33 Matching Annotations
  1. Apr 2022
    1. Think the mere existence of a file is effectively like writing a require call for them, which is executed on demand (autoload) or upfront (eager load).
  2. Jan 2022
    1. FORBIDDEN: Status code (403) indicating the server understood the request but refused to fulfill it. User/agent known by the server but has insufficient credentials. Repeating request will not work, unless credentials changed, which is very unlikely in a short time span.
    2. There's a problem with 401 Unauthorized, the HTTP status code for authentication errors. And that’s just it: it’s for authentication, not authorization. Receiving a 401 response is the server telling you, “you aren’t authenticated–either not authenticated at all or authenticated incorrectly–but please reauthenticate and try again.” To help you out, it will always include a WWW-Authenticate header that describes how to authenticate.
    3. So, for authorization I use the 403 Forbidden response. It’s permanent, it’s tied to my application logic, and it’s a more concrete response than a 401. Receiving a 403 response is the server telling you, “I’m sorry. I know who you are–I believe who you say you are–but you just don’t have permission to access this resource. Maybe if you ask the system administrator nicely, you’ll get permission. But please don’t bother me again until your predicament changes.”
    4. UNAUTHORIZED: Status code (401) indicating that the request requires authentication, usually this means user needs to be logged-in (session). User/agent unknown by the server. Can repeat with other credentials. NOTE: This is confusing as this should have been named 'unauthenticated' instead of 'unauthorized'.
    5. +----------------------- | RESOURCE EXISTS ? (if private it is often checked AFTER auth check) +----------------------- | | NO | v YES v +----------------------- 404 | IS LOGGED-IN ? (authenticated, aka user session) or +----------------------- 401 | | 403 NO | | YES 3xx v v 401 +----------------------- (404 no reveal) | CAN ACCESS RESOURCE ? (permission, authorized, ...) or +----------------------- redirect | | to login NO | | YES | | v v 403 OK 200, redirect, ... (or 404: no reveal) (or 404: resource does not exist if private) (or 3xx: redirection)
    1. When you initially logon with OAuth2, you will be redirect to Google’s sign-in page,. Once you have signed in, Google issues you a special OAuth2 token which is saved in Thunderbird and can be seen in the same place as passwords. So when you next logon to gmail, it is using that unique OAuth ID instead of password.
  3. Nov 2021
    1. In your Svelte component, you can then use your store with the special $ prefix syntax, to access the value of the store ('cause the temperature variable is a reference to the store itself, it's just a mean to our end, the result we need is the value):
    2. Stores are essentially some kind of simplified streams (or Observable as they're called in ES), that is they represent a value over time.
    3. Stores are the idiomatic Svelte way when you need to import "reactivity" from your normal JS sources.
  4. Aug 2021
    1. function strictIsDog<T extends Dog extends T ? unknown : never>( // like <T super Dog> candidate: Dog | T // if Dog extends T then Dog | T is T ): candidate is Dog { // compiler recognizes that Dog | T can narrow to T return "bark" in candidate; } if (strictIsDog(animal)) {} // okay if (strictIsDog(dog)) {} // okay if (strictIsDog(mixed)) {} // okay if (strictIsDog(cat)) {} // error! // ~~~ <-- Cat is not assignable to Dog
  5. Apr 2021
    1. It's simple really ... put tests into a shared example that you want multiple things to conform to. Put code into a shared context that you need to include in multiple tests.
  6. Mar 2021
    1. Intuitively, a subcategory of C is a category obtained from C by "removing" some of its objects and arrows.
  7. Feb 2021
    1. A Monad wraps a value or a computation with a particular context. A monad must define both a means of wrapping normal values in the context, and a way of combining computations within the context.
    1. All those names of things - topology, complex analysis, and differential geometry - might not sound like much to you now, but you'll soon learn that they're really just describing the shapes of things in our Universe, and the way those shapes change in time and space are explained by things like calculus and chaos theory.
  8. Jan 2021
  9. Nov 2020
    1. So let's say we pull down evil/foo which is FROM ubuntu followed by RUN apt-get update except with a small surprise included in the image. Subsequent builds using those same commands will be compromised.
  10. Oct 2020
    1. Not all application state belongs inside your application's component hierarchy. Sometimes, you'll have values that need to be accessed by multiple unrelated components, or by a regular JavaScript module.
    2. A store is simply an object with a subscribe method that allows interested parties to be notified whenever the store value changes. In App.svelte, count is a store, and we're setting count_value in the count.subscribe callback.
    1. Just like elements can have children... <div> <p>I'm a child of the div</p> </div>...so can components. Before a component can accept children, though, it needs to know where to put them. We do this with the <slot> element.
  11. Sep 2020
  12. May 2020
    1. whose personal data you collect and process as “controller” (that is the word that GDPR uses for whoever determines the purposes and means of the processing of personal data).
  13. Mar 2020
    1. First-party cookies are the lifeblood of every website, enabling businesses to remember key pieces of information about users and to collect analytics data. Third-party cookies are the bread and butter of AdTech, allowing publishers to monetize their websites, and brands to run advertising and marketing campaigns.