Notices by Claudius (claudius@imd.social)

@aral yeah solving 95% is probably the way to go. You can always get more complicated later without too much hassle.

@aral rails timestamps the migration (iso8601) and has one table that keeps track of applied migrations. This is a good idea in a scenario where Multiple Devs might add migrations on separate branches where a single version number would fall short.

@fribbledom you're not wrong, but before that I would rather have savegames.

@aral
You're looking good, but it also feels very out-of-character. Add a top hat, a cigar and a monocle, and I'd say this was mirror-universe Aral 🎩🧐💶

@aral no, it does not help. I'm just saying that the missing isolation across ports _does_ come up in the real world. And I would even argue that it's not that uncommon.

So: yes this is certainly a problem.

@aral this is actually a real-world-concern in my opinion. My scenario: Have a off-the-shelf NAS (like QNAP, Synology ...) and have it serve the friggin admin interface on one port (which is common) **and** use their included software (like PhotoStation for QNAP) or the included webserver to host entirely different software all on the same hostname just on different ports.

Without isolating cookies by port, you can now gain admin cookies.

I did something like this for _years_.