• Log InLog In
  • Register
Liquid`
Team Liquid Liquipedia
EDT 11:06
CEST 17:06
KST 00:06
  • Home
  • Forum
  • Calendar
  • Streams
  • Liquipedia
  • Features
  • Store
  • EPT
  • TL+
  • StarCraft 2
  • Brood War
  • Smash
  • Heroes
  • Counter-Strike
  • Overwatch
  • Liquibet
  • Fantasy StarCraft
  • TLPD
  • StarCraft 2
  • Brood War
  • Blogs
Forum Sidebar
Events/Features
News
Featured News
Team Liquid Map Contest #22: Results and Winners7Code S Season 2 (2026): RO4 and Finals Preview12TL.net Map Contest #22 - Voting & Ladder Map Selection7Code S Season 2 (2026) - RO8 Preview8[ASL21] Finals Preview: Two Legacies21
Community News
ZeroSpace at Steam NextFest - Last free demo20Weekly Cups (June 8-14): Clem and Solar double, PTR tested0RSL: S6 Finals played at BlizzCon 202611Douyu Cup 2026: $20,000 Legends Event (June 26-28)12[BSL22] Non-Korean Championship from 13 to 28 June4
StarCraft 2
General
StarCraft II 5.0.16 PTR Patch Notes may 26th Daily SC2 Player Grid - feedback wanted Is the larve respawn broken? Yamato Cup Series What kind of tool would you be interested in?
Tourneys
Douyu Cup 2026: $20,000 Legends Event (June 26-28) GSL CK #4 20-21th June Sparkling Tuna Cup - Weekly Open Tournament Master Swan Open (Global Bronze-Master 2) Crank Gathers Season 4: BW vs SC2 Team League
Strategy
[G] Having the right mentality to improve
Custom Maps
Work In Progress Melee Maps [D]RTS in all its shapes and glory <3
External Content
The PondCast: SC2 News & Results Mutation # 531 Experimental Artillery Mutation # 530 One For All Mutation # 529 Opportunities Unleashed
Brood War
General
BGH Auto Balance -> http://bghmmr.eu/ STARCRAFT MOVIE - Last Night at the Command center BW General Discussion Battle cruiser feet vs Carrier fleet Fact based Zerg Upgrade Tier List
Tourneys
CSLAN 4 is Coming! [Megathread] Daily Proleagues Small VOD Thread 2.0 The Casual Games of the Week Thread
Strategy
Why doesn't anyone use restoration? Simple Questions, Simple Answers Relatively freeroll strategies Creating a full chart of Zerg builds
Other Games
General Games
Beyond All Reason Stormgate/Frost Giant Megathread Nintendo Switch Thread Path of Exile ZeroSpace at Steam NextFest - Last free demo
Dota 2
Looking for a Dota Mentor Official 'what is Dota anymore' discussion
League of Legends
Heroes of the Storm
Simple Questions, Simple Answers Heroes of the Storm 2.0
Hearthstone
Deck construction bug
TL Mafia
Vanilla Mini Mafia
Community
General
US Politics Mega-thread Russo-Ukrainian War Thread [H]Internet/Gaming Cafe Tips and Tricks The Games Industry And ATVI UK Politics Mega-thread
Fan Clubs
The HerO Fan Club! The herO Fan Club!
Media & Entertainment
Movie Discussion! [Req][Books] Good Fantasy/SciFi books [TV/BOOK] *SPOILERS* Game of Thrones Discussion
Sports
2024 - 2026 Football Thread McBoner: A hockey love story TeamLiquid Health and Fitness Initiative For 2023 Formula 1 Discussion Cricket [SPORT]
World Cup 2022
Tech Support
Computer Build, Upgrade & Buying Resource Thread Facing Challenges in Mobile App Development
TL Community
The Automated Ban List
Blogs
ICO Development for AI, G…
Joshlittle
How To Predict Tilt in Espor…
TrAiDoS
An Exploration of th…
waywardstrategy
I'm an arrogant trash talke…
FlaShFTW
Gauntlet SC2: A Retrospectiv…
Ctone23
Customize Sidebar...

