Weeknotes 20.1: Pasta, Phorms, and Prisons

Made some dinner, ordered some dishes, and read about debtors prisons in my backyard. Been a fun week.

I started watching the Bon Appetit Test Kitchen over the holidays, which has unsurprisingly inspired me to cook more, and to cook things I've not cooked before.

On a whim, I decided to make the mushroom carbonara on Monday night that they posted to the channel last March. One reason I chose it as my first attempt was because it was vegetarian. I'm not trying to make the switch myself, but I am trying to eat more plants generally. The promise of that umami flavor from the mushrooms sounded really appealing, and the final product did not disappoint.

I think I should've gotten larger eggs, because the egg mixture wasn't nearly as yellow as I expected, which is also the reason the sauce was more pepper-y than I would've liked, but overall I think I did a pretty good job.

After finishing the post-dinner dishes, I looked at the picture of my work I shared on Instagram and just felt the overwhelming need to have "proper" pasta dishes in my arsenal. I don't cook for others very often, but you know...WHAT IF I DID? WHAT. IF. I. DID? So like any reasonably unprepared human, I woke up the next day and ordered a set.

"You'll receive an email confirmation in a few moments!"

It never arrived.

That night, I checked my order status, and it said that the order failed. So I placed the order a second time, got the same confirmation message in the order form, but by lunch the next day, still no confirmation email. Looked up that order, and it too, said that it failed.

On the first order, I tried using a coupon code that I didn't apply on the second order, thinking it was the problem. I could see a retailer rejecting an order with an inappropriate coupon code as a fraud prevention thing. (The code was for $10 off of a $50 order, that the retailer displayed on the site itself. Nothing sketchy, but I 100% didn't do the math correctly and my order wasn't even $45, so my bad.)

But if I didn't even attempt the code on the second order, why was my order cancelled? Payment info was right, my credit card didn't reject the purchase for its own fraud prevention program. So to get answers, I called the retailer the next day, and spoke to a very pleasant person on their customer service line who walked me through the problem: the order was rejected because of an invalid email address.

My first guess was that it rejected the email because I added a +[retailer name] tag to the address. Some web forms refuse to accept + as a valid email component, but it's legit, but before I could tell the rep this fact, they told me that the email I provided had a space in it.

Internally: "Wtf do they not run a trim() on their field inputs or something?"

They then told me WHERE the space was in the address, and it became crystal clear what happened: when the form encoded the input fields, it converted all spaces to +s, and then in their order processing, it decoded all +s back to spaces.

I got really quiet on the phone, and then started laughing, only to have the rep ask if I were ok.

"Yeah, yeah, I'm fine. It's just.. y'all's order processing doesn't encode strings correctly. I'm sorry, this is something I do for a living, this is just a weird intersection of my personal interests."

"Well, sir, but your email was incorrect."

"No, no no, it's valid under RFC 822 but what's happening is...you know what, don't worry about it, I'll go and place my order again. Thank you so much."

After I (SUCCESSFULLY) placed my order for a third time, I started walking through a handful of ways that this could happen. Are they using a client-side library to do the form submission that the browser would do correctly for free? Probably. Was that library also doing encoding incorrectly? Also probably. Was the server-side processing just doing the best it could? Yeah.

I'm inclined to think it's a client-side library problem because, looking at the markup, there's a LOT of divs in the form which, to me, is a red-flag that there's a popular library in the equation, and then looking specifically at the fields themselves, they're all set with type="text", which loses the helpful browser field validation.

The web is hard, but sometimes it doesn't need to be. I say, as I sit looking at the recipe I'm going to make this weekend, waiting on my order of dishes to change from OPENED to SHIPPED.

Reading List

"Working Toward Freedom"

I have a couple of tabs in my list for this week, but I think this story from Mississippi Today and The Marshall Project is an incredibly important read, and it deserves all of the attention and then some more.

A handful of states experimented with restitution programs starting in the 1970s, but abandoned them as expensive and ineffective.

Not Mississippi. Judges have sentenced hundreds of people a year to four restitution centers around the state, almost always ordering them to stay until they pay off court fees, fines and restitution to victims, according to four years of government records analyzed by Mississippi Today and The Marshall Project.

People sent to the centers had been sentenced for felonies but didn’t commit violent crimes, according to the program rules. When we tracked down the cases of more than 200 people confined there on Jan. 1, 2019, we found that most originally got suspended sentences, meaning they did not have to go to prison.

They didn’t usually owe a lot of money. Half the people living in the centers had debts of less than $3,515. One owed just $656.50. Though in arrears on fines and court fees, many didn’t need to pay restitution at all — at least 20 percent of them were convicted of drug possession.

Mississippi Today