Camelia, the Perl 6 bug

IRC log for #mojo, 2010-11-08

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:03 kvorg joined #mojo
00:04 Akron left #mojo
02:24 kthakore Is there a tutorial to do role base acess in Mojo?
02:24 kthakore LIke I would like to specify Student, Admin, Advisor, Assitant roles, and give those permission?
02:25 kthakore or something like that.
02:25 * kthakore sucks at this stuff
04:04 tl joined #mojo
04:05 tholen42 left #mojo
04:42 tempire_ joined #mojo
04:45 tempire_ left #mojo
04:46 tempire_ joined #mojo
04:46 tempire_ kthakore: Thats not necessarily something that needs to be tied to mojo.  You can do it in mojo the same way you would do it anywhere else.
04:49 tempire_ If you're using dbic, for example, you can have a users table and a roles table, and put a has_role method in the users result class.
04:53 tempire_ That should at least get you started.  It's a pretty common thing - you should have no problem finding some basic examples on the googles.  "Role based access control" is what you're looking for.
04:54 tempire_ left #mojo
04:56 MojoGuest687 left #mojo
06:15 ysyrota joined #mojo
06:28 ltriant left #mojo
06:37 koban joined #mojo
06:42 und3f[A] is now known as und3f
06:47 esskar_ sri, i  know; it's just one special case (not sure); will try to provide a test later
06:53 kvorg left #mojo
07:27 kvorg joined #mojo
07:36 kvorg left #mojo
07:44 kvorg joined #mojo
07:53 und3f is now known as und3f[A]
07:53 fhelmberger joined #mojo
08:22 breaker313 joined #mojo
08:40 spleenjack joined #mojo
08:43 viking-3 left #mojo
08:43 marcus sri: When is mojo going to look sexy on fail like phusion? http://nordaaker.com/docs/skitch/Ruby_(Rack)_appl​ication_could_not_be_started-20101108-093507.png
08:46 Rhaen hep!
08:46 Rhaen sri - there is a small problem with mojo on windows.
08:47 Rhaen it hangs at testing:
08:47 Rhaen t/mojolicious/websocket_tls_proxy_lite_app.t .. 1/16
08:47 Rhaen I'll have a look
08:55 omega marcus: would rock if you didn't have to check the console to get startup errors :p
08:55 omega in devel-mode only hopefully
08:56 Rhaen sri: https://gist.github.com/9e42340a47f5f6984a9c
08:56 marcus omega: Yes.
08:56 Rhaen err guys: https://gist.github.com/9e42340a47f5f6984a9c
08:59 Rhaen oh, my error. hang on
08:59 omega marcus: cool, looking forward to testing it when you are done!
09:00 Rhaen nah, should work
09:11 Rhaen works on Linux
09:16 sri Rhaen: i suspect a broken IO::Socket::SSL
09:16 Rhaen could be, yes.
09:17 sri since we are 100% green on cpantesters
09:17 Rhaen I'll check the versions
09:17 sri the tls test is amost equal to the previous test
09:17 Rhaen yeah, but only if you have installed IO::Socket::SSL which is the default on strawberry
09:17 sri except for well, tls usage
09:18 baton8 left #mojo
09:18 Rhaen I'll try to update
09:18 sri there is no way for me to debug this though
09:18 Rhaen OMG, Win32 Strawbeery issues...oh no!
09:18 Rhaen I think it's ok, I'll look into it - maybe we should skip the testsuite on win32
09:19 sri marcus: tuits!
09:19 Rhaen I'll try to isolate the problem
09:22 baton8 joined #mojo
09:24 forwardever joined #mojo
09:25 sri guess we have to disable the tls test :(
09:26 sri actual bug on our side are unlikely
09:26 sri *+s
09:47 perlrocks joined #mojo
10:14 yko joined #mojo
10:25 marcus http://www.learnboost.com/introducing-no​de-canvas-server-side-html5-canvas-api/
10:39 y0j left #mojo
10:52 forwardever sri: have a question regarding waypoint, created 2 failing tests, is this a bug or the expected behaviour: https://github.com/forwardever/mojo/commit​/3affb3637a2bc18cf23d4c197a7a00d73fbf276e
11:05 sri forwardever: expected
11:05 sri marcus: old news ;p
11:06 forwardever okay, thought that the lastest match would apply, like in nested routes, so using waypoint, it's the first match...
11:06 sri marcus: and of course almost everything is written in c again
11:07 sri or even c++
11:07 sri forwardever: routes do not care about trailing slash
11:08 sri if you want to make your code trailing slash sensitive there is always $self->req->url->path->trailing_slash though
11:09 sri it's a minority use case though, and routes should always serve the majority
11:18 forwardever sri: okay, understand that, however in my test cases, I expected waypoint to look for more specific matches later (with or without slashes, the first match as defined by the waypoint command is the one mojolicious is using)
11:19 forwardever so though that behaviour is more similar to nested routes,
11:21 sri not saying that it wouldn't make sense
11:22 y0j joined #mojo
11:22 sri think i wouldn't reject a clean patch
11:26 forwardever just starting to get familiar with the code, so I will probably not be able to provide a patch right now
11:27 sri should be a rather minor change in MojoX::Routes::Match, but i would expect all cases of X->route('/') to be formalized as well
11:28 sri waypoint/bridge/route->route('/')
11:29 sri the hardest part is working out the neccessary tests
11:29 sri i need to get back to hypnotoad work though
11:30 marcus sri yepp.
11:31 sri ALL GLORY TO THE HYPNOTOAD
11:36 Akron joined #mojo
11:52 didls left #mojo
12:12 yko hi
12:14 yko Maybe this question appeared earlier, but i forgot the answer: is it possible to cleanup Mojo::Client's temporary files?
12:15 sri they are automatically cleaned up unless you have a memory leak
12:16 yko You mean - when app exiting?
12:17 sri no
12:17 sri on DESTROY
12:17 yko If i'm using single client object to get 1k urls, for example. When destroy will appear for each asset?
12:17 sri yes
12:17 yko When i destroy Transaction object?
12:18 sri usually thats the time
12:18 sri but it depends on the asset object
12:18 yko usually it's File
12:18 sri there can still be references on the asset
12:18 yko ah, yes
12:19 yko thank you once again. will digg..
12:19 sri write about it in the wiki
12:19 sri i know you've asked the same question before -.-
12:19 yko yes, i did
12:20 sri next time i'll point you to the wiki, if nothing is there then it's your fault ;p
12:20 yko haha, ok
12:24 sri http://thinkvitamin.com/mobile/new-rails-like-f​ramework-from-37signals-for-html5-mobile-apps/
12:25 sri marcus: thats stuff is more interesting than node.js
12:25 sri *-s
12:28 alnewkirk left #mojo
12:40 Christian joined #mojo
12:40 Christian hello
12:41 * sri waves
12:43 koban left #mojo
12:55 breaker313 left #mojo
13:15 perlrocks Twitter: "[Perl] / Mojolicious:: Lite - Mojolicious Japanese translation project documents - livedoor Wiki (Wiki) http://htn.to/yJ1ggD" (ja) --yasutaka http://twitter.com/yasutak​a/status/1623883098628096
13:20 perlrocks Twitter: "RT! Yasutaka: [perl] / Mojolicious:: Lite - Mojolicious Japanese translation project documents - livedoor Wiki (Wiki) http://htn.to/yJ1ggD" (ja) --perlism http://twitter.com/perlism/status/1624995654533120
13:22 marcus sri: I felt it was meh
13:22 marcus sri: coffeescript can burn
13:25 daviddelikat left #mojo
13:28 koban joined #mojo
13:39 Akron sri: Did you try http://code.quirkey.com/sammy/ ?
13:40 sri Akron: not yet
13:41 Akron sri: It's looking quite equal to what is promised in the interview.
13:47 dotan joined #mojo
13:54 Rhaen hep.
13:58 tempire_ joined #mojo
13:59 tempire_ Sammy looks like m:l for javascript
14:01 * sri can haz iphone4 :)
14:01 tempire_ Have you seen the windows series 7 phones?
14:01 daviddelikat joined #mojo
14:02 tempire_ The zune os is quite nice.
14:02 szabgab joined #mojo
14:09 szabgab good afternoon
14:09 szabgab is there a mojo team being built for the Plat form contest?
14:14 Akron tempire_: m:l?
14:15 sri szabgab: not much interest here it seems
14:17 sri which is not very surprising, considering the lack of visibility of the event
14:17 szabgab I don't think they will make a lot of noise about it before the event
14:17 szabgab but the daa will be used as a prove
14:17 szabgab asd a proof
14:18 szabgab and if we don't have the perl team there it will further strengthen the beliefe that perl is not important any more
14:19 szabgab so I was planning to help with the travel costs for some of the team members
14:21 arthas joined #mojo
14:24 sri i see, last time there has been much noise after the event either though
14:24 sri *+not
14:26 sri if you want to prove that perl is alive a perlrumble or so might be better, especially if there is some money available
14:28 sri you really need a bunch of entry level hackers with time for those offline events
14:28 sri perl doesn't have much of those :/
14:30 sri i would go as far as saying that landing a perl job that keeps you busy is too easy these days :D
14:30 szabgab what do you mean by perlrumble?
14:31 sri something like rails-rumble or node-knockout
14:31 sri http://railsrumble.com/
14:32 sri thats something that stays visible for a very long time
14:32 sri platforms will be forgotten a week later
14:33 Rhaen szabgab: !hej!
14:34 szabgab Rhaen: hi
14:34 Rhaen yes, we should have a mojo team!
14:34 szabgab sri: both he rails and the node look interesting and I'll read more about them later but IMHO the Plat Form is also important
14:35 szabgab if for nothing else so perl won't be missing from it
14:35 sri szabgab: not saying it's irrelevant of course
14:36 szabgab so let's see how we can get the teams for Plat Form and in the mantime I'll also see what can we do with the other contests
14:36 szabgab of course at the same time I'll need help in raising money
14:37 Rhaen but the last contest was very hard, hm?
14:37 Rhaen challenging - the SOAP stuff seemed to be a pain
14:37 sri the contest is rather out of touch with reality imo
14:37 sri but thats a whole different topic
14:38 Rhaen sri: stop opening cans of worms every 30 seconds please :)
14:38 sri offline web development contest alone is an oxymoron xD
14:38 sri :-x
14:41 sri but yes, i'm not very constructive here sorry :/
14:48 tempire_ Akron: m:l, mojolicious::lite
14:48 tempire_ left #mojo
14:52 sri marcus: you were right, retina display is amazing :o
14:52 Akron tempire_: Ahhhh ... ;) This web frame thingy ... okay.
14:57 a|newkirk[assoc] joined #mojo
15:12 Akron left #mojo
15:13 stephan49 is mojo able to play as ssl server on its own?
15:13 sri yes
15:13 stephan49 nice
15:14 Rhaen yes, indeed.
15:14 Rhaen uhm, sri?
15:14 Rhaen we don't have a list with deprecated methods, right?
15:16 sri nope
15:17 Rhaen I was looking into the win errors and I found something
15:17 Rhaen well...
15:17 sri most should be mentioned in changes though
15:17 Rhaen DISGUSTING!
15:17 Rhaen err :)
15:17 sri sounds like windows yes
15:17 sri :)
15:18 Rhaen no - we have some methods in Mojo::Client which will become deprecated soon
15:18 a|newkirk[assoc] is now known as alnewkirk
15:18 Rhaen like: receive_message which changes to on_message
15:18 Rhaen etc...
15:18 sri "will become:?
15:18 sri s/:/"/
15:18 Rhaen is that ok, that I'll rewrite the tests accordingly and send a pull req?
15:19 sri huh?
15:19 Rhaen huh!
15:19 Rhaen Ill gist it, hang on
15:19 sri all deprecated methods should be gone from tests
15:19 sri thats something i check very early
15:20 Rhaen oh really, I'll check it :)
15:20 Rhaen maybe my version was not the lastest and greatest
15:20 sri likely
15:20 sri those were deprecated quite a few versions ago though Oo
15:21 koban left #mojo
15:21 Christian cu all
15:21 * sri waves
15:22 Christian left #mojo
15:23 sri interesting, next operal will ship with popular js libraries precompiled
15:23 sri *-l
15:23 sri or actully, the last version they released :o
15:25 sri well, built in jquery was only a matter of time :)
15:26 Rhaen yep. That's an awesome access for the author
15:37 Rhaen sri: you are right, no old methods!
15:38 sri :)
15:38 Rhaen oh, and you nuked the label helper!
15:38 Rhaen (ok, it was experimental) :)
15:38 sri yea, experimental stuff is experimental ;p
15:38 Rhaen btw - one thing ...hm...which sometimes annoys me.
15:39 Rhaen I think we should have a documentation index inside the Mojolicious pod doc
15:39 sri label helper was rather stupid, more typing than the raw tag -.-
15:39 Rhaen hm, and some of the plugins are included automatically into Mojolicious::Lite
15:39 sri Rhaen: as in nuke Mojolicious::Guides?
15:39 Rhaen like DefaultHelpers
15:40 Rhaen oh.
15:40 sri and put the index in Mojolicious?
15:40 Rhaen hm, well - the Mojolicious thing does have some things included
15:40 sri "and some of the plugins are included automatically into Mojolicious::Lite"?
15:40 Rhaen haha :) wait
15:41 Rhaen one thing I would like to see is something like a documentation index.
15:42 sri got an example?
15:43 Rhaen So that Mojolicious mentions the plugins.
15:43 * sri doesn't follow
15:43 Rhaen on thing I noticed that I was browing the directories and looked into the pod documentation there
15:43 Rhaen Like: oh - wait, what's inside Mojolicious::Plugins
15:44 Rhaen hm, there is a TagHelpers.pm - so I looked into the pod documentation there
15:44 sri most plugins are activated by default anyway
15:44 sri and mentioned in the guides
15:44 Rhaen But I was exploring the Mojolicious distribution by hand using a filebrowser
15:44 Rhaen not by reading the manual pages
15:45 sri ok, then you decided to not follow the path
15:45 Rhaen and if you look into all the different presentations from the worksshops
15:45 sri i really need examples here
15:45 Rhaen everyone has slides which lists the different parts of Mojolicious
15:45 Rhaen k.
15:46 sri actually sounds like a perfect thing to start from the wiki :)
15:46 Rhaen yes :)
15:47 sri are you refering to the sharifulin slides showing all the parts of mojolicious?
15:47 Rhaen hm, and to marcus slides
15:47 sri something like a little overview
15:47 Rhaen yes. Maybe something like that.
15:47 sri one sentence pointers
15:47 sri mhm
15:48 sri i can see that fit in
15:48 sri with links to the actual modules, a one sentence description and a small example
15:48 Rhaen Like: we have 3 parts in Mojo: the client/server stuff which is located in the following pages: Mojo Mojo::Client Mojo::Ser.... , we have the Mojolicious framework.... and we have extensions, they are located in MojoX...
15:49 sri ye, Mojolicious.pm might be a goog place for such an overview
15:49 sri *good
15:49 Rhaen and as the user is downloading the module named Mojolicious he might expect to find it in Mojolicious.pm
15:49 sri agreed :)
15:50 Rhaen Let's start with it on the wiki, we can move it into the module when it's finished
15:51 sri Rhaen++
15:52 stephan49 client.pl daemon --listen https://*:5000:server.key.pem:server.crt.pem <- this should be correct or?
15:52 stephan49 according do deamon source
15:53 sri just for testing you don't need a key and cert
15:53 stephan49 i want to specify one...
15:53 sri we got built in ones
15:53 stephan49 :)
15:53 stephan49 i know
15:53 stephan49 but i need them for the client to be able to verify the server...
15:53 stephan49 :)
15:53 sri wasn't is ; instead of :?
15:54 sri *it
15:54 stephan49 jap
15:54 stephan49 or not
15:55 stephan49 no : is correct
15:56 stephan49 http://abc123.pastebin.com/jURAutXW i get on first request
16:01 stephan49 k i fucked up param order
16:03 stephan49 works#
16:03 stephan49 i had to write first cert then keys
16:03 stephan49 -s
16:04 Rhaen sri, what I like about the idea of an index page is that it would be a good clickable doc source for search.cpan.org
16:04 Rhaen it allows google or other search engines to spider, too
16:05 sri Rhaen: sure, it might also be useful for the next version of http://mojolicio.us ;)
16:05 Rhaen I think we don't have to include everything
16:05 Rhaen Mojo::Command is very important but not in this documentation
16:06 Rhaen if people want to explore everything, they'll do it anyway
16:06 sri it can also grow over time
16:06 sri users will complain if pointers are missing ;)
16:06 Rhaen true :)
16:07 achromic left #mojo
16:07 achromic joined #mojo
16:11 Rhaen but we do have some real rocking stuff inside mojo
16:11 Rhaen I wrote an experimental test suite for the company here
16:12 Rhaen which takes a yaml file with tests and uses Mojo::Test and Mojo::Client to test parts of our website
16:12 Rhaen like headers (mod_expires) or redirects
16:12 sri yea, about time we slow down a bit with the development and start showing people what we have
16:12 Rhaen awesome - it's working PLUS - it has TAP
16:13 Rhaen omfg!
16:13 Rhaen TAP!
16:14 Rhaen btw - a nice experiemnt
16:14 Rhaen I have a job starter (azubi) here at work
16:15 Rhaen we started to learn Perl by Monday
16:15 Rhaen like: what is a scalar, an array - conditionals, etc...
16:15 Rhaen on friday we had some mojolicious
16:15 Rhaen and it worked out for her
16:15 sri :)
16:15 Rhaen she was able to write her first CGI applications
16:16 Rhaen which parse logfiles and render the results in nice tables.
16:16 Rhaen cool!
16:16 Rhaen that's why I came across the documentation index :)
16:18 Rhaen because she wanted to get started somewhere
16:22 baton8 left #mojo
16:26 s0va joined #mojo
16:32 s0va hello!
16:32 * sri waves
16:32 s0va is there a possiblity to put normal filehandle to ioloop
16:33 s0va and read from it when it has some input available?
16:33 s0va something in a spirit of POE?
16:34 s0va i've been looking to showmetheshell code which does something like that, but code is too complex for me to understand...
16:34 sri what do you mean with "normal filehandle"?
16:34 sri as in a real file?
16:34 s0va i'd like to spawn external process and read it's output
16:34 s0va open() to process pipe uses filehandle
16:35 sri those pipes are blocking i think
16:35 s0va you can make them nonblocking.
16:35 s0va then you need some sort of io loop that will report when something is available to read.
16:36 sri that would be news to me
16:36 sri well, you can do $ioloop->connect(socket => $handle);
16:36 s0va $fd->blocking(0); see 2~http://search.cpan.org/~gba​rr/IO-1.25/lib/IO/Handle.pm
16:37 s0va how to read ?
16:37 sri just because it's there doesn't mean it works :)
16:37 s0va $ioloop->on_read( sub {} )?
16:37 sri $ioloop->connect(socket => $handle, on_read => sub {...});
16:37 s0va great!
16:38 s0va well, url handler which starts process must somehow "suspend" the request and finish it when all data has been read
16:39 s0va jetty has this
16:39 sri newer versions of mojolicious are suspended automatically until something is rendered
16:40 sri https://github.com/kraih/mojo/blob/m​aster/t/mojolicious/lite_app.t#L412
16:40 sri thats an example
16:40 s0va so, when data is read i just need to run ->render($stuff) and that's it...
16:41 s0va thanks
16:41 sri you just let the handler return and render with a callback later
16:41 sri same as async http client
16:42 s0va does Mojo::IOLoop->singleton() returns currently running IOloop used by mojo?
16:43 sri yes
16:44 s0va thanks alot!
17:15 sri Test
17:22 dotan left #mojo
17:24 spleenjack left #mojo
17:31 ysyrota left #mojo
17:36 esskar__ joined #mojo
17:37 s0va sri: i just created async external command execution with ioloop.
17:38 s0va sri: on_read always returns the whole output of command.
17:38 s0va sri: how big is io buffer size?
17:39 esskar_ left #mojo
17:39 esskar__ is now known as esskar_
17:39 Rhaen esskar_: !
17:49 esskar__ joined #mojo
17:51 s0va another question. my url handler sub now reads data from external spawned command async, but command execution time is 7 seconds.
17:51 sri s0va: right it tries to read *a lot*
17:51 s0va mojo server drops connection after 5 seconds
17:52 s0va therefore i don't get any reply.
17:52 sri set a higher timeout
17:52 kvorg left #mojo
17:52 sri it's the keep alive timeout
17:52 s0va aham
17:53 s0va on server script?
17:53 sri yes
17:53 esskar_ left #mojo
17:53 s0va ok
17:53 esskar__ is now known as esskar_
17:53 sri you said the server drops the connections
17:53 s0va it works! :)
17:54 s0va sri: btw pipes don't block the server! which is another good news.
17:54 sri interesting
17:55 s0va my $stdout = IO::Handle->new();
17:55 s0va eval { $pid = open3($stdin, $stdout, $stderr, $cmd) };
17:55 s0va then: $stdout->blocking(0);
17:56 s0va then: $ioloop->connect(socket => $stdout, on_read => sub {})
17:57 kvorg joined #mojo
17:57 sri hmm... maybe $ioloop->connect(handle => $stdout, on_read => sub {...}) would make it look less hackish
17:58 sri then again expecting something socket like might be more sensible
17:59 s0va i tried to use daemon_prefork to use blocking handler; few hours ago i saw that implementation was removed.
18:00 sri thats right
18:00 s0va that's why i needed to implement non-blocking implementation.
18:00 sri would be nice if you could write a small recipe for our wiki :)
18:04 s0va sri: no problem, i just need to finish it.
18:04 s0va right now is really, really ugly.
18:05 s0va sri: is there any way to get around of the following log message: Mojo::Server:57 [3030]: Waiting for delayed response, forgot to render or resume?
18:06 sri that one only showes up in debug mode
18:06 sri it's a reminder
18:07 s0va i thought that i need to return some special value from handler to acknowledge it that i'm doing something that lasts longer than handler's lifetime.
18:07 sri nope
18:08 GitHub155 joined #mojo
18:08 GitHub155 mojo: master Sebastian Riedel * 2e3f2b1 (3 files in 2 dirs): deprecated socket argument of Mojo::IOLoop::connect in favor of handle - http://bit.ly/9TVEnQ
18:08 GitHub155 left #mojo
18:09 sri handle looks better :)
18:09 s0va sri: heheh, it sure does :)
18:10 s0va sri: POE::Wheel::ReadWrite also uses "handle" (you can use socket or any other handle)
18:11 janus back... finally
18:12 janus had a good time with mojo though ;)
18:13 sri :)
18:13 sri s0va: you could also mix poe and mojo
18:14 s0va sri: ofcourse, but POE::Kernel->run() blocks :)
18:14 sri there is a lower level method call
18:15 s0va sri: it would be absolutely fucking awesome if ioloop would support basic functionality of POE/Anyevent.
18:15 s0va i see that there timers are already implemented...
18:15 s0va but in a very basic form...
18:16 s0va hm, most ppl use some sort of DBI to fetch data. Each and every dbi operation blocks.
18:16 sri $ioloop->on_tick(sub { POE::Kernel->run_one_timeslice })
18:17 sri that should be enough
18:17 s0va sri: huh!
18:17 s0va that's wicked!
18:17 sri most proper event loops have such a method ;)
18:18 s0va i'll try with this one...
18:19 sri i don't really want to compete with the common event loops, just provide basic functionality and the ability to coexist with other event loops
18:19 s0va good idea.
18:19 yko left #mojo
18:35 s0va sri: that POE idea with run_one_timeslice doesn't work...
18:35 s0va wait a minute :)
18:41 spleenjack joined #mojo
18:44 s0va fuck poe::wheel::run doesn't run stdout/stderr events under mojo.
18:44 s0va but sigchld event handler is invoked...
18:45 und3f[A] is now known as und3f
19:14 baton8 joined #mojo
19:16 snearch joined #mojo
19:40 forwardever sri: I think there is some potential to abuse tag_helpers, as values are read directly from params, I think it would be much better to read (validated) values from stash, e.g. stash(_form_fields) (_form_fields would be a hash ref)
19:44 sri forwardever: values are xml escaped
19:47 forwardever sri: you can put all kind of things into forms, it's not about getting control over html, but control over content displayed in form fields, there is potential for abuse I think
19:47 sri forwardever: be more specific
19:50 stephen left #mojo
19:51 stephen joined #mojo
19:52 forwardever in general: the web developer should get ability to get control what is displayed in form fields, this is not possible right now, as one can validate data, but validated data is ignored by the tag helper (e.g. one could publish advertising messages using any domain that works with mojo tag helpers, which would not appear in html directly, but in form fields)
19:54 sri forwardever: like http://www.google.de/#q=buy+beer!
19:55 forwardever ye, but there might be are more ugly use cases
19:55 sri forwardever: like?
19:55 sri hand waving won't convince me
19:55 forwardever like ##############
19:55 sri ?
20:00 forwardever let's say you filter offensive content, no way to make sure to also suppress that in forms...
20:01 sri if you are that pedantic, don't use tag helpers
20:02 sri not even google filters the query input field
20:02 sri i want to see an exploit
20:03 forwardever build links to mojo powered domains with content like "?name=Buy+viagra+now&first​_name=www.buyviagranow.org" and put that link in millions of emails!
20:04 sri i don't see it
20:04 sri whats the exploit?
20:04 sri you can do the same with google
20:05 forwardever getting my brand name or my domain name associated with content I'm not responsible for
20:06 sri like http://www.amazon.com/s/ref=nb_sb_noss?f​ield-keywords=http%3A%2F%2Fmojolicio.us
20:06 sri ?
20:06 sri thats bullshit
20:06 sri or http://www.amazon.com/s/ref=nb_sb_noss?fiel​d-keywords=http%3A%2F%2Fbuy-more-viagra.com
20:09 sri javascript injection would be an exploit, this is just the web :)
20:15 esskar_ left #mojo
20:16 forwardever google and amazon are free to build there services how ever they want (they have lot's of lawyers), but a framework should give it's users at least the ability to make things differently, I can understand that you build your web services this way, but I think people should get the opportunity to validate data before it is displayed in forms (at least, this is my view), it's not about being right
20:16 forwardever or wrong, it's about making it possible
20:16 DaTa http://www2.rbfh.de/f*ckyou omg, there is an offensive term in my error page! :)
20:19 janus also, nothing prevents you to check how and whatever you want - what do you expect? routes with type-safe lookup-tables for every parameter?
20:21 sri hehe
20:21 sri forwardever: feel free to release Mojolicious::Plugin::PedanticTagHelpers
20:23 sri the tag helpers are not the end all answer to everything
20:23 sri but a good starting point to get going quickly
20:27 forwardever it's not only offensive content, e.g. if it is possible to just click on a link and the "accept terms and conditions" is already checked, is that legally correct in all countries...?
20:32 sri then don't use the tag helper in that case
20:32 forwardever janus: also, one way of protection is that data is only put into forms if it is published via "post", so at least, people cannot be misleaded by just clicking on an email link (they have to submit a form at least or click on some kind of java script link), it doesnt has to be a genius filter
20:38 snearch left #mojo
20:46 perlrocks Twitter: "Just discovered MOJO_RELOAD, starting to enjoy #mojolicious. Would really love to see more high-level docs though (yes, I'm volunteering)" --walterheukels http://twitter.com/walterheu​kels/status/1737272139452416
20:46 janus erm... then react differently to post/get/whatever
20:47 janus mojo supports it of course
20:47 fhelmberger left #mojo
20:48 janus http://search.cpan.org/~kraih/Mojolicious-0.99993​6/lib/Mojolicious/Guides/Routing.pod#HTTP_Methods
20:48 forwardever janus: it's not possible with mojo tag helpers, the values are always read from params (see source), even if I explicitly pass a value param via the tag helper, this value will be overwritten (this is my whole point)
20:51 sri Rhaen: i like where you're going with the overview, but Mojo::Server is really not a highlight :)
20:51 sri i'd rather add the individual bindings
20:51 sri cgi, daemon, fastcgi...
20:52 forwardever janus: reading params directly is not the problem, preventing me to alternatively pass validated data is the problem (at least for me)
20:55 sri forwardever: you can change the state of ->req->param
20:56 forwardever sri: I would like to change the stash with validated data and let tag helpers look there first, not hack into the request object
20:57 sri not saying the api is good for that, just thats the point where you should start looking for improvements
20:57 sri i don't think copying all trash into the stash is a good solution
20:58 sri and you get the multi value problem again
20:58 perlrocks Twitter: "Perl. Mojolicious and Internal Server Error http://ff.im/tok0i" --sharifulin http://twitter.com/shariful​in/status/1740420019126272
20:59 forwardever validated data is not trash, but you're free to create a "trash" method and let tag helpers look there first :)
21:00 sri multi value problem
21:00 sri ?foo=bar&foo=baz
21:00 sri good luck making that pretty with the stash
21:00 forwardever sri: is the multi value problem relevant when it comes to input fields?
21:00 sri of course
21:01 sri scalar context enforces first value
21:01 sri if you switch with all param handling code to the stash you need a way to hande that gracefully too
21:03 forwardever what I mean is: when it comes to forms, why not take the first or last param in these cases, splitting over multiple form fields is impossible (?)
21:03 perlrocks Twitter: "Анатолий Шарифулин: Perl. Mojolicious and Internal Server Error http://ff.im/tokYO" --planetperlru http://twitter.com/planetper​lru/status/1741664351682561
21:03 sri i'm talking about consistency
21:04 sri you can't put the first value of everything into the stash just for tag helpers
21:04 forwardever not automatically, but manually...
21:05 * sri doesn't follow
21:06 sri anyway, having tag helpers grab random stash values is not an option
21:06 sri thats truly unpredictable
21:07 sri there is something already that might interest you though
21:08 sri $self->stash->{'mojo.captures'}
21:08 sri param uses it to access routes values
21:08 sri it overrides ->req->param
21:08 ltriant joined #mojo
21:10 forwardever what I meant: I could put validated values into the stash (lets say: stash(_form_fields => $form_field_hash) in my controller method manually,  (putting an underscore would limit namespace pollution), tag helpers could check whether such a stash value exists, otherwise just take the external params as usual
21:10 sri we have that already
21:10 sri mojo.captures does just that
21:10 sri for a different purpose, but it does the job
21:10 forwardever will have to check that, so I know what you mean
21:11 sri see param method of Mojolicious::Controller
21:11 sri or actually a base clas of it
21:11 sri MojoX::Dispatcher::Routes::Controller
21:13 sri now you could propose an extension of the ->param api
21:13 sri to allow $self->param(foo => 'bar')
21:13 alnewkirk left #mojo
21:13 sri which would set $self->stash->{'mojo.captures'}->{foo} = 'bar'
21:14 sri to formalize the whole thing
21:15 sri since mojo. stash values are internal
21:15 forwardever will think about it, need a short break
21:15 sri the whole topic could use a lot more research
21:30 * sri loves his new iphone 4 btw :)
21:36 s0va sri: i'm done with that async external command invocation stuff.
21:36 s0va sri: created pure mojo implementation using ioloop (works okay, but it is really ugly)
21:37 s0va sri: also created poe wheel run implementation, which does all i want, but it blocks entire server while processing...
21:37 s0va sri: should i paste my code somewhere?
21:37 sri raw ugly code is not so helpful :/
21:41 forwardever sri: another maybe off topic question: why Mojolicious::Controller inherits from (<<) MojoX::Dispatcher::Routes::Controller << MojoX::Session::Cookie::Controller << MojoX::Controller, I remember that this was one of the points where I gave up reading source half a year ago, is there a reason for doing it that way, or just historical reasons? would'nt it be better to just create one mojolicous
21:41 forwardever controller file and "mix MojoX Controller methods in" (via use)
21:42 s0va sri: https://gist.github.com/668320
21:44 s0va sri: https://gist.github.com/668326  <== POE implementation which blocks...
21:47 sri forwardever: clean separation is the reason
22:15 alnewkirk joined #mojo
22:15 s0va sri: when is on_error callback invoked?
22:16 daviddelikat left #mojo
22:16 s0va i'm asking becouse is never invoked in my code...
22:16 s0va only on_hup is invoked after timeout is reached on handle...
22:19 sri on errors ;p
22:29 s0va sri: i can't find a good way to determine eof or closed connection on filehandle
22:29 s0va maybe this works ok with sockets
22:29 s0va and not so well for normal filehandles.
22:30 sri i would expect a hup or error
22:31 daviddelikat joined #mojo
22:31 s0va well, hup is fired after $loop->connection_timeout($id_stderr, 15); connection timeout exceedes.
22:31 sri of course
22:32 s0va now i modified async_read() to set timer: if no data has been read in next 250msec, consider this as EOF.
22:33 sri we actually send a hup if we can detect eof
22:34 sri to my knowledge a return value of 0 is the only portable way
22:34 sri (from sysread)
22:34 stephen left #mojo
22:37 sri and we of course watch for hup/error events from poll/epoll/kqueue
22:37 stephen joined #mojo
22:38 sri s0va: don't think there is much more we can do
22:39 forwardever sri: think that param in MojoX::Dispatcher::Routes::Controller should not be touched at all, would just introduce a reserved stash value like mojo.validated (or similar) to allow validation plugins to work well with mojolicious tag helpers, param should still allow access to raw values (so there should be no hidden magic); when it comes to multiple values with same param name: one could shift
22:39 forwardever through these values, so in case that there are also multiple form fields with the same name, all the values would be included
22:40 sri adding new complexity is not really an option before 1.0
22:41 sri then we'll think about it later
22:50 flamey joined #mojo
22:54 flamey left #mojo
22:59 s0va sri: i've read somewhere that epoll doesn't work with normal filedescriptors...
23:00 s0va just with sockets; i don't know if that's true; however, i have io::epoll installed...
23:00 sri possible
23:03 arthas left #mojo
23:03 forwardever just checked out rails behaviour, seems like they do not allow setting form values via get (as shown in your previous amazon and google examples)
23:06 GitHub176 joined #mojo
23:06 GitHub176 mojo: master Sebastian Riedel * fae237d (4 files in 3 dirs): reverted previous deprecation - http://bit.ly/9pmK6P
23:06 GitHub176 left #mojo
23:06 sri i really don't want to support anything else than sockets ;p
23:06 Rhaen oh, hej sri
23:06 Rhaen I saw you tweaked the overview
23:07 Rhaen that's fine now :) - just include this in Mojolicious.pm
23:07 sri ye, think those are mostly the highlights
23:07 sri oh, i was expecting a small example or so for each
23:07 Rhaen as this might help people to read the right docs in the right way :)
23:09 perlrocks Twitter: "@walterheukels join us on the #mojo channel on irc.perl.org - check out the wiki, too http://bit.ly/mojowiki #mojolicious" --rabenfeder http://twitter.com/rabenfed​er/status/1773359658442752
23:10 perlrocks Twitter: "@walterheukels It would be great to have you there. Join the mailinglist for more information #mojolicious - join the revolution" --rabenfeder http://twitter.com/rabenfed​er/status/1773641108824065
23:16 forwardever sri: hoped for a clean solution in the core, will than have to subclass tag helpers and hope that i notice when changes are made in the main class :(
23:16 sri forwardever: just make your own tag helpers
23:17 sri the core ones are experimental
23:17 forwardever sri: speed of development (core ones are actually quite good)
23:18 sri if you subclass those it might end badly
23:18 Rhaen bed time for me - see you tomrrow
23:18 spleenjack left #mojo
23:19 forwardever creating my own tag helpers might also not be the best solution, as core tag helpers really go deep into internals and my own tag helpers would have to do the same if i want to get the same functionality
23:23 sri deep into internals?
23:23 sri i don't think so
23:23 sri they are very much stand alone
23:27 forwardever what I mean is that if there are internal changes (e.g.$c->param), it won't make a huge difference whether I subclass or write "my own tag helpers", subclassing in my case would just mean creating my own plugin that looks exactly like you tag helpers, but with the ability to read validated values in some way
23:28 forwardever so if I get you right, I should make a "copy" instead of subclassing ?
23:28 GitHub94 joined #mojo
23:28 GitHub94 mojo: master Sebastian Riedel * a209207 (3 files in 2 dirs): added important module overview to Mojolicious - http://bit.ly/bDeTCZ
23:28 GitHub94 left #mojo
23:30 sri forwardever: yes
23:30 sri tag helpers is a module i'm very unsure about
23:31 forwardever why?
23:31 sri because there is so much uncertain
23:31 sri so much that could be done with it
23:31 sri not many best practices
23:32 sri it really needs to grow over time
23:32 sri possibly get reinvented a few times
23:45 forwardever your policy regarding changing this plugin seems to be pretty conservative actually :) (at least when it comes to my suggestions)
23:53 sri to any suggestions actually ;p
23:53 sri i'm waiting for more actual user feedback
23:54 sri the whole module is more of a test for now
23:54 sri to see if there's a real need, and to see best practices emerge
23:59 GitHub139 joined #mojo
23:59 GitHub139 mojo: master Sebastian Riedel * 8309de1 (1 files in 1 dirs): more highlights - http://bit.ly/da9LAn
23:59 GitHub139 left #mojo

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary