Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Perl Monks Discussion

( #1040=superdoc: print w/replies, xml ) Need Help??

This section is only for discussing issues pertaining to the PerlMonks web site. You can ask about how things work, or offer ideas on how the site could be improved, for example.

Unless the topic pertains to the PerlMonks web site, it does not belong in this section. If you're unsure, check out Where should I post X? and The Perl Monks Guide to the Monastery, or ask in the chatterbox.

PerlMonks Discussions
No line breaks in inline code
1 direct reply — Read more / Contribute
by Eily
on Mar 24, 2017 at 10:32

    While you can expect codeblocks to preserve the formatting of your code (unless you have codewrapping enabled, but additional line breaks are made explicit by adding a red '+' and not incrementing the line number), I just discovered that this is not the case with inlinecode. The browser can insert a line break wherever a space is present if the line is too long. Most of the time this is not a big issue since there's no difference between a space and a line break outside of string constructs, but I'd still like pieces of code that were meant to be a single line to be displayed on a single line (as a matter of fact, I discovered this on a regex with the /x modifier, so one of the cases where whitespace doesn't matter).

    I added this line .inlinecode { white-space:nowrap; } in my CSS, so I don't have the problem anymore. But there might be other monks around who would like the oneliners to always be displayed on one line, and I think this change would make sense as default behaviour.

    NB: if you want to try for yourself, here is a one liner that you can break into two lines by resizing your browser's window: perl -lne '(1x$_) !~ /^1?$|^(11+?)\1+$/ && print "$_ is prime"'

Prohibit empty nodes
2 direct replies — Read more / Contribute
by hippo
on Mar 23, 2017 at 11:54

    It's a minor annoyance but hopefully an even more minor fix. I suggest that the site code be modified such that entirely empty nodes are automatically rejected. It's a particular time-and-resource waster in the case of anonymous posts as they serve absolutely no value - would anyone dispute this?

    There might conceivably be some argument for allowing empty non-anonymous posts (although what it might be escapes me) so that could be up for debate. If you think these are worth allowing then do please contribute to this thread.

Adding a "client-side manipulation" repository
3 direct replies — Read more / Contribute
by stevieb
on Mar 22, 2017 at 16:17

    Would it be possible to set up an area here on PM that people can share their web browser custom hacks that manipulate and perform actions based on site content?

    I'm thinking JS, CSS and other browser-intrusive things that people have customized. A localized repository of these things for people to share would be nice.

    I know of at least a few Monks who do this kind of thing to get alerts, filter content, re-layout content etc. I know a bit about this sort of manipulation, but it would be great if we had a space specific for site hacks, so that people who aren't overly in tune with such things can have copy/pastable code to drop. Each entry would come with the code, where to put the code (ie. how to implement the hack), and what browser they typically use while using the code. Optionally, a link to a real repository for their entry would be included, as to make updating (or at least a review of future updates) possible.

    update: This need not be limited to browser hacks. It could also include such things as scripts/code that scrape, and take action based on what is found (like my little Perlmonks XP thing I wrote for an LCD last year for example).

Cookies switched to HTTPOnly Cookies
No replies — Read more | Post response
by Co-Rion
on Mar 22, 2017 at 13:20

    As of just now, I've switched the cookies that the Perlmonks domains set to have the HTTPOnly attribute. This means that the most trivial XSS attack won't be able to steal cookies from here, as the browser will not make the cookie available to Javascript code.

    This should be testable locally by pasting the following text into your browser Javascript console while on a Perlmonks domain:

    javascript:alert(document.cookies);

    If the userpass cookie still shows up there, you might need to log out and log in again.

    I believe this will have no ill side-effects.

    If you have a genuine use-case for giving Javascript access to the site cookie, please speak up so we can discuss a work-around.

Performance/Connectivity issues?
3 direct replies — Read more / Contribute
by haukex
on Mar 22, 2017 at 03:47

    Hi all, since ~Friday I've been experiencing serious performance (pages take a minute or two to load) and sometimes connectivity (connection reset) issues. For example, posting this node has taken at least five minutes so far for exactly those two reasons. I'm somewhat certain it's not just me because it's happened from a few different locations. I've experienced similar issues for the past year or so, but much more intermittently. Is something going on?

Canonization Without Representation
17 direct replies — Read more / Contribute
by trippledubs
on Mar 17, 2017 at 02:58

    If you look at Saints in our Book, you will find that there is systemic discrimination against younger monks.

    Most "Saints" have been here since 2002 and there is a standard deviation of 3. If I remember correctly from the stats class I took twice, that means, I'm probably being screwed. The Median User Since Year (MUSY) is even less than the average (AUSY), but still in year 2002. This indicates a central tendency and predominance of Saints that locked eyes on their future spouse over spilled punch cards; spare me.

    If PM is to survive and enter the prefigurative age, we are going to need link. Empower the younger generation to carry on the torch!

https oddity
3 direct replies — Read more / Contribute
by huck
on Feb 25, 2017 at 15:03
rt://46333 links to rt.perl.org not rt.cpan.org
2 direct replies — Read more / Contribute
by Anonymous Monk
on Feb 23, 2017 at 20:57
Fine grained "a day ago" or "a week ago"
3 direct replies — Read more / Contribute
by stevieb
on Feb 22, 2017 at 23:27

    Request for new clicky-availability...

    When pointing at the arrows << and <, its a week ago and a day ago respective. We need something more updated than that. I do not have a solution, so this is a throw-out for discussion.

    This is, I suppose, a formal (public) application to become a pmdev, so I may become part of the team that can see what is happening, and potentially be part of new ideas.

So what's the deal with PerlMonks not changing in like 16 years?
5 direct replies — Read more / Contribute
by nysus
on Feb 09, 2017 at 06:58

    First, I love PerlMonks. It's the very first community I really felt a kinship with on the internet back in the day when CGI was king and Perl was it's handmaiden. And PerlMonks is still a great resource for connecting with people who really love and appreciate Perl and, more importantly, love sharing their love for the craft of Perl programming.

    But I have to say that I think it's success has come despite the aging, creaking interface that is PerlMonks. Now, I don't want to be too harsh. In fact, I suppose part of PerlMonk's charm now is its aging, creaking interface. And I'm more than happy to put up with it and forego StackOverflow for certain questions simply because this is much more of community and it's less transactional than StackOverflow. There's lots of really cool people here and if you are going to be a proper Perl programmer and truly understand the culture of Perl, being on PerlMonks is kind of a requirement.

    I also want to be careful not to crap on the people who operate this site. It still works good enough and I am grateful for the people who operate it. So thank you!

    That said, every time I come to PerlMonks I have to wonder why the PerlMonks interface is frozen in 2001. Is it lack of resources? Lack of manpower? Lack of interest? Was the original PerlMonks code written in such a way to make it nearly impossible to upgrade the interface? A little bit of all of the above?

    And from a marketing perspective, does sticking with an older interface contribute negatively to the perception that Perl is programming language of the past? I'm willing to bet a lot of potential new Perl programmers, who don't yet have the wisdom of the more seasoned folks around here, abandoned this site because of the interface. It's a shame because PerlMonks is just a totally awesome place.

    And look, I'm not calling for a total overhaul. But even minor improvements would be great like not having to type HTML into the textareas or having to refresh the page to see new chatbox messages.

    Yes, PerlMonks is good enough, but I keep wondering what holds it back from becoming just a little bit better. Any insight to satisfy my curiousity is appreciated so I can quit wondering.

    $PM = "Perl Monk's";
    $MCF = "Most Clueless Friar Abbot Bishop Pontiff Deacon Curate";
    $nysus = $PM . ' ' . $MCF;
    Click here if you love Perl Monks

Reply to a post not appearing
6 direct replies — Read more / Contribute
by johngg
on Feb 07, 2017 at 18:40
Unable to front-page [id://1181114]
2 direct replies — Read more / Contribute
by kcott
on Feb 05, 2017 at 03:57

    I've made several attempts to front-page "Turning very larger numbers into an array of bits" ([id://1181114]) without success. Each time, I've checked "FrontPage" and clicked "moderate"; some processing appears to occur; then the page is displayed with "FrontPage" unchecked: no errors or warnings are emitted.

