<- Previous Log Select Different Log Next Log ->   
Searching from 2023-12-05 00:00:00 to 2023-12-05 23:59:59.999999.
Query completed in 9.31 seconds
[2023-12-05 06:39:10] <Lucifer_arma> yeah, I need to find/write a wtform validator that watches for sql injection attacks.  I use the proper string replacement in the sql driver, but I want an extra layer there
[2023-12-05 06:39:13] <armagetronbridge> 10irc:Lucifer_arma| yeah, I need to find/write a wtform validator that watches for sql injection attacks.  I use the proper string replacement in the sql driver, but I want an extra layer there
[2023-12-05 06:40:31] <Lucifer_arma> the same locations are already protected by a loginrequired decorator, so if they could use it but they have to login, they'll get that.  I'm also working on hiding links that a user doesn't have authorization to use because it's a giant pet peeve of mine when you can click links just to arrive at an unauthorized page
[2023-12-05 06:40:34] <armagetronbridge> 10irc:Lucifer_arma| the same locations are already protected by a loginrequired decorator, so if they could use it but they have to login, they'll get that.  I'm also working on hiding links that a user doesn't have authorization to use because it's a giant pet peeve of mine when you can click links just to arrive at an unauthorized page
[2023-12-05 08:17:38] --> DruidMonroe has joined the channel
[2023-12-05 12:06:24] <armagetron-bridge> 08discord:delinquent| I'm personally taking the approach of returning nothing at all when it comes to the API side, letting the request timeout. There's a number of things attached to the request, though, like fingerprinting and auth tokens, which hopefully should work alongside each other to prevent theft of one or the other. If something doesn't match up, log the request and don't respond. If lots o <clipped message>
[2023-12-05 12:06:24] <armagetronbridge> 08discord:delinquent| I'm personally taking the approach of returning nothing at all when it comes to the API side, letting the request timeout. There's a number of things attached to the request, though, like fingerprinting and auth tokens, which hopefully should work alongside each other to prevent theft of one or the other. If something doesn't match up, log the request and don't respond. If lots o <clipped message>
[2023-12-05 12:06:24] <armagetronbridge> 08discord:delinquent| f requests are made that don't match up, implement fail2ban and contact the customer.
[2023-12-05 12:06:25] <armagetron-bridge> 08discord:delinquent| f requests are made that don't match up, implement fail2ban and contact the customer.
[2023-12-05 12:06:26] <armagetronbridge> 08discord:delinquent| I'm a bit fo a special case, though, meridian contains a lot of information about a business' internal structure as well as financial data and asset data, so I have to be rather careful about security
[2023-12-05 12:06:26] <armagetron-bridge> 08discord:delinquent| I'm a bit fo a special case, though, meridian contains a lot of information about a business' internal structure as well as financial data and asset data, so I have to be rather careful about security
[2023-12-05 12:13:19] <armagetron-bridge> 03discord:ninjapotato1080| I've seen some stuff return blanket 403 (forbidden) when I mistyped a path to a resource as well, not sure what best practice is though
[2023-12-05 12:13:20] <armagetronbridge> 03discord:ninjapotato1080| I've seen some stuff return blanket 403 (forbidden) when I mistyped a path to a resource as well, not sure what best practice is though
[2023-12-05 12:13:51] <armagetron-bridge> 08discord:delinquent| It seems to change depending on language, application scope, and user profile
[2023-12-05 12:13:52] <armagetronbridge> 08discord:delinquent| It seems to change depending on language, application scope, and user profile
[2023-12-05 15:20:55] --> Armanelgtron has joined the channel
[2023-12-05 15:20:55] -!- Topic for #armagetron is "Armagetron Advanced | http://www.armagetronad.org/ | Welcome to IRC"
[2023-12-05 15:20:55] -!- Topic set by ChanServ!services@services.oftc.net on 2022-12-21 00:36:08 UTC
[2023-12-05 15:20:57] -!- weber.oftc.net set mode #armagetron +nt
[2023-12-05 15:20:57] -!- Channel #armagetron created on 2021-04-20 19:56:37 UTC
[2023-12-05 15:20:58] --> Armanelgtron has joined the channel
[2023-12-05 15:20:59] -!- cadmium.libera.chat set mode #armagetron +nt
[2023-12-05 15:20:59] -!- Channel #armagetron created on 2021-05-20 17:23:14 UTC
[2023-12-05 21:29:21] <-- Juest has quit (Read error: Connection reset by peer)
[2023-12-05 21:37:23] --> Juest has joined the channel
[2023-12-05 22:40:04] <Lucifer_arma> ah, 403 forbidden, of course that's what I should be returning
[2023-12-05 22:40:04] <armagetronbridge> 10irc:Lucifer_arma| ah, 403 forbidden, of course that's what I should be returning
[2023-12-05 22:40:30] <Lucifer_arma> because that's also compatible with any software tools a user might want to use to access the site
[2023-12-05 22:40:30] <armagetronbridge> 10irc:Lucifer_arma| because that's also compatible with any software tools a user might want to use to access the site
[2023-12-05 22:42:00] <Lucifer_arma> I know there's a reason why saying nothing is there and returning a 404 is wrong, but I don't remember what the reason is, but it would definitely break some tools you might use to access the site
[2023-12-05 22:42:00] <armagetronbridge> 10irc:Lucifer_arma| I know there's a reason why saying nothing is there and returning a 404 is wrong, but I don't remember what the reason is, but it would definitely break some tools you might use to access the site
[2023-12-05 22:42:40] <Lucifer_arma> it doesn't need to be indexed by search engines, though, and that's something that a lot of sites do.  They'll quietly let the crawler in to index the site, but lock out other users who have to login
[2023-12-05 22:42:40] <armagetronbridge> 10irc:Lucifer_arma| it doesn't need to be indexed by search engines, though, and that's something that a lot of sites do.  They'll quietly let the crawler in to index the site, but lock out other users who have to login
[2023-12-05 22:50:46] <-- DruidMonroe has quit (Ping timeout: 255 seconds)
[2023-12-05 23:03:39] <Lucifer_arma> ok, if I decorate a decorator, will the decorators be called?
[2023-12-05 23:03:39] <armagetronbridge> 10irc:Lucifer_arma| ok, if I decorate a decorator, will the decorators be called?
[2023-12-05 23:04:06] <Lucifer_arma> I should throw something together to test this.  I have two decorators that are useful as separate decorators, but it would be awfully convenient to have one decorator that calls both of them.
[2023-12-05 23:04:06] <armagetronbridge> 10irc:Lucifer_arma| I should throw something together to test this.  I have two decorators that are useful as separate decorators, but it would be awfully convenient to have one decorator that calls both of them.
[2023-12-05 23:06:13] <Lucifer_arma> I should've known, though, that adding multi-user support would be a bit of a can of worms.  I don't really *need* it, but I know people who'd like to use it, and I'd like to be able to see how they're making trading decisions and what the results are
[2023-12-05 23:06:14] <armagetronbridge> 10irc:Lucifer_arma| I should've known, though, that adding multi-user support would be a bit of a can of worms.  I don't really *need* it, but I know people who'd like to use it, and I'd like to be able to see how they're making trading decisions and what the results are
[2023-12-05 23:06:38] <Lucifer_arma> so friends could use the app to make money for themselves, and I can use their decisions to make the app better.  Positive feedback loop.
[2023-12-05 23:06:39] <armagetronbridge> 10irc:Lucifer_arma| so friends could use the app to make money for themselves, and I can use their decisions to make the app better.  Positive feedback loop.
View entire month
DISCLAIMER: These logs of public chat may contain some content which may not be appropriate for all audiences. Use at your own risk.
Logs from 2006-2009 pulled from wrtlprnft
Format changes at: 2015-08-25, 2017-02-20, and 2020-03-23. Times (2015 and later) should be Eastern.


 
 
 ArmaNelgTron.tk
 © NelgTron 2014-2024. Made for . [About this site] [Credits]