There’s nothing wrong with OCI Images. If you’re concerned about the security of Docker (which, imo, you should be) there are other container runtimes that don’t have its security tradeoffs (e.g. podman).
There’s nothing wrong with OCI Images. If you’re concerned about the security of Docker (which, imo, you should be) there are other container runtimes that don’t have its security tradeoffs (e.g. podman).
The short version is that the creators of this API are doing something more secure than what the client wants to do.
A reasonable analogy would be trying to access a building locked by a biometric scanner vs. a guard looking for a piece of paper with a password on it. In the first case, only people entered into the scanner can get in (this is the cookie scenario). In the second case, anyone with a piece of paper with the right password on it will be let in (this is the Bearer token scenario).
More technical version: the API is made more secure because the “HttpOnly” cookie - which, basically, means the cookie’s contents can’t be read with JavaScript in the browser - is used to hold the credentials the server is looking for.
By allowing a third party to access the application, this means you have to allow methods that can be set “client-side” (e.g. via JavaScript in a browser). The most common method is in the “Authorization” HTTP Header - headers are metadata sent along with a request, they include things like the page you’re coming from and cookies associated with the domain. A “Bearer” token is one of the methods specified by the “Authorization” header. It’s usually implemented via passing the authorization credentials prefixed with the word “Bearer” (hence the name) and, often, are static, password-like text.
Basically, because this header has to be settable by a script, that means an attacker/hacker could possibly inject malicious code to steal the tokens because they must, at some point, be accessible.
In this thread, everyone getting caught up on the first toot and not the second where he clarifies his point.
If you step past the initial investment of buying a house, the analogy makes perfect sense. When you rent an apartment, your landlord (the provider) takes care of all the maintenance; you just live there and you get what you get. When you own a home, you take care of all of the maintenance, but you get to set the place up however you like. This isn’t that different from a lot of FOSS out there.
Possibly controversial opinion, the left needs a Fox News. A station that just unapologetically pushes liberal talking points and pays newsworthiness the same lip service that Fox does. Fuck this holier than thou bullshit we’ve got going on; fight propaganda with better propaganda.
For me, it has a picture where it specifies a “polypropylene container”.
There’s also this bit from near the end of the abstract:
Additionally, the polyethylene-based food pouch released more particles than polypropylene-based plastic containers. Exposure modeling results suggested that the highest estimated daily intake was 20.3 ng/kg·day for infants drinking microwaved water and 22.1 ng/kg·day for toddlers consuming microwaved dairy products from polypropylene containers.
So, they’re, at least, discussing polypropylene and polyethylene.
Tourists have been carving their names into shit for - and I’m not exaggerating here - thousands of years. I"m having a hard time finding evidence for this now, what with most of my searching only returning content for this particular modern incident, but I swear I’ve seen documentaries where they show ancient people doing, essentially, the same thing.
This is the expected behavior on Reddit when you delete your account. None of your posts go anywhere. You have to manually, before you delete your account, edit them to remove their contents. Requests for deletion under GDPR may function differently.
The root path for kbin is currently always “all”. I actually have a PR up right now to change this to what people actually expect to happen.
There isn’t a native mobile app, but this website is what’s known as a “progressive web application”. This means that you can just add it directly to your home screen and it will act app-like. See this thread for exact iOS instructions. Android is similar but does depend on which browser you’re using.
https://www.cdc.gov/me-cfs/index.html