Aggregator

Stansted Airport has partnered up with Royal Air Maroc as they begin direct flights from the London airport to Casablanca, Morocco's biggest city.

Despite Horizon scandal promises to end bidding, bids keep popping up

Updated  British MPs and peers are questioning the government's decision to continue accepting bids for large-scale IT contracts from Fujitsu, despite the Japanese supplier's previous pledge to stop bidding.…

There are major delays on both approaches to the road

Communist Party tracts in, Communist Party opinions out

Five popular AI models all show signs of bias toward viewpoints promoted by the Chinese Communist Party, and censor material it finds distasteful, according to a new report.…

North Herts Council is taking action to resolve issues with the lease for The Arena football ground

Land near Radburn Way will be kept as a 'habitat bank' with 'improved public access'

The heartwarming show first aired in 2012 and has since put out 14 series, totalling to more than 100 episodes following the nurses and nuns in Poplar.

A deal between the two has long been rumoured though it is thought that British shareholders would be unhappy about the prospect.

The company behind the UK's third most popular dating app, has reportedly told investors that 240 jobs could be axed in order to save $40 million (£29.4m) a year.

Georgia Gardiner, 28, mother to two-year-old Arlo, from Leeds in West Yorkshire, has been told she has two years to live after doctors dismissed her incurable cancer for heartburn.

The James Webb Space Telescope has discovered its first new exoplanet, TWA 7b -- a young, low-mass planet about 100 times the mass of Earth, making it the lightest planet ever directly imaged beyond the solar system. Space.com reports: TWA 7b was discovered in the debris rings that surround the low-mass star CE Antilae, also known as TWA 7, located around 111 light-years from Earth. CE Antilae is a very young star, estimated to be around just a few million years old. If that seems ancient, consider the sun, a "middle-aged" star, is around 4.6 billion years old. [...] The disk of CE Antilae is divided into three distinct rings, one of which is narrow and bounded by two empty "lanes" mostly devoid of matter. When imaging this ring, the JWST spotted an infrared-emitting source, which the team of astronomers determined is most likely a young exoplanet. They then used simulations that confirmed the formation of a thin ring and a "hole" exactly where this planet is positioned, corresponding to JWST observations. The research has been published in the journal Nature.

Read more of this story at Slashdot.

If the half-naked foam party on a mega-yacht hasn't tipped you off, here's the message: It's Jeff Bezos and his big, fat, incel wedding!

Sue and Noel Radford have come under fire after animal lovers accused them of partaking in a 'cruel' tourist excursion while holidaying in Florida.

Follow Daily Mail Australia's live coverage of accused mushroom chef Erin Patterson's murder trial here.

The mum has spoken out after her child's vile abuser has been jailed

Nato chief Mark Rutte said on Wednesday that 'Daddy has to use strong language' to get Israel and Iran to sort things out, to which Donald Trump agreed.

The official is missing out on the Thursday meeting that will offer Congress a chance to see how successful the strikes were.

An Aussie art gallery run by an eccentric millionaire is under fire for displaying a photograph which appears to show an act of bestiality.

Maybe we'll just try and read a book. That's a good way to spend your vacation. This can't possibly go badly! Original --Remy

"Have you had a chance to look at that JIRA ticket yet?"

Marge debated pretending she hadn't seen the Slack message yet—but, if she did, she knew Gary would just walk over to her desk and badger her further. In truth, she didn't want to look at the ticket: it was a low priority ticket, and worse, it only affected a small fraction of one client's customers, meaning it was likely to be some weird edge case bug nobody would ever run into again. Maybe if I ignore it long enough, it'll go away on its own, she thought.

The client was a bookseller with a small but signifigant-to-them online presence; the software they used to sell books, including your standard e-commerce account functionality, was made by Marge's company. The bug was somewhere in the password reset feature: some customers, seemingly at random, were unable to use the password reset link the software emailed out.

Marge pulled up the ticket, looking over the half-hearted triage work that had been done before it landed on her desk to solve. The previous guy had pulled logs and figured out that all the customers who were complaining were using the same ISP based out of Germany. He'd recommended reaching out to them, but had been transferred to another division before he'd gotten around to it.

When Marge realized that the contact information was all in German, she almost gave up then and there. But with the magic of Google Translate, she managed to get in touch with a representative via email. After a bit of back and forth, she noticed this gem in one of his (translated) replies:

We want to display mails in our webmail client as close to the original as possible. Since most mails are HTML formatted, the client supports the full HTTP protocol and can display (almost) all HTML tags. Unfortunately, this means that "evil" JS-Content in such mails can do all kinds of stuff in the browser and therefore on the customer's PC.

To avert this, all mails are processed by a "SafeBrowsing"-module before they are displayed, to recognize and circumvent such manipulations. One of those security measures is the recognition of js-modules that begin with "on...", since that are mostly js functions that are triggered by some event in the browser. Our "countermeasure" is to just replace "on..." with "no..." before the HTML content is sent to the rendering process.

Marge frowned at the answer for a bit, something nagging at her mind. "There's no way," she murmured as she pulled up the access logs. Sure enough, the url for the reset link was something like https://bookseller.com?oneTimeToken=deadbeef ... and the customers in question had accessed https://bookseller.com?noeTimeToken=deadbeef instead.

A few lines of code and it was resolved: a conditional would check for the incorrect query string parameter and copy the token to the correct query string parameter instead. Marge rolled her eyes, merged her change into the release branch, and finally, at long last, closed that annoying low-priority ticket once and for all.

hljs.initHighlightingOnLoad(); code { font-family: Consolas, monospace; } [Advertisement] Keep the plebs out of prod. Restrict NuGet feed privileges with ProGet. Learn more.

Charming Kitten unsheathes its claws and tries to catch credentials

The cyber-ops arm of Iran's Islamic Revolutionary Guard Corps has started a spear-phishing campaign intent on stealing credentials from Israeli journalists, cybersecurity experts, and computer science professors from leading Israeli universities.…