00:30:49 -!- TheLie has quit (Remote host closed the connection). 00:53:39 [[RASEL]] M https://esolangs.org/w/index.php?diff=79488&oldid=79482 * PythonshellDebugwindow * (+14) /* Hello, World! */ rm redirect 01:00:03 -!- imode has joined. 01:06:05 [[Geo]] M https://esolangs.org/w/index.php?diff=79489&oldid=53330 * PythonshellDebugwindow * (-8) Unpipe 01:07:18 [[Scan]] M https://esolangs.org/w/index.php?diff=79490&oldid=53334 * PythonshellDebugwindow * (+5) unpipe ; hd 01:13:56 [[SON-OF-UNBABTIZED]] M https://esolangs.org/w/index.php?diff=79491&oldid=38964 * PythonshellDebugwindow * (+5545) Obligatory sample code 01:17:22 Does the dark mode work for web pages without any CSS specified, or with CSS specified but no colours specified? 01:18:33 [[PUSH]] M https://esolangs.org/w/index.php?diff=79492&oldid=78838 * Expliked * (+4) 01:26:51 -!- LegionMammal978 has joined. 01:28:11 zzo38: In Flipfractal, what happens when you hit an entry-point character from something other than its opposing direction? 01:29:08 E.g., if I enter a V going right, do I exit the + in the parent program going right or going up? 01:29:44 I would not recommend that 01:30:11 Seems needlessly painful 01:33:10 [[Clementine]] https://esolangs.org/w/index.php?diff=79493&oldid=72568 * CatIsFluffy * (+23) done 01:35:05 What is the less painful way of entering a V? 01:35:22 shikhin: from the back 01:35:30 I-I see. 01:35:32 or the front, depending on taste 01:35:59 Wait a second, that page was only saying you were the one who created Memfractal, it was worded confusingly 01:36:16 shikhin: look, I chose not to say it, but you chose to ask 01:36:21 Haha. 01:36:27 It is my fault. 01:36:30 -!- LegionMammal978 has quit (Remote host closed the connection). 01:36:42 oh dear 01:36:46 Looks like we've scared them off 01:37:54 Oh dear. 01:46:58 LegionMammal978: I did not invent Flipfractal, and yes I agree it is worded confusingly. 01:50:01 -!- ais523 has joined. 01:50:21 shachaf: zzo38: there is apparently an unofficial standard for gopher over TLS 01:50:33 -!- Lord_of_Life_ has joined. 01:50:45 it is very simple, too: you just make a TLS connection on port 70 01:51:07 (a gophers server distinguishes between gopher-over-TLS and regular gopher by checking to see whether the first thing the client sends is a TLS handshake) 01:51:10 -!- Lord_of_Life has quit (Ping timeout: 246 seconds). 01:51:52 What's the thing with TLS where the server must identify all the domain names it possibly knows about and then the client checks whether it matches? 01:51:54 -!- Lord_of_Life_ has changed nick to Lord_of_Life. 01:52:02 Rather than the cient saying what domain name it thinks it's accessing. 01:52:07 Seems bizarre to me. 01:52:43 sounds like one of the many variants of SNI 01:52:53 TCP is presumably just a dead end if you want efficient networking protocols. 01:53:03 the basic problem is that in most TLS connections, the server name indication is sent in the clear, so anyone listening in knows what site you're connecting 01:53:10 and there have been various proposals to remedy that 01:53:32 With TLS being one of the reasons. 01:53:48 Hmm, I see, so eavesdroppers know whether I'm connecting to youtube.com vs. google.com or something. 01:53:59 the basic problem is that it's hard to deploy anything like this at a small scale, because with a small hosting company, you can normally figure out which site is being connected to simply from the IP 01:54:09 I guess you might want to keep that information secret, especially with DNS becoming encrypted these days. 01:54:20 so in order to really keep it private, you need a wide range of different sites that are all hosted from the same IP so people aren't sure which is which 01:54:42 Cloudflare apparently added some sort of encrypted SNI recently, because they have the right sort of infrastructure for that 01:55:42 I'm a little surprised that gopher is still being developed nowadays (at least, within the last couple of years) 01:56:01 but apparently some people like it due to the lack of things like JavaScript-based adverts because the protocol can't handle them 01:56:41 Gophers are OK but kitty cats are where it's at, if you ask me. 01:57:11 I think that the web browser is the wrong place to implement encrypted DNS, since DNS is something that you will want many programs to use, not only the web browser. 01:57:15 well, cat has even fewer features than gopher 01:57:50 Is QUIC a good alternative to TCP? 01:59:23 one issue I've discovered with TCP is that in practice, you seem to need to duplicate a lot of TCP functionality to get reliable connections even when you're using TCP 01:59:32 in real life, TCP connections have a tendency to break for no reason 01:59:37 this somehow even happens on localhost 02:00:20 using TLS over TCP increases the frequency at which this happens, but probably just because more data is sent 02:01:27 oh, an idea I had recently: an equivalent of HTTP headers but for files on a filesystem (e.g. in the directory entry for a file) 02:01:41 it struck me that HTTP headers are already a widely used standard for file metadata 02:02:42 Actually, my "httpdirlist" format is similar, using the same format of HTTP headers to make a directory listing format for use with HTTP, with blank lines separating directory entries. 02:03:42 it strikes me as something of a security hole that I can't just put a file in a directory that a web browser serves, and know for certain that it won't get misinterpreted in a format I don't expect and that happens to do something malicious 02:03:47 Perhaps having a file in that format might also be helpful for loading "file:" URLs in a web browser, so that it can know the MIME type of each file. 02:04:06 (e.g. there was an incident on #esoteric a while ago where someone managed a successful XSS attacks against the raw log files, even though they're plaintext) 02:06:31 Yes, but you should fix the HTTP server to specify the correct MIME type, presumably always text/plain for the raw log files 02:06:59 yes, but some browsers will override the MIME type if it appears to be wrong 02:08:02 nowadays there is «X-Content-Type-Options: nosniff» which tells the browser that the MIME type is correct and should not be changed 02:09:13 Use that, then, although I should think that the web browser should never override the MIME type specified by the server unless the user explicitly specifies a different MIME type 02:11:24 apparently this option is not respected by IE < 8 02:11:36 so there would still be a potential for XSS attacks against plaintext files on IE7 and earlier 02:11:38 (does anyone still use those?) 02:14:33 I don't know 02:16:34 ais523: What about HFS forks? 02:18:05 shachaf: Mac filesystems have something similar to the HTTP idea I had 02:18:20 but, I think they used something proprietary to specify file types, not MIME 02:18:25 back when I last looked 02:18:28 maybe they're using MIME nowadays 02:20:48 oh wow, now I'm reading about CORB 02:20:52 and it is kind-of eso 02:21:36 the basic idea is that there are only a few types of thing that can be included into a web page via a cross-origin request, such as scripts and images 02:22:18 so if a web page tries to make a cross-origin request using or