The web in a box - a next generation web framework for the Perl programming language

IRC log for #mojo, 2015-09-10

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:38 good_news_everyon joined #mojo
00:38 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vZWzC
00:38 good_news_everyon mojo/master 8b5df65 Sebastian Riedel: the leading dot can be removed earlier
00:38 good_news_everyon left #mojo
00:40 sri better copypasta
00:41 sri $ua->cookie_jar->ignore(sub { ($ps->public_suffix(shift->domain))[0] eq '' });
00:49 good_news_everyon joined #mojo
00:49 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vZW2A
00:49 good_news_everyon mojo/master 3528588 Sebastian Riedel: use a slightly more verbose example
00:49 good_news_everyon left #mojo
00:49 sri and that should actually work reasonably well
01:37 mattastrophe joined #mojo
01:37 mattastrophe_ joined #mojo
01:48 kaare joined #mojo
01:55 jberger sri: looks good
02:23 meshl joined #mojo
02:48 mattastrophe joined #mojo
02:49 mattastrophe_ joined #mojo
02:59 noganex joined #mojo
03:32 jb360 joined #mojo
03:59 irqq joined #mojo
04:23 Vandal joined #mojo
04:30 inokenty-w joined #mojo
05:25 deserted joined #mojo
05:27 deserted hey all quick question, just wanting to confirm something. I'm working on an upstart script for some mojo apps,  from looking at https://github.com/kraih/mojo/blob/master/lib/Mojo/Server/Hypnotoad.pm it appears Hypnotoad will double fork (daemonize) - is this correct? or is the prefork creating a third instance of fork (ie fork at prefork, then double-fork at daemonize)
05:29 deserted trying to determine the correct value for expect in upstart
05:46 dod joined #mojo
05:51 dod joined #mojo
07:03 trone joined #mojo
07:05 CandyAngel I just happened to look at a bit of the cookbook and saw how I can add cookies to every request :P
07:06 CandyAngel (which I wasn't looking for specifically)
07:13 eseyman joined #mojo
07:21 bpmedley deserted: Did you find a suitable upstart file format?
07:52 melo1 joined #mojo
08:09 trone joined #mojo
08:18 McA joined #mojo
08:18 refj joined #mojo
08:27 jontaylor joined #mojo
08:28 deserted bpmedley, I ended up just calling a bash script for start and stop, and using -f on hypnotoad to avoid the forking, works well
08:28 deserted will update the wiki page later, heading home now
08:29 bpmedley deserted: I can show you my upstart config file for daemon, if you want
08:29 deserted_ joined #mojo
08:30 deserted_ bpmedley, that would be great, gotta run out of the office now though so will hit you up later :)
08:31 berov joined #mojo
08:33 oliver joined #mojo
08:36 vanHoesel playing with Mojolicious::Plugins::Cache - I ended up in some weirdiness in a not well maintained module
08:36 vanHoesel The plugin sets:
08:36 vanHoesel $c->res->code( $data->{code} );
08:36 vanHoesel $c->res->headers( $data->{headers} );
08:36 vanHoesel $c->res->body( $data->{body} );
08:36 vanHoesel but then indefinitaly starts waiting, because that is how Mojolicious has been designed:
08:36 vanHoesel [debug] Nothing has been rendered, expecting delayed response
08:36 vanHoesel [debug] Inactivity timeout
08:36 vanHoesel Q: How do I make send off the response?
08:38 memowe joined #mojo
08:44 batman vanHoesel: maybe this code can be helpful? https://github.com/mojoconf/MCT/blob/master/lib/MCT/Plugin/ACT.pm#L61
08:44 vanHoesel just read on that, going through ALL the documentation, specifacally about rendering - lets try
08:46 bpmedley vanHoesel: Do you have a smallish example Mojolicious::Lite script?
08:46 vanHoesel it did the trick indeed
08:46 vanHoesel very smallish….
08:48 vanHoesel http://pastebin.com/J1AUMvKt
08:48 Repaster Repasted text from vanHoesel: http://fpaste.org/265545/74924144/
08:59 vanHoesel So…. how did that work out, running the Mojo Conf on top off Act ?
09:05 oliver left #mojo
09:08 bpmedley vanHoesel: The plugin's tests fail for me.  Is it an older plugin?
09:12 marty joined #mojo
09:24 vanHoesel Oh…. that certainly, I used the one on GitHub
09:24 meshl joined #mojo
09:25 vanHoesel which for some reason has not been pushed to CPAN
09:34 KindOne joined #mojo
09:35 bpmedley What is the github link?
09:39 vanHoesel https://github.com/cybersiddhu/Mojolicious-Plugin-Caching
09:44 vanHoesel just created a pull request
09:45 akhasanov joined #mojo
09:46 bpmedley Github fails for me, as well
09:51 vanHoesel because of missing build scripts, isn't it ?
09:52 bpmedley Failed test 'it has cached /books url' <-- dunno
09:53 vanHoesel Yeah … ended up doing force install, and manually installing CHI drivers
09:53 vanHoesel and copy pasting the code fromGitHub into the module
09:53 * vanHoesel is bad at Git and GitHub
10:06 punter joined #mojo
11:29 * sri yawns
11:35 dod joined #mojo
11:36 mattastrophe joined #mojo
11:37 mattastrophe_ joined #mojo
11:37 dvinciguerra joined #mojo
11:38 dod joined #mojo
11:47 juikuen joined #mojo
11:58 neilhwatson joined #mojo
12:07 sri daily reminder that we still don't have a more concrete plan for https://github.com/kraih/mojo/issues/830
12:09 tencendur joined #mojo
12:11 batman sri: i'm confused... are we split regarding enabling signatures...?
12:12 sri just on the later stages
12:13 batman sorry. can you rephrase? (i don't understand that sentence)
12:13 sri most of us seem to be ok with the documentation bit
12:13 batman ok. so only me and marcus are +1 on doing the Mojo::Base change..?
12:13 sri just the Mojo::Base addition is questionable
12:14 batman i guess both jberger, tempire and Grinnz are -1 on the Mojo::Base change..?
12:14 marcus did crab express an opinion?
12:16 batman i think it's sad that we don't add signatures to Mojo::Base... the only thing that would make me question the change would be if we actually have a real life example where this would break existing code
12:17 sri to be fair, it's not stable in blead perl yet
12:18 y1mmm joined #mojo
12:21 batman if that is the reason, then i don't think we should even push the doc change :(
12:24 Janos joined #mojo
12:26 sri ok, this is a big problem https://groups.google.com/d/msg/mojolicious/RetqP4QsyHU/Lle8nZAXCQAJ
12:26 sri looks like Net::DNS::Native might be incompatible with kqueue and epoll
12:37 sri or maybe not
12:37 sri hmm
12:43 sri but at least with kqueue it is a problem
12:45 jontaylor joined #mojo
12:46 sri or i might just be crazy
12:46 sri because now it works
12:46 sri ¯\_(ツ)_/¯
12:47 pink_mist maybe some issues with the actual dns servers you queried that were quickly resolved on the other end? :/
12:47 pink_mist we may never know
12:51 jberger Odd
12:56 jontaylor joined #mojo
13:00 batman i fail to replicate mojolicious/RetqP4QsyHU/Lle8nZAXCQAJ when _not_ using EV
13:02 ajr_ joined #mojo
13:03 jontaylor joined #mojo
13:03 akhasanov joined #mojo
13:14 tencendur joined #mojo
13:22 gryphon joined #mojo
13:25 hernanGOA joined #mojo
13:27 jontaylor joined #mojo
13:39 good_news_everyon joined #mojo
13:39 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vZ4IK
13:39 good_news_everyon mojo/master e48a48c Sebastian Riedel: use an explicit return value
13:39 good_news_everyon left #mojo
13:39 jontaylor joined #mojo
13:39 HtbaaPi joined #mojo
13:45 jontaylor joined #mojo
13:58 Grinnz well it's not as good an example as i wanted to find, but https://metacpan.org/source/XLAT/MojoX-AlmostJSON-1.151250/lib/MojoX/AlmostJSON.pm#L41 would break if Mojo::Base enabled signatures
14:01 jberger so if Mojo::Base enabled **experimental** signatures and the user used both signatures and attributes, that code would break between 5.20 and 5.22
14:09 sri Grinnz: that's a terrible example
14:10 sri it's a bad Mojo::JSON fork
14:13 sri if we decided against innovation because we don't want to break bad forks of mojo core modules... that would be a messed up situation
14:15 Grinnz jberger, no? if Mojo::Base enabled experimental signatures, it would break in 5.20+ period
14:16 Grinnz and sri i have to agree in this case...
14:17 sri sub () {...} is an empty signature if you enable dignatures, not a prototype
14:17 sri s/d/s/
14:17 sri but i believe Grinnz is wrong too
14:17 sri in this case nothing would break, because the module doesn't even have tests :)
14:18 Grinnz perl -E'use experimental "signatures"; sub foo () { "bar" } my $foo = foo // foo'
14:20 PryMar56 joined #mojo
14:21 lluad joined #mojo
14:22 Grinnz i would expect Mojo::Base to be used in much non-CPAN code also... i'm not saying i don't want to enable it (once it's non-experimental), i'm just saying thats why i'd be more comfortable with it happening at a major version bump
14:22 sri we can major version bump right now ;p
14:23 mattastrophe joined #mojo
14:23 Grinnz wonder how long before they make it non-experimental...
14:29 jontaylor joined #mojo
14:30 genio I think the last I inquired about that it wasn't being thought of in 5.23, so it will likely be some time.
14:31 Grinnz :/
14:35 batman one thing is that people might use it in cpan modules, which again render a lot of the plugins useless for people on older perls.
14:36 batman i wonder if that's a reason _not_ to change the documentation/add it to Mojo::Base.
14:37 cpan_mojo BenchmarkAnything-Storage-Frontend-HTTP-0.003 by SCHWIGON https://metacpan.org/release/SCHWIGON/BenchmarkAnything-Storage-Frontend-HTTP-0.003
14:40 Grinnz yes, enabling it without the condition on perl version would be a definite -1 from me, that would break everything
14:42 genio and indeed going through the deltas for 5.23 I see no mention of it.  although postfix deref is no longer experimental
14:43 batman Grinnz: no it wouldn't break everything. we just wouldn't use it in core.
14:43 Grinnz huh?
14:43 Grinnz it would break everything on CPAN
14:43 batman it wouldn't break anything that i make, since i don't use signatures in my plugins on cpan
14:44 Grinnz it would break because the 'signatures' feature does not exist before 5.20
14:44 batman that's why you only enable it when you have a supported perl version
14:44 batman feature->import('signatures') if $] >= 5.020
14:45 Grinnz then i have no idea what you were saying
14:45 Grinnz if it's conditionally enabled then the only impact it would have on older perls is whether they use the signatures, in which case that module would obviously need to require 5.20
14:46 batman what i meant is that using signatures everywhere in the documentation might encourage person X to use signatures in Mojolicous::Plugin::Foo, which again renders the "foo" plugin to be useless for persons with older perls.
14:46 batman yes. what i'm unsure of is if i want to encourage the use of signatures, since there's probably still a lot of people running perl ~5.16
14:47 Grinnz ok. well i think the other problems are more pressing
14:47 batman that's fine :)
14:49 CandyAngel I'd wait until signatures were being used in general before adding them to something like Mojolicious
14:50 CandyAngel Lest they appear and then get removed because they have weird problems "in the wild"
14:51 Grinnz that's the experimental part, mostly
14:52 sri CandyAngel: we are a progressive project, we are often the first to do something
14:52 CandyAngel So like.. wait for people like me who write random, small tools to use it, find the issues, odd performance impacts and such
14:52 sri like using perl 5.10 features
14:52 CandyAngel Yeah, I understand that
14:52 CandyAngel "I'd wait"
14:52 sri that was very controversial early on actually
14:53 CandyAngel There are some things I still avoid doing (like using the // operator)
14:53 sri that's just weird
14:53 CandyAngel I know
14:54 Grinnz avoiding // adds so much extraneous code :/
14:54 Grinnz sometimes you can get away with || but not always
14:55 CandyAngel I don't always avoid it, but in some cases I do
14:55 sri better be careful, the // operator only exists for 8 years
14:55 sri ;p
14:55 CandyAngel :P
14:55 bpmedley I'm struggling with ;
14:56 CandyAngel Now you're just being mean :(
14:56 CandyAngel I still have 5.8 at work!
14:56 bpmedley Doh.  Sorry, wasn't the tact I was trying to portray.
14:56 Lee 5.16 here, wanting to get onto 5.22 as soon as possible
14:57 CandyAngel bpmedley: Don't worry, I have far thicker skin than that
14:57 sri perl 5.8 was released 2002!
