A point against AllowEncodedSlashes Off which I hadn't connected the dots on is that "security researchers" from HackerOne will report URLs like this as "content injection vulnerabilities" for all time:
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
May 14 2021
It may be doing it that way to avoid the possibility for missed timer overflows?
May 12 2021
May 7 2021
I'm starting with an absolute bottom-of-the-line 3018, I've "upgraded" it with a plotter collet I made out of a pool noodle and a piece of cable gland so I'm less likely to hurt myself for now:
May 6 2021
May 4 2021
The digestWithNamedKey() issue above generally impacts anything using immutable caches, so it can affect CSRF too.
May 2 2021
- This is far afield from any application I have today, but it seems plausible to operate a small-scale DIY plastic foundry (Ref) that converts plastic waste into blanks for machining or injecting into machined molds.
- The cost to just buy premade plastic blanks doesn't seem particularly high (roughly comparable to plywood?) although I know nothing about plastic qualities.
- Unsurprisingly, it seems like the market for recycled plastic material doesn't have a lot of DIY buyers (unit sizes are often: 1,500 pounds; per metric ton; per 40,000 pound truckload; "*Only Quantities of 10k lbs Plus").
- There are a handful of people doing extremely high-precision DIY EDM machining (Ref).
May 1 2021
Apr 30 2021
Apr 28 2021
Apr 25 2021
Apr 14 2021
Apr 8 2021
Yes. I closed down registration on this install (secure.phabricator.com) several years ago because the overwhelming majority of users who registered accounts here didn't read or follow the rules. Access to secure.phabricator.com is now invite-only.
Apr 7 2021
Ah, I think it's:
(This might need to be sprite-sheeted too, but I think the sprite stuff hasn't been used in years -- since we switched pretty much everything to icon fonts -- and don't remember exactly how it works. I can look into it and do the actual bin/uh-generate-a-sprite-sheet or whatever in a followup.)
Thanks!
Apr 6 2021
Mar 29 2021
Mar 28 2021
One call to for-each-ref comes from resolving a list of commit hashes, to test if they still exist. This is accomplished with DiffusionLowLevelResolveRefsQuery, which calls git for-each-ref first and falls back to git cat-file --batch-check.
Has this repository changed?
Mar 27 2021
Mar 26 2021
This is now in stable; presuming it works until evidence to the contrary emerges.
D21656 fixes variables_order.
Mar 25 2021
The "Cancel" button should mean "Delete" if...