Hacker News new | past | comments | ask | show | jobs | submit | zoidb's comments login

> As an application developer, you should set all cookies with SameSite=Lax

This is really good advice and has bitten me in the past, I think as someone who is new to this it is tempting to avoid the term "Lax" but you might end up with some surprising behavior if you go with "Strict" as your default.

I also attempted to make sense of it all and created https://samesite.diduthink.com


So many link shortners eventually shut down due to people trying to obfuscate illegal stuff. Have you had any issue yet with that?


Oh yes, of course! I had to remove links several times. Even around 2AM at night.

I received so many phishing reports from Vercel and Cloudflare and even the Italian government directly. It was really tough so I had to add Google's Safe Browsing API check to check for any phishing links. I wish I didn't have to but no phishing reports since then.


> Easily Linkable Headings

I haven't found a nice way to do this on both desktop/mobile. What I want is for every heading to have an anchor link that can be copied, similar to a hyperlink. I see a lot of sites do this with a [unicode chain symbol] which is present on hover, but that's not an option on mobile. Alternate option is to have it next to every heading (ugly), turn every heading into a hyperlink without styling, or make them look like regular hyperlinks which I think is confusing.


Try this.

/* keep the icon hidden by default */ :is(h1, h2, h3, h4, h5, h6) .icon { visibility: hidden; }

/* show the icon on focus and hover */ :is(h1, h2, h3, h4, h5, h6):focus .icon, :is(h1, h2, h3, h4, h5, h6):hover .icon { visibility: visible; }

/* show the icon on devices that don't have any accessory that can hover */ @media (pointer: coarse), (any-hover: none) { :is(h1, h2, h3, h4, h5, h6) .icon { visibility: visible; } }

The `pointer: coarse` media query checks if you are using a device with an input mechanism of limited accuracy (such as fingers on a touchscreen). The `any-hover: none` media query checks if none of the input mechanisms on your device support hover (such as a Surface tablet not attached with a keyboard).


thanks! I think I will try this.


Have an icon appear on hover, and make every heading a hyperlink (even without styling), and have a table of contents with links to each heading (with styling). No need to dumb down your interface just for smartphone users.


What's the point of the icon if the heading is already a hyperlink?


The anchor symbol can have JavaScript that copies the link to clipboard on click. And the heading can be a plain old link to itself. Gives a nice visual and interaction for desktop while providing a way for mobile users to get the link too (long-press the heading and copy link).


It serves as an indication that the link is an anchor for that heading and doesn't lead somewhere else.


I don't think it looks that bad. My blog's anchors are hover-visible on desktop and always visible on mobile (with lower opacity). I used this query to check for hover event availability to decide whether they should be always-visible: `@media screen and (hover: none)`. I think it turned out pretty ok¹.

[1]: https://ahmetsait.com/blog/en/Hello-World


Isn't that what anchor are for?


Huh I was able to click on it fine, maybe it wasnt clickable initially?


Ah yes, maybe my mistake!


> I've personally gone back to reading books and blog posts, talking to people via email, working on a book project, and prioritizing in-person, local relationships.

I mean, this sounds great? Or maybe I misinterpret that this change in how we view twitter is positive rather than a negative. I believe that Twitter as a centralized sounding board was a net bad for Internet culture anyway.


I mean, a very interesting idea but since I can't try it without paying $5 no thanks. Is there some sign-in flow I'm missing here?


You can! There's a free demo that you can use on the landing page after registering, no need to pay for anything.

It's good feedback though, I haven't made that clear enough. Let me know how you find the demo and if it provides you enough of an idea.

I'm looking to improve on it!


yeah the media absolutely is. this is the copycat effect (maybe there is a better name for it?) but essentially this you can see in media all the time whenever there is a big story.


"First, there will be those who are devoted to the goals of the organization. Examples are dedicated classroom teachers in an educational bureaucracy, many of the engineers and launch technicians and scientists at NASA, even some agricultural scientists and advisors in the former Soviet Union collective farming administration.

Secondly, there will be those dedicated to the organization itself. Examples are many of the administrators in the education system, many professors of education, many teachers union officials, much of the NASA headquarters staff, etc.

The Iron Law states that in every case the second group will gain and keep control of the organization. It will write the rules, and control promotions within the organization. "

It's the Iron Law of Bureaucracy https://www.jerrypournelle.com/reports/jerryp/iron.html


I found this revelatory at one point in my career, but this shouldn't have been a surprise as the administrators literally control all promotions and will thus turn the organization into one that serves the managerial class over actual technical ability and knowledge.

As a technical worker, your best option is to try to become extremely valuable and make it known that your continued employment is predicated upon promotions when they should be due. For example, if senior engineer is available at 5 years and you're working your butt off, you need to make it known that you're expecting it or they may just push it out to 6 years if they think they won't lose you. If you're really good at your job and it would be difficult to replace you and put your manager behind schedule, they'll be incentivized to take care of you. It's all a game.

On the flip side... don't try this if they're trying to get rid of you. Be prepared to walk away if you can if they're not taking care of you.

Another thing I learned is that if you want to join management, you have to pretty much stop acting technical. They usually don't like adding technical staff to management as 1.) it may make them look incompetent, 2.) you provide more value to the company doing technical work at a lower salary, and 3.) it shows you might actually not be a good fit for that kind of work, although this isn't necessarily true.


One thing that sticks out to me on the subject of copier wars was the copy protection measures that were implemented on small booklet walk-throughs for adventure games.

Usually there were red marks over the text that I presumed prevent photo-copying, and a red film you would look through to read the booklet. At some point there was no use as these things would be posted on BBS sites and you could simply print them out.


The ultimate method of defeating copy-protection: re-typing.


Not exactly the same configuration as the op, but if you are developing software using Go, the combination of Caddy, a single go binary, and systemd or some other supervisor is extremely flexible and i think is the way for running multiple services on a single VM.

A shell script that deploys a couple config files and off you go. Use different accounts for each service for isolation and put all of your static files in your binary using embed.FS. No need for fancy configuration management or K8s.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: