<maurer>
refreshign loads properly, but there's some kind of error robustness oddity going on there
<maurer>
(this was tinytinyrss in case that's relevant)
<dwrensha>
was this on your server or on one of ours (Alpha or Oasis)?
<maurer>
This was on mine
wat has quit [Quit: a]
<jeffmendoza>
Is anyone at oscon this week?
wat has joined #sandstorm
larjona has joined #sandstorm
NOTevil has joined #sandstorm
<larjona>
hi paulproteus! No luck today with the borrowed machine. vagrant-spk up fails to boot the machine. Tried with virtual box and I obtain an error: "VT-x is not available. (VERR_VMX_NO_VMX)." I think the hardware if this machine is not capable of virtualization. I've tried to edit the .vbox files to disable hardware virtualization as explained here: https://aminsblog.wordpress.com/2012/05/27/vt-x-is-not-available-ve/ but with no luck. I
<larjona>
have no physical access to the machine until tomorrow, to see if I can enable virtualization instructions in the BIOS (year 2006, so not sure...)
<paulproteus>
Oh, huh.
<paulproteus>
Let me look this up a bit too.
<paulproteus>
Looks like you might be able to set "long mode" to off, and that mightmake it work.
<paulproteus>
Yeah, hmm, apparently VirtualBox won't emulate a 64-bit system on a 64-bit system unless you have VT-x on your CPU.
<larjona>
I think I got it
<paulproteus>
Got it, like understand it, or got it, like got it to work?
<larjona>
disabled PAE/NX in virtualbox virtual machine settings, and it seems it boots. Now I'll try with vagrant-spk up
<paulproteus>
Oh fascinating.
<larjona>
no, bad luck
<larjona>
Ok, let's see what happens first: testdisk finishing recovering data from my broken disk, or tomorrow morning :) Sorry that it's taking so long to finish the 5 minutes tutorial! It's not your nor Sandstorm.io fault :)
<paulproteus>
Good luck with the broken disk + no worries re: tutorial. You're running into problems I hadn't even though of, which is honestly quite useful.
<larjona>
Well hardware is very old around me. I'll try to use my desktop at work, but not sure I can connect to it from here now. Tomorrow I'll have a solution
larjona has quit [Quit: Konversation terminated!]
<paulproteus>
jparyani: Does TinyTinyRSS do bookmarklets? If so, should I write a note about that in docs.sandstorm.io ?
mort___ has joined #sandstorm
larjona has joined #sandstorm
mort___ has quit [Quit: Leaving.]
jadewang has joined #sandstorm
bb010g has joined #sandstorm
jadewang has quit [Remote host closed the connection]
jadewang has joined #sandstorm
jadewang has quit [Remote host closed the connection]
<paulproteus>
Mountain View, Thu AUg 6: First South Bay Sandstorm meetup!
<jadewang_>
Yay!
larjona has quit [Ping timeout: 260 seconds]
<geofft>
paulproteus: you saw the bit in the PSL rules about !, right?
<paulproteus>
Right, yes.
<geofft>
not sure it's super helpful, but you can put *.sandcats.io on the PSL but !www.sandcats.io
<geofft>
also I sort of think the answer to inter-user is to have them use www.user.sandcats.io as their home page, and (maybe automatically?) redirect user.sadcats.io there
<paulproteus>
For sandcats in particular, if *.sandcats.io is in the PSL then username.sandcats.io supposedly can't set cookies for itself.
<geofft>
er, sandcats.io, but sadcats.io would be fun too.
<paulproteus>
Which is the Sandstorm dashboard, which if so, makes life tricky.
<paulproteus>
"obviously" we should require double-wildcards?
<geofft>
you can't do the redirect thing?
<paulproteus>
foobar.tmp.user.sandcats.io
<geofft>
host the dashboard at dashboard.username.sandcats.io?
<paulproteus>
I see, yeah, or "shell.username.sandcats.io".
