rvalue has quit [Read error: Connection reset by peer]
rvalue has joined #ruby
grenierm has quit [Ping timeout: 272 seconds]
infinityfye has joined #ruby
chair1 has quit [Quit: Client closed]
schne1der has joined #ruby
inline has quit [Quit: Leaving]
wbooze has quit [Quit: Leaving]
schne1der has quit [Quit: schne1der]
schne1der has joined #ruby
Linux_Kerio has joined #ruby
Linux_Kerio has quit [Read error: Connection reset by peer]
Linux_Kerio has joined #ruby
R2robot has quit [Read error: Connection reset by peer]
R2robot has joined #ruby
szkl has quit [Quit: Connection closed for inactivity]
GreenResponse has joined #ruby
fantazo has quit [Quit: Lost terminal]
<ih8u>
The_Camel_: the point of the layout is to have a place in the body where it yields to whatever non-layout content you're telling erb to render
<ih8u>
for something like a title, you would typically define that once in the layout and set it to be the value of some instance variable that you can set per request to change it
<ih8u>
repeat for any other element that's always around but with variable content, and build out views with templates to reduce repitition as much as possible
<gr33n7007h>
adam12: yep, loved the x220/230's, but i've had to retire my x270 (my most favourite laptop of all time) and i've had many thinkpads ;) so wanted to something similar in size/form factor to the x270. it was a toss-up between x1 nano and the x13, so off to ebay i went and found this one brand new.
<gr33n7007h>
i'd have bought an x1 nano but couldn't find any at the time with british ISO layout
<gr33n7007h>
gonna be swapping for a samsung 990 pro 2tb tho :P
<gr33n7007h>
for the bargain price of £580 :)
<gr33n7007h>
excellent trackpad too
<gr33n7007h>
my only nit-picks are the wifi card and RAM is soldered :( and not a fan of the lip for the camera, but other than that, it's awesome!
<gr33n7007h>
should last me a few good years :)
<gr33n7007h>
o0x1eef: really couldn't see myself using anything else now :P
<gr33n7007h>
been using them for years
<gr33n7007h>
thing with thinkpads, linux runs flawlessly on them
schne1der has quit [Ping timeout: 248 seconds]
cappy has joined #ruby
steinomead has quit [Quit: Konversation terminated!]
oznek has joined #ruby
user71 has joined #ruby
johnjaye has quit [Ping timeout: 260 seconds]
brokkoli_origin has quit [Ping timeout: 244 seconds]
chair1 has joined #ruby
brokkoli_origin has joined #ruby
Ritchie-X has joined #ruby
chair1 has quit [Ping timeout: 272 seconds]
chair1 has joined #ruby
<adam12>
gr33n7007h: Consider Framework laptop at all?
<havenwood>
adam12: I was just checking that out myself!
<havenwood>
I used an iPad Pro only with mosh as an experiment for a 6mo and it went surprisingly well. Now I'm back to MBP.
<havenwood>
Super odd most laptops don't have built-in cellular data support...
<gr33n7007h>
adam12: i have and they're great for the customisation/upgradablity aspect, but in all honesty, it's the keyboard for me, thinkpad keyboards are just amazing imo even tho from the x270/470 onwards they reduced the key
<havenwood>
I look forward to universal cellular data and touch screen.
<gr33n7007h>
*travel
<chair1>
laptop with 4G would be extremely based
<havenwood>
I heard Rumors of upcoming major MBP redesign having cellular, but seems so late.
<gr33n7007h>
my x270 had cellular modem
<gr33n7007h>
sorry, t470
<havenwood>
Phones, check. Tablets, almost always an option, check. Laptops, usually not an option. 🤷
<havenwood>
The bigger the device, the more power and space yet less likely to have a key feature. Just odd.
<gr33n7007h>
havenwood: thinkpads have always had the option on the t/x/carbon series
<havenwood>
gr33n7007h: Seems like a no-brainer to include. 👍
<havenwood>
I'd rather have optional USB-C and I don't think that should be optional. 😆
<gr33n7007h>
definitely
<gr33n7007h>
i would have thought most business laptops would tbh
cappy has left #ruby [Leaving]
<gr33n7007h>
yeah, i heard apple creating their own modem for next gen models :)
<gr33n7007h>
in thinkpads the generally either fibercom or snapdragon in newer models
<gr33n7007h>
adam12: are you mac or linux?
<havenwood>
gr33n7007h: Funny thing is on iPad I'm on Linux (Debian, usually) and on MBP macOS.
<gr33n7007h>
havenwood: was thinking about getting a mac mini m4 base model for the price
<gr33n7007h>
pair it up with my ducky keyboard and iilyama monitor :P
<gr33n7007h>
havenwood: cool, so an IPadian hhe
oznek has quit [Quit: Leaving]
<Ritchie-X>
Hey guys ! I want to start learning Ruby ! so I'm old school Student; What book do you recommend to start my learning journey?
<havenwood>
Ritchie-X: +1 for Jeremy Evan's Polished Ruby Programming book.
<Ritchie-X>
Great !
<havenwood>
I've heard both Eloquent Ruby and Ruby Under a Microscope are getting updates here shortly (if the new versions haven't been released yet).
<havenwood>
Polished Ruby Programming is modern and worth a read in any case!
inline has joined #ruby
<gr33n7007h>
havenwood: i' ping him 👍
<weaksauce>
polished ruby is not for beginners though i thought?
<The_Camel_>
I thought webservers skipped html comments when delivering webpages.
<The_Camel_>
dumbass webservers.
<chair1>
hihihi
<weaksauce>
doesn't render them on the browser side but it does send them
<The_Camel_>
weaksauce, renders on my browser side. but anyway, I got a question if you don't mind.
<The_Camel_>
weaksauce, some of my views are named as: "users_desktop_bootstrap.html"
Sheilong has joined #ruby
<The_Camel_>
then there's "users_mobile_bootstrap.html"
<The_Camel_>
it's so that, in the future, there "may" be "users_mobile_semanticui.html"
<The_Camel_>
weaksauce, my question - convention! which is better.
<The_Camel_>
should I do
<weaksauce>
why aren't you designing the page to be responsive in the first place?
<The_Camel_>
weaksauce, "bootstrap_desktop_users.html" and "bootstrap_mobile_users.html" or leave it as I have it?
<The_Camel_>
weaksauce, because I don't like "1 page for multiple devices". I like having two separate pages per each device.
<weaksauce>
i'd leave it with the most useful information you'd search for first as the primary first word
<weaksauce>
is bootstrap even useful as a name here
<The_Camel_>
weaksauce, that'd probably be the actual file name. "e.g users" first.
<weaksauce>
if you design for mobile first it's much easier to scale that up to desktop size
<The_Camel_>
weaksauce, it is, because I plan in the far, far, far future to include a UI built in a separate CSS framework, so as I showed earlier, there may be users_desktop_semanticui.html later. or ...yahoo.html
<weaksauce>
and you're doing double the work
schne1der has joined #ruby
<The_Camel_>
weaksauce, I know I am but it's a design choice. and I talked with another webdev about it who also agrees that a single webpage handling multiple devices is just messy. so I like two separate files.
<The_Camel_>
weaksauce, it's definitely being done. so no antipatterns :)
Goodbye_Vincent1 has quit [Remote host closed the connection]
Goodbye_Vincent1 has joined #ruby
<The_Camel_>
weaksauce, anyway thanks. I'll leave my file name with the "actual file name" first and leave "platform" and "framework" last
<weaksauce>
i don't think the fact that you found one other person who does it in a backwards way confirms that it's not an anti-pattern
<weaksauce>
with media queries and good ordering it's not, in fact, "messy"
<The_Camel_>
weaksauce, it's not just one person. and this doesn't apply just to webdev. there are people who also write an application for each specific OS twice or three times, as opposed to using a crossplatform library.
<The_Camel_>
weaksauce, it's a philosophy I'd say.
<weaksauce>
that's extremely different
<The_Camel_>
weaksauce, I see it as the same thing to be honest.
<weaksauce>
extremely
<weaksauce>
different
<The_Camel_>
weaksauce, me writing different code for each device screen size :P
<The_Camel_>
vs me writing different code for each device OS.
<weaksauce>
html is compatible natively. the cross platform source code is not native and adds another level of indirection and debugging hassles.
<weaksauce>
i've written android apps and ios apps and native windows apps and webapps professionally
<The_Camel_>
weaksauce, that's more "how things are" as opposed to "process" though no? I'm talking about the process. I end up writing something twice. in that sense, it's similar.
<weaksauce>
nope
<The_Camel_>
but yeah, what you said, sure, don't disagree.
<weaksauce>
there's very good reasons you'd not want to use a cross platform framework. not for writing bespoke html/css for screen sizes
<The_Camel_>
weaksauce, there's very good reasons I don't want to do responsive design either. :P
<The_Camel_>
layers of complexity and finicky code that results in mess.
<weaksauce>
you may have a reason but i'd say it's not "good"
<The_Camel_>
weaksauce, well, I'm not the one with tons of experience under my belt here so maybe you're right. but I choose to go this way. even if you call it wrong :)
<The_Camel_>
weaksauce, speaking of experience
<The_Camel_>
weaksauce, I recall times when crossplatform libraries just didn't achieve a certain task well, in particular where the OS api handles it easier and quicker.
<The_Camel_>
similarily, I recall times when some bootstrap responsive grid I wrote performed weird
<The_Camel_>
so for the webdev aspect, I said "fuck this", I'm just gonna do it per-page-device-size.
<The_Camel_>
and I've been extremely happy ever since.
<The_Camel_>
of course, I end up with 55 html pages instead of 22 but that's another story. i don't mind.
<The_Camel_>
weaksauce, CSS sucks ok? :P
<The_Camel_>
so I choose not to make 1 page handle multiple devices.
<havenwood>
The_Camel_: Please keep convo on topic for Ruby.
<The_Camel_>
havenwood, sure, I stopped like an hour ago.
<havenwood>
Or in some abstract way related to Ruby, since it's the #ruby IRC. :)
<The_Camel_>
havenwood, mhm. I wish I was still doing ruby. but I'm doing java now. and I'm happy.
<The_Camel_>
very happy
<havenwood>
The_Camel_: Reminds me to install the nightly Ruby build. Will it build??
<The_Camel_>
havenwood, probably not.
<havenwood>
The_Camel_: I'm enjoying Rust.
<The_Camel_>
havenwood, need to get into rust too some day.
<havenwood>
It reminds me of Ruby more than some folk seem to feel.
<The_Camel_>
havenwood, reminds me a bit of some ocaml constructs.
<The_Camel_>
well
<The_Camel_>
"functional" constructs.
<The_Camel_>
btw, in ocaml, life is weird. you can do oop, but there's also ocaml objects and ocaml classes which are not the same thing in the general programmer sense.
<The_Camel_>
there's also ocaml modules if you don't like oop
<The_Camel_>
in the general instantiation sense**
<The_Camel_>
havenwood, have you watched the Mulan animated movie?
<The_Camel_>
the one made by Disney?
<adam12>
gr33n7007h: Mac now, but was Linux desktop from like 99-05. And I ran Linux desktop for a little but around 2018-2020 when Mac had shitty keyboards.
Sheilong has quit []
schne1der has quit [Ping timeout: 252 seconds]
<The_Camel_>
hey adam12. got a question. convention wise. I have a bunch of routes (/user /user_data /user__info). Now, I could do this 3 ways:
<The_Camel_>
make 1 controller/file and put all 3 routes in the same file.
<The_Camel_>
or
<The_Camel_>
make 1 controller/file and put just these 3 routes in the same file (related to user. in the previous example, it would include more than just "user" and all other respective 3)
<The_Camel_>
so in this example, if I had "user" and "cars" it'd be 2 controllers rather than 1.
<The_Camel_>
or
<The_Camel_>
heinrich5991, have 6 controllers, one for each route. (1 for /user, 1 for /user_data, 1 for /user_info, 1 for /cars, 1 for /cars_data, 1 for /cars_info)
<The_Camel_>
oh shit.
<The_Camel_>
adam12, **
<The_Camel_>
=============
<The_Camel_>
adam12, so I'm asking, do I put all 9 routes in 1 file.
<The_Camel_>
adam12, or put 3 routes each in each 3 files.
<The_Camel_>
I bet ruby on rails doesn't have anything to ameliorate this issue either. Or django
* The_Camel_
shakes head in severe dissapointment.
<The_Camel_>
Common usecase. Such a goddamn common usecase.
<The_Camel_>
> Protecting splat routes
<The_Camel_>
The answer? Do it manually.
chair62 has joined #ruby
<The_Camel_>
30+ years of web development. no. 60 years of software engineering.
<The_Camel_>
that's what they have under their belt
<The_Camel_>
and the answer to protecting a splat is - do it by hand.
<The_Camel_>
How the fuck...
<The_Camel_>
WHAT the fuck... have they been doing until now?
<The_Camel_>
Oh right.
<The_Camel_>
They invented 50 other languages like python, ruby, squirrel, dog, pig, ocaml
<The_Camel_>
rebuilding the same thing 50 times.
<The_Camel_>
No wonder they're still in the stoneage
<The_Camel_>
Fucking capitalism.
<chair62>
what's a "splat based route" ?
chair1 has quit [Ping timeout: 272 seconds]
chair62 is now known as chair1
<chair1>
(I don't do webdevus)
<The_Camel_>
chair1, it's when a user is presented multiple information on a webpage and the data they interact with comes back to the webserver in "any potential string" through the URI
<The_Camel_>
such as "here's a bunch of images from the back end"
<The_Camel_>
chair1, since the webserver can't know what the user truly interacted with, after that data gets presented to them, they get back a /path/<whatever_user_interacted_with>
<The_Camel_>
that /path/<???> is the splat. written as
<The_Camel_>
/path/**
<The_Camel_>
chair1, now, that is a huge security hole because
<The_Camel_>
chair1, the user can request things that.. may not have necessarily been presented to him by the webserver.
<The_Camel_>
chair1, simple enough that, it could be solved with an API call that makes sure the path traversal or requested files don't go outside __a provided path__
<chair1>
sometimes when I want to see an image larger, I open it in a new tab. then the image path has a size in its name, and I add a few extra zeroes. sometimes I get the max image size, sometimes I get it upscaled to whatever I entered
<The_Camel_>
chair1, sure.
<chair1>
oooh this sounds like escaping from a chroot
<The_Camel_>
chair1, yeah, and the answer is - check against a path you provide.
<chair1>
funny, I've read the URI RFC, and it has some discussion about handling ..
<The_Camel_>
chair1, yet, spring, a 22 years old framework, which was written to "simplify" J2EE/Java EE/Jakarta EE or whatever they call it now
<The_Camel_>
DOES NOT PROVIDE SUCH A BLASTED THING.
<chair1>
now I understand the image you shared, the manual check
<The_Camel_>
chair1, FULLSTACK FRAMEWORK
<The_Camel_>
ENTERPRISE GRADE
<The_Camel_>
> doesn't provide simple protection against splat traversal.
* The_Camel_
facepalms and rubs face in frustration
<chair1>
I see the problem, every single company will roll their own version of the thing, some potentially broken, perhaps with duplicated code
<The_Camel_>
chair1, welcome to the stoneage. it's 2025.
<The_Camel_>
I expect we will see less of this shit in 2025.
<The_Camel_>
2425*
<chair1>
crazy
<The_Camel_>
chair1, even SQL injection prevention
<The_Camel_>
it should be baked in the transaction framework
<The_Camel_>
chair1, or input protection, that do the basic like "preventNonAlphaNumericInput()"
<The_Camel_>
AT LEAST THAT
<The_Camel_>
but no. you gotta regex it
<The_Camel_>
chair1, yourself.
<weaksauce>
you seem to have some odd ideas about webdev
<weaksauce>
rails and webservers have this built in protection
<The_Camel_>
weaksauce, is that why they need to wrap up their deployed application in a DMZ behind a docker container running in a virtual machine?
<weaksauce>
nobody needs to do that
<weaksauce>
but it's convenient
<The_Camel_>
weaksauce, is that why there's security checklists and manuals written about cross-site attacks, SQL injection and so on?
<The_Camel_>
like the WASP standards
<The_Camel_>
it's pathetic
<The_Camel_>
"how to secure your webserver/stack"
<weaksauce>
sure YOU can fuck it up
<weaksauce>
but if you stick to the defaults it's secure against all that
<The_Camel_>
weaksauce, reminds me of those people that say "Linux is stable" which means "Not really doing anything with it" like not changing the desktop environment, replacing systemd, installing specific packages (especially driver related) and removing them and watch it crap itself.
<The_Camel_>
so stable.
<The_Camel_>
yeah, a lot of stuff is stable if I don't bother touching it.
<The_Camel_>
anyway, doesn't matter.
<The_Camel_>
wish I could fast forward time
<The_Camel_>
400 years later
<weaksauce>
you're going out of your way to make linux unstable.
<weaksauce>
shocker: it's unstable
<sweatiest>
It sounds like you're just bad at linux.
<weaksauce>
you can install packages and drivers and still be stable.
<The_Camel_>
yeah, I can do that on windows too.
<The_Camel_>
and I don't call windows stable.
<The_Camel_>
lol
<weaksauce>
the further you stray from the fundamental decisions on a disto the more issues you will have
<weaksauce>
not sure how that's a controversial take
<The_Camel_>
well, surprise, I CAN stray away from the fundamental decisions on windows and I don't encounter issues I encounter with linux.
<weaksauce>
lol k
<weaksauce>
different system fails differently news at 11
<The_Camel_>
Windows Servers handle themselves really well in the server department, quite better than Linux I'd say.
<The_Camel_>
especially with RIO
<The_Camel_>
there was no need for linux to go out of it's way to...
<The_Camel_>
you know what, forget it
<The_Camel_>
it hurts typing.
<The_Camel_>
I was not born in a good timeline.
<The_Camel_>
I was born right in the middle of a jungle.
<The_Camel_>
When people can't decide if they want OOP or Functional or both.
<The_Camel_>
so they start inventing new languages that do both
<The_Camel_>
weaksauce, won't be long before I see a new paradigm in 20 years from now.
<The_Camel_>
Yet Another Piece of Fucking Suffering
<The_Camel_>
I wish I could get out of the west
<The_Camel_>
return back to China
<The_Camel_>
keep everything in PHP.
<sweatiest>
yeah that's why the majority of the world's servers run Windows Server.
<The_Camel_>
sweatiest, they don't run it because everyone is a cheap ass and because linux is free.
<The_Camel_>
:P
<The_Camel_>
don't give linux more credit than it deserves.
<The_Camel_>
sweatiest, you should read the "Don't Make A Franken-debian" docs
<The_Camel_>
it was made for users like you.
<The_Camel_>
oh wait. you don't really do much on linux than install an editor.
<The_Camel_>
sorry!
chair62 has joined #ruby
<The_Camel_>
and you choose vim because the bloat that comes with emacs is insufferable.
<The_Camel_>
save a few dozen megabytes.
chair1 has quit [Ping timeout: 272 seconds]
brokkoli_origin has quit [Ping timeout: 252 seconds]
<sweatiest>
You should up your trolling game, it's really weak.
<sweatiest>
Nice try, kid.
<The_Camel_>
he thinks I'm trolling.
<The_Camel_>
Meanwhile, I wasted 20 minutes writing something that should be there. Time to move on to more wheel reinventing.