Bureau of Programming

Articles

“The White Working Class’s Dysfunction”

Kevin D. Williamson, for the National Review, offers a vicious takedown of America’s economically-depressed, bygone towns:

The truth about these dysfunctional, downscale communities is that they deserve to die. Economically, they are negative assets. Morally, they are indefensible.

(Editor’s note: The Bureau is a politics-free space. In keeping with our mission of sharing thoughtful ideas from around the web, we link to this provocative article that touches on economics, libertarianism, and other subjects of interest to our readers.)

Permalink

How to Detect User Log-in Across Browser Tabs

Some sites like GitHub prompt users to refresh the page when they sign in using a different browser tab. This feature is useful for users, who can benefit from the additional user-specific page context, and for site operators, who may receive fewer support inquiries.

Here’s how GitHub’s Web Storage-based implementation works:

  1. Ensure the browser supports the Web Storage API (window.localStorage).

  2. Determine if the user is currently logged-in. For example, GitHub adds a meta element to its HTML responses with the user’s username:

     <meta name="user-login" content="bobsmith">
    

    When a user is not logged-in, the element exists, but the content is empty. (If the element can’t be found, it aborts.)

  3. Set the user’s logged-in status using window.localStorage.setItem.

  4. Monitor storage events by creating an event listener:

     window.addEventListener("storage", function(e){
       // Check for changes to the value of the key that
       // stores the user's logged-in state
     })
    

    Events fire whenever a change is made to the Storage object, but only when that change is made in a different context (e.g., a different browser tab).

  5. In the listener’s callback, check for changes to the value of the key set in step #3. If e.newValue exists and differs from the initial value retrieved on page load, the user has logged-in or logged-out; prompt the user to reload the page.

GitHub’s developers chose to check and store the length of the username (bobsmith) to determine whether the user’s status has changed. This is a good design decision because not only does it detect log-ins and log-outs, but it will also detect most people who have logged-out and then logged-in again as a different user (so long as the lengths of the usernames differ).

They may have chosen not to store and use the username directly so as to reduce the impact of a browser vulnerability exposing this data to an attacker. For an even more sophisticated implementation, consider storing a one-way hash of user’s username to check against.

Permalink

The Best and Worst of OSCON 2017

I attended OSCON 2017 in Austin last week. For me, it was a great opportunity to learn more about GraphQL, Rust, graph databases (Neo4j), site reliability engineering, and NGINX’s caching features.

My favorite session was led by David Celis and Garen Torikian:

From REST to GraphQL: Why a query language is perfect for writing APIs
For years, REST has been the standard architecture for APIs. But a new technology is emerging, one that’s perfect for developing rich, client-friendly APIs: GraphQL. David Celis and Garen Torikian explain why this query language is being adopted by companies like Shopify, Pinterest, and GitHub and show you how you can leverage GraphQL for your own APIs.

As O’Reilly begins to upload the slides and videos from the respective talks, I thought it’d be useful to have a reference to which events were rated most highly. After the break is a table with each tutorial and session listed by their attendees’ mean rating, as shown on their respective event pages. (Unrated events are not listed.)

Continue reading (9 minutes) • Save to Instapaper

PyCon 2017 Videos

PyCon is uploading their 2017 convention to YouTube, 143 videos—over 10,000 minutes of material—and counting.

Permalink

AINT—BAD

With the non-stop hysteria over Google and Facebook smothering the open Web, you’d think there’d be more promotion of what good people are still writing and cataloging on small, independent sites. The smart way to convince people to leave the walled garden is to showcase all the hidden, unmanicured gems outside of it. Today, we’re doing our part by linking to AINT—BAD.

AINT—BAD is an independent collective and publisher of new photographic art out of Savannah, GA. The site showcases one or two contemporary photographers and their work every day (e.g., Cody Cobb).

Permalink

“Kill Google AMP”

Scott Gilbertson, writing for The Register, on Google’s Accelerated Mobile Pages (AMP) project:

What [AMP] is, is a way for Google to obfuscate your website, usurp your content and remove any lingering notions of personal credibility from the web.

AMP is a lousy deal for everyone except Google.

Permalink

Ajit Pai Is A Traitor

Legitimate news sources have to walk a fine line between reporting the news and providing candid assessments of current events. Good media outlets can’t always call it like they see it, because they want to stay above the fray and avoid accusations of bias.

In no recent case is that more clear than with the new FCC chairman Ajit Pai, whose behavior is so self-serving and disgusting that it deserves special attention here. In a nutshell, Pai is not just a corporate shill and a scumbag, he’s a traitor. His systematic and indifferent deference to corporate interests—like those of his former employer Verizon—above the public interest is not just disgusting, it should be criminal.

Most public servants busy themselves with things traditionally thought of in the public good: improving the environment, helping disabled persons, delivering the mail. Pai, on the other hand, accepts a paycheck from the U.S. taxpayer, and enables ISPs to sell your web-browsing history, works on dismantling network neutrality, and guts expanding broadband access.

He’s so completely absorbed with manipulating the political system to help giant telecom companies that he has no plans to strike phony anti-net neutrality comments from dead or impersonated persons. Of course, Pai will argue he’s facilitating the free market:

[By] imposing those heavy-handed economic regulations on Internet service providers big and small, we could end up disincentivizing companies from wanting to build out Internet access to a lot of parts of the country, in low-income, urban and rural areas, for example.

But just what kind of market competition exists when the majority of Americans have access to, at most, two broadband ISPs? And how does allowing Verizon and Comcast to charge tolls to access certain parts of the web fix that?

People have few ISP options not only because the network build-out itself is expensive but because existing providers bribe or manipulate government officials into creating artificial anticompetitive barriers: They outlaw municipal networks. They restrict access to electric poles. Frankly, if a company whose technical and financial resources as extraordinary as Google’s cannot compete in this industry, the system must be rigged.

I pity the mainstream media. They are all but forced to reprint Pai’s bullshit arguments about him caring about low-income people. But the truth is he’s so interested in helping his rich telecom benefactors that he’ll merrily defend his actions on the backs of impersonated dead people. He’s said so himself.

Permalink