and managed all of the older links to redirect to the new pages so that SEO wouldn't get affected.

We then asked the previous developers to let their domain redirect to the new one (it was like example.com => ex.example.com and now it's just example.com, so we needed them to make ex.example.com redirect to example.com).

What they did was making a redirection to the 404 page of the new website, making everything go to fuck itself.

Damn this might be the first time I despise other developers, but this move was fucking awful.

I mean, I get it, we stole your big client, but it's not our fault if we made the google score go up to 90/100 in a week just by changing server and CMS.

Scrum master asks how I'm doing and how I'm finding the project I'm working with.

I complain about the lack of documentation and that it kills me (well, kills my brain with increased migraines) due to my Asperger's as I need CLEAR instructions and not ~something~ I need to piece together from asking from 5-10 different people who all know some minor part of the final answer.

"*You* could do the documentation, lankku, while you're figuring it out!"

Just...FML.

And the reason I was trying to find out this one thing related to a completely different repo I have never worked on was because I was trying to write documentation for something totally different that just needs a login redirect from this different repo. <.<

I always use this quick redirect function on my projects:

function go($location){
header("location: ".$location);
}

!rant

I've seen some rants about people complaining about websites using the 'www' subdomain, so I'd like to take this opportunity to try to explain my opinion about why sites might use it.

I use to feel the same way about not having the www subdomain. It felt like an outdated standard that serves no purpose. But I have changed my option...

Sometimes certain servers have other services running other than just the website, such as ssh, ftp, sql, etc., running on different ports. What if you want to use a web proxy and caching service similar to cloudflare or a cdn? We'll you can't, because they won't allow traffic to flow through to your other ports.

That's where the www subdomain comes in. Enable your caching and cdn on your www subdomain, and slap a 301 redirect from your primary domain on port 80 or 443 to the www subdomain. This still allows you to access your other services via the domain name while still gaining the benefits of using a cdn.

Now I know you could use an 'ftp' subdomain or the like, but to each their own in that regard.

Few years ago as a junior android dev with couple years of self taught experience of working in startups I submitted a simple android app assignment for a junior android dev role. Assignment had only like 8 requirements so I followed them to the letter. That didn't end well.

App was simple just 3 screens. Login screen with username and password input fields, login button.

Had to call a login endpoint after login button was clicked, redirecting to home screen, calling items endpoint, displaying a list of items and when an item was clicked passing item data and redirect to item details screen.

Needless to say big swinging dick senior was not impressed. UI was not perfect, I forgot to display a loading animation when fetching data, didnt handle back button properly.

I agreed with some points but other comments were clearly just nitpicking: his preferred variable naming conventions, his opinions on architecture that was not up to his standard (official google arch at the time was not up to his standard).

He also was mad that app wasn't prepared for release to googleplay (another out of the ass requirement). Like I would prepare a 3 screen app for prod release that he will forget ever existed after 20min of his review.

Lots more of nitpicking, encapsulation this encapsulation that, omg now hes shocked that there are a few warnings after the project is built.

Regardless my self confidence was destroyed at that point and after few more negative experiences I dropped android dev alltogether for a couple years and switched to game dev.

After game dev ran its course I went back to android dev and found a supportive place where I could grow.

Looking back, they were actually hiring atleast a mid level for a junior position but I was grilled as a senior. The guy literally didnt wrote any single positive thing in that review about my code even tho my senior peers said my project was decent back then, its just that I didnt handle a few edge cases and that's all.

I looked up the guy in linkedin, turns out hes a uni dropout who posts all books that he red about software dev in his education section of his linkedin profile. Found a bunch of other narcissistic stuff on his profile. Guy was a fucking idiot. Even if I worked under him it would have probably sucked.

Learned some important lessons I guess. Always get a second, 3rd and 4th opinion and dont take criticism too seriously. Always check what kind of person is providing feedback.

So some asshole keeps sending phishing emails to every student and prof in our university and the IT department is too pathetic to block it. They all come from the same email and contain the same text yet they cant filter it and just send warnings not to click it.

Im getting sick of recieving 5 of these a day, i scanned and viewed the page and its just a simple form copying the outlook login page with a redirect to the actual page after submission.

Whats the easiest way to write a script that will spam them with thousands of fake accounts? How can i fuck with these guys?

What the fuck Microsoft !! Your android apps are total piece of shit! Fucking outlook Android app don't have support to view doc file which is created using your shitty Microsoft teams portal.

If I click on that doc file link through my outlook app, you redirect me to chrome.
Ok that's still acceptable. But the real shit starts now. You tell me that your browser isn't supported! Is this fucking joke?? Who in the world develops a website which can't support latest version of Android chrome?
Now that I have installed your shitty Microsoft teams app, it doesn't show up in "open with" options. Clicking on that link is still redirecting to the chrome saying that browser is unsupported.

Also, your shitty Microsoft teams app can't edit fucking doc file. When I click on your Microsoft word icon, You again ask me to install Android app for Microsoft word.
Seriously fuck you Microsoft and your shitty apps!

GIRLS PRANK
Omg I changed her lipstick with one of a slightly different color I'm so random she'll go CrAaAaAzY

BOYS PRANK
Use Tampermonkey to transform your colleague's pc into a chinese botnet and redirect him to some PCC website on every click forever

Yeah long story short that's how my previous firm blocked access to domains hosted by the Chinese government.

What do you do when your redirect doesn’t go where you tell it?

Clearly I’m missing something.

I stepped through the code, following the failure path of Sheogorath’s Recaptcha. It fails as expected, and hits this redirect before doing anything else:

`return redirect_to new_user_session_path`

I verified that this redirects to the “/users/sign_in” path, and it returns so the server doesn’t even try to authenticate the user. It just nopes out as it should to prevent timing attacks.

But somehow instead of doing that and redirecting as it should, it signs the user in and redirects somewhere else entirely: the role select page, which only happens after authenticating an admin user. It never even hits my breakpoint after the recaptcha check! It never authenticates!

I think what I’m missing is my old reality where things made sense.

One of my websites is under a brute attack.

If I were to redirect failed logins to an illegal website (drugs, child pornography, terrorism support, etc...), will the feds come after me? Or will they go after the attacker?

Hey, what really makes me want to download your app is when you redirect me to the download screen of it when I'm in the middle of a task. That's great. Keep doing that.

Spam assassin kills most of the spam I get before I see it. It works pretty well. However, I started getting a fuck ton of spam from some asshole on a Turkey server. You cannot forward spam to the gov anymore so what to do (They use a honeypot. Apparently it doesn't catch everything.)? Well I got the abuse email account address for the server. Then I went into my servers spam filter for the email address I am having issues with. Then I redirect the email to this abuse email address. Then I delete it from the server. This makes it so my email client never sees the message and I automagically notify the abuse account. If the abuse account is owned by the spammer then he is just filling up his own server with shit.

Anybody else have fun or interesting ways with dealing with spam the regular filters don't catch?

You never know pain untill your website redirect is working on edge and not chrome... Yet it's all google hosted...

*Eye twitches*

That moment when you click a Google link at the same time your code finally launches your app ... and you say "Hmmm, how did Google redirect me to localhost:8000?"

Here’s how my Friday night is going:

def signin
if should_not_sign_user_in?(stuff)
return redirect_to :nope
end
# signin logic
end

The guard says I shouldn’t sign the user in. It logs the details of why. I read the logs; they’re all correct. It logs the return value, which is false, and the user gets signed in anyway.

Wat.

There’s a return and a redirect there!

This is only happening on the QA server, too, so something fishy is going on.

Old unused military satellite to make international calls free. Local tv station to leak episodes. 4500 hosts zombie net with autoreplicant bots that scans for vulnerability to populate the net to do distributed denial of service attacks. Jumper on the neighborhood cabin to redirect the school's call for being absent, an older friend pretended to be my father.

What the f*ck Microsoft, you made me go trough whole shitton of troubles just to play a music into microphone so I can play music in VRChat while pulseaudio in Linux can redirect the audio without any hassle. You total piece of shit!

I suggest that .c0m should always redirect to .com

Change my mind.

When writing code that has to be evaluated by a college prof, redirect all the best practices to /dev/null

So let's talk about CNAs, Captive Network Assistants, these downsized browser that open on Smartphones when you try to login to a free wifi which requires you to buy sometging or accept some terms.

I fucking hate them. I'm a web dev which has to deal with these dumbfucks.

Back in the time, there was this dumbfuck who had the idea to capture http requests on network level and response with a redirect to his own landing page. Fuck this guy. Then some dudes had the idea of the CNA as a privacy security feature. A good idea. But also this guys: "hey, let's make them a huge pain to develop for".Fuck them, too. But then came the companies saying: "hey make us a huge SPA with all features we can think of for this fucktard of a browser."

I hate fucking CNAs

Yesterday I helped in a college final project. To be done using PHP and MySQL.

- they were taught to create a login page and when submitted just check the values against username and password from DB table and redirect to a dashboard page. No session created.
- in the dashboard, session is not checked. Shows links to other pages.
- each page is a separate php file
- the app allows users to issue books to customers. They were taught to delete the book from book table and save all the info in issue table, when a book is issued
- when a book is returned, book info is saved in a return table and also saved to book table again and deleted from issue table

I asked this student to change it to the right way, to use sessions and includes. He said that then the lecturer would know, he didn't do the project. It's a diploma level course.

A Client's hotshot webmaster just asked us to provide a JavaScript 301 redirect script for a CMS we don't own/have admin access at all.

"Must be 301 style for SEO benefits... "

So, hows your day going? 🤣🤣

Boss: "You hardcoded the redirect uri in the code (Early on during development and forgot about it, because apple OAuth is a piece of shit), but don't worry I fixed it by hardcoding the uri with the production host into the config file where clearly all settings are fetched from the OS Environment variables at runtime. This will surely fix the problem in staging we have, no need to thank me"

MOBBING DICTIONARY - 2 -

Sentence
(behind the back)
- he/she has no time, don't tell him/her these problems, don't speak with him/her, just speak with me

(explicitly)
- you have no time do this!. Let me/somebody else do it.

Purpose
- cutting the target out from the rest of the team. Redirect all communication in order to shield the target.

Result
He/she will loose the general vision. He/she will not understand anymore what the problems are. He/she will loose relevance and will not be able to manage his/her own time anymore.

He/she is probably working a lot, and doing a lot of effort. He/she will probably know how to use the time, and he/she needs the team to help with task no take the task out of him/her.

He/she will slowly burn out, specially if he/she discover that such things are happening behind his/her back.
The situation will add psychological problems to technical problems. He/she will be crushed to death.

Just did something hackerman-ish! 😎
Since a lot of new iPhones are out after the XR, Apple "removed" the page for iPhone XR and redirect to the /specs page. I tried adding /index.html to the url and tada! :D hahah "I'm in!"

Any other ways I could've gotten to this page? I was going to try the sitemap and the web archive.

Back from the dead with more vaguely-obscure technical bullshit

Working on a chatbot for my BS-CS. Almost done with college, so the assignment is to make a bot that recommends you a CS career. Cool.

I get through making a joint personality and skill-interest quiz that gives you number grades on different spectra. So far, so good. But this project has to be done entirely in pandorabots' online editor. So no scripting. Zero scripting. 100% markup language. That means to even do math, you need to copy a standard library off GitHub.

I mean, that's fine and all, but the syntax is just atrocious, because everything in AIML is input->response. If you ask the bot "what is 5+5?" you must have it go:

- recognize pattern WHAT IS * + *
-> redirect -> XADD * XS *
-> do math -> recurse result
-> 10

uncomfy. Plus, variables can only be accessed through <get> and <set> tags. But mangeable.

So here's where the story becomes a rant.

In the standard docs, there's all these math functions, and they work. There's also logic.

And then there's this fucker
XIF [ * ] XS [ * ]
Which has no documentation and just doesn't work. No idea what the brackets mean. Tried putting in TRUE, tried putting in true math statements (5 XEQ 5), tried putting in recursion tags to trick it, tried everything. It just ignores it.
There is not a single comment, stackOverflow post, or youtube video that even acknowledges the existence of this thing.

So unless I want to convert the entire logic of my program into nested SWITCH statements with the <condition> tag, I'm just fucked.

The icing on the cake is, I go to tech support on Pandorabots to ask for help with this. What do they have except a chatbot to cheerfully tell me that no humans are around to help me right now?

gonna have to build an entire fuckin turing machine in markup tags to calculate whether x = 3

(:

About 5 years ago I worked at a small company developing websites and .NET applications.

They haven't changed any passwords which means, I still have access to ALL of their customers DNS setups.

Of course I wouldn't do anything.

But just the thought, that I could make an infinite loop, by redirecting the domains, is amazing.

Or redirecting them to a porn site.

When you're web scraping and the site suddenly redirect their url to their second site so your codes becomes useless.

Our Joomla-based site just got a redesign. The developer who did it did something wrong. Articles no longer are attached to their parent categories and are now all referenced at the root level in URLs.

I pulled up the 404 log and now see that some website or bot or whatever is hitting up each category for each article, which screws with our SEO 404 report in Google Search Console.

Which means I have to find a way to programmatically redirect every article within every category "up" a level to the root where each article is now found.

And I have no way of knowing which article belongs to which category anymore. Even if I did, a test shows that articles attached to categories still want to come up at the root level, not in their categories.

Joomla is G.A.R.B.A.G.E.

I used to work in a Tech Support department where everybody was constantly pranking each other.

In one of the iterations of such events one of the guys actually forked the source of a login page, in one instance of the app that was running in a VM, and edited the code so it would redirect the user to a lemon party'ish website.

It was quite an upgrade to the old M.O. where people would just email themselves messages with seemingly bureaucratic call to actions containing hyperlinks to the same lemon party'ish websites.

And the most direct approach, which is to type those directly into one's browser if the laptop is left unattended & unlocked due to a trip to the toilet.

I deployed one of our staging websites to a free plan because the site is rarely used. Project Manager sends the stakeholders the new url. There will be a lot of 🤦‍♀️🤦‍♂️🤦 all around. Some of it’s my fault. A lot of it is just WTF.

Stakeholder: We still need the staging site because we don’t want to test in the live site…

PM: Okay. We didn’t say we were deleting the site. We are just moving it to a new and better hosting platform, so we’re letting you know the url has changed.

Stakeholder: This url is for the front facing page. How do I access the backend? [they mean the admin interface]

Me: The only thing that’s changed is the url for the staging website. So domain-A/account is now domain-B/account.

I thought that was a pretty straightforward way of explaining things, that even a non technical person would get it. They took the /account example as the literal login url.

Stakeholder: I forgot the password for our admin login and I submitted a password reset, but I realize I don’t know if I have access to the admin email. Or if it’s even a real email account.

WTF

I look back at the email chain and I realize that I gave the PM the wrong url.

Also, WTF x 2. How did this stakeholder not realize they were looking at the wrong website?? There are definitely noticeable style and content differences. And why would you have an admin login that uses a fake email??

Me: My apologies. I sent over the incorrect url. My instructions are mostly the same. All that’s changed is the domain.

Stakeholder’s assistant: [DMs me] How do we access the backend?

WTF…are they seriously playing this game and demanding I type out the url for them?! 🤬 I’m not playing this game and I just copy and paste the example that I already sent over.

They figure it out eventually. Apparently, they never used /account to login before They used /admin/index… but that would still bring them to /account, but with ?redirect=/admin/index appended to the url if they weren’t logged in. Again, WTF.

I know I made mistakes in this whole thing, but damn. I can’t even. I’m pretty sure this whole incident is fueling my boss’s push to stop supporting this particular website anymore so I can focus on sites that actually bring in revenue…and have stakeholders that aren’t looney and condescending like this.

For all the cheap-ass sys admins:
I wouldn’t pay 100$ a year to apple just to have push notifications when my server fucks up or an user fill my support form but I want to know that in real time but I have iPhone(forget about FCM).

So I downloaded pushbullet to my phone and integrated its API in my server and when something important happen I get completely free notification which (thanks to url schemes in ios) redirect me to my server administration app.

Note: I used xamarin for my management app to be ready for the moment when I switch back to android.

This literally happened in my current team, and I'm not even an experienced dev yet.
Incident happened like this :
Our team is working on a RCP based on eclipse plugins, which has a headless mode and a GUI mode. Now, in the GUI mode, my manager cum architect thought there are no need of user log files (long story) because the user can see the info on screen, whereas in the headless mode, she wanted me to print the logs onto the console and a log file as well.
Now it just so happened that our team had got a recent addition as a replacement to our lead developer (she left the company) who claimed she had 3 years of expertise and a masters degree, and she was assigned a task. The task was to format a custom file we were generating out of the product (basically dumping info in a file) in a human-readable format. Miss new-addition-masters-degree decided it would be a very good idea to redirect the standard java output stream to a file output stream ( which she used for generating the formatted file ) but somehow never realized that she needed to reset the output stream back to standard output.
Consequences were devastating. I wrote the logic for the logger ( yes, apparently any available logging mechanism won't do it, again, long story ) and had it printing to a file in tmp directory. The logs seemed to be working fine initially but after a few logs, specifically from the point where the formatter started working, all the logs got printed in the formatted file. And this file was supposed to be used by our clients to develop something on top of it. Naturally, I got the heat of it and then naturally, worried and nervous and curious and in a frenzied state of mind, I started debugging.
When I got to the actual fault, I seriously could not decide whether to cry or laugh or call up miss masters and scream at her. I decided to ask her about what the hell she had written and her answer was most of it was written by the developer she replaced, so she didn't know it would cause this much problem. Anyway, I fixed the leak after that and averted the catastrophe.
And that, fellow devs, is the story of how I solved a crisis in my first year at corporate.

414 rants since your last visit,

Alright devrant, here we go.

> client adds a home button to the subdomain
> asks to add a feature from which user can come to the homepage of subdomain
> naturally, add "/" in the href of the home
> client gets frenzy
> "that home button was supposed to redirect users to the main domain"
> I'm like wtf bro
> anyways adds another home button to redirect to the home of the subdomain.

now let's see how confused the users get

So, it's been a while since I've been working on my current project and I've never had the "luck" to touch the legacy project wrote in PHP, until this week when I got my first issue.

And damn, this goddamn issue. It was a bug, a very strange bug, that only happens in production and that nobody has any idea what was happening, so yeah, I didn't have anyone to ask and I got less time than usual ( because Thanksgiving ).

And thus, I have no starting point, no previous knowledge on PHP and less time! I expected a very fun week 😀 and it was beyond my expectations.

First I tried to understand what might be causing the issue, but there wasn't any real clue to star with, so no choice, time to read the flow on the code and see what are they're doing and using ( 1k line files, yay, legacy ). Luckily I got some clues, we're using a cookie and a php session variable for the session, ok, let's star with the session variable. Where it's that been initialize ? Well, spoiler alert, I shouldn't start with that, because my search end up in the login method of the API that set a that variable and for some reason in the front end app it was always false and that lead me to think that some of the new backend functions were failing, but after checking the logs I got no luck.

Ok, maybe the cookie it's the issue, I should try open the previous website on the brow...redirect to new project login, What? Why ? I ask around and it's a new feature push on Monday, ok I got Chrome Dev tools I can see which value of the cookie it's been set and THERE IT WAS it has a wrong domain! After 2 days ( I resume a lot of my pain ) I got what I've been looking for, so now I should be able to fix the bug. Then where is the cookie initialized ? In the first file the server hits whenever you tried to enter any page of the app, ok, I found the method, but it's using a function that process the domain and sets it correctly? wtf ? Then how in heaven do I get the incorrect domain ? Hello? Ok, relax, you still have one more day to fix this, let's take it easy.

Then, at the end of the Wednesday, nope I still have no clue how this is happening. I talked with the Devops guy and he explain me how this redirection happens and with what it depends on, I followed the PHP code through and nothing, everything should works fine, sigh. Ok I still have 2 days, because I'm not from US and I'm not in US, so I still have time, but the Sprint is messed up already, so whatever I'm gonna had done this bug anyhow.

Thursday ! I got sick, yay, what else could happen this week. Somehow I managed to work a little and star thinking in what external issue could affect the processing, maybe the redirection was bringing a wrong direction, let's talk with the Devops guy again, and he answer me that the redirection it was being made by PHP code, IN A FILE THAT DOESN'T EXIST IN THE REPOSITORY, amazing, it's just amazing. Then he explained me why this file might be missing and how it's the deployment of this app ( btw the Devops guy it's really cool and I will invite him a beer ) . After that I checked the file and I see a random session_star in the first line of the code, without any configuration, eureka ! There was the cause and I only need to ask someone If that line it's necessary anymore, but oh they're on holiday, damn, well I'll wait till Monday to ask them. But once and for all that bug was done for ! 🎉

What do I learn ? PHP and that I don't want any more tickets of PHP 😆.

I just remembered that 2 years ago I found an open-redirect vulnerability in one of Google's old pages.

I decided to not submit it to Google because it's too much effort (even though I knew they pay for these things) and told about it to a friend who deals with these things.

I was SO. DAMN. STUPID.

Webdev, I should send a form to a site that gets the results and redirects back to the webpage that stands in an invisible form data (very weird!).
Okay, I did...
When I was finished the site didn't redirect to the URL I gave in the form, instead it showed parts(!) of the webpage's HTML.
Okay, I was a little bit surprised and mailed the dev of this weird thing. He answered with this:
"In this Internet thingy, you know, URLs start with 'http://', it's the newest shit!"
Holy shit! Is he serious!? Who the heck programmes such a site that needs a 'http://' in the beginning? (Does this guy know about https?)
And why, why!?, did it show contents of the target URL's site if you give it one without http!?

I, I will go now and get a mild tea, yeah...

Accepted a freelance job. Fairly simple, just need Apache to redirect domainA.tld to domainB.tld but the address bar on the browser would still read domainA.tld. Based on the job posting, nothing else is needed after that.

At first, he didn't want to hire me because of my race. The previous person, the same race as me, fucked up his CPANEL (so he says). But I assured him that I can help.

I completed the job but then he said he also wanted domainB.tld to redirect to domainA.tld. I don't think he understood the concept of a redirect. On top of that, he wanted it to be a *permanent* (301) redirect.

I wish I had the power to punch someone on the Internet.

Welp, who wants to see my first website? tiny.cc/copo
It was made almost entirely during english class, for blocked games. It's the most hits I've ever got one a site I've made. But the best part? I achieved my goal: respect from the teachers. And why did they respect me? *Because it got blocked*. Yup, across the entire county (our county is one of the top five in the USA for schools I believe). We, as the students, found a way around the teacher's technological control, and finally got some technological freedom. Just a small story.
P.S. not named by me, and sorry bout that JS redirect. I redesigned it while I was supposed to be writing about the theme but the original is couchpotato not cppremium. I can't change it now but I'll change it later. I trust you guys know how to stop it without me changing it though :)

This asshole is out of his fucking mind if he thinks I am going to waste my Friday night waiting around to update a URL on the employee intranet.

News flash if it’s a tool people use everyday they have it bookmarked. No uses the fucking employee intranet because it’s old and it sucks.

You get a list of the users and email them telling them of the update if you are too dumb to figure out a redirect.

Google documentation sucks!

Lack of practical examples. They show us very simple example like clicking on button and then straight away redirect to API docs.
Wait, let me at least understand how things fit in together.

Me: Hey google where is step by step guide, at least for setup?
Google: We don't do that here!

Me: You decided some records in system A should be obsolete, but the records are tied to active user accounts on the website. Now, I have users emailing and asking why their profile’s last name field says “shell record - do not use.”

Stakeholder: Oh…can’t you stop those profiles from loading? Or redirect the users to the right record in system A? In system A, we set up a relationship between the shell record and the active one.

Me: 😵 Um, no and no. If I stop a user’s profile from on the website, that’s just going to cause more confusion. And the only way to identify those shell record is to look at the last name field, a text field, for that shell record wording. Also, the website uses an API to query data from system A by user id. Whatever record relationship you established isn’t reflected in the vendor’s API. The website can’t get the right record from system A if it doesn’t have the right user id.

I love tracking down the source of a redirect!

5 hours later....

Modifying .htaccess for WordPress multisite so that my custom url(slug) will redirect to wp-login for security reasons.
It is like performing a neuro surgery where the slightest of mistake will get u paralyzed.
I have already reached a vegetative state..
I wonder what more damage I could do? FML.

Bruh, imagine paying taxes for a site that literally throws a cryptic error message, instead of telling you "Page not found", because those retards literally redirect to /Account/Login after successfully logging in.

Even better, most people here are don't understand English well enough to understand what is going on.

And I pretty much doubt an admin has been informed...

This weeks question fits me well, as I am still unsure about the full details of how the fuck this all came together and was about to just rant about it anyway.

Ever since this companies network equipment and cabling has been updated, a lot of vital tools went down and bug out every now and then, at seemingly random times.

The codebase is a horrible mess to begin with and random things execute at random times and at random places spread all over different resources that get random hooks from random physical values etc.

Turns out (or at least what it so far seems like) all of them somehow sync their clock and other variables based on how many (valid-?) requests it gets per measured time and similar oddities, so when the network equipment got updated, that meant that multiple processes now could reach each other much faster and therefore threw off thousands of values and internal clocks.

There's a total of like 600 systems that are all "separate" from each other but all need to communicate in-sync for the production chain to properly work. Thankfully I didn't sign anything yet, so might actually just redirect them to somebody else, I am not ready to age 20 years, even for the amount that would pay.

Literally redirect domain name to heroku app.

To the reactjs-centered fucks who develop the popular web component viewing software called storybook: have you ever heard about semver?
89 alpha/beta/rc releases for a minor update 6.3 -> 6.4 with "100's of fixes and enhancements" "in preparation of the HUGE 7.0 release". Gee I wonder will it have 1000's of bugfixes? How bug-ridden is this software?
Every minor upgrade since 5.x is backwards-incompatible and requires a day of frustration finding out in how many more fucking NPM packages you split your codebase just because it's cool. I know move fast and break things, but some of us have other things to do than resolving node_modules incompatibilities you know. "No just hit 'npx sb upgrade' you say". I did, I really did! And the browser showed a blank screen of death with tons of cryptic React errors, it really did! Thank God you abstracted away all your dependencies in that sb command, now you can't even read the docs about what could have gone wrong with a specific sub-package. You have @storybook/html but the docs redirect to React pages, so good luck if you use something else

This is so sad... like.. the IDEA of storybook is great. But why did faith put the capacity to develop such a tool into the hands of people who think the world centers around React and JSX.. HTML should have been the default, and then you build on top of that for your fav framework, not the other way around

I'm confused... where am I supposed to be going again?

if (userInfo.isAdmin) {
return (<Redirect to="/my" />);
}

if (userInfo.isSuperUser) {
return (<Redirect to="/my" />);
}

return (<Redirect to="/my" />);

From today, I'm gonna post infrequent-devLogs of the project i am currently doing, I have been thinking about it the past couple of months, and I am finally moving it into action!

I wish writing devLogs will make me to finish the project, at least a working prototype.

It is a C# block coding application that is made in 100% C# that generates human-readable C# code for C# begineers.

If you want to follow me along, make sure to subscribe to my rants by going to my Profile (cozyplanes) > More icon in top right > Subscribe

All devLogs posted directly via devRant API integration from CZedit, a simple edit program for geeks

=========================

devLog #0 - Block coding in C#

Done:
- Made the console output to redirect to textbox
- Ability to save output to external storage

WIP:
Compile C# code directly at runtime with Roslyn

Notes:
open-source??

I'm thinking about creating a central login system for all my websites, where you get redirected to and then login/sign up and then be redirect back. A bit like oAuth.

I have a few websites (and more in development) that use a login system, so that could be really useful to have... Especially because all of them are built from scratch and have their pros and cons. And security wise it's easier to concentrate on one system instead of all of them.

Another benefit is that you save some DB space, if you have lots of users!
And of course the users benefit from it as they'll be able to use all my websites with a single account.

What do you think about it?
I'll still need to do a bit of research on security but other than that, I only see benefits!

My workplace is still using xml based configuration, and non-spring boot projects.

So every spring boot tutorial I find feels like "Look at how easy you can get this running" and then it's just actually a toy you can't get into production.

Also it kind of bugs me that you need to be online to actually be able to initialize/create a spring boot project and every single tutorial says so.
You can make a local network m2 repository, but can one make a spring initializer service?

Either way, migrating every single project to Spring boot is a no-no,

And I'm stuck with like 5 prototypes of SSO integration from which only 2 work, and the other 3 have their own problems.

One does redirect to the login and all, but the SAML endpoint gets 404 on response when you log in.

One is on OpenID Connect, but I would need to update the project from Spring 3 to Spring 5 to get it working, which upon attempting to do seems to break everything else.

One has an external library handling the security context just the way we are accustomed to, but it only does a 401 forbidden when you go without logging in and I'm starting to think it is actually one of those that require you to extract the token or something manual like that, which wouldn't work for us

The other two are spring boot tutorials that worked out of the box, both SAML and OpenID, still can't use those for the main projects.

I'm tired of dealing with this configuration hell, been two months at this, I want to get features done as usual, not be stuck configuring stuff that might or might not work.

Rant aside, I think I figured I need to use a different Security adapter, but I needed to vent.

!rant but wondering,
this time I did not get my self blocked out of my server lol
But I have set up nginx to receive url then redirect to another server, my question is:

I ran tracert on the url but it ended on the nginx server, is there a way I can find out if my nginx IP is forwarding?

I have a webservice on server z, and nginx on server x, tracert end at server x, so does dev tools in chrome/firefox they show host ip header as server x. Is there a way where I can trace my call to server x if it is forwarded to another server?

I know I'm forwarding it, but if someone wants to know, can they?

!rant

I don't know if we already had a weekly rant about petty revenge or anything, but I did just pull some petty bullshit maybe 30 minutes ago.

A couple people I know are trying to start a clothing brand (think I posted something about it on here before) and asked me to build the website cause one of them found out I write code. (Well, he asked if I was good with computers and I told him that I am, and he basically said "you're building our website then")

Basically these people are..not good people. One of them has a history of sexually harassing girls (some of which are really close friends of mine), the other one is basically following in his footsteps. They also like to go to the parking lot of an elementary school (the one that my little sister goes to actually) and get high.

Both of them have fucked me over at some point in the few years I've known them. And so now my silent indirect petty revenge begins. Earlier I bought the domain name for the online store they're trying to (make me) build. Considering having the site redirect to a gay porn site.

One of them is currently getting into shit having to do with drugs, which is not my doing, but I can probably find a way to get them into trouble. Especially the fact that they're doing drugs in the parking lot of an elementary school. That shit's just fucked up, no exceptions.

Anyone have any suggestions for shit I could do to them?

!rant

Anyone here experienced with Route53?

I have a small issue I'm trying to think through on how to achieve with minimum effort and maintenance, essentially set once and walk away and never care about it again solution.

Basically what I have is:

sub.domain.com

and I need to get it to redirect over to

otherdomain.com/folderToGetTo/

Using a 301 would be ideal but how for the life of me do I go about serving a 301 redirect over a dns entry - short answer is I can't unless I'm missing something!

Both domains are owned by the same company so no issue in hijacking a subdomain... well besides internal politics but that's just another day 😏

First thoughts include setting up a S3 bucket with hosting and forcing the dns to that and then, redirect out of the bucket... seems overkill but will work.

Hoping to find a smaller solution that I don't have to justify a S3 bucket being used for a single file - audits suck alright🤷‍♂️

Oh and setting up a redirect at the originating domain will take longer then it's worth to setup and get approvals for so not worth the effort internally.

Yes I will accept "fuck off @C0D4" as an answer.

I feel like crying because I couldn't configure ERPNext on windows (Virtual Box). Damn thing showed this error "Already Registered, There were problems" and redirect me to homepage.

Hate this when there are no error codes or no proper documentation.

Tried every possible solution in past 4~5 hours. I'll sleep

OK.... I don't mind ads but when I'm on a mobile device n you just redirect without opening a new window...

You leave me no choice... You just earned 100% IP level blocking.

The old method of how to deal with semi close friends needing support still works:
1) Redirect their call to voice mail.
2) If the mention computer problems, ignore them for now.
3) Call back in at least 4 hours. By then, they've probably solved it using Google.

(Why "semi close friends"? Because if they're close, I take their calls and if they're not close, I'm not their free support service. And if they're close and want a lot of free labour, they'll soon find themselves distant.)

it was the last time i used PHP for an school project. i and an other group decided to make an website. it was luck that no input was required. Because i already knew PHP and HTML i need to help them. the code they made was the cause i quit php. the site only worked after an redirect. it was irony that tje code looked like it was written from a junkey and the theme was drugs.

"hey, write us a simple interface for this shell script.."
script:
- input must be a file, does not accept loading through stdin/redirect
- accepts relative path input from one specific directory only
- fails if provided absolute path
- even though it fails, it still returns return code 0

and every time we've tried to open up a topic of programming practices we got slammed with "we're ops. you should be glad they're doing at least some scripting"

Am I missing something here? Lets Encrypt auto renews SSL every 90 days....BUT it will fail if you have .htaccess re-direct set up to https. So you would have to switch off the https redirect, manually renew, then switch it back on again. Thats fucking crazy. I can’t find a way round this. The hosting co set this up but are encouraging people to buy one of theirs when the renewal fails. a cunning plot to get more of their own SSLs. Any ideas?

Request for internal service

FW takes request

FW NATs request to external / WAN IP

Other FW (different location) gets request

DNS redirect for whole domain
"data-zone: *.*.*.org redirect"

Via DNS redirect request goes to LB

LB sends request to other LB

LB send request to NGINX server

NGINX resolves via Host header

And now you get a TLS handshake error somewhere in the travel of the request...

The level of fucked: my arse can take the Eiffeltower horizontal.

Hey, privacy guys, I've recently decided to switch to DDG, and I just came across this DDG browser addon. It promises things like
"block all the hidden trackers", which is what AdBlock can also do, "force sites to use an encrypted connection", which makes no sense since most websites using https will redirect to https automatically, "Search Privately", which is already supported by them without installing the add-on, and "Decode Privacy Policies" which is the only feature that seems to be useful. Should I use it?

i might not have ssh access to live instances but i can redirect live traffic to test instances and debug my shit there!

... no but i really do that

>finally gets around to installing vsftpd on home server RPi
>doesn't work
hmm.mp2
>configurating
>confusing as fuck template documentation
>man page isn't much better
>gets it working
>goes to log in
User: pi
Password: a
(What? It's a home file/command server isolated from the Internet. Sue me.)
nope.avi
>why
>tries again
nope.svg
>FUCK
>sees small raw-command log in bottom-right of phone FTP client
hmm.flac
>tries again, watches log
PASS *****
>the fuck
>goes to change user pass over SSH
# passwd
"Current password?"
about half a second later
"passwd: auth token manipulation denied"
>the delay tho
>WAIT A SECOND
one time i got past some parental software bullshit on a tablet by abusing the delay between opening a banned app and the redirect to the normal software at like age 7. (Doing so let me enable remote wipe through Google. bye bye software!)
>*inner 7 year old has autistic screech*
# nano temp
a
abcdefghi
abcdefghi
^O Y ^X
# passwd < temp
>fucking works
>logs in to FTP server successfully
>does the one file download that was needed

why and how did that fucking work

Logging into my schools blackboard using selenium is only redirected on school WiFi

Outside school WiFi I go directly to the site. But on the school WiFi it pauses on a redirect page with a link that loops back to the redirect when grabbed by selenium And selenium fails

Fucking hell

fuck the overengineered bulshit that ZF2 is... fuck crappy mvc in web, fuck shitty design, tuck events, fuck 'security feature' that obfuscates the fucking redirect login/logout urls fuck not having your full link, but just the path everywhere, fuck whitelabeling, fuck somebody's sister, fuck me and fuck you....

Google's Testmysite is piece of shit.

Tested website got 6-7 sec, then built Mobile page and set redirection for mobile users.

Tested Mobile page got around 3-4 sec then tested homepage (which just redirect Mobile user to mobile page) it got fcking 6-7 seconds

FCK you Google, page redirection should not be considered in YOUR FCKING speedtest.

I hope there's a special kind of hell for project leaders / execs that make the decision to take down the documentation for older versions of a software.

I know we should have upgraded a long time ago, but come on. I have no clue what's going on now, and not much to go on either! All the documentation links in the configurations just redirect to the project's github repo, and I sure as hell am not going to read the whole source code just to find the possible logic behind the issue!

Ugh... Days like this frustrate me so much...

Every once in a while, I find myself having to redirect both stdout and stderr to a file (or to stdout) in bash. Every time I have to Google it.

Let me rant! I don’t usually do this but this is just frustrating and draining. Please tell me if im wrong. We have authentication that needs to be refactored. I was assigned on this issue. Im a junior btw. I also attached an image of my proposals. The issue of the old way of our signup process is that when validation fails they will keep on accepting the TaC (terms and conditions) and on our create method we have the validation and creating the user. Basically if User.create(user_params) create else throw invalid end. (Imma take a photo later and show it you)which needs to be refactored. So I created a proposal 1. On my first proposal I could create a middleware to check if the body is correct or valid if its valid show the TaCs and if they accept thats the moment the user is created. There is also additional delete user because DoE told me that we dont need middlewares we have before and after hooks! (I wanted to puke here clearly he doesn’t understand the request and response cycle and separation of concerns) anyway, so if middleware is not accepted then i have to delete the user if they dont accept the TaCs. Proposal 2. If they dont want me to touch the create method i could just show the TaCs and if they dont accept then redirect if they do then show form and do the sign process.

This whats weird (weird because he has a lot of experience and has master or phd) he proposes to create a method called validate (this method is in the same controller as the create, i think hes thinking about hooks) call it first and if it fails then response with error and dont save user, heres the a weird part again he wants me to manually check on each entity. Like User.find_by_email(bs@g.com) something like that and on my mind wtf. Isnt it the same as User.create(user_params) because this will return false if paras are invalid?? (I might be wrong here)

This is not the first time though He proposes solutions that are complex, inefficient, unmaintainable. And i think he doesnt understand ruby on rails or webdev in particular. This the first time i complained or I never complained because im thinking im just a junior and he hs more experience and has a higher degree. This is mot the case here though. I guess not all person who has a higher degree are right. To all self thought and bachelors im telling you not all people who went to prestige university and has a higher degree are correct and right all the time. Anyway ill continue later and do what he says. Let me know if im wrong please. Thanks

Bug Report:
Collab link posted in Rants doesn't redirect to Collab posts.

