JRaccoon

Just a lvl 27 guy from 🇫🇮 Finland. Full-stack web developer and Scrum Master by trade, but more into server-side programming, networking, and sysadmin stuff.

During the summer, I love trekking, camping, and going on long hiking adventures. Also somewhat of an avgeek and a huge Lego fanatic.

  • 7 Posts
  • 144 Comments
Joined 2 years ago
cake
Cake day: June 20th, 2023

help-circle
  • JRaccoontoAsk@lemm.eeWhat's a skill you'd like to develop?
    link
    fedilink
    English
    arrow-up
    2
    ·
    4 hours ago

    Drawing. And maybe some calligraphy. I take shifts at the local cafeteria during summers and we have a markerboard thingy outside to display our opening hours, daily special discounts and whatnot. I’ve seen others write on it with beautiful lettering and then decorating it with cool doodles. I tried it once and let’s just say it didn’t turn out well…








  • They can include runnable JavaScript too, which can cause vulnerabilities in certain contexts. One example from work some years back: We had a web app where users could upload files, and certain users could view files uploaded by others. They had the option to download the file or, if it was a file type that the browser could display (like an image or a PDF), the site would display it directly on the page.

    To prevent any XSS (scripts from user-provided files), we served all files with the CSP sandbox header, which prevents any scripts from running. However, at the time, that header broke some features of the video player on certain browsers (I think in Safari, at least), so we had to serve some file types without the header. Mistakenly, we also included image files in the exclusion, as everyone through image files couldn’t contain scripts. But the MIME type for SVG files is image/svg+xml… It was very embarrassing to have such a simple XSS vuln flagged in a security audit.





  • I’ve been super busy with work and other things, so I haven’t yet finished the Icons Retro Radio set (10334) I bought already back in January.

    Also, I recently noticed that the cart in the Loop Coaster (10303) seems to get stuck in the lift, and I couldn’t immediately figure out why it’s suddenly happening so that too needs a proper look. Probably some pieces have loosened just enough over time. Should be an easy fix.





  • I don’t have an answer for you, but I can absolutely relate. Some people say something like “find a job you love, and you’ll never work a day in your life.” But for me, it doesn’t work that way. I like my job, have awesome coworkers, and always look forward to the next week. But obviously I’d still rather be doing things I enjoy more. You know, playing that latest video game, finally finishing the Lego set I bought three months ago, hanging out with friends, etc. Two days out of seven just isn’t enough time to do all that, which leads to anxiety about optimizing the little time I have.

    One thing that has helped me somewhat (and I know I’m very privileged to be able to do this) is taking every other Friday off. A two-day weekend versus a three-day weekend makes a huge difference for me. I’m actually considering switching to having every Friday off. But then ofc, there might be the dilemma of having the time to do the things I enjoy but not enough money for them :(


  • Assertive dom. When they make me feel I really don’t have any other options than to submit.

    I’m a switch and brat and subbing doesn’t always come naturally for me. In the beginning of a scene I have a tendency to start ‘topping from the bottom’, even if I consciously try to avoid it, and the dom can’t let that happen. Once I manage to let go, I do absolutely enjoy it and can enter a deep subspace, but I can’t do it without the dom really pushing and “breaking” me first. It’s kinda hard to explain and I don’t even fully understand it myself but at least I know some other top-leaning switches I’ve talked to have had similar experiences.