The Prime Directive is a form of paternalist condescension by a civilization (or, more accurately, by writers) with a myopic view of culture. Technology can advance, but cultures can only change. “Advancement” is not something a civilization does. And a scientifically advanced civilization can do horrible things with technology they themselves have made just as much as another culture can be given technology and not immediately wipe themselves out with it.
From a narrative standpoint, Spider-Man’s entire thing is thematically tied to the idea that “no good deed goes unpunished.” Peter Parker’s academic, professional, and social life all pay a price to enable his crime fighting. Spider-Man 2 does a good job of portraying that. After he stops the train that was about to crash in his fight with Doc Ock, he gets lifted up, arms outstretched, looking like a crucified Jesus. He suffers for the sake of others. It’s honestly a nice contrast to people like Tony Stark for whom being a billionaire playboy superhero has historically (if not in the Marvel movies) been depicted as coming with a fairly comfortable life. Well, at least ignoring the part of his backstory where he went homeless because of his alcoholism. But that was in the eighties, I think.
You also can’t leave or enter the galaxy Star Wars takes place in, except for a small perforation called Vector Prime. There’s a galactic barrier in place that causes hyperspace to just kinda…stop working.
Fun fact: Oglaf is actually two people. Trudy Cooper and Doug Bayne. Both Australian. Both, presumably, horny weirdos.
You are also forbidden from fucking and, I would imagine, also masturbating. I think that’s the most interesting question about the Jedi Order: do they let their weird virgin space cultists shoot rope as long as it’s not into a person? I’d imagine not.
a mechanic that can tell the internal structure of a machine and perhaps reattaching a wire without ever having to open it
Some lightsabers worked that way, in the expanded universe media. You could only turn them on by using the force to toggle an internal power switch.
Hey, we’d like to guarantee your child a future of being one of the most important people in the galaxy, with all their needs met as we turn them into space wizards who fight evil.
According to a lot of “not movies” media, many people who were trained to be Jedi didn’t make the cut. It’s one of those things that required a combination of remarkable effort and sheer talent and most people who were potential Jedi just lacked the raw skill to be considered one. As such, the Jedi had a large support auxiliary of force sensitive attendants and custodians who basically took care of the grunt work of the Jedi order. They weren’t true “Jedi Knights,” but they were a part of the order. They just spent their time scrubbing toilets and doing paperwork rather than banging queens and dismembering enemies of the state with laser swords.
This is a good question. The answer is probably “a few years old” at the least. I went hunting for the UPC code on the back label and found this website, which indicates its last recorded scan was some time in 2021. It’s likely this product is simply no longer manufactured and sold by them. Probably by virtue of a lack of demand or other considerations.
Yeah, I didn’t know that until very recently, and that was because of an anime I was watching.
A big component of sealioning, as I think you’ve pointed out, is one party pretending to not understand the intent or argument behind your reasoning and rephrasing it in a way to make it sound ridiculous, but in the form of a question. The goal is to counter someone’s argument by hoping that they don’t have the argumentative or expressive capacity to succinctly clarify themselves or identify that you’re asking questions in bad faith.
I have a better explanation: George Lucas is a shit writer and decided their relationship made sense.
A snake can’t sprint at you at 25 miles an hour and then rip you in half like a phone book as soon as it sees you. Nor would it. A panicked gorilla placed in a strange location like a mall will potentially kill anything in sight.
It’s okay. Being a person is hard and communicating is a big part of being a person.
I didn’t pick up on the sarcasm in your description. And I’m usually pretty good at that. Not sure if that’s a flaw in my reading comprehension or if your intent just didn’t carry in that sentence. Maybe a bit of both.
follows Velma who is an amazing girl-boss who solves all the mysteries
Velma as a character was a lot of things, but she was mostly an insufferable, pathologically egotistical narcissist with hallucinatory delusions and severe mommy issues. Like, the show was horribly written, don’t get me wrong, but let’s not act like she was a Mary Sue.
Oh boy a semantic argument
It turns out the language you use can be semantically ambiguous or misleading if you phrase it incorrectly. Today you learned.
And any web dev who remotely understands the point of CSP and why it was created, should instantly have alarm bells going off at the concept of triggering arbitrary ajax via html attributes.
Oh, did you finally manage to fucking Google how HTMX works so you could fish for more reasons to say it’s unsafe? What you’re describing is not a particular concern to HTMX. If an attacker can inject HTML into your page (for example, through an XSS vulnerability), they could potentially set up HTMX attributes to make requests to any endpoint, including endpoints designed to collect sensitive information. But, and this is very important, this is not a unique issue to HTMX; it’s a general security concern related to XSS vulnerabilities and improper CSP configurations.
Do you know what the correct cure for that is?
PROPER CSP CONFIGURATION.
“HTMX doesn’t bypass CSP! It just (proceeds to describe the exact mechanism by which it bypasses CSP)”
Do you genuinely not understand that CSP works on the browser API level? It doesn’t check to see if your JavaScript contains reference to disallowed endpoints and then prevents it from running. I don’t know how you “think” CSP operates, but what happens is this: The browser exposes an API to allow JavaScript to make HTTP requests - specifically XMLHttpRequest and fetch(). What CSP does is tell the browser “Hey, if you get an API request via XMLHttpRequest or fetch to a disallowed endpoint, don’t fucking issue it.” That’s it. HTMX does not magically bypass the underlying CSP mechanism, because those directives operate on a level beyond HTMX’s (or any JS library’s) influence BY DESIGN. You cannot bypass if it if’s properly configured. Two very serious questions: what part of this is confusing to you? And, have you ever tested this yourself in any capacity to even see if what you’re claiming is even true? Because I have tested it and CSP will block ANY HTMX issued request that is not allowed by CSP’s connect-src directive, assuming that’s set.
CSP works on the browser API level - all HTMX does is what you could do yourself with any AJAX: send an HTTP request to an endpoint. If the CSP disallows that endpoint, it will fail.
Oh, the lengths someone will go to to not admit they are wrong and don’t know what they’re talking about. You are so clearly incompetent and so aggressively ignorant about what you’re even saying that I genuinely hope for your sake no one responsible for paying you ever learns how woefully stupid you are. You literally thought HTMX was its own language or server-side framework - I’m not sure which. It’s genuinely funny how opinionated you are over something you just never bothered to even learn about in the first place. I don’t think you’re even sure which of those things you thought it was in the first place.
All you’re doing is trying to save face here by putting words into my mouth. “React is transpiled into JavaScript!” Yes, obviously. That’s why I said you don’t serve React: you serve JavaScript, which React code becomes as its served to the end user. And HTMX already is JavaScript, which you would not transpile because you can’t. Because, and I guess you didn’t see the bolded letters in my previous comment: it’s already a JavaScript library. And you also clearly don’t understand how CSP is enforced within the browser, as I’ve literally proven that your “security concerns” for HTMX are only an issue if you have no idea how CSP even works or is controlled, or even how fucking HTTP requests work in the browser. Hell, I even provided links. Did you provide links? No. You didn’t. You sat here and filled your diaper like the baby you are once I explained to you how HTMX actually works and you were just so. fucking. embarrassed. that you couldn’t even imagine being a grownup and just admitting you’ve been talking out of your ass about something you don’t understand. You just pivoted to insults because you don’t have any real evidence to support your assertions: no explanation for how HTMX violates CSP, no demonstrable vulnerabilities, no real explanation for how this one client-side JavaScript library can bypass CSP when thousands of others can’t. You can’t even explain how you think HTMX does what it does, because you have no fucking clue. All you do have is your ignorance and impotent rage at someone proving, exhaustively, that you are desperately and pathetically out of your depth.
Honestly, I pray for your organization’s sake you’re just a very underqualified intern they’re stuck with until they can kick you out at the end of semester and tell you to go pound sand and beg some dogshit tier company for a job as a scriptmonkey, because if they aren’t, you’re going to actively make everything you touch worse because you don’t actually understand how any of it works and when someone tells you you’re doing it wrong or have made mistakes you’re just going to double down until you get made to sit in a corner and let a big boy fix it.
Just to be clear, are you talking about some kind of templating library that literally transpiles all the htmx logic and instead packs it into individual ajax logic in js files “per element”, such that you don’t need to serve htmx client side and instead you pre-transpile all the ajax logic out to separate files?
My brother in Christ, what the fuck are you talking about “transpiling HTMX” and “serving HTMX client side?” You don’t “serve” HTMX and there’s nothing to “transpile into JavaScript.” It is JavaScript. That’s like saying you “serve React client side” and “transpile JavaScript into more JavaScript.” Jesus, I feel like I’m taking crazy pills.
Cause the very start of my statements was that if we had something like that then HTMX would be fine, as a templating lib that transpiled out to html+js.
Oh, okay, so you don’t actually know what HTMX is or how it works, then? Because HTMX (https://htmx.org/) is a JavaScript library. Like, literally just a JavaScript library. It’s like…4000 lines of JavaScript. In fact you can read the source code for it here: https://github.com/bigskysoftware/htmx/blob/master/src/htmx.js. For some…insane reason you seem to think HTMX is its own language. It’s not. It’s…just a JavaScript library. There is no other language called HTMX. There is no other mechanism or tool called HTMX. No implementation or protocol or ANYTHING else. It’s just a small JavaScript library.
invoke arbitrary logic with html attributes
Once again, HTMX enhances HTML with various attributes declaratively. It utilizes custom data attributes in HTML (like hx-get, hx-post) to specify how elements on the page should behave - essentially, how and where to fetch data or submit forms without a full page reload. This is a form of declarative programming that tells the htmx.js library (which is just doing fucking AJAX) what to do when certain events occur (e.g., a click or a form submission). The actions (like the actual requesting of data from an endpoint) are performed by the code in htmx.js.
This is a fancy way of saying “if you stick an hx-get attribute on a button, then you can just say where you want a GET request to go to and what element you want updated with the HTML returned from it and htmx.js will parse that out on page load and set an event listener for the button click to know when to initiate an AJAX request to the defined endpoint.” If you had an hx-get attribute in an element in a page and that page didn’t have the htmx.js library loaded it would do literally nothing.
And, once again, HTMX, being a JavaScript library, operates under the same security constraints as any JavaScript executed in the browser. This means that:
See, a conversation like this has to be based on a shared set of foundational premises, and those premises can be fairly complex and couched in their own assumptions. My argument is that you can’t describe a culture utilizing the same kind of language that you would, say, a tech tree, where you would need a formal system of writing before you get the printing press, or combustion rockets before the warp drive. That’s not to say that you can’t describe a society or compare its faults and merits, but you can’t really couch that in the language of “advancement.” Advancement is iteration or demonstrative improvement on previous forms, and while the idea of a cultural endpoint is, admittedly, a common feature of materialist philosophical traditions (Marx, for example, believed Capitalism was a stage of economic and social development preceding communism), to argue that it’s inevitable is to argue for something of which we have no real material evidence. Progressive or liberal societies can gradually slip into fascism just as easily as fascist societies can gradually become progressive and tolerant, and there’s nothing that guarantees a clear relationship between societal virtues and technological acumen. Star Trek itself shows a number of very old, very powerful and technologically advanced expansionist empires, like the Romulans or the Dominion, living alongside the more tolerant Federation.