A Conversation for h2g2 Read Only Beta

Pages of unknown parentage.

Post 1

Sean D Solle

No validation appears to be performed on thread URLs, so any incorrect entry/user numbers passed are used as incorrect headings. For example … http://www.bbc.co.uk/h2g2/beta/entry/A42/conversation/view/F42/T7878070 … rather than being "H2G2 Read Only Beta", is given the title "Can you see this?" (presumably placeholder text for unavailable entries). Really, as the thread ID (501032) is the authoritative value, *its* parent and grandparent should be ascertained via the db/api to find the conversation name. (And ideally, the URL should be redirected to one with the correct Axxxx & Fxxxx values). Of course, it also allows spoofing - here's a conversation we never had: http://www.bbc.co.uk/h2g2/beta/user/U284/conversation/view/F99/T214


Pages of unknown parentage.

Post 2

Sean D Solle

> Really, as the thread ID (501032)

Sorry, that should of course be (878070) - I'd originally used this URL as an example.

http://www.bbc.co.uk/h2g2/beta/entry/A42/conversation/view/F42/501032


Pages of unknown parentage.

Post 3

The H2G2 Editors

Thank you. Logged and noted smiley - ok


Pages of unknown parentage.

Post 4

Ben - H2G2 Developer

Hi,

I was wondering when someone would pick up on that smiley - winkeye.

The response body from the Forum API being used on the ROBeta did not include the parent id, this prevented any form of validation.

We now have a ForumSource API which prevents spoofing and redirects as you suggested.

Thanks for the comments smiley - biggrin

Ben


Pages of unknown parentage.

Post 5

Ben - H2G2 Developer

Unfortunately this won’t be available until the full release.

Regards


Pages of unknown parentage.

Post 6

Sean D Solle

> I was wondering when someone would pick up on that

Hi Ben - I smiled when I saw "Can you see this?" - I suspected it was some nicely written defensive coding, and had no doubt someone would be on the case smiley - smiley


Pages of unknown parentage.

Post 7

Sean D Solle

Explanation for any interested non-programmers:

Sometimes conditions arise in the inner working of a program, where a developer might think "well, that can't possibly happen" and do nothing about it.

With defensive programming (like defensive driving), you *expect* everything to go wrong, and code accordingly.

Quirky error messages that catch the user's eye are more likely to be reported, and usually serve as a memory jogger for the developer, too.

A certain application I once worked on used the message "Help, help, I'm being held hostage in a software factory" as the default text for critical error boxes.


Pages of unknown parentage.

Post 8

The H2G2 Editors

Thank you Seansmiley - ok


Pages of unknown parentage.

Post 9

Sean D Solle

> Thank you Sean

Very welcome - and thank you for the kind words on your latest update!

I'm thoroughly enjoying playing with this beta - reminds me of the Atomium (http://h2g2.com/A190090#back3) restoration; the faded aluminium panels are being replaced with shinier, more appropriate stainless steel smiley - smiley


Key: Complain about this post

Pages of unknown parentage.

Write an Entry

"The Hitchhiker's Guide to the Galaxy is a wholly remarkable book. It has been compiled and recompiled many times and under many different editorships. It contains contributions from countless numbers of travellers and researchers."

Write an entry
Read more