- Apr 2022
-
jahed.dev jahed.dev
-
hopefully feed readers can treat permanent redirects as a sign to permanently update their feed URLs, then I can remove it. They probably don't, much like bookmarks don't
-
-
xmpp.org xmpp.org
Tags
Annotators
URL
-
-
ldapwiki.com ldapwiki.com
-
www.bortzmeyer.org www.bortzmeyer.org
- Mar 2022
-
www.infoq.com www.infoq.com
-
profilenegotiation.github.io profilenegotiation.github.io
-
Abstract This document defines two new HTTP headers "Content-Profile" and "Accept-Profile" that enable User Agents and hosts to indicate and negotiate the profile used for representing a specific resource. In this context, a profile is a description of the structural and/or semantic constraints of a group of documents in addition to the syntactical interpretation provided by more generic MIME types. Examples of profiles include Dublin Core Application Profiles, XML Schemata, and RDF Shape Expressions. This document further defines and registers the "profile" parameter for the HTTP "Link" header and suggests a best practice for the use of the new headers together with the "Link" header for the purposes of performing content negotiation and pointing clients to alternate representations.
-
-
mementoweb.org mementoweb.org
-
web.dev web.dev
Tags
Annotators
URL
-
-
riku.miso.town riku.miso.town
-
logout
This should be a button. (GET should be idempotent and free of side effects.)
-
- Feb 2022
-
Tags
Annotators
URL
-
-
docs.google.com docs.google.com
-
javascript.plainenglish.io javascript.plainenglish.io
-
Integrating AbortController
js export const Timeout = (time) => { let controller = new AbortController(); setTimeout(() => controller.abort(), time * 1000); return controller; }
```js import { useEffect, useState } from "react"; //imports goes here
export default function App() { //state goes here
//update useEffect(() => { fetch("https://jsonplaceholder.typicode.com/todos/1", { signal: Timeout(10).signal }) .then((resp) => resp.json()) .then((resp) => setData(resp)) .catch((err) => setError(true)); return () => {}; }, []); return ( <div> {* JSX goes here*} </div> ); } ```
-
-
dmitripavlutin.com dmitripavlutin.com
-
2. Timeout a fetch() request
```js async function fetchWithTimeout(resource, options = {}) { const { timeout = 8000 } = options;
const controller = new AbortController(); const id = setTimeout(() => controller.abort(), timeout); const response = await fetch(resource, { ...options, signal: controller.signal<br /> }); clearTimeout(id); return response; }
async function loadGames() { try { const response = await fetchWithTimeout('/games', { timeout: 6000 }); const games = await response.json(); return games; } catch (error) { // Timeouts if the request takes // longer than 6 seconds console.log(error.name === 'AbortError'); } } ```
Tags
Annotators
URL
-
-
web.dev web.dev
-
-
www.carlrippon.com www.carlrippon.com
- Jan 2022
-
www.w3.org www.w3.org
-
-
www.w3.org www.w3.org
-
-
-
This specification defines two formats and respective media types for representing sets of links as stand-alone documents. One format is JSON-based, the other aligned with the format for representing links in the HTTP "Link" header field. This specification also introduces a link relation type to support discovery of sets of links.
GET links/resource1 HTTP/1.1 Host: example.org Accept: application/linkset+json
HTTP/1.1 200 OK Date: Mon, 12 Aug 2019 10:46:22 GMT Server: Apache-Coyote/1.1 Content-Type: application/linkset+json Link: <https://example.org/links/resource1> ; rel="alternate" ; type="application/linkset" Content-Length: 1349 { "linkset": [ { "anchor": "https://example.org/resource1", "author": [ { "href": "https://authors.example.net/johndoe", "type": "application/rdf+xml" } ], "memento": [ { "href": "https://example.org/resource1?version=1", "type": "text/html", "datetime": "Thu, 13 Jun 2019 09:34:33 GMT" }, { "href": "https://example.org/resource1?version=2", "type": "text/html", "datetime": "Sun, 21 Jul 2019 12:22:04 GMT" } ], "latest-version": [ { "href": "https://example.org/resource1?version=3", "type": "text/html" } ] }, { "anchor": "https://example.org/resource1?version=3", "predecessor-version": [ { "href": "https://example.org/resource1?version=2", "type": "text/html" } ] }, { "anchor": "https://example.org/resource1?version=2", "predecessor-version": [ { "href": "https://example.org/resource1?version=1", "type": "text/html" } ] }, { "anchor": "https://example.org/resource1#comment=1", "author": [ { "href": "https://authors.example.net/alice"} ] } ] }
Tags
Annotators
URL
-
-
robustlinks.mementoweb.org robustlinks.mementoweb.org
Tags
Annotators
URL
-
-
robustlinks.mementoweb.org robustlinks.mementoweb.org
-
4. Robustifying a link when linking to a specific version
If the main intent is to link to a specific state of an original resource, for example a snapshot of the original resource in a web archive or one of its version in a version control system, then Robust Link information is conveyed as follows:
href
for the URI that provides the specific state i.e., the snapshot or resource version;data-originalurl
for the URI of the original resource;data-versiondate
for the datetime of the snapshot or resource version.
[...]
<a href="http://en.wikipedia.org/w/index.php?title=Web_archiving&oldid=485347845" data-originalurl="http://en.wikipedia.org/wiki/Web_archiving" data-versiondate="2012-03-20">Robust Link to this specific version of the Wikipedia page</a>
-
3. Robustifying a link when linking to the original resource
If the main intent is to link to an original resource but also allow future users of that link to see the state of the original resource around the time the link was put in place, then Robust Link information is conveyed as follows:
href
for the URI of the original resource for which the snapshot was taken;data-versionurl
for the URI of the snapshot;data-versiondate
for the datetime of linking, of taking the snapshot.
[...]
<a href="http://www.w3.org/" data-versionurl="https://archive.today/r7cov" data-versiondate="2015-01-21">Robust Link to the W3C home page</a>
-
The approach proposed here is to convey this information on a link by leveraging HTML5's attribute extensibility mechanism. It introduces the following
data-
attributes for the anchor (<a>
) element:data-originalurl
for the URI of the original resource;data-versionurl
for the URI of the snapshot;data-versiondate
for the datetime of linking, of taking the snapshot.
-
Robust Links provide multiple pathways to revisit a link's original content, even a long time after the link was put in place. This document describes approaches to robustify links in HTML pages. All approaches assume that, when linking to a web resource, a snapshot of the state of that resource is created, for example, in a web archive or a versioning system. When linking, the URI of the resource, the URI of the snapshot, and the datetime of linking are conveyed.
Tags
Annotators
URL
-
-
tools.ietf.org tools.ietf.org
Tags
Annotators
URL
-
-
developers.google.com developers.google.com
-
www.freecodecamp.org www.freecodecamp.org
-
The most obvious time you'd encounter a 401 error, on the other hand, is when you have not logged in at all, or have provided the incorrect password.
-
As mentioned in the previous article, the 403 error can result when a user has logged in but they don't have sufficient privileges to access the requested resource. For example, a generic user may be attempting to load an 'admin' route.
-
-
www.rfc-editor.org www.rfc-editor.org
-
The server generating a 401 response MUST send a WWW-Authenticate header field (Section 4.1) containing at least one challenge applicable to the target resource.
Meaning that 99% of the people use it are using it "wrong" because they're not using it for HTTP authentication and don't send a WWW-Authenticate header field with their 401 response?
Hmm. That's a tough one. On the one hand, the spec does say they must send it.
Initial opinion
But on the other hand, one could argue that that requirement only applies if using 401 for HTTP authentication. And that saying it's wrong to do so (as they claim at https://stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses/14713094#14713094 and https://hyp.is/JA45zHotEeybDdM_In4frQ/stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses) is having a too strict/narrow/literal interpretation.
HTTP is meant to be used widely in many very different uses and contexts, most of which do not use this very specific HTTP authentication scheme; my opinion is that they shouldn't be denied from using it, just because they don't have anything useful WWW-Authenticate header field. (Or (which is also fine with me), just put something "emptyish" in the field, like "Unused". Unless that would trigger a Basic auth modal in the browser, in which case we shouldn't, for practical reasons.)
Why shouldn't we be able to repurpose this same status code for uses that are still authentication, but just not HTTP authentication per se?
Is it really wrong to repurpose this useful status code for other contexts, like cookie-based app-defined authentication systems?
I say that it's okay to repurpose/reuse 401 for any authentication system (that uses HTTP as a part of it, even though not using HTTP's own authentication system), as long as we try to maintain the same semantic as originally intended/described here. I think it's okay to use 401 as a response to a XHR request, and then have the client redirect to a login page, which provides a way to authenticate again (reattempt the authentication challenge), analogous to how it works for HTTP authentication.
Revised opinion
https://stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses/14713094#14713094 has made me change my mind and convinced me that...
Authentication by schemes outside of (not defined by) RFC7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication should not use HTTP status 401, because 401 Unauthorized is only defined (by current RFCs) by RFC7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication, and has semantics and requirements (such as the requirement that "A server generating a 401 (Unauthorized) response MUST send a WWW-Authenticate header field containing at least one challenge.") that simply don't make sense or cannot be fulfilled if using a non-HTTP authentication scheme.
403 Forbidden, on the other hand, is defined by the broader HTTP standard, in RFC7231: Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content and RFC7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication.
In conclusion, if you have your own roll-your-own login process and never use HTTP Authentication, 403 is always the proper response and 401 should never be used.
Couldn't a custom auth system use WWW-Authenticate header?
The question was asked:
Doesn't RFC7235 provide for "roll-your-own" or alternate auth challenges? Why can't my app's login flow present its challenge in the form of a WWW-Authenticate header? Even if a browser doesn't support it, my React app can...
And I would say sure, if you want (and if the browser doesn't automatically show a Basic auth modal in this case and thwart your plans).
They might be on to something here with that question!
But that should probably be the test of whether you can/should use 401: are you actually using WWW-Authenticate header?
Indeed I found an example where it is used for OAuth2.
-
-
-
That comes in the form of the WWW-Authenticate header with the specific authentication scheme to use. For example, in the case of OAuth2, the response should look like the following:
-
"The basic principle behind REST status code conventions is that a status code must make the client aware of what is going on and what the server expects the client to do next"
-
You can fulfill this principle by giving answers to the following questions:Is there a problem or not?If there is a problem, on which side is it? On the client or on the server side?If there is a problem, what should the client do?
-
Now, assume your client attempts to access a resource that it MUST NOT access at all, for example, because it belongs to another user. What status code should your API return? Should it return a 403 or a 401 status code?You may be tempted to return a 403 status code anyway. But, actually, you can't suggest any missing permission because that client has no way to access that resource. So, the 403 status code gives no actual helpful information. You may think that returning a 401 status code makes sense in this case. After all, the resource belongs to another user, so the request should come from a different user.However, since that resource shouldn't be reached by the current client, the best option is to hide it.
-
Let's explore a different case now. Assume, for example, that your client sends a request to modify a document and provides a valid access token to the API. However, that token doesn't include or imply any permission or scope that allows the client to perform the desired action.In this case, your API should respond with a 403 Forbidden status code. With this status code, your API tells the client that the credentials it provided (e.g., the access token) are valid, but it needs appropriate privileges to perform the requested action.
-
-
stackoverflow.com stackoverflow.com
-
The difference is what the server expects the client to do next.
-
Authentication by schemes outside of RFC2617 is not supported in HTTP status codes and are not considered when deciding whether to use 401 or 403.
What does "are not considered when deciding whether to use 401 or 403" mean exactly? What exactly should not be considered, and what exactly should be considered instead? In other words, how did someone arrive at the conclusion that "if you have your own roll-your-own login process and never use HTTP Authentication, 403 is always the proper response and 401 should never be used."? Why is 403 okay to use for non-HTTP authentication, but not 401?
Oh, I think I understand the difference now.
They should have said:
Authentication by schemes outside of (not defined by) RFC7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication should not use HTTP status 401, because 401 Unauthorized is only defined (by current RFCs) by RFC7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication, and has semantics and requirements (such as the requirement that "A server generating a 401 (Unauthorized) response MUST send a WWW-Authenticate header field containing at least one challenge.") that simply don't make sense or cannot be fulfilled if using a non-HTTP authentication scheme.
403 Forbidden, on the other hand, is defined by the broader HTTP standard, in RFC7231: Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content and RFC7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication.
In conclusion, if you have your own roll-your-own login process and never use HTTP Authentication, 403 is always the proper response and 401 should never be used.
See also my comments in https://hyp.is/p1iCnnowEeyUPl9PxO8BuQ/www.rfc-editor.org/rfc/rfc7235
-
Meaning if you have your own roll-your-own login process and never use HTTP Authentication, 403 is always the proper response and 401 should never be used.
-
If HTTP authentication is not in use and the service has a cookie-based authentication scheme as is the norm nowadays, then a 403 or a 404 should be returned.
-
While this seems to me like it's probably an accurate interpretation of the old RFC 2616, note that RFC 7231 defines the semantics of a 403 differently, and in fact explicitly states that "The client MAY repeat the request with new or different credentials."
-
it depends on the application but generally, if an authenticated user doesn't have sufficient rights on a resource, you might want to provide a way to change credentials or send a 401.
A 403 doesn't tell the client / user agent what the next step is or provide a way to change credentials.
So maybe a 302 redirect is the best answer after all? Even though it sadly lacks the nice semantic distinction that 401/403 provide...
