Readit News logoReadit News
cwales95 commented on JetBrains Fleet drops support for Kotlin Multiplatform   blog.jetbrains.com/kotlin... · Posted by u/konradkissener
Decabytes · a year ago
I personally find value in having two editors. A light editor like Emacs for writing Markdown, git, quick scripts, and a JetBrains IDE for longer running projects, and debugging. I don't feel the need to wholly replace one with the other
cwales95 · a year ago
I’m similar but have three main editors:

Vim for super quick changes (I’d like to increase my proficiency with vim but not really done much to do so).

Vscode for light text editing : coding which doesn’t require me to dig in to debug for a major length of time.

Jetbrains IDE for real work / tinkering were I may need to debug / leverage breakpoints / have good autocomplete.

cwales95 commented on Modern JavaScript for Django developers   saaspegasus.com/guides/mo... · Posted by u/rob
lastofus · a year ago
Decoupled Django usually means that you are providing a client SPA with a API, such as a DRF powered REST API.

If you are using something like token auth (you mentioned JWT), then you are not using cookies, at which point CSRF is not needed. This is because the user's browser isn't automatically sending the cooking containing a session ID on every request to the server.

That said, you can implement session auth with DRF REST APIs, which accept a session cookie on requests. For this, I believe you would receive/send CSRF tokens via HTTP headers.

XSS is not something you would worry too much about in an API endpoint. It is something you should worry a lot about in your client side SPA though. If using something like React, your templates will be auto-escaped, and thus you have to go out of your way to make it a problem.

cwales95 · a year ago
Where I get confused is storing the tokens securely. There's a lot of conflicting information online. I've come across many examples where they suggest localStorage which is a horrible idea.

A lot of the advice I see now is about http-only cookies but I think I'd probably look more into oAuth in the future.

cwales95 commented on Modern JavaScript for Django developers   saaspegasus.com/guides/mo... · Posted by u/rob
cwales95 · a year ago
I think this is a great resource but wish it had not chosen a hybrid architecture. All the guides on decoupled Django seem to choose hybrid. It makes sense because you get the CSRF / XSS safety benefits but I'd love to see how others tackle a fully decoupled Django stack e.g. oAuth, JWTs and how they do their CSRF / XSS security. It's an area I need to learn more about.
cwales95 commented on James Thomson on the Origins of the macOS Dock   daringfireball.net/linked... · Posted by u/tosh
oneeyedpigeon · a year ago
I almost never use the Dock. Cmd+Tab for app switching, Launchpad for launching. The Dock sure looks nice, and that animation was magical 20 years ago, but I hate how it interrupts the cleanliness of the desktop.
cwales95 · a year ago
I'm similar but I tend to use spotlight for launching. I do sometimes use the dock but all animations are disabled and it's hidden by default.
cwales95 commented on What the TP-Link Ban in the US Means for You   thedefendopsdiaries.com/w... · Posted by u/tuzzmaniandevil
duskwuff · a year ago
AI slop is hardly a "tangential annoyance". It's central to the content (or lack thereof) of the post.
cwales95 · a year ago
AI written content should really be banned. I don't want to read content from a bot I want to read content from a human.
cwales95 commented on Dumb TVs deserve a comeback   makeuseof.com/reasons-why... · Posted by u/znpy
cwales95 · a year ago
Whenever I obtain a 'smart' TV, I never connect it to the internet. I don't want a TV that can phone home.
cwales95 commented on Show HN: Minimal, customizable new tab for Chrome/Firefox   flowtide.app... · Posted by u/g3eorge
cwales95 · a year ago
Looks good.

I recently just created my own custom new tab extension. Closed source because it's literally just for me. It does a few nieche things e.g. syncing a todo list that also appears on a e-ink display. I like it. I also like that it's something that's just for me.

cwales95 commented on Useful built-in macOS command-line utilities   weiyen.net/articles/usefu... · Posted by u/yen223
cwales95 · a year ago
I actual wrote a similar post a while back: https://www.chriswales.uk/blog/my-favourite-macos-terminal-c...

networksetup was one of my favourites as well as du and caffeinate.

The 'security' command is new to me so thanks!

cwales95 commented on Is My Blue Your Blue?   ismy.blue/... · Posted by u/bpierre
hooby · a year ago
I'm actually of the opinion, that blue-green colors like teal or turquoise are both green and blue at the same time. Basically a mixture.

Having to pick just exclusively one - blue OR green - for such colors just feels, wrong and arbitrary?

You could also make a website that shows various shades of purple - and ask people is it blue or red? Well, both! Purple is a mixture of both blue and red. Why treat teal differently than purple?

cwales95 · a year ago
This was my opinion. Saying it's either blue or green when it looks to be a bit of both didn't sit well with me.
cwales95 commented on Can we trust Microsoft with Open Source? (2021)   dusted.codes/can-we-trust... · Posted by u/luu
cwales95 · 2 years ago
No one company can be.
c

u/cwales95

KarmaCake day247May 24, 2021View Original