You're misunderstanding how CSRF works. Say a user is logged in to the site JoeNotProtectedByCSRF.tld with a session cookie or similar authentication token. SpammySite.tld comes along with a form to POST some change some value on JoeNotProtectedByCSRF.tld such as a password field. Because your browser always sends along the cookies to the end domain, your session cookie will be abused. With a check against a unique-to-the-user CSRF token as a hidden input on the form this doesn't happen.
Seriously, there's a lot of FUD on this thread. Right now it's anecdotal evidence at best that there is a relationship there at all. But most people here seem to be talking about it as if it's already proven fact. Come on HN.
It's absolutely unbelievable how groupthink manages to take over here sometimes. There are 296 repositories on Github when you search for PRISM. People need to stop and think for a minute about how generic of a name that is. It's certainly doesn't serve as any kind of useful evidence against Palantir.
If you use jquery, I wrote this really simple snippet that I use for quick down and dirty debugging.
var logit = function(x){$('body').append('<div id=logit></div>');$('#logit').css({'background':'#000','position':'fixed','bottom':0,'right':0,'color':'#fff','padding':5,'font-family':'arial','font-size':'9px','z-index':9999});$('#logit').append(x+'<br>');};
It could very easily be adjusted for non-jquery too.
Then just call it like: logit(whateverYouWantToDisplay);
I disagree, they're in an ideal location for people from both SF and down to San Jose and Fremont.
That gives their employees a whole lot more choice for housing and makes it more attractive. Every time I see a company that's in SF offering jobs I shudder at the travel time from the valley. It's wonderful if you've already got a place in SF but makes anyone think twice about joining a company when they consider the crazy living costs in SF.
None of those things are true for me. I shudder when I think about paying crazy bay area prices and then having to live in a typical valley suburb. I might as well move to Ohio and pay 1/4th the rent.
Wow, I was under the impression that they had to use special packaging for all of their food to keep crumbs/droplets at bay. That almost looks like a normal food setup, besides all the velcro.
I read an article recently about "space cuisine", which dispelled this myth -- it used to be that way, but what they go for now is more sticky stuff -- crumbs are still bad, but something like meatloaf with gravy would be fine.
I honestly clicked through in a mild panic thinking the factory in LA had caught fire. Was relieved to see it was more an in-depth feature article on the history of the founder and company.
For those interested, here's the site last "Revised: May 10,2004"
Seemed like the perfect balance between, hard enough that you don't throw everything on there and eat up space, but useable enough that it works fine when you need it.
Nothing! In fact, the new issue attachments code uses plain ol' Markdown to show the image. The reason we added this is because arcane Markdown code is impossibly hostile for new users and beginners.
Have you ever had a manager/user/whatever person issue a screenshot of an issue using markdown? It doesn't work. Github is supposed to be for teams too (private repo's), and this brings it 1 step closer, but still far from what other services offer for issue tracking.
1) Hard to use for mere mortal users (QA, testers, normal users posting issue for an App, etc. 2) If uploaded to another site, the images are under a different protection domain (for protected repositories.)
Nice site, really nice UI with the arrow pointing to the bookmark bar. A change in the color of the tl;dr; bookmark when there's a bookmark available would really go a long way! Great job!
Thanks for the feedback! What you describe would be a big improvement but is not feasible with a bookmarklet. We are planning on releasing a browser extension that will enable just this.
