461 Matching Annotations
  1. Last 7 days
    1. But anti- spam software often fetches all resources in mail header fields automatically, without any action by the user, and there is no mechanical way for a sender to tell whether a request was made automatically by anti-spam software or manually requested by a user. To prevent accidental unsubscriptions, senders return landing pages with a confirmation step to finish the unsubscribe request. A live user would recognize and act on this confirmation step, but an automated system would not. That makes the unsubscription process more complex than a single click.

      HTTP: method: safe methods: GETs have to be safe, just in case a machine crawls it.

    2. The mail sender MUST NOT return an HTTPS redirect, since redirected POST actions have historically not worked reliably, and many browsers have turned redirected HTTP POSTs into GETs.
    3. This document describes a method for signaling a one-click function for the List-Unsubscribe email header field. The need for this arises out of the actuality that mail software sometimes fetches URLs in mail header fields, and thereby accidentally triggers unsubscriptions in the case of the List-Unsubscribe header field.
  2. Nov 2022
  3. Oct 2022
    1. How do REST APIs work? REST, or “representational state transfer,” is a type of software design that gives access to data (aka “web resources”) by using a uniform and predefined set of operations. The payload - the data to be delivered - defined in the request itself, will be formatted in a language such as HTML, JSON, or XML. The set of operations are the methods available to HTTP, which is the underlying protocol for how browsers retrieve websites from servers. These methods include GET, POST, PUT, DELETE, and others.

      O que é payload

    2. REST APIs If you’ve heard people talk about JSON (javascript object notation), chances are they’re talking about REST APIs. Over 70% of all public APIs use REST, because of its fast performance, reliability, and ability to scale by reusing modular components without affecting the system as a whole.

      O que é REST API

    1. Communication with this endpoint consists of JSON-encoded messages sent from client to server and vice versa.

      Este é o EndPoint da API do Hypothesis.

    1. Para solicitar a primeira API, crie um URL que aponte para o “endpoint” da API com a qual deseja se comunicar e passe o URL à ação “Obter Conteúdo do URL”. Quando o atalho é executado, essa ação faz a solicitação de API.

      Parece que um EndPoint é a porta de comunicação entre um HTTP API server e seu cliente.

  4. Sep 2022
    1. 400 Bad Request is the status code to return when the form of the client request is not as the API expects.401 Unauthorized is the status code to return when the client provides no credentials or invalid credentials.403 Forbidden is the status code to return when a client has valid credentials but not enough privileges to perform an action on a resource.
    1. The server possibly can send back a 406 (Not Acceptable) error code when unable to serve content in a matching language. However, such a behavior is rarely implemented for a better user experience, and servers often ignore the Accept-Language header in such cases.
  5. Aug 2022
    1. ```js // Fetch and return the promise with the abort controller as controller property function fetchWithController(input, init) { // create the controller let controller = new AbortController() // use the signal to hookup the controller to the fetch request let signal = controller.signal // extend arguments init = Object.assign({signal}, init) // call the fetch request let promise = fetch(input, init) // attach the controller promise.controller = controller return promise }

      // and then replace a normal fetch with

      let promise = fetchWithController('/') promise.controller.abort() ```

    1. The “work around” was to detect users in an IAB and display a message on first navigation attempt to prompt them to click the “open in browser” button early.

      That's a pretty deficient workaround, given the obvious downsides. A more robust workaround would be to make the cart stateless, as far as the server is concerned, for non-logged-in users; don't depend on cookies. A page request instead amounts to a request for the form that has this and this and this pre-selected ("in the cart"). Like with paper.

  6. Jul 2022
    1. To synchronize BMC Helix common services container images

      I've tried to run this section while harbor runs on http. This fails as docker login command is issued and thinks harbor is on SSL.

      The workaround is to do the following

      1. Create 4 replication rules.

      Name ade_part_01 Source resource registry https://containers.bmc.com Source resource filter Name bmc/lp0lz Source resource filter Tag {4.2.2-debian-10-r50,ade-authz-service-149,ade-file-service-e2830be-7,ade-identity-management-portal-12,ade-identity-management-service-15,ade-notification-service-9,adeops-util-v012,adeops-util-v013,adeops-util-v016,adeops-util-v019,adeops-util-v024,adereporting-,adereporting-content-e0ab22f-251,adereporting-initdb-v001,adereporting-kafkacli-v002,adereporting-puller-7e41b3d-274,adereporting-renderer-dd91f81-216,adereporting-runner-7e41b3d-274,ade-tenant-management-automation-273,ade-tenant-management-portal-14,ade-tenant-management-service-7,ade-ui-content-service-18,aif-api-service-8150462-9,aif-clustering-ingestion-service-3a4ce1d-12,aif-clustering-query-service-3dfbda3-9,aif-clustering-service-08fa171-9,aif-core-service-fdfb78d-6,aif-incident-ingestion-service-3a0f0e2-8,aif-job-manager-service-ab85bfb-8,aif-machine-learning-utilities-8a08716-57,aif-ticket-service-d71f457-11,anomaly-detection-service-58e6996-5}

      Name ade_part_02 Source resource registry https://containers.bmc.com Source resource filter Name bmc/lp0lz Source resource filter Tag {authproxy-RSSO_Auth_Proxy_101,authproxy-RSSO_Auth_Proxy_110,authproxy-RSSO_Auth_Proxy_112,authproxy-RSSO_Auth_Proxy_80,bitnami-kafka-2.7.0-debian-10-r124,bitnami-minio-2021.4.18-debian-10-r0,bitnami-zookeeper-3.7.0-debian-10-r25,custom-elasticsearch-1.13.3,custom-postgresql-repmgr-12.9.0,custom-sec-ade-infra-clients-1,custom-sec-redis-5.0.12-alpine,custom-sec-victoriametrics-vminsert-v1.63.0-cluster,custom-sec-victoriametrics-vmselect-v1.63.0-cluster,custom-sec-victoriametrics-vmstorage-v1.63.0-cluster,es-proxy-nginx-service-6d2eb81-6,es-proxy-service-6d2eb81-6,event-ingestion-service-4c0353c-4,event-mgmt-service-fc008be-6,event-processor-service-199851c-10,event-service-a21ce51-7,haproxy-2.0.4,justwatch-elasticsearch_exporter-1.1.0,kibana-proxy-service-c4f46f6-6,kibana-service-c4f46f6-6,kubectl-latest,log-ingestion-service-ff04217-99,log-mgmt-service-ceb53d1-4,log-processing-service-726afae-6,logs-portal-eb0d3a5-8}

      Name ade_part_02 Source resource registry https://containers.bmc.com Source resource filter Name bmc/lp0lz Source resource filter Tag {metric-aggregation-service-6c4b171-9,metric-configuration-service-2b5ba78-7,metric-gateway-service-4a6caae-8,metricservice-6b50628-8,prometheus-ingestion-service-8659793-7,RSSO_21.3.00-DRRS0-3893,smart-graph-api-r841442-642-daas_ship-tkn_ship,smart-graph-controller-api-r841442-642-daas_ship-tkn_ship,smart-graph-controller-efsinit-r841442-642-daas_ship-tkn_ship,smart-graph-controller-security-r841442-642-daas_ship-tkn_ship,smart-graph-environment-controller-r841442-642-daas_ship-tkn_ship,smart-graph-instance-controller-r841442-642-daas_ship-tkn_ship,tctlrest-14,thirdparty-ingestion-service-6add794-5,truesight-credential-service-267,truesight-featureflag-service-272,0.9.0-debian-10-r35,bitnami-shell-10,bitnami-bitnami-shell-10-debian-10-r61,custom-sec-busybox-1.27.2,webhook-2102_20210218,elasticsearch-7.16.2-debian-10-r0,bitnami-elasticsearch-curator-5.8.4,kibana-7.16.2-debian-10-r0,fluentd-1.12.3-debian-10-r4}

      Name ade_part_02 Source resource registry https://containers.bmc.com Source resource filter Name bmc/lp0lz Source resource filter Tag {ade-ims-webhook-114,ade-itsm-identity-sync-199}

      1. Then you can synchronize them at will
    2. Install Harbor by using self signed SSL certificates.

      This step is not mandatory as even harbor mentions:

      However, using HTTP is acceptable only in air-gapped test or development environments that do not have a connection to the external internet.

    3. wget https://github.com/goharbor/harbor/releases/download/v2.1.4/harbor-offline-installer-v2.1.4.tgz

      I've used curl -L https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.0.tgz > harbor-offline-installer-v1.8.0.tgz

      which is the minimal required version

    4. harbor.yml.tmpl harbor.yml

      the minimal required version doesn't need this step only one harbor.yml file is available

      The file needs to change in one variable: hostname

      the https port is not enabled

      you may also change the harbor admin password

    1. ```bash POST /news/comments/5 HTTP/1.1 Content-Type: text/xml

      <item> <title>Foo Bar</title> <author>joe@bitworking.org</author> <link>http://www.bar.com/</link> <description>My Excerpt</description> </item> ```

  7. Jun 2022
  8. May 2022
    1. 4.1 RDF/XML Service Description


      Given the HTTP request:

      GET /sparql/ HTTP/1.1 Host: www.example

      the SPARQL service responds with an RDF/XML encoded

      service description (no content negotiation or RDFa

      encoding is used):

      HTTP/1.1 200 OK Date: Fri, 09 Oct 2009 17:31:12 GMT Server: Apache/1.3.29 (Unix) PHP/4.3.4 DAV/1.0.3 Connection: close Content-Type: application/rdf+xml

      <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:sd="http://www.w3.org/ns/sparql-service-description#" xmlns:prof="http://www.w3.org/ns/owl-profile/" xmlns:void="http://rdfs.org/ns/void#"> <sd:Service> <sd:endpoint rdf:resource="http://www.example/sparql/"/> <sd:supportedLanguage rdf:resource="http://www.w3.org/ns/sparql-service-description#SPARQL11Query"/> <sd:resultFormat rdf:resource="http://www.w3.org/ns/formats/RDF_XML"/> <sd:resultFormat rdf:resource="http://www.w3.org/ns/formats/Turtle"/> <sd:feature rdf:resource="http://www.w3.org/ns/sparql-service-description#DereferencesURIs"/> <sd:defaultEntailmentRegime rdf:resource="http://www.w3.org/ns/entailment/RDFS"/> <sd:extensionFunction> <sd:Function rdf:about="http://example.org/Distance"/> </sd:extensionFunction> <sd:defaultDataset> <sd:Dataset> <sd:defaultGraph> <sd:Graph> <void:triples rdf:datatype="http://www.w3.org/2001/XMLSchema#integer">100</void:triples> </sd:Graph> </sd:defaultGraph> <sd:namedGraph> <sd:NamedGraph> <sd:name rdf:resource="http://www.example/named-graph"/> <sd:entailmentRegime rdf:resource="http://www.w3.org/ns/entailment/OWL-RDF-Based"/> <sd:supportedEntailmentProfile rdf:resource="http://www.w3.org/ns/owl-profile/RL"/> <sd:graph> <sd:Graph> <void:triples rdf:datatype="http://www.w3.org/2001/XMLSchema#integer">2000</void:triples> </sd:Graph> </sd:graph> </sd:NamedGraph> </sd:namedGraph> </sd:Dataset> </sd:defaultDataset> </sd:Service> </rdf:RDF> ```

    1. Signposting is an approach to make the scholarly web more friendly to machines. It uses Typed Links as a means to clarify patterns that occur repeatedly in scholarly portals. For resources of any media type, these typed links are provided in HTTP Link headers. For HTML resources, they may additionally be provided in HTML link elements. Throughout this site, examples use the former approach.

      http HTTP/1.1 302 Found Server: Apache-Coyote/1.1 Vary: Accept Location: http://www.dlib.org/dlib/november15/vandesompel/11vandesompel.html Link: <http://orcid.org/0000-0002-0715-6126> ; rel="author", <http://orcid.org/0000-0003-3749-8116> ; rel="author" Expires: Tue, 31 May 2016 17:18:50 GMT Content-Type: text/html;charset=utf-8 Content-Length: 217 Date: Tue, 31 May 2016 16:38:15 GMT Connection: keep-alive

  9. datatracker.ietf.org datatracker.ietf.org
    1. 4. Link Relations for Web Services

      In order to allow Web services to represent the relation of individual resources to service documentation/description and metadata, this specification introduces and registers three new link relation types.

      4.1. The service-doc Link Relation Type

      The "service-doc" link relation type is used to represent the fact that a resource or a set of resources is documented at a specific URI. The target resource is expected to provide documentation that is primarily intended for human consumption.

      4.2. The service-desc Link Relation Type

      The "service-desc" link relation type is used to represent the fact that a resource or a set of resources is described at a specific URI. The target resource is expected to provide a service description that is primarily intended for machine consumption. In many cases, it is provided in a representation that is consumed by tools, code libraries, or similar components.

      4.3. The service-meta Link Relation Type

      The "service-meta" link relation type is used to link to available metadata for the service context of a resource. Service metadata is any kind of data that may be of interest to existing or potential service users, with documentation/description being only two possible facets of service metadata. The target resource is expected to provide a representation that is primarily intended for machine consumption. In many cases, it is provided in a representation that is consumed by tools, code libraries, or similar components.

      Since service metadata can have many different purposes and use many different representations, it may make sense for representations using the "service-meta" link relation to offer additional hints about the specific kind or format of metadata that is being linked.

      This definition of the "service-meta" link relation makes no specific assumptions about how these link hints will be represented, and the specific mechanism will depend on the context where the "service-meta" link relation is being used.

      One example is that a "service-desc" link may identify an OpenAPI description, which is supposed to be the machine-readable description of a Web API. A "service-meta" link may identify a resource that contains additional metadata about the Web API, such as labels that classify the API according to a labeling scheme and a privacy policy that makes statements about how the Web API manages personally identifiable information.

  10. Apr 2022
    1. Cache using fetch

      Determine how to cache a resource by setting TTLs, custom cache keys, and cache headers in a fetch request.

      ```js async function handleRequest(request) { const url = new URL(request.url);

      // Only use the path for the cache key, removing query strings // and always store using HTTPS, for example, https://www.example.com/file-uri-here const someCustomKey = https://${url.hostname}${url.pathname};

      let response = await fetch(request, { cf: { // Always cache this fetch regardless of content type // for a max of 5 seconds before revalidating the resource cacheTtl: 5, cacheEverything: true, //Enterprise only feature, see Cache API for other plans cacheKey: someCustomKey, }, }); // Reconstruct the Response object to make its headers mutable. response = new Response(response.body, response);

      // Set cache control headers to cache on browser for 25 minutes response.headers.set('Cache-Control', 'max-age=1500'); return response; }

      addEventListener('fetch', event => { return event.respondWith(handleRequest(event.request)); }); ```

      Caching HTML resources

      Setting the cache level to Cache Everything will override the default cacheability of the asset. For time-to-live (TTL), Cloudflare will still rely on headers set by the origin.

      js // Force Cloudflare to cache an asset fetch(event.request, { cf: { cacheEverything: true } });

    1. hopefully feed readers can treat permanent redirects as a sign to permanently update their feed URLs, then I can remove it. They probably don't, much like bookmarks don't
  11. Mar 2022
    1. Abstract This document defines two new HTTP headers "Content-Profile" and "Accept-Profile" that enable User Agents and hosts to indicate and negotiate the profile used for representing a specific resource. In this context, a profile is a description of the structural and/or semantic constraints of a group of documents in addition to the syntactical interpretation provided by more generic MIME types. Examples of profiles include Dublin Core Application Profiles, XML Schemata, and RDF Shape Expressions. This document further defines and registers the "profile" parameter for the HTTP "Link" header and suggests a best practice for the use of the new headers together with the "Link" header for the purposes of performing content negotiation and pointing clients to alternate representations.
    1. logout

      This should be a button. (GET should be idempotent and free of side effects.)

  12. Feb 2022
    1. Integrating AbortController

      js export const Timeout = (time) => { let controller = new AbortController(); setTimeout(() => controller.abort(), time * 1000); return controller; }

      ```js import { useEffect, useState } from "react"; //imports goes here

      export default function App() { //state goes here

      //update useEffect(() => { fetch("https://jsonplaceholder.typicode.com/todos/1", { signal: Timeout(10).signal }) .then((resp) => resp.json()) .then((resp) => setData(resp)) .catch((err) => setError(true)); return () => {}; }, []); return ( <div> {* JSX goes here*} </div> ); } ```

    1. 2. Timeout a fetch() request

      ```js async function fetchWithTimeout(resource, options = {}) { const { timeout = 8000 } = options;

      const controller = new AbortController(); const id = setTimeout(() => controller.abort(), timeout); const response = await fetch(resource, { ...options, signal: controller.signal<br /> }); clearTimeout(id); return response; }

      async function loadGames() { try { const response = await fetchWithTimeout('/games', { timeout: 6000 }); const games = await response.json(); return games; } catch (error) { // Timeouts if the request takes // longer than 6 seconds console.log(error.name === 'AbortError'); } } ```

  13. Jan 2022
    1. This specification defines two formats and respective media types for representing sets of links as stand-alone documents. One format is JSON-based, the other aligned with the format for representing links in the HTTP "Link" header field. This specification also introduces a link relation type to support discovery of sets of links.
      GET links/resource1 HTTP/1.1
      Host: example.org
      Accept: application/linkset+json
      HTTP/1.1 200 OK
      Date: Mon, 12 Aug 2019 10:46:22 GMT
      Server: Apache-Coyote/1.1
      Content-Type: application/linkset+json
      Link: <https://example.org/links/resource1>
            ; rel="alternate"
            ; type="application/linkset"
      Content-Length: 1349
      { "linkset":
          { "anchor": "https://example.org/resource1",
            "author": [
              { "href": "https://authors.example.net/johndoe",
                "type": "application/rdf+xml"
            "memento": [
              { "href": "https://example.org/resource1?version=1",
                "type": "text/html",
                "datetime": "Thu, 13 Jun 2019 09:34:33 GMT"
              { "href": "https://example.org/resource1?version=2",
                "type": "text/html",
                "datetime": "Sun, 21 Jul 2019 12:22:04 GMT"
            "latest-version": [
              { "href": "https://example.org/resource1?version=3",
                "type": "text/html"
          { "anchor": "https://example.org/resource1?version=3",
            "predecessor-version": [
              { "href": "https://example.org/resource1?version=2",
                "type": "text/html"
          { "anchor": "https://example.org/resource1?version=2",
            "predecessor-version": [
              { "href": "https://example.org/resource1?version=1",
                "type": "text/html"
          { "anchor": "https://example.org/resource1#comment=1",
            "author": [
              { "href": "https://authors.example.net/alice"}
    1. 4. Robustifying a link when linking to a specific version

      If the main intent is to link to a specific state of an original resource, for example a snapshot of the original resource in a web archive or one of its version in a version control system, then Robust Link information is conveyed as follows:

      • href for the URI that provides the specific state i.e., the snapshot or resource version;
      • data-originalurl for the URI of the original resource;
      • data-versiondate for the datetime of the snapshot or resource version.


      <a href="http://en.wikipedia.org/w/index.php?title=Web_archiving&oldid=485347845"
         data-versiondate="2012-03-20">Robust Link to this specific version of the Wikipedia page</a>
    2. 3. Robustifying a link when linking to the original resource

      If the main intent is to link to an original resource but also allow future users of that link to see the state of the original resource around the time the link was put in place, then Robust Link information is conveyed as follows:

      • href for the URI of the original resource for which the snapshot was taken;
      • data-versionurl for the URI of the snapshot;
      • data-versiondate for the datetime of linking, of taking the snapshot.


      <a href="http://www.w3.org/"
         data-versiondate="2015-01-21">Robust Link to the W3C home page</a>
    3. The approach proposed here is to convey this information on a link by leveraging HTML5's attribute extensibility mechanism. It introduces the following data- attributes for the anchor (<a>) element:

      • data-originalurl for the URI of the original resource;
      • data-versionurl for the URI of the snapshot;
      • data-versiondate for the datetime of linking, of taking the snapshot.
    4. Robust Links provide multiple pathways to revisit a link's original content, even a long time after the link was put in place. This document describes approaches to robustify links in HTML pages. All approaches assume that, when linking to a web resource, a snapshot of the state of that resource is created, for example, in a web archive or a versioning system. When linking, the URI of the resource, the URI of the snapshot, and the datetime of linking are conveyed.