The web in a box - a next generation web framework for the Perl programming language

IRC log for #mojo, 2017-12-16

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 Grinnz preaction: why are the yancy backends using Mojo as a base? it doesnt seem like they need anything more than use Mojo::Base -base
00:01 preaction no idea. i'm sure it was copy/paste from somewhere
00:01 Grinnz Mojo is a kinda weird class, its the base for all mojo apps iirc
00:10 jberger Mojo is an application class, capable of handling web requests
00:11 jberger probably not what you want if you are writing a base class
00:19 bif left #mojo
00:28 sri Mojo is a very weird class, i actually wonder if we still need the methods and attributes it has
00:28 sri don't think anything still uses it
00:30 sri i mean, not even Mojo::HelloWorld uses it
00:30 sri commands and stuff depend on things Mojolicious adds
00:35 jberger I like having it, personally, the minimalist application
00:35 jberger I use it for simple things sometimes
00:35 jberger plus it is the basis for any other framework
00:35 sri i mean, we do need to keep some of it, like the handler and build_tx methods
00:35 jberger oh, sure
00:35 jberger that's all I'm talking about
00:36 sri but i think ua and home can be moved
00:36 jberger likely yes
00:36 sri they are not used on the lower levels
00:36 sri log has to stay too
00:36 sri config too i guess, for hypnotoad
00:49 sri yea, home and ua are easy
00:49 sri moving home should help quite a bit with docs
00:49 sri since people always overlook it
00:49 sri log never was a problem since we actually overload the attribute in Mojolicious
00:50 good_news_everyon joined #mojo
00:50 good_news_everyon [mojo] kraih pushed 1 new commit to master: https://git.io/vbogO
00:50 good_news_everyon mojo/master 0c828fd Sebastian Riedel: move home and ua attributes from Mojo to Mojolicious
00:50 good_news_everyon left #mojo
00:50 sri just wish we could do something better with $app->config
00:50 sri but as a prereq of hypnotoad it will have to stay
00:51 sri config is also one of those people overlook
00:51 purl okay, sri.
00:51 sri :S
00:55 sri oh, it's not just hypnotoad
00:55 sri config is now also tied to Test::Mojo
00:55 sri for the config override feature, which rocks
00:55 sri yea, there is no way it can ever be higher level
01:27 aborazmeh joined #mojo
02:35 Leffe joined #mojo
02:57 ilbot2 joined #mojo
02:57 Topic for #mojo is now 🍩 nom nom | http://mojolicious.org | http://irclog.mojolicious.org | http://code-of-conduct.mojolicious.org
03:09 mohawk_pts joined #mojo
03:18 Leffe joined #mojo
03:29 Leffe joined #mojo
03:41 Leffe joined #mojo
04:48 Ya_ALLAH_Ya_Muhmd joined #mojo
04:48 Ya_ALLAH_Ya_Muhmd left #mojo
05:06 Ya_ALLAH_Ya_Muhmd joined #mojo
05:06 Ya_ALLAH_Ya_Muhmd left #mojo
05:08 jberger https://twitter.com/joelaberger/status/941896885685702661
05:14 mohawk awwww yeahhhh
05:14 jamesaxl joined #mojo
05:14 mohawk is it wrong i'm getting as much enjoyment out of the good naming, as out of the outstandingly good content?
05:14 jberger I was pretty proud of that name :-P
05:15 jberger for me the best (and sometimes the worst) is the image
05:16 mohawk i actually feel you
05:16 mohawk part of me would like to say "oh, but surely! it's the intemallectual content that will stand the test of time!!?!"
05:17 mohawk but the rest of me has lived in that actual world
05:17 jberger oh, I wouldn't do it if it weren't for that bit, but still :D
05:17 mohawk s/that/the/
05:17 jberger "that" works
05:17 mohawk noooo
05:17 mohawk that changes my meaning!!?!
05:17 mohawk i will fix this all with a great image!!?!
05:18 jberger you'd better!
