Yes, although a slightly more relevant way of putting it would be that it's an inbuilt DOMPurify (dompurify being an npm package commonly used to sanitize html before injecting it).
Is this basically doing the same thing as https now? But for http, and firefox just never implemented a simple fix for it's entire existence until now?
I obviously know nothing about this, but I still find it fascinating. Or am I off my block.
XSS isn't related to https/ssl, ssl is the secure conncetion between you and the server, but xss is the injection of data into the site which will be executed in your browser in this case. The connection isnt relevant.
As it turns out, verifying that HTML is safe to render without neutering HTML down to a whitelist of elements is actually quite difficult. That's not great when you're rendering user-generated content.
Solutions in the form of pre-existing HTML sanitisation libraries have existed for years but countless websites still manage to get XSS'd every year because not everyone capable of writing code is capable of writing secure code.
2. Because it’s really easy to fuck up and leak attacker controlled content in markup, especially when the environment provides tons of tools to do things wrong and none to do things right. IME even when the environment provides tons of tools to do things right it’s an uphill battle (universe, idiots, yadda yadda).
There's this newfangled concept called social media where you let other people post content that exists on your web site. You're rarely allowed to post HTML because of the associated issues with sanitizing it. setHTML could help with that.
I just had a flashback to the heyday of MySpace. Now that I think about it though, Neocities has the "social networking" of being able to discover other people's pages and give each other likes and comments.
It's a myth. Amstrad computers were already using 3 inch drives in 1984, way before 3.5 inch ones became popular. The drives were chosen due to their similarity to 5.25 drives, so that existing controller chips could be reused. Due to the huge volume of ordered drives, Amstrad did get huge discounts on them, but that had nothing to with the drives becoming obsolete.
You just need to specify a secondary address of "1" when loading the file, so that it loads into the memory area specified in the header instead of the default location.
This was rarely used with the tape though, but rather with autoloader programs on the disk - there would be a specially crafted program that loaded itself info the system stack or variable area and overwrote some vectors, so that it would be automatically run without the need to type RUN:
LOAD "*", 8, 1 : REM 8 is the disk drive and 1 is the secondary address
I consider this mostly a party trick, but it was cool when we were kids ;)
Living in Europe, I don't give a damn about US sanctions. However, I block traffic from Iran on all my servers for the simple reason that almost all attacks on my website (and if you run a semi-popular website, you get attacked on a daily basis) come from Iran, Russia or China.
I am very sorry that this kind of action affects you personally, as I am sure you have nothing to do with these attacks. However, filtering out Iranian, Russian and Chinese traffic in its entirety is the only way to protect my server from the majority of DoS and hacking attempts.
One of my coworkers, a network specialist, compares IP restrictions to a garden fence. They’re enough to stop casual passersby, but anyone determined will find a way over or around it.
The reality, though, is that the majority of attack attempts are by casual passersby.
No, this method isn't going to stop a determined attacker that is specifically targeting you, but that doesn't mean blocking the lower-effort stuff has no value.
I married in to such a family. My solution was to just take people up on their offers until they learned not to offer things they did not really want to offer. It’s such a culturally time wasting practice that I did not want to accommodate it in the U.S.
From my perspective, even the US cultural norm is way too taarof. It's normal for Americans to offer things for politeness, with no intention to follow up and the interlocutor is also expected to understand the offer isn't genuine. So a phrase like "we should grab lunch" can be said without being an actual invitation for lunch. And then there's the whole aspect of avoiding criticism or saying no. "I don't think that's a good idea" in the US is more likely to mean "no, we're not doing that" than "I don't think that's a good idea so you need to convince me more if you want to do that".
As someone who also struggles to decode situations where people's actual, implicit meaning runs contrary to the explicit meaning of the words, American norms of indirectness are already a headache. Persian or Arab communication is much more indirect and that sounds like a nightmare to me.
I know you meant this tongue-in-cheek, but thanks for saying it anyway for the replies it would eventually accumulate.