Website Feedback

Closed Threads



Active: 7536 users

The Big Programming Thread - Page 1012

Forum Index > General Forum
Post a Reply
Prev 1 1010 1011 1012 1013 1014 1032 Next
Thread Rules
1. This is not a "do my homework for me" thread. If you have specific questions, ask, but don't post an assignment or homework problem and expect an exact solution.
2. No recruiting for your cockamamie projects (you won't replace facebook with 3 dudes you found on the internet and $20)
3. If you can't articulate why a language is bad, don't start slinging shit about it. Just remember that nothing is worse than making CSS IE6 compatible.
4. Use [code] tags to format code blocks.
kalitoma40
Profile Joined November 2019
Italy1 Post
Last Edited: 2019-11-05 21:20:58
November 05 2019 21:20 GMT
#20221
Bot edit.

User was banned for this post.
roma
WarSame
Profile Blog Joined February 2010
Canada1950 Posts
Last Edited: 2019-11-07 17:36:17
November 07 2019 17:35 GMT
#20222
When designing an API where you have child objects, how do you send your responses?

Say I have a Debate, which has children Arguments.

  1. I could pass back all Arguments in a list back with my Debate, but I could have a large number of Arguments.
  2. I could pass back Argument IDs, then query each Argument separately.
  3. I could pass nothing, then query for all arguments of my particular Debate


What is your preferred method?

Currently I'm trying 3, and using an endpoint like /api/d/<debate_id>/a/ to query it. Is there a potentially better URI format to use?
Can it be I stayed away too long? Did you miss these rhymes while I was gone?
tofucake
Profile Blog Joined October 2009
Hyrule19221 Posts
November 07 2019 18:58 GMT
#20223
generally you want to be as verbose as possible, you don't want people to have to guess at what an endpoint is for, so 
/api/debate/<debate_id>/argument/<argument_id>/<action>


What I'd do in this particular situation would be something like
GET /api/argument
    Headers: debate_id, date, time, for, against, etc, where each is a different property that an Argument can have
    Return: a filtered list with all arguments that match all filters, where passing no filters returns all arguments, and having debate_id be required

GET /api/argument/<argument_id>
    Headers: debate_id, date, time, for, against, etc, where each is a different property that an Argument can have
    Return: a filtered list with all arguments that match all filters, where passing no filters returns all arguments, and having debate_id be required, as well as having the specified argument_id

Liquipediaasante sana squash banana
WarSame
Profile Blog Joined February 2010
Canada1950 Posts
November 08 2019 00:56 GMT
#20224
I think if you include the action you move from REST more towards RPC. Ideally I'd keep this all RESTful.

By headers are you referring to query params? I could do that but I'm not sure why I should prefer that vs. a fully qualified URI.
Can it be I stayed away too long? Did you miss these rhymes while I was gone?
tofucake
Profile Blog Joined October 2009
Hyrule19221 Posts
November 08 2019 02:17 GMT
#20225
Headers are just cleaner, imo. You can do request params instead, if you'd prefer, I was just saying how I'd do it. Detaching the argument from the debate allows you to do stuff like "give me all arguments made by person X" instead of having to loop over all debates with person X, then getting all the arguments with person X.
Liquipediaasante sana squash banana
WarSame
Profile Blog Joined February 2010
Canada1950 Posts
November 08 2019 04:07 GMT
#20226
Hmmmm, I see what you're getting at. Thanks! I'll consider that too. There's a lot to consider when building an API!
Can it be I stayed away too long? Did you miss these rhymes while I was gone?
Silvanel
Profile Blog Joined March 2003
Poland4767 Posts
November 11 2019 11:03 GMT
#20227
What security concerns should i take into account before rolling out my webpage for limited use for my close friends on a private server?
Pathetic Greta hater.
Manit0u
Profile Blog Joined August 2004
Poland17773 Posts
November 12 2019 14:38 GMT
#20228
On November 11 2019 20:03 Silvanel wrote:
What security concerns should i take into account before rolling out my webpage for limited use for my close friends on a private server?


Standard XSS, SQL injection etc. For sure you want to encrypt passwords if you store them.
Time is precious. Waste it wisely.
Manit0u
Profile Blog Joined August 2004
Poland17773 Posts
November 12 2019 14:38 GMT
#20229
Time is precious. Waste it wisely.
ShoCkeyy
Profile Blog Joined July 2008
7815 Posts
November 12 2019 15:38 GMT
#20230
On November 08 2019 13:07 WarSame wrote:
Hmmmm, I see what you're getting at. Thanks! I'll consider that too. There's a lot to consider when building an API!


You should also take a look into GraphQL, for readability it’s far far superior than REST.
Life?
Excludos
Profile Blog Joined April 2010
Norway8263 Posts
Last Edited: 2019-11-12 18:52:13
November 12 2019 18:50 GMT
#20231
On November 12 2019 23:38 Manit0u wrote:
Show nested quote +
On November 11 2019 20:03 Silvanel wrote:
What security concerns should i take into account before rolling out my webpage for limited use for my close friends on a private server?


Standard XSS, SQL injection etc. For sure you want to encrypt passwords if you store them.


The one and only solution for any programmer that doesn't work in a large corporation with their own needs: Never ever store user credentials. There's just too many fall pits. Just use OAuth instead.

If you're at the point where you're unsure how you should store user details, and then go ahead and do it anyways, I can promise you will hack your website within the hour. What I can do from there just depends on how many mistakes you've done.
Manit0u
Profile Blog Joined August 2004
Poland17773 Posts
Last Edited: 2019-11-12 21:04:36
November 12 2019 21:01 GMT
#20232
On November 13 2019 03:50 Excludos wrote:
Show nested quote +
On November 12 2019 23:38 Manit0u wrote:
On November 11 2019 20:03 Silvanel wrote:
What security concerns should i take into account before rolling out my webpage for limited use for my close friends on a private server?


Standard XSS, SQL injection etc. For sure you want to encrypt passwords if you store them.


The one and only solution for any programmer that doesn't work in a large corporation with their own needs: Never ever store user credentials. There's just too many fall pits. Just use OAuth instead.

If you're at the point where you're unsure how you should store user details, and then go ahead and do it anyways, I can promise you will hack your website within the hour. What I can do from there just depends on how many mistakes you've done.


For simple stuff storing user creds is perfectly fine. Especially that most major frameworks have pretty good libraries to handle that (where they encrypt your passwords - default is bcrypt, don't show them in logs etc.), even for API development you have libraries to handle JWT and other authentication methods. There are also plenty of libraries for authorization, but that's another matter.

If he's new to that it'll be easier to use such things than setting up OAuth and integrating with third party authentication providers (where you add more traffic, need to set things up on the third party's side of things, have to think about stuff like how to revoke tokens, different authentication flows and the like, it's not beginner level endeavour).
Time is precious. Waste it wisely.
Excludos
Profile Blog Joined April 2010
Norway8263 Posts
Last Edited: 2019-11-13 07:46:17
November 13 2019 07:45 GMT
#20233
On November 13 2019 06:01 Manit0u wrote:
Show nested quote +
On November 13 2019 03:50 Excludos wrote:
On November 12 2019 23:38 Manit0u wrote:
On November 11 2019 20:03 Silvanel wrote:
What security concerns should i take into account before rolling out my webpage for limited use for my close friends on a private server?


Standard XSS, SQL injection etc. For sure you want to encrypt passwords if you store them.


The one and only solution for any programmer that doesn't work in a large corporation with their own needs: Never ever store user credentials. There's just too many fall pits. Just use OAuth instead.

If you're at the point where you're unsure how you should store user details, and then go ahead and do it anyways, I can promise you will hack your website within the hour. What I can do from there just depends on how many mistakes you've done.


For simple stuff storing user creds is perfectly fine. Especially that most major frameworks have pretty good libraries to handle that (where they encrypt your passwords - default is bcrypt, don't show them in logs etc.), even for API development you have libraries to handle JWT and other authentication methods. There are also plenty of libraries for authorization, but that's another matter.

If he's new to that it'll be easier to use such things than setting up OAuth and integrating with third party authentication providers (where you add more traffic, need to set things up on the third party's side of things, have to think about stuff like how to revoke tokens, different authentication flows and the like, it's not beginner level endeavour).


Easier, yes, but vulnerable. If it's just for fun and you don't care about potentially being hacked, then by all means go ahead. We've all made sites like that. As long as you know it's vulnerable and have nothing to lose.
R1CH
Profile Blog Joined May 2007
Netherlands10342 Posts
November 13 2019 15:42 GMT
#20234
On November 12 2019 23:38 Manit0u wrote:
Show nested quote +
On November 11 2019 20:03 Silvanel wrote:
What security concerns should i take into account before rolling out my webpage for limited use for my close friends on a private server?


Standard XSS, SQL injection etc. For sure you want to encrypt passwords if you store them.

You should be hashing passwords using a modern algorithm like Argon2id, not encrypting them. Big difference.
AdministratorTwitter: @R1CH_TL
TL+ Member
JimmyJRaynor
Profile Blog Joined April 2010
Canada17622 Posts
November 17 2019 18:24 GMT
#20235
The Casualty Actuaries I work for are laughing at all the money wasted on dumb Data Science projects.

Ray Kassar To David Crane : "you're no more important to Atari than the factory workers assembling the cartridges"
Manit0u
Profile Blog Joined August 2004
Poland17773 Posts
November 17 2019 20:13 GMT
#20236


Really fun watch. Made me chuckle really hard.
Time is precious. Waste it wisely.
Manit0u
Profile Blog Joined August 2004
Poland17773 Posts
November 18 2019 10:41 GMT
#20237
This cracked me up:

https://twitter.com/chrisalbon/status/1196136359636815872?s=20
Time is precious. Waste it wisely.
Deleted User 3420
Profile Blog Joined May 2003
24492 Posts
November 21 2019 22:06 GMT
#20238
I had an assignment in my security class. Part of it was to implement openssl in C and encrypt a message file. Then we also hash that file using SHA.

I missed both of those parts. Apparently an automated script was checking the hash and ciphertext, and it didn't catch stuff like whitespace or newlines or something. So I checked, and my hash was correct.

I informed the TAs of the error (which happened to lots of students). They then gave me the points back for the SHA portion.

But I didn't get any points for the encryption part. So my question is, if I encrypted the message and then hashed the ciphertext, and the SHA hash was correct, then doesn't that mean that the ciphertext must have also been done correctly?
Nesserev
Profile Blog Joined January 2011
Belgium2760 Posts
November 22 2019 09:48 GMT
#20239
--- Nuked ---
Deleted User 3420
Profile Blog Joined May 2003
24492 Posts
November 22 2019 16:21 GMT
#20240
On November 22 2019 18:48 Nesserev wrote:
Show nested quote +
On November 22 2019 07:06 travis wrote:
But I didn't get any points for the encryption part. So my question is, if I encrypted the message and then hashed the ciphertext, and the SHA hash was correct, then doesn't that mean that the ciphertext must have also been done correctly?

Yes.


ok thanks thought so
this post was more a sanity check than anything
Prev 1 1010 1011 1012 1013 1014 1032 Next
Please log in or register to reply.
Live Events Refresh
Next event in 54m
[ Submit Event ]
Live Streams
Refresh
StarCraft 2
ByuN 367
Rex 101
RushiSC 30
StarCraft: Brood War
Calm 8417
firebathero 3557
Shuttle 1680
Horang2 1289
EffOrt 1042
Soulkey 459
Soma 369
Light 306
Snow 249
actioN 220
[ Show more ]
Mong 172
hero 133
Leta 119
Rush 104
Sharp 75
Hyun 61
Sea.KH 54
Free 52
Killer 46
Terrorterran 39
scan(afreeca) 35
ToSsGirL 32
Sacsri 20
Movie 19
Hm[arnc] 18
JulyZerg 16
zelot 12
Rock 11
Dota 2
qojqva2370
Dendi1275
syndereN290
420jenkins56
Counter-Strike
Sick210
adren_tv101
kRYSTAL_84
Heroes of the Storm
MindelVK7
Other Games
hiko1141
B2W.Neo915
Lowko529
byalli345
amsayoshi56
Trikslyr23
BEARDiaguz17
Organizations
Dota 2
PGL Dota 2 - Secondary Stream6081
PGL Dota 2 - Main Stream5848
Other Games
gamesdonequick756
WardiTV424
StarCraft 2
Blizzard YouTube
StarCraft: Brood War
BSLTrovo
[ Show 12 non-featured ]
StarCraft 2
• AfreecaTV YouTube
• intothetv
• Kozan
• IndyKCrew
• LaughNgamezSOOP
• Migwel
• sooper7s
StarCraft: Brood War
• BSLYoutube
• STPLYoutube
• ZZZeroYoutube
League of Legends
• Nemesis1691
• TFBlade754
Upcoming Events
Monday Night Weeklies
54m
Sparkling Tuna Cup
18h 54m
The PondCast
1d 18h
Douyu Cup 2020
2 days
Oliveira vs Trap
Jieshi vs XY
soO vs FanTaSy
TY vs Coffee
Douyu Cup 2020
3 days
Neeb vs Impact
MacSed vs Cyan
Scarlett vs Kelazhur
INnoVation vs Dear
Douyu Cup 2020
4 days
Maestros of the Game
4 days
herO vs Classic
Maru vs Serral
BSL22 NKC (BSL vs China)
4 days
Douyu Cup 2020
5 days
BSL22 NKC (BSL vs China)
5 days
[ Show More ]
Online Event
5 days
RSL Revival
6 days
RSL Revival
6 days
WardiTV Weekly
6 days
Liquipedia Results

Completed

Acropolis #4
WardiTV Spring 2026
Heroes Pulsing #2

Ongoing

IPSL Spring 2026
CSCL: Masked Kings S4
YSL S3
BSL 22 Non-Korean Championship
CSL Season 21: Qualifier 1
SCTL 2026 Spring
Maestros of the Game 2
Murky Cup 2026
IEM Cologne Major 2026
Stake Ranked Episode 2
CS Asia Championships 2026
Asian Champions League 2026
IEM Atlanta 2026
PGL Astana 2026
BLAST Rivals Spring 2026
IEM Rio 2026
PGL Bucharest 2026

Upcoming

CSL Season 21: Qualifier 2
CSL 2026 Summer (S21)
CSLAN 4
Blizzard Classic Cup 2026
Kung Fu Cup 2026 Grand Finals
RSL Revival: Season 6
CranK Gathers Season 4: BW vs SC2 Team League
HSC XXIX
Douyu Cup 2026
BCC 2026
Light Tournament 2026
Eternal Conflict S2 Finale
Eternal Conflict S2 E1
Heroes Pulsing #3
BLAST Open Fall 2026
Esports World Cup 2026
BLAST Bounty Summer 2026
BLAST Bounty Summer Qual
Stake Ranked Episode 3
XSE Pro League 2026
TLPD

1. ByuN
2. TY
3. Dark
4. Solar
5. Stats
6. Nerchio
7. sOs
8. soO
9. INnoVation
10. Elazer
1. Rain
2. Flash
3. EffOrt
4. Last
5. Bisu
6. Soulkey
7. Mini
8. Sharp
Sidebar Settings...

Advertising | Privacy Policy | Terms Of Use | Contact Us

Original banner artwork: Jim Warren
The contents of this webpage are copyright © 2026 TLnet. All Rights Reserved.