05:18 jberger ok now to wind down and try to dream up something for tomorrow
05:18 mohawk i am getting entirely too much enjoyment out of that idea
05:18 mohawk good night, sweet prince
05:18 jberger awwww
05:18 mohawk #shakespear
05:18 mohawk omg
05:18 mohawk #shakespeare
05:18 jberger #irony
05:19 mohawk i need to hand in my passport
05:19 jberger you're gonna need it soon
05:20 mohawk you're not talking about #norway?
05:20 jberger I just meant #brexit
05:20 mohawk ha
05:20 mohawk in britannia, outside of the schengen area, we always need our passports
05:21 jberger are you losing schengen?
05:21 mohawk no, because we were never in schengen
05:21 mohawk ergo...
05:21 jberger oh, I thought you were
05:21 jberger nm
05:22 jberger and now your previous comment "in britannia ..." reads quite differently than I first read it
05:22 jberger (of course you needed it when OUTSIDE schengen, :D)
05:22 mohawk that first comma should really have been a "=="
05:22 mohawk quite
05:22 jberger no one properly uses the emdash anymore
05:23 jberger actually, you did in your article IIRC
05:23 mohawk possibly "ie, "
05:23 mohawk well, i did vicariously
05:23 mohawk i've just read the googles about the "good night sweet prince". naturally, i did not intend the death connotations
05:24 mohawk at school i did macbeth, but not hamlet.
05:24 mohawk i have TVR-ed the kenneth branagh hamlet, but after a couple of years i have yet to see it
05:24 mohawk #BritishnessFail
05:25 jberger http://www.slate.com/articles/life/the_good_word/2011/05/the_caseplease_hear_me_outagainst_the_em_dash.html
05:25 jberger I mean, I wasn't going to say anything, I assumed you weren't ... well you know
05:25 mohawk i'm glad someone is dealing with the great issues facing the universe in 2017
05:25 mohawk (eye-roll emoji)
05:26 jberger to be fair, that was the carefree time of 2011
05:26 mohawk jberger, i've said this before and i may say it again
05:26 mohawk i'm not interested in your "facts"
05:26 jberger you know, only fear of the government shutting down that ultimately ended my scientific career before it started
05:26 jberger but who's counting?
05:27 jberger psssssss, facts, we're so over facts
05:27 mohawk getting an insight into what drives your #Twitterness
05:27 jberger we're tackling words now
05:27 mohawk (copyright me, just now)
05:27 jberger hehe
05:27 mohawk feel free to use it (with attribution)
05:27 jberger CC BY 3.0
05:28 mohawk i do need to get a grip of at least some idea of what the various CCs allow/offer
05:28 mohawk but i'm too busy making new #bants
05:29 jberger the CC website has a great little thingy for generating the right license
05:29 jberger a couple clicks and it tells you which to use
05:29 mohawk i'm sure it does
05:29 mohawk but who has that many spare seconds?
05:29 mohawk " America's finest prose—in blogs, magazines, newspapers, or novels—is littered with so many dashes among the dots it's as if the language is signaling distress in Morse code"
05:30 mohawk ps: "as though"
05:30 mohawk STOP MURDERING MY LANGUAGE, COLONIALS
05:31 jberger your language? ha! Noah Webster killed that dead a long time ago
05:31 jberger Intentionally and effectively
05:32 mohawk well you say that
05:32 mohawk the killing was effective
05:32 mohawk but highly localised
05:33 mohawk well done, noah. you "created efficiency" in reducing out a number of "u" characters
05:33 jberger I considered changing your spelling in your article, I really did :-P
05:33 mohawk history will at some point thank you
05:33 mohawk glad you didn't kick THAT shedstorm off
05:34 mohawk ps you're welcome for at least ONE correctly-spelled article off
05:34 mohawk you know
05:34 jberger now I want to watch the cockney slang scene from Lock Stock again
05:34 mohawk to maintain a minimum standard
05:34 mohawk you need to watch the whole film PLUS snatch
05:34 mohawk but the tv series-es i can't endorse as i've not seen
05:34 jberger I actually just watched Lock Stock about a month ago
05:34 mohawk aww yeahhhh
05:35 jberger showed it to my little brother for his first time
05:35 jberger Snatch again sometime soon I'm sure
05:35 mohawk classic xmas-period movie
05:35 mohawk i watched die hard with a bunch of chums yesterday
05:35 mohawk epic
05:35 * jberger endorses
05:35 jberger anyway, enough fun, nn
05:35 mohawk night!
05:36 mohawk WELCOME TO THE PARTY, PAL
05:36 jberger (everyone share the post)
05:46 mohawk i'm about halfway through the emdash article and now i wish to frown very hard at the author
05:46 mohawk be hemingway, people
06:58 Ya_ALLAH_Ya_Muhmd joined #mojo
06:58 Ya_ALLAH_Ya_Muhmd left #mojo
07:05 Ya_ALLAH_Ya_Muhmd joined #mojo
07:05 Ya_ALLAH_Ya_Muhmd left #mojo
07:13 mohawk jberger, https://metacpan.org/pod/Mojolicious::Plugin::Multiplex looks very interesting! but grammar: "This module extends the protocol slightly in order to enough of the "WebSocket API" to be useful"
07:15 mohawk ps, wow! it needs a sample app
07:15 mohawk maybe, i don't know, a webchat?
07:19 Vandal joined #mojo
07:23 Leffe joined #mojo
07:32 Leffe joined #mojo
07:44 Leffe joined #mojo
07:56 Leffe joined #mojo
08:13 dod joined #mojo
08:20 dod joined #mojo
09:09 karjala_ joined #mojo
11:04 karjala_ joined #mojo
12:29 kes joined #mojo
12:45 kes Hi
12:45 kes Why "% end, begin" cause the compilation error?
12:46 kes http://paste.scsys.co.uk/566176
12:46 kes I expect "% end, begin" expression will work fine
12:50 eseyman joined #mojo
13:04 tchaves joined #mojo
13:25 sri jberger: why are you keeping this open, it doesn't look like there will be any more constructive discussion? https://github.com/kraih/mojo/pull/1166
13:39 trone joined #mojo
13:58 jberger It was to prove the point that we weren't shutting him down. Point is probably proved now though
14:08 sri ok
14:30 marty_ joined #mojo
14:31 marty_ joined #mojo
14:46 sri btw. this is still open https://github.com/kraih/mojo/issues/1164
14:52 sri and here we still don't know if it's actually a bug https://github.com/kraih/mojo/issues/1160
14:53 sri with those unnecessarily complicated examples i just don't see that getting resolved
14:53 sri even i get bored half way through it
14:57 sri i'm sure this will get me some more hate https://github.com/kraih/mojo/issues/1160#issuecomment-352188483
14:57 sri but so be it
15:25 good_news_everyon joined #mojo
15:25 good_news_everyon [mojo-pg] kraih pushed 1 new commit to master: https://git.io/vbKe5
15:25 good_news_everyon mojo-pg/master f0b8341 Sebastian Riedel: fix a bug that could cause connections to be cached for reuse too early
15:25 good_news_everyon left #mojo
15:26 sri the actual problem was in Mojo::Pg
15:28 jberger Nice find
15:31 mohawk ++
15:35 kes hm... seems this expression is prohibited: % end, begin
15:35 kes >there can only be whitespace after begin and before end.
15:36 good_news_everyon joined #mojo
15:36 good_news_everyon [mojo-pg] kraih pushed 1 new commit to master: https://git.io/vbKvc
15:36 good_news_everyon mojo-pg/master a6a065a Sebastian Riedel: test non-blocking results too
15:36 good_news_everyon left #mojo
15:36 kes but technically everything is right.
15:37 mohawk_pts joined #mojo
15:38 good_news_everyon joined #mojo
15:38 good_news_everyon [mojo-pg] kraih pushed 1 new commit to master: https://git.io/vbKva
15:38 good_news_everyon mojo-pg/master 25896bf Sebastian Riedel: more consistent tests
15:38 good_news_everyon left #mojo
15:50 sri and another one down https://github.com/kraih/mojo/issues/1164#issuecomment-352191572
15:51 mohawk_pts w00t
15:51 geospeck joined #mojo
16:44 ChmEarl joined #mojo
16:45 jberger sri: is there a way to smash-close a connection from in a controller action?
16:45 jberger in order to test such a thing from a client
16:47 jberger maybe just via the underlying stream
16:48 jberger or this I guess too https://github.com/kraih/mojo/blob/master/t/mojo/user_agent.t#L26
17:02 jberger mohawk: there is a chat example: https://github.com/jberger/Mojolicious-Plugin-Multiplex/blob/master/ex/vue_chat.pl
17:04 mohawk w00t
17:04 mohawk nice
17:12 jberger hmmmmm, I hadn't planned on doing a blog post about that, but maybe I should
17:12 jberger these last few days might become "Joel's self-promotion corner" if I'm not careful
17:12 mohawk about the multiplex?
17:12 jberger yeah
17:13 jberger I use it heavily at work, it does really well
17:13 sri jberger: Connection: close is enough i think
17:13 jberger sri: thanks
17:14 jberger I tried that and when it didn't work as I expected I sniffed the websocket and found that that wasn't my problem
17:14 jberger I was trying to trigger https://chromedevtools.github.io/devtools-protocol/tot/Page/#method-navigate to generate and errorText
17:15 jberger but of course the thing that actually happens is that chrome redirects to chrome-error://chromewebdata/ which loads successfully
17:15 jberger but with a different frameId
17:15 jberger so I need to capture that changeover
17:15 jberger or else figure out how to prevent it
17:16 sri jberger: your multiplex plugin seems kinda inconsistent
17:16 jberger it has evolved over time, so I wouldn't be surprised
17:16 sri client side has a nice api and server is odd
17:17 jberger the client has certainly gotten more love
17:17 sri i'd expect channels to have an object
17:18 sri $c->multiplex->channel('foo')->send('lalala')
17:18 jberger there could be a higher level api built on top of the lower level one yaeh
17:18 sri s/could/should/
17:18 sri :p
17:18 jberger right now it is just event based, very close to how the transport works
17:19 jberger I like that
17:21 sri websocket multiplexing is one of those things i could see become a spin-off project
17:22 sri your client side is pretty much exactly what i'd want for that
17:22 sri with an equivalent api on the server side
17:23 sri and a Test::Mojo role for testing
17:23 sri would make for a great plugin example
17:23 sri bundling a lot of stuff
17:27 jberger I'd like to be a little more careful on a few things around unsubscribing
17:28 jberger but yeah, I'm pretty happy about most of the client side
17:28 jberger channel.close() should check to see if there are other subscribers before sending uns,
17:28 jberger that kind of stuff hasn't gotten as much attention since I use this in long-running SPAs
17:29 jberger I rarely if ever actually call close()
17:31 jberger hmmmmm, so there is an oddity here
17:32 jberger each channel is essentially a singleton (per multiplexer) and if it is given out multiple times, each user doesn't know it
17:33 jberger and if any one of them called close, it would affect them all I think
17:33 jberger so maybe there is some refactoring to be done around that
17:38 jberger all that said, I'd be happy to work on a spin off if that's something we'd like to pursue
17:39 sri i was even considering it as a core feature
17:40 sri but spin-off would be nice for all the examples we get out of it
17:41 sri Mojolicious::Plugin::Channels or so as official name
17:42 jberger core or spin off, doesn't matter to me
17:43 jberger I'd be happy to get extra eyes and hands on it (or something like it)
17:44 jberger I almost wonder if I should see if there is broader interest in the protocol
17:45 jberger I extended the original one (which seems abandoned, or rather was never really pushed beyond a toy)
18:03 jberger yeah, thinking about the client side, I think there needs to be a little more indirection between the Muliplexer object and the Channel object
18:03 jberger ie, more than one Channel object should be created per channel name
18:04 jberger remember that the entire point of designing the api this way was so that you could pass one of these to any other library that needs a websocket and it could use it as if it were a websocket
18:04 disputin joined #mojo
18:04 jberger anyway, that's now top of my list if there is any notion of making this project more official
18:10 mohawk jberger, you should definitely write a post about it
18:10 mohawk sri, i was reading the http/2 mojo issue earlier, and your use of "channels" here reminds me of it
18:13 jberger some similar terminology but a very different thing
18:14 jberger websockets are already framed for example
18:31 mohawk makes sense
18:49 splatt9990 joined #mojo
18:53 sh14 joined #mojo
19:00 geospeck joined #mojo
19:52 disputin joined #mojo
19:52 trone joined #mojo
20:50 karjala_ I wonder how I should handle "login, but don't remember me on this computer" on the server-side. Should I store the random karjala_sessionid in the database and invalidate it after 48h?
20:50 karjala_ I know the browser should just receive a session cookie instead of a regular one with expires
20:51 karjala_ (karjala_sessionid is the cookie value)
20:52 karjala_ I'm thinking that if I do the above, then if someone leaves their browser on for more than 48 hours, they'll see themselves logged off for no reason
20:52 karjala_ Then again that might not be terrible, since, if they asked to not be remembered, they're in a place that they shouldn't be 48 hours on
20:53 karjala_ like a netcafe, or a friend's house
20:54 karjala_ any thoughts? how do you handle this?
21:05 preaction i would, yes, keep the session to expire when the browser closed, and also expire the session after 1-2hours of inactivity
21:09 karjala_ a
21:09 karjala_ but wouldn't that mean that an evil netcafe owner could keep this session alive forever?
21:09 karjala_ by grabbing the sessionid and doing requests with it?
21:10 preaction they could do that anyway
21:10 karjala_ by stealing the password, yes
21:10 preaction you're protecting against accidental/casual use, not malicious use
21:10 preaction by MITM the ssl session, even
21:10 preaction by sniffing packets over the wireless router
21:10 preaction by all sorts of fun mechanisms that have nothing to do with the server
21:10 karjala_ I thought SSL can't be MITMed?
21:11 karjala_ ok
21:11 preaction it _super_ can be
21:11 karjala_ o
21:11 preaction there are protections against it, but the server has to use them
21:11 karjala_ so i shouldn't be doing netbanking at internet cafes?
21:11 karjala_ ok
21:11 preaction holy hell no :p
21:11 karjala_ damn
21:14 preaction "ssl interception" seems to be the search term for this class of problems
21:14 preaction but anyway, like i said, you're protecting against casual use. like the folks who leave their facebook logged-in while visiting an apple store
21:20 karjala_ aha thx
21:21 marty joined #mojo
21:25 karjala_ holy
21:26 karjala_ preaction, so when at work someone sets their browser to use a proxy for https connections, that could very well be a spying proxy?
21:26 preaction yes. that is in fact the point of that
21:26 preaction otherwise you could be shipping out company secrets
21:27 karjala_ damn
21:27 karjala_ i must be more careful to not insult my boss in private chats then
21:27 karjala_ just kidding, he's cool
21:27 karjala_ i see
21:29 karjala_ but it doesn't have to be a proxy configured in the browser settings, it could be the company router too, right?
21:29 karjala_ or a netcafe's modem
21:29 karjala_ or my home's modem even
21:30 preaction i'm not an expert, but that's harder to do. at that point, you need to be able to forge a cert
21:30 preaction i said harder, but i did not say hard
21:30 pink_mist karjala_: only if the certificate store you're using has been poisoned by them
21:33 preaction that's why people hacking CAs is a big deal. and why there are some http headers regarding which CAs one should trust for a given website
21:43 Ya_ALLAH_Ya_Muhmd_ joined #mojo
21:43 Ya_ALLAH_Ya_Muhmd_ left #mojo
22:07 jberger karjala_: number one biggest thing, if someone, anyone, says "just install this certificate", the answer is no
22:08 karjala_ ok!
22:09 jberger I worked for a company that wanted to do that, that meant for me that I couldn't use my personal computer on that network anymore
22:09 jberger nonstarter
22:09 karjala_ :)
22:09 jberger they put it on my work computer, after that, no personal use at all
22:13 mohawk_pts for me that's a good policy anyway
23:00 Ya_ALLAH_Ya_Muhmd joined #mojo
23:00 Ya_ALLAH_Ya_Muhmd left #mojo
23:05 Ya_ALLAH_Ya_Muhmd joined #mojo
23:05 Ya_ALLAH_Ya_Muhmd left #mojo
23:32 Ya_ALLAH_Ya_Muhmd joined #mojo
23:32 Ya_ALLAH_Ya_Muhmd left #mojo

| Channels | #mojo index | Today | | Search | Google Search | Plain-Text | summary