Weird Al youtube playlist

[Thorin]

Okay, today I really need a Weird Al soundtrack playing in the background.

Youtube delivers: https://www.youtube.com/watch?v=w-0TEJMJOhk&list=PL1l9pGBBX53h-Zdy_hheWX2HNgfQdI9xL

200 parody videos...

[Mr. Analog]

Good god y'all

[Thorin]

At least one of them is just a video about Weird Al videos.  So that means there's only, at best, 199 Weird Al parody videos in that playlist.

Today I learned that Weird Al used to get permission to parody songs from record companies, but then he parodied "Gangsta's Paradise" by Coolio (Weird Al's parody was "Amish Paradise") and the record company said yes but Coolio said no, so now he goes right to the artist as well as the record company.

Today I learned that Coolio's "Gangsta's Paradise" is just about a perfect rendition of Stevie Wonder's "Pastime Paradise" (I wouldn't be surprised to hear it's the same sheet music), but their subject matter is quite different.

Today I learned that Weird Al parodied Lady Gaga's "Born This Way" using a couple of body doubles.

Today is a learning day!

[Darren Dirt]

Today is a learning day!

You're such a parent aren't ya! The way you worded the above post -- I'm sure the "what did we learn today?" game was played every day in your household from early on! 

[Thorin]

No, our internal motto at work is "Not everything that got us here will get us there ... Learn something every day".  So that particular day, the thing I learned is the things I listed there.

Whereas yesterday I learned that modern browsers such as Chrome and Firefox actually record session cookies even after you completely close all windows and kill all background processes.  Why does this matter?  Well...

Say you logged into your bank.  The bank server gives you a session cookie to identify you.  You click logout, then close the browser, then kill any processes for that browser you might see in task manager.  Now I use the computer after you, open the same browser, go to the same bank website, and the bank server says, "Hey, you got a session cookie?  You do?  Alright, go right ahead, you're still logged in!"  Now I'm in your accountz, stealin' your moniez.  Notice at no point did I get a logon screen or have to provide a username or password.

There are ways that you can mark the session cookie invalid on the server side, but it's not uncommon for people to forget to do this.  You see, in the old days, once the browser was closed then any cookie not marked with an expiration date was discarded (and session cookies typically have no expiration date).  So web users expected that closing their web browser would guarantee that anyone else would have to provide the username and password for a site they were on.

Seriously.

Look up Session Restore, it's been around a while.

This bit us in the butt recently because our app (which runs inside another app) doesn't properly cancel the cookie and so a new user gets the permissions of the previous user (the login is still forced through the other app we're inside of so it's extra-weird because we're logged in as user X but have permissions for user Y).

Learning.  Thanks, Weird Al.

[Melbosa]

Say you logged into your bank.  The bank server gives you a session cookie to identify you.  You click logout, then close the browser, then kill any processes for that browser you might see in task manager.  Now I use the computer after you, open the same browser, go to the same bank website, and the bank server says, "Hey, you got a session cookie?  You do?  Alright, go right ahead, you're still logged in!"  Now I'm in your accountz, stealin' your moniez.  Notice at no point did I get a logon screen or have to provide a username or password.

So I know this is just an example... but I tested with my bank with both Chrome and Firefox without an issue - Sign me up as an QoA guy!