when you had to maintain some stranger's shitty codebase, and you couldn't resist looking up his name on LinkedIn, then you found his profile which says he is a Rockstar coder

is this just me or someone also wants saving rant image feature?

RFC 6068: The 'mailto' URI is suppose to use commas to separate email addresses.

Outlook: Fuck you and your specification I want semicolons unless the user's regional settings has a comma specified as a list seperator.

How I find most "modern" JavaScript frameworks

If only there were some previous example of a mouse with a cord in a more convenient spot Apple could've used as a reference...

At least you don't need a mouse to commit, push and stare at devRant😅.

Can someone help me settle an argument with a coworker?

So let's say there is a REST interface that returns a PDF representation of an resource...but it requires the authorization header in order to authorize that you have access to the document in question.

And let's say there is a link on the page that redirects to this endpoint to serve up the document. He thinks you can add a header to the HTTP request that goes out when you click on the link (a regular old anchor tag) with onclick without making an xhr call.

I told him that you would have to use an xhr call to add headers, and that even then you would receive a byte stream back, which without using a blob and an object url or a data uri you wouldn't be able to display it in a new tab or start a download.

Regardless he went on to tell me I was wrong. The next day he said he had done it. I asked him to show me, and he said "oh it's at home", and then proceeded to ridicule me in front of my architect. He always pulls this one up's man ship bullshit and I hate it. And I am pretty sure he's wrong.

Just spent 6-8 hours or so trying to get image uploading to work with sending messages with firebase. Finally completed it.

Disclaimer: this might not make the most sense as I am completely drained mentally.

The issue was that I wasn't calling the send message method inside the upload image method. Meaning the images would upload but before I would be able to get the Uri back from firebase to put in the hashmap for the messages, the message hashmap would already be sent.

It was a pain in the ass to do. But 5 windows and 40 tabs later, then some doc reading. Then a quick break to eat. And some more stressing about my code. I finally realized that I should have just called the send message inside the incomplete listener in the image upload.

TLDR;
"uploadImage(), sendMessage()"= no Uri; :(
"UploadImage() { sendMessage() } = Uri" :)

PS: Yes, this is me talking to myself on my other account

Ranting to the wife about 3rd party API authors and how they have broken them from time to time.

On any given URI, it should give me a certain image, some give me a simple error string "Error downloading file" - nothing I can do to fix on my side, the error indicates they were not able to retrieve from their sources.

W: you should check the settings! *... series of unusual suggestions follow*.

Me: Yes, dear. Good ideas.

horrible terrorist attack in Uri, Kashmir.
may the jawans rest in peace 🙏
enough is enough.
time for change ✊

Boss: "You hardcoded the redirect uri in the code (Early on during development and forgot about it, because apple OAuth is a piece of shit), but don't worry I fixed it by hardcoding the uri with the production host into the config file where clearly all settings are fetched from the OS Environment variables at runtime. This will surely fix the problem in staging we have, no need to thank me"

a contract designer came in usually one hour late with headphone on playing b-box music, who took a nap on his desk almost everyday before his contract ended. later, he took on a creative director gig in another startup

Oh no.
CalDAV server and client use the same DB table. Server expects a column to be called uri, client expects column to be called url.
FFFFUUUUUU

I'm a fucking IMBECIL
Was working on some phalcon stuff and I just couldn't figure out why the fucking router wasn't working. Been looking for at least an hour and then it turns out I rewrote the URL to index.php?uri=.. instead of index.php?_url=...

ARGRGGHHGHHG

REST apis. More than you think it is.

Just because you can access a resource by a uri, doesn't mean you have a good api.

Hypermedia that shit and let websites reuse your links from api responses, then we are getting somewhere.

Also, Fucking api versioning.. Learned the hard way that /v1/ doesn't mean Shit in most cases

!rant && isSorry = true
this aint StackOverFlow but I need a tiny help here, I'm receiving data result from an API that is formatted as x-www-form-urlencoded, do I add a valid url at the beginning and use URI parser in Android or is there some other solution for it?

Sample of the result I'm receiving:

repositoryId=TEST&response.gatewayCode=BASIC_VERIFICATION_SUCCESSFUL&result=SUCCESS&sourceOfFunds.provided.card.brand=MASTERCARD

The dangers of PHP eval()

Yup. "Scary, you better make use of include instead" — I read all the time everywhere. I want to hear good case scenarios and feel safe with it.

I use the eval() method as a good resource to build custom website modules written in PHP which are stored and retrieved back from a database. I ENSURED IS SAFE AND CAN ONLY BE ALTERED THROUGH PRIVILEGED USERS. THERE. I SAID IT. You could as well develop a malicious module and share it to be used on the same application, but this application is just for my use at the moment so I don't wanna worry more or I'll become bald.

I had to take out my fear and confront it in front of you guys. If i had to count every single time somebody mentions on Stack Overflow or the comments over PHP documentation about the dangers of using eval I'd quit already.

Tell me if I'm wrong: in a safe environment and trustworthy piece of code is it OK to execute eval('?>'.$pieceOfCode); ... Right?

The reason I store code on the database is because I create/edit modules on the web editor itself.

I use my own coded layers to authenticate a privileged user: A single way to grant access to admin functions through a unique authentication tunnel granting so privileged user to access the editor or send API requests, custom htaccess rules to protect all filesystem behind the domain root path, a custom URI controller + SSL. All this should do the trick to safely use the damn eval(), is that right?!

Unless malicious code is found on the code stored prior to its evaluation.

But FFS, in such scenario, why not better fuck up the framework filesystem instead? Is one password closer than the database.

I will need therapy after this. I swear.

If 'eval is evil' (as it appears in the suggested tags for this post) how can we ensure that third party code is ever trustworthy without even looking at it? This happens already with chrome extensions, or even phone apps a long time after reaching to millions of devices.

Facepalm Monday...
My collegue denies to provide breaking changes in our login API in a separate version to the other teams depending on it.

What is the reason for his stubborn rejection?
It's scrum. We haven't planned the effort for realising a versioning concept for our API.
Let's build it in the next sprint as a part of live deployment strategy.

The point he miss is that the ProductOwner wants his API change deployed during the next sprint.
Additionally, it is best practice, having a compatible, deployable product after each sprint, without any risks.
Furthermore, another best practice to provide your API is one URI without a version part holding the current development of the API. And URIs with a version part in it to keep a specific request/response structure and behavior.

What really grind my gears are sayings like 'if the other teams had well programmed their software, modifying our API won't have any effect on them'

C'mon dude. That's far from reality, as anybody knows.

I can't accept, we provide unprofessional API builds, as he is going to do.

So, i have to spend my time and energy to change his mind, together with other software-architects, planning the big thing API-Gateway *sigh*

Uri vs Actual File path 😤

My worst habit(?) is probably loving to "waste" time, making api uri builders.
so I can chain a couple of methods instead of just typing out an uri :p

Spending an hour trying to post via postman with no success and realize that a fucking backslash was missing from the end of Uri

I wish it was :
"URIs don't change, people change"
Original quote by Tim Berner Lee
(correct me if I am wrong)

Stumbled to this page while reading Django URL dispatchers...

Why produce an XML document with a space in the middle of the uri?

In an object/dictionary/map config object where multiple source paths are mapped to destinations, which structure makes more sense to you (and why)?

1. { "src/path.ext": "dest/path.ext" }
2. { "dest/path.ext": "src/path.ext" }

Could also be a URI redirect map

Sometimes people want to be too smart. If you want to consume a handful different restful API, it might make sense to abstract away some common functionality in your client implementation — yet to assume they follow the same convention in how their URI is built is borderline insane.

All I wanted to do was to change one API to a newer version, and now the implementation breaks for at least two other because it was done in an Abstract class and now I have to untangle that mess.

In some cases code duplication wouldn't be that bad. Even if an otherwise unrelated API seemingly share the same contract, still assume it has its own contract. You never know how those API evolve and I proclaim they will evolve towards breaking your assumptions.

I was casually browsing some issues for a project on github, and I certainly across an issue where someone wanted support for for URI handling (there's a good reason for his request).

I was bored, and I just wrote a script to do exactly that. I'm gonna polish it on Sunday, and then upload it, (plus add a PR).

When you need proxy,
Connecting to Amazon S3
---
config.setProxyHost(URI);
config.setProxyPort(8080);
AmazonS3 s3 = new AmazonS3Client(Credentials, config);
---
So easy.
We need to move out amazon and start using google cloud storage.
---

Can't seem to find API Documentation for it.

Saw that they are using HttpURLConnection.

Fvck! They are not even reading proxy information set via System Environment Variables!

Help! Stuck on it for 3 days already.
.°(ಗдಗ。)°.

Never disturb a programmer in heat !

.
.
.
.
.
[RIP to all the lives lost in Uri and NYC.
this planet has no place for terrorism.]

I hate when I visit a new web framework's site and see documentation that promotes HTML tags like this:
<input type='text' name='foo' value='{{val}}' />

If you don't know enough about which quotes you should use and why... I have no faith in the quality of your software solution.

Implementing a third-party link shortner:

link.performance=-400ms; link.privacyFactor=-10;
link.ownership=externalProvider;

Keep hyperlinks in-house. Keep ’em fast. Fight the good fight.

I'm hurtling down the Dunning Kruger slope in Rust datastructure design. The orchidlang crate has a struct that attempts to wrap and replicate a slice for no reason other than to attach some domain-specific methods and a custom Display implementation. I came up with 4 different representations for a file URI as provided by the language client. The most recent one holds a singular string in an Arc. I know that these are bad ideas but I don't know why I keep coming up with them.

One of those debugging days where minutes feel like hours, and hours like days.

I had the bad luck of being asked to dive into a legacy project which was unmaintained for months, but of course it's still on prod. And very suddenly the urgent need arrises to change stuff.

Yet: the docker stack won't work. It builds fine but the stack crashes.

Long story short: some internal api URI were renamed and at some point one internal api started to always require an access token. Which we set for the stage, prod env yet somebody forgot to mention that to the devs of legacy-project.

That ain't too bad.

WHAT IS FUCKING BAD IS THAT YOUR SHITTY APP SWALLOWS THE ERROR MESSAGE!

I mean it's bad enough I have to `var_dump && die` your app since you never bothered to setup a xdebug that I could use out of the box, yet egregious fact that your app would catch a valid exception but transforms it into an "internal warning" is borderline insane!

It's ok to throw exceptions. It's ok to let your service die. That's how other will know what and where to fix it. (You may want to restrict the data visible to the outside, but that's a whole different conversation.)

Anyone have any info about unconventional ways to inject JavaScript into an external website? I'm trying to become more knowledgeable about security vulnerabilities in the web apps I build and I've been having a lot of fun trying this stuff out in other live sites haha. I've tried adding js code to text boxes, input fields, and the uri but nothing has been successful. I read something about modifying cookies I think...

BRINGS ADVENTURE IN LIFE

<!-- start of xyzAwesome widget-->
<DIV class = outerWRAPPER >
<DIV id=specialContainer class="small">
<DIV CLASS= "extra-large">
<DIV class="inner_wrapper blue">
What do you mean my code sucks?
</span>
</span>
</div></span>
<!-- end of sub container -->

OpenSource is fun they said. I being a bored teen thought, ah, another chance to experiment. Discover something new. Now I am into piracy, movies, music, software. If I can get it for free I ain't paying for it. So I went on to GitHub to see what exciting new Repos I could contribute to. I hate already implemented plenty of algorithms in GO for GitHub.com/TheAlgorithms so I was looking something more practical, more beneficial to society. Then I saw it, the perfect repo, not too complex and not amateur. SpotDL/spotify-downloader for downloading songs from Spotify, a grey area coz it's technically piracy. Well not from Spotify, we fetch the info from the Spotify API and search for the songs on YouTubeMusic. They were just about to release v3, a complete rewrite of the codebase stressing code readability and stuff. I spend about a day studying the codebase, trying to findout just where I could make my contribution. I can see outright that there's a huge problem with implementation.

First of all the script spawns 4 processes for downloading songs though you might be downloading only one song. Which means for everytime you run the script you have to wait for 4 other processes to be spawned before any downloading can happen. Sure this is faster when you are downloading more than like 4 songs, but it's actually slower when downloading a single song. But I ignored that coz I assumed that most users download playlists and albums. Anyway we talked with the like lead developer and he was all like, make those PRs anytime you feel like. So I made a really minor first contribution.

I introduced download from Spotify URI functionality, modified like 10 lines of code. I was half expecting that the PR would be merged within hours at most 24 hours coz of how minor of a contribution it was, 5 days in it was pending. So I tagged the lead Dev and he was all appreciative of the PR, calling it real 'clean code' and stuff. 3 more days, the PR is still not merged. I have now stacked 4 more commits to the same PR, I tag the dev and he's like he's waiting to see if my 'feature' will get atleast 10 upvotes so that it can be merged, he links an issue. I go to the issue and my feature is not there, So 11 days after I made my PR I have to write a comment explaining the 'feature' introduced in my PR and then wait for 10 upvotes.

I was like f**k this, I'll just develop on my fork if you want the features on my fork, you will make your own PR! I am so done with OpenSource, development is slow. I have no idea how you guys do it. I can't handle development where I don't have write access.

Uri Josef Drucker - Information
Uri Josef Drucker, nicknamed Uri Drucker, or just Drucker is an entrepreneur with many years of experience across different markets.

Drucker formed a company in 1984, producing a range of women’s hygiene products, employing over 100 staff. The products were distributed across Israel and Europe. The company was sold with a successful exit in the 1990’s.

Uri Josef Drucker produced, printed, and distributed a newspaper called ‘The Main Issue’ for 10 years. The paper focused on regional municipal and environmental issues and was successfully sold in 2015 and is still printing to this day. The production was based in Kiryat Tivon, near Haifa, Israel.

Uri Drucker has been living in Kiryat Tivon for many years and was born as Uri Josef Drucker in the city of Haifa, Israel.
Drucker was also a political candidate for the local elections in Kiryat Tivon in 2018. During the race, Drucker connected to many people in his town and managed to increase his great ability of listening to others and giving satisfying solutions to common issues. Although he did not win the local elections, Uri Drucker continues giving to his community until this day.

If you want to learn more about Uri Josef Drucker, you should also visit Uri Josef Drucker's social media profile pages. The links to Drucker’s social media profiles are listed at the bottom of this page.

Also, you can feel free to message Drucker in his various profile pages and please be sure to follow him or add him as your friend on Social media. Connect with Drucker and send him a message for any questions, inquiries, or just to chat.

It’s very important to state that Uri Josef Drucker can be found online in many different social media websites and he will do his best to answer you in each and every single one, so connect to him on your favorite network

Take into account that this website profile is solely dedicated to Uri Josef Drucker, but he does not manage it personally and it might take him time to respond.

Please note that Uri Drucker is not responsible for creating this profile and we can not guarantee that Uri Josef Drucker will indeed reply here. If you want Uri Drucker to contact you back, please visit some of his other profile pages that represent Uri Josef Drucker and try to contact him there, as if he doesn’t answer in one profile, he will surely answer in another one.
Drucker has over 50 social media profiles in order to satisfy different people that use different websites.

Got first hands-on on Core 1.1

I don't get keycloak. Anyone who has experience with it, please help.

We have what I would think is a common setup: a kubernetes cluster with a Spring boot api-gateway and keycloak as oauth2-provider.

The api-gateway needs an issuer-uri to keycloak for endpoint discovery, i.e. to configure a bunch of endpoints to keykloak for different purposes.

The two main purposes are: 1. to redirect the user to keycloak (must be an url reachable from outside the cluster, i.e. ingress) 2. to authenticate tokens directly with keycloak from within the cluster.

Keycloak can be configured to set some of these discovery endpoints to different values. Specifically it makes a separation between backfacing (system calls in cluster) and frontfacing (user call from browser) urls All seems good.

However, when using this setup, each time spring security authenticates a token against keycloak it says the "issuer" is invalid. This is because the issuer is the host on which the token was generated. This host was the one in the url which the user was redirected to i.e. the ingress.

It feels like there is no way around this except running keycloak outside the Kubernetes cluster, but surely there must be a way to run keycloak in the same cluster. What else is the purpose of keycloak having the concept of back- and frontfacing urls?