Comments on: Incompetent Boobs http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/ Ranting and Raving Thu, 09 Feb 2012 17:01:34 +0000 hourly 1 http://wordpress.org/?v=3.1.3 By: The Cafes » Incompetent Boobs Part 2 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-412259 The Cafes » Incompetent Boobs Part 2 Fri, 20 Jun 2008 14:03:00 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-412259 [...] problem, yet again, was that the Content Management System was designed by INCOMPETENT BOOBS, who didn’t know [...] [...] problem, yet again, was that the Content Management System was designed by INCOMPETENT BOOBS, who didn’t know [...]

]]> By: Elliotte Rusty Harold http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-100666 Elliotte Rusty Harold Sun, 22 Jul 2007 17:16:45 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-100666 Another example of this particular idiocy: <a class="2007-07-22T13:16:38Z" href="http://radar.oreilly.com/archives/2005/05/google_web_acce_1.html" rel="nofollow">Google Web Accelerator considered overzealous</a>. (By the way, Rael is wrong, Google Web Accelerator was not at fault here.) Another example of this particular idiocy: Google Web Accelerator considered overzealous. (By the way, Rael is wrong, Google Web Accelerator was not at fault here.)

]]> By: Mokka mit Schlag » Most Popular Stories http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-43937 Mokka mit Schlag » Most Popular Stories Thu, 15 Feb 2007 17:12:04 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-43937 [...] Incompetent Boobs [...] [...] Incompetent Boobs [...]

]]> By: Goldin Evgeny http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-1027 Goldin Evgeny Fri, 31 Mar 2006 15:28:10 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-1027 Sure, here I agree with you - when I was saying that we usually use GET/POST for all operations it was more correct to say "mostly POST" as GET requests are usually used for simple redirects. Sure, here I agree with you – when I was saying that we usually use GET/POST for all operations it was more correct to say “mostly POST” as GET requests are usually used for simple redirects.

]]> By: Elliotte Rusty Harold http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-1026 Elliotte Rusty Harold Fri, 31 Mar 2006 11:59:45 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-1026 The problem is not so much the failure to use DELETE as it is the misuse of GET. If they had gone with POST, this wouldn't have happened either. The problem is not so much the failure to use DELETE as it is the misuse of GET. If they had gone with POST, this wouldn’t have happened either.

]]> By: Goldin Evgeny http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-1013 Goldin Evgeny Thu, 30 Mar 2006 21:23:31 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-1013 Ok, thanks a lot for the explanation but still - you're proposing the correct solution while I was reviewing what actually happened which still has nothing to do with GET/DELETE methods (Ok, ok, it has to do with those methods but see below) And .. come on :) Please, show me the system using *exclusively* the DELETE method for removing the content. I bet 99% of existing web applications doesn't do it (may be it's just my ignorance but I never saw/heard of anyone actually doing it - really, I would be glad to see some examples). Of course, it doesn't say nobody gets the difference between GET and DELETE it just says that almost nobody ever uses it for what it was invented. In my world all delete operations and those having other side-effects are implemented with GET/POST requests plus confirmation screens. I mean, I totally agree with what you say about GET/DELETE - it just that nobody uses it except couple of extraordinary folks here and there. P.S I remember some of the links on your site weren't working in IE (couple of years ago, yes, I'm a long-time follower of your work and books, in fact) because their extension was ".xhtml". Back then you seemed to prefer the perfect solution to the *working* solution. Isn't situation the same with DELETE methods ? I consider myself to be a perfectionist as well but I feel like sometimes you're going too far to the level of becoming non-pragmatic. Ok, thanks a lot for the explanation but still – you’re proposing the correct solution while I was reviewing what actually happened which still has nothing to do with GET/DELETE methods (Ok, ok, it has to do with those methods but see below)

And .. come on :) Please, show me the system using *exclusively* the DELETE method for removing the content. I bet 99% of existing web applications doesn’t do it (may be it’s just my ignorance but I never saw/heard of anyone actually doing it – really, I would be glad to see some examples). Of course, it doesn’t say nobody gets the difference between GET and DELETE it just says that almost nobody ever uses it for what it was invented. In my world all delete operations and those having other side-effects are implemented with GET/POST requests plus confirmation screens. I mean, I totally agree with what you say about GET/DELETE – it just that nobody uses it except couple of extraordinary folks here and there.

P.S
I remember some of the links on your site weren’t working in IE (couple of years ago, yes, I’m a long-time follower of your work and books, in fact) because their extension was “.xhtml”. Back then you seemed to prefer the perfect solution to the *working* solution. Isn’t situation the same with DELETE methods ?
I consider myself to be a perfectionist as well but I feel like sometimes you’re going too far to the level of becoming non-pragmatic.

]]> By: Elliotte Rusty Harold http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-1012 Elliotte Rusty Harold Thu, 30 Mar 2006 20:43:40 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-1012 The WTF article completely misdiagnosed the problem. It seems that neither the author of the article (Alex Papadimoulis), the consultants who designed the system, the government agency that paid for the system, the consultant who analyzed the symptoms (Josh Breckman), nor most of the commenters on that article have any clue of what the real mistake was. It has nothing to do with cookies. It has nothing to do with passwords. It has nothing to do with JavaScript. It has nothing to do with copy and paste. It has nothing to do with failure to authenticate. These are all red herrings, though they made mistakes in all of these too. However if they had fixed every one of those mistakes they still would have been sitting on a time bomb waiting to go off and delete their site. The fundamental problem was responding to a GET request by deleting a page. GET requests must be idempotent and side-effect free. They designed a system where this wasn't true. Everything else is secondary to <a href="http://cafe.elharo.com/web/rest-mistake-1-confirming-gets/" rel="nofollow">this major mistake</a>. The WTF article completely misdiagnosed the problem. It seems that neither the author of the article (Alex Papadimoulis), the consultants who designed the system, the government agency that paid for the system, the consultant who analyzed the symptoms (Josh Breckman), nor most of the commenters on that article have any clue of what the real mistake was.

It has nothing to do with cookies. It has nothing to do with passwords. It has nothing to do with JavaScript. It has nothing to do with copy and paste. It has nothing to do with failure to authenticate. These are all red herrings, though they made mistakes in all of these too. However if they had fixed every one of those mistakes they still would have been sitting on a time bomb waiting to go off and delete their site.

The fundamental problem was responding to a GET request by deleting a page. GET requests must be idempotent and side-effect free. They designed a system where this wasn’t true. Everything else is secondary to this major mistake.

]]> By: Goldin Evgeny http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-1011 Goldin Evgeny Thu, 30 Mar 2006 19:33:37 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-1011 I'm sorry, but I have a hard time seeing the relation between "get" and "delete" HTTP methods and the problem described in the WTF entry. This entry describes the situation where "Delete" links (you know, those that you click when you want to delete something) were left in the articles posted because authors copy-pasted the content containing an "edit" link which brought the Google robot to the new page containing the .. aha! a "Delete" link. If I understand you correctly - you was referencing to the HTTP methods, so aren't you missing the point ? P.S. Also, aren't you trying too hard to advertise yourself ? I guess it's the second time I see the shameless plug in your entries. Really, a separate page dedicated to this matter with however detailed description to what you have absolutely no patience would do the job, wouldn't it ? Kind of "Hire Me!" link. I’m sorry, but I have a hard time seeing the relation between “get” and “delete” HTTP methods and the problem described in the WTF entry. This entry describes the situation where “Delete” links (you know, those that you click when you want to delete something) were left in the articles posted because authors copy-pasted the content containing an “edit” link which brought the Google robot to the new page containing the .. aha! a “Delete” link.

If I understand you correctly – you was referencing to the HTTP methods, so aren’t you missing the point ?

P.S.
Also, aren’t you trying too hard to advertise yourself ? I guess it’s the second time I see the shameless plug in your entries. Really, a separate page dedicated to this matter with however detailed description to what you have absolutely no patience would do the job, wouldn’t it ? Kind of “Hire Me!” link.

]]> By: Andrzej http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-1009 Andrzej Thu, 30 Mar 2006 13:59:55 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-1009 Why would you label these fools as something that is useful, or at least desireable? ;-) Why would you label these fools as something that is useful, or at least desireable?

;-)

]]> By: John Cowan http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/comment-page-1/#comment-1002 John Cowan Wed, 29 Mar 2006 16:31:49 +0000 http://www.elharo.com/blog/software-development/web-development/2006/03/29/incompetent-boobs/#comment-1002 You're so smart, you'll never be rich. You’re so smart, you’ll never be rich.

]]>