31 Matching Annotations
  1. Last 7 days
    1. Authentication by schemes outside of RFC2617 is not supported in HTTP status codes and are not considered when deciding whether to use 401 or 403.

      What does "are not considered when deciding whether to use 401 or 403" mean exactly? What exactly should not be considered, and what exactly should be considered instead? In other words, how did someone arrive at the conclusion that "if you have your own roll-your-own login process and never use HTTP Authentication, 403 is always the proper response and 401 should never be used."? Why is 403 okay to use for non-HTTP authentication, but not 401?

      Oh, I think I understand the difference now.

      They should have said:

      Authentication by schemes outside of (not defined by) RFC7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication should not use HTTP status 401, because 401 Unauthorized is only defined (by current RFCs) by RFC7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication, and has semantics and requirements (such as the requirement that "A server generating a 401 (Unauthorized) response MUST send a WWW-Authenticate header field containing at least one challenge.") that simply don't make sense or cannot be fulfilled if using a non-HTTP authentication scheme.

      403 Forbidden, on the other hand, is defined by the broader HTTP standard, in RFC7231: Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content and RFC7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication.

      In conclusion, if you have your own roll-your-own login process and never use HTTP Authentication, 403 is always the proper response and 401 should never be used.

      See also my comments in https://hyp.is/p1iCnnowEeyUPl9PxO8BuQ/www.rfc-editor.org/rfc/rfc7235

    1. If the ticket is incorrect or damaged, you cannot even go through the airport security: when they check your ticket, it will be refused. You are Forbidden to enter the boarding area of the airport.

      It depends what we mean by "incorrect"/damaged "credentials ("ticket")...

      A. If they are invalid or incorrect in the sense that we can't authenticate them as anyone (as it sounds like you mean with "incorrect" or "damaged") (they're not a user in our database or the password doesn't match a user in our database), then you should actually use 401, meaning that the client can/should try (again) to authenticate with different credentials.

      B. But if by "incorrect" you mean (as it sounds like you mean with "you cannot even go through the airport security: when they check your ticket, it will be refused") that the credentials were valid enough to authenticate you as someone (a user in our database), but that (known( user has insufficient credentials, then correct, it should be a 403 forbidden.

      It's even easier to explain / think about if you just think of 401 as being used for any missing or failed authentication. See:

  2. Sep 2021
    1. English

      I disagree with this statement for multiple reasons, however, even from a scientific standpoint this is faulty. The rating was very poorly done as the sample that they polled was not up to good standards

    Tags

    Annotators

  3. Jul 2021
    1. Closed issues are locked after 30 days of inactivity. This helps our team focus on active issues. If you have found a problem that seems similar to this, please open a new issue.
  4. Jun 2021
    1. As aforementioned, the usage of master as a branch most likely originated from the first meaning

      The meaning:

      An original recording, film, or document from which copies can be made.

      makes more sense to me. Why would they have meant the other meaning?

    1. I don't think this warrants adding to the Array class, since it's not generalizable to all the types that Arrays can contain.

      You could say the same thing about Array#sort. It can cause an error if elements of the array aren't all of the same type/shape. Just make sure it's safe to use first, and thenArray#sort, Array#sum, Array#average, ... are all quite handy and useful to have on Array class.

    2. I don't know, using instance_eval this way just seems weird, and it has a lot of gotchas associated with it that make this approach a bad idea, IMO. (For example, if you tried to access and instance variable or a method on self inside that block, you'd run into problems.) instance_eval is more for metaprogramming or DSL.

      But that's exactly when/why you'd use it: to make self refer to the instance! Just learn that and you'll be fine. You can still access locals from outside the block. And if you need to access instance variables/methods of a different instance, then sure, it's probably a sign you shouldn't be using instance_eval here.

    3. I agree, don't use this in your application code.
  5. May 2021
    1. If the hosting company (or any organization that you're trying to get support from) wanted you to know something, they would have already told you or made that information available.
  6. Apr 2021
    1. stunning HD retro-style graphics

      It looks low-res, so how can they claim it's HD?

    1. I respectfully disagree with your assessment. You are referencing the quote "It's not appropriate to use the aside element just for parentheticals, since those are part of the main flow of the document." However the OP specifically said that they are looking for a semantic element for "a note that may be useful to read at a given point of a tutorial, but is not part of the main tutorial flow". That is what "aside" is for. It's not part of the main content flow.

      That's a tough one. I can see it both ways.

  7. Mar 2021
  8. Nov 2020
    1. It’d be a tragedy if students left the class declaring, “them environmentalists just don’t get it!” or “them family-feeders just don’t get it!” Both are good and both may be possible.

      Maybe, but we also have to consider individual differences for the tolerance or capacity for either having one's views challenged, or being willing to challenge others' views in public/classroom contexts. Also, there may be a difference between what we hear students say publicly and what they really feel.

    2. at all costs avoid simplified or polarized conclusions

      Of course, it depends on the context of the course content--if there are correct and incorrect answers or processes or procedures, such conclusions are valid and desirable.

  9. Oct 2020
  10. Sep 2020
    1. Peoplemorewillinglydriveonslipperyroadsthemorenearlycom-pletetheircollisioncoverage;backdoorsareunlockedifthehome-owner'spolicyisliberalinitsprovisionsforburglary.Iammoreindulgentofmysorethroatifmyemployerprovidesanamplequotaofsickdays.

      Disagree— This and the previous three paragraphs are gross and reductive, assuming the worst of society, that everyone wants to be lazy and have their houses burglarized if they think their insurance will payout. Would fit in well at the GOP convention...

  11. Dec 2019
  12. Dec 2017
    1. Of course, they can also be observed benignly in natural or zoolike settings.

      I disagree with this premise- I don't think putting animals into zoos and observing them there, is a benign act.

    1. demanding not only that “Open Casket” be removed from the show but that it be destroyed. “It is not acceptable for a white person to transmute Black suffering into profit and fun

      others did not think it was okay for her to depict the image bc she is white and it is ab a racial issue (she cant relate to the feelings bc she is white)

      -on the other hand she was trying to compensate for their sadness and be empithetic?

  13. Oct 2017
  14. instructure-uploads.s3.amazonaws.com instructure-uploads.s3.amazonaws.com
    1. All in all, the average suc-cess rate of the experts rose from 71 percent up to 80 percent under ob-servation, while that for novices fell from 36 percent to 25 percent.

      Is a 9 and 11 percent difference in expert and novice performance really able to make a conclusion? Correlation does not equals causation.

    1. estab-lish their authority

      It was very difficult to find an interpretation I disagree with, so I'll be super nit-picky here! I disagree with this because for a group of people so devoted to their religion (and although there still lay a pattern of male figure-heads and assumed authority), I think the rabbis are actually genuine in their beliefs and application of their beliefs to their student's problems. I think, rather than seeing it as wanting to "establish their authority" - we can picture it like how a mother would try and reprimand her daughter not be careless with a boy when drinking. It's not because the mother wants to establish authority, but because the mother might've experienced a mistake similar - or witnessed someone make that kind of decision and its consequences. Therefore, they wish to prevent their daughter from making the same mistake. In this case, the rabbis, in terms of their principles and what they believe is right according to their "world," describe their students' problems in a way that fits according to that world - not for some power-hungry desire, but because they apply their culture (what they've embodied) to their students (the students who ought to be following that very same culture).

    1. rather alarming fact that only good people are ever bothered by a bad conscience whereas it is a very rare phenomenon among real criminals

      But what are good and bad? In this case the bad conscience is coined by the "good people", but there is no universal good or bad. This phrase is objective.

  15. Sep 2017
    1. If all mankind minus one, were of one opinion, and only one person were of the contrary opinion, mankind would be no more justified in silencing that one person, than he, if he had the power, would be justified in silencing mankind.

      I don't believe it is a necessity to listen to all and everyone's opinion, it is in fact a set back to all but the one. Even if the 99% is wrong and the 1% is right, what the 99% believes is right becomes the truth.

    1. your own personal myth.

      I'm not sure how I agree with this phrase--myths aren't necessarily true and lives are, right?

  16. Aug 2017
    1. Tip #5.  Don’t be Shy About Depth Create as many levels of sub-folders as you need.  Don’t be scared to do so.  Every time you notice an opportunity to group a set of related files into a sub-folder, do so.  Examples might include:  All the MP3s from one music CD, all the photos from one holiday, or all the documents from one client.

      I really disagree with this one - I think over-use of subfolders makes it really difficult to work with a file-system.

  17. Sep 2015
  18. newclasses.nyu.edu newclasses.nyu.edu
    1. cultural system

      I don't understand this view of romance as a cultural system. Overall example using romance seems weak compared to AA chapter.

  19. newclasses.nyu.edu newclasses.nyu.edu
    1. Alcoholics are a labeled group of people who behave inappropriately after drinking alcohol.

      I don't understand this - labeled by others after acting "inappropriately" AFTER drinking? I feel like the label is more contingent on the act or habit of drinking, rather than only after... Guess this speaks to the disagreements and lack of a clear definition of alcoholism

  20. Sep 2013
    1. No; things that are true and things that are better are, by their nature, practically always easier to prove and easier to believe in.

      Disagree for the block. I don't know where to begin with how much I disagree with this and don't want to present ideas that offend people, so I'll just leave it at that

    1. However, neither class of teachers is in possession of a science by which they can make capable athletes or capable orators out of whomsoever they please

      I disagree with this to an extent. When it boils down to it, yes, it is the student who puts forth the effort or the will. However, a good teach can give the student the tools they need to succeed in sport or knowledge. No pressure, Professor Boyle.