#dev | Logs for 2017-06-06
« return
[00:01:40] <Bytram> If there is a 'conflict' as to whether an id, a class, or an element name should be selected, assuming all are specified at the same level, the id will win out over a conflicting class, which will, in turn, win out over a conflicting style for an element.
[00:06:29] <Bytram> and for an excellent explanation, with examples, of specificity, see: https://css-tricks.com
[00:07:55] <Bytram> Compared to PJ and TMB, I'm still getting started, but just getting so far as to really understand and internalize the forgoing made understanding the rest of the selectors and ways to apply them make sense.
[00:08:45] <Bytram> Lastly, I apologize if I misunderstood what you wrote and you already grok all this... if nothing else, it helped ME to better understand how it all pulls together.
[00:08:49] <Bytram> break time
[00:12:34] <TheMightyBuzzard> FatPhil, Bytram, I think in this case it'd be the least amount of effort to change #123456 to #c123456
[00:13:19] <TheMightyBuzzard> it may be redundant but it will be the least likely adjustment to break anything
[00:15:20] <TheMightyBuzzard> FatPhil, if you're going to be doing more than a couple pull requests we should get you set up with a staff login and dev perms so you can test stuff out without having to have wait on me or pj
[00:17:30] <Bytram> in general, I agree, but would prefer something more descriptive... seeing as c1233456 could be viewed as a valid hex number, for example. better would be: #cid_123456
[00:18:15] <Bytram> and... I second TMB's suggestion about your getting set up with all the gee gaws and doo dads of developerdom here on SN.
[00:19:02] <TheMightyBuzzard> i've done the stuff before to set someone up on dev but only the once so it'll take a bit
[00:19:23] <Bytram> hmmm
[00:20:01] * TheMightyBuzzard reads the toddler in barbie jeep story and cackles
[00:20:36] * Bytram has FB blocked in many incantations in his HOSTS file... cannot view video.
[00:21:26] <Bytram> TheMightyBuzzard: FYI, I thought so... FP already has 100 level privs on https://dev.soylentnews.org
[00:21:46] <Bytram> I suspect he might already have some things set up on dev!
[00:22:22] * Bytram needs to take a break, make supper, and other stuff... biab
[00:22:35] <Bytram> oh, and I've been pondering since it was first mentioned...
[00:23:38] <Bytram> I cannot in ANY way, think of how changing '&' to '&s;' in a URL can cause a problem... if anything, it serves to shortcut the browser from trying to find out if there might be a named character entity (NCE) that followed a 'naked' ampersand.
[00:25:23] <TheMightyBuzzard> Bytram, all eds have that
[00:25:36] <Bytram> IOW: changing '&' to '&' in a URI -- should always be a good thing... and should help a page get processed a tiny tad faster, as welll.
[00:26:07] <Bytram> ahh, okay.
[00:26:21] <TheMightyBuzzard> Bytram, how about &x1f4a9; ? how should a browser parse that and do all of them parse it the same?
[00:27:02] <TheMightyBuzzard> not to mention rtl marks and diacritics and lookalike letters
[00:27:11] <Bytram> it will create the translated glyph '&' and follow that with the glyphs for 'x1f4a9;'
[00:27:27] <TheMightyBuzzard> look again
[00:27:42] <Bytram> Ima browser...
[00:27:49] <Bytram> I see '&'...
[00:27:51] <TheMightyBuzzard> two passes of the parser would produce the poo glyph without an ampersand at all
[00:27:54] <Bytram> ahh, what is THIS?
[00:28:22] <Bytram> party poo-per
[00:28:33] <Bytram> yeah, I see what you are doing there, but...
[00:28:58] <Bytram> we should NOT be redundantly / recursively interpretting URIs...
[00:29:07] <Bytram> there be dragons, or turtles, all the way down.
[00:29:16] <TheMightyBuzzard> which is why we don't allow many unicode glyphs or any entities in user supplied urls
[00:29:40] <Bytram> yep
[00:29:44] <TheMightyBuzzard> Bytram, WE have nothing to do with if a browser properly parses a url or how many times it does.
[00:30:18] <Bytram> are you talking about browser bugs?
[00:30:20] <TheMightyBuzzard> and i very much desire that we not be an attack vector for jack or shit.
[00:30:27] <Bytram> agreed.
[00:30:35] <Bytram> on not being an attack vector.
[00:30:43] <TheMightyBuzzard> not just that, browsers following the standard and the standard being flawed.
[00:31:02] <Bytram> if the browser reads your proposed URI and comes up with a poop emoji, I believe that means there is a bug in the browser.
[00:31:03] <TheMightyBuzzard> the unicode standard lets you put 500 diacritics on a letter if you want.
[00:31:11] <Bytram> yes, I am aware.
[00:31:19] <Bytram> we short-circuit that at 5 or 6, IIRC
[00:31:21] <TheMightyBuzzard> i consider that a flaw.
[00:31:22] <TheMightyBuzzard> nod nod
[00:31:28] <Bytram> I tested that =)
[00:31:58] <TheMightyBuzzard> legal or not, i don't want anyone getting funky with the cheeze whiz and using us to do so.
[00:32:56] <Bytram> it was not so much all the particular instances of things that I tested, but the various 'strata' of where things were presented in what ways, and were they self-consistent at that strata, and would/could they lead to misinterpretation at upper or lower strata of translation.
[00:33:07] <Bytram> ~grab TheMightyBuzzard
[00:33:11] <Bytram> !grab TheMightyBuzzard
[00:33:11] <Bender> Added quote 9
[00:33:49] <Bytram> I've been chewing on the possible interactions for a couple days now
[00:34:15] <Bytram> still cannot think of an 'attack vector' with that.
[00:34:48] <TheMightyBuzzard> attack ain't specifically necessary. nuisance would be plenty.
[00:34:59] <Bytram> if anything, putting out a URI with a 'naked' ampersand is, to me, even MORE prone to being manipulated than if we ALWAYS convert a bare '7' to '&' on input.
[00:35:10] <Bytram> s/7/&/
[00:35:48] <TheMightyBuzzard> nah, i'd prefer not allowing entities at all now that most everything supports unicode.
[00:36:00] <TheMightyBuzzard> they're a relic of a bygone era
[00:36:45] <Bytram> newer browsers support unicode, NCEs are still supported in older browsers where unicode might not be.
[00:37:10] <Bytram> think Lynx or some other text-mode browser.
[00:37:18] <Bytram> okay... I *really* need to get some food... thanks for the chat, I'll continue to ponder, and I'll be biab
[00:37:22] <Bytram> Oh
[00:37:36] <Bytram> and sorry to hear about the coffee withdrawals... those suck!!
[00:37:43] <Bytram> hope you're feeling better SOOOOOON!!!!
[00:37:47] <Bytram> afk
[00:37:53] <TheMightyBuzzard> lynx supports unicode. you'd have to go older than ie6 to find one that doesn't.
[00:37:58] <TheMightyBuzzard> yar
[00:52:19] <Bytram> I was talking about lynx.exe on windows -- text only output in a cmd.exe window.
[00:52:45] <Bytram> and, btw, my prior comments were strictly wrt an '&' appearing in a URI.
[00:53:53] <Bytram> on input, IIUC, we save it in the DB as '&' and when we retrieve it to display it on the site, it translates to a literal '&' glyph...
[01:53:27] -!- MrPlow has quit [Quit: Powered by Rust.]
[01:53:39] -!- MrPlow [MrPlow!MrPlow@Soylent/BotArmy] has joined #dev
[01:53:40] -!- MrPlow has quit [Changing host]
[01:53:40] -!- MrPlow [MrPlow!MrPlow@nsa.gov] has joined #dev
[01:57:01] -!- MrPlow has quit [Read error: Connection reset by peer]
[01:58:06] -!- MrPlow [MrPlow!MrPlow@Soylent/BotArmy] has joined #dev
[01:58:06] -!- MrPlow has quit [Changing host]
[01:58:06] -!- MrPlow [MrPlow!MrPlow@nsa.gov] has joined #dev
[09:05:58] -!- MrPlow has quit [Quit: Powered by Rust.]
[09:11:32] <FatPhil> regarding c$CID or cid_$CID, I still think I prefer just using the comment_$CID which already exists on great-greeat-grandparent, and scrapping the id on the h4 itself.
[09:12:14] <FatPhil> However, I'll not look at that today, I'll go back to the original & cleanup, as there's still loads of them dotted around the place.
[09:12:38] -!- MrPlow [MrPlow!MrPlow@Soylent/BotArmy] has joined #dev
[09:12:38] -!- MrPlow has quit [Changing host]
[09:12:38] -!- MrPlow [MrPlow!MrPlow@nsa.gov] has joined #dev
[09:14:32] <TheMightyBuzzard> FatPhil, would need testing. might have issues with collapsed states.
[09:16:56] <FatPhil> moving into a descendent I can imagine having the potential to go weird, but not moving it into such an ancestor.
[09:44:39] <FatPhil> where's the source for the "Featured Articles"? There is some broken html in that block (href's without quotes around the urls)
[09:46:26] <FatPhil> home fixing chores aren't properly complete until you've glued yourself to the kitchen table.
[09:47:36] <TheMightyBuzzard> oh, that's in an loaded-from-the-db template i believe
[09:48:26] <TheMightyBuzzard> a lot of the sidebar stuff doesn't exist as source since it's going to be site-specific
[09:48:58] <FatPhil> ok
[09:51:17] <FatPhil> Can someone with DB access fix those URLs, then?
[09:51:56] <TheMightyBuzzard> bytram can fix those bits on both prod and dev if you catch him when he has time. so can i but i'd bugger something up right now as evidenced by it taking me two days to write a twelve line pull request.
[09:52:12] <TheMightyBuzzard> or i can give you admin access on dev and you can fix em
[09:52:53] <TheMightyBuzzard> just web admin access for the moment. no ssh or anything cause i really don't wanna break our dns for the whole site trying to do it without caffeine.
[09:53:33] <FatPhil> I'm a firm believer in the use of the lowest possible privileges
[09:53:59] <TheMightyBuzzard> it's just dev privs. you break that it's no biggie.
[09:54:24] <TheMightyBuzzard> okay, now where do we put those...
[09:54:41] <TheMightyBuzzard> CONFIG->Blocks
[09:55:28] <TheMightyBuzzard> if you can't find what you're looking for in there i dunno.
[09:56:25] <TheMightyBuzzard> need nicotine
[11:12:25] <FatPhil> where's the web admin ingress?
[11:18:11] <TheMightyBuzzard> FatPhil, top of the page
[11:18:20] <TheMightyBuzzard> not a link, a bar at the top
[11:18:38] <TheMightyBuzzard> just adds more options to the one editors get
[11:20:16] <FatPhil> ah, OK, that requires logging in, which requires remembering my password...
[11:22:27] * TheMightyBuzzard chuckles
[11:22:41] <TheMightyBuzzard> can change it for you if that presents a serious problem
[11:25:53] <FatPhil> getting one mailed to me (but there's a greylist on my server)
[11:28:21] <FatPhil> Is there documentation for the 'story' data structure anywhere?
[11:31:50] <FatPhil> as there's more barfing from teh validator at : <input type="checkbox" id="more_17/03/20/1435250" class="story_more" autoco
[11:32:02] <FatPhil> character "/" is not allowed in the value of attribute "ID"
[11:32:32] <FatPhil> <input type="checkbox" id="more_[% story.sid %]" class="story_...
[11:45:29] <TheMightyBuzzard> FatPhil, no, not really. we could modify the value for rendering purposes but taking the slash out of story.sid is not an option.
[11:46:26] <TheMightyBuzzard> i could do a Data::Dumper of an example $story but there's no documentation aside from reading the code that creates it.
[11:46:30] <FatPhil> [% story.sid | strip_for_id %] or something?
[11:46:46] <TheMightyBuzzard> ya, that could work
[11:47:12] <TheMightyBuzzard> just s#/#-#g or something
[11:47:30] <FatPhil> this comment was a little frustrating: "* story = story data structure (includes story.sid, see dispStory)"
[11:48:07] <FatPhil> because I couldn't find any docmentation when hunting down "dispStory"
[11:49:00] <TheMightyBuzzard> ya, we generally just dump an example for ourselves if necessary
[11:49:28] <FatPhil> it looks like a form.sid is different from a story.sid
[11:49:29] <TheMightyBuzzard> mostly though it's best to look at the creation of the story object if you really wanna know
[11:49:57] <TheMightyBuzzard> yeah, sid and stoid get very confused in our code but it'd be a huge mess to fix properly
[11:50:36] <FatPhil> yeah, I was wondering if .stoid could be a substitude, the id's only used in the <input> and the <label>
[11:51:05] <FatPhil> in fact, *anything* could be used as a substitute for that reason, even a random number!
[11:51:29] <TheMightyBuzzard> newp. we dislike exposing numeric ids so that folks can't just crawl the entire site starting at stoid=1
[11:52:42] <TheMightyBuzzard> prolly just use a strip_for_id sub and change the applicable bits outside the templates
[11:52:50] <FatPhil> best option would be a new strip_...() helper function then.
[11:53:02] <TheMightyBuzzard> yar, em is easy to write
[11:53:48] <TheMightyBuzzard> rehash is a massive collection of "optimization is not optimal because of $reason"
[11:54:19] <FatPhil> It could also be used to help with the <h4 id="$CID" case too - if it detects /^[^a-zA-Z]/ it prepends a prefix.
[11:54:27] <TheMightyBuzzard> where $reason may be true, false, or no longer even exist
[11:55:01] <FatPhil> I noticed some Ad-related stuff in the code, is that even used any more?
[11:55:27] <TheMightyBuzzard> not by us, though i suppose it may be in the future if subs ever start drying up too much.
[11:57:01] <TheMightyBuzzard> more likely we'd just throw up an ad slashbox on the side though and pull a text ad from the db
[11:59:11] <TheMightyBuzzard> aight, i gotta bail for the morning. remind me later and i'll write up the proper strip subs for ya.
[11:59:39] <TheMightyBuzzard> or you can if you feel like wrapping your head around the slightly odd way we do them
[12:04:08] <TheMightyBuzzard> merging, pulling, and deploying to dev
[12:05:14] <TheMightyBuzzard> figured you might want the code current before i left
[12:32:16] <FatPhil> thanks - appreciated!
[12:34:34] <FatPhil> Hmmm, https://dev.soylentnews.org is blank
[12:36:16] <FatPhil> It just stops abruptly mid-generation, just after the headers
[12:36:27] <FatPhil> I presume it's crapped out, and would hope there's a log
[14:44:04] <paulej72> someone broke somethin :)
[14:45:52] <paulej72> [Tue Jun 06 14:45:38 2017] [error] /users.pl:ModPerl::ROOT::ModPerl::Registry::srv_soylentnews_2eorg_rehash_site_soylent_2dmainpage_htdocs_users_2epl:/srv/soylentnews.org/rehash/site/soylent-mainpage/htdocs/users.pl:2146:ID 26, editComm;users;default : file error - parse error - 26 line 167: unexpected token (\xc2\xa9)\n [% reason_select.Touch\xc3\x83\xc2\xa9 %] ;; Which was called by:ModPerl::ROOT::ModPerl::Registry::srv_soylentnews_2e
[14:45:52] <paulej72> org_rehash_site_soylent_2dmainpage_htdocs_users_2epl:/srv/soylentnews.org/rehash/site/soylent-mainpage/htdocs/users.pl:492
[14:46:40] <paulej72> fucking utf8 bening mangeled by someone's editor
[14:47:09] <paulej72> really need to change the way that page is built
[23:27:34] -!- Talos has quit [Quit: SPOON!]
[23:31:40] -!- Talos [Talos!Talos@Soylent/BotArmy] has joined #dev