Saturday, September 17, 2011

2011 and the Y2K bug

It has almost been 12 years since we all had to worry about the Y2K bug right ? Well you'd think. Over the past few weeks I have been bothered by a problem with session management in one of the apps that I'm writing. I couldn't figure out why stuff was behaving so unexpectedly. At some point the hints became clearer and clearer that the dated cookies of the session were for some reason not being expired. The iOS URLConnection and the android http lib seemed to continue to send them along to the server after logging out. This was hard to confirm though, because both platforms hide the Cookie header from you when you make the request, the connection was https and I didn't have physical access to the server.

It made no sense however that iOS would have a fundamental Cookie management bug. So I build a small server and started testing cookie management on the iPhone. Everything looked just fine. Then I decided that I would copy the actual cookies the server was sending to the clients. I could get these values, because the Set-Cookie headers from the response (unlike the actual Cookie header in the requests) was visible. So I switch the values of my test server to the actual values from the server and suddenly I was able to reproduce the problem. The Set-Cookie that was supposed to expire the cookie seemed to turn the cookie into an undated cookie (so scoped to the session of the client instance).

I'm switching back to my old values and stuff starts working again. Again I copy the original server values. I select the text and suddenly I notice it.... Expires=Sat, 01-Jan-00 00:00:00 GMT;  No... that can't be it. Could it ? I switch my test server to issue the year 1970 instead. Poof, suddenly it works. So first of all, 12 years after 2000 there is still a server sending a broken date format. And two, it seems the Y2K parsing support in iOS is broken. Experimentation shows that iOS can only parse double digit years in cookies between 70 and 99. So any double digit year before 1970 (epoch) cannot be converted into an actual year. And what happens if the date cannot be parsed ? Then the date is removed from the cookie altogether, and your cookie becomes a session cookie :D

Monday, May 9, 2011

How IE6 is still causing headaches and bothering the rest of us

So you have this well known security issue called content sniffing in MS IE 6. No one really cares about that anymore right? Unfortunately, when you are a top 5 website, then you kinda have to care, since 3,46% of the readers of Wikipedia, so a whopping 13.88 million of the unique monthly visitors still use Microsoft Internet Explorer 6.

You try to fix this bug. Three times, causing three software releases (1.16.3, 1.16.4, 1.16.5) in 4 weeks. And then by accident, it becomes so strict that it breaks many of the requests for all Internet Explorer versions, simply because the url contains a dot. Sigh....

THIS is why you should help all your friends to get rid of IE6.

Thursday, February 17, 2011

kAMDReceiveMessageError

We kept running into a kAMDReceiveMessageError in our company, when trying to install adHoc iPhone apps with the iPhone Configuration Utility for Windows. Everything was fine if people tried to install using Windows iTunes.

After much time it was tracked to the addition of UIRequiredDeviceCapabilities to the Info.plist. For some very strange reason it seems that the Windows ICU doesn't like that property at all and fails to install any app that carries it.

Not sure if this will affect AppStore submission, iTunes handles it and so does the Mac version of ICU it seems, but it is at the very least mildly annoying that testers can't install our application using Windows ICU.

Sunday, January 16, 2011

Dutch 2011 Hack-a-ton a great success

Wikipedia birthday cakes during the celebrations
 in Amsterdam (Derk-Jan Hartman, CC-BY-SA 3.0)
So here we are... One day after the 10 year anniversary of Wikipedia and I think that I'm not the only Wikipedian who will testify that it has been a great couple of days. Lots of online friends meeting in real life at one of the 450 or so events, lots of very nice press attention for our once so humble project and just all out fun.

Myself I participated in the first Dutch Hackathon. The day kicked of Friday 14th, at 10 in the morning in the offices of Kennisland in Amsterdam. Since I was working on friday, I joined in on the fun at around 18:30 during pizza-time. There were about 15 or so developers as well as a dozen or so Wikimedians and people from a Wikipedia editing workshop that took place during the day. They assisted in the brainstorming, provided feedback and were kind enough to drink beers with us :D

Several projects had been selected in advance and a great deal of work got done. A quick summary:

  • Husky and Krinkle created PhotoCommons, a plugin for WordPress that makes it easy to search and embed files from Wikimedia Commons into your WordPress website.
  • I myself built WikiSnaps, an iPhone application that allows you to upload photographs from your iPhone camera or image library directly to Wikimedia Commons.
  • Tag-cloud visualizations of the statistics we collect of the usage of the GLAM materials. Making the usage of these GLAM materials in Wikipedia visible to the institutions is very important. (links will follow at a later time)
  • Pywikipediabot and Europeana were added to Translatewiki.net by siebrand and RobertL.
  • Bryan built a pywikipediabot named fancy-uploader to facilitate uploading of large batches of files to Wikimedia Commons.
  • JanPaul123 presented and further improved his revolutionary Sentence-level editor (demo) for wikitext. This shows great promise to improve the editing experience for many Wikipedians.
  • Groundbreaking work has been done by Roan, Krinkle and Bryan on getting the licenses and attribution information of files into the database. Currently this information is only present in wikitext, which makes it difficult to reuse this information outside of Wikimedia. This will eventually greatly improve the reusability of the Wikimedia Commons materials. 
  • Functionality has been developed for Open Images that allows their videos to be directly imported to Wikimedia Commons with the click of a button.

The projects were presented at the Amsterdam Museum-event on Saturday and they were enthusiastically greeted by the crowd of some 150 people. We evaluated the event during the reception of the 10 year Wikipedia party and quickly concluded that this is definitely worth repeating. The efficiency of working and thinking together in a single room, with short and dedicated projects was clear to all of us.

I want to thank all the people of Wikimedia NL, Kennisland, Amsterdam Museum and Beelden voor de toekomst, who sponsored and helped organize the events. You were all terrific and really organized something special.