The web in a box - a next generation web framework for the Perl programming language

IRC log for #mojo, 2015-04-21

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:15 jberger looking better? https://github.com/jberger/Mojo-JWT
00:22 Zoffix Docs look good...
00:24 Grinnz "DESCRIPTIION" :P
00:25 Zoffix SPAAACE!
01:30 klapperl_ joined #mojo
01:54 inokenty-w joined #mojo
02:05 noganex_ joined #mojo
02:33 jberger PIIIIIIGS IIIIINNNNN SPAAAAAACE
03:18 melo joined #mojo
04:05 irq joined #mojo
04:25 kaare joined #mojo
05:02 bpmedley joined #mojo
05:19 jberger joined #mojo
05:44 berov joined #mojo
06:16 bramirez joined #mojo
06:35 sri any opinions on this? https://github.com/kraih/minion/pull/10
06:38 hshong joined #mojo
06:42 sri also, as it turns out... i'm really terrible at hearthstone :S
06:57 misty_g3ar joined #mojo
07:08 eseyman joined #mojo
07:11 jb360 joined #mojo
07:13 trone joined #mojo
07:18 dod joined #mojo
07:21 dod joined #mojo
07:33 marcus sri: I fear the rematch :)
07:37 sri marcus: don't, i dropped down to rank 18 ;p
07:38 * marcus started biking to work this week. 45 km so far.
07:38 * sri tries to run 7k every day now
07:39 marcus nice goal
07:50 bramirez joined #mojo
08:00 bramirez Hi all! I'd like to use postgres 9.4 JSONB with DBIC. I'd like to filter according to inner json elements. For example, I'd like to say: SELECT * FROM my_table WHERE my_column#>>{a,b} = 'c' in order to get all rows where 'my_column' has sth like {'a':{'b':'c'}}. But, as long as I know, I cannot use that complex filter key my_column#>>{a,b} in DBIC. Any suggestions? Thanks!!
08:01 marcus bramirez: I suggest #dbix-class
08:03 bramirez Of course, sorry!!! I just wrote in the wrong window :-(
08:03 marcus =]
08:03 marcus np
08:04 bramirez thanks, bye
08:16 punter joined #mojo
08:19 camelo joined #mojo
08:21 Vandal joined #mojo
08:38 irq joined #mojo
08:49 bramirez joined #mojo
08:53 camelo hi
08:55 AndrewIsh joined #mojo
08:57 dotan joined #mojo
08:59 batman hi
08:59 purl hola, batman.
09:07 btyler hi mojoers. I've committed to giving a talk at next $local_mongers_meeting about mojo/mojo::pg. I was going to mostly make it a talk about delays (using mojo::pg queries as the async action in question)
09:07 btyler I wanted to ask about people who have taught delays -- what did you find was the right amount of material/depth for a room of mostly webdevs (mostly in sync context)
09:08 btyler or, conversely, if you've found that its better to steer clear of delays in a session under X minutes
09:08 gatitskiy joined #mojo
09:39 camelo if things take really long time it's better to use something like Minion
09:39 camelo ah
09:51 elik joined #mojo
10:09 batman btyler: tempire did a course during mojoconf 2014 where he covered delay()s, but it was a whole day.
10:10 batman btyler: i'm using Mojo::IOLoop->delay(sub { shift->begin }, ...) all the time. i think i would skip data, ioloop, remaining and pass.
10:11 batman but it all depends on how long you have. also remember to explain that the return() value doesn't matter in the steps.
10:11 batman people tend to think the return value is the argument to the next step.
10:11 batman also tell them why you want to use delay. (cooperative programming != threading != forking)
10:12 btyler batman: probably ~30 minutes or so. cool, thanks, good points
10:15 batman i think i would sort the delay method/attributes after importance: begin (without $offset), pass, data, wait, remaining, ioloop, steps
10:15 batman and i think i would just go for Mojo::IOLoop->delay() instaed of Mojo::IOLoop::Delay->new->steps(...) or whatever
10:16 btyler that's how I've used it, yeah
10:17 critter joined #mojo
10:17 batman maybe catch() can be useful. but if you're only teaching this in web-server context, then just keep to $c->delay(). that way, you don't have to talk about catch() and other stuff from Mojo::EventEmitter
10:19 btyler hm, I guess I'd be veering into deeper territory there, yeah
10:19 btyler but I do love ->catch
10:19 batman yeah, but 30 minutes... it's shorter than you think :)
10:19 btyler yes, for sure
10:19 purl like totally!
10:19 batman at least if the audience is used to blocking programming
10:22 btyler I think I'll be satisfied if I can get a "oh woah cool" moment with a mojo::pg or UA fan-out/fan-in
10:25 btyler without it being totally incomprehensible
10:38 bramirez joined #mojo
10:40 batman btyler: then say as little as possible. and probably a little less :)
10:48 riche joined #mojo
10:58 punter joined #mojo
11:09 bramirez joined #mojo
11:14 wingfold joined #mojo
11:18 riche sri: I don't know if you're watching, but Mojo is getting quite a number of "thumbs up" as the "Best Web Framework" in the Perl group discussion on LinkedIn.
11:21 bramirez joined #mojo
11:23 Lee someone links to a *4 year old* blog rant against mojo. honestly, some linkedin users think the world stands still...
11:26 riche Lee: yes, I sent him a PM saying that it's irrelevant due to the age of the post
11:26 riche of course... no response.
11:27 riche people dig google for info and just post it to get "visibility" ... one of the downfalls of the group.
11:28 Lee riche: i just made the same comment, but in public
11:28 Lee (because i suspect some linked in users may see the blog post and actually take it at face value)
11:30 riche yah I just didn't want to embarass him
11:31 Lee :)
11:31 jberger btyler: my mojoconf talk last year was mostly comprehensible and it was on nested delay usage
11:31 jberger you should be able to do delay in an hour
11:32 jberger key is good examples
11:32 jberger concrete and interesting
11:37 bramirez joined #mojo
11:38 batman btyler: don't do nested. delay is hard enough already. it's better to end the talk 20 minutes in and the add glitter on top, than going in deep and not being able to finish.
11:38 batman an exception is probably if the audience have done tons of nodejs, POE, AE or something similar...
11:39 jberger batman: correct, I was saying that if I can do nested delays in that time, he can do delays
11:41 sri riche: not paying much attention to linkedin i'm afraid
11:44 sri think my job title might still be set to supervillain
11:45 riche sri: it's just another channel, but a pretty high level one -- lighter (and way less technical, and perhaps sometimes bordering sophomoric) than perlmonks
11:45 riche and ... supervillain isn't exactly a winning job title on linkedin ;)
11:47 riche All: just want to say there's less than 12h left on Early Bird for Mojoconf 2015.  so goto http://mojoconf.com and get your ticket now before the price almost doubles.
11:49 riche Also ... if you're looking at the training, be aware there is Individual Sponsorship available that includes conference pass and training.
11:53 niczero joined #mojo
11:54 niczero "complete your profile and add other supervillains to your network"
11:56 kaare joined #mojo
12:03 sri yea, not many open positions for supervillains
12:03 neilhwatson joined #mojo
12:03 sri it's a very competitive field
12:04 punter joined #mojo
12:05 btyler batman & jberger: thanks -- yeah, I think I'll tend towards simpler and more glittery. nested delays sounds like an invitation to super smart audience members to start drilling me on minutia
12:11 niczero joined #mojo
12:14 kaare_ joined #mojo
12:14 jb360 joined #mojo
12:21 niczero joined #mojo
12:25 batman I'm really not sure if this is spam or not.... "I am trying to write a Perl script to get Nutrition Facts from Factual using Oauth2. I am having difficulty and am asking if you have an example script that I can adapt?"
12:26 batman really weird looking email and nutrition, factual, oauth2...? i don't get it :/
12:26 marcus batman: I got it too.
12:26 marcus batman: he's trying to fetch data from http://factual.com/
12:26 batman marcus: so the email is from a real person?
12:27 marcus batman: Pretty sure. - http://developer.factual.com/ mentions oauth
12:27 batman ok
12:27 Lee but it might be the "oauth" type of oauth :D
12:27 marcus lee: you mean oauth1?
12:27 Lee either that or their own version of the spec
12:28 Lee i don't see how the examples/docs for Plugin::OAuth2 could be any clearer
12:28 Lee so suspect it's something in the resource server that isn't quite as simple
12:29 marcus "n a 0-legged OAuth (sometimes called “1-legged”) transaction, your key and secret are used to “sign” your API request (in this case, using HMAC-SHA1) before sending it to Factual. No third party token/secret is involved."
12:29 marcus so "ouath"
12:29 Lee yep
12:30 bramirez joined #mojo
12:31 niczero joined #mojo
12:41 niczero joined #mojo
12:50 marcus batman: should I answer him then?
12:50 batman energy level low. cannot compute.
12:51 batman (i'm not going to respond)
12:51 marcus batman: I will answer Fraser Baker, so you don't need to.
12:51 batman marcus: thanks.
12:51 niczero joined #mojo
13:01 niczero joined #mojo
13:04 bramirez joined #mojo
13:07 gryphon joined #mojo
13:07 asarch joined #mojo
13:10 bramirez joined #mojo
13:24 bramirez joined #mojo
13:28 odin22 joined #mojo
14:47 theshane joined #mojo
14:57 theshane Hello all, I was wondering if someone could help me out with Helper best practice. Someone mentioned that in other Frameworks helpers or more for views. I like to use them for almost everything as ways of getting models into the app space for testing and access from controllers and plugins. Is this an expected use of Helpers or should I just be usi
14:57 theshane ng them in views?
15:00 jberger theshane: helpers are for shared functionality
15:00 theshane Great, that is what I was hoping to hear. Thanks!
15:00 jberger something that is useful in more than a single controller for example
15:01 Grinnz_ theshane: i keep functionality like that out of the templates, so i use helpers a lot but never in views personally
15:01 Grinnz_ theshane: nothing wrong with it at all.
15:01 riche joined #mojo
15:02 jberger note that nested helpers (those with a . in the name (ie some.name, which is called like $c->some->name) are not localized into views
15:02 riche jberger: for Mojo::JWT, why does sign_rsa create a new key based on secret, when secret itself can be a priv key?
15:03 jberger create a new key?
15:03 jberger I must not be following you
15:04 jberger fwiw I might be doing it wrong
15:04 jberger I cribbed a lot of stuff from https://metacpan.org/source/CLAIRVY/Acme-JWT-0.04/lib/Acme/JWT.pm#L135
15:04 riche let me read more of Crypt::OpenSSL::RSA
15:05 jberger riche: https://metacpan.org/pod/Crypt::OpenSSL::RSA#new_private_key
15:06 riche Basically I am getting this, and am trying to figure out why.
15:06 jberger I think if you read it as "new_from_private_key" it might make more sense to you
15:06 riche RSA.xs:178: OpenSSL error: bad base64 decode at /Users/rich/sources/jberger-Mojo-JWT/lib/Mojo/JWT.pm line 103, <DATA> line 2231.
15:07 amon joined #mojo
15:07 jberger hmmm, is it double encoding or decoding base64 somewhere
15:07 jberger ?
15:07 riche maybe
15:08 riche and the next line is only the size ... I would have screwed up on that too, I initially coded it as SHA256withRSA
15:09 jberger wait, are you calling the sign method directly?
15:10 * jberger goes to rename the variables
15:10 riche yes... I know it says it's for subclassing but I am seeing what the outcome is just running it
15:12 jberger the funny thing is that batman was arguing just yesterday that I shouldn't make those public and I said that perhaps he was right, but I could envision someone wanting to us a different library for example
15:13 buu joined #mojo
15:14 berov joined #mojo
15:15 riche_ joined #mojo
15:16 riche_ sometimes i just want to hurl a big ass brick at the network provider
15:17 jberger riche_: http://irclog.perlgeek.de/mojo/2015-04-21#i_10477868
15:17 riche_ jberger: I am looking at your test script now, perhaps I am just trying to make it more painful than it needs to be
15:18 riche I am doing all this funky Mojo::JSON to_json stuff... probably just being stupid
15:20 riche jberger: yeah I think batman is right ... perhaps enable 'size' attribute ... there's a narrow set of cases here i feel
15:20 riche it made me think I needed to do more than I have to
15:20 riche I was all ready and thinking I needed to subclass it to get it to work
15:22 sh4 joined #mojo
15:22 jberger the JWT header should define the size
15:22 jberger as part of the alg field
15:23 jberger the only security issues (that I have seen) are preventing "none" alg unless specifically requested
15:23 riche okay ... so why is $type there?
15:23 sh4 joined #mojo
15:23 jberger and preventing spoofing a public key as a symmetric key
15:23 jberger well, I have since renamed the variable :-)
15:24 jberger but it is there because I need to pass the size to those methods
15:24 riche sitting on the bleeding edge... makes my ass hurt ;)
15:24 jberger and you don't need to worry about them since they are essentially private methods
15:25 jberger setting the algorithm attribute is all you should have to do
15:25 riche so ... ->encode basically gives me everything I need to send over?
15:25 jberger yeah
15:25 riche gheesh that's too easy ... I guess that should be the first line in the description :)
15:26 jberger well you definitely have me thinking of making the sign_ and verify_ methods private
15:26 riche yah I was fricken going rambo on it
15:27 riche sorry ... maybe too 80s
15:27 jberger I wonder if I can make them private with an _ and still document them in a second section, perhaps =head1 SUBCLASSING INTERFACE
15:27 riche I don't see a problem with that, and perhaps mention when subclassing may be necessary
15:28 riche let me get further with this
15:28 jberger k
15:28 riche gheesh massive M-x comment-region
15:28 jberger some of the JWT libraries have an elaborate plugin system for adding algorithms
15:29 jberger I'm thinking that I would rather just provide a simple overloadable api
15:29 jberger and accept patches for new algorithms like the EC ones
15:30 jberger s/EC/ES/
15:30 jberger well either I guess :-P
15:42 riche hah funny:
15:43 riche <p>Your client has issued a malformed or illegal request.  <ins>That’s all we know.</ins>
15:43 riche or ... "That's all we're going to tell you" ...
15:45 jberger that's from google?
15:45 Grinnz_ bad request errors are almost always incredibly vague, unfortunately...
