Mar 23

 Maintaining some level of not terrible health at the moment. Despite the ridiculous headwinds.

That being said. Another migraine ghosted around my head again last night. Everytime I strained a muscle or moved odd, my head would throb in sympathy. Fragile. High pressure. Clench your stomach muscles, and your head hurts. Hmmm.

Anywho.

I ate poorly, didn't drink enough, and didn't shift from the computer. It took me half way through the day before I decided to do some work. My interest was piqued, ironically enough, by chatGPT. I asked it to solve a problem I had often turned over in my head. It gave me a sensible boilerplate answer. But it made me dig deeper in the background and try somethings out workwise. Probably time I don't have to spare to be honest, but, it was pursuing best practices.

As it turned out it was a day lost. I worked until 9pm at which point after going full circle I realised that the best solution was no longer feasible. Firefox had closed it off in the name of security.

<TECHNOBABBLE> ( feel free to skip if computers are not your thing )

It turns out, Firefox in particular has stopped allowing cookies to be sent cross site, even when they are expressly confgured to do so, and their security is as good as it gets. Chrome allows this. Firefox does not. The upshot of this is you can no longer follow the strictest of security measures with Firefox to store things like JSON Tokens if you need to go cross site with say cookie authentication. And going cross site is a common requirement if not essential requirement for any kind of modern scalable web architecture.

Why did Mozilla do this ?

To raise privacy levels and stop you being tracked wherever you go around the internet. Because sending a cookie cross site is also an excellent way to follow your progress around the web. Ish.

And Firefox is all about stomping on that. And showing up Google for the marketing shill it is.

Very good. Understandable.

Except.

It's also killed a very important and useful bit of cross site security for a genuine non tracking purpose.

So, in probably any decent web architecture, your websites, apps, client malarkey probably exists on a different domain to your back end. Because. Scalability. Abstraction. Encapsulation.

What this means is often you will find yourself in one domain, but interacting with another. One way of doing that securely is with a http only cookie that is cross site.

Except now Firefox says no.

This is interesting and probably behind a spate of problems I've seen with Firefox occasionally not working on some sites, particularly when it's trying to authorise things like payments or logins cross site. The most recent bug of this I hit was 2 weeks ago, trying to pay for my car parking via app. In firefox it just failed. Hard. I had to resort to chrome. Whilst I can't be sure ( not my monkeys, not my circus ), I think it's the cross site cookie problem.

Many devs - myself included - are/were not aware Firefox now prevents this. Worse still. Firefox is very quiet about this fact. It wont throw errors half the time. Wont tell you anything. It just. Wont work. Silence.

Big yikes.

It would be nice if Firefox threw at least some level of shade out - Oh, by the way, I suppressed your cookie because I DONT LIKE DOING THAT ANYMORE. Ok. Shit. But fair enough.

Like many things web tech wise at the edge, things are a little broken, a little unsatisfactory, a little imperfect and potentially, the next big major headline grabbing flaw. There's a lot of faith that gets put into following the common path, the accepted wisdom and the example I just grabbed off stackoverflow to provide IT solutions. But it's so often the case that when you take time and have the understanding to assess what's going on. It's not good. We are still in many ways, just fumble fucking around and producing 100 different ways to skin a cat, many of which end up making the same mistakes that the other 99 ways already hit. Faith. Belief. Tribalism start to heave into view with this stuff. What corporate colours do you wear on your sleeve. Which techs are you best buds with. And which do you despise. Rationality, ironically, often doesn't get a look in. It starts to come down to picking your favourite sports team. Go sports. Down with the other sports team.

IT as a whole isn't a harmonius choir of planning. It's a chaotic knife fight in the dark between geeks with major character flaws, lack of communication skills, high introversion and defensiveness. That's not a put down per se. It's just what it is. Clever prickly people who don't like to be told what to do and have a Better Idea Than You and would prefer not talking to anyone. I mean. Some days. That's me too.

Anywho. The whole cross site cookie malarkey means I spent the better part of a day chasing my tail. Implementing a lovely high security custom JSON Token, only to have it epically fail when run from Firefox. Which. Is unacceptable general solution wise. I am not about to ok a pattern that renders any Firefox users incapable of logging in. Mmm. No.

The workaround to this is either - don't do it as a cookie, pass it as a custom header that Firefox doesn't give a shit about ( ironically you could again use this to track your progress around the internet... jeez... ), or, continually build local proxies for your other domains, and make everything a same site call and avoid cross site cookies. Which. Once again. Could be used to track your progress around the internet.

This is the problem with modern tech. If you know what's going on, it's just so much bullshit. Firefox has blocked cross site cookies to wipe out tracking. Which works. Because everything is doing that. Can you get around it ? Yes. Use something other than cookies. Or. Provide a proxy. Providing a proxy everywhere would cut out a whole bunch of lower level simple operators. At least until someone makes a simple reverse proxy installer. Using something other than cookies however is fairly trivial. But. It obviously does take time to implement. But doesn't stop the problem. It just changes the colour. From red. To blue.

For 5 minutes Firefox gets to crow - we stopped all the tracking. No More Red. Until everyone has adapted and is now Blue. At which point perhaps, Firefox steps in and outlaws Blue. And on we go. Round and round in circles. But in the meanwhile. Causing headaches for genuine non tracking bloody architecture.

The other cool thing about this stuff. Is that the online accepted wisdom is often hilariously... iffy if not downright wrong. Some bits of tech I have implemented in the past - if you check the online consensus, it's impossible. Bzzzt. Wrong answer. Not impossible. Just difficult. And arcane.

But at the end of the day, all the fluff, shouting and contortions just come down to this for web dev :-

Hurr durr, here's a string of info. Hurr durr thank you, here's a string of info back again.

That's it. From web services. To websites. To frameworks. To auth standards. Sockets, streams, handshaking, nonsense. Have a word. Thanks. Have a word back. Thanks. Ha ha. So simple. So much fucking faff to re-engineer that in a hundred ways.

The last 25 years has just been continual refinement, progress, not a little of reinventing the wheel, huffing, puffing and ego to do that.

Sisyphean IT of the ever changing standard to do the same old shit in a new way.

</TECHNOBABBLE>

It took me less time to warm up to work today.

One of the things that landed on my plate has ended up not being an emergency but just a thing that needs to be done. An extension. A new bit. But hair on fire panic management means it has been mistaken for an emergency. No. It never was. Which just highlights the sorry state of affairs we are in.

A lack of planning on your part, does not make for an emergency on my part.

It goes root to branch. Right from the client to us. Arg says the client this is on fire. Arg says Andy this is on fire. Oh I say, you're saying its on fire ! 

You look.

Guys. It's a BBQ. It's supposed to do that. You wanted it to do that.

OH. CAN WE CHANGE IT.

Ok. So. Not a fire at all. Just a I'd like it to do something else now.

Sigh.

Just one part of the nonsense I have to deal with.

In other non work news. My old man was admitted to A & E a few days ago.

Bleeding out of his arse.

Two full toilet fulls ! was the description related by my dad through my brother.

Uh huh.

If you had bled two full toilet bowls of blood out of your arse, you wouldn't be in a state to tell me about it. You'd be dead.

But I get it. A little blood in a toilet bowl looks like a lot of blood. A murder scene. Been there. Done that. Got the T shirt and had a camera shoved up my dick in response.

They've kept the old man in, took their sweet sweet time getting round to him. They took his blood pressure on arrival - which would immediately show if you were bleeding out fatally - decided he looked good and left him to wait.. and wait.. and wait.

He's getting a camera shoved down him at some point. And if it's minor that camera will also cauterise, cut, or whatever is required to stop the bleed.

I am not particularly worried about it. Despite being scary and a massive faff, I don't think it's a major problem. But. It could be. Could be many things, cancer, and on. But. I would have thought they would have caught that before now with the battery of tests he gets these days. But perhaps not. Perhaps I am putting too much faith in the NHS actually being half way competent.

We shall see.

It has frazzled out my brother again.

He seems to be running low on gas these days.

He is also frustrated at the usual antics of the old man. Arguing with the surgeons. Telling them what they should be doing. Apparently the surgeon gave him a dressing down. No you don't know what you're talking about. Shut up. Sit down.

My dad is frustrated about being stuck in a hospital. My brother is frustrated that he is "pacing like a tiger" and threatening to walk out. I get both sides of that. I can honestly say if I was in my dads position I too would probably be none too happy. Shitty NHS. Shitty waits. Nothing gets done. I get it. I also get that my Brother has kind of had enough of it. And just wants to chill and not worry.

My brother is doing a good job. But I don't think the self sacrificing helper comes naturally to him. The difference between me and him. I'd go down in flames and die for someone, no problem. My brother - probably sensibly - less so. He's very arguably the better balanced. Still. Sometimes a martyr is useful.

But I cannot talk. I am not there. My health is shit. I can hardly look after myself. What do I know. My brother is doing good. And has a lot of things to deal with.

Comments

Post a Comment

Popular posts from this blog

Feb 29

 Anxiety is still riding very high. It's sketching me into weird corners and avoidances. Don't like being out of my bedroom. Don't like being away from my bed. Everything is a tangible holding of breath until I can go back to bed. Very sketchy. I am doing something to try not to give into the rampant mini phobias popping up, but, I'm also giving in at times and just retreating to my hole. And sleeping. Today I dropped off my overnight blood ox monitor. I did a bunch of "anti" things that I reckoned would trigger more the worse end of my sleeping spectrum, and it kinda worked. I woke up at 4am groggy and out of it. I dozedly checked my blood ox. 97%. Perhaps it means nothing. Perhaps it means it's not blood oxygen and sleep apnea. I went back to sleep. Anxiety smothering me I went out to drop off the monitor. Outwardly. I just did it. Inwardly, screaming, don't go out, don't go out, I don't want to go out. A sense of dread. A sick feeling. Awful...
Read more

May 9

 Athenas back left leg is limp. Lifeless. Just. Gone. Her right one is only vaguely there, still trying to walk a bit at times. But. No strength. Folded. We have got her up a few times today, to drink, pee, poo. She has got accustomed to being carted around in a sling, her front legs still working. She still looks up. Wants to know what you're eating. She is, as she ever has been, still Athena. Still interested. Still awake. And tomorrow at 11am I take her to put her to sleep. Her legs are gone. Not just an overdid it. They are gone. I do not know or understand how they suddenly went from fine to not fine in 15 minutes. But it has happened. And they show no signs of reversing. Today I made the stupidly hard and fucked up and awful decision to put her to sleep tomorrow. I have crucified myself over it. Today ? Tomorrow ? Monday ? Next week ? Tomorrow. There is no hope. She will not recover. And I will have to snuff out her good life, her beautiful soul, full of curiousity and confid...
Read more

Nov 6

 Wake up at 8.20AM with the sound of next door replacing their bathroom. I cannot begin to describe how deathly awful I feel. Shit scraped from the bottom of the barrel. I check the laptop. Set it up for work. And then collapse back to sleep. I worked for some hours last night. I felt a little better, so, I worked. Midday. Awake again. I come out of a horrible horrible place. Everything aches. My eyes are sealed shut with gunk. A wincing pain somewhere around my stomach like a squeeze accompanies my waking. I often get this now. I feel utterly terrible. I have run out of options and coping strategies. So Trump wins with a fairly convincing win. What's the message ? America really hates women presidents ? If nothing else it's clear a large part of the US is fine with all that Trump represents. It was always going to be this way, if not now then soon. The rump of the US is morally bankrupt, happy to occupy a devoid of principles space, large on religious bigotry and hate. The US ...
Read more