    The page is currently approved. It appears correctly (as far as I can tell) in: SoPW; RAT; and Newest Nodes. I can access the page from all of those places. It does not appear on the Front Page (i.e. it's not just some issue with the "FrontPage" checkbox display).

    Other than that, it appears to be functioning normally: I have no problems viewing it; I've voted on it; I've voted on a reply; I've replied to it myself.

    — Ken

Let's Make PerlMonks Great Again!
6 direct replies — Read more / Contribute
by LanX
on Jan 29, 2017 at 11:49
Nodelet style broken?
5 direct replies — Read more / Contribute
by Anonymous Monk
on Jan 24, 2017 at 14:24
    The nodelets are displaying without the usual small font and blue border at the moment, just plain text, still aligned at the right of the page, web inspector isn't showing any errors. Did something change?
Anger Management
1 direct reply — Read more / Contribute
by afoken
on Jan 22, 2017 at 05:47

    So, this meditation is about anger management. Or maybe failed anger management. You will notice an abrupt end, at a point where I just wanted to yell at everyone.


    I stumbled over an old thread, Is there a Perl authentication and authorisation framework for CGI web application?, where Your Mother gave this really good answer:

    Password recovery means passwords are stored in a readable fashion and this is a worst practice, so itís just as well it doesnít do it.

    And that reminds me of an even older thread, What happened?. Linked from there, there is Status of Recent User Information Leak, with the following promise:

    Strengthening Authentication

    The administrators are planning to implement hashed passwords (allowing more than 8 chars).

    What happened since then?

    This is what I found in Tidings through 2014-11-10 atfer visiting Tidings:

    10-character passwords now allowed

    Jun 10, 2012 at 06:30 CEST

    PerlMonks forms used to specify a maximum password length of 8 characters while it was possible to give yourself a 10-character password by bypassing these forms. Now the forms specify a maximum password length of 10 characters.

    I must have missed something. It must be so. I don't want to believe that it took three f***ing years to increase the password length by just two characters and call that "case closed". I don't want to believe that after 7.5 years, perlmonks still stores passwords unhashed, unsalted in plain text.

    But still, there is a link to What's my password? on the login form, it still requires just a username or a mail address, and it sends me my password in plain text in an unencrypted mail, together with my username!

    Hey there.

    You or someone else has requested a password for your username or e-mail address.

    Before you freak out, take a few deep breaths and remember that it's YOU and not THEM who is getting this password.

    Here's your info:

    username: afoken

    passwd: *****

    human name: Alexander Foken

    love, the management

    http://perlmonks.org/

    WHAT THE F**K?!

    Yes, I took a deep breath. Several. I slowly counted to 100. Several times.

    But:

    ARE YOU KIDDING ME?!

    7.5 years and nothing relevant has changed. Perlmonks passwords are obviously still stored in plain text, or in a form that can be decrypted on the server, which is as bad as plain text.

    That's a login system that would make the worst amateurs blush.

    People have been told for years to avoid MD5 hashes because they are insecure. People have been told for years to salt hashes with long, random salts, and to use really expensive hash functions, like bcrypt or PBKDF2.

    Yet, perlmonks still uses plain text passwords, 7.5 years after many, if not all, passwords have been copied by some script kiddies? And to add insult to injury, perlmonks happily sends out login name and password in plain text. No traces of a time-limited one-time link for setting a new password. No trace of even the simplest way, sending out one mail with the username, and a second one with the password.

    Alexander

    --
    Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Discussion Item
Title:
Give us your input:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and all is quiet...

    How do I use this? | Other CB clients
    Other Users?
    Others imbibing at the Monastery: (4)
    As of 2017-03-25 03:19 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?
      Should Pluto Get Its Planethood Back?



      Results (310 votes). Check out past polls.