• 0 Posts
  • 85 Comments
Joined 1 year ago
cake
Cake day: June 20th, 2023

help-circle

  • Sound like a critical race condition or bad memory access (this latter only in languages with pointers).

    Since it’s HTTP(S) and judging by the average developer experience in the domain of multi-threading I’ve seen even for people doing stuff that naturally tends to involve multiple threads (such as networked access by multiple simultaneous clients), my bet is the former.

    PS: Yeah, I know it’s a joke, but I made the serious point anyways because it might be useful for somebody.







  • The current Labour leadership has an eternal debt of gratitude to the Israel-linked Jewish Groups that participated in the Anti-Semitism Slander Campaign to overthrow Corbyn which was so extreme that at one point a Jewish Holocaust Survivor was accused of anti-semitism when he compared some of the actions of Israel to those of the NAZIs, in order to slander Corbyn by association (he was in the same panel in the conference were that Holocaust Survivor said that).

    I’m actually surprised they’re doing this and I wouldn’t be at all surprised if it’s structured to look good to the Press whilst not in fact doing anything meaningful (“some restrictions” that do “not suspend sales entirelly” has quite the stink of a certain very traditional structure in British Politics for a measure that produces certain headlines on the Press whilst not really doing what the headlines imply).


  • If it’s part of the Requirements that the frontend should handle “No results found” differently from “Not authorized”, even if that’s just by showing an icon, then ach list of stuff which might or not be authorized should have a flag signalling that.

    (This is simply data analysis - if certain information is supposed to be shown to the user it should come from somewhere and hence the frontend must get it from somewhere, and the frontend code trying to “deduce it” from data it gets is generally prone to the kind of problem you just got because unless explicitly agreed and documented, sooner or later some deduction done by one team is not going to match what the other team is doing. Generally it’s safer just to explicitly pass that info in a field for that purpose to avoid frontend-backend integration issues).

    Authorization logic is almost always a responsibility of the backend (for various reasons, including proper security practices) and for the frontend it’s generally irrelevant why it’s authorized or not, unless you have to somehow display per-list the reason for a it being authorized or not, which would be a strange UI design IMHO - generally there’s but a flag in the main part of the UI and a separate page/screen with detailed authorization information - if the user really wants to dig down into the “why” - which would be using different API call just to fill in that page/screen.

    So if indeed it is required that the frontend knows if an empty result is due to “Not Authorized” rather than “No results found” (a not uncommon design, though generally a good UI design practice is to simply not even give the user access to listing things the user is not authorized to see rather than let the user chose them and then telling them they’re not authorized to do it, as the latter design is more frustrating for users) that info should be an explicit entry in what comes from the backend.

    The JSON is indeed different in both cases, but if handled correctly it shouldn’t matter.

    That said, IMHO, if all those 3 fields in your example should be present, the backend should be putting a list on all 3 fields even if for some the list is empty, rather than a null in some - it doesn’t matter what the JSON is since even at the Java backend level, a List variable with a “null” is not the same as a List variable with a List of length 0 - null vs empty list is quite a common source of mistakes even within the code of just the one tier, though worse if it ends up in API data.

    Who is wrong or right ultimately depends on the API design having marked those fields as mandatory or optional.


  • That sounds like an error in the specification of the client-server API or an erroneous implementation on the server side for the last version: nothing should be signaled via presence or absence of fields when using JSON exactly because, as I described in my last post, the standard with JSON is that stuff that is not present should be ignore (i.e. it has no meaning at all) for backwards compatibility, which breaks if all of the sudden presence or absence are treated as having meaning.

    Frankly that there isn’t a specific field signalling authorized/not-authorized leads me to believe that whomever has designed that API isn’t exactly experienced at that level of software design: authorization information should be explicit, not implicit, otherwise you end up with people checking for not-in-spec side effects like you did exactly for that reason (i.e. “is the no data being returned because of user not authorized or because there was indeed no data to retunr?”), which is prone to break since not being properly part of the spec means any of the teams working on it might interpret things differently and/or change them at any moment.


  • If I remember it correctly, per the JSON definition when a key is present but not expected it should be ignored.

    The reason for that is to maintain compatibility between versions: it should be possible to add more entries to the data and yet old versions of the software that consumes that data should still continue to operate if all the data they’re designed to handle is still there and still in the correct format.

