usability – Should an open accordion section be hidden when the user clicks on another section?

The best practice is to HIDE the currently open level once you click on another accordion tab. The reasoning is quite simple:

  • Reduce cognitive load: suppose you have catA-->item1,item2,item3,item(n) open and then you click catB-->item1,item2,item3,item(n). If you keep catA open, then you’re forcing your user to discriminate between the items of different categories, adding a lot of friction and confusion, specially if user opens more than one tab.
  • Avoid scrolling: the main reason for accordions is to save space in an otherwise long list of items/content. If you keep the tabs open, you’ll be forcing the user to scroll down, making the whole accordion purpose useless

Be aware that if the list is not enough to overflow the boundaries of the screen, it’s better to keep all items at sight, unless you need to hide them because of the first reason above: to reduce cognitve load

There’s a possible scenario when you may want to keep more than one tab open at the same time: when the user’s workflow shows they constantly jump between items of different tabs. While this could be avoided with proper Information Architecture, it’s true that sometimes you can’t avoid it (like when you inherit an existing system, just as you said) .

In this case, I suggest to have a clearly labeled checkbox where users may choose to keep tabs open. Some sites do this at tab level, as in CatA-->checkbox,CatB-->checkbox,CatC-->checkbox but in my opinion it’s better to go for an “all or nothing approach” and have only one checkbox. If checked, then multiple tabs can be opened at once.

Gmail inbox “snippets” don’t match the email – text is there but hidden from human view – how?

I am curious about Google’s Gmail “snippets”. From most emailers, the snippet is the first few words of the email, or in some cases, the Google A.I. seems to pick out what it thinks is an important sentence to display (which usually it gets right). But from a few emailers — notably Facebook — somehow, the snippet displayed is not even mentioned in the email. For example —

Gmail shows "snippet" of an email I received.

The email from Facebook, about a post my friend made on Facebook, displays text from his post; but the email itself contains nothing about being diagnosed with cancer:
The email displays no content related to its Gmail "snippet".

When I search for info on Gmail Snippets, I find instructions for turning on and off in “settings”, and I find advice for email marketing people about tailoring the email to display an effective snippet (like, don’t have your first line be your unsubscribe link); but I have found nothing about how to make the snippet be unrelated to the content of your email.

When I view source with ctrl-U, all I see is a wall of CSS and (what I think is) Javascript. When I ctrl-F to search for “cancer” and “diagnosed”, it comes up empty.

When I ctrl-F to search for “cancer” in the message, it says it found one instance, but nothing is displayed:
Searching finds something but it is not displayed.

When I forward the message to an old text-only system where I have an account, I do see the snippet as the very first line of the message (prior to a bunch of Facebook links and then CSS and HTML that doesn’t render on the text-only interface).

So, how is Facebook doing this? Are they using a 0-size font, or something? (I think they are not using a font color that matches the background, because then it would be displayed, highlighted, by ctrl-F.) I think that cannot be it, because I would see the markup on the text-only system. Is there some rule that you can hide text from human view in Gmail, if it comes before the HTML? This has been bugging me for a few weeks, so thanks for any insights.

extreme tourism – Any information on this secret / hidden cave in A Coruña, Spain?

There’s an intentionally secret / hidden cave in A Coruña’ city in Spain. Is there any information about it anywhere ?

Unfortunately I cannot obtain better photos of it.
When looking at it in person from the other side of the bay, you can clearly see it is a cave, and the window .

is there any information about it anywhere ?

enter image description here

enter image description here

web application – How are hidden private URLs being “leaked” to third parties?

We’re hosting a web site where the server processes a stream of images, generating a unique ID (uuid) for each new picture and storing various data against the ID in a MySQL database. The site is monitored through a protected dynamic (AJAX) UI, which displays a real-time stream of image previews which include the uuid in the URL, something like:

https://<SERVER>/<root>/image/a756f99c-f0ce-469d-80b7-8c8f3c0a0581

When I trawl through the Apache access logs I see requests to some of these image URLs from a small number of third party IP addresses, fairly consistently originating from either Amazon AWS EC2 instances in the US or “Bayer Business Services GmbH” in Germany, according to iplocation.net.

The question is how these image URLs are leaking out so that third parties are able to request them?

The URLs aren’t aren’t listed anywhere, so wouldn’t be found by any crawling/scraping process looking at the site. The fact that they include a uuid means that even if a third party had the base URL (the “https://<SERVER>/<root>/image” prefix) it would be pretty much impossible to guess a valid uuid to append.

My guess so far would be one of the following:

  1. The browser I’m using to monitor the site might be leaking request URLs to external parties, maybe for supposedly innocent reasons. However, I’m seeing these “URL leaks” whether I’m using Chrome or Firefox.
  2. Some other process on the monitoring PC is leaking request URLs, for example maybe Bitdefender shares a selection of request URLs with their servers for safety checking (blacklisting) purposes. However these leaked URL requests are often 1 or 2 days after the original valid request, so this would imply that Bitdefender (or other) would have to be saving URLs for days and re-testing later.
  3. Something on the server is leaking the URLs, which in practice would point the finger at Apache 2.4.x. That would seem like a major security loophole, if Apache was able to send out request URLs to external services. Very unlikely I’d have thought.

In practice the server is pretty well protected so these leaks are unlikely to cause real damage. Apache is Docker containerised, running under Linux, and fairly well isolated from the database and host. All web traffic is https, and unauthenticated requests are trapped and responded to with an http 404, so the Apache logs show a 404 for these “leaked URLs”.

Nevertheless this seems somewhat sinister, that either a browser, browser extension, or server component such as Apache could be pushing out request URLs to some unknown external third parties, who can then reissue those request URLs for unknown purposes.

Can anyone explain how this is happening?

macos – why I have no space on disk? are there some hidden files?

It seems to me that numbers don’t adds up:

df -ah

/Filesystem      Size  Used Avail Use% Mounted on
/dev/disk1s5    113G   11G   16G  41% /
devfs           194K  194K     0 100% /dev
/dev/disk1s1       -     -     -    - /System/Volumes/Data
/dev/disk1s4    113G  3.1G   16G  17% /private/var/vm
map auto_home      0     0     0    - /System/Volumes/Data/home

Looking at this it seems I should have almost 100GB free….
On the other side a diskamp with Cleaner One shows me that I use 82.4 GB…

It’s macOS catalina.

I’m confused

dnd 5e – Where is a secret chest hidden?

The spell Secret Chest says this:

You hide a chest, and all its contents, on the Ethereal Plane.

So, my question is: Where in the Ethereal Plane does the chest go?

Along the same lines, depending on the answer to that, is it possible for someone to travel through the ethereal plane to find a secret chest? I’m asking about this part as well because depending on where it’s hidden, it may be either easier or harder for someone to track down a secret chest.

layout – Show all 6 features on home screen, or only the main 2 with the rest hidden inside?

Yeah, It depends. Since you mentioned its on the “home screen”. It is better to keep all the 6 feature (here I assumed that these features can be clubbed in quick navigation like left hand panel in homescreen/dashboard).
But if you going to showcase all the feature in child page(), then it is better to show only few feature/option. just to focus on user goal