15:45 riche that is from google, yes
15:45 Grinnz_ the only API i work with that gives you reasons for bad request errors is the Authy api
15:45 jberger jwt.io only has verification for HS256, so I had to trust that RSA works if it round-trips, which it does
15:46 sh4 joined #mojo
15:47 riche I am just getting a 400, there is just something stupid I'm missing because the header stuff for jwt looks okay
15:51 nicomen /win 74
15:51 jberger http://kjur.github.io/jsjws/tool_jwt.html
15:51 jberger seems to generate sufficient examples
15:51 jberger I might bake a few of them into tests
15:56 riche jberger: there is definitely something wrong ... with the ->encode output to be used
15:56 riche at  least, in the way I'm using it
15:57 riche the format to send to google is <header>.<payload>.<signature>
15:57 riche of course, each "field" base64 encoded
15:58 riche i didn't see the dots in there in the beginning, so I thought it was just base64 encoding the claims part
15:59 riche so i started doing funky stuff like base64 encoding the to_json of the ->header and ->claims outputs
15:59 riche maybe i should try that just for kicks
15:59 riche give me a couple
16:00 jberger wut? no dots?
16:00 jberger wat
16:00 jberger PURL
16:00 purl jberger?
16:00 jberger WAT
16:00 * jberger gives up
16:01 riche shit i am blind
16:01 riche i need to get lunch or something
16:01 jberger I just built an RSA token and verified it on the site I linked before
16:01 jberger and verified one that it built on my system too
16:02 riche yah I am just missing it
16:02 jberger riche: can you make a pastie? or even email me something privately?
16:04 riche i think it's just a problem with how I'm configuring access to resources.  let me make sure i get that all cleared up
16:04 jberger http://pastie.org/10105808
16:04 jberger which uses the keys from http://kjur.github.io/jsjws/tool_jwt.html
16:06 riche I think I see the problem
16:06 riche it's on my end
16:19 disputin joined #mojo
16:27 disputin joined #mojo
16:44 sri nobody else with bigger numbers of minion jobs yet? https://github.com/kraih/minion/pull/10
16:45 marcus sri: not a minion user, but that index seems sensible to me.
16:49 Onigiri minion sounds useful, but I have no clue how to actually use it
16:49 riche jberger: I found the problem, it is with the posted data... i am pre-url_encode-ing the grant_type, and then the post is encoding it again.  but when I don't encode it, the post doesn't encode it at all
16:49 riche sigh
16:52 disputin joined #mojo
16:52 icjs joined #mojo
16:53 icjs hi guys, so using Mojo::DOM - it's converting &pound; to \x{a3} - can i prevent this?
16:59 Oleg joined #mojo
17:07 riche yeah, the root cause is google requiring urlencoded post data, but the character is actually a 3986 reserved delimiter so it doesn't get escaped
17:08 riche and if I escape it, then ->post escapes the escape, blowing up everything
17:09 riche sri: is there a way to "turn off" url encoding, expecting it's done manually?
17:10 riche i.e. not escape form data in this call:  $ua->post($token_request_url => $headers => form => { grant_type => $grant_type, assertion => $jwt_enc } )->res;
17:13 jberger riche: you are url_encoding what?
17:14 jberger is that a part of the JWT?
17:14 riche no google shit
17:14 berov joined #mojo
17:15 riche see "making the access token request" https://developers.google.com/identity/protocols/OAuth2ServiceAccount#authorizingrequests
17:15 riche notice the value for grant_type is encoded ... %3A is colon
17:17 riche so of course keeping the colons there makes the bad request which I've been getting
17:17 riche but ... doing the escape earlier causes the escape to be escaped in the ->post call
17:18 riche so ... somehow would like to "turn off" the escaping
17:18 jberger is colon a something that needs escaping?
17:19 Grinnz_ when part of a url value, i believe so
17:19 riche yes, because it is a delimiter ... rfc 3986 as mentioned earlier
17:20 riche google should have never made it a field separator in the first place
17:21 riche but it's unlikely to ever change because their oauth 2.0 api has been out for some time now
17:22 riche so... need something to happen ... I never had to "build my own transaction" with Mojo::UserAgent ... do you think it's do-able going down that path?
17:23 Grinnz_ you would have to sidestep the form generator essentially, which means doing a few things manually
17:24 Grinnz_ you can still use $ua->post but you'd just pass the raw content
17:24 Grinnz_ https://metacpan.org/source/SRI/Mojolicious-6.08/lib/Mojo/UserAgent/Transactor.pm#L152
17:24 Grinnz_ there is the form generator for reference
17:24 riche is it possible to add a character to encode?
17:26 Grinnz_ it appears to be Mojo::Parameters that does the url escaping
17:26 Grinnz_ https://metacpan.org/source/Mojo::Parameters#L151
17:27 riche wtf colon is in there
17:28 jberger Grinnz_: I was just getting there too
17:29 jberger I find it hard to believe that & shouldn't be encoded
17:30 Grinnz_ jberger: it is encoded for the pairs part
17:30 Grinnz_ that first one is only for a string
17:30 jberger ha
17:30 jberger ah
17:31 Grinnz_ i'm not sure of all the ways this is used so i won't speculate further ;)
17:31 Grinnz_ but if there's a spec that can be linked showing : should be escaped i'm sure it would be considered
17:32 jberger I'm amazed that google can't handle it when it is not escaped
17:32 jberger maybe I don't know what I'm talking about either
17:32 riche jberger: it has to be escaped, it's form data
17:33 riche and : is invalid as non separator
17:33 riche section 2.2, http://tools.ietf.org/html/rfc3986#page-14
17:34 riche "must be encoded"
17:42 jonasbn joined #mojo
17:47 jberger well, I'm seeing plenty of de-facto "may" laying around, but perhaps its time to ping sri
17:47 sri no time to participate
17:47 guru joined #mojo
17:48 sri look at that, mojolicious is moving up in the world :) https://www.techempower.com/benchmarks/#section=data-r10
17:49 sri jberger++ # looks like the optimizations are paying off
17:49 jberger yeah, though it looks like more optimization is possible
17:49 Grinnz_ that looks like a test that would benefit from Mojo::JSON::MaybeXS :P
17:50 sri i also wonder if the many core changes in 5.x had something to do with the rps jump
17:51 jberger I'm using 6.02 in there btw: https://github.com/TechEmpower/FrameworkBenchmarks/blob/master/frameworks/Perl/mojolicious/cpanfile.snapshot#L148
17:51 sri postgres++ # important change too
17:51 jberger for example, is flask really that much faster than us?
17:53 Grinnz_ heheh... hhvm -> did not complete
17:53 Grinnz_ wonder what that's about
17:53 sri at single query flask is slower ;p
17:54 riche can someone look at this pls, I was playing around with url_escape ... I think the first char in the regex needs to be escaped https://gist.github.com/rpcme/4155b67a516732909a9f
17:55 riche this is why it's not being encoded it seems
17:55 kaare_ joined #mojo
17:55 riche when I change the regex, everything gets encoded
17:55 genio / should be \/
17:56 Grinnz_ riche: it's supposed to be a character set, the ^ means those characters are not encoded
17:56 Grinnz_ at least that's my assumption
17:56 AndrewIsh joined #mojo
17:57 Grinnz_ thta is indeed how it's used, but for some reason metacpan's source is not showing me line numbers to link anymore
17:57 riche nevermind
17:57 purl Well piss off then, riche
17:57 genio aaaand, $\ is a variable
17:57 Grinnz_ yep
17:57 Grinnz_ lol
17:58 riche but sec 2.2 does say those need to be escaped
17:58 Grinnz_ which?
17:58 purl i guess which is certainly not ideal
17:58 jberger $\ isn't there
17:58 genio if you're using / as your delimiter, you have to escape /
17:58 purl Hmm.  No matches for that, genio.
17:58 jberger its a single quoted string first of all
17:58 jberger the \ in there is to escape the '
17:59 Grinnz_ you dont have to escape delimiters inside interpolated variables, that's a parser problem
17:59 jberger and inside of a character class / isn't a delimiter
17:59 Grinnz_ well, it can be
17:59 Grinnz_ but not in this case :P
17:59 genio ah, yea.  ignore me.  I'm not being very smart right now
18:00 riche okay I get it now
18:00 riche so, can we say that the chars in that regex that are defined in sec 2.2, need to be removed from this regex?
18:01 jberger I think it merits formal discussion at least, why don't you make a quick PR with relevant documentation (and making sure the tests pass)
18:01 riche because removing the colon does exactly what I need
18:05 sri if the right spec sections are linked i might be able to take a look at the PR too
18:06 sri otherwise, it may take some time
18:06 riche http://tools.ietf.org/html/rfc3986#section-2.2
18:06 sri ideally with the appropriate sections quoted :)
18:07 gatitskiy joined #mojo
18:07 riche yah the grammar at the top of page 12 is pretty clear
18:08 riche anyway, i hate this to be my first pull request ever
18:08 * sri has merged the minion PR
18:09 sri if anyone here wants more indexes, now is the time to speak up!
18:09 sri adding it is really smooth with the migration though, i like it
18:17 trone joined #mojo
18:18 dod joined #mojo
18:18 claudio joined #mojo
18:39 batman i wonder if swagger2 was listed here by cpan_mojo before i rewrote the code...
18:39 batman jberger: can you remember if the dist had to start with ^mojo...?
18:40 jberger my pattern was just /Mojo/ or any dependency named /Mojo/
18:41 jberger batman: https://github.com/jberger/Mojo-FriendFeed/blob/master/ex/mojo.conf#L8-L9
18:41 jberger so deps had to be /Mojolicious/
18:41 batman ok
18:45 jberger I'm not sure that that distinction matters too much
18:47 riche okay i did the pull request
18:51 sri for the record, browsers do not escape
18:51 sri GET /?A-Za-z0-9\-._~!$\%27()*,:@/? HTTP/1.1
18:51 sri is what i got for http://127.0.0.1:3000/?A-Za-z0-9\-._~!$\%27()*,:@/?
18:52 sri at the very least there's more research to be done
18:52 sri i can't look much further, but the PR seems incomplete
18:53 Grinnz jberger, various modules depend on Mojo::XYZ instead of Mojolicious, so it would miss those
18:54 riche sri: how are you getting that?  Parameters,pm deals only with parameters, right
18:55 Grinnz it would be interesting to see what jquery GET and especially POST do
18:57 sri chrome sends this for a POST
18:57 sri foo=A-Za-z0-9%5C-._%7E%21%24%5C%2527%28%29*%2C%3A%40%2F%3F
18:58 sri if i enter "A-Za-z0-9\-._~!$\%27()*,:@/?" into a text field
18:58 Grinnz i think it took the backslash as a literal
19:00 riche they dont escape the * due to their calculator shit
19:00 riche same with +
19:00 Grinnz + has to be, otherwise it would decode to a space
19:00 sri for a GET form it results in
19:00 sri GET /?foo=A-Za-z0-9%5C-._%7E%21%24%5C%2527%28%29*%2C%3A%40%2F%3F HTTP/1.1
19:01 riche in chrome, type 5+10 into address bar
19:01 sri so, the verbatim value is preserved in the url bar, but stuff is encoded in forms
19:01 riche it gets escaped tho.. who
19:01 riche whoa
19:01 Grinnz of course it does
19:01 riche totally inconsistent
19:01 Grinnz the encoding of the URL it sends is irrelevant for the calculator function
19:02 Grinnz it gets decoded before it even gets there
19:03 Grinnz it looks like for some reason * is the only character listed on that RFC that isn't getting encoded
19:04 Grinnz oops, also %27 in your input is supposed to be ' :P
19:04 riche shrug ... if you guys think the browser has more authority than the rfc, I can add it back in
19:05 Grinnz its not about authority, just what everything supports, should probably check other sources
19:05 sri i wouldn't be surprised if there were differences between browsers too
19:05 riche safari and firefox seem the same
19:05 sri real world > rfc > making shit up
19:06 riche except firefox not encode +
19:06 jberger I'm just surprised that Google's api is being so anal about accepting only the percent encoded form
19:07 jberger I'm the query I still don't think there is any ambiguity
19:07 jberger in
19:15 asarch One stupid question, in the MVC pattern design, what roles does the web sever play? Mojolicious can actually use any PSGI-compliant server, right?
19:16 Grinnz yes... the server is just what receives requests and then hands off to the controller
19:16 Grinnz it's not really in the MVC part
19:17 Grinnz it could also be considered a container for the whole process
19:17 Grinnz for PSGI: https://metacpan.org/pod/distribution/Mojolicious/lib/Mojolicious/Guides/Cookbook.pod#PSGI-Plack
19:18 asarch I thought that actually the controller was the web server
19:18 asarch Thank you Grinnz
19:18 asarch Thank you very much :-)
19:19 jberger asarch: just be aware that the plack servers don't support the mojolicious ioloop
19:19 Grinnz thats why reverse proxy to hypnotoad is usually the more useful solution
19:20 asarch So, we could say that, somehow, Mojolicious is actually not a PSGI-compliant framework?
19:21 Grinnz no, it works, you just can't do async stuff i think
19:21 Grinnz anything that depends on the mojo ioloop running
19:22 sri it is very much compliant, psgi just doesn't do all the async things
19:23 asarch Thank you guys
19:23 asarch Thank you very much :-)
19:27 asarch I just was wondering about it because in the Python world I've seen a lot of web servers (and they "hate" the TIMTOWTDI of Perl) and not so many in Perl (mojo, morbo, hypnotoad)
19:29 asarch There is one called Waitress
19:32 asarch Anyway, thank you very much and see you later :-)
19:37 riche okay // my work is blocked (or I will have to exec to curl) until I get a go/no-go on this encoding thing.  be back later.
19:38 jberger riche: you could build the query string yourself and set the request body
19:39 jberger not pretty, but better than system calling to curl
20:03 sri wouldn't Mojo::Parameters actually work like browsers do already with the patch from riche?
20:04 sri riche has already made Mojo::Parameters inconsistent
20:04 sri just like browsers
20:04 sri there's key/value pairs and a raw query string
20:05 sri key/value pairs would get more chars encoded, while the query string keeps more verbatim
20:05 sri that part is not at all mentioned in the PR
20:08 sri someone should look into that
20:09 sri in fact, i think both open pull requests will be community decisions, no votes in favor means rejection
20:10 jberger the fact that google's api will not accept a request with the behavior as-is is my biggest reason to vote in favor
20:11 Grinnz i'm trying to set up a test for jquery, but how do i retrieve the raw query string from the request URL?
20:11 Grinnz without being parsed by Mojo::URL
20:12 sri right now, i think i'd have to vote -1, because the reasoning is too weak
20:13 sri better keep what has worked for many years than to risk a lot of breakage for a change that hasn't been properly researched
20:13 sri the rfc is just not enough
20:14 sri odds are it is the right change, but the risk seems too high for me
20:15 Grinnz http://grinnz.com:3000/ POST is working, but i don't know how to check GET :P
20:15 sri at the very least the browser incosnistency needs to be explained, for future reference
20:15 sri (in the issue)
20:16 Grinnz A-Za-z0-9-._~!%24%5C'()*%2C%3A%40%2F%3F
20:16 Grinnz is what i get
20:16 Grinnz from query POST in chrome
20:16 Grinnz jquery *
20:16 sri also for GET
20:16 sri just not when you enter it into the location bar
20:16 sri then it stays verbatim
20:17 Grinnz more inconsistency, what you posted earlier encoded the parentheses and ~ and !
20:18 Grinnz not sure about ' as that was escaped
20:24 GabrielVieira joined #mojo
20:34 vmbrasseur joined #mojo
20:48 vmb joined #mojo
20:50 Grinnz well, i'm not sure if it's representative but if i get the query string from $c->req->url->query, all the same things are encoded as in the POST except ' is also encoded
20:59 mishantil Berlin is a really nice city. Highly recommend it if any of you are planning on traveling in Europe.
21:01 sri it is, but Hamburg is more fun imo
21:01 mishantil Never been in Hamburg. What would you recommend for fun there?
21:02 marcus hookers and blow
21:02 marcus #scnr
21:02 mishantil marcus: Oh, you rebel.
21:02 marcus oh sorry, I meant blackjack of course. hookers and blackjack
21:03 sri he's not wrong, every tourist needs to see the Reeperbahn
21:03 mishantil Looks like a place for trafficking.
21:04 marcus and the casinos http://www.spielbank-hamburg.de/
21:05 mishantil I'll keep that in mind for the next trip.
21:05 Grinnz huh. render(text => 'blah') renders it as text/html not text/plain?
21:05 marcus mishantil: I guess if you want more innocent fun you can go to the BMW museum
21:05 marcus or neuschwanstein
21:07 marcus but really https://www.youtube.com/watch?v=BGi6Q1pNbS0
21:08 mishantil marcus: It does not need to be innocent. :) Thanks for the tips.
21:08 marcus mishantil: there are some decent breweries around too.
21:09 sri hamburg harbor is quite great
21:11 sri this is very hamburg http://www.iasi-germany.org/tl_files/images/Conference/HH1.jpg
21:13 sri or this http://greatlost.com/wp/wp-content/uploads/2014/03/Hamburg.jpg
21:14 jberger die sündigste Meile ?
21:15 mishantil sri: "Give me all the HDRs!"? :)
21:15 jberger THAT'S NOT METRIC!!!!
21:15 mishantil But yeah, looks like a pretty city.
21:16 mishantil One of the reasons I have come to love Berlin is the coffee. There are some fantastic specialty coffee shops around here.
21:16 mishantil Also, the people are very relaxed.
21:16 sri jberger: we are not savages... we use Meile as a figure of speech, not a measuring unit ;p
21:18 jberger clearly a mile is 880 fathoms, a fathom is 2 yards, a yard is 3 feet, a foot is 12 inches
21:18 jberger what is uncivilized about that?!
21:19 jberger (also, I had to look up fathoms)
21:20 jberger ah I missed a few
21:20 jberger a mile is 8 furlongs
21:20 riche sri: is the browser the only criteria?  If I know the criteria I have no problem going and making the point, but I don't want to spend a lot of time and have another pushback i was unaware of before
21:20 jberger a furlong is 110 fathoms
21:20 sri riche: you tell me :)
21:21 sri that's the point, i don't know, browser just happens to be what i check first
21:21 riche man all I know is the google documentation is pretty basic, its supported in many languages, and I can't get there
21:21 sri well, getting these things right is hard
21:21 jberger riche: when I was on a sailboat racing team, if one of the crew wanted to call a risky maneuver you had to hold up your credit card. I think that is what sri means
21:22 sri if we change it, i'd really like to get ot right this time
21:23 riche fair enough
21:23 riche sorry guys, I won't get to MCT tonight
21:23 sri my list of things to check is usually, a) RFCs, b) whatwg specs, c) browsers, d) w3c specs, e) stack overflow, f) google
21:23 jberger I can't believe I missed "chains" http://upload.wikimedia.org/wikipedia/commons/thumb/e/eb/English_length_units_graph.svg/605px-English_length_units_graph.svg.png
21:23 sri g) chrome and mozilla issue trackers
21:24 riche stack overflow?  omg that's like making decisions by reading the NY Post
21:24 riche alright ... i will go and do it
21:24 sri stack overflow is often wrong, but it gives you pointers
21:25 sri often links to issue trackers
21:26 sri at the end of the day, none of them is truly authoritative, what matters is what people have deployed in the real world
21:26 sri so browsers are king
21:26 sri as long as issue trackers and future whatwg specs don't disagree
21:27 sri researching this stuff is really hard
21:27 sri because you are guaranteed to find contradicting answers
21:28 sri ietf and w3c are idealistic, whatwg just writes up what people have implemented
21:31 sri riche: i do realize you want a quick solution, but we need to make sure it is the right one
21:32 riche i got it you have valid points.  perhaps we can get these requirements better outlined in Mojolicious::Guides::Contributing
21:32 riche I am getting started on it now
21:32 riche I have to get this done
21:38 Adura joined #mojo
21:39 allison joined #mojo
21:41 LordVorp joined #mojo
21:44 Adura joined #mojo
22:06 jberger now we wait for cpan_mojo
22:07 jberger on metacpan recent
22:07 * Zoffix drums fingers
22:08 Zoffix The suspense is killing me!!
22:08 jberger on @cpan_new
22:11 jberger I wonder if there is a faster endpoint that it could query
22:12 jberger clearly it is on recent, but hasn't been indexed yet since this doesn't work: https://metacpan.org/release/Mojo-JWT
22:12 GabrielVieira riche: ping1
22:12 jberger I'm guessing cpan_mojo gets it right after that link works
22:12 Zoffix GumpyPAN already announced it :P
22:13 Zoffix And this link works: https://metacpan.org/release/JBERGER/Mojo-JWT-0.01
22:17 jberger man, being beaten by GumbyPAN is embarrassing
22:18 Zoffix :P
22:20 pink_mist starting to wonder if something is wrong with cpan_mojo :P
22:22 marty_ joined #mojo
22:23 jberger pink_mist: not yet, this is still empty: https://metacpan.org/pod/Mojo::JWT
22:23 jberger that means metacpan still hasn't indexed it
22:24 pink_mist oh I see
22:25 jberger this delay is why the old cpan_mojo used dependencies from the previous version (ie. the dependencies that were available at the time of the release)
22:30 vmbrasseur joined #mojo
22:31 Grinnz http://grinnz.com:3000 anyone have browsers other than chrome they want to try this string on? A-Za-z0-9-._~!$'()*,:@/?
22:32 Grinnz ref: https://github.com/kraih/mojo/pull/786
22:32 riche sri: for form encoding, do you care more for html4 or html5
22:32 jberger even the api "equilvalent" of recent doesn't have it yet: http://api.metacpan.org/v0/release/_search?q=status:latest&amp;fields=name,status,date&amp;sort=date:desc&amp;size=100
22:33 riche html5 is obviously much more complicated
22:33 riche with all the unicode stuff
22:33 jberger only care about html5
22:34 riche you know the current implementation is not even close to it
22:34 cpan_mojo Mojo-JWT-0.01 by JBERGER https://metacpan.org/release/JBERGER/Mojo-JWT-0.01
22:34 jberger \o/
22:35 riche cool cpanification ... well, sorry, i can't use it yet because i'm stuck writing a specification to get form encoding to work
22:35 jberger I wonder if metacpan indexes in batches
22:36 sri riche: i bet it's partially even intentionally not spec compliant, we only care about html5 though
22:37 * Grinnz just learned 5 minutes ago that you can set formmethod on a submit button
22:40 riche sri, yah point 5 here: http://www.w3.org/TR/2014/REC-html5-20141028/forms.html#url-encoded-form-data
22:41 riche 0x3A is not excepted, so it gets encoded
22:41 riche I will list the rules, and comp them against browser and api
22:41 riche sighs
22:41 riche sorry, point 4 subpoint 5
22:48 sri that seems reasonable
22:49 sri if at least two core devs agree, i think i'm ok with that description
22:51 riche the URI property encoding is a separate issue
22:51 sri there are still the inconcistsnecies Grinnz found though
22:52 riche I think the URI property encoding was virtually OK, but the form encoding wasn't
22:53 riche I do think examples should still be done ... at least get the trace from a few major browsers
22:54 sri seems reasonable
22:54 riche Grinnz: are you still tinkering on this?
22:54 bowtie joined #mojo
22:54 Grinnz no, why?
22:55 riche shrug I thought maybe you were because you were working with form
22:55 riche s'ok
22:55 Grinnz yeah i added form submits
23:04 bowtie joined #mojo
23:14 bowtie joined #mojo
23:18 riche sighs I think I've had enough for the day.  sri: I will be up early in the morning to close this off
23:26 jberger hahahahaha http://tholman.com/elevator.js/
23:27 Grinnz lol
23:28 bowtie joined #mojo
23:40 bowtie joined #mojo
23:51 bowtie joined #mojo

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary