The web in a box - a next generation web framework for the Perl programming language

IRC log for #mojo, 2016-01-12

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:21 sri i'm warming up to the name codec
00:21 sri $c->{codec} = Mojo::Codec::WebSocket->new->start($tx)
00:22 sri basically a layer that serializes and deserializes transactions for transport over sockets
00:51 asarch joined #mojo
01:00 jontaylor joined #mojo
01:09 bpmedley joined #mojo
01:28 genio sri: Is this what you're looking for on 896 or did I misunderstand as it seems like a very simple change? https://gist.github.com/genio/94716e8de0ec792680f8
01:31 sri genio: not quite, there's at the very least a cookbook recipe that needs to be changed
01:31 sri the installable apps thing
01:34 sri and i'm not sure they all should be changed
01:34 binlei joined #mojo
01:34 sri that lite app gets really ugly with those lines
01:35 sri yes, the docs need to make sense as a whole, copypasta does not work
01:38 sri maybe this is not a task for a volunteer after all
01:38 sri how are you supposed to get the progression in the growing guide right
01:41 genio I'll actually read through it and put effort into an attempt later.  This one was just a "can it really only be this simple" type of attempt
01:42 sri sorry, but i already know what i want now :(
01:42 genio ah, ok.  :)
02:07 good_news_everyon joined #mojo
02:07 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vzt0C
02:07 good_news_everyon mojo/master f662f96 Sebastian Riedel: scripts should be a little more portable (closes #896)
02:07 good_news_everyon left #mojo
02:07 sri that brings back the original progression
02:08 genio ah, that makes sense.  I see what you were after now
02:09 good_news_everyon joined #mojo
02:09 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vzt0D
02:09 good_news_everyon mojo/master 8e463f2 Sebastian Riedel: fix typo in growing guide
02:09 good_news_everyon left #mojo
02:10 sri it's easier done than explained :/
02:38 kaare joined #mojo
02:53 sri jberger: just realized something regarding the refactoring, the client_* and server_* methods are not tested at all, so we could release it before 7.0 :O
03:02 inokenty-w joined #mojo
03:56 noganex joined #mojo
04:21 Grinnz huh, the expanse has a few actors i wasnt expecting... the brother from royal pains, and that quarian admiral with a very unique voice :)
04:27 c--__ joined #mojo
04:35 voldemortensen joined #mojo
05:13 binlei joined #mojo
05:17 sri so, the next problem i think is Mojo::Server::Daemon::_finish
05:17 sri from the transaction side everything is fine now
05:18 sri but the daemon is not at all ready for connections with multiple transactions
05:18 sri we could very easily add a codec layer now for http/1.1 and websockets
05:18 sri on the client side also http/2
05:19 sri but the server side is not ready for http/2
05:22 good_news_everyon joined #mojo
05:22 good_news_everyon [mojo] kraih pushed 2 new commits to master: http://git.io/vzqVL
05:22 good_news_everyon mojo/master 2da32f8 Sebastian Riedel: better message tests
05:22 good_news_everyon mojo/master 8aede4c Sebastian Riedel: make sure payloads are different
05:22 good_news_everyon left #mojo
05:22 zivester joined #mojo
05:22 sri we are so close
05:23 sri but we need to split transaction teardown from connection teardown
05:25 good_news_everyon joined #mojo
05:25 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vzqwC
05:25 good_news_everyon mojo/master e599ad4 Sebastian Riedel: closing sounds better
05:25 good_news_everyon left #mojo
05:26 sri we are ready for handling one transaction at a time with an http/2 codec on the server side... but who wants that ;p
05:29 sri it's hard to consider a theoretical future codec -.-
05:29 sri right now we could just get away with a $coded->tx accessor and direct interaction with the one transaction
05:37 sri maybe i'm overthinking it
05:38 sri _finish could just have a special section for dealing with Mojo::Codec::HTTP2::Server
05:38 sri perhaps ask for finished transactions there
05:38 sri guess that would work
05:40 sri hmm, that actually works
06:21 Vandal joined #mojo
06:27 good_news_everyon joined #mojo
06:27 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vzqNf
06:27 good_news_everyon mojo/master caca8b1 Sebastian Riedel: compare the payload size too
06:27 good_news_everyon left #mojo
06:32 ribasushi joined #mojo
06:40 batman joined #mojo
06:51 binlei joined #mojo
06:53 dod joined #mojo
06:58 dod joined #mojo
07:02 ashimema joined #mojo
07:12 melo joined #mojo
07:12 melo1 joined #mojo
07:50 McA joined #mojo
08:07 CHYC joined #mojo
08:22 AndrewIsh joined #mojo
08:25 osfabibisi joined #mojo
08:25 trone joined #mojo
08:37 ribasushi " Must I demand the first stable release of something to perform better than other things that had a couple of decades of optimization? "
08:37 ribasushi um... if "something" is sold as "the new version of that other thing" - yes, yes you do
08:38 ribasushi bah, ENOZIFFIX
08:39 moritz Perl 6 isn't a new version of Perl 5
08:43 ribasushi yet there is incessant talk about "attracting p5 developers", there is this bizarre push for "one cpan for p5 and p6", etc etc etc
08:45 ribasushi until there is a very clear message from the core (that is TimToady, lizamt, jnthn, Nicholas, leont, etc, etc, etc) making a joint statement of "this is a completely different new language", the various individual "P6 isn't the new version of P5" route to /dev/null
08:45 ribasushi moritz: I understand what is the message that is trying to get out, but the actual actions do not back the message - that is a problem in itself
08:48 moritz ribasushi: I do consider myself a core developer, even if you didn't list me
08:49 ribasushi moritz: I didn't mean this as a slight (hence the etc etc etc)
08:49 ribasushi and I am pre-coffee
08:49 moritz ribasushi: noted
08:49 ribasushi I guess what I am trying to say is "the core developers with a very large public profile"
08:49 vanHoesel joined #mojo
08:49 ribasushi and you do fit into that category too
08:50 ribasushi anyway - my main point remains: there is nothing "official" to link to that is unambiguous about the languages being radically different both in syntax and inspirit (everything is an object, async everywhere, etc)
08:51 moritz it's not radically different in spirit; it still values the principles of timtowtdi, modelling human languages with things like huffman coding
08:51 moritz which is why it still has "Perl" in the name
08:52 moritz technically it is very different though
08:52 moritz though I think we're getting off-topic here
08:58 odc joined #mojo
09:11 jontaylor joined #mojo
09:12 melo joined #mojo
09:17 binlei joined #mojo
09:45 marcus It's about as similar to perl5 as ruby is
09:45 marcus maybe a little less
09:49 coolo ruby stole well from perl5, but I wouldn't go as far :)
09:49 kes joined #mojo
09:56 trone joined #mojo
10:05 nic Wow, didn't know cperl has progressed so well  http://perl11.org/cperl/STATUS.html
10:21 kes What does this mean?
10:21 kes Bizarre copy of ARRAY in scalar assignment at /home/feelsafe/perl5/lib/perl5/Mojo/Message/Request.pm line 182
10:23 CandyAngel jberger: I implemented your suggestion of filtering: http://codepad.org/vJgtDlhj
10:24 sue joined #mojo
10:26 kes hm... it were happened while psgi.errors where copied
10:26 kes Attempt to free unreferenced scalar: SV 0x85091f8,
10:28 CandyAngel And then I realise I can remove a bunch of lines because they don't do anything. D'oh!
10:38 cpan_mojo Mojo-Webqq-1.6.9 by SJDY https://metacpan.org/release/SJDY/Mojo-Webqq-1.6.9
10:43 nic uh-oh, cperl adopts perl6's development policy
10:44 nic I'd have thought, of all the things to take from perl6, their speed of development talks for itself
10:45 nic Heh, the next stable release is penned to be v5.30 O_o
10:47 * Lee tried cperl over xmas - it spewed a tonne of warnings when building and failed to work with [what i would call] cpan essentials
10:47 Lee don't know if the situation has changed
10:48 nic Lee: 'stable' or 'development' branch?
10:48 nic dev gets patched monthly, but it looks like stable hasn't had much since Sep
10:49 Lee master, not sure if that's "stable"
10:49 nic yeah
10:55 nic cperl lists a lot of interesting things and directions you could take perl5, but the docs sure are demoralising
11:56 binlei joined #mojo
12:32 binlei joined #mojo
12:49 neilhwatson joined #mojo
12:58 kaare joined #mojo
13:09 ajr_ joined #mojo
13:10 coolo I bet it was already topic in this channel, but I'm watching "Netanel Rubin: The Perl Jam 2" and I have some very uneasy feelings about my app ;)
13:16 binlei joined #mojo
13:20 nic heh, "Mr Rubin yes you are a p[...]k who didn't do his homework and this unprofessional talk will backfire on you!"
13:38 cpan_mojo Swagger2-0.67 by JHTHORSEN https://metacpan.org/release/JHTHORSEN/Swagger2-0.67
14:14 punter joined #mojo
14:19 ajr_ joined #mojo
14:22 sue joined #mojo
14:27 mspo coolo: is it still about the array vs reference vs flat list stuff?
14:56 voldemortensen joined #mojo
14:59 Grinnz thats part of it yes
14:59 jberger coolo: do you blindly trust that all references are validated trusted data?
14:59 jberger If not then his talk doesn't apply to you
14:59 Grinnz coolo, i wouldn't pay it any mind, most of the presentation just showed his continued ignorance of how perl works
15:01 coolo Grinnz: well, I found <$file> to open files pretty weired actually
15:01 * coolo wasn't aware
15:02 Grinnz <> does some weird things sure, but even old code doesn't use it that way
15:02 voldemortensen1 joined #mojo
15:11 mspo <> to open or read?
15:12 mspo it applies insomuch that FUD is really really effective
15:13 berov joined #mojo
15:16 coolo mspo: his example is basically $file = $cgi->upload('file'); while (<$file>) { print "$_\n"; }
15:16 coolo (using CGI.pm)
15:18 coolo and he attacked this example app by uploading a scalar file=ARGV and a file=<IO> in the same request. and the real ugly part was that <$file> will open($ARGV[]) which in CGI.pm are the params
15:18 coolo and if ARGV[] ends with | it will even be executed
15:20 mspo ah ha
15:22 mspo yeah open "|" is a powerful and convenient thing
15:22 mspo but has no place in web apps ;)
15:23 dod joined #mojo
15:24 jberger well, most of the time: https://github.com/jberger/Mojolicious-Plugin-TailLog/blob/master/lib/Mojolicious/Plugin/TailLog.pm#L16
15:24 sri coolo: if you want to use a language nobody makes fun of, you have to pick a language that nobody else uses
15:25 * sri can't think of a language without bad parts
15:25 sh4 joined #mojo
15:25 Lee the ARGV magical behaviour was the one piece of useful information in the talk
15:25 coolo mspo: that's basically his point. even if you never call open in your app, you can still execute code - because perl has such suprising features
15:26 jberger sri: I don't know what you're talking about, python is practically perfect in every way
15:26 jberger :-P
15:27 sri ;p
15:27 Grinnz coolo, how would you accidentally use <> without open in a cgi script?
15:27 mspo coolo: yeah I suppose so
15:27 sri <$file> with $file = 'ARGV' was a bug in strict though, wasn't it?
15:27 mspo coolo: but being given enough rope is what makes things fun
15:27 Lee sri: yes: https://kentfredric.github.io/blog/2016/01/01/re-the-perl-jam-2-argv-is-evil/
15:28 mspo also can't you just if -f $file first?
15:28 Grinnz oh the CGI.pm upload stuff... meh
15:29 mspo the real question is: what does Mojo::Upload do? :)
15:29 jberger mojo's slurp is nothing like that
15:30 jberger https://github.com/kraih/mojo/blob/master/lib/Mojo/Util.pm#L240
15:30 jberger no magicks of any kind
15:30 Grinnz mspo, nothing that the presentation is relevant to
15:31 mspo can you pass a |pipe into $upload->filename somehow?
15:31 Lee people asked about mojo in the Q&A at the end and the speaker just kind of hand-waved
15:31 coolo Grinnz: you would raise my confidence if you wouldn't wave it off so easily - because that's what he's dealing with all the time and what makes it so easy to give perl security talks every year
15:32 Grinnz coolo, he deserves waving off in every sense
15:32 sri coolo: he was unable to find any exploits in mojolicious
15:32 Lee coolo: he's looking at *really old* and *really bad* code and generalizing from that
15:32 Grinnz he knows nothing about perl, his research appears to consist of googling for perl tricks
15:32 sri so, yes, we don't really care
15:32 preaction but he said he did
15:33 Lee i already replied to the speaker ( https://gist.github.com/kentfredric/8f6ed343f4a16a34b08a#gistcomment-1660339 ) but he *still* hasn't spoken to me directly
15:34 preaction here's the list of responses i've compiled so far: https://gist.github.com/preaction/978ce941f05769b064f4
15:35 sri coolo: if you value my opinion... he's mostly incompetent, going after perl code from 20 years ago
15:36 coolo sri: oh, I didn't have serious doubts. But it made me aware of such pitfalls, so to me it's valuable too
15:37 coolo sri: e.g. I remember you guys changed the param API not to depend on context any longer
15:37 bpmedley coolo : I wonder if it's more valuable to learn Modern Perl best practices and avoid the noids.
15:37 mspo while( <"ARGV"> ) does that work?
15:37 preaction mspo: yes, but it uses ARGV
15:38 mspo what is bare ARGV?
15:38 Lee mspo: a special case, see link further up
15:38 preaction perldoc -v ARGV; the implicit filehandle that does <>
15:39 mspo wow I've never seen that before
15:39 coolo see? that what makes perl so easy to make fun of ,)
15:39 sri talking about exploits, saw a funny one in trendmicro yesterday https://code.google.com/p/google-security-research/issues/detail?id=693
15:40 preaction .. because a language has things that not everybody uses, it's easy to make fun of?
15:40 preaction i've never used a gui toolkit, let's make fun of every language!
15:40 mspo oh it's the name for the blank <>
15:40 sri coolo: it's also easy to make fun of javascript
15:41 coolo sri: oh, no doubt about that
15:41 coolo start with the name :)
15:41 mspo anyway I still can't imagine not testing for -f at some point in the file upload flow
15:41 sri but can we appreciate for a moment the fact that windows antivirus software now ships with node.js? :)
15:42 mspo sri: node is like a virus for sure
15:43 mspo I was amazed that light table wasn't  written with node
15:43 voldemortensen1 left #mojo
15:54 bwf joined #mojo
16:04 zivester joined #mojo
16:13 binlei left #mojo
16:33 jacoby joined #mojo
16:36 ryan joined #mojo
17:02 odc joined #mojo
17:15 jberger sri: is there any way I can prevent a websocket upgrade?
17:16 jberger websocket '/' => sub { $c->prevent_websocket if $condition }
17:19 sri just set a response code other than 101
17:20 sri hink even doing nothing would be fine
17:20 sri +t
17:20 sri when you call $c->on() it calls $c->rendered(101)
17:21 sri return if $condition
17:28 ajr_ joined #mojo
17:34 good_news_everyon joined #mojo
17:34 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vz37M
17:34 good_news_everyon mojo/master 30ae4d4 Sebastian Riedel: better frame tests
17:34 good_news_everyon left #mojo
17:58 odc` joined #mojo
18:06 trone joined #mojo
18:29 dod joined #mojo
18:41 PryMar56 joined #mojo
18:51 Kogurr joined #mojo
18:54 disputin joined #mojo
19:23 jberger sri: thanks
19:23 jberger I basically ended up doing the same thing
19:23 jberger setting a different status
19:23 jberger its just that I'm doing something totally insane
19:23 jberger so it took a little doing
19:27 sue joined #mojo
19:46 sue joined #mojo
19:54 punter joined #mojo
19:56 sri jberger: been playing with the codec idea, it kinda works for the daemon
19:56 jberger it certainly would open up the area for later expansion
19:58 sri my experiment so far https://gist.github.com/anonymous/b34128b09de1a21d2f3d
19:59 sri HTTP works, websockets work sometimes
19:59 sri (should be a trivial mistake though)
20:03 sri a performance loss is noticeable
20:03 sri not as bad as it could be though
20:04 sri from 1700 rps down to 1600
20:06 sri i'm not in a hurry to do this, just wanted to find out if it was feasible
20:34 good_news_everyon joined #mojo
20:34 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vzGc1
20:34 good_news_everyon mojo/master 0d1365a Sebastian Riedel: fix encapsulation problem in Mojo::WebSocket
20:34 good_news_everyon left #mojo
20:35 sri looks like batman forgot a "&& ++$tx->{open}"
20:50 mspo codec?
20:53 sri yes, codec
20:53 good_news_everyon joined #mojo
20:53 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vzGB5
20:53 good_news_everyon mojo/master 6b2b39e Sebastian Riedel: the resume method belongs to Mojo::Transaction::HTTP
20:53 good_news_everyon left #mojo
20:54 sri "basically a layer that serializes and deserializes transactions for transport over sockets"
20:55 berov1 joined #mojo
20:56 sri everything we have right now actually fits into codec modules
20:57 sri it will only get a little tricky with multiplexed http/2 streams on the server-side
21:02 sri this method is basically the whole problem https://github.com/kraih/mojo/blob/master/lib/Mojo/Server/Daemon.pm#L119-L151
21:03 sri pretty much everything else is http/2 ready :)
21:11 melo joined #mojo
21:14 melo1 joined #mojo
21:16 mspo got it
21:17 mspo yeah I don't know how http/2 is supposed to work on the implementation side
21:20 sri right now we have one transaction attached to each connection, for http/2 we would need to be able to handle multiple transactions per connection
21:20 sri that's it basically, everything else is easy
21:30 mspo I need to read the rfc
21:30 mspo the last time I tried I didn't make it past the encoding part
21:30 sri the protocol itself is not that interesting
21:30 mspo but an http2 client can just shovel a bunch of requests at you right away, I guess?
21:30 mspo sri: server-push sounded interesting
21:30 sri takes maybe a week or two to implement framing
21:31 sri and header compression
21:31 sri the implications for the surrounding apis are the interesting part imo
21:31 sue joined #mojo
21:32 sri like concurrent requests on the same socket, with priorities and server push
21:33 sri the rfc mostly deals with the wire format, not the surrounding problems
21:34 sri if you really want to learn about the protocol i recommend the book high performance browser networking
21:34 moritz what I mostly wonder is how to best structure applications to take advantage of server push
21:34 sri the ebook version just recently got updated for the final rfc
21:34 sri moritz: no different than you do now
21:35 moritz like, how do I know ASAP which resources to push?
21:35 sri in jetty for example they made server push automatic
21:35 sri the server learns based on the Referer header which resources belong together, and pushes them together on future requests
21:36 moritz that's a nice trick
21:36 sri lots of similar tricks are currenlty being explored
21:37 moritz though also possible to game/exploit into sending unnecessary resources
21:38 sri mspo: actually, get this https://www.nginx.com/http2-ebook/
21:38 sri it's free
21:39 mspo couldn't mojo figure out which files are included in templates (for example) and push them?
21:39 sri sure
21:39 mspo I wouldn't trust some auto-learning BS
21:39 mspo an explicit push tag in a render could also work
21:40 sri we could also use Link headers to establish connections between resources
21:49 melo joined #mojo
22:02 good_news_everyon joined #mojo
22:02 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vzGSG
22:02 good_news_everyon mojo/master 27af4e7 Sebastian Riedel: the callback is actually required
22:02 good_news_everyon left #mojo
22:03 lluad left #mojo
22:06 ZoffixWin joined #mojo
22:29 bletch joined #mojo
22:30 bletch I am implementing a rest api in Mojo Lite, all the http verbs work, accept for delete (obviously). Is there an alternate verb for this in Mojo?
22:31 Jonis del
22:31 bletch I just found it in the doc
22:31 Grinnz_ :)
22:31 bletch thanks
22:31 bletch lol
22:37 good_news_everyon joined #mojo
22:37 good_news_everyon [mojo] kraih pushed 1 new commit to master: http://git.io/vzGxu
22:37 good_news_everyon mojo/master bffb5e0 Sebastian Riedel: no need for default values
22:37 good_news_everyon left #mojo
22:45 Adurah joined #mojo
22:49 good_news_everyon joined #mojo
22:49 good_news_everyon [mojo] kraih pushed 1 new commit to master: https://github.com/kraih/mojo/commit/d306aea26fce05f95077b4a42c468849197d05fa
22:49 good_news_everyon mojo/master d306aea Sebastian Riedel: update Changes
22:49 good_news_everyon left #mojo
22:50 asarch joined #mojo
22:51 sri oh, another ruby framework to steal from http://lotusrb.org
22:51 sri i like the style
22:54 sue joined #mojo
23:03 sri the way they split up their docs into a million little pages really annoys me
23:13 lluad joined #mojo
23:27 Grinnz_ weird, last commit announcement didnt have a shortened url
23:30 ribasushi joined #mojo
23:46 ZoffixWin tun tun tuuuun.
23:46 ZoffixWin :) I'm guessing the service was out so it just forwent it
23:54 melo1 joined #mojo

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary