@AleCx04 Sorry, that was pretty rambling. But more or less sums up my feelings. It’s not for everyone or every app. But it works fine when needed.

@AleCx04 Honestly, I feel like it’s in a pretty good place at the moment. I haven’t played with Rust, so I can’t speak to whether that works better.

There are still some missing events that can cause a headache at times. And the need to call StateHasChanged seems sometimes arbitrary. But overall it seems in a good place for what I’m doing.

I’m writing a scheduling app with it right now, and with a bit of Tailwind and some hot keys, it feels pretty much like a native desktop application.

I don’t know of any security issues with it. Doesn’t mean they couldn’t exist, but I’m not aware of any.

I sometimes miss ViewData from RazorPages for stuff like the page title. But ReactiveUI with a singleton view model takes care of stuff like that. (Just don’t use Reactive UI’s ReactiveComponentLayoutBase; it has a bug which makes it become slower and slower as the app runs. ReactiveComponentBase is fine.)

@olezhka Oh I misunderstood you. They are hosting the ERP only. What we’re developing is a completely separate application which needs to interact with the ERP via the ERP’s REST API. We’re hosting the application. He was trying to tell me that I need to rewrite our project “in ASP.NET”.

@olezhka Yeah, they’re hosting our ERP instance and do some customization development on the ERP. Good to know, thanks for the info. I wasn’t sure what he was referring to by just “ASP.NET”, and any questions I asked were simply ignored.

@CoreFusionX All good, the context wasn’t clear here. And a third party trying to tell us to rewrite our project in a different framework (or… the same one, in this case?) is odd enough to create confusion.

@CoreFusionX Thanks for the advice. Sorry, I was kinda piggybacking off my last rant and didn’t make the context here clear. This is not a senior at our company. This is a third party who is hosting our ERP, and who we paid over $9k just to get access to talk to this guy, with the promise he’d be able to modify our ERP instance to get us API access.

@vintprox ugh… Maintaining our own layer to proxy the requests seems to be the common theme here, so I think that’s the direction I’ll move in. I hate having that extra possible point of failure, but at this point I’m not sure there’s much else I can do. Thanks for your input!

@localpost And it’s for sure meant to be used in a browser. Even the official ERP client is a web app running in the browser.

@localpost Yes. Correct. It’s a setup I think is really dumb, but it’s not my call. However, we were told they would do whatever they needed to for us to get API access. We paid… well. I’m not sure I’m allowed to say exactly how much. But over $9k USD to get access to *talk to* this guy who needed me to explain to him what CORS is.

And these are per-user credentials. The server returns an ASP.NET authorization cookie.

@localpost Hmm yeah I’m thinking more and more maybe I need to just reverse proxy it so I can get around CORS. I have a proxy set up and it works fine. I just don’t like having to do that when the ERP developer officially recommends allowing the origin in CORS.

But maybe that’s the way to go. Thank you!

@Hazarth This is the official API. The ERP developer specifically recommends allowing any origin in order to hit the API. The people I’m struggling with here is the partner/vendor hosting the instance for us. (Note, this is a dedicated instance. Not one they use for all their customers.) And this is an actual browser level application. Not electron.

And my preflight request that’s being blocked.

Maybe just hitting a reverse proxy is the way to go. Just sucks having to maintain an extra piece ourselves, and being unable to even get through to them what I’m suggesting happen.

@Nihil75 I don’t think you understand what’s going on here at all. My app is rubbing on https://localhost:7283. When I try to hit https://api.com, CORS blocks the origin localhost. Nothing to do with calling localhost.

@cmarshall10450 No. I’m just attempting to hit the API directly. I can fire up a reverse proxy myself and forward requests that way, but the REST API is supposed to be configured to allow localhost, according to the ERP documentation. Or rather, they recommend allowing any origin. Do you mind elaborating a little more on why that wouldn’t make sense to you? I’m open to the idea that there’s a better way.

@hack Thank you!!! That’s what I’m trying to tell them. Their “Senior Tech” literally asked me “what is CORS?” when I brought this up. And yet, not understanding why the issue even is, they tell me up and down that I don’t know what I’m talking about to the point that I’m starting to doubt myself.

@asgs well sure I can disable CORS. But eventually more of our users will be using this app. And they shouldn’t all have to do that.

This is for testing and development purposes.

The issue is that I can’t even get through to them that CORS needs configured. They literally needed me to explain to them what CORS is, yet claim that can’t possibly be the issue. Even though the error clearly says CORS blocked the request.

@C0D4 You may be right, but IMO it looks almost more like someone using Bootstrap's grid system and wrapping one element in an extra column.

Another fun thing I'm running into through all this is that their paging controls break. Repeatedly. Every couple pages, they just stop working, forcing me to reload the page and lose all my filters, etc. But hey, they can save us a little bit per year in processing fees. (The savings are peanuts compared to what this is costing us in man-hours of hassle and headaches.)

@neeno As far as the tier list goes, I don't know what video you're talking about but it sounds like it could actually be great as a joke, and not to be taken seriously.

@mossad Haha it's one of our users. This is just how he is.

@Demolishun It's almost that bad. Last time this happened, his password was a street address and then a "0" after it. He thought we could fix the problem by just making the "0" a "1" instead. Because the phishers definitely won't try THAT when his password stops working...

@Oktokolo Oh I'm aware, I can only hope it'll make it harder for him to screw things up. I also have no intention of helping him save the password; if he ever needs it he can come to me for it. Honestly I'm surprised he hasn't been fired long ago. Nobody likes him, including the company owner. But unfortunately it's not my call. *shrugs*

@N00bPancakes Let me know when that system goes live, I'll sign our company up for it!

On the plus side, this incident *just so* tipped the scales for me to convince management we need to turn on 2FA. Just so. It was still embarrassingly close.

@SortOfTested That said, we are scheduled to replace our Windows-only ERP next year. So at that point...... Hoooo boy *rubs hands*

@SortOfTested It's not for dev. We do require Windows at the org. But unfortunately the decision to go with Surfaces was made before I started here. But yes, we've got several users with cracked screens, etc.

@sheriffderek Understand what, exactly? Again, I think you're maybe missing the point here.

@sheriffderek Ha I ain't linking to anything outside this community. I've got no interest in the train of people finding my SO > GitHub > Twitter and so forth. I think you kinda missed the point of the rant anyway.

@trivia

Don't have time to read the whole convo here, but I'd for sure get rid of the images if you didn't already. Other than that, looks pretty cool!

@NoMad Oh gosh. I just randomly logged in after not having used devRant in forever. I can't do this again 😅