-
FORBIDDEN: Status code (403) indicating the server understood the request but refused to fulfill it. User/agent known by the server but has insufficient credentials. Repeating request will not work, unless credentials changed, which is very unlikely in a short time span.
-
Send a 302 to your login-page
That's typically what people do, isn't it.
That answers the question "how do we best instruct the user agent to take the next step that is required". And maybe a redirect is in fact the best answer.
-
The statement is "If the request already included Authorization credentials". That means if this is a response from a request which provided the credential (e.g. the response from a RFC2617 Authentication attempt). It is essentially to allow the server to say, "Bad account/password pair, try again". In the posed question, the user is presumably authenticated but not authorized. 401 is never the appropriate response for those circumstances.
See my comments in https://hyp.is/p1iCnnowEeyUPl9PxO8BuQ/www.rfc-editor.org/rfc/rfc7235
-
This may be because it is known that no level of authentication is sufficient (for instance because of an IP blacklist), but it may be because the user is already authenticated and does not have authority.
-
401 is only appropriate for HTTP Authentication
-
I'm using both - the 401 for unauthenticated users, the 403 for authenticated users with insufficient permissions.
-
From your use case, it appears that the user is not authenticated. I would return 401.
-
There's a problem with 401 Unauthorized, the HTTP status code for authentication errors. And that’s just it: it’s for authentication, not authorization. Receiving a 401 response is the server telling you, “you aren’t authenticated–either not authenticated at all or authenticated incorrectly–but please reauthenticate and try again.” To help you out, it will always include a WWW-Authenticate header that describes how to authenticate.
-
So, for authorization I use the 403 Forbidden response. It’s permanent, it’s tied to my application logic, and it’s a more concrete response than a 401. Receiving a 403 response is the server telling you, “I’m sorry. I know who you are–I believe who you say you are–but you just don’t have permission to access this resource. Maybe if you ask the system administrator nicely, you’ll get permission. But please don’t bother me again until your predicament changes.”
-
401 'Unauthorized' should be 401 'Unauthenticated', problem solved !
-
UNAUTHORIZED: Status code (401) indicating that the request requires authentication, usually this means user needs to be logged-in (session). User/agent unknown by the server. Can repeat with other credentials. NOTE: This is confusing as this should have been named 'unauthenticated' instead of 'unauthorized'.
-
Checks are usually done in this order: 404 if resource is public and does not exist or 3xx redirection OTHERWISE: 401 if not logged-in or session expired 403 if user does not have permission to access resource (file, json, ...) 404 if resource does not exist or not willing to reveal anything, or 3xx redirection
-
+----------------------- | RESOURCE EXISTS ? (if private it is often checked AFTER auth check) +----------------------- | | NO | v YES v +----------------------- 404 | IS LOGGED-IN ? (authenticated, aka user session) or +----------------------- 401 | | 403 NO | | YES 3xx v v 401 +----------------------- (404 no reveal) | CAN ACCESS RESOURCE ? (permission, authorized, ...) or +----------------------- redirect | | to login NO | | YES | | v v 403 OK 200, redirect, ... (or 404: no reveal) (or 404: resource does not exist if private) (or 3xx: redirection)
-
-
I would expect that 401 to be named "Unauthenticated" and 403 to be named "Unauthorized". It is very confusing that 401, which has to do with Authentication,
Tags
- misnomer
- key point
- +0.9
- definition
- important point
- good examples
- HTTP 401
- flow diagram
- strict/narrow/literal interpretation
- I agree
- flowchart
- important distinction
- algorithms
- confusing
- easy to confuse (mix up)
- HTTP 403
- order is important / do things in the right order
- good point
- simple explanation
- HTTP 401: only use it for HTTP authentication
- authentication
- HTTP status codes
- HTTP 401 vs 403
- system architecture/design diagram/illustration
- clear (easy to understand)
- good explanation
- asking the right question
- HTTP authentication
- I disagree
Annotators
URL
-
-
datatracker.ietf.org datatracker.ietf.orgrfc72351
-
The server generating a 401 response MUST send a WWW-Authenticate header field (Section 4.1) containing at least one challenge applicable to the target resource.
Moved this comment to: https://hyp.is/p1iCnnowEeyUPl9PxO8BuQ/www.rfc-editor.org/rfc/rfc7235
-
-
developer.mozilla.org developer.mozilla.org
-
flaviabastos.ca flaviabastos.ca
-
If the ticket is incorrect or damaged, you cannot even go through the airport security: when they check your ticket, it will be refused. You are Forbidden to enter the boarding area of the airport.
It depends what we mean by "incorrect"/damaged "credentials ("ticket")...
A. If they are invalid or incorrect in the sense that we can't authenticate them as anyone (as it sounds like you mean with "incorrect" or "damaged") (they're not a user in our database or the password doesn't match a user in our database), then you should actually use 401, meaning that the client can/should try (again) to authenticate with different credentials.
B. But if by "incorrect" you mean (as it sounds like you mean with "you cannot even go through the airport security: when they check your ticket, it will be refused") that the credentials were valid enough to authenticate you as someone (a user in our database), but that (known( user has insufficient credentials, then correct, it should be a 403 forbidden.
It's even easier to explain / think about if you just think of 401 as being used for any missing or failed authentication. See:
- https://hyp.is/3fuPiHooEeyZc5cn4Q1uXg/stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses
- https://hyp.is/oxI0uHonEeyZYvdQFZIEUQ/stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses
- https://hyp.is/pB2XuHomEeyax28Y6vxcOg/stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses
-
-
These two sound pretty similar to me. And to make things even more confusing, 403 “Forbidden” says that the server refuses to “authorize” the request but it’s code 401 that is called “Unauthorized”. 😵
-
-
www.loggly.com www.loggly.com
-
-
Indicates that though the request was valid, the server refuses to respond to it. Unlike the 401 status code, providing authentication will not change the outcome.
-
-
datatracker.ietf.org datatracker.ietf.orgrfc72311
-
If authentication credentials were provided in the request, the server considers them insufficient to grant access.
Tags
Annotators
URL
-
-
-
401 Unauthorized The requestor is not authorized to access the resource. This is similar to 402 but is used in cases where authentication is expected but has failed or has not been provided.
-
-
guides.rubyonrails.org guides.rubyonrails.org
-
403 :forbidden
-
401 :unauthorized
-
-
blog.mestwin.net blog.mestwin.net
-
You’d like to access the content of the resource but you’re not logged in (so not authenticated yet). The server will return you a 401 error. You need to log in to be able to access the resource.
-
You’d like to delete the user, but you’re authenticated as a regular user, not as an admin. The server doesn’t allow regular users to perform such requests, so in the result, the server will send you a 403 error. Re-authentication won’t make any difference.
