Just because I'm a furry doesn't mean I work in IT... I mean yes, I work in IT, but not because I'm a furry!

They can include runnable JavaScript too, which can cause vulnerabilities in certain contexts. One example from work some years back: We had a web app where users could upload files, and certain users could view files uploaded by others. They had the option to download the file or, if it was a file type that the browser could display (like an image or a PDF), the site would display it directly on the page.

To prevent any XSS (scripts from user-provided files), we served all files with the CSP sandbox header, which prevents any scripts from running. However, at the time, that header broke some features of the video player on certain browsers (I think in Safari, at least), so we had to serve some file types without the header. Mistakenly, we also included image files in the exclusion, as everyone through image files couldn't contain scripts. But the MIME type for SVG files is image/svg+xml... It was very embarrassing to have such a simple XSS vuln flagged in a security audit.

Tested this on my Pixel 8a. Works as you would expect. Personally I have a little hard time coming up with use cases for this but I guess it's kinda cool.

with the motion largely serving to get Democrats on the record as voting against a bill being framed as anti-infanticide

Democrats have routinely criticized “born-alive” bills as being redundant because killing an infant who was born alive following an attempted abortion is already illegal.

tl;dr: The bill would actually change nothing and it's all political games.

I’ve learned that over in the EU, people can actually re-sell their games on Steam.

Unless I've totally missed something, this is (sadly) not true.

Also, if applicable, have a different person perform the restore every time and have them do it just by following the documentation. This way multiple persons have actual experience with the process if the shit ever hits the fan and this also makes sure the documentation is accurate and up-to-date.

Is it just me or does it feel that 2024 has not been a very good year in aviation safety? It seems that almost every month there's news about some major crash or incident and then of course there was the whole fiasco with Boeing

Sorry to ask, I'm not really familiar with Linux desktop nowadays: I've seen Flatpak and Flathub talked about a lot lately and it seems to be kinda a controversial topic. Anyone wanna fill me in what's all the noice about? It's some kind of cross-distro "app store" thingy?

Good luck trying to "shut down" a open source software.. Still sucks tho, why Nintendo gotta make so good games but be so shitty of a company otherwise

It's still unclear if he's allowed to use the logo and such. The national broadcaster Yle (which itself has a strict policy against advertising) allowed it in the national show and argued that (quote) "Windows 95 is no longer a protected trademark today. The product is hardly used by anyone anymore. Thus the name and the costume are allowed"

But EBU might have a different stance ofc

I remember reading an article about how we're already able to simulate basic tastes, like sweetness and sourness, digitally. So just you wait, we might have lickable HTML elements in the future

The expectation of everyone having a credit card as soon as they can get one and paying everything with credit to somehow "build" credit. Sounds such a great way to get people into financial trouble at a young age.