Journaling on estrip is free and easy. get started today

Last Visit 2012-06-04 13:32:26 |Start Date 2006-02-27 14:30:33 |Comments 654 |Entries 407 |Images 203 |Sounds 3 |SWF 3 |Videos 44 |Mobl 11 |

10/27/07 03:04 - 57ºF - ID#41836

i got some splainin to do

OK so we've got two Halloween parties to go to tonight, and I'm only wearing one costume. The roller girls will understand my costume without explanation, but I'm afraid it will likely leave many or all of you scratching your heads. I can hear it now: 'I understand you're a roller girl, but what's with the potato masher?' I will not answer your question. I will refer you to this blog.

The QCRG All-Stars* played against the Steel Town [Hamilton, ON] Tank Girls this past summer in a game where the officiating was bad and the sportsmanship was worse. Derby is a rough sport, but this rapidly became unsettling on an almost visceral level. Anyway, the costume is a Tank Girls' uniform.

That does not explain the potato masher. There is a Tank Girl whose name is Cheese Grater. She carries around a cheese grater. I'm not sure whether the name or the kitchen implement came first, but I'm pretty sure I don't want to ask. It's pretty random, but it's not any less random than, say, a potato masher. And I guess cheese is relatively badass as far as dairy products go, but consider this: if someone chucked a piece of cheese at you, you'd be angry but mostly confused. But if someone chucked a potato at you, you'd be IN PAIN!!!!!

- Z

  • ie, anyone who wasn't busy that weekend
print add/read comments

Permalink: i_got_some_splainin_to_do.html
Words: 244
Location: Buffalo, NY

Category: blagosphere

10/26/07 04:21 - 60ºF - ID#41821

something more interesting

"Winter in Blogville" by Jennifer ("14221") Wutz-Lopes (Buffalo Spree, Nov 2007, p26)

Someone ( everyone!) over at has their panties in a bunch about something to do with the fact that they are not taken seriously as bloggers. Take a number and get in line, I say.

But estrip is by far the most colorful screenshot in the bunch.

- Z
print add/read comments

Permalink: something_more_interesting.html
Words: 62
Location: Buffalo, NY

10/26/07 03:09 - 60ºF - ID#41820


Because I know everyone's been holding their breath for this, here's the HTTP auth Javascript server-side script and database layout

- does not require any hooks in your HTML code; just make sure your form has fields named 'username' and 'password' and import the Javascript
- can be attached to any form with an access-restricted target; script will pre-authenticate and, if successful, send the rest of the form as usual.
- You're not going to be able to use the server script as-is because it's kind of dependent on other parts of the project. You're not going to be able to read the server script as-is because it's Python. [Also in the full version you can change your authentication realm, and users in the special '_administrator' realm can log in to anyone's site.]
- no backwards Internet Explorer compatibility code in the Javascript
- on successful authentication, 'validate' returns 204 No Content. on unsuccessful authentication, server returns 400 Bad Request.

- Z
print add/read comments

Permalink: code.html
Words: 184
Location: Buffalo, NY

10/26/07 12:42 - 47ºF - ID#41808

picking a scab

You know, I just can't fucking leave well enough alone. This morning (e:paul) mailed me a short Surebert script to do logins, which works, yet I'm still hacking this HTTP auth problem. Stay The Course, right?

But I got it solved. 1: Never send 401 Unauthorized without a WWW-Authenticate header. It's not allowed, and you'll get what you deserve. RFC 2617 briefly mentions using 400 Bad Request to report miscellaneous failures to the browser, and sure enough, that resets Safari. 2: If the script detects a failure, send another request to the same URL using a bogus username. This will of course fail, resetting Firefox in the process [thanks (e:kookcity2000)]. I think that's a gruesome hack, but if it works it works.

Why do I care about HTTP authentication? Most importantly, I want to support authenticated, noninteractive web services [specifically an authenticated RSS feed]. Since this code will have to live in my server somewhere, I might as well get some mileage out of it. HTTP Digest is often overlooked but it's a nice middle ground between static hashes [which are plaintext-equivalent] and full-blown encryption [CPU load].

Source code available upon request.

