Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "http client"
-
You see a web, I see:
CLIENT: TCP SYN
SERVER: TCP SYN ACK
CLIENT: HTTP Get
SERVER: HTTP Response
...
CLIENT: TCP FIN
SERVER: TCP FIN ACK
All I’m saying is that this spider has a clear understanding of Transfer Control Protocol.13 -
--- HTTP/3 is coming! And it won't use TCP! ---
A recent announcement reveals that HTTP - the protocol used by browsers to communicate with web servers - will get a major change in version 3!
Before, the HTTP protocols (version 1.0, 1.1 and 2.2) were all layered on top of TCP (Transmission Control Protocol).
TCP provides reliable, ordered, and error-checked delivery of data over an IP network.
It can handle hardware failures, timeouts, etc. and makes sure the data is received in the order it was transmitted in.
Also you can easily detect if any corruption during transmission has occurred.
All these features are necessary for a protocol such as HTTP, but TCP wasn't originally designed for HTTP!
It's a "one-size-fits-all" solution, suitable for *any* application that needs this kind of reliability.
TCP does a lot of round trips between the client and the server to make sure everybody receives their data. Especially if you're using SSL. This results in a high network latency.
So if we had a protocol which is basically designed for HTTP, it could help a lot at fixing all these problems.
This is the idea behind "QUIC", an experimental network protocol, originally created by Google, using UDP.
Now we all know how unreliable UDP is: You don't know if the data you sent was received nor does the receiver know if there is anything missing. Also, data is unordered, so if anything takes longer to send, it will most likely mix up with the other pieces of data. The only good part of UDP is its simplicity.
So why use this crappy thing for such an important protocol as HTTP?
Well, QUIC fixes all these problems UDP has, and provides the reliability of TCP but without introducing lots of round trips and a high latency! (How cool is that?)
The Internet Engineering Task Force (IETF) has been working (or is still working) on a standardized version of QUIC, although it's very different from Google's original proposal.
The IETF also wants to create a version of HTTP that uses QUIC, previously referred to as HTTP-over-QUIC. HTTP-over-QUIC isn't, however, HTTP/2 over QUIC.
It's a new, updated version of HTTP built for QUIC.
Now, the chairman of both the HTTP working group and the QUIC working group for IETF, Mark Nottingham, wanted to rename HTTP-over-QUIC to HTTP/3, and it seems like his proposal got accepted!
So version 3 of HTTP will have QUIC as an essential, integral feature, and we can expect that it no longer uses TCP as its network protocol.
We will see how it turns out in the end, but I'm sure we will have to wait a couple more years for HTTP/3, when it has been thoroughly tested and integrated.
Thank you for reading!27 -
Me: We should change the http response code to anything but 200 OK in the error response case of our API.
Other dev: No, it's fine.
Me: Why?
Other dev: The client successfully receives an error message.
Me: ┻━┻ ︵ヽ(`Д´)ノ︵ ┻━┻15 -
So Twitter apparently used http status code "420 - Enhance your calm" to notify the client that it was sending too many requests (basically chill the **** out). Note the status code number as well 😁
Image from wikipedia.3 -
I'm going for longest rant. TL:DR; version here:
http://pastebin.com/0Bp4jX9y
then:
http://pastebin.com/FfUiTzsh
Twat Client,
As per our conversation, here is an invoice for the work you requested on behalf of U.S. Bloom. I realize that you ended up going with another designer, but you did request samples of what my take on the logo design would be. The following line item is indicative of 1 hour of graphic design consultation as per your request via Skype.
As I recall, you mentioned that this is not how Upwork "works" but considering it was you who requested that I converse with you via Skype instead of via the Upwork messenger, and since there were no clear instructions on how to proceed with Upwork after our initial consultation, It is assumed that you were foregoing Upwork altogether to work with me directly, thus the invoice from me directly for my time involved in the project. I would have reached out to you via Skype, but it seems that you may have severed our connection there.
After spending a little time researching your company, I could not find current information for Basic Media Marketing, but I was able to reach out to your former partner Not A. Twat, who was more than helpful and suggested that he would encourage you to pay for the services rendered.
It is discouraging that you asked for my help and I delivered, but when I ask for compensation in return for my skills, you refused to pay and have now taken your site offline and removed me as a contact from Skype.
{[CLIENT of CLIENT]},
I am sorry that I have bothered you with this email. I copied you on it merely for transparency's sake. I am sure that your logo is great and I am sure whatever decision was made is awesome for your decision. I just wanted to make sure that you weren't getting "samples" of other people's work passed off as original work by Twat Media Marketing.
I can't speak for any of the other candidates, but since Twat asked me to conduct work with him via Skype rather than through Upwork, and since he's pretty much a ghost online now, (Site Offline, LinkedIn Removed or Blocked, and now Skype blocked as well) one has to think this was a hit and run to either crowdsource your logo inexpensively or pass off other artist's work as his own. That may not be the case, but from my perspective all signs are pointing to that scenario.
Here is a transcript. Some of his messages have been redacted.
As you can clearly see, requests and edits to the logo were being made from Jon to me, but he thinks it's a joke when I ask about invoicing and tries to pass it off as an interview. Do you see any interview questions in there? There were no questions about how long I have been designing, what are my rates, who have I done work for in the past, or examples of my previous work. There were none because he didn't need them at this point.
He'd already seen my proposal and my Behance.net portfolio as well as my rates on Upwork.com. This was a cut to the chase request for my ideas for your logo. It was not just ideas, but mock designs with criticism and approval awaiting. Not only that, but I only asked for an hour of compensation. After looking at the timestamps on our conversation, you can clearly see that I spent at least 3 hours corresponding with Twat on this project. That's three hours of work I could have spent on an honest paying customer.
I trust that TWATCLIENT will do the right thing. I just wanted you guys to know that I was in it to do the best design I could for you. I didn't know I was in it to waste three hours of my life in an "interview" I wasn't aware I was participating in.
Reply from ClientClient:
Hello Sir,
This message is very confusing?
We do not owe your company any money and have never worked with you before.
Therefore, I am going to disregard that invoice.
Reply from TWATCLIENT's boss via phone:
I have two problems with this. One I don't think your business practices are ethical, especially calling MY client directly and sending them an invoice.
Two why didn't you call or email Jon before copying my client on the email invoice?
Me: Probably because he's purposely avoiding me and I had no way to find him. I only got his email address today and that was from a WHOIS lookup.
Really, you don't think my business practices are ethical? What about slavery? Is that ethical? Is it ethical to pass of my designs to your client for critique, but not pay me for doing them?
... I'LL HAVE TO CALL YOU BACK!
My email follow up:
http://pastebin.com/hMYPGtxV
I got paid. The power of CCing the right combination of people is greater than most things on Earth.14 -
When the client change their business process every month and we only have days to implement the new system. Anyone else has a similar experience?
original artist: http://bit.ly/2SqRGJM6 -
It fucking staggers me how many backend/devops-y people don't understand what a client side "request timeout" is, versus a server side one.
What does it mean:
The client was fed up with the servers bullshit, and decided to piss off and not wait around for the server to take forever to respond, because life's too short.
How not to solve/debug this issue:
- "I've checked the API request in tool xyz, and it works fine for me"
Congratulations, you've figured out how to call an API once, in isolation to the rest of the application, and without any excessive load. And using a different client to me, with a different configuration. Lets get back to actually looking at the issue shall we?
- "I only see HTTP 200's in the logs"
Yep, you probably will in most circumstances, because its the client complaining about it taking too long, not the server. If the server was telepathetic and knew what the client was thinking/doing at all times, we wouldn't have half of the errors we do.
- "Ah ok, I understand ... so how do I solve this?"
Your asking me? I don't fucking know, I didn't build the server! Put better logging in place and figure out why sometimes it takes forever.
Jesus fucking christ14 -
That's actually something that happened fairly recently.. just that I didn't have the energy left at the time to write it down. That, or I got my ass too drunk to properly write anything.. not sure actually.
So on paper I'm unemployed, but I do spend some time still on pretty much voluntary work for HackingVision, along with a handful of other people.
At the time, we were just doing the usual chit-chat in the admin channel, me still sick in my bed (actually that means that I wasn't drunk but really tired for once.. amazing!) and catching up to what happened, but unable to do any useful work in this sick state. So, tablet, typing on glass, right. I didn't have any keyboard attached at the time.
One of the staff members (a wanketeer from India) apparently had an assignment in a few hours for which he needed to write a server application in Java. Now, performance issues aside, I figured.. well I've got quite a bit of experience with servers, as well as some with client-server protocols. So I got thinking.. mail servers, way too overengineered. Web servers.. well that could work, I've done some basic netcat webservers that just sent an HTTP 200 OK and the file, those worked fine.. although super basic of course. And then there's IRC, which I've actually talked to an InspIRCd server through telnet before (which by the way is pretty much the only thing that telnet is still useful for, something that was never its purpose, lol) and realized that that protocol is actually quite easy to develop around. That's why I like it so much over modern chat protocols like XMPP, MQTT and whatnot. So I recommended that he'd write a little IRC server in Java. Or even just a chatbot like I attempted to at the time, considering that that's - with a stretch of course - a sort-of server too.
His fucking response however, so goddamn fucking infuriating. "If the protocol is so easy, then please write me down how to implement it in Java."
Essentially do his fucking work for him. I don't know Java, but as a fucking HackingVision admin, YOU SHOULD FUCKING KNOW THAT HACKERS CAN'T STAND LAZY CUNTS THAT CAN'T EVEN BE ASSED TO GOOGLE SHIT!!! If I wanted to deal with cunts like that, I'd have opened the page inbox with all its Fb h4xx0ring questions, not the fucking admin chat!
And type it on a goddamn fucking piece of glass, while fucking sick?! Get your ass fucked by a bobs and vegana horny fuck from the untouchable caste, because that's where you fucking belong for expecting THAT from me, you fucking bhenchod.
But at least I didn't get my ass enraged like that to say that to him in the admin chat. Although that probably wouldn't have been a bad thing, to get his feet right back on the ground again.1 -
http://trumpipsum.net/
My next client may or may not be happy with the place holder text... At least it won't look like something out of some witch-craft book3 -
I seriously do not understand the rants against Windows.
I love Windows 10 (got as free upgrade from MS), and have no issues with MacOS or Linux OS. I use them as well but do all serious work on Windows.
All my life, I have worked on business / commercial side and picked up Web development in last couple of years. I started using computers on DOS in 1992, and shifted to Windows 3.0 in 1995. There was no Mac or MacOS back then.
For serious work, I purchased a old Dell Precision M4700 workstation grade laptop with quad-core i7, at throwaway price, got 32GB RAM, 2.4TB (1x2 TB + 400gb) of SSD on super sale online, and installed it myself. It easily supports dual 4k monitors.
Git-bash on windows allows all the necessary linux command line on windows. Though not tried, Windows 10 allows embedded Ubunutu with linux terminal. Web development tools like - VSCode, git, github / bitbucket clients, NVM/Node, React / Redux / Webpack / Gatsby / Jest, REST clients, GraphQL client and server, Graph Server, Chrome PWA / Chrome Dev Tools, http/Websocket/WebRTC interception, Google Firebase SDKs, AWS sdks, cloud utilities, CI/CD tools work flawlessly. Windows even has its own package manager for applications.31 -
@netikras since when does proprietary mean bad?
Lemme tell you 3 stories.
CISCO AnyConnect:
- come in to the office
- use internal resources (company newsletter, jira, etc.)
- connect to client's VPN using Cisco AnyConnect
- lose access to my company resources, because AnyConnect overwrites routing table (rather normal for VPN clients)
- issue a route command updating routing table so you could reach confluence page in the intranet
- route command executes successfully, `route -n` shows nothing has changed
- google this whole WTF case
- Cisco AnyConnect constantly overwrites OS routing table to ENFORCE you to use VPN settings and nothing else.
Sooo basically if you want to check your company's email, you have to disconnect from client's VPN, check email and reconnect again. Neat!
Can be easily resolved by using opensource VPN client -- openconnect
CISCO AnyConnect:
- get a server in your company
- connect it to client's VPN and keep the VPN running for data sync. VPN has to be UP at all times
- network glitch [uh-oh]
- VPN is no longer working, AnyConnect still believes everything is peachy. No reconnect attempts.
- service is unable to sync data w/ client's systems. Data gets outdated and eventually corrupted
OpenConnect (OSS alternative to AnyConnect) detects all network glitches, reports them to the log and attempts reconnect immediatelly. Subsequent reconnect attempts getting triggered with longer delays to not to spam network.
SYMANTEC VIP (alleged 2FA?):
- client's portal requires Sym VIP otp code to log in
- open up a browser in your laptop
- navigate to the portal
- enter your credentials
- click on a Sym VIP icon in the systray
- write down the shown otp number
- log in
umm... in what fucking way is that a secure 2FA? Everything is IN the same fucking device, a single click away.
Can be easily solved by opensource alternatives to Sym VIP app: they make HTTP calls to Symantec to register a new token and return you the whole totp url. You can convert that url to a qr code and scan it w/ your phone (e.g. Google's Authenticator). Now you have a true 2FA.
Proprietary is not always bad. There are good propr sw too. But the ones that are core to your BAU and are doing shit -- well these ARE bad. and w/o an oppurtunity to workaround/fix it yourself.13 -
Java dev here. I rewrote an app and replaced a system call to ssh with a modern jaxrs post for uploading a file and (new) some additional data.
I even used a stream.
1 hour in production, first client doesn't get his file. Log says OutOfMemoryError: heap.
Me: wtf? I already use streams.
Looking at the Jersey library. Docs say nothing. An issue from 2013 says: oh if you silly don't use the Apache httpclient addon, we disable chunking and buffer the whole body, because our tests fail with the jdk included http client otherwise.
Me: meh.
No warning in the logs. Thank you soooooo much! Who could have known?4 -
I've made the json protocol. It's a protocol containing only json. No http or anything.
To parse an json object from a stream, you need a function that returns the length of the first object/array of all your received data. The result of that function is to get the right chunk of the json to deserialize.
For such function, json needs to be parsed, so I wrote that function in C to be used with my C server and Python client. I finally implemented a C function into python function that has a real benefit / use case. Else you had to validate but by bit by the python json parser and that's slow while streaming. Some messages are quite big.
Advantage of this protocol is that it's full duplex.
I'm very happy!36 -
NO, YOU ABSOLUTE DISGUSTING GREMLIN OF A JS HTTP CLIENT, I DON'T WANT YOU TO "JsOn.StRiNgiFy" MY PAYLOAD OR DOING ANY WEIRD SHIT
I NEED TO SEND THIS THING EXACTLY AS IT'S WRITTEN, STOP TRYING TO GUESS WHAT I'M TRYING TO DO I'M A DEV WITH SOME 7 YEARS OF EXPERIENCE WRITING CODE, I'M SENDING A STRING CUZ I NEED TO SEND A STRING2 -
Has been a long time since I'm appreciating working with GRPC.
Amazingly fast and full-featured protocol! No complaints at all.
Although I felt something was missing...
Back in the days of HTTP, we were all given very simple tools for making requests to verify behaviours and data of any of our HTTP endpoints, tools like curl, postman, wget and so on...
This toolset gives us definitely a nice and quick way to explore our HTTP services, debug them when necessary and be efficient.
This is probably what I miss the most from HTTP.
When you want to debug a remote endpoint with GRPC, you need to actually write a client by hand (in any of the supported language) then run it.
There are alternatives in the open source world, but those wants you to either configure the server to support Reflection or add a proxy in front of your services to be able to query them in a simpler way.
This is not how things work in 2018 almost 2019.
We want simple, quick and efficient tools that make our life easier and having problems more under control.
I'm a developer my self and I feel this on my skin every day. I don't want to change my server or add an infrastructure component for the simple reason of being able to query it in a simpler way!
However, This exact problem has been solved many times from HTTP or other protocols, so we should do something about our beloved GRPC.
Fine! I've told to my self. Let's fix this.
A few weeks later...
I'm glad to announce the first Release of BloomRPC - The first GRPC Client GUI that is nice and simple,
It allows to query and explore your GRPC services with just a couple of clicks without any additional modification to what you have running right now! Just install the client and start making requests.
It has been built with the Electron technology so its a desktop app and it supports the 3 major platforms, Mac, Linux, Windows.
Check out the repository on GitHub: https://github.com/uw-labs/bloomrpc
This is the first step towards the goal of having a simple and efficient way of querying GRPC services!
Keep in mind that It is in its first release, so improvements will follow along with future releases.
Your feedback and contributions are very welcome.
If you have the same frustration with GRPC I hope BloomRPC will make you a bit happier!3 -
Dear fellow developers: Let's talk about the Internet. If you're reading this post, you've probably heard of it and are comfortable using it on a regular basis. You may even develop software that works over the internet, and that's fine and great! But you have to draw the line somewhere, and that line has been pushed farther and farther back as time goes on.
Let's talk about video games. The first game that really got me into FPSes was Team Fortress 2. Back in the day, it had a great community of casual and competitive groups alike, and there were hats! Underneath the hood was a massive number of servers. Some were officially hosted, some were run by independent communities. It had a built-in browser and central index where you could find every publically-available server and connect to it. You could even manually input connection details if that failed. In my opinion, this was a near-perfect combination of optimal user-experience and maximum freedom to run whatever the hell you wanted to. Even today, if Valve decided to stop hosting official servers, the smaller communities could still stay afloat. Fifteen years in the future, after all demand has died off, someone can still recover the server software and play a game with their kids.
Now, contrast that to a game like Overwatch. Also a very pivotal game in the FPS world, and much more modern, but what's the underlying difference in implementation? NO SUPPORT FOR SELF-HOSTED SERVERS. What does that mean when Blizzard decides to stop hosting its central servers? IT DIES. There will be no more multiplayer experience, not now, not ever. You will never be able to fully share this part of your history with future generations.
Another great example is the evolution of voice chat software. While I will agree that Discord revolutionized the market, it took away our freedom to run our own server on our own hardware. I used to run a Mumble server, now it has fallen out of use and I miss it so much.
Over time, client software has become more and more dependent on centrally-hosted services. Not many people will think about how this will impact the future usability of the product, and this will kill our code when it becomes legacy and the company decides to stop supporting it. We will have nothing to give to future generations; nobody will be able to run it in an emulator and fully re-experience it like we can do with older games and software.
This is one of the worst regressions of our time. Think about services like IRC, SMTP, SSH, even HTTP, how you're so easily able to connect to any server running those protocols and how the Internet would change if those were replaced with proprietary software that depended on a central service.
(Relevant talk (16:42): https://youtu.be/_e6BKJPnb5o?t=1002)6 -
Client: THIS IS CRITICAL, SOME DATA HAS BEEN DELETED, WHAT ZE FUUK HAPPENED, UNDO THIS FAST
Us: so after carefully reviewing the code, related resources and the network traffic we conclude that was never sent in the first place.
*closes issue*
I'm glad we got such a meaningful bug report on the same day a production system started failing, one big deployment that that was like a boss with 3 phases, an unnecessary long meeting and an app developer that that wanted me to break HTTP standards.1 -
Sorry, need to vent.
In my current project I'm using two main libraries [slack client and k8s client], both official. And they both suck!
Okay, okay, their code doesn't really suck [apart from k8s severely violating Liskov's principle!]. The sucky part is not really their fault. It's the commonly used 3rd-party library that's fucked up.
Okhttp3
yeah yeah, here come all the booos. Let them all out.
1. In websockets it hard-caps frame size to 16mb w/o an ability to change it. So.. Forget about unchunked file transfers there... What's even worse - they close the websocket if the frame size exceeds that limit. Yep, instead of failing to send it kills the conn.
2. In websockets they are writing data completely async. Without any control handles.. No clue when the write starts, completes or fails. No callbacks, no promises, no nothing other feedback
3. In http requests they are splitting my request into multiple buffers. This fucks up the slack cluent, as I cannot post messages over 4050 chars in size . Thanks to the okhttp these long texts get split into multiple messages. Which effectively fucks up formatting [bold, italic, codeblocks, links,...], as the formatted blocks get torn apart. [didn't investigate this deeper: it's friday evening and it's kotlin, not java, so I saved myself from the trouble of parsing yet unknown syntax]
yes, okhttp is probably a good library for the most of it. Yes, people like it, but hell, these corner cases and weird design decisions drive me mad!
And it's not like I could swap it with anynother lib.. I don't depend on it -- other libs I need do! -
oh, I have a few mini-projects I'm proud of. Most of them are just handy utilities easing my BAU Dev/PerfEng/Ops life.
- bthread - multithreading for bash scripts: https://gitlab.com/netikras/bthread
- /dev/rant - a devRant client/device for Linux: https://gitlab.com/netikras/...
- JDBCUtil - a command-line utility to connect to any DB and run arbitrary queries using a JDBC driver: https://gitlab.com/netikras/...
- KubiCon - KuberneterInContainer - does what it says: runs kubernetes inside a container. Makes it super simple to define and extend k8s clusters in simple Dockerfiles: https://gitlab.com/netikras/KubICon
- ws2http - a stateful proxy server simplifying testing websockets - allows you to communicate with websockets using simple HTTP (think: curl, postman or even netcat (nc)): https://gitlab.com/netikras/ws2http -
Strap in...
- Previous employer
- 3rd party partner firm
- integration link between both over SOAP
- Both sides riddled with poor code and messed up political structures (partner firm CEO is an investor in my employer)
- Doing a deployment to update to https (I know)
- Keep http endpoint live
- Other side starts shitting itself
- Diagnose
- Not us
- feelsgoodman.tiff
- Get angry email
- Explain not us
- Back and forth
- Tell client it’s “irrelevant” on https issue, it’s their side that’s gone wrong
- Get angry reply with boss cc’d about how nothing is “irrelevant” for the client
- We all had to have a make up meeting and meal
- Client was calm and reasonable, all agreed we just snapped and it wouldn’t happen again
- 2 weeks later
- Their system shits itself again and suddenly we’re on the hook
- BA on my team (smarmy little bastard) constantly fucking me off
- Get so close to actually screaming and hitting him
So yeah. I don’t tend to hold that a job is more important to me than my dignity.
I have and will never hold my tongue for the sake of a job, I’m not gonna put up with people shouting / belittling / backstabbing etc. -
The more I work with performance, the less I like generated queries (incl. ORM-driven generators).
Like this other team came to me complaining that some query takes >3minutes to execute (an OLTP qry) and the HTTP timeout is 60 seconds, so.... there's a problem.
Sure, a simple explain analyze suggests that some UIDPK index is queried repeatedly for ~1M times (the qry plan was generated for 300k expected invocations), each Index Scan lasts for 0.15ms. So there you go.. Ofc I'd really like to see more decimal zeroes, rather than just 0.15, but still..
Rewriting the query with a CTE cut down the execution time to pathetic 0.04sec (40ms) w/o any loops in the plan.
I suggest that change to the team and I am responded a big fat NO - they cannot make any query changes since they don't have any control on their queries
....
*sigh*
....
*sigh*
but down to 0.04sec from 3+ minutes....
*sigh*
alright, let's try to VACUUM ANALYZE, although I doubt this will be of any help. IDK what I'll do if that doesn't change the execution plan :/ Prolly suggest finding a DBA (which they won't, as the client has no € for a DBA).
All this because developers, the very people sho should have COMPLETE control over the product's code, have no control over the SQLs.
This sucks!27 -
TLDR;
How much do you earn for your skill set in your country vs your cost of living?
BONUS;
See how much I & others earn.
Recently I became aware of just how massive the gap in developers earnings are between countries. I'd love to calculate a fixed score for income vs cost of living.
I know this stuff is sensitive to some so if you prefer just post your score (avg income p/m after tax / cost of living).
I'm not shy so I'll go first:
MY RATES
Normal Rate (Long term): $23
Consulting / Short term: $30-$74
Pen Test: $1500 once off.
Pen Test Fixes: consulting rate.
Simple work/websites: min $400+
Family & Friends: Dev friends are usually free (when mutually beneficial). Family and others can fuck off, even if they can pay (I pass their info to dev friends with fair warning).
GENERAL INFO
Experience: 9 years
Country: South Africa
Developer rareness in country: Very Rare (+-90 job openings per job seeker).
Middle class wage in country: $1550 p/m (can afford a new car, decent apartment & some luxuries like beer/eating out).
Employment type: Permanent though I can and do freelance occasionally.
Client Locality: Mostly local.
Developer Type: Web Developer (True web dev - I do anything web related from custom HTTP servers to sockets, services, advanced browser api's, apps & more).
STACKS / SKILLSETS
I'M PROFICIENT IN:
python, JavaScript, ASP classic, bash, php, html, css, sql, msql, elastic search, REST, SOAP, DOM, IIS, apache
I DABBLE WITH:
ASP.net, C++, ruby, GO, nginx, tesseract
MY SPECIALTIES:
application architecture, automation, integrations, db's, real time data, advanced browser apps/extensions (webRTC, canvas etc).
SUMMARY
Avg income p/m after tax: $2250
Cost of living (car+rent+food): $1200
Score: 1.85
*Note: For integrity when calculating my cost of living I excluded debt repayments and only kept my necessities which are transport, food & shelter.
I really hope you guy's post your results, it would be great to get an idea of which is really the worst / best country to be a developer in.20 -
I used to be a sysadmin and to some extent I still am. But I absolutely fucking hated the software I had to work with, despite server software having a focus on stability and rigid testing instead of new features *cough* bugs.
After ranting about the "do I really have to do everything myself?!" for long enough, I went ahead and did it. Problem is, the list of stuff to do is years upon years long. Off the top of my head, there's this Android application called DAVx5. It's a CalDAV / CardDAV client. Both of those are extensions to WebDAV which in turn is an extension of HTTP. Should be simple enough. Should be! I paid for that godforsaken piece of software, but don't you dare to delete a calendar entry. Don't you dare to update it in one place and expect it to push that change to another device. And despite "server errors" (the client is fucked, face it you piece of trash app!), just keep on trying, trying and trying some more. Error handling be damned! Notifications be damned! One week that piece of shit lasted for, on 2 Android phones. The Radicale server, that's still running. Both phones however are now out of sync and both of them are complaining about "400 I fucked up my request".
Now that is just a simple example. CalDAV and CardDAV are not complicated protocols. In fact you'd be surprised how easy most protocols are. SMTP email? That's 4 commands and spammers still fuck it up. HTTP GET? That's just 1 command. You may have to do it a few times over to request all the JavaScript shit, but still. None of this is hard. Why do people still keep fucking it up? Is reading a fucking RFC when you're implementing a goddamn protocol so damn hard? Correctness be damned, just like the memory? If you're one of those people, kill yourself.
So yeah. I started writing my own implementations out of pure spite. Because I hated the industry so fucking much. And surprisingly, my software does tend to be lightweight and usually reasonably stable. I wonder why! Maybe it's because I care. Maybe people should care more often about their trade, rather than those filthy 6 figures. There's a reason why you're being paid that much. Writing a steaming pile of dogshit shouldn't be one of them.6 -
Ok so I have done some work with crypto currency mining pools and recently a client requested for me to make a splash page that showed data from multiple instances of these pools APIs. I went to find some documentation for this open source api and to my surprise there is none. I thought of querying the public API from the clients side and it worked, however it's so slow that the data shows up roughly 20 seconds after the page loads.
Easy fix right? Make a PHP server get the data every 5 seconds, cache it and serve the data with the page and use a websocket for live updates! Until I found out that there is no practical way in this garbage framework to get the damn API data without making an HTTP request or mutilating the original source code. I'm so done with this garbage framework. It literally loads pages based on a page and action parameter on the index.php. I quit.1 -
So client wants an android app that implements some legacy Epson printer SDK, works on a chinese Windows device with an android Emulator on it, connects to local Webservice that had to be configurated and ran (local Network) , sends and tracks data, if Server down then handle it on the Client and reconnect as soon as Server up, running own TCP Server on Android device that listens for specific http requests, which make the android connect to an Epson printer to start printing. The stuff that is being printed? A png file that has to be converted to a Bitmap, a QR Code that has to be generated by the bugged base64 encrypted stuff coming via http in (webserver-> Android TCP server)
Dont forget the Software Design (MVP), documentation, research etc.. Im about to finish the app , its my 5th day on this Project, the 6th day was planned to be full testing. Client Calls me and ask me how far I am, I reply, he says ok. 30 minutes later he tells me he wont pay me next time that much because this work should take 3 days, or even 2. "A senior Android developer could do this in 2 days"... When i sent him my notices he called me a liar, his webdev has alot of experience and told him it should take 2-3 days...ffs2 -
So I had been developing a real estate website and developing a MLS feed parser. I had only 1 year experience at that time and parsing a XML feed was already complex enough. On top of it, the client wanted to automate feed download from the MLS provider through HTTP authentication. Managed to do it. Everything worked for 15 days and on 16th day the property location markers stopped appearing on Google maps. Turned out that address to lat-long reverse geocoding was failing because API limit exhausted. My bad, I coded it on view instead of caching the lat-long in database. Fixed it in a day and viola!
-
Trust Google. Trust the Process.
The Android Studio Installer doesn't show download progress bars, speeds, ETAs or the size of files being downloaded. I hate this design. Tell me exactly what, why, and where is being downloaded so that I can download it myself with a better HTTP large file client, put it where you want it, and restart the installer. I know my machine and ISP and Google does not. I don't trust Google to make a single right decision, and I only want to relinquish control when I don't have time to do something myself.7 -
So I just spent 2 hours debugging a script that fetches data from an API. Thats all it was supposed to do. Http get some data.
It wasnt working and was giving a "parse error". Worked fine in browser.
So it turns out it was using http 0.9 (first documented http version, defined in 1991) and wasnt sending any headers. And js cant do no headers...
So yea I now have to write a tcp / http 0.9 client in js10 -
Question: tl;dr: looking for an open source bug tracking tool, or one that's affordable for small freelancers.
I'm working as freelancer with a client on a project and currently all the bugreporting/feature request/information/discussions/and other stuff happen by Telegram (not my first choice but hey, you know clients).
It happend twice, that I forgot about the specs of a feature we discussed briefly, because there was to much going on and I wasn't able to find it. So the next logical step would be to get a bugtracker.
So far my favorite would be http://www.redmine.org/
Does any one of you have good or bad expirience with it? Would you recommend something else, if so what and why? Other stuff I should consider?6 -
Fuck you apache server...
Why did your dumb ass developers decide it was a good idea to not support "expect 100 continue headers". I seriously suspect that the devs were high smoking dragon dildo ashes like they were getting ready to get a whole chair shoved up their asses.
I wasted alot of time thinking i was getting a 417 http code because i fucked up my API implementation... No, it was the dumb apache server that decided to give me the finger.
Also, whoever built the HttpClient for .net framework 4... Fuck you too for automatically adding that dumb header to PUT requests and not properly documenting this or allowing for it to be disabled in a non hacky way.
I appreciate and enjoy solving coding problems... I, however, can't stand dumb decisions like the two above. -
CORS is shit
Stupid useless shit that protects from nothing. It is harmful mechanism that does nothing but randomly blocks browser from accessing resources - nothing more.
Main idea of CORS is that if server does not send proper header to OPTIONS request, browser will block other requests to that server.
What does stupid cocksuckers that invented CORS, think their retarded shit can protect from?
- If server is malicious, it will send any header required to let you access it.
- If client has malicious intents - he will never use your shit browser to make requests, he will use curl or any ther tool available. Also if server security bases on something as unreliable as http headers it sends to the client - its a shit server, and CORS will not save it.
Can anyone give REAL examples when CORS can really protect from anything?33 -
Google OAuth docs is such a pain to read... I have implemented OAuth multiple times and understand the flow. Its never been a problem, but man, their docs is such a pain to read.
Their Java client library is also painful. Its needlessly complex that I just ended up implement good old HTTP rest to handle it.5 -
Bug on trouble ticket system:
"I get a Nullpointer when i call this REST API *stacktrace*"
- It's not a Nullpointer
- It's a problem on your client http
- *Copy message exception, paste on google, first result is the solution"
And he's a DEV!!!!! -
When a data scientist thinks that if his algorithm is o(n) then it's really o(n) and it doesn't matter that he placed synchronized everywhere , connected to the db multiple time with huge in memory ops inside the transaction , wrote a file and downloaded something with http client . After all it's o(n) right mister I'm a scientist genius ?!?!?1
-
~rant
I think we need to change way how websites deliver themselves to its users. This HTML CSS JS clusterfuck is just a huge PITA in the ass.
What is a website?
It's an application where users find, communicate or share information, can buy or sell their penis pumps and loads of shady stuff.
Why must a website (the delivered application) be split into multiple languages/scripts and lots of HTTP requests?
In my opinion, PWA is a start to make us look at websites more like apps as we are used to on the machine, but they don't solve the mess.
Per my experience, many people working on websites regularly confuse what's executed on the server and what is on the client. They send data to the client via XHR, for example full DB tables of private data, just to then filter it in their beloved Array.filter function.
You can tell those people again and again and this is why I start thinking that the Web, as we know it, needs a big change.14 -
Sneak peek at something, maybe, coming soon to the MacOS version of the unofficial devRantApp desktop client.
http://imgur.com/a/4pWVY -
Did you know that docker's ADD instruction uses "go-http-client/1.1" as user-agent when src is an URL?
I didn't. And since I'm unfortunate, enough so that this user-agent is blocked by my company, I've now spent twice the time it took me to write the whole dockerfile to identify the problem and fix it...
I love waisting my time for such minor things...12 -
So I was talking microservices architecture with some lead techs.
And I started asking how did they combine/connect their microservices.
And despite having a lot, they use HTTP as the main transporter.
So the put some API-Gateway, all inside traffic has to go through it, to connect to the final client.
And I said that I do meshing microservices, and we use Nats as man transporter, so our messages go through UDP and not TCP.
And they freaked out. Saying UDP is too low level and not useful...
My question: if you do microservices oriented architecture, and not SOA, do you use HTTP? Did you use it simply because "it works"?14 -
It probably will be an unanswered question, but let's try.
Does anyone know of a large project using onion / hexagonal/ ddd or similar architecture with free access to the source code...
Or an example of said architectures that goes beyond "trivial dumb example".
The new recruits need... A lot of brushing up (I'd be for electro shock treatment and other stuff, but somehow HR thinks I'm joking).
As said, most examples I found are too basic. On the other hand, if I write now a good example, I'd need to do it in either my free time (nope, just nope) or jiggle it in somewhere in company time (aka it will be never finished nor be in a useful state).
Programming language preferred would be Java, but as I'm fluent in most languages except the forbidden ones (JavaScript and it's friends) ...
Anything would be helpful.
Most welcome would be an example with a focus on Adapter / Ports, e.g. abstraction of HTTP client usage / ORM etc.
Thanks.12 -
Least successful...
In a nutshell, an multi version http client for a elasticsearch.
It supported ES 1.7 up to v7.
With an reduced future set, but all in all it allowed doing everything ES offered - just not for one version, rather the whole monty.
For various reasons I wasn't allowed to opensource that...
Which brings me to the least successful part. The client is a beast and would be a blessing for a lot of people I'd guess, but it's sadly covered by more legalese than one could imagine.
Think of legalese as in "Angel - Wolfram and Heart" legalese. I wouldn't be surprised if some part of the contract was written in blood.
... And least successful as in: Nope. Never gonna do that again.
Abstractions necessary for supporting multiple versions are are really painful.
Having an E2E test suite consuming > 64 Gigabyte of RAM for testing against several ES docker instances in parallel isn't fun.
Nothing of that project was fun.
Still gives me nightmares.
(NDA expired short time ago) -
Applying for a new job and got an assignment for a quick dashboard as a test, whoever designed the HTTP client in Angular should be thrown down a fucking building.rant your mother is getting piped let's react to a fucking request pipe here pipe there performing a request and getting a result naaaah to fucking easy12
-
When I created stubmatic (a http mock application), we were using it in our internal project. First time when some other project expressed their interest, I was happy and eager to help.
So the person they sent for the training asked me his first question: "I followed all the steps, but It is not working"
I quickly checked his code and replied "you're using GET instead of POST method"
Then his second and last question about stubmatic was "why don't your code understand which method has to be used? Why should a client need to tell every time?"
Ummm... silence -
The company I work in had to build a software that establishes a connection to a MySQL database running on an external server. It doesn't work for the client company because the firewall is very restrictive and only lets through connections on port 80, so we had to build a fucking http server that forwards SQL queries to the MySQL server and returns the result. This is so horrible!
(Running MySQL on port 80 isn't an option as any other connection type than http is blocked by the firewall)8 -
While attempting to quit smoking and after spending a full day trying to understand why the previous devs took this approach to encrypting a string and my lack of nicotine addled brain not allowing me to see that this was a “Secure”String and so uses a machine specific key (that’s why the code that worked locally wouldn’t run on production 😑) this is my rant on comments added to the helper I had to write
/// <summary>
/// If you are using this class and it's not for backward compatibility - then you probably shouldn't be using it
/// Nothing good comes from "Secure" strings
/// Further to this Secure strings are only "useful" for single user crypto as the encryption uses the login creds, transferring
/// this data to another client will result in them never being able to decrypt it
///
/// Windows uses the user's login password to generate a master key.