    Sure, that’s not a problem in the blessed world of web-based frontends where the user browser just pulls the client code from the server so frontend and backend are always in synch, but is a problem for all other kinds of frontend out there where the life-cycle of the client application and the server one are different - good luck getting all your users to update their mobile apps or whatever whenever you want to add functionality (and hence data in client-server comms) to that system.

    (Comms API compatibility is actually one of the big problems in client-server systems development)

    So it sounds like an issue with the way your JavaScript library handles JSON or your own implementation not handling per-spec the presence of data which you don’t use.

    Granted, if the server side dev only makes stuff for your frontend, then he or she needs not be an asshole about it and can be more accomodating. If however that data also has to serve other clients, then I’m afraid you’re the one in the wrong since you’re demanding that the backwards compatibility from the JSON spec itself is not used by anybody else - which as I pointed out is a massive problem when you can’t guarantee that all client apps get updated as soon as the server gets updated - because you couldn’t be arsed to do your implementation correctly.


  • Well, the language is generally different, which is a big barrier to moving (though you can get away with just English in a most countries, but some stuff - often public services - is only in the local language). There is also a cultural element in that people behave and expect slightly different things in different countries, which can be a bit of an adjustment.

    Even bigger than that is that most people aren’t comfortable with big changes and tend to stick to their own country - at the very least the first big move takes a significant amount of courage.

    Then if you have your own house with lots of stuff you have to arrange for the move, which will probably cost you maybe €1500 - €3000 depending on the distance and how much stuff you have.

    And finally, in my experience no country is all good or all shit - they generally have some good things and some bad things. Also, the grass is always greener on the other side of the fence until you move there, were after a while it’s the grass on the other side of the fence that starts looking greener.

    That said, some people - mainly the so-called Digital Nomads - do spend their life moving from country to country whilst working remotelly, which works especially well if you spend different Seasons in different places in Europe (some places are much better in the Summer and others in Winter). This is not new: I’ve met people whose life was working as Scuba Diver instructors in Summer in a country and as Ski Instructors in Winter in a different country.


  • EU countries are allowed to, by Treaty, expel EU citizens who moved there without the means to live there or a job.

    However it’s incredibly rare and there really isn’t any general procedure to do it: each country does it (or not) it’s own way. This tends to be used for people caught sleeping or begging on the streets.

    Further, for countries in the Schengen Area, they don’t even know you’re there unless you register, since you haven’t passed any border controls and thus aren’t in any database as having arrived but not departed.


  • I’ve literally done that inside the EU, though to the UK (back before Brexit) rather than Germany - I flew to London and stayed about a month in a hotel whilst looking for a contract there (I’m a freelancer) and more permanent accommodation.

    Years later I did the same to Germany, though I only stayed 3 months.

    The only requirement is that you either have a job or have the money to pay for the costs of living there (so you can still go without a job, as long as you have the money to pay for a place to stay, food and so on). The reason for the requirement that you can pay your way (either from a job or savings) is because people can’t just move to another EU country to do things like living on the street and begging or living of the local Social Security.

    Some countries also have a requirement that you register after 3 months there (for example, Germany), though it’s not any kind of applying to stay, it’s simply registering as living there. This is usually because there are associated obligations for residents in that country, not just in terms were do you pay tax, but in some countries (for example, Germany and The Netherlands) there are things like mandatory health insurance.

    In practice as an EU citizen, if you have the savings or the kind of job which you can do in 3 month stints or remotely, you absolutely can hop from country to country every 3 months without having to register with anybody (though I’m not sure how taxes would work - I suppose you would pay them in the last country you registered as a Resident).

    If you know the language, if it weren’t for taxes being per country and the rights and duties of Residents being different in different countries (such as the Mandatory Health Insurance for Residents in some countries but not others) hence the requirement to register after 3 months in some countries, the whole thing would be as easy as moving within your own country.


  • The difference between a sociopath and a murdering sociopath is the belief that they will lose nothing and even stand to gain from murder.

    Absolutelly, evil people are to blame from doing evil shit because they chose to do it.

    Other people who protect and support the evil people when they do the evil shit are also to blame because without their support and protection the evil people are a lot less likely to do the evil shit fearing the repercussions.

    In this specific instance, given that the US has been vetoing UN Security Council resolutions to stop Israel and is by far much more powerful than Israel in the World stage, the theory that they’re the “main obstacle to peace in Palestine” makes sense, or in other words, that the murdering sociopath would have to stop murdering due to fear of the consequences if the US stopped supporting it.

    Whilst it seems likely that it is, whether the US really is the “main obstable” or not is something that we would only know for sure after the US stopped supporting Israel.