-
-
-
<link rel="prefetch" href="/style.css" as="style" /> <link rel="preload" href="/style.css" as="style" /> <link rel="preconnect" href="https://example.com" /> <link rel="dns-prefetch" href="https://example.com" /> <link rel="prerender" href="https://example.com/about.html" /> <link rel="modulepreload" href="/script.js" />
-
-
webconcepts.info webconcepts.info
-
-
slides.com slides.com
-
docs.google.com docs.google.com
-
developer.mozilla.org developer.mozilla.org
-
joshgoestoflatiron.medium.com joshgoestoflatiron.medium.com
-
function parseLinkHeader( linkHeader ) { const linkHeadersArray = linkHeader.split( ", " ).map( header => header.split( "; " ) ); const linkHeadersMap = linkHeadersArray.map( header => { const thisHeaderRel = header[1].replace( /"/g, "" ).replace( "rel=", "" ); const thisHeaderUrl = header[0].slice( 1, -1 ); return [ thisHeaderRel, thisHeaderUrl ] } ); return Object.fromEntries( linkHeadersMap ); }
-
-
developer.mozilla.org developer.mozilla.org
-
www.sitepoint.com www.sitepoint.com
Tags
Annotators
URL
-
-
javascript.info javascript.info
-
- Dec 2021
-
thewebdev.info thewebdev.info
-
react-query.tanstack.com react-query.tanstack.com
-
-
Abstract: [...] [The HTTP Memento protocol] lacks support for the management of data updated at high frequencies or the interactions during resource modification and only provides inefficient means for managing resources with many revisions. To address these shortcomings, we propose three extensions to the HTTP Memento protocol: arbitrary resolution timestamps, resource creation support and range requests for TimeMaps. We provide a reference implementation of our proposals as open source software and quantitatively evaluate the extensions’ performance, showcasing superior results in terms of resource capacity, insertion correctness, latency and amount of transferred data.
-
-
web.dev web.dev
Tags
Annotators
URL
-
-
css-tricks.com css-tricks.com
-
www.slideshare.net www.slideshare.net
Tags
Annotators
URL
-
-
datatracker.ietf.org datatracker.ietf.orgrfc86311
-
6.1. Link Relation Type: service-doc
Relation Name: service-doc
Description: Identifies service documentation for the context that is primarily intended for human consumption.
6.2. Link Relation Type: service-desc
Relation Name: service-desc
Description: Identifies service description for the context that is primarily intended for consumption by machines.
6.3. Link Relation Type: service-meta
Relation Name: service-meta
Description: Identifies general metadata for the context that is primarily intended for consumption by machines.
6.4. Link Relation Type: status
Relation Name: status
Description: Identifies a resource that represents the context's status.
Tags
Annotators
URL
-
-
httpstat.us httpstat.us
-
- Oct 2021
-
stackabuse.com stackabuse.com
Tags
Annotators
URL
-
-
bradgessler.com bradgessler.com
Tags
Annotators
URL
-
-
javascript.info javascript.info
-
-
jakearchibald.com jakearchibald.com
-
- Jul 2021
-
datatracker.ietf.org datatracker.ietf.orgrfc64551
-
Relationship to TCP and HTTP _This section is non-normative._ The WebSocket Protocol is an independent TCP-based protocol. Its only relationship to HTTP is that its handshake is interpreted by HTTP servers as an Upgrade request. By default, the WebSocket Protocol uses port 80 for regular WebSocket connections and port 443 for WebSocket connections tunneled over Transport Layer Security (TLS) [RFC2818].
-
-
developer.mozilla.org developer.mozilla.org
-
The difference between PUT and POST is that PUT is idempotent: calling it once or several times successively has the same effect (that is no side effect), whereas successive identical POST requests may have additional effects, akin to placing an order several times.
-
-
news.ycombinator.com news.ycombinator.com
-
> I should have used "side-effect-free" instead of "idempotent" in my tweetsThe HTTP term is "safe method".
-
-
developer.mozilla.org developer.mozilla.org
-
-
Sending body/payload in a GET request may cause some existing implementations to reject the request — while not prohibited by the specification, the semantics are undefined. It is better to just avoid sending payloads in GET requests.
-
Requests using GET should only be used to request data (they shouldn't include data).
-
-
wordtothewise.com wordtothewise.com
-
So long as the filters are only using GET requests to pull down links, there’s nothing fundamentally wrong with them. It’s a basic (though oft-ignored) tenet of web development that GET requests should be idempotent; that is, they shouldn’t somehow change anything important on the server. That’s what POST is for. A lot of people ignore this for convenience’s sake, but this is just one way that you can get bitten. Anyone remember the Google Web Accelerator that came out a while ago, then promptly disappeared? It’d pre-fetch links on a page to speed up things if you clicked them later on. And if one of those links happened to delete something from a blog, or log you out… well, then you begin to see why GET shouldn’t change things. So yes, the perfect solution to this is a 2-step unsubscribe link: the first step takes to you a page with a form on it, and that form then POSTs something back that finalizes the unsubscribe request.
-
Idempotent just means that following a link twice has exactly the same effect on persistent state as clicking it once. It does not mean that following the link must not change state, just that after following it once, following it again must not change state further. There are good reasons to avoid GET requests for changing state, but that’s not what idempotent means.
https://hyp.is/JTNJ6uaLEeuFtzvtkXWaeA/developer.mozilla.org/en-US/docs/Glossary/Safe/HTTP confirms this claim and states it even more clearly.
-
-
security.stackexchange.com security.stackexchange.com
-
Arguably any link that performs such an action via GET is fundamentally broken. A proper unsubscribe should direct to a page with a form that requires a POST submission. (Of course, in the real world, few things are proper.)
-
-
softwareengineering.stackexchange.com softwareengineering.stackexchange.com
-
This is not advice. A GET is defined in this way in the HTTP protocol. It is supposed to be idempotent and safe.
-
-
-
developer.mozilla.org developer.mozilla.org
-
An HTTP method is safe if it doesn't alter the state of the server. In other words, a method is safe if it leads to a read-only operation.
-
All safe methods are also idempotent, but not all idempotent methods are safe. For example, PUT and DELETE are both idempotent but unsafe.
-
-
developer.mozilla.org developer.mozilla.org
-
Each of them implements a different semantic, but some common features are shared by a group of them: e.g. a request method can be safe, idempotent, or cacheable.
Which ones are in each group?
Never mind. The answer is in the pages that are being linked to.
-
request method can be safe, idempotent, or cacheable.
-
-
-
stackoverflow.com stackoverflow.com
-
I don't like that I can't really use head? to know it's a HEAD request, but I (think I) understand the reasoning
-
- Jun 2021
-
pressbooks.howardcc.edu pressbooks.howardcc.edu
-
And now let’s be even bolder still. What if every country in the world chose to be like Costa Rica in prioritizing human well-being, using its wealth for the well-being of its citizens?
Unfortunately, there are some countries that will continue to experience unrest due poverty and inequality in the land. This can be attributed to the greediness of the leaders. The people in the leadership of such countries do not care about the well-being of their citizens. The wealth from the resources of the country are unequally distributed to alleviate poverty in some parts of the county while some individuals in the government embezzle funds. There are lack of basic needs not to mention the basic infrastructures for the survival of the citizens. This can have a huge negative impact on the Social Progress index/Global Growth.
-
-
disqus.com disqus.com
-
Handling 401s well is important for the user's experience. They won't happen often (though more often than I expected), but really do break everything if you're not careful. Getting a good authentication abstraction library for Vue or Ember or whatever you are using should help with a lot of the boring parts. You'll probably need to define some extra strategies/rules for this cookie session approach, but if it's anything like in ember-simple-auth they're so simple it feels like cheating, because the Rails app is doing all of the hard work and you just need the js part to spot a 401 and handle logging in and retrying whatever it was doing before.
Tags
Annotators
URL
-
-
developer.mozilla.org developer.mozilla.org
-
This status is sent with a WWW-Authenticate header that contains information on how to authorize correctly.
-
The HTTP 401 Unauthorized client error status response code indicates that the request has not been applied because it lacks valid authentication credentials for the target resource.
-
-
en.wikipedia.org en.wikipedia.org
-
Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource.
-
- May 2021
-
kit.svelte.dev kit.svelte.dev
-
The job of this function is to return a { status, headers, body } object representing the response, where status is an HTTP status code: 2xx — successful response (default is 200) 3xx — redirection (should be accompanied by a location header) 4xx — client error 5xx — server error
-
-
twitter.com twitter.com
-
facebook.com/CienciaUNAM.MX
-
- Apr 2021
-
www.mansionglobal.com www.mansionglobal.com
-
op irrigation and drainage, multiple outdoor decks and terraces spanning more than 2,000 square feet, and a pool with a spa, according to the listing with Benjamin Illulian of Keller Williams. More: Jeff Bezos Drops $16 Million on Another Manhattan Pad to Create a ‘Vertical’ Dream Home Interior space is divided into four bedrooms, four bathrooms, formal living and dining rooms and an eat-in kitchen. The property is equipped with smart home appliances, and comes with 50 feet of curb frontage. Plus, it’s just steps away from popular shops and restaurants, the listing said. Mr. Illulian, who listed the property for $5.195 million in December 2019, didn’t respond to a request for comment. From: Penta Art Museums Given Leeway in Funding Mr. Legend, 41, a singer and music producer, and Ms. Teigen, 34, a model and TV personality, could not immediately be reached for comment. The couple recently purchased a Manhattan apartment—their second in the same building. Marshall Peck of Douglas Elliman, who represented the buyers in the deal, declined to comment. if (!window.WEBUI_NEWSLETTERCARDS) { window.WEBUI_NEWSLETTERCARDS = []; } window.WEBUI_NEWSLETTERCARDS.push({ articleId: 'MG0000214176', state: {"data":{},"id":"mg/newsletterCard","context":{"newsletterId":"801","newsletter":{"_id":"5ec24a31d782d55d025c60ae","node_type":"newsletter","edition":"mansionglobal","section":"newsletters","id":"801","label":"Week in Review","description":"Shares the stories you may have missed from the world of luxury real estate","index":2,"previewURL":"","imageURL":"","addURL":"","addLabel":"","subOnly":false,"orderAlphabetic":"","options":"","disableSignup":false},"isLoggedIn":false,"hasFullNewsletterAccess":false,"hasFreeNewsletterAccess":false,"region":"na,us","editionId":"mansionglobal","returnLink":"https://www.mansionglobal.com"},"package":{"accessedContext":[],"nodes":{"0":{"component":{"id":"275181c7-8620-4df3-a008-d0cd9937db22","acceptsTypes":{},"isConditional":false,"$context":{},"decorators":["MGTheme"]},"children":["webUINewsletterCard-0.0"],"treeOrder":1,"name":"0","hierarchy":"0"},"webUINewsletterCard-0.0":{"component":{"content":{},"options":{"productId":200,"captchaSiteKey":"6LcmI7sUAAAAAF-vTKb3JIwIzz2CXCx8hJW0Ukis","origin":"articles_app","returnLink":"https://www.mansionglobal.com","editionId":"mansionglobal","content":{"data":{}}},"decorators":["MGTheme"],"id":"c7081dd6-0394-e7b2-1124-a02c2970agdf","acceptsTypes":{"newsletter_config_data":true},"isConditional":false,"$context":{"./content/newsletter":{"key":[".","content","newsletter"],"value":["#","newsletter"]},"./options/region":{"key":[".","options","region"],"value":["#","region"]},"./options/newsletterId":{"key":[".","options","newsletterId"],"value":["#","newsletterId"]},"./options/userEmail":{"key":[".","options","userEmail"],"value":["#","userEmail"]},"./options/loggedIn":{"key":[".","options","loggedIn"],"value":["#","isLoggedIn"]},"./options/hasFullNewsletterAccess":{"key":[".","options","hasFullNewsletterAccess"],"value":["#","hasFullNewsletterAccess"]},"./options/hasFreeNewsletterAccess":{"key":[".","options","hasFreeNewsletterAccess"],"value":["#","hasFreeNewsletterAccess"]},"./options/content/data/list":{"key":[".","options","content","data","list"],"value":["#","newsletter"]}}},"name":"webUINewsletterCard-0.0","treeOrder":2,"hierarchy":"0"}},"root":"0","states":{"nodes":[],"data":[],"hierarchy":{},"dedupeGroups":{},"components":{"code___decoratedComponent___275181c7-8620-4df3-a008-d0cd9937db22___MGTheme":{"id":"275181c7-8620-4df3-a008-d0cd9937db22","decorators":["MGTheme"]},"code___decoratedComponent___c7081dd6-0394-e7b2-1124-a02c2970agdf___MGTheme":{"id":"c7081dd6-0394-e7b2-1124-a02c2970agdf","decorators":["MGTheme"]}}},"refreshInterval":null},"currentState":{"data":[],"nodes":{},"hierarchy":{},"dedupeGroups":{},"components":{"code___decoratedComponent___275181c7-8620-4df3-a008-d0cd9937db22___MGTheme":{"id":"275181c7-8620-4df3-a008-d0cd9937db22","decorators":["MGTheme"]},"code___decoratedComponent___c7081dd6-0394-e7b2-1124-a02c2970agdf___MGTheme":{"id":"c7081dd6-0394-e7b2-1124-a02c2970agdf","decorators":["MGTheme"]}}}} }); Newsletter Sign-up Week in Review Shares the stories you may have missed from the world of luxury real estate PREVIEWSUBSCRIBE window.INITIAL_PROPS_NEWSLETTER_BOTTOM_COL = {} NEW LISTINGS SINGLE FAMILY HOME LOS ANGELES
Tags
Annotators
URL
-
- Mar 2021
- Feb 2021
-
github.com github.com
-
Source maps eliminate the need to serve these separate files. Instead, a special source map file can be read by the browser to help it understand how to unpack your assets. It "maps" the current, modified asset to its "source" so you can view the source when debugging. This way you can serve assets in development in the exact same way as in production.
