** UnhandledExceptionEventHandler :: OFFICIAL LC / CHATTER THREAD ** - Page 1379 - Computer Technical Help

Two Plus Two Forums Other Topics Computer and Technical Help

** UnhandledExceptionEventHandler :: OFFICIAL LC / CHATTER THREAD **

Post Reply Subscribe

...

Page 1379 of 1603

First

379 879 1179 1279 1329 1359 1369 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1389 1399 1429 1479 1579

Last

Page 1379 of 1603

First

379 879 1179 1279 1329 1359 1369 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1389 1399 1429 1479 1579

Last

08-13-2018 , 12:13 AM

#34451

jmakin

banned

Join Date: Jan 2008 Posts: 30,120

I mean we do stupid insecure stuff with security on our own network but there’s only 8 of us. 1500+ wtfwtf

Quote

08-13-2018 , 12:14 AM

#34452

suzzer99

Save the Cheerleader, Save the World

Join Date: Nov 2005 Posts: 99,984

I'm guessing it started out much smaller?

Quote

08-13-2018 , 07:44 AM

#34453

Larry Legend

Celtic Pride

Join Date: Jul 2009 Posts: 42,920

It doesn't just expose all passwords, it likely exposes every single thing stored for every user. So a % of those 1500 people will have stuff like email/password the same in other places.

Quote

08-13-2018 , 08:08 AM

#34454

RustyBrooks

Carpal \'Tunnel

Join Date: Feb 2006 Posts: 24,647

Quote:

Originally Posted by Larry Legend

It doesn't just expose all passwords, it likely exposes every single thing stored for every user. So a % of those 1500 people will have stuff like email/password the same in other places.

No, it does. The passwords are not hashed and you can query the database directly from javascript.

Quote

08-13-2018 , 08:26 AM

#34455

Larry Legend

Celtic Pride

Join Date: Jul 2009 Posts: 42,920

Yea I mean I'm just being way too kind in saying maybe in some .01% scenario that only that table exists at that insecure endpoint and it only has username/password.

But obviously its everything.

Quote

08-13-2018 , 08:30 AM

#34456

RustyBrooks

Carpal \'Tunnel

Join Date: Feb 2006 Posts: 24,647

Oh, I missed the "just" in your sentence. I thought you were saying it doesn't expose passwords

Quote

08-13-2018 , 10:19 AM

#34457

Victor

Carpal \'Tunnel

Join Date: Jul 2003 Posts: 72,261

robert drop tables strikes again

Quote

08-13-2018 , 10:47 AM

#34458

well named

poorly undertitled

Join Date: Jun 2007 Posts: 78,077

Not that it's the worst part at all, but I laughed the hardest at "if true === true return false"

Quote

08-13-2018 , 11:03 AM

#34459

jmakin

banned

Join Date: Jan 2008 Posts: 30,120

“Hmm i need a guaranteed way to return false after this loop exits... Eureka!”

Quote

08-13-2018 , 11:11 AM

#34460

jmakin

banned

Join Date: Jan 2008 Posts: 30,120

Quote

08-13-2018 , 11:42 AM

#34461

Larry Legend

Celtic Pride

Join Date: Jul 2009 Posts: 42,920

Quote:

Originally Posted by well named

Not that it's the worst part at all, but I laughed the hardest at "if true === true return false"

Yea that was def the funniest.

Quote

08-13-2018 , 11:52 AM

#34462

suzzer99

Save the Cheerleader, Save the World

Join Date: Nov 2005 Posts: 99,984

Quote:

Originally Posted by well named

Not that it's the worst part at all, but I laughed the hardest at "if true === true return false"

Not just that, but the it's the string, not boolean - if ("true" === "true").

How the hell did that evolve?

Quote

08-13-2018 , 12:01 PM

#34463

well named

poorly undertitled

Join Date: Jun 2007 Posts: 78,077

I think it's what happens when you don't really understand how things work, or what's allowed in a language, but you stumble upon some idea that does in fact work. So it seems like the coder had the idea that you could only have a return statement inside a conditional block. I don't know why. Maybe they also didn't realize you could use a boolean for both sides of a comparison, maybe they thought only the RHS could be a boolean? Something like that, I'd imagine.

I know I've done things that are conceptually similar, i.e. written bizarrely unnecessary code out of some confusion about what the code really does. Hopefully nothing that simple :P

Quote

08-13-2018 , 12:22 PM

#34464

Grue

Pooh-Bah

Join Date: Mar 2004 Posts: 5,667

But isn't your first instinct to try the most obvious thing which is return false there without the if statement and see if it works? Even if you don't know javascript very well doesn't every other language just evaluate line by line? :thinking:

Quote

08-13-2018 , 12:43 PM

#34465

suzzer99

Save the Cheerleader, Save the World

Join Date: Nov 2005 Posts: 99,984

I feel like there must have been some kind of other test there at some point and maybe an if/else block.

Quote

08-13-2018 , 12:50 PM

#34466

well named

poorly undertitled

Join Date: Jun 2007 Posts: 78,077

"how did this happen?" is way more fun than code golf :P

Quote

08-13-2018 , 12:54 PM

#34467

suzzer99

Save the Cheerleader, Save the World

Join Date: Nov 2005 Posts: 99,984

Quote:

So far so good – though that UserComponentHelpers.js file is kind of a grab-bag of functions, where you’ve got fullName(user) sitting next to formatDate(date).

And then you get a new story to show users’ full names in the navbar. Okay, so now you’re going to need that fullName function in two places. Maybe toss it in a generic utils file? That’s not great.

And then, a few months later, you’re looking at the FriendsComponent, and find out someone else had already implemented fullName in there. Oops. So now the next time you need a user-related function, you check to see if there’s one already implemented. But to do that, you have to check at least UserComponent, UserComponentHelpers, and FriendsComponent, and also UserApiService, which is doing some User conversion.

What's wrong with a generic utils file with small helper functions?

Quote

08-13-2018 , 03:10 PM

#34468

OmgGlutten!

Pooh-Bah

Join Date: Aug 2016 Posts: 5,273

https://flexboxfroggy.com/

level 24 is so confusing.

Quote

08-13-2018 , 04:24 PM

#34469

suzzer99

Save the Cheerleader, Save the World

Join Date: Nov 2005 Posts: 99,984

I reached out to my new boss about what I should study up on, I guess here's my new job synopsis:

Quote:

I’m excited about initiating Ecommerce Re-architecture project with your help. The success of the project depends on two middleware platforms – an API layer that sits in between our CRM system and web applications, and a IDM solution that consolidates different user accounts and provides single sign on. I’d like to try serverless approach for both solutions. We should be able to utilize AWS Lambda and API gateway service for most of our API needs, and I’m looking into AWS Cognito for a serverless authentication and authorization solution. It’ll be really helpful if you could familiarize yourself with these AWS services…we can start with some use cases for POC when you come onboard.

Sounds pretty straightforward except does anyone know what IDM stands for here? Ok I guess it's Identity Management. Which should really me IM imo.

Quote

08-13-2018 , 04:26 PM

#34470

RustyBrooks

Carpal \'Tunnel

Join Date: Feb 2006 Posts: 24,647

Identity Management

Quote

08-13-2018 , 05:37 PM

#34471

PJo336

THRILLHOUSE!

Join Date: Mar 2007 Posts: 22,158

Any clue what kind of request volume you'll be working with Suzzer?

Serverless has been nothing but pain for me tbh, esp in the API space. Doing simple things like triggers when a file drops in S3 are basically a perfect use case, but I have had nothing but issues integrating into a "long living" scenario, like api requests

Quote

08-13-2018 , 05:49 PM

#34472

RustyBrooks

Carpal \'Tunnel

Join Date: Feb 2006 Posts: 24,647

Quote:

Originally Posted by PJo336

I'm not really a fan of lambda for everything, but isn't the max timeout for a request in lambda like... 5 minutes?

Quote

08-13-2018 , 05:57 PM

#34473

goofyballer

Carpal \'Tunnel

Join Date: Jun 2005 Posts: 70,719

Quote:

Originally Posted by OmgGlutten!

https://flexboxfroggy.com/

level 24 is so confusing.

First reaction: Yes, a programming game!
Second reaction: Flexbox? NOPE

Speaking of programming games, Exapunks is new from Zachtronics (makers of TIS-100 and Shenzhen I/O) and it is AWESOME

Quote

08-13-2018 , 06:18 PM

#34474

jmakin

banned

Join Date: Jan 2008 Posts: 30,120

re: programming is not always slamming 100's of lines of code a day -

Today I spent multiple hours on an issue and the fix/solution ended up being removing precisely one line.