- Z

print add/read comments

Permalink: picking_a_scab.html
Words: 198
Location: Buffalo, NY

10/24/07 10:18 - 50ºF - ID#41787

dorky geek question

Don't bother reading unless you give at least a quarter of a shit about XMLHttpRequest and HTTP authentication.

Here's a stupid geek trick. The correct login information for this is user="user", password="password". Give it the wrong password [it will say something like 401 Unauthorized, user="user", password="bogus"]. Then give it the right password and try again - it will keep sending the wrong password. This happens in both Firefox and IE; Safari has a slightly different bug.

Here's the sitch: I have an XMLHttpRequest going out to a password-protected resource. The credentials are supplied by the user and thus they are likely to be wrong some of the time. The script is designed to gracefully handle authentication failure - specifically, I want to avoid the crappy infinite HTTP authentication dialog box loop. I'd think that this issue would come up from time to time, but I guess it doesn't because this is really hairy:

XMLHttpRequest states "If authentication fails, user agents SHOULD prompt the users for credentials."

To work around this, Paul James suggests returning 401 Unauthorized without the mandatory WWW-Authenticate header. In theory, this tells the browser to stop trying and forget the password. The browser does, in fact, stop trying, but it also goes into a weird undefined state where it continues to issue the old [incorrect] password despite instruction to the contrary. [Safari instead puts up the dialog on the next request, even if credentials are provided.]

HTTP/1.1 states "If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity might include relevant diagnostic information." - ie, reissue the same challenge to indicate to the browser that it should give up. As near as I can tell, not a single browser has ever done that.

HTTP/1.1 also gives us 403 Forbidden: "Authorization will not help and the request SHOULD NOT be repeated." This response has the same bizarre effects as 401 without WWW-Authenticate.

I'm actually kind of an AJAX newb, so ... does anyone have any recommendations?

- Z

print add/read comments

Permalink: dorky_geek_question.html
Words: 387
Location: Buffalo, NY

Category: fun

10/17/07 01:00 - 67ºF - ID#41688

more halloween fun

OK I admit it, I'm too cool for school. I don't like getting dressed up for Halloween. I think costume parties are lame. One year we sat at home with all the lights out so nobody would try to trickortreat us. And secretly I always thought that people who professed to like Halloween better than Christmas were just trying to fit in with the kids who don't fit in.

But this year it seems like there's a lot of fun stuff happening. Consider this, first off, a bump for "Nosferatu," below.

At the other end of the film spectrum, Regal Transit is going to be screening The Nightmare Before Christmas in 3-D this year. [I was initially surprised that they'd taken the expense of shooting in 3-D if they weren't going to distribute as 3-D ... but alas, this is yet another film digitally altered by ILM. Thank you George Lucas!]

::Download Flash Video::

[Woah, rerecompression. I hear Flash 9 is going to have native support for H.264?]

Is everyone familiar with fundamentalist Christian haunted houses? Alleyway Theatre bought a copy of the 'official' script and is presenting "Hell House Buffalo" upstairs of the costume store/bike shop at 745 Main. Todd Warfield (Reefer Madness), director: "I've changed very, very little of it. The challenge for us is to perform it sincerely." I've always been sort of morbidly curious of the spectacle, and now that I know the money is going to a good cause and I won't get evangelized at too much, I think we're going to go check it out. With local celebrities as Guest Satans, how can you go wrong?

- Z

print add/read comments

Permalink: more_halloween_fun.html
Words: 276
Location: Buffalo, NY

Category: movies

10/12/07 10:57 - 47ºF - ID#41609


On January 16, 1926, the brand-new Shea's theater opened to great fanfare with a screening of "The King on Main Street." The baroque-decorated movie theater, seating 4,000 and incorporating imported Czech crystal chandeliers, was erected at a cost of $3 million [approximately $30 million today].

Five months later, the German silent film 'Nosferatu, eine Symphonie des Grauens [a Symphony of Horror]' made its American debut. Nosferatu paved new ground, being one of the first German Expressionist films and the first [albeit unauthorized] screen adaptation of Dracula. It's still pretty fucking creepy.

On Tue 30 Oct at 7:30p, Shea's will once again screen Nosferatu, with a musical accompaniment by the Devil Music Ensemble [admission $15.50]. I am going and so should you. That goes double for the non-(e:peeps) who read this, and triple for the Buffalo n00bz who have never been to Shea's.

Let me know who's in [non-peeps can email me], I'll run down to the box office & pick up tix.

- Z

print add/read comments

Permalink: nosferatu.html
Words: 161
Location: Buffalo, NY

Category: a series of tubes

10/10/07 01:51 - 59ºF - ID#41574

little bobby tables

There's no way I'm the only person here who thinks this is super funny.

[(e:dragonlady7)'s previous place of employment made a database system for nursing homes. They released an update and started getting complaints from their clients that they couldn't enter Irish patients. It took them a little while to figure out that the backend was tripping over O'Malley.]

- Z
print add/read comments

Permalink: little_bobby_tables.html
Words: 66
Location: Buffalo, NY

Category: a series of tubes

10/06/07 09:41 - 71ºF - ID#41523


- Z
print add/read comments

Permalink: _.html
Words: 6
Location: Buffalo, NY

Category: mental health

10/04/07 12:18 - 73ºF - ID#41491

future perfect & quantum mechanics

The future perfect tense (WIKIPEDIA - Future perfect tense) is used when, at a certain time in the future, you will be able to look back in the past and say that the event happened. It's a somewhat esoteric construction, but it does come up occasionally: by this time next year, i will have made a million dollars.

The Copenhagen interpretation of quantum mechanics (WIKIPEDIA - Schrodinger's cat) states that all of the possible outcomes of an experiment - even if contradictory - are true until the outcome is observed. This is a purely theoretical thought experiment, since it can only be validated by observation and it's not possible to observe an experiment before it has been observed. Thank you, Bohr and Heisenberg, for being such jackoffs.

Which brings me to the point I was trying to make: health insurance. We signed up for Healthy NY and our coverage took effect 1 August. We were shuffling around finances at the time, and missed our first bill. We received a notice postmarked 10 September saying that they'd cancelled our coverage effective 1 Sept, and if we wanted to continue coverage we'd have to pay for coverage received and prepay one month's worth. I sent the payment off, but upon further inspection I thought, damn this is a lot of money. Instead of the two months' payment I had expected [August, the payment we missed, and October, the prepayment], it was for three months. So I called.

Me: Am I covered?
Z: OK, I sent my payment 27 Sept. How long will that take to process?
U: Couple days, don't worry about it. Any other questions?
Z: Yeah, so I [explain the situation]. August and October I understand, but where does this third month come in?
U: That's for September.
Z: OK, but I got a letter saying that I wasn't covered in September.
U: Because you didn't pay.
Z: Right. So what am I paying for?
U: August, September and October.
Z: What about this letter I got?
U: When your payment goes through, you will have been covered for September.
Z: Woah, hold on. When I was told I didn't have insurance I canceled my doctors appointments. [Not true but it could be.]
U: We would have covered them.
Z: But you dropped my coverage.
U: We would have covered them once the payment went through.
Z: OK. So let's say I broke my leg today.
U: You are not covered, but once your payment goes through you will have been covered.
Z: So am I covered today or not?
U: You are not covered for today. But once your payment goes through you will have been covered for today.
Z: I don't understand. Was I covered in September or not?
U: You are not yet covered for September, but once we receive your payment you will have been covered.
Z: So this letter I got ... was I actually dropped or not?

And I basically just talked in circles for fifteen minutes with two separate customer service representatives until we reached an agreement: that I am completely incapable of understanding my own health insurance coverage.

- Z

print add/read comments

Permalink: future_perfect_amp_quantum_mechanics.html
Words: 522
Location: Buffalo, NY



New Site Wide Comments

paul said to mike
You are welcome!...

mike said to paul
i'm glad you documented this. I was actually looking for a picture but came across this and am glad ...

mike said to paul
i'm glad you documented this. I was actually looking for a picture but came across this and am glad ...

mike said to paul
i'm glad you documented this. I was actually looking for a picture but came across this and am glad ...