-
-
www.schneems.com www.schneems.com
-
When Sprockets was introduced, one of the opinions that it held strongly, is that assets such as CSS and JS should be bundled together and served in one file.
-
The alternative was to have multiple scripts or stylesheet links on one page, which would trigger multiple HTTP requests. Multiple requests mean multiple connection handshakes for each link “hey, I want some data”, “okay, I have the data”, “alright I heard that you have the data, give it to me” (SYN, ACK, SYNACK). Even once the connection is created there is a feature of TCP called TCP slow start that will throttle the speed of the data being sent at the beginning of a request to a slower speed than the end of the request. All of this means transferring one large request is faster than transferring the same data split up into several smaller requests.
-
-
apidocs.getresponse.com apidocs.getresponse.com
Tags
Annotators
URL
-
- Dec 2020
-
ccbiperu2021.unsaac.edu.pe ccbiperu2021.unsaac.edu.pe
-
PARTICIPAR EN CONGRESO INTERNACIONAL
-
- Nov 2020
-
signposting.org signposting.org
-
-
www.thecodebuzz.com www.thecodebuzz.com
-
GET is the primary mechanism of information retrieval and the focus of almost all performance optimizations.
-
So before using GET with Body parameter, you must first ensure the servers are supporting it. It is possible that some servers might ignore the body of GET request or behavior like caching GET/HEAD requests might cause issues.
-
A payload within a GET request message has no defined semantics; sending a payload body on a GET request might cause some existing implementations to reject the request.
-
-
stackoverflow.com stackoverflow.com
-
All browers handle 302 incorrectly. Chrome 30, IE10. It became the de facto incorrect implementation; that cannot be changed because so many web-sites issue mistakenly issue 302. In fact ASP.net MVC incorrectly issues 302, depending on the fact that browsers handle it incorrectly.
-
- Oct 2020
-
www.latindex.org www.latindex.orgLatindex1
-
http://purl.org/spar/fabio/BibliographicDatabase,http://purl.org/spar/fabio/Journal,http://purl.org/spar/pso/open-access,http://www.geonames.org/7730009/latin-america-and-the-caribbean.html bnfrmcn/recurso/ejercicio/articulo_revista_indexado
-
-
hypothes.is hypothes.is
-
"Most Native Americans did not neatly distinguish between the natural and the supernatural. Spiritual power permeated their world and was both tangible and accessible"
This shows how much more open Natives were to the super Naturaul unlike the Europeans who were more than likely christians.
-
my first question: is what do they mean exactly by "kinship"?
My second question is: what does the reading mean by Chiefdoms?
-
"Food surpluses enabled significant population growth, and the Pacific Northwest became one of the most densely populated regions of North America"
This is significant because it shows how succesful the natives were before the Europeans showed up and spread native European diseases to Natives.
-
-
developer.mozilla.org developer.mozilla.org
-
strict-origin: Only send the origin of the document as the referrer when the protocol security level stays the same (e.g. HTTPS→HTTPS), but don't send it to a less secure destination (e.g. HTTPS→HTTP).
-
- Sep 2020
-
www.nature.com www.nature.com
-
10.1038/498255a
-
-
www.redalyc.org www.redalyc.org
-
-
www.worldcat.org www.worldcat.org
-
elifesciences.org elifesciences.orgSearch1
-
115 results found
-
- Aug 2020
-
eprints.rclis.org eprints.rclis.org
-
Datos abiertos enlazados y libros abiertos: impacto en las bibliotecas y en el desarrollo de la sociedad de la información
-
-
github.com github.com
-
I don't think it should be the individual application's responsibility to add Cache-Control: Vary when that negotiation/routing is done by Rails on behalf of the app, do you?
-
Expected behavior Response should include Vary: Accept to show that the response differs due to content negotiation. Actual behavior All responses are considered equal to the user agent, leading to caching issues. See these bugs:
-
-
github.com github.com
-
Yeah, so I believe what we want is.. If an action has no templates defined at all, AND it has no respond_to { ... } block, then it should do a 204 If an action has certain templates defined, AND it has no respond_to { ... } block, then it should do a 406 for formats with no templates If an action has a respond_to { ... } block, then it should do a 406 for formats not in the list
-
- May 2020
-
docs.gitlab.com docs.gitlab.com
-
docs.gitlab.com docs.gitlab.com
Tags
Annotators
URL
-
- Apr 2020
-
haveibeenpwned.com haveibeenpwned.com
-
falcon.readthedocs.io falcon.readthedocs.io
-
“What other framework has integrated support for 786 TRY IT NOW ?”
I couldn't find documentation of what this is referring to. Is it a custom HTTP status code?
https://falcon.readthedocs.io/en/stable/api/status.html mentions
HTTP status line, e.g. ‘748 Confounded by Ponies’. but not 786.
-
When it comes to building HTTP APIs, other frameworks weigh you down with tons of dependencies and unnecessary abstractions. Falcon cuts to the chase with a clean design that embraces HTTP and the REST architectural style.
-
-
github.com github.com
-
This API uses request body in GET requests. For a long time this was prohibited in RFC2616 HTTP specification, but since RFCs 7230-7237, it is only discouraged, since older implementations could reject such requests. However, given that major APIs such as ElasticSearch's already implement GET with request bodies, there is precedence to such implementation.
My first sighting of the sending a request body with get request.
-
-
www.troyhunt.com www.troyhunt.com
-
trim off a bunch of excessive headers such as the content security policy HIBP uses (that's of no use to a lone API endpoint).
-
-
queue.acm.org queue.acm.org
-
One mistake that we made when creating the import/export experience for Blogger was relying on one HTTP transaction for an import or an export. HTTP connections become fragile when the size of the data that you're transferring becomes large. Any interruption in that connection voids the action and can lead to incomplete exports or missing data upon import. These are extremely frustrating scenarios for users and, unfortunately, much more prevalent for power users with lots of blog data.
-
-
tools.ietf.org tools.ietf.org
-
Origin servers SHOULD NOT fold multiple Set-Cookie header fields into a single header field. The usual mechanism for folding HTTP headers fields (i.e., as defined in [RFC2616]) might change the semantics of the Set-Cookie header field because the %x2C (",") character is used by Set-Cookie in a way that conflicts with such folding.
"Fold" should be replaced with "combine" to make this paragraph consistent with the HTTP/1 specs (RFC 2616, RFC 7230).
https://www.rfc-editor.org/errata/eid6093 https://stackoverflow.com/questions/3241326/
Tags
Annotators
URL
-
-
erlang.org erlang.org
-
Content-Length
Not mentioned anywhere (not even in the
inets
User's Guide), butContent-Length
is calculated automatically if it is not provided.
Tags
Annotators
URL
-
- Mar 2020
-
hackernoon.com hackernoon.com
-
you're "updating" it to the same data that's already there
or not, when someone else already changed it.
-
-
xml.coverpages.org xml.coverpages.org
-
I would standardize an RPOST (for reliable post) method which would either accept a message ID from the client or return a new URI with a message ID in it.
The answer!
-
we need to make certain that we set up our system so that multiple POSTs of the same data are not harmful
This is the goal of this article.
-
by definition it is safe to try again
How safe is it really? No problem with GET but what other operations? How about re-sending the PUT message a month later?
-
-
-
www.w3.org www.w3.org
-
not cacheable, unless the response includes appropriate Cache-Control or Expires header fields
To read more about Cache-Control header see: https://tools.ietf.org/html/rfc7234#section-5.2
-
PUT method requests that the enclosed entity be stored
-
-
en.wikipedia.org en.wikipedia.org
-
If a server responds to a POST or other non-idempotent request with a 303 See Other response and a value for the location header, the client is expected to obtain the resource mentioned in the location header using the GET method
-
to trigger a request to the target resource using the same method, the server is expected to provide a 307 Temporary Redirect response
Tags
Annotators
URL
-
- Feb 2020
-
github.com github.com
Tags
Annotators
URL
-
- Dec 2019
-
stackoverflow.com stackoverflow.com
-
I understand that GitHub uses "Not Found" where it means "Forbidden" in some circumstances to prevent inadvertently reveling the existence of a private repository. Requests that require authentication will return 404 Not Found, instead of 403 Forbidden, in some places. This is to prevent the accidental leakage of private repositories to unauthorized users. --GitHub This is a fairly common practice around the web, indeed it is defined: The 404 (Not Found) status code indicates that the origin server did not find a current representation for the target resource or is not willing to disclose that one exists. --6.5.4. 404 Not Found, RFC 7231 HTTP/1.1 Semantics and Content (emphasis mine)
-
-
tus.io tus.io
-
webmasters.stackexchange.com webmasters.stackexchange.com
-
blog.logrocket.com blog.logrocket.com
-
If your only reason for using Axios is backward compatibility, you don’t really need an HTTP library. Instead, you can use fetch() with a polyfill like this to implement similar functionality on web browsers that do not support fetch(). To begin using the fetch polyfill, install it via npm command: npm install whatwg-fetch --save
-
-
blog.logrocket.com blog.logrocket.com
-
If you are using a JavaScript library, chances are it comes with a client HTTP API. jQuery’s $.ajax() function, for example, has been particularly popular with frontend developers. But as developers move away from such libraries in favor of native APIs, dedicated HTTP clients have emerged to fill the gap.
-
-
github.com github.com
-
-
Note that adding the X-Requested-With header makes the request "unsafe" (as defined by CORS), and will trigger a preflight request, which may not be desirable.
-
It shouldn't be useful to distinguish between requests made by Ajax and other kinds of request. Pretty much any usecase where you'd want to do that is better served by using the Accept header to ask for data in a specific format.
-
- Oct 2019
-
lua.2524044.n2.nabble.com lua.2524044.n2.nabble.com
-
Is anyone aware of a lua http lib that supports keepalive?
When sending a request you can pass the following keepalive settings which will keep the connection open:
local http = require "resty.http" local httpc = http.new() httpc:connect("127.0.0.1", 9081) local response, err = httpc:request({ path = "/proxy" .. ngx.var.request_uri, method = "HEAD", headers = ngx.req.get_headers(), keepalive_timeout = 60, keepalive_pool = 10, })
-
-
hypothes.is hypothes.is
-
Analyze 301 Redirect checker by Redirect Tracker
Are you looking for best Redirect checker tool? Redirect tracker is the free tool to check 301 redirect checkers, http Redirect Tracker and redirect tracking code. We analyze all redirections. Try Now!
-
-
hypothes.is hypothes.is
-
Programas efectivos de prevención e intervención en Bullying
Múltiples y diversas intervenciones se han desarrollado para afrontar esta problemática (por ejemplo, Minton & O'Moore, 2008; Olweus, 1993; Smith, Ananiadou, & Cowie, 2003; Varela & Tijmes, 2008 entre otros). Sin embargo, a pesar de los numerosos programas existentes, solo unos pocos han demostrado ser efectivos. De hecho, los programas exitosos se caracterizan por abordar esta problemática en sus diversos niveles y no con actividades puntuales ni aisladas.
Con respecto a la experiencia internacional, "Olweus Bullying Prevention Program", es uno de los programas pioneros en la intervención del Bullying (Olweus, 1993). Este programa se basa en un modelo comprensivo que opera en distintos niveles: escolar, sala de clases e individual. Tiene como objetivo reducir y eliminar tanto el Bullying directo como el indirecto, mejorar las relaciones de pares en el establecimiento educacional y crear las condiciones que permitan que tanto víctima como victimario logren funcionar mejor dentro y fuera de éste. Las estrategias del programa incluyen la promoción y creación de un ambiente positivo en todo el establecimiento educacional, donde la participación de los adultos (docentes y familias) es fundamental; y la creación de límites claros frente a la conductas que no son aceptadas dentro del contexto escolar, requiriendo que las sanciones que se aplican a los victimarios sean consistentes, no castigadoras e involucren un proceso de reflexión y reparación (Olweus, 2004). La evaluación de este programa indica que fue exitoso, disminuyendo en un 50% el autoreporte de Bullying (tanto de víctima como victimario), la incursión en otro tipo de conductas antisociales, y mejorando el clima escolar (Olweus, 2004).
En Inglaterra se llevó a cabo el programa "Sheffield Anti-Bullying Project", inspirado en el programa de Olweus. Este programa busca desarrollar políticas institucionales en el establecimiento educacional que permitan detener la victimización por Bullying a nivel de toda la comunidad escolar, utilizando estrategias como el desarrollo de políticas integrales para detener la victimización, el desarrollo curricular para crear conciencia del problema, el trabajo individual, seguimiento y monitoreo tanto de la víctima como del agresor, modificación de los espacios físicos de riesgo, y el monitoreo permanente de los niveles de victimización dentro de la escuela. La evaluación del programa, llevado a cabo en cuatro establecimientos educacionales durante 18 meses, demostró que disminuyó el porcentaje de victimización (14% en primaria y 7% en secundaria), la tasa de agresión (12% en primaria y secundaria), y aumentaron las denuncias por agresión a los profesores (Smith, et al., 2003).
El "Programa educativo de prevención de maltrato entre compañeros y compañeras" (SAVE) desarrollado en España, es otro ejemplo de programas con resultados exitosos. Este programa toma un modelo integral, preventivo, ecológico y comunitario e involucra a los alumnos, profesores, familia y comunidad. El programa no solo disminuyó las conductas de Bullying, sino que logró promover las relaciones interpersonales como un factor protector frente a la violencia escolar (Ortega, Del Rey, & Mora-Merchán, 2004).
Por otra parte, Finlandia cuenta con el "Programa Anti-bullying Kiva" desarrollado en la Universidad de Turku y financiado por el Ministerio de Educación de este país, el cual presenta estrategias universales para prevenir situaciones de intimidación y, a su vez, detener la intimidación en curso. El programa contiene una serie de herramientas concretas para los educadores, lecciones para estudiantes, material de aprendizaje virtual, e indicaciones claras para los integrantes de la comunidad escolar para detener las situaciones de intimidación de manera efectiva (Salmivalli, Kärnä & Poskiparta, 2011; Kärnä, Voeten, Little, Poskiparta, Kaljonen & Salmivalli, 2011).
Otros programas internacionales que han demostrado efectividad son el "Programa Apoyo Positivo al Estudiante" (Positive Behavior Support-PBS, Sprague & Golly, 2005) y los Programas Anti-bullying en Irlanda: "Programa ABC" (Minton & O'Moore, 2008). Todos se basan en una aproximación multinivel del fenómeno, la implementación de estrategias de prevención e intervención de manera sistemática, organizadas y planificadas a largo plazo. Así como también, la implementación de estrategias orientadas al desarrollo de un clima social escolar positivo y al fomento de habilidades socio-emocionales.
En Chile, uno de los primeros programas en evaluar su efectividad fue el programa piloto "Aprendiendo Juntos", basado en el modelo de intervención del "Positive Behavior Support-PBS". Se implementó en un establecimiento educacional de la cuidad de Santiago, donde se logró disminuir en un 34,7%, los incidentes violentos entre los alumnos, medido a través de la disminución del promedio diario de alumnos derivados a inspectora1 en los años 2006 y 2007 (Varela, Tijmes & Sprague 2009). Otra experiencia chilena evaluada fue el Programa Recoleta en Buena implementado en 4 establecimientos educacionales donde se evaluó a 677 estudiantes el año 2006 y 553 el año 2008, de 5º básico a IVº medio. El programa logró disminuir el promedio de los reportes de violencia (víctimas, victimarios y testigos), salvo los reportes de violencia de tipo delictual (violencia más grave). Sin embargo, sus resultados reportaron efectividad a nivel primario permitiendo impactar en toda la comunidad escolar (Varela, 2011).
Tanto la experiencia internacional como en Chile en la implementación de programas de prevención e intervención de violencia en las escuelas ha demostrado la importancia de abordar esta problemática desde un modelo ecológico (Orpinas, 2009). Es decir, que los programas presenten un abordaje integral, los cuales apunten a los distintos niveles del sistema escolar: políticas públicas, red educativa, familias, y personas, así como la interrelación entre estos niveles. Asimismo, las estrategias de intervención y de prevención deben ser organizadas, sistemáticas y planificadas a largo plazo. Estas estrategias deben estar orientadas a prevenir, intervenir y promover un clima social escolar positivo, incrementar la empatía, el desarrollo de las competencias sociales, la promoción de conductas prosociales, la resolución de conflictos y la mediación.
A pesar de lo anterior, la experiencia ha demostrado que existe una escasez de estudios de efectividad sobre programas integrales de prevención del Bullying, a nivel de los países de Sudamérica. Es por esto que el presente artículo evalúa la efectividad de un programa de prevención e intervención de Bullying y Ciberbulling, basado en los lineamientos de los programas que han demostrado ser exitosos, en alumnas que cursan de 4º año básico a IVº año medio de un establecimiento educacional femenino de Santiago de Chile.
-
-
www.the-tls.co.uk www.the-tls.co.uk
-
JOHN WHITWORTH (2007)
A committed formalist, who died at the age of 73, on April 20th, 2019.
-
- Sep 2019
-
www.w3.org www.w3.org
-
Of course, as organizations disolve and mutate, there is nothing to stop one organization from taking over the support of the archives another. Forthis purpose, it would be very useful to have a syntax for putting a date into a domain name. This would allow a system to find an archive server. Imaging that, failing to find "info.cern.ch", one could search back and find an entry "info.cern.ch.1994" which pointed to www.w3.org as a current server holding archive information for info.cern.ch as it was in 1994, with, of course, pointers to newer versions of the documents.
This document talks about content negotiation being used to request an audio version of a resource, no protocol-level negotiation of time versioning appears here.
Tags
Annotators
URL
-
-
www.w3.org www.w3.org
-
On the other hand, a resource may be generic in that as a concept it is well specified but not so specifically specified that it can only be represented by a single bit stream. In this case, other URIs may exist which identify a resource more specifically. These other URIs identify resources too, and there is a relationship of genericity between the generic and the relatively specific resource.
I was not aware of this page when the Web Annotations WG was working through its specifications. The word "Specific Resource" used in the Web Annotations Data Model Specification always seemed adequate, but now I see that it was actually quite a good fit.
-
-
www.w3.org www.w3.org
-
HTTPRange-14
303 See Other
Tags
Annotators
URL
-
- Jun 2019
-
mises-media.s3.amazonaws.com mises-media.s3.amazonaws.com
-
voluntary trade
describes a market where buyers and sellers have the right to sell and buy by their own preference or refuse to if they so choose.
-
- May 2019
-
oll.libertyfund.org oll.libertyfund.org
-
Paduans
Paduans is a Venetian Italian city that was founded by the Trojan price Antenor in 1185 B.C after the destruction of Troy. Antenor who was the founder of the city was said to be a tradior of the Trojans and he delivered Palladio who was the tailsmans of troy to Odysseus and Diomedes and in exchange he recieved salvation for himself and his family. Today Paduans in known to be one of the most beautiful cities in Veneto.
Tags
Annotators
URL
-
- Apr 2019
-
developers.google.com developers.google.com
- Mar 2019
-
link.springer.com link.springer.com
-
Linked data is one of the most successful practices in semantic web, which has led to the opening and interlinking of data.
-
- Feb 2019
-
f1000research.com f1000research.com
-
open access article
-
-
openscienceasap.org openscienceasap.org
-
Was ist Open Science?
-
- Jan 2019
-
www.ccud.unam.mx www.ccud.unam.mx
-
Manual de Datos Abiertos de Colecciones Universitarias Digitales
-
Datos Enlazados (Linked Data)
-
-
www.mercurynews.com www.mercurynews.com
-
University of California leads fight over access to research
-
- Oct 2018
-
collectd.org collectd.org
Tags
Annotators
URL
-
-
scotthelme.co.uk scotthelme.co.uk
Tags
Annotators
URL
-