The web in a box - a next generation web framework for the Perl programming language

IRC log for #mojo, 2017-10-06

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
02:41 noganex_ joined #mojo
03:50 inokenty-w joined #mojo
04:04 dboehmer joined #mojo
05:39 dod joined #mojo
06:12 dod joined #mojo
06:13 dod joined #mojo
06:38 kes joined #mojo
06:45 AndrewIsh joined #mojo
07:27 trone joined #mojo
07:27 Sebbe joined #mojo
07:30 leont_ joined #mojo
08:22 rba joined #mojo
08:25 rshadow joined #mojo
08:55 prg joined #mojo
08:55 rba joined #mojo
08:59 CandyAngel If I wanted to make a module that give CookieJar some save/load methods to persist cookie to Netscape file format.. should I make it Mojo::UserAgent::CookieJar::Netscape?
08:59 rba joined #mojo
09:09 rba joined #mojo
09:18 n16gel joined #mojo
09:33 rba_ joined #mojo
09:34 irqq joined #mojo
10:02 Vandal joined #mojo
10:13 perlpilot joined #mojo
10:45 tchaves joined #mojo
11:31 rba joined #mojo
11:33 jabberwok joined #mojo
11:35 hkclark joined #mojo
11:40 rba_ joined #mojo
11:48 dod joined #mojo
11:48 dod joined #mojo
11:57 hkclark joined #mojo
11:57 sri CandyAngel: or something like Mojo::UserAgent::CookieJar::Role::Persistent
12:06 hkclark joined #mojo
12:13 hkclark joined #mojo
12:19 hkclark joined #mojo
12:24 hkclark joined #mojo
12:48 rickbol_ joined #mojo
12:58 rba joined #mojo
13:07 tcohen joined #mojo
13:33 gizmomathboy joined #mojo
13:43 rba joined #mojo
13:45 foursixnine joined #mojo
13:47 CandyAngel Whatever you prefer :)
13:48 CandyAngel I am suprised it hasn't already been done, honestly
13:49 CandyAngel I would have thought such persistence would have been something someone else had wanted
14:08 haarg https://github.com/kraih/mojo/blob/master/lib/Mojo/Collection.pm#L33 this won't work in the debugger btw
14:09 rba joined #mojo
14:17 rba_ joined #mojo
14:19 rba joined #mojo
14:28 dod joined #mojo
14:29 gizmomathboy joined #mojo
14:32 rba joined #mojo
14:35 dod joined #mojo
14:42 rickbol joined #mojo
14:57 gryphon joined #mojo
15:02 rickbol joined #mojo
15:03 rickbol_ joined #mojo
15:11 dod1 joined #mojo
15:13 rickbol joined #mojo
15:20 rba joined #mojo
15:35 ChmEarl joined #mojo
15:39 rickbol_ joined #mojo
15:49 jberger haarg: why not?
15:49 haarg the @_ inside the first block is meant to refer to the parameters of Mojo::Collection::first
15:50 haarg which works for map and grep, but doesn't work for List::Util::first under the debugger
15:51 jberger oh interesting
15:51 jberger actually I'm kinda surprised that it works there now that you mention it
15:52 jberger magic of an & proto?
15:52 Grinnz no, xsub
15:52 haarg magic of List::Util internals
15:52 Grinnz pureperl functions can't do that
15:52 jberger hunh
15:52 Grinnz that was the main reason List::Util::PP was scrapped
15:52 haarg it doesn't call it like a standard sub
15:52 jberger one of those things that looks perfectly sane until it hits you
15:52 jberger lots of fun in Collection.pm though :-P
15:53 haarg yeah, mojo got some failure reports from smokers when i was playing with List::Util::PP
15:53 gryphon joined #mojo
15:54 jberger https://github.com/kraih/mojo/blob/master/lib/Mojo/Collection.pm#L63
15:54 jberger and
15:54 disputin joined #mojo
15:54 jberger https://github.com/kraih/mojo/blob/master/lib/Mojo/Collection.pm#L85
15:55 Grinnz $a and $b are real fun
15:57 Grinnz i dont think theres a reason to do $a->$cb($b) instead of $cb->($a, $b) there except to be cute?
15:58 jberger I was actually just thinking about that
15:58 pink_mist can $cb only be a reference?
15:58 jberger actually I'm sure we could contrive something kinda fun about that
15:58 sri i think batman wrote that
15:58 jberger pink_mist: in its current form it could be a string
15:58 Grinnz it's only documented to accept a subref. like lots of things though you could pass whatever you want and get weird results
15:58 jberger mighta been me
15:59 jberger I remember playing around with those a lot
15:59 pink_mist if it can be a string, then $a->$cb($b) can't be the same as $cb->($a, $b)
15:59 pink_mist afaik
15:59 jberger right
15:59 Grinnz yes, but that's not documented behavior, and also kind of weird
15:59 jberger the thing is I have no idea if anyone uses that for sort
15:59 jberger it makes sense in a lot of the other methods
16:00 Grinnz hell its not even documented that the sort callback gets $a and $b as args
16:01 jberger well it should probably do that, but even so it is consistent with the other methods that it do so
16:01 Grinnz yes it's much nicer to have the option to use args instead of $a and $b imo
16:03 jberger I can't remember if that implementation was me or batman, but the original reduce implementation is what earned me this reputation: http://irclog.perlgeek.de/mojo/2014-01-26#i_8178303
16:06 jberger heh, funny to see batman say "if I had a vote"
16:08 jberger curse pastie going away, I wish I could see the code we are referencing
16:34 rickbol joined #mojo
16:36 karjala_ joined #mojo
16:36 karjala_ Hi all!
16:37 karjala_ I've been asked to create a website, which should (among other things) store and display user-uploaded files.
16:38 karjala_ Where should I save those files? Do you think in a directory on the same fs as the webserver, would be a good idea and standard best practice?
16:38 karjala_ security-wise I'm slightly concerned about this...
16:40 Grinnz watch the max_request_size for your app and check is_limit_exceeded on the uploads, and store them somewhere that isn't being directly served on the filesystem
16:40 Grinnz alternatively you can always put them in a database or redis
16:41 Grinnz they arent necessarily optimized for large blobs but it works
16:41 Grinnz if you put them on the filesystem, make sure you dont have filename collisions or unintended directory paths
16:41 karjala_ By "directly served" do you mean "directly served by Apache to visitors"?
16:42 Grinnz i mean don't put them in public/ if it's a mojo app, so you can control how they're served
16:42 karjala_ aha yes ok
16:43 Grinnz what i would do when storing things on the filesystem is generate a random filename for each file, and have a database table that maps the original intended filename to this generated name where it's stored
16:43 Grinnz avoids any weird issues with special characters in the name
16:43 karjala_ unless I *want* them to be served to anyone (the security that I'm worried about is overwriting other parts of the filesystem)
16:44 karjala_ aha
16:44 karjala_ aha
16:44 karjala_ that's good
16:44 tyldis Agree with Grinnz. MEtadata lives in the database. Where the contant of the file is stored is a matter of scale
16:45 karjala_ And is there a regex I could use to validate or reject an intended filename?
16:45 karjala_ or should i even do that?
16:45 Grinnz if you're not storing it under that name, it doesn't really matter
16:45 tyldis If you do not use the filenames on a filesystem it shouldn't really matter
16:45 tyldis Used a safe filename you generate - if you do not store it in the DB
16:45 Grinnz if you are, i would primarily make sure the filename has no / or \
16:46 tyldis Or newlines, or....
16:47 karjala_ I saw someone upload to github a file with a newline in it by accident. And then he was having a hard time trying to understand why he can't update it
16:48 karjala_ Thanks everyone!
16:48 karjala_ Lifesavers
16:48 purl Lifesavers are CHANGING THE FIVE FLAVORS
16:50 Grinnz :O
17:02 rshadow joined #mojo
17:03 noganex joined #mojo
17:11 rba joined #mojo
17:11 sh14 joined #mojo
17:30 leont_ joined #mojo
17:40 disputin joined #mojo
17:42 vicash joined #mojo
17:45 Ptolemarch joined #mojo
17:52 gizmomathboy joined #mojo
17:57 mcsnolte joined #mojo
18:07 irqq joined #mojo
18:08 rshadow joined #mojo
19:34 dod joined #mojo
20:18 leont_ joined #mojo
20:48 irqq_ joined #mojo

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary