27 Matching Annotations
  1. May 2020
    1. For instance, cor does not distribute over cand: compare (A cand B) cor C with (A cor C) cand (B cor C); in the case ¬A ∧ C , the second expression requires B to be defined, the first one does not
    1. Unfortunately, you cannot index an expression, which has a sub-query in it. If you want to index it, you need to create a function for it:
  2. Apr 2020
    1. As mentioned in StateMachines::Machine#state, you can define behaviors, like validations, that only execute for certain states. One important caveat here is that, due to a constraint in ActiveRecord's validation framework, custom validators will not work as expected when defined to run in multiple states.
    1. Google Tag Manager allows you to avoid tagging scripts as described below, although this is limited to a certain category of scripts – scripts that are not positional/do not define a position. It, therefore, does not handle embed scripts such as those related to advertising banners, youtube video widgets, facebook like buttons etc.
    1. Remember to call super in any subclasses that override teardown.

      And yet the Rails core chose not to use RSpec, citing how it would be too easy to write subject == expected on accident?

    1. For Rails 5, note that protect_from_forgery is no longer prepended to the before_action chain, so if you have set authenticate_user before protect_from_forgery, your request will result in "Can't verify CSRF token authenticity." To resolve this, either change the order in which you call them, or use protect_from_forgery prepend: true.
    1. This is pretty old now, but it should absolutely be mentioned that you can NOT always fall back to html - I suspect that MOST places that support markdown don't support html.

      Not sure if this is true, though. GitHub and GitLab support HTML, for example.

      Maybe comments on websites wouldn't normally allow it; I don't know. But they should. One can use this filter, for example, to make it safer.

    1. The rate limit can be just that - a limit rather than also dishing out punishment via the 24 hour block

      Why can't a plain rate limit (without additional blocking) by used even if not authenticated? Seems like it could.

    1. If all you want to do is print the results you might be used to leaving out the -print action. You generally don't want to do that when using -prune.
    2. which means that it'll also print out the name of the directory you're pruning, which usually isn't what you want. Instead it's better to explicitly specify the -print action if that's what you want
    1. This situation usually arises from external constraints not design choices such as my example with Sequel. My point is that assigning a value to a constant is allowed by Ruby in certain scopes and not others. It used to be up to the developer to choose wisely when to perform the assignment. Ruby changed on this. Not for everyone's good.
  3. Mar 2020
    1. Our WordPress plugin automatically blocks scripts that are generated on the server side (therefore returned by PHP by WordPress). Scripts that are inserted into the page via JavaScript after the loading process of that page are not and cannot be blocked automatically.
    1. YouTube will not collect and store info on the users, that are visiting your site, on its server unless they view the video
    2. unless they view the video
    1. While you can't completely stop YouTube from installing cookies through the embedded videos on your site, enabling privacy-enhanced mode will allow You Tube to install the cookies only when a user actually clicks to play one of the videos
  4. tonydye.typepad.com tonydye.typepad.com
    1. The absolutely worst thing that can happen in your anti-spam solution is to block a good email and not let anybody know about it!  Anti-spam solutions should always generate an NDR such that a legitimate sender can know their message didn't get through. (Of course, we know many legitimate users don't read nor understand NDRs, so there's still an issue)  A really good anti-spam solution should not only generate an NDR, but that NDR should have an "escape clause" in it that gives that legitimate user a special way to get through the anti-spam solution, if they take some reasonable steps.
    1. Cookies may not be detected by scanner if the related tag is triggered by actions such as form submission, scroll depth, timing delay, etc. These tags will need to be controlled by manual methods.

      With all these caveats listed, it makes me wonder for which tags auto-blocking does work. Only script tags inside of head?

      They are a bit vague in their "how it works" description...

    2. Cookies set by in-line scripting directly in the HTML is not supported by the auto-blocking functionality.
    1. However imagine we are creating a format string in a separate file, commonly because we would like to internationalize it and we rewrite it as: <?php$format = 'The %s contains %d monkeys';echo sprintf($format, $num, $location);?> We now have a problem. The order of the placeholders in the format string does not match the order of the arguments in the code. We would like to leave the code as is and simply indicate in the format string which arguments the placeholders refer to. We would write the format string like this instead: <?php$format = 'The %2$s contains %1$d monkeys';echo sprintf($format, $num, $location);?> An added benefit is that placeholders can be repeated without adding more arguments in the code.
    2. $format = 'There are %d monkeys in the %s';

      Compared to below:

      $format = 'The %s contains %d monkeys'
  5. Jan 2020
    1. before_destroy callbacks should be placed before dependent: :destroy associations (or use the prepend: true option), to ensure they execute before the records are deleted by dependent: :destroy.
    1. Please do not make the mistake of trying to reduce the HAVING clause with a little false relational algebra to: 1 HAVING COUNT(PS1.plane_name) = COUNT(H1.plane_name) because it does not work; it will tell you that the hangar has (n) planes in it and the pilot_name is certified for (n) planes, but not that those two sets of planes are equal to each other.
  6. Dec 2019
    1. When you do sudo you are running commands as root, another user in another shell and hence all of the setup that RVM has done for you is ignored while the command runs under sudo (such things as GEM_HOME, etc...). So to reiterate, as soon as you 'sudo' you are running as the root system user which will clear out your environment as well as any files it creates are not able to be modified by your user and will result in strange things happening
  7. Aug 2019
    1. The parentheses ( ... ) around the assignment statement are required when using object literal destructuring assignment without a declaration. {a, b} = {a: 1, b: 2} is not valid stand-alone syntax, as the {a, b} on the left-hand side is considered a block and not an object literal.
    2. Your ( ... ) expression needs to be preceded by a semicolon or it may be used to execute a function on the previous line.