8 – What does “The provided host name is not valid for this server” mean?

This error message is coming from a feature that was added to Drupal 8 to protect against HTTP Host header attacks. The feature is also described in the change record that was generated for the patch.

Essentially, it was possible to spoof the HTTP Host header for nefarious purposes, and trick Drupal into using a different domain name in several subsystems (particularly link generation). In other words, the HTTP Host header needs to be considered user input, and not trusted.

To combat this, a new setting, $settings('trusted_host_patterns'), was added to Drupal 8 to configure a list of “trusted” hostnames that the site can run from. The setting needs to be an array of regular expression patterns, without delimiters, representing the hostnames you would like to allow to run from.

For example, if you are running your site from a single hostname “www.example.com”, then you should add this to your settings (usually found at ./sites/default/settings.php):

$settings('trusted_host_patterns') = array(
  '^www.example.com$',
);

Note the ^, ., and $. These are PCRE Syntax. These just mean that you want to match “www.example.com” precisely, with nothing extra at the beginning and end, and that the dots should be treated as dots and not wildcard characters.

If you are running from “example.com”, then just use:

$settings('trusted_host_patterns') = array(
  '^example.com$',
);

If you need to run a site of multiple domains and/or subdomains, and are not doing canonical URL redirection, then your setting would look something like this:

$settings('trusted_host_patterns') = array(
  '^example.com$',
  '^.+.example.com$',
  '^example.org',
  '^.+.example.org',
);

This allows the site to run off of all variants of example.com and example.org, with all subdomains included.

Once you adjust $settings('trusted_host_patterns') to the proper value, you should be able to browse to your site again.

You can also check on the status of your trusted host settings from the status report page, which is at admin/reports/status

If you remove the setting altogether, the trusted host mechanism will not be used, and you will see an error on the status report page. In addition, your site may also be vulnerable HTTP Host header attacks.

If you have this setting configured and are seeing this message, then it probably means you have messed up the regular expression syntax. In this case, take the first example, and copy/paste into your settings, and then edit it to reflect the hostname your site runs from.

Test for OU-Process

Suppose that I’m given a sample from time-series $(x_n)_{n=1}^N$ and want to decide if it comes from an OU process or not. Is there a (rigorous) test I can use?

So far, everything I’ve seen is hand-wavy…

c# – System Design – ASP.Net MVC Preparations

I’m about to start an asp.net mvc project with Repositorty-Service pattern and I’m first gathering information. Therefore I’ve got few questions that I need clarification before I start implementing.

In my company, most of the asp.net mvc projects developed by senior developers possess common features such as :

So my questions are :

1) Do I always need a caching mechanism and logging and Security(Encryption – AES…) in an asp.net mvc app?

2) When do I need them? I mean in what situation do I need caching and logging and Security(Encryption)? please give me detailed answer for each for clarification.

3) Is it fine/professional to use in a real-world asp.net project, the default ASP.Net MVC authentication code that gets generated when you create a new asp.net app? as I’m building a quite big asp.net (not very big) web app with Repository-Service pattern and I just want to reuse the default MS ASP.Net authentication (to save me time) instead of writing a new one.

4) Do I need to use SQL Server or MongoDB as database? I know that MongoDB is best suited for scalability but I don’t want to use a library which I’ll be forced to dig in to its library DLL and modify some code in order to make it work, as I don’t want to waste my time as the project is timed.

python – Apply additions on a base array based on date ranges

please roast my code, I hope this is the good place to look for some advice on where I can improve.

Problem definition:

Apply modifications on values depending on date ranges.

Data:

Base array – holds dictionaries in the following format:

({‘date’: 20200101, ‘value’: 1}, {‘date’: 20200102, ‘value’: 2})

Modifier array – holds dictionaries with similar format:

({‘date’: 20200101, ‘value’: 1}, {‘date’: 20200201, ‘value’: 2})

Goal:
Add the respective value of the modifier array to the base array lining up the date ranges. Dates are exclusive, for example when the modifier array contains 2020-01-01 you have to add the value ‘1’ to all values in the base array that have a date less than 2020-01-01. Base array has a lot of elements while modifier array relatively few. In practice this splits the base array into a couple of date ranges. If the last modification date is less than the date in base array no modification is required.

My solution:

This is assuming the comparing of dates will work, I have translated this from perl for an easier read.

mod_index = 0 
mod_size = len(mod_arr)

for elem in base_arr:
  if elem('date') > mod_arr(mod_size - 1)('date'):
    break
  else:
    if elem('date') < mod_arr(mod_index)('date'):
      elem('value') += mod_arr(mod_index)('value')
    else:
      elem('value') += mod_arr(mod_index + 1)('value')
      mod_index += 1

Magento 1.9 Custom extension not displaying block in product view

I have been trying to display a custom template in the product view page in a simple extension but it only works for some references: product.info.additional, product.info.extrahint, product.tooltip and product.info.addtocart.

My app/design/frontend/base/default/layout/productest.xml looks like this. I m trying to display a simple text now but to no success:

<?xml version="1.0"?>
<layout version="0.1.0">
  <catalog_product_view>
    <reference name="product.info">
        <block type="core/text" name="core-text"><action method="setText"><text><!(CDATA(<div>Souh</div>))></text></action></block>
    </reference>

  </catalog_product_view>
</layout>

I have also echoed the block names that are used in the product page:

Array
(
    (0) => product.info.media
    (1) => alert.urls
    (2) => product.info.upsell
    (3) => product.info.additional
    (4) => product.description
    (5) => product.attributes
    (6) => catalog.product.related
    (7) => product.info.addto
    (8) => product.info.sharing
    (9) => product.info.addtocart
    (10) => product.info.extrahint
    (11) => product.info.options.wrapper
    (12) => product.info.options.wrapper.bottom
    (13) => product.info.container1
    (15) => product.info.additional.recurring.schedule
    (16) => product.reviews
    (17) => product.info.simple
    (18) => product.info.availability
)

I don’t understand why not all of them can be extended/referenced when they all appear to be called in the product page.

Thank you in advance for your help.

While Not No Javascript – Stack Overflow em Português

Eu tenho um Script Que Consegue Um Titulo de um Video do YouTube(pra nao precisar usar a API do youtube)
So que eu preciso do While Not Em Uma Parte Do Script So Que O Problema e que o JavaScript Não Tem While Not. Então Alguem Pode Me Ajudar? Script:

function sleep(ms) {

return new Promise(resolve => setTimeout(resolve, ms));
}
async function gettitle(videourl) {
final = “”
video2 = $.ajax({url: ‘https://cors-anywhere.herokuapp.com/’ + videourl})
await sleep(5000)
video = video2.responseText.split(‘n’)
for (i = 0; i < video.length – 1; i++) {
if (video(i).includes(‘visualiza’) == true) {
console.log(‘Achado!’)
srvnumbs = “”
final = video(i)
final2 = final.charAt(final.search(‘visualizações’) – 2)
crttst = final2
while not (final.charAt(crttst) == “””) { // Essa E A Parte Do Script Que Eu Preciso Do While Not
srvnumbs += final.charAt(crttst)
crttst -= 1
}

}
}
console.log(final)
}

dungeons and dragons – What is a cordwainer in Waterdeep?

One of Waterdeep’s many guilds is the Most Diligent League of Sail-makers and Cordwainers (Waterdeep: Dragon Heist, introduction). What is a cordwainer in this context?

Merriam-Webster defines a cordwainer as a shoemaker, or a worker in Cordovan leather (archaic). Wikipedia has an article on cordwainers in the shoemaker sense. But Waterdeep already has an Order of Cobblers and Corvisers and a League of Skinners and Tanners. Cordwainers are in a guild together with sail-makers, so it stands to reason that they would have some sort of connection to sail making.

Any D&D/Forgotten Realms source is acceptable.

macbook pro – Why can’t I use the windows 10 boot stick I created for my MBP?

I want to install Windows 10 on my MBP (early 2011, 15″, high sierra). I followed instructions using BootCamp and got to successfully create a USB stick with Windows 10. At the end of the boocamp procedure nothing happens (according to the user guide I expected mac to restart). When I restart, I get regular high sierra start. When I restart holding option key, I have a single choice for booting on my ssd, but the usb stick seems undetected.
Thanks for helping!

[ Politics ] Open Question : Why does the Morbidly Obese Clown continue to tweet? Does he not realize that NOBODY respects him! 100 thousand dead & 40 mill unemployed?

Morbidly Obese Clown FAILED! He has NO testing! NO ventilators. No supplies for hospitals! NO plan! And all he can do is try and entice violence! Morbidly Obese Clown needs to sit his fat A*S*S down on his unicycle and fart his way into hell where he belongs with Jeffrey Epstein and Bill Barr!

Why are all screens of SpaceX dragon control panel all blue themed

All the interfaces used in SpaceX dragon has blue themed interface. just curious as to why specifically blue and dark interface?
apart from blue being a sign of trust, not sure what other factors in terms of UI/UX decide that.

enter image description here