Clicked on a apple podcast linked in Gmail on iPhone, which sent me on a redirect journey through time and space, by the time I am back to reality, peace has been restored in Narnia.

Dumb question time!
I'm writing a bash script that outputs some progress info to stdout (stuff like "Doing this... ok", "Doing that... ok") before outputing a list of names (to stdout too).

I'd like to be able to pipe this list of names to a second script for processing, by doing a simple :
~$ script1 | script2

Unfortunately, as you may have guessed, the progress info is piped as well, and is not displayed on the screen.
Is it considered a bad practice to redirect that progress info to stderr so it is not sent into the pipe ?

Is there any "design pattern" for this kind of usecase, where you want to be able to choose what to display and what to pipe to a program that accepts input from stdin ?

So today I thought to polish things on a former colleagues code. I noticed he wrote JavaScript inside PHP file to redirect header to another URL. I don't know what the fuck he was thinking. Why didn't he used PHP Header to redirect the URL why JavaScript?

I'm not the product manager. I'm not the leader. I'm not even in a lot of meetings. Why my colleagues ask me about product/development decisions?

I appreciate they about wanting to know my opinion, but when they come in a rush it is a bit stressful.

And I am not paid for that.

It might sound about selfish, but the reality is I am not one of those roles (and my salary neither) to avoid exactly this.

Whatever.

At least I can redirect them and not lead with the sublaying reasons of the doubts.

Visual Studio Code is a joke.
it's always auto update but always fail and then delete itself.
When i ask what happened or post a discussion on the official site they close it and send /redirect it to fucking different issue like changing language code or adding extension while the real issue about auto update failure is ignored or discarded/deleted/closed without solving anything

I need help to share this to everyone until they fix this shitty perfomance

ps: i always need to redownload that fucking visual studio code everytime it has update

Ever mistype a 301 redirect?

In an object/dictionary/map config object where multiple source paths are mapped to destinations, which structure makes more sense to you (and why)?

1. { "src/path.ext": "dest/path.ext" }
2. { "dest/path.ext": "src/path.ext" }

Could also be a URI redirect map

I recently received a text to a sketchy URL. In my curiosity I tried to see if I could get the source code from said URL without actually going there directly.

My first attempt I did this with apitester.com, a website that is intended for testing APIs but comes in handy for a quick URL test and seeing what gets returned. Next, I tried an official website dedicated to telling me if a site is sketchy. Finally, I tried to CURL the url with a variety of different headers. Alas, all these attempts gave me nothing. I know if I clicked on this link through my Phone it would definitely direct me to a sketchy website, but I just can't for the life of me figure out how their backend is setup to know what is a real request and what is not.

My Question is this; what is the potential stack setup that this person could be using that would disallow anyone from testing the URL and force them to redirect to google and any real request to redirect to the actual website?

Getting the angular interceptor working the way I want has proven to be a pain for me. I try to update an auth token, which returns a promise that has to be transformed to an observable again. based on that, redirect to a login page, in case of 401. But nothing works! Either infinite page reload because of the login() promise function of the auth provider or no reaction at all after a router redirect. 😤

I have a question regarding file redirects 2>&1 and 1>&2. I know that file descriptor 1 is std o/p and 2 is std error and that we're redirecting one file descriptor to another.

But why do we do it? What are their use cases? Wouldn't the file to which redirection is setup get too clunky?
Analysis of the file would also become a bit difficult. And wouldn't having errors stored in a separate file make it easier to interpret and fix them?

I like to teach sites that don't escape HTML/js in input fields a lesson, and put in a redirect. Where would you redirect them?

I tend to go SFW, like redirecting to a competitor or the NSA.

When your redirect url passed as get parameter to 'secure' the login you pass bade64 envoded string with path, length and (salted) md5 hash ....

why God why you secure a redirect you do 302 to on success

A friend asked me a few days ago if I could maybe be interested in making their small company a website and accompanying CMS, because none of the out-of-the-box solutions seem to suit their needs. I agreed to think about it - at least let's see what the requirements are and so on, and see if I could and should do it or maybe redirect and point them to a better direction. Always help a friend in need is my motto. And to clarify, with these people I can be sure they're not considering this a friend favor (i.e. doing something for free, or for really cheap), but these people tend to be willing to pay relatively well.

But to the question: I've never done freelance work on this field - I have absolutely no idea how to evaluate the value of my work, e.g. how much should I ask? And what are the things I should take into account and think of differently versus being on full-time payroll in some company?

I despise news sites that redirect you to the mobile homepage instead of just showing you the article you actually clicked on

Trying to explain to (a more experienced) dev why it's not a god idea to do a exec( php '/var/www/xxx >> /dev/null) and then redirect the visitor.

The script is running a query that take some time and he want's to redirect the visitor and then fetch the result with jquery.

Tried to explain parent and child processes and pointed him in the direction with pipes and bakground process. After some discussion about forking and all the cons with that.

yes its PHP ;)

Gonna be exiting to see his next idea :S

I spent hours setting up Laravel Valet on Ubuntu (virtual hosts with a custom TLD) e.g myproject.dev

I just found out why it was not working. Because fucking Google bought 100+ domains in the .dev gTLD and added them in Google Chrome Hosts as well. Now they redirect the url automatically to HTTPS.

Any ideas on a new test development TLD?
I was thinking .fuckgoogle but that's too long

Just read that if you try to access stackoverflow.com/admin.php it will redirect you to a funny youtube vid

So i just learned aws elastic beanstalk (EBS, ECS, ALB, EC2, Amplify, S3, RDS, SQS)

Essentially i learned how to operate with aws to deploy a full stack web application with custom backend i built, with security and jwt token, certificate manager, ssl/tls to set up https and redirect from http, and react/angular/nextjs on frontend

All with custom CI/CD pipelines docker and other devops shit

But i still feel like im missing on A Lot of stuff regarding aws. I havent worked with Fargate for example and dont know how it works or when to use it, but i heard other devs use it

Can someone list me a number of things i as a dev should know more regarding aws?

It's 2022 and web browsers are still unable to unfollow redirects.

If I open some URL in a new tab and it redirects me to /503.html or similar due to some server errors (which is bad design to begin with), there is no way to see which URL was redirected from. The "back" (←) navigation button is greyed out, so there is nowhere to go back to.

One might open a new tab to look at it later without realizing it redirected to an error page. Then one opens it, sees /503.html, and has forgotten which article one was going to read.

Only on the mobile edition of Chrome/Chromium, switching between desktop and mobile view unfollows the redirect. But on Firefox mobile, Chrome/Chromium-based desktop, and Firefox desktop, there is no way to know which URL redirected me there.

Which ons is less risky and which one Is most profitable to succeed ?

0- telling the admin you forgot your password and as he's logging in, sniff his password (you already placed sslstrip)

1- gain access to router using its vulnerabilities and redirect the traffic to a fake page and get the password.

2- exploiting smb port of admin's system and placing a krylogger or stealing his cookies if available

3- brute forcing admin password :/

4- pressing forgot password on admin account and staying close to him and sniff the SMS containing the otp using rtl-sdr (and of course you will be prompted to set a new password)

5- any other way .

Also the website itself is almost secure.
It is using iis 8.5 and windows server 2012
Only open ports are 80 and 443.

Oh god I just experienced the horrors of returning 301....

Thank god it's not on production yet...

I have a windows vps with a server that I want to protect from DDoS and hide from outside world. Is there a way by using PHP IIS webserver on another vps to somehow whitelist ips or redirect only clean traffic to my windows vps?

This had just happened, I was trying to increase the default timeout of an nginx running in a container for a proxy pass and always got a 504-gateway timeout response. I was setting proxy_connect_timeout, proxy_send_timeout, proxy_read_timeout, send_timeout, keepalive_timeout, etc. and nothing worked, after two hours of adding and removing lines of configuration (and waiting 1 minute for every time I tried a request), then I realized I have a local nginx for redirect server names to local ports (the container), that nginx was the one that actually responds with the 504 error, after that I tried a request with the port of the container ALL WORKED!!!!

Fucking hate to explain basic shit to computer illiterate. Usually I don't mind, but right know I working on the project, want to automate one thing I need to do every morning, put two numbers to web page(I will explain details maybe in next rant). So I am only one who fix, buys computers, printer(for some problems I call for other repair man.). Generally speaking working as IT guy. Firm has like 50 computers, some of them has SCADA software. Some computers have Win 7, some win 8 and others win 10, can't upgrade those computers, not enough money(I can deal with this problem). And yes, computer buying is not the fastest, easiest thing too. Because is public firm, I need to do public buying(I don't know how to translate to english), and most of the time wins the lowest price, I am ok with that. But I can't on item specification write I want that model pc or it components. Example: I can't write I want intel processor, however I can write number of cores, frequency. But it's not that bad, usually i have template for all things I buy. One of the worst thing is this, our firm bought new bookkeeping software version, old version was using visual foxpro framework. Good thing I didn't initiate the purchase, because right know I would be jobless, not because I would be fired, but because our senior accountant would drive me crazy. In fact accountants drive me crazy, but I can handle it for now. As I wrote before our form has about 120 workers, major part of workers are old, like my parents age. (I am 28 btw. Mom is 55.). As you all know what happens if you say you work with computers. So our accountants are like 60 years old, got new program, don't know how to work with it, and they ask me how to do certain things. if I don't know how to I ask program's support, every question is like 90 Eur. So in short accountants expect I should know their work and how program works. If I try say something they don't like, they try to make my day hard. Next thing is our billing program. Man that worked before me done some payments import. And when I came everyone expect me to do that. Ok I did that because that people working with billing program would probably fuck it up. And I semi automated that, so I don't mind that much. Sometimes that program fucks up, like it happened yesterday, it send email invoices attachment without filename. Example: people got this attachment ".pdf"(no filename, only extension), And if you save it you need do OPEN WITH command and then select pdf reader or rename file (I don't know what easier). And surprise surprise our firm, customer support redirects all phone calls, emails to me. But I did explain to customer support what to say to people. Still they redirect it to me.
PS: This is my first job after school. I work as part time.
TL;DR Thinking my life, carrier choices. accountants are not the nicest people.

Is there a cloud service that does nothing but redirect incoming HTTP requests to your home server without the need to have a static IP or an open TCP port ? Sort of like proxy

Our lead frontend dev insists on using <select> as a dropdown for a language switcher in the navbar of a website and then make the page redirect to the localized url using the onChange event with JS.

Am I wrong thinking that's just really, really dumb, or am I just dumb?

Its fixed. Your welcome.

Don’t ask me to do something and then complain because it takes too long and then redirect me on six other tickets.

I am a tank that will crush problems no matter how long it takes and still do your other six tickets.

Was debugging a php project (for a friend) the header(location) wasn't working for some reason, and I didn't want to go through his 1000 lines of code to see where the trouble was, so I just inserted JavaScript to redirect the page to a location he wanted.

Now he thinks I'm a genius😂😂

I've gotten started with web dev in the past and learned HTML and CSS and started learning JS but I never could understand what I could use for a code editor to practice and pretty much forgot all of that stuff. Now I'm trying to learn Python, but what's pissing me off is paying for a phone app that doesn't teach you to write code in these lessons, rather interactive multiple choice questions and "put this in the right order". sequences. This is not learning for me, this is informing. Which is info I don't retain. And If i'm paying for it why is there so little to these lessons? Barely covering anything. I've done every lesson Mimo had for python but it didn't really explain the practicality of what it was teaching me and they skipped a lot of shit. Changing the pace of the lesson from Print this and that and heavily explain the most basic stuff 3x over to only explaining the more advanced stuff one fucking time.

I would really like learning python while being walked through a project as a lesson. Teach the terminology, structure, application, process, rinse and repeat, and outcome all in one. With a project target to look forward to. I need a goal to keep my interest.

So far all I know about python is its a programming language used to create Youtube. And I'm trying to learn it because I keep reading that its the recommended starting line. But I need to be able to visualize what this code can be used for. Explanations in terminology I haven't been taught yet just frustrates me. And I read everyone's posts and see many people mention being frustrated, but I haven't even started coding yet. Feel free to comment and redirect me to page that can help. Links are appreciated. Nay, encouraged!

JS/HTML QUESTION:

I wanna create a html page wich redirect us into a certain website and execute Javascript on the new website opened.

So i should use window.open i think, but how do i like execute js on this website after opened?

No, sorry you can't get a torrent link of the new version of the torrent client. But, we're happy to redirect you to our website and then reopen that client once we're done.