/// This master key is protected using the user's password and then stored along with the user's profile.
/// This master key then gets used to derive a number of other keys and it's these other keys that are used to protect the data.
///
/// This is also a broken crypto method via injection (see Hawkeye http://hawkeye.codeplex.com/) plus the string is stored in plain
/// text in memory, along with numerous other reasons not to use it.
/// </summary>
public class SecureStringHelper
{3 -
Today I spent 9 hours trying to resolve an issue with .net core integration testing a project with soap services created using a third party soap library since .net core doesn't support soap anymore. And WCF is before my time.
The tests run in-process so that we can override services like the database, file storage, basically io settings but not code.
This morning I write the first test by creating a connected service reference to generate a service client. That way I don't need to worry about generating soap messages and keeping them in sync with the code.
I sent my first request and... Can't find endpoint.
3 hours later I learn via fiddler that a real request is being made. It's not using the virtual in-process server and http client, it's sending an actual network request that fiddler picks up, and of course that needs a real server accepting requests... Which I don't have.
So I start on MSDN. Please God help me. Nope. Nothing. Makes sense since soap is dead on .net core.
Now what? Nothing on the internet because above. Nothing in the third party soap library. Nothing. At this point I question of I have hit my wall as a developer.
Another 4 hours later I have reverse engineered the Microsoft code on GitHub and figured out that I am fucked. It's so hard to understand.
2 more hours later I have figured out a solution. It's pure filth..I hide it away in another tooling project and move all the filth to internal classes :D the equivalent of tidying your room as a kid by shoving it all under the bed. But fuck it.
My soap tests now use the correct http client with the virtual server. I am a magician.4 -
Trying to implement WebRTC for Voice chat in the company app in Unity.
Pros:
- it's super fucking fast
- it kinda is peer to peer
Cons:
- WebRTC comes in very different ways and therefore you either need to properly config the server or change the way the app works
- Each signaling server might have different config so you can't even connect to different servers like you do for http, ftp and so on
- You need to use a server to know each peer
- You need to use another server to make the actual messages go through
- None of it seems to actually be p2p except the fact that you will need to make a different connection to each and every other client in the conference
So basically it was engineered to be as compatible as possible and therefore no server-side default was defined in the protocol, which means it won't ever be actually very compatible with anything at all since everyone will make its configuration.
Fuck me, fuck WebRTC and fuck this whole shit1 -
Hey Guys
Today I'm bringing a tool for you guys, mount servers with old phones Or have servers in your phone for testing.
Tool: Servers Ultimate Pro
Web:: https://icecoldapps.com/app/...
Note1.: Doesn't handle well above android 6+, So test one of the free servers you're intending to use before buying.
Note2.: This App costs around 10€/$ but you can get single App servers for free (I think even html + php + mysql package for free).
Not promotional, I'm just a user that loves this App.
I already talked about this a few times (usually I just call the cell phone I'm using my web server), but as a noob I don't even knot the possibilities.
This App comes with more then 70 protocols (60+ servers and a mix of servers).
From ssh, ftp, html (nginx, lightppd, Apache, simple) with php and mysql, Webdav...
<quote>
Run over 60 servers with over 70 protocols!
Now you can run a CVS, DC Hub, DHCP, UPnP, DNS, Dynamic DNS, eDonkey, Email (POP3 / SMTP), FTP Proxy, FTP, FTPS, Flash Policy, Git, Gopher, HTTP Snoop, ICAP, IRC Bot, IRC, ISCSI, Icecast, LPD, Load Balancer, MQTT, Memcached, MongoDB, MySQL, NFS, NTP, NZB Client, Napster, PHP and Lighttpd, PXE, Port Forwarder, Proxy, RTMP, Remote Control, Rsync, SMB/CIFS, SMPP, SMS, Socks, SFTP, SSH, Server Monitor, Stomp, Styx, Syslog, TFTP, Telnet, Test, Time, Torrent Client, Torrent Tracker, Trigger, UPnP Port Mapper, VNC, Wake On Lan, Web, WebDAV, WebSocket, X11 and/or XMPP server!
</quote>8 -
For the most part I try to keep my test or filler content somewhat professional in the event I forget to clean it before the client sees it. However, sometimes you just need some lorem fucking ipsum.
http://loremfuckingipsum.com/2 -
I am trying to implement an API. It has a very good documentation, everything is written clear and simple, along with
- HTTP 401 on unauthorized request and
- Error codes from 1-35 with definitions
Opened the provided sample file, changed the username, password and client code fields to our own in the source, then tried the request. The Response:
HTTP 200
{"ErrorCode":-1,"ErrorDescription":"Unauthorized."}
Well, thank you very much! 🤬2 -
I once had to write a feature, which should allow the user to login and edit an appointment, which was automatically set. All the data we got, came from an incredibly unreliable API. And with incredible unreliable I mean like heisenbug-level unreliable.
The API spoke perfectly unreadable xml and was a horror to work with.
After a few weeks of me being messed with by this shit piece of an API, I finally got something which did kind of work sometimes.
Proper error handling has been added later and just before I was done, fixing all the flaws of their data management and nonsense status codes (not http status codes) which rarely correlated in at least some way with their data, our client said "scrap this, we don't want it anymore"
Many hours and effort gone, this thing worked almost perfectly. -
The frontend developers in my company are the reason why I have anxiety. Here are few things that grinds my knees:
1) for a long time in projects, they deleted the auth token from their storage without integrating the logout api. They thought why use an API for that. :)
2) most of them had no clue that form fields could accept javascript as inputs and work as XSS vulnerabilities. This actually happened with a client, he got so fucking pissed.
3) One of them asked me to convert a PATCH request to DELETE cos fuck REST and HTTP methods.
For fuck’s sake. I need to get out of this place.4 -
Let's talk about superagent, the nodejs http client.
This fucker defaults to localhost when it find the url to be incorrect. It doesn't complain or tell you your url suck. No. It reverts to localhost.
So "http://www.url.com" is fine and " http://www.url.com" reverts to localhost.
I spent 3 hours debugging this shit yesterday.
Then today, I started by looking at the config to realise the config template in ansible had an extra space before the url.
#ImproveYourErrorReportingFucker
Seriously though!! Don't try to help, just tell me when I fuck up. Don't be another HTML!
The "language" without errors. -
MQTT - all I used to know about this is its name, untill few months back a client sent us some requirements which included MQTT. I opened its specification and I was fucking shocked! I am implementing almost similar protocol in most of my applications (which needs subscription based service) for last 3 years. I have developed IoT apps, remote monitoring systems, HMI systems using the same fucking protocol! Even I had implemented the same thing on HTTP using long polling a few years back!!
Now I feel like open sourcing my protocol. But I don't know where to start. Any help please?1 -
I swear to god dio and dart's http client is so fucking stupid. I can barely do something in 90 lines to get a web resource when I can do it in 10 with python's requests library. The support for storing cookies is nonexistent, and even with CookieJar/Dio I still need some stupid long hack like this:
https://stackoverflow.com/a/...
The worst thing is that this has happened twice now, the first time I resolved after a long fucking time trying to solve it, and now I have the same exact problem again, but I can't just simply copy my solution from last time to use in the latest problem.
Even curl is more useful than whatever the hell the http client for dart is1 -
Well, My firm has a CRM which is built on JSP and Java. They want to upgrade the frontend by using a modern technology. Which one is a great choice React or Angular?
For the backend, APIs need to be integrated and I need to select from PHP and NodeJS. The traffic right now is 100 hits/second and is expected to increase upto 1k/sec in 6months.
What is the best choice for the frontend, backend and I need to select a HTTP request client too.22 -
Anyone here use the NodeJS HTTP/2 API? I started working with it the other day and I can get static files served fine with it but when I try and use it's push feature to "bundle" additional resources that the page will need, it doesn't seem to work, the client still requests the resources from the server instead of looking in the "push" cache. Also the load time seems longer when using http/2 vs 1, was wondering if anyone else had come across these issues and found workarounds. P.S. - I'm using Chrome to test on, with https://localhost and some self-signed certs as http/2 isn't implemented in browser unless using https1
-
My internship assigment was about building http client for specific software. In the end of my internship I find out that there are plenty of these type clients I was developing. Always look out of the box no matter what your supervisor is saying :)
-
I recently started working on laravel. As the community says it was easy to get along with the framework and its methodologies. But then i had to do multiple login with framework in same domain.
Oh man, i spent a week to make it work. All those guards and middlewares realted to login was driving me crazy. The concept was clear, but somehow the framework was like "You! I shall make you spend a week for my satisfaction". The project demo was nearing and i was doing all kind of stuff i found. Atlast after continous tries it worked. Never in my 4+ years as a developer i had to face such an issue with login.
So here is how it works,if anyone faces the same issue:
(This case is beneficial if you're using table structures different from default laravel auth table structures)
1. Define the guards for each in auth.php
Eg:
'users' => [
'driver' => 'session',
'provider' => 'users',
],
'client' => [
'driver' => 'session',
'provider' => 'client',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
2. Define providers for each guards in auth.php
'users' => [
'driver' => 'eloquent',
'model' => <Model Namespace>::class,
'table' => '<table name>', //Optional. You can define it in the model also
],
'admins' => [
'driver' => 'eloquent',
'model' => <Model Namespace>::class,
],
'client' => [
'driver' => 'eloquent',
'model' => <Model Namespace>::class,
],
Similarly you can define passwords for resetting passwords in auth.php
3. Edit login controller in app/Http/Controller/Auth folder accordingly
a. Usually this particular line of code is used for authentication
Auth::guard('<guard name>')->attempt(['email' => $request->email, 'password' => $request->password]);
b. If above mentioned method doesn't work, You can directly login using login method
EG:
$user = <model namespace>::where([
'username' => $request->username,
'password' => md5($request->password),
])->first();
Auth::guard('<guard name>')->login($user);
4. If you're using custom build table to store user details, then you should adjust the model for that particular table accordingly. NOTE: The model extends Authenticatable
EG
class <model name> extends Authenticatable
{
use Notifiable;
protected $table = "<table name>";
protected $guard = '<guard name>';
protected $fillable = [
'name' , 'username' , 'email' , 'password'
];
protected $hidden = [
'password' ,
];
//Below changes are optional, according to your need
public $timestamps = false;
const CREATED_AT = 'created_time';
const UPDATED_AT = 'updated_time';
//To get your custom id field, in this case username
public function getId()
{
return $this->username;
}
}
5. Create login views according to the user types you required
6. Update the RedirectIfAuthenticated middleware for auth redirections after login
7. Make sure to not use the default laravel Auth routes. This may cause some inconsistancy in workflow
The laravel version which i worked on and the solution is for is Laravel 6.x1 -
Wow, angular is still a pile of shit in 2024, nothing changed.
I renew my https://devrant.com/rants/7582990 previous rant
I've recently switched to angular 17, not because I'm a masochist, but because, unfortunately, we have a huge portal for a super huge multinational enterprise and it's made in angular.
It's 2 years worth of work, and they've suddenly decided it's cool to switch to angular 17, because standards, because it's new etc.
Now that this crap angular 17 came out I prepared my hair pulling room, where there are whips and self torture instruments, and I've typed into browser url they "super new super modern super efficient" angular.dev, which apparently is their new official super 1337 documentation site (spoiler, it's shit as the other if not worse).
Since they realized angular was pigshit, they decided to eviscerate it like a sacrifical lamb in ancient maya age and add lot of stuff that makes it modern and more friendly.
They think they made the big bang of news, but they implemented stuff that exist since 10 years after people were cutting their wrists in their github "request a feature" section for years.
Well, to make it brief, they made a whole clunky obscure way to bootstrap it and didn't even had the decency and modesty to properly document it (they never learn, sigh....)
In any case I put up a .NET minimal API that works well, and a small angular app with a Hello world page that fetches a "hello word" string from a test api route.
The api works everywhere, browser, postman etc etc.
But ta-dahhhh, in angular throws error.
They put various way of using http client. Main 2 are withFetch() and without.
withFetch() says "as error "Invalid self signed certificate" and withoutFetch "Unknown error".
Apparently we have to do shenanigans also to do some dev development3 -
!rant
TIL they created an open source e-mail protocol, JMAP (info at http://jmap.io), based on IMAP. The problem is, there is no client nor server that actually uses this. Do you know if they will ever develop one?