<geofft>
it can set cookies for itself but not for other apps
<paulproteus>
Or www
<paulproteus>
Yeah, that's fine re: set cookies for itself but not for other apps.
<paulproteus>
I think you're onto something here.
<paulproteus>
I do think it's a little sad to require the www though.
<paulproteus>
But yeah, a redirect could make that not as much of a pain.
<geofft>
if that's _really_ a problem, you can do dumb things involving routing the cookies through something with origin sandcats.io
<geofft>
(being able to forcibly set cookies for apps)
<paulproteus>
(nah, we don't need it thankfully)
<paulproteus>
HOnestly of the two of these, my vote would be for {{randomness}}.tmp.{{username}}.sandcats.io.
<paulproteus>
Then tmp.*.*.sandcats.io could be in PSL? Maybe not; should read about where * can go.
<paulproteus>
Also thanks for taking the time to think through this with me.
<geofft>
I would not expect double-wildcards to work
<geofft>
oh, hm, they're specified as working.
<paulproteus>
Yeah, I just tested them and am kind of shocked.
<paulproteus>
BTW geofft it *seems* that adding the following two rules:
<paulproteus>
*.sandcats.io
<paulproteus>
!sandcats.io
<paulproteus>
allows the magic I want, based on testing with a Python implementation of the PSL algorithm.
<paulproteus>
Going to verify that now against the published algorithm.
<paulproteus>
This would allow us to skip the www trickery that you suggested (which FWIW is in wide use in the current PSL!) and still keep the Sandstorm shell working for users.
<geofft>
I'm not completely convinced the major browsers implement the algorithms 100% faithfully
<paulproteus>
"hush, what could possibly go wrong"
<geofft>
oh, that lets you set sandcats.io cookies but not user.sandcats.io cookies.
<paulproteus>
Also yeah I just realized that, or at least, it lets users set sandcats.io-wide cookies.
<paulproteus>
via user.sandcats.io
<paulproteus>
I mean you could argue that we are only trying to protect users from malicious apps *other* than the shell.
<geofft>
actually, if I'm reading the algorithm right, !sandcats.io just overrides the *.sandcats.io rule
<geofft>
'cause anything.anything.sandcats.io matches sandcats.io, and all exception rules override
<paulproteus>
I think that's inconsistent with the behavior I'm getting from this random Python implementation, but of course, who knows if it's accurate.
<paulproteus>
If I could add Python packages to IPython notebooks I'd share a grain with you.
<paulproteus>
['*.sandcats.io', '!sandcats.io'] seems to be the winner, and if you're right geofft, then it's glorious, and if I'm right, then user.sandcats.io can still set a cookie for sandcats.io but I'm not as worried about that.
wat has quit [Quit: a]
<geofft>
wait, why?
<geofft>
if I'm right, !sandcats.io cancels out *.sandcats.io
<geofft>
so it's like not having a PSL entry at all
<paulproteus>
But session.user.sandcats.io maybe still matches *.sandcats.io!
<geofft>
but session.user.sandcats.io also matches !sandcats.io
<paulproteus>
"the prevailing rule is the one which is an exception rule" <-- I wonder if this dooms me.
<paulproteus>
Hopefully that's useful! I can point to other resources if you have any other questions.
<Nairwolf>
that sounds very great ;)
wat has joined #sandstorm
<paulproteus>
(-:
<Nairwolf>
I hope to not be so rude, I can't really talk a lot right now. And, because I find this interesting and I want to learn more about that, I need to take care to not start ask questions right now.... But, if you're here tonight, I should be more chatty ^^
<paulproteus>
Cool, I might be online later tonight! And it's fine to ask questions and then say "Have to wander off for a while". It's IRC; people wander in and out.
<Nairwolf>
yeah, I know, but I need to stay focus on my actual work. I'm just giving me the right to see boring stuff (in order to get back to my work). If I start to talk or see interesting stuff, I won't start ;)
<Nairwolf>
I won't stop, I mean
* paulproteus
nods
jadewang_ has quit [Remote host closed the connection]