I think we have too many people self-diagnosing autism when what they're really experiencing is ignorance of irrational social norms that are more about fashion than emotional intelligence.
Of course an LLM would be bad at such a topic since these are largely unspoken rules designed to be a form of discrimination.
> To 95 percent of the people that eagerly inform me of their “autism” : you are belittling a debilitating condition that many people suffer from, and no, you are not autistic, you are inconsiderate and socially lazy.
> You may be inconsiderate and socially lazy because it’s difficult to not be, but you could put in the effort to not be if you wanted to.
You're describing masking, most autistic people learn to do this subconsciously as children because otherwise you'd be ostracized from your peer group. Because that means literal death in the pre-modern society, humans have a strong inate aversion to that.
This causes a lot of stress and often leads to a life time of anxiety and depression.
It's kinda disappointing to read someone advocating for this. I had been told my whole childhood life that I'm lazy. Once I became an adult and started treating my ADHD, I stopped being "lazy", I could finally do things that I wanted to do. It's wild how night and day it was. Now I'm the only person in my family who is always doing things, and I get to call everyone else lazy. But I don't, because I'm trying not to be an asshole.
You accuse and condemn people who don't conform to a rigid ruleset for interactions that don't make sense. But everyone else who rolled a 20 on the social lottery get a pass on treating people who don't like fuckwits? Make it make sense.
> Yes, some people have more emotional/social intelligence than others. That doesn’t make you autistic, it just means you are kinda socially stupid and too lazy to do anything about it. Join the club, me too.
Sorry you've been gaslit so completely. I hope eventually you figure out how to dig yourself out of that hole of ignorance. I suspect you've been called lazy because some things are hard for you. Hard things being hard doesn't make you lazy.
> In general, anyone that has to tell you they are autistic isn’t. Autism is a pathology.
Shallow, incorrect, and unhelpful. Many people have asthma, but run and win races. Their asthma might not be pathological, but to pretend like they don't have it, or shouldn't keep a rescue inhaler in case of emergency is kinda messed up.
People treating and taking care their health physical and mental, shouldn't have to perform their rock bottom for you, just for you to believe them. And it's fucked up that you're suggesting they should!
Perhaps I’m misunderstanding the common use of “autism”?
I have two autistic brothers, and my whole extended family is “on the spectrum” in social terms, but it doesn’t reach the level of a pathological diagnosis for the rest of us.
It is my understanding that being autistic is when these traits reach a level where it causes significant obstacles or completely precludes normal behaviour and social interaction.
Otherwise , the same traits mean that I have to work harder to relate to people, and understand that many of my minor fixations are rational only to me.
It’s extra work that I don’t always do to relate to others in a way that is pleasing to them, and some people are offended if I don’t try.
That’s on me, it’s a choice I make. I know that it’s harder for me than for some people for whom social grace comes naturally, but there are many things that are easier for me than for most people, and I can do a lot of things easily that most people struggle with. I’m happy with the bargain.
By nature, I’m socially astigmatic, sometimes asocial, and not very sensitive. I can overcome these tendencies if I work at it. I don’t always choose to. That doesn’t make me autistic.
My contention is that while neurodivergence is absolutely real, “autism” is a medical diagnosis, not a personality trait. I find everyone jumping on the bandwagon of “autism” for their deviation from the social norm minimises the very real fact that actual autism is a horrific, life destroying condition for many people, and is a genuine disability and not a cute / annoying personality quirk.
It’s also not an excuse for social laziness. If you are going to be socially lazy, even if it’s because it’s taxing not to be, own your decision. Otherwise you’re just surrendering your will and pawning off the guilt to disabled people. Seems like a shitty thing to do.
> Perhaps I’m misunderstanding the common use of “autism”?
> I have two autistic brothers, and my whole extended family is “on the spectrum” in social terms, but it doesn’t reach the level of a pathological diagnosis for the rest of us.
Yes, the common social use, and it's currently accepted medical definition and description as well. You are said to have the condition if it interferes with your tasks of daily life. If your inability to read and interpret social cues has a negative impact. That's autism, austism spectrum disorder is used because previously Asperger's used to be a separate diagnosis, but it's the same condition with multiple levels of severity. Someone with mild asthma, is still an asthmatic, someone with mild austism is still autistic, something with a below the knee amputation is still an amputee. just because they can win a race carrying a rescue inhaler, use intentional and conscious deliberate logic bosed effort to read facial expressions and respond to social cues, or walk with prosthetic that appears normal. Doesn't change that doing so is uncommonly difficult, and worthy of consideration.
> It is my understanding that being autistic is when these traits reach a level where it causes significant obstacles or completely precludes normal behaviour and social interaction.
Mild impairment is still worthy of treatment and dignity. Severe impairment where even with treatment the symptoms are still noticeable and negatively impacts life, is when it becomes pathological.
I have a headache but it goes away and doesn't interfere with my life when I take Advil. Still a headache. I have a headache, and no matter what I do, no matter how many drugs I take, it's still unbearable and I can't function normally with my headache. Still a headache, but that one is pathological. They are both headaches.
> Otherwise , the same traits mean that I have to work harder to relate to people, and understand that many of my minor fixations are rational only to me.
I mean, yeah? You were born wearing an extra weight vest, and have to run a race that you didn't set the (societal) rules for. And you not only have decided to tolerate wearing the extra weight vest, you're willing to blame yourself for it. And you're advocating that everyone else born with the vest should just accept the same.
Someone who has never tried to run wearing a weight vest has no idea how much harder it is. So they wrongly assume it's exactly the same as wearing an extra shirt or something.
> It’s extra work that I don’t always do to relate to others in a way that is pleasing to them, and some people are offended if I don’t try.
> That’s on me, it’s a choice I make.
There's a reason the term is always "take offense". While they're similar, offence and insult are different where you don't have to choose to be insulted. You do have to choose to be offended. (A habitual choice is still a choice)
Why are you willing taking the blame for someone else choosing to become offended over some ritual that itself makes no sense? One they can never explain above, "that's just what everyone does"? Everyone used to shit in a pot Karen, but thankfully we have indoor plumbing now.
It's their fault if they're offended, it might be your fault if they're insulted. But only one of them is worth spending the extra time on preventing. You're wearing a weight vest, and getting yelled at for not sprinting over the finish line. And you're say/advocating, yes that's the way everyone's life should be.
I disagree, the people wearing a weight vest should be praised for crossing the finish line, because like I said, they didn't set the rules but are still gladly playing the game where they have a disadvantage, one where most people assume they don't.
> I know that it’s harder for me than for some people for whom social grace comes naturally, but there are many things that are easier for me than for most people, and I can do a lot of things easily that most people struggle with. I’m happy with the bargain.
I'm also ecstaticly happy about the bargain. But I don't blame people for being stupid. I'm patient with them when they stumble and trip on 'trivial' logical problems. Do you mock people, and accuse them of just not trying hard enough when they make a small logical mistake/error? If someone complains about a long day of exhausting mental effort, do you try to be sympathetic, and suggest relaxing with something fun? Or do you accuse them of just being lazy, they could do it without being tired if they want! And everyone knows, humans love feeling exhausted all the time, being exhausted all the time is totally not soul crushing! /s
> By nature, I’m socially astigmatic, sometimes asocial, and not very sensitive. I can overcome these tendencies if I work at it. I don’t always choose to. That doesn’t make me autistic.
um... the need to expend an above normal amount of effort in social interactions is kinda the definition of autism. There a meme I love.
Test: Do you have a problem wearing socks?
Autistic person: No, of course I don't have a problem wearing socks, for you see, I have invented this 27 step process that allows me to put them on and appear like I can enjoy wearing socks! Thus I don't have a problem wearing socks!
Autistic people see no problem with making that conclusion, but it's pretty obvious that they definitely have a problem with socks.
> My contention is that while neurodivergence is absolutely real, “autism” is a medical diagnosis, not a personality trait. I find everyone jumping on the bandwagon of “autism” for their deviation from the social norm minimises the very real fact that actual autism is a horrific, life destroying condition for many people, and is a genuine disability and not a cute / annoying personality quirk.
ok RFK Jr...
but counter point: just because a lot of people who have mild to very mild symptoms of autism, and have found value in the treatments and solutions for the symptoms, are now willing to talk about it, and them. And are willing to attempt to normalize and build acceptance and understanding around the difficulties. Does not mean that they are trying to minimize the difficulty of people with severe autism. Black and white thinking is a symptom of autism, but both things can be true. A reasonable person can say, mild austism is real and deserves extra support understanding and compassion, and severe autism can be a horrific condition. But they are plenty of people who wouldn't have a horrific experience, if the society they lived within was willing to help them a bit with the things that are hard, even if that bit is just a bit of patience and understanding. Your rigid black and white, horrific or not-autism definition is not just wrong, but worse for everyone.
It's possible to say, it's hard for me to run this race in this 10kg weight vest, I could use some help and some patience. While also saying, we should do more for the guy behind me because his weight vest is 89kg, and he can barely crawl but I'm not willing to abandon him!
> It’s also not an excuse for social laziness. If you are going to be socially lazy, even if it’s because it’s taxing not to be, own your decision. Otherwise you’re just surrendering your will and pawning off the guilt to disabled people. Seems like a shitty thing to do.
I don't really understand this, how does my unwillingness to constantly exhaust myself playing games that even the people who are good at the game admit has no real reason. Pass off the guilt to disabled people? And why should I feel guilty? That's stupid, I'm not going to feel guilty over forgetting rules that, make no sense, I never agreed to, and make my life harder.
I would feel guilty if I made a mistake, but it's not a mistake to expect and demand fair and equitable treatment. I will play the social games literally everyone admits are kinda stupid, exactly as many times as everyone else agrees to be patient and understanding when I forget they exist. But normally autistic people are the only people who have to all the extra work, neurotypical people never feel guilty when they choose to take offense over an unintentional misunderstanding they created. So I choose to follow their lead and feel guilty the exact same amount.
For the record I think guilt is stupid here, compassion, understanding and patience is what we all should be striving for.
I see your point, but personally I find no value in feeling bad about my lot in life or the balance of gifts and hardships I was given.
Overall I won the genetic lottery and have no problem owning my choices. I just can’t see myself as a victim or a sufferer in this, since the same things that can make it harder for me in some ways make it easier in others.
But, to each their own, certainly no shame for people that seek treatment. My “treatment” was to choose a life trajectory where my weaknesses were less important than my strengths, and that’s been fine for me.
Obviously your experiences have been very different from mine, and although I can’t really understand where the animosity comes from, I certainly can acknowledge your POV. If you felt I was belittling people somehow, I apologise for communicating poorly. That certainly was not my point.
I don't feel like you were communicating poorly, I only feel like you're advocating for tolerating the currently common meme of "you're either completely debilitated, or it's not worthy of consideration." It's a common meme, than IMO, needs to die. Humans should feel supported enough to say, "this is hard for me, let's trade you do the stuff that's easy for you, and forgive me for forgetting, and I'll do the stuff that's easy for me, and I'll forgive you when you're unable to do it."
We're stronger together, but only when we are able to acknowledge our weaknesses, and are given permission to focus on our strengths. A mildly autistic person, paired with a neurotypical person who's able to show compassion for the lack of stereotypical social awareness is stronger than the alternative.
The person who you chastise for claiming to be autistic, but they have developed useful coping mechanisms for their weaknesses, but really are just admitting they have weaknesses. Shouldn't be punished for admitting they are better at some things. Just like the person with severe weaknesses shouldn't be punished for admitting they need help with [specific deficit].
Really, I'm only advocating for treating people with respect, allowing them the freedom to define and describe how they interact with reality. And the importantly, treating them with the respect to not outright deny how they phrase, and how they describe the reality as they experience it.
You wouldn't have replied if you had a moral objection to by suggestion. So I know you're not trying to demean others. But I do object to you calling them lazy. I have a set of values that are different from yours. Neither of us is right to insist that other is wrong. I don't meant to suggest you should abandon your values, I only mean to insist that you shouldn't call others lazy when their set of values isn't exactly equal to yours.
Every day I will wake up with an unlimited amount of mental energy/effort, or an amount that is nearly or effectively at zero. But most often, that amount is somewhere in between those two extremes. So given that; It's wrong, and it's unethical to call me lazy, when I'm attempting to allocate my limited amount of energy to the things that I value first, before attempting to allocate the remainder to the things that I don't care about, but the things that you care about.
I can either do the things that I think are important, and ignore the things that you tell me are important. Or I can ignore the things that I feel are important, and only do the things that you tell me you think are important. (The rhetorical you.) I choose to reserve my energy for the things that I think are important, and promise to allocate the remainder for those that I know you find important. Too suggest I should behave differently is, in my opinion, a catastrophic mistake. It's ethically ok, and IMO should be expected that everyone should priortize the things that they value, think are important, and are good at, above the things they don't care about, or are bad at. And everyone is strengthened when we all work together with this same goal/expectation.
My objection is to calling someone lazy for prioritizing the things they value about the things they don't. No matter how they describe them. It's wrong to call me lazy when I do the things that I care about before I do the things that I don't care about. And I'm allowed to rest before I do the things that only you care about.
Not about the Middle East specifically-but I think one advantage more traditional societies can potentially have compared to the secular Western mainstream, is clearer social roles and more explicit social scripts-now, that’s not necessarily true of all of them, but likely is true of some of them.
Yes, it's similar with banking, you just use OverstapService.nl and they will automatically switch all your direct debits to your new account. Worked for me like a charm when I switched banks, of around two dozen direct debits only one failed to transfer properly.
I have recently had a need to create an Instagram account. I logged in from my home IP and it was recognized as coming from Vietnam (my home IP has been the same since 2016, always with the same ISP). Everything was in Vietnamese and I had to spend half an hour figuring out how to switch it back to English. But in the home feed I still got only Vietnamese influencers, and there was nothing in the settings to change that. I got assigned to Vietnam for life.
Well, I did nothing with the account except setting up the profile and following some people. Then I logged in to the account on my phone, which of course is not from Vietnam. Bam, account suspended for violating the TOS. I appealed, after one day got a message that the ban was upheld because I did violate the TOS.
I guess no Instagram for me. That's probably for the better.
There's a mid-sized international bus company over here and once I bought a ticket for the wrong day, realized only after payment. I simply called the phone number, the lady spoke my language, reissued the ticket for a different day, that's it.
I was shocked that customer support can work like that.
No, the Instagram account was completely unrelated to my FB account (different email, different browser). Every other tool I have ever used over the last decade showed my IP location correctly, so I don't think there are any mistakes in my ISP's WHOIS.
As a bonus, Facebook Business Manager sometimes shows me messages in Russian.
The presented domain expiration model looks like .com and other global domains. What about .de, .uk and countless other country domains, each having its unique expiration policy? Will it work with them, or only with .com domains?
This largely depends on the ICANN policies and their definitions of Renewal and Registration Grace Periods.
The Renewal period is variable, but the Registration Grace Period is pretty much 30 days everywhere.
The ERRP only covers gTLDs, right? Have you seen any ICANN policies requiring ccTLDs to adopt the same grace periods. As far as I know, ccTLDs can do whatever they want.
ICANN policies only govern global domains. Country domains set their own policies; for example, .eu expiration period is 45 days, not 30.
WHO IS policies also vary wildly, for example .de domains do not show registration date in the WHO IS, so it's not possible to know if a domain was dropped and re-registered.
reply