Note I had trouble on one of my test machines with Cmd-/. The system wasn't recognizing it. But it works properly on two of the other machines I use for testing. So I'm not sure what's going on.#
How did I do this? I uploaded the OPML of my notes outline that had one-liners in it, including one that returns my access token. I was debugging my code, so it was a natural thing to do. And uploading the file was a one-liner! Really easy. I was so proud. #
Okay they revoked the token. Good move. But if there were other sensitive info there they would not have been able to revoke it. #
So be careful! Don't upload before thinking. And don't enter security oriented info into your outlines, ever. A rule I am pretty good at following, except sometimes when I'm feeling successful apparently. #
Be careful. Be careful. Be careful. Be careful. Be careful. Be careful. Be careful. Be careful. Be careful. #
Review DocServer docs. Some of the requests return huge amounts of info, not really great for DocServer, so I want to edit things so it's less cumbersome.#
New release of Electric Drummer. This will be the first release since the first ship of Drummer on Oct 10. But I have some programming to do to make E/D work with GitHub, but I don't think it'll take too long to get done. #
Test error conditions. I haven't tried getting the directory of a file, for example. It shouldn't work. I have no idea what it returns. #
What it does -- it redirects you to GitHub where it knows about Drummer (I configured it, and it gave me back a client ID and secret). Your request includes the client id, that's how it knows where you came from. Then you will authorize Drummer to do stuff on your behalf. I think I have only asked for access to repos. You should verify that? It's a little confusing perhaps, for me too.#
Then, assuming you've given permission, it redirects back to drummer.scripting.com, and it opens the client in your browser, with your access token as a parameter. The client sees the access token, puts it in localStorage on your machine, and then redirects back to itself without the access token param. So you may see a little loading and reloading, but when everything settles down, you'll be logged in. #
The way to verify that you're logged in is to specifically check, thus --#
Note I had trouble on one of my test machines with Cmd-/. The system wasn't recognizing it. But it works properly on two of the other machines I use for testing. So I'm not sure what's going on.#
How did I do this? I uploaded the OPML of my notes outline that had one-liners in it, including one that returns my access token. I was debugging my code, so it was a natural thing to do. And uploading the file was a one-liner! Really easy. I was so proud. #
Okay they revoked the token. Good move. But if there were other sensitive info there they would not have been able to revoke it. #
So be careful! Don't upload before thinking. And don't enter security oriented info into your outlines, ever. A rule I am pretty good at following, except sometimes when I'm feeling successful apparently. #
Be careful. Be careful. Be careful. Be careful. Be careful. Be careful. Be careful. Be careful. Be careful. #
Review DocServer docs. Some of the requests return huge amounts of info, not really great for DocServer, so I want to edit things so it's less cumbersome.#
New release of Electric Drummer. This will be the first release since the first ship of Drummer on Oct 10. But I have some programming to do to make E/D work with GitHub, but I don't think it'll take too long to get done. #
Test error conditions. I haven't tried getting the directory of a file, for example. It shouldn't work. I have no idea what it returns. #
What it does -- it redirects you to GitHub where it knows about Drummer (I configured it, and it gave me back a client ID and secret). Your request includes the client id, that's how it knows where you came from. Then you will authorize Drummer to do stuff on your behalf. I think I have only asked for access to repos. You should verify that? It's a little confusing perhaps, for me too.#
Then, assuming you've given permission, it redirects back to drummer.scripting.com, and it opens the client in your browser, with your access token as a parameter. The client sees the access token, puts it in localStorage on your machine, and then redirects back to itself without the access token param. So you may see a little loading and reloading, but when everything settles down, you'll be logged in. #
The way to verify that you're logged in is to specifically check, thus --#