Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
It's maddening how few people working with the internet don't know anything about the protocols that make it work. Web work, especially, I spend far too much time explaining how status codes, methods, content-types etc work, how they're used and basic fundamental shit about how to do the job of someone building internet applications and consumable services.
The following has played out at more than one company:
App: "Hey api, I need some data"
API: "200 (plain text response message, content-type application/json, 'internal server error')"
App: *blows the fuck up
*msg service team*
Me: "Getting a 200 with a plaintext response containing an internal server exception"
Team: "Yeah, what's the problem?"
Me: "...200 means success, the message suggests 500. Either way, it should be one of the error codes. We use the status code to determine how the application processes the request. What do the logs say?"
Team: "Log says that the user wasn't signed in. Can you not read the response message and make a decision?"
Me: "That status for that is 401. And no, that would require us to know every message you have verbatim, in this case, it doesn't even deserialize and causes an exception because it's not actually json."
Team: "Why 401?"
Me: "It's the code for unauthorized. It tells us to redirect the user to the sign in experience"
Team: "We can't authorize until the user signs in"
Me: *angermatopoeia* "Just, trust me. If a user isn't logged in, return 401, if they don't have permissions you send 403"
Team: *googles SO* "Internet says we can use 500"
Me: "That's server error, it says something blew up with an unhandled exception on your end. You've already established it was an auth issue in the logs."
Team: "But there's an error, why doesn't that work?"
Me: "It's generic. It's like me messaging you and saying, "your service is broken". It doesn't give us any insight into what went wrong or *how* we should attempt to troubleshoot the error or where it occurred. You already know what's wrong, so just tell me with the status code."
Team: "But it's ok, right, 500? It's an error?"
Me: "It puts all the troubleshooting responsibility on your consumer to investigate the error at every level. A precise error code could potentially prevent us from bothering you at all."
Team: "How so?"
Me: "Send 401, we know that it's a login issue, 403, something is wrong with the request, 404 we're hitting an endpoint that doesn't exist, 503 we know that the service can't be reached for some reason, 504 means the service exists, but timed out at the gateway or service. In the worst case we're able to triage who needs to be involved to solve the issue, make sense?"
Team: "Oh, sounds cool, so how do we do that?"
Me: "That's down to your technology, your team will need to implement it. Most frameworks handle it out of the box for many cases."
Team: "Ah, ok. We'll send a 500, that sound easiest"
Me: *..l.. -__- ..l..* "Ok, let's get into the other 5 problems with this situation..."
Moral of the story: If this is you: learn the protocol you're utilizing, provide metadata, and stop treating your customers like shit.22 -
Worst error message management.
Can't you just display the valid pattern for an username instead of showing different error message everytime.
If plain ASCII and only letters and numbers same for them, just show only letters and numbers, and
what's that hourly limit.
I just couldn't sign up after wasting time thinking of an username.
6 -
Best part about the covid19 manufactured crisis?
Liquor stores deliver. Worst part about liquor stores delivering? Needing to use their shoddy websites.
I've been using a particular store (Total Wines) since they're cheaper than the rest and have better selection; it's quite literally a large warehouse made to look like a store.
Their website tries really hard to look professional, too, but it's just not. It took me two days to order, and not just from lack of time -- though from working 14 hour days, that's a factor.
Signing up was difficult. Your username is an email address, but you can't use comments because the server 500s, making the ajax call produce a wonderfully ambiguous error message. It also fades the page out like it's waiting on something, but that fade is on top of the error modal too. Similar error with the password field, though I don't remember how I triggered it.
Signing up also requires agreeing to subscribe to their newsletter. it's technically an opt-in, but not opting-in doesn't allow you to proceed. Same with opting-in to receiving a text notification when your order is ready for pickup -- you also opt-in to reciving SMS spam.
Another issue: After signing up, you start to navigate through the paginated product list. Every page change scrolls you to the exact middle of the next page. Not deliberatly; the UI loads first, and the browser gets as close as it can to your previous position -- which was below that as the pagination is at the bottom -- and then the products populate after. But regardless of why, there is no worse place to start because now you must scroll in both directions to view the products. If it stayed at the very bottom, it would at least mean you only need to scroll upwards to look at everything on the page. Minor, but increasingly irritating.
Also, they have like 198 pages of spirits alone because each size is unique entry. A 50ml, 350ml, 500ml, 750ml, 1000ml, and 1750ml bottle of e.g. Tito's vodka isn't one product, it's six. and they're sorted seemingly randomly. I think it's by available stock, looking back.
If you fancy a product, you can click on it for a detail page. Said detail page lists the various sizes in a dropdown, but they're not sorted correctly either, and changing sizes triggers a page reload, which leads to another problem:
if you navigate to more than a few pages within a 10 or so second window, the site accuses you of using browser automation. No captcha here, just a "click me for five seconds" button. However, it (usually) also triggers the check on every other tab you have open after its next nagivation.
That product page also randomly doesn't work. I haven't narrowed it down, but it will randomly decide to start failing, and won't stop failing for hours. It renders the page just fine, then immediately replaces it with a blank page. When it's failing, the only way to interact with the page is a perfectly-timed [esc], which can (and usually does) break all other page functionality, too. Absolutely great when you need to re-add everything from a stale copy of your signed-out cart living in another tab. More on that later. And don't forget to slow down to bypass the "browser automation" check, too!
Oh, and if you're using container tabs, make sure to open new tabs in the SAME container, as any request from the same IP without the login cookie will usually trigger that "browser automation" response, too.
The site also randomly signs you out, but allows you to continue amassing your cart. You'd think this is a good thing until you choose to sign in again... which empties your cart. It's like they don't want to make a sale at all.
The site also randomly forgets your name, replacing it with "null." My screen currently says "Hello, null". Hello, cruft!
It took me two days to order.
Mostly from lack of time, as i've been pulling 14 hour shifts lately trying to get everything done. but the sheer number of bugs certainly wasted most of what little time i had left. Now I definitely need a drink.
But maybe putting up with all of this is worthwhile because of their loyalty program? Apparently if you spend $500, you can take $5 off your next purchase! Yay! 1%! And your points expire! There are three levels; maybe it gets better. Level zero is for everyone; $0 requirement. There are also levels at $500 and $2500. That last one is seriously 5x more than the first paid level. and what does it earn you? A 'free' magazine subscription, 'free' classes (they're usually like $20-$50 iirc), and a 'free' grab bag (a $2.99 value!) twice per month. All for spending $2500. What a steal. It reminds me of Candy Crush's 3-star system where the first two stars are trivial, and the third is usually a difficult stretch goal. But here it's just thinly-veiled manipulation with no benefit.
I can tell they're employing some "smarketing" people with big ideas (read: stolen mistakes), but it's just such a fail.
The whole thing is a fail.8 -
(Best read while listening to AEnima by Tool, loudly)
Dear Current Workplace,
Fuck you, for the reasons enumerated below.
Fuck your enterprise grey blue offices, the stifling warm air of a hundreds of bodies and sub par "development laptops".
Fuck your shitty carbonated water machines which were a cost saving measure over decent drinkable water.
Fuck your fake "flexi time", "you can do home office whenever you want" bullshit. You're still inviting me to mandatory meetings at 09:00 regularly.
Fuck your shitty, in house, third part IT provider sister company. They're the worst of all worlds. If it was in company, we'd get to give out to them, if it was an external company we'd fire them. And yes, when I quit I will quote the dumpster fire that is our corporate VPN as a major factor.
Fuck your cheery, bland, enterprise communication. Words coming under the corporate letterhead seem to lose all association with meaning. Agile, communication, open are things you write and profess to respect, but it seems your totally lack understanding of their meaning.
Fuck your client driven development. Sometime you actually have to fix the foundations before you can actually add new features. And fuck you management who keep on asking "why are there so many bugs and why is it always taking longer to deliver new releases". Because of you, you fucknuts, Because you can't say "NO" to the customer. Because you never listen to your own experienced developers.
Fuck your bullshit "code quality is important to us" line. If it's so important, then let us fix the heap of shit you're selling so that it works like a quasi functional program.
Fuck you development environment which has 250 projects in a single VS solution. Which takes 5mins plus to compile on a quad core i7 with 32 gb of ram.
Fuck this bullshit ball of mud "architecture". I spend most of my time trying to figure out where the logic should go and the rest of the time writing converters between different components. All because 7 years ago some idiot "architect" made a decision that they didn't have to live with.
Actually, fuck that guy in particular. Yeah, that guy who was the responsible architect for the project for 4 years and not once opened the solution to look a the code.
Fuck the manual testing of every business process. Manual setup of the entities takes 10mins plus and then when you run, boom either no message or some bullshit error code.
Fuck the antiquated technology choices which cause loads of bugs and slow down development. Fuck you for forcing me to do manual tests of another developers code at 20:00 on a Friday night because we can't get our act together to do this automatically.
Fuck you for making sure it's very clear I'm never going to be anything but a code monkey in this structure. Managers are brought in from outside.
Fuck you for being surprised that it's hard to hire competent developers in this second rate, overpriced town. It's hard to hire anywhere but this bland shithole would have anyone with half a clue running away at top speed.
Fuck you for valuing long hours and loyalty over actual performance. That one guy who everyone hated and was totally incompetent couldn't even get himself fired. He had to quit.
Fuck you for your mediocrity.
Fuck you for being the only employer for my skill-set in the region; paying just well enough that changing jobs locally doesn't make sense, but badly enough that it's difficult to move.
Fuck you for being the stable "safe" option so that any move is "risky".
Fuck your mediocrity.
Fuck you for being something I think about when I'm not at work. Not only is it shit from 9 to 5 you manage to suck the joy out of everything else in my life as well?
Fuck you for making me feel like a worse developer every day I work here. Fuck you for making every day feel like a personal and professional failure. Fuck you for making me seriously leave a career I love for something, anything else.
Fuck you for making the most I can hope for when I get up in the morning is to just make it until the night.6 -
MySQL has the absolute worst error messages.
"You have an error in your SQL syntax; check the manual that corresponds blah blah near '(some random code line)'".
How vague can you be? It doesn't help that I always find the error in a completely different place to where the message says it is.5 -
Worst part of being a dev? Ever got an error message without a corresponding stack overflow question/awnser?1
-
Printers come straight from hell!
I visited my grandma. She told me that she has a problem with her printer. I printed something (b/w) and looked at it. It looked really bad. The printer showed an error message saying that there's a problem with the color cartridge. I took it out, put it back in and printed again. It looked perfect. But the message appeared again.
Every time my grandma wants print or copy something (even in black and white) she needs to take out this cartridge, put it back in and pray.
One time I printed something with my paper. I have the right paper for it (A4). The printer scaled it down...
IT PRINTED A VERSION FOR ANTS!
It took several attempts and wasted paper and ink but FINALLY it came out nearly perfect.
Printers are the worst devices I've ever worked with.
3 -
Let's talk a bit about CA-based SSH and TOFU, because this is really why I hate the guts out of how SSH works by default (TOFU) and why I'm amazed that so few people even know about certificate-based SSH.
So for a while now I've been ogling CA-based SSH to solve the issues with key distribution and replacement. Because SSH does 2-way verification, this is relevant to both the host key (which changes on e.g. reinstallation) and user keys (ever replaced one? Yeah that's the problem).
So in my own network I've signed all my devices' host keys a few days ago (user keys will come later). And it works great! Except... Because I wanted to "do it right straight away" I signed only the ED25519 keys on each host, because IMO that's what all the keys should be using. My user keys use it, and among others the host keys use it too. But not by default, which brings me back to this error message.
If you look closely you'd find that the host key did not actually change. That host hasn't been replaced. What has been replaced however is the key this client got initially (i.e. TOFU at work) and the key it's being presented now. The key it's comparing against is ECDSA, which is one of the host key types you'd find in /etc/ssh. But RSA is the default for user keys so God knows why that one is being served... Anyway, the SSH servers apparently prefer signed keys, so what is being served now is an ED25519 key. And TOFU breaks and generates this atrocity of a warning.
This is peak TOFU at its worst really, and with the CA now replacing it I can't help but think that this is TOFU's last scream into the void, a climax of how terrible it is. Use CA's everyone, it's so much better than this default dumpster fire doing its thing.
PS: yes I know how to solve it. Remove .ssh/known_hosts and put the CA as a known host there instead. This is just to illustrate a point.
Also if you're interested in learning about CA-based SSH, check out https://ibug.io/blog/2019/... and https://dmuth.org/ssh-at-scale-cas-... - these really helped me out when I started deploying the CA-based authentication model.
19 -
Worst error message to show a new user...
"An account with that email and password already exist. Please try again or login to your account." 😂😂😂😂💀💀💀💀3 -
I explained last week in great detail to a new team member of a dev team (yeah hire or fire part 2) why it is an extremely bad idea to do proactive error handling somewhere down in the stack...
Example
Controller -> Business/Application Logic -> Infrastructure Layer
(shortened)
Now in the infrastructure layer we have a cache that caches an http rest call to another service.
One should not implement retry or some other proactive error handling down in the cache / infra stack, instead propagate the error to the upper layer(s) like application / business logic.
Let them decide what's the course of action, so ...
1) no error is swallowed
2) no unintended side effects like latency spikes / hickups due to retries or similar techniques happens
3) one can actually understand what the services do - behaviour should either be configured explicitly or passed down as a programmed choice from the upper layer... Not randomly implemented in some services.
The explanation was long and I thought ... Well let's call the recruit like the Gremlin he is... Gizmo got the message.
Today Gizmo presented a new solution.
The solution was to log and swallow all exceptions and just return null everywhere.
Yay... Gizmo. You won the Oscar for bad choices TM.
Thx for not asking whether that brain fart made any sense and wasting 5 days with implementing the worst of it all.6 -
The best/worst code comments you have ever seen?
Mine:
//Upload didn't work, have to react:
system.println('no result');
//$Message gives out a message in the compiler log.
{$Message Hint 'Feed the cat'}
//Not really needed
//Closed source - Why even comments?
//Looks like bullshit, but it has to be done this way.
//This one's really fucked up.
//If it crashes, click again.
asm JMP START end; //because no goto XP
catch {
//shit happens
}
//OMG!!! And this works???
asm
...
mov [0], 0 //uh, maybe there is a better way of throw an exception
...
mov [0], 0 //still a strange way to notify of an error
// this makes it exiting -- in other words: unstable !!!!!
//Paranoic - can't happen, but I trust no one.
else {
//please no -.-
sleep(0);
}
//wuppdi
for (int i = random(500); i < 1000 + random(500 + random(250)); i++)
{
// Do crap, so its harder to decompile
}
//This job would be great if it wasn't for the f**king customers.
//TODO: place this peace of code somewhere else...
// Beware of bugs in the code above; I have only proved it correct, not tried it.
{$IFDEF VER93}
//Good luck
{$DEFINE VER9x}
{$ENDIF}
//THIS SHIT IS LEAKING! SOMEONE FIX IT! :)
/* no comment */5 -
I fucking hate Visual Studio!
Don't get me wrong, from time to time I actually enjoy it but not today.
It all went south when I tried to add a new handler to an fucking old asp.net webpage. I had the access the 'Range' headed to stream bits of audio and video files to the client. It was working absolutely fine for the first hour and a half, after that point the fun started...
VS decided that my source code and the binaries won't match anymore. Everytime I tried to add a fucking breakpoint or debug this cunt of an error it would just refuse
The worst part that made me go apeshit was when I finally got a breakpoint and the exception. Some unknown fucking system dll just kept on killing my thread without a proper error message because it's optimized to the fucking moon and back!
Any ideas from the devs here on what's going on and how the fuck I can fix this?6 -
I had to create an account on a website. I used LastPass to generate a strong password. I entered it and got the following message:
"Password must be between 8 and 16 characters and must have special characters (? , ! & #) and numbers"
My password was 20 characters, me annoyed to generate a 16 character password. Filled it in and got the same error. That was it for me.
Who dafuq limits a password to 16 characters, that's fucking nothing. It did not accept all special characters, only the ones that were showed (like 5 or so).
And here comes the worst part...
It's a bank website! I had to create the most most most insecure password in history for it to work.7 -
The fucking worst part of my job is when I get thrown an error on a bug I'm trying to fix and it doesn't even contain an error message. For example, I'll try to verify a self signed certificate but I get an error and literally the only error thrown is [Error 0], no fucking message. If you try to track down the error in the docs they don't even fucking list errors. Times like these make me wish I could castrate people with my1
-
I'm sure this has been ranted about before because I can hardly be the only one.
Android development and the upgrade dance.
Things were worse in the bad old days of eclipse but it's not like they're peachy now, either. Android is one of many platforms I'm developing for - c++ back-end, running on lots of different platforms through a thin bit of platform specific glue.
That's all I care about - that this thin bit of glue just works. I want to write this stuff, forget about it and get on with solving what I feel are real problems, for me, in my code.
The trouble is, I'm never finished writing this and android is one of the worst. With every revision change, google changes *something*. New build system? Why not, you indie developers have *loads* of time and resources to waste on that, don't you? Some weird thing just stops working for no apparent reason? You guys love to drop whatever it was you were working on to figure out what the hell ' android.app.Instrumentation' does and why it can't talk to my main class any more, or why I even need it but nothing in that error message about what I might do to fix this arcane random error.
Google have all the resources in the world, I do not. Yet I have to dance for them, every time I upgrade.
Can you guys please funnel some of your practically infinite resources in to making this stuff 'just work'? -
Some compilers give an error message on forgotten type casting. From that it shows good typing style casting. So you also avoid clerical errors that can lead to the program crash in the worst case. With some types it is also necessary to perform type casting comma on others Types, however, do this automatically for the compiler.
In short:Type casting is used to prevent mistakes.
An example of such an error would be:
#include <stdio.h>
#include <stdlib.h>
int main ()
{
int * ptr = malloc (10*sizeof (int))+1;
free(ptr-1);
return 0;
}
By default, one tries to access the second element of the requested memory. However, this is not possible, since pointer calculation (+,-) does not work for a void pointer.
The improved example would be:
int * ptr = ((int *) malloc (10*sizeof (int)))+1;
Here, typecasting is done beforehand and this turns the void pointer into its int pointer and pointer calculation can be applied. Note: If instead of error "no output" is displayed on the sololearn C compiler try another compiler.
1 -
GoDaddy. Is. The. Worst.
I'm working on an SSL cert domain verification for a client. The chat support tech at GoDaddy has no freaking clue what she's doing. She keeps telling me to follow the same help article I already knew about the first second I heard I needed to do this job. It didn't work. But she keeps going back to it, sure that I'm just a complete and utter moron who doesn't read. Never mind that I have screenshots to prove everything she's telling me is 100% wrong according to every error message this process is generating.
Now she's checking with the "SSL team". Which is code for "I have absolutely no idea what I'm doing and I'm frantically searching the FAQ database to figure out what this SSL thing even is."
That's what the last hour of my life has been. And 20 minutes of that was waiting in the chat queue.5 -
$rant = new Rant('PHPStorm');
When you work with Drupal 8, you tend to become psychotic because this CMS is just a humongous load of crap. But sometimes, it's just PHPStorm that's fucking with you.
This morning, I lost 2 fucking hours because I was editing a temp file instead of my controller file, and spent way too fucking many time trying to find out where it came from until I discovered the tempfile with good ol' sublime text, and realizing the original file wasn't touched since the beginning.
I wish the huge ass SQL error message I saw to no one, not even my worst enemy.
This afternoon, while refactoring a bit of code, PHPStorm suddenly starts to whine that something is either missing or shouldn't be here (gotta love PHP, heh?). So I spent a time I didn't have to copy the whole fucking function to a notepad, then copying it back bit by bit to get where the error came from.
Guess what? Nothing went wrong, everything was ok from the beginning.2
Top Tags
Weekly Rant
View