14:57 CandyAngel #gobacktopython
14:57 CandyAngel :P
14:58 Lee haven't been able to do it quicker due to hash key ordering bugs
14:58 sri 5.22 is a pretty good release, fastest perl in a long time
14:59 CandyAngel I have really old perl at work.. but I use 5.022_000 for all my personal projects :P
14:59 CandyAngel <3 perlbrew
14:59 sri https://twitter.com/kraih/status/605474497827893248
14:59 Lee perlbrew++
14:59 CandyAngel (and strawberryperl)
14:59 inokenty joined #mojo
15:01 morton joined #mojo
15:03 morton Hello all, please help me understand ioloop, when i call blocking long time consuming db query wrapped in ioloop->delay(), this will still block whole worker for all other connections?
15:05 sri http://mojolicio.us/perldoc/Mojolicious/Guides/FAQ#Will-my-code-magically-become-non-blocking-with-Mojolicious
15:06 sri http://mojolicio.us/perldoc/Mojolicious/Guides/FAQ#What-is-the-difference-between-blocking-and-non-blocking-operations
15:22 morton ok thank, it means that i must use db driver which is async by desing.
15:24 morton or i must use whole new approach to design application?
15:25 tempire sri: I missed something - what mojo::base change are you referring to? I thought it was agreed that signatures are used in docs, but not in core
15:29 Flying_Squirrel joined #mojo
15:30 sri tempire: batman started that in #830
15:41 Grinnz_ and he's gone
15:42 batman who's gone?
15:42 Grinnz_ the guy who was asking how to non-block his db queries :P
15:43 batman oh
15:50 sri haha, so ibm basically owns express.js now
15:51 disputin joined #mojo
15:52 sri wow, they got ibm to sponsor 3 node.js core devs
15:53 sri (ibm bought strongloop)
15:54 jberger why would IBM care so much about front-end technology?
15:54 sri the node foundation seems pretty strong
15:54 jberger well, I guess this isn't front end, per-se
15:55 sri guess that's the advantage of having corporate memberships
15:55 * jberger thinks unrelatedly about craigslist :-P
15:56 dod joined #mojo
15:56 jberger see, now I'm going to spend the rest of the day wishing I could uproot my whole life and move to california
15:56 jberger great
15:57 sri is craigslist actually supporting much perl5 development?
15:57 sri seems to be mostly perl6 oriented
15:59 thowe really?
16:00 thowe that sounds like news...  or do I just live under a rock?
16:00 sri they sponsor larry
16:01 sri which is nice, but more of a negative for the perl5 community
16:01 thowe well that's decent of them, but what do they get out of it?
16:01 thowe or is it simply decent of them?
16:01 sri well, they have a resident perl expert
16:02 pink_mist I expect it's mostly decent of them
16:02 sri yea
16:04 sri they did donate $100k to the perl5 maintenance fund in 2012 too
16:05 Adura They need to do a Perl commercial like they did the Linux commercials.
16:05 sh4 joined #mojo
16:06 sri re ibm, apparently this is popular over there Oo http://loopback.io/
16:06 sri oh look, bank of america too :)
16:09 sri how do they get all those companies to allow them to use their logos, and we somehow can't?
16:10 Adura Very few corporate types enjoyed the Austin Powers movies.
16:13 Ptolemarch joined #mojo
16:21 jberger BoA is really surprising
16:21 jberger they are going hard-in on their custom python thing
16:22 jberger must be some one-off group that is using node and just went ahead and put out a logo
16:29 vanHoesel joined #mojo
16:43 Ptolemarch joined #mojo
16:46 amon joined #mojo
16:48 mib_yfunx3 joined #mojo
16:50 mib_yfunx3 Grinnz_: do you wanted to say something about non blocking db queries?
16:51 Grinnz_ if your database is postgres or mysql, you could use Mojo::Pg or Mojo::mysql (or Mojo::MySQL5) for native nonblocking queries, though there are some caveats
16:52 Grinnz_ otherwise, you can always do a fork call with Mojo::IOLoop::ForkCall, get a new database handle, and do the query there
16:52 Grinnz_ (make sure AutoInactiveDestroy is set in your handles)
16:56 mib_yfunx3 ok, thanks
17:11 inokenty joined #mojo
17:16 asm35 joined #mojo
17:18 meshl joined #mojo
17:22 mishanti1 sri: What has been done to capture corporate sponsorship deals thus far?
17:28 Ptolemarch joined #mojo
17:29 mattastrophe joined #mojo
17:29 Flying_Squirrel joined #mojo
17:30 CandyAngel Flying_Squirrel! *waves*
17:30 Flying_Squirrel CandyAngel, hey
17:31 CandyAngel How are you?
17:31 Flying_Squirrel fine and you?
17:34 CandyAngel I'm okay thankies
17:35 CandyAngel Just looking how to do something for a tool I'm writing :)
17:37 CandyAngel I think I will try Text::Sprintf::Named :D
17:38 sri mishanti1: context?
18:25 trone joined #mojo
18:25 CromeDome joined #mojo
18:32 mishanti1 sri: You saying "how do they get all those companies to allow them to use their logos, and we somehow can't?"
18:32 mishanti1 sri: ...and now I realize that I misunderstood the previous context.
18:36 mishanti1 You were commenting that it is difficult to get permission to use logo from corporations that use mojo, and put that on the mojolicious home-page?
18:36 jberger or, get the to offer those permissions
18:36 jberger how do we even know which companies to ask?
18:37 mishanti1 jberger: https://github.com/kraih/mojo/wiki/Projects-and-Companies-Using-Mojolicious ?
18:38 mishanti1 I even added the company I run to that list.
18:38 jberger there are several companies on that list that I would love to put on a front page
18:38 jberger and several that I hadn't known about
18:39 jberger I mean, Linode is clearly a perl shop but I didn't know they use Mojo
18:39 jberger zappos shutterstock (another perl regular) and logitech
18:39 mishanti1 Yeah, there are several pretty high-profile names on that list.
18:40 mishanti1 Oracle even.
18:40 preaction ask the developers during a release perhaps? "Do you use mojo? Can we use your logo?"
18:40 preaction it does require people to care, a lot
18:41 preaction you could also do that support contract thing, and make it part of that "We require use of your logo for marketing purposes"
18:41 preaction likely that's how BofA got on those lists
18:41 preaction we had a support contract for ExtJS from Sencha, is probably why we're there
18:54 jberger I would think that most developers don't think they have the authority to authorize that to us
18:55 jberger and most managers don't know what mojolicious is, even if their entire tooling is built on it
18:56 disputin joined #mojo
18:57 mishanti1 Many developers have a pretty decent ability to influence upwards.
18:57 preaction that's why it requires the dev to care, a lot
18:57 mishanti1 And if they throw in the "this is one more place we can get free marketing / traffic" then managers / execs do listen.
18:57 mishanti1 preaction: I agree.
18:58 preaction it would be best to consider it a way to improve the quality of applicants to tech job postings
18:59 preaction but, really, that quality is in an extremely narrow set of demographics
19:10 hernanGOA joined #mojo
19:16 brrt joined #mojo
19:32 stephen joined #mojo
20:05 berov1 joined #mojo
20:21 akhasanov joined #mojo
20:22 PopeFelix how long ago did the conversation about branding take place?
20:38 Ptolemarch joined #mojo
20:44 CandyAngel Linode use Mojo?
20:53 mishanti1 PopeFelix: two hours ago, approximately.
20:53 PopeFelix OK.
20:54 PopeFelix my company uses Mojo, but I don't know if I'm allowed to say who that is.  I figure I ought to err on the side of caution.
20:55 PopeFelix particularly as I am a contract-to-hire person, and so paranoid about not going perm.
21:03 brrt joined #mojo
21:08 sri PopeFelix: careerbuilder.com? :)
21:09 PopeFelix sri, nope.  A subsidiary thereof. ;)
21:09 CandyAngel Is there any way to make Mojo sort URL query params so they are consistent?
21:09 sri if you're connected through a corporate firewall we know who you are ;)
21:09 * PopeFelix hides
21:10 PopeFelix I know my outfit uses a lot of Mojo. I don't know about the rest of CB.
21:10 sri CandyAngel: they are ordered in Mojo::Parameters
21:11 Grinnz_ CandyAngel: how are you setting the query params?
21:11 CandyAngel I am making a Mojo::URL using ->new('http://someurl.somewhere/dir/')->query(key => value, key => value)
21:11 CandyAngel And they are in order
21:12 CandyAngel But then when I clone it and change one, it jumps to the end
21:12 Grinnz_ try ->query([key => value, key => value])
21:12 CandyAngel As I am using the url for a cache key, this means that it might miss is the params are in a different order
21:12 CandyAngel miss if the params*
21:13 Grinnz_ ahh, how are you changing one?
21:13 CandyAngel On the cloned url, $url->query->params(key => value);
21:13 Grinnz_ that would replace the whole parameter object
21:14 CandyAngel Oh
21:14 CandyAngel param sorry
21:14 CandyAngel >.<
21:14 sri ->params should not exist anymore actually
21:14 Grinnz_ oh, right
21:14 CandyAngel $url->query->param(['key', $key + 20]);
21:14 Grinnz_ no, arrayref wont work there
21:14 CandyAngel Whoops
21:14 sri it became ->pairs in 6.0 i believe
21:15 CandyAngel Yeah, I just changed it from what you said and it doesn't work :P
21:15 CandyAngel $clonedurl->query->param('key', $key + 20);
21:15 CandyAngel Right
21:15 CandyAngel That's what I have now
21:15 Grinnz_ yeah, ->param just does a remove and append
21:17 Grinnz_ maybe get the array with ->pairs, find the key and change its value, then create a new params object with that
21:17 Grinnz_ dunno if theres an easier way...
21:17 CandyAngel Okie dokie
21:17 CandyAngel Thankies :)
21:18 sri working with pairs in a list is not much fun
21:18 Grinnz_ no, but if you want to keep the order, theres no choice really...
21:18 sri yea
21:18 CandyAngel sri: It's okay, I can use List::Util's first_idx or whatever it is called to find the keys index
21:19 CandyAngel And the value will be $that+1 so pretty easy :)
21:19 Grinnz_ CandyAngel: make sure you check every other param only, so you don't accidentally find a value
21:19 sri until you have two values with the same name :)
21:19 CandyAngel I won't in this case
21:19 Grinnz_ i think List::Util has some things to help with this
21:19 CandyAngel All the values are numbers
21:20 sri reminds me that i wanted to use more pair functions from List::Util in mojolicious
21:20 sri but they are still very new :/
21:20 jnbek joined #mojo
21:21 Grinnz_ pairfirst { return undef unless $a eq 'blah'; $b = 'newvalue' } @$params;
21:21 Grinnz_ might want a ; 1 at the end too just to be sure
21:21 sri as in 5.20+
21:22 Grinnz_ most are 1.29 or 1.30 yea
21:25 Grinnz_ my @new_params = pairmap { $a eq 'blah' ? ($a => 'newvalue') : ($a => $b) } @$params; # without mutating in-place, but also without short circuiting
21:29 tencendur joined #mojo
21:35 CandyAngel I prefer the latter, is a bit clearer to me
21:35 Grinnz_ yea
21:44 Ptolemarch joined #mojo
21:47 trone_ joined #mojo
21:51 jberger sooooo it seems that browsers remember your basic auth information and will reuse it if you say logout and then try to visit a protected page again
21:52 Grinnz_ hence why https://pause.perl.org/pause/authenquery?ACTION=pause_logout exists
21:52 jberger what does that do?
21:52 Grinnz_ and why i generally avoid basic auth except for trivial things
21:52 jberger I didn't realize it did that!
21:52 Grinnz_ it's a FAQ about various ways you might need to log out :P
21:53 Grinnz_ "Browsers handle the cache of authentification data differently. If you want your browser to forget them, most browsers require you to shut the browser down."
21:54 Grinnz_ you can probably kill them in devtools nowadays, though
21:54 Flying_Squirrel joined #mojo
21:54 Grinnz_ hmm nope, nothing there
22:00 jberger no, I checked that too
22:00 jberger its crazy
22:00 Quai send the browser a 403 even if the password is correct? It should trigger the basic auth dialog
22:01 Grinnz_ triggering the dialog doesnt necessary clear the existing credentials though
22:01 asarch joined #mojo
22:02 jberger this just seems like such a gaping security hole
22:02 jberger in browsers
22:02 Grinnz_ basic auth has always been pretty much a gaping security hole...
22:02 Quai 401 even, sorry.
22:21 CromeDome joined #mojo
22:22 mattastrophe joined #mojo
22:22 tencendur joined #mojo
22:35 jb360 joined #mojo
22:38 Ptolemarch joined #mojo
22:59 ajr_ joined #mojo
23:31 meredith yeah, do browsers still reissue cached credentials to -any- site that claims the same realm? they used to, but i can't recall realm even being shown in dialogs anymore.
23:32 Ptolemarch joined #mojo
23:44 DaniBunny joined #mojo
23:49 jberger What if I issue a random string for realm?
23:49 jberger Or maybe no realm?
23:52 bpmedley jberger: That is a path to frustration, confusion, and bewilderment why basic auth doesn't handle basic security concepts.

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary