Bloom filter alternative supporting deletion without false negatives

There are several alternatives to bloom filters that support deletion from the set, for example Cuckoo filters or Counting Bloom filters.

However, deleting an element from these data structures assumes that the element really is in the set. Deleting an element that is actually not in the set might introduce false negatives.

Is there a data structure that avoids this problem, trading it off against something else?

Can a Wizard select an alternative capstone?

More specifically, I’m building a Wizard and I’d like him to have the Perfect Body, Flawless Mind capstone (+8 Int).

I’m planning for him to be a diviner, specialized: Foresight, with the Pact Wizard (HH) archetype (that, as far I can tell, does not replace a wizard’s capstone, since a wizard does not have one to begin with), and wonder if it’d still be legal to get the alternative capstone.

Does the natural 20 from Forewarned (Divination school) count as a capstone?

At 20th level, anytime you roll initiative, assume the roll resulted in a natural 20.

If so, am I able to select the alternative capstone in its place (since it’s not an archetype)?

If not, could I do it as an universalist?

Relevant reference:

Alternative Capstone Ability

When a character reaches the 20th level of a class, she gains a powerful class feature or ability, sometimes referred to as a capstone. When a character reaches 20th level in this class, the following new ability can be selected instead of the standard 20th level class ability which would normally be gained. In some cases, a capstone specifies what ability it replaces. A character can’t select an alternative capstone if she has previously traded away her class capstone via an archetype. Clerics and wizards can receive a capstone at 20th level, despite not having one to begin with.

Are there alternative XP/Level Tables in 5e?

In an old tweet from Mearls, he states the Dungeon Master Guide would contain a "quick progression XP table" (as well as a slow progression, by the way). However, the section Experience Points (p. 260) of the DMG has nothing of sorts, and I do not remember seeing anything like that in the DMG. Instead, we have alternative ways of rewarding experience or levels, such as Milestones, but these aren’t clearly "slower" or "faster", they are entirely different approaches. Similarly, the other book that has lots of DM tools, Xanathar Guide’s to Everything, also does not contain any information on alternative slower/faster progressions (at least I could not find any).

However, a fast/slow, official/playtested table would still be interesting, from my point-of-view. There were campaigns where I wanted the PCs to level a little bit slower, and others I wanted them to level faster, and then I would just guess some numbers that made sense for me and work on it on the run, which is not the best approach for a problem usually.

So, is there any published table on Experience/Level, or, equivalently, Experience/CR (i.e., in a quick progression style, monsters with the same CR would reward more experience, and in a slower mode, less experience)? If not, was something like this printed in any Unearthed Arcana, at least?

Is there a way to start leveling Mystic Theurge at level 4 without alternative source or Mad Faith?

For backstory I was making a Grey Elf for a upcoming game. We’re starting at level 3 and the GM basically gave us a blank check of "No Dragon magazine, no Third Party, no Pun Pun". In this case No Pun Pun just meaning no memeibly stupid characters that crash the universe. The only other rules are nothing like flaws for feats or the like, but all feats, classes, and races are allowed more or less. Dragon rules out the normal cheese of alternate source, which arguably doesn’t work anyway. This leaves me with the only remaining option of Mad Faith. For anyone not aware its basically a divine version of precocious apprentice, gives you a 1st, 2nd, or 3rd (depending on a factor I’ll ask about later) divine spell. So I would meet all requirements as early as level 3. But there’s a problem. The feat requires a whole variant rule system from Hero’s of Horror, funnily enough the same book that gave us my divine class Archivist.

My plan was to go Grey Elf Wizard (UA transmutation Domain if that maters) 1st level for Precocious Apprentice, then two levels of Archivist, taking Mad Faith at 3rd level to get my 2nd level spell. But here comes the rub, I need Moderate Depravity (again a condition from HoH) to qualify and get the feat. Moderate Depravity isn’t something you can normally get from character creation, its something that just happens to you like CoC insanity. Running around with hallucinations that give me -6 to initiative and a excuse to act like i just drank cactus juice once in a while isn’t a problem for me but it means I’ll have to ask my GM for permission before the game to have madness from backstory reasons. I have a good feeling that he’ll say yes but i’d like to find a alternative if possible.

Race isn’t really flexible here because I was planning on taking a level in wildrunner for trackless step to qualify for Arcane Hirophant later. Though anything with a regional restriction is allowed and Alignments don’t matter unless you’re getting powers from a patron like a cleric. The plan on this is a character that eventually has 17/18 Wizard Archivist casting. Character concept is basically a magic obsessed Elf that wants to eventually learn everything, thus why he’s taking levels in the two classes with the most arbitrarily expansive spell access.

Things I’ve also considered: Bamboo Spiritfolk arguably works though trackless step as a racial instead of a class feature is a bit shaky for my taste, I’m not sure how that works by Raw, though it would let me skip Wildrunner and thus skip the feat and enter MT at level 5 for a end result of 17/19 Wizard Archivist. I also considered a Illumian Wizard/Rogue/Loredelver/Ur-Priest/Fochlucan Lyrist for a similar 9th level Arcane/Divine outcome but Druidic is a annoying requirement and the build doesn’t hit its stride until level 15 or so. Even if a level 20 character with 3 attacks and 9th level spells from two sources sounds fun.

Is a sorcerer with the domain-access alternative class feature considered both an arcane and a divine caster?

The alternative class feature Domain Access (Complete Champion, p. 52) reads, in part:

Choose one cleric domain. If you worship a specific deity, the domain you choose must be one to which your deity grants access. You gain the granted power of the chosen domain. In addition, you can cast one domain spell of each spell level available to you per day from that domain.

Does having access to the domain spells make a sorcer qualify for any prestige class that requires the PC to be a divine caster?

Is unicode character encoding a safe alternative for html encoding when rendering unsafe user input to html?

I am building a web application in which a third party library is used, which transforms the user input into JSON and sends it to an controller action. In this action, we serialize the input using the standard Microsoft serialize from the System.Text.Json namespace.

public async Task<IActionResult> Put([FromBody]JsonElement json) {     string result = JsonSerializer.Serialize(json); } 

However currently, the json is rendered back to the page, within a script block and using @Html.Raw(), which raised an alarm with me, when I reviewed the code.

While testing if this creates an opening for script injection, I added

<script>alert("HACKED");</script> 

to the input. This input is transformed into

\u003Cscript\u003Ealert(\u0027HACKED\u0027);\u003C/script\u003E 

when serialized.

This look fine. Rendering this to the page does not result code execution, when I tested that.

So, is unicode character encoding really a good protection against script injection, or should I not rely on it?

Is it conceivable that unicode encoding is lost somewhere during processing? Like (de)serializing once more, etc?

This seems like a question that has been asked and answered before, but I couldn’t find it.

getting no subject alternative name present exception when the csr shows that the SANs are present

I am trying to setup ssl for grpc but no matter what I try I get a no subject alternative name present. I’ve verified the SANs are in the certificate signing request. The common name and also a SAN are the ip addr. I am trying to connect using the ipAddr. The exception I get is

Caused by: java.security.cert.CertificateException: No subject alternative names present     at java.base/sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:137)     at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:96) 

The text of my csr follows:

sysadmin@rit5 san]$   openssl req -in my.csr -noout -text     Certificate Request: Data:     Version: 0 (0x0)     Subject: C=US, ST=TX, L=Austin, O=MYCOMPANY, OU=MYUNIT, CN=172.28.4.89     Subject Public Key Info:         Public Key Algorithm: rsaEncryption             Public-Key: (2048 bit)             Modulus:                 00:b9:1d:0c:80:ee:b3:20:06:df:6e:f1:04:e5:10:                 54:5d:70:07:fd:68:25:33:12:37:73:98:45:8b:35:                 ba:cf:9b:7c:63:82:0a:e2:16:0d:33:36:10:dd:b5:                 f9:21:da:04:8c:18:15:77:e2:65:72:e8:c9:6e:01:                 dc:47:48:53:ce:45:c9:a9:f1:9d:d0:0f:a7:cb:d5:                 5b:55:eb:b4:38:cb:50:5d:51:c2:bb:65:f6:76:09:                 76:8d:34:0a:c6:35:95:e3:0f:8f:71:be:73:22:78:                 84:26:4f:5e:d3:6a:2c:69:b4:57:e1:fc:37:47:e6:                 56:80:6c:bf:7a:97:78:20:17:22:d0:fc:c6:0c:17:                 0b:dc:23:8f:0e:8a:cb:48:6d:a6:0c:ce:4b:24:54:                 66:82:d0:29:dd:bf:5b:5f:cd:b8:f3:2f:3a:40:09:                 cd:84:6c:2f:74:60:74:e2:3a:13:b9:2e:5c:df:39:                 a3:47:07:96:5a:ed:be:14:71:42:58:6b:53:77:a2:                 af:0a:6d:c3:57:ba:e0:95:ed:55:78:2f:21:cc:af:                 95:e7:de:50:3d:7d:7e:29:4e:ed:bf:9e:14:36:0e:                 71:a3:e4:79:03:12:cd:55:c3:77:00:0f:02:2d:d1:                 e6:2f:a5:b0:3e:62:76:4e:bd:2a:33:56:76:8f:8d:                 2f:b5             Exponent: 65537 (0x10001)     Attributes:     Requested Extensions:         X509v3 Key Usage:              Key Encipherment, Data Encipherment         X509v3 Extended Key Usage:              TLS Web Server Authentication         X509v3 Subject Alternative Name:              DNS:172.28.4.89, DNS:rit5.mycompany.com, DNS:rit5 Signature Algorithm: sha512WithRSAEncryption      17:18:63:dc:d9:84:90:da:de:b6:8e:82:ce:84:6a:a3:5d:11:      87:37:2b:e7:56:6e:e5:ea:42:11:4c:8f:66:28:8b:44:4f:0a:      b9:89:d9:67:86:f4:0f:8a:44:b8:b2:87:62:65:c2:9c:7a:08:      bf:74:4a:b3:f4:35:82:45:50:7f:3f:ab:c4:97:60:59:99:8c:      8e:8b:12:0f:3b:dd:2a:6d:a9:be:06:8a:70:e7:e6:08:22:57:      89:e8:c0:86:f1:26:dc:23:08:aa:ab:2f:07:0d:0b:78:0b:3d:      d9:ce:ac:92:32:80:81:18:25:17:d4:04:22:e2:f9:f2:96:b1:      be:76:96:0c:70:39:cf:64:d3:7d:66:b9:f8:b5:20:18:17:66:      a4:f8:26:a7:02:42:0e:9f:6f:1e:4c:19:1d:d5:19:7b:17:0c:      64:45:34:d0:12:af:e1:8e:9d:e1:ce:84:49:54:87:78:c9:ba:      10:f0:65:5b:0e:f4:4f:3f:91:de:cc:46:36:fa:45:ff:0d:7a:      a4:c7:9b:b7:82:f6:b0:3b:c4:f3:9f:45:94:43:a8:ad:ae:e2:      e2:a2:66:59:d1:5e:b2:ee:a6:55:90:27:4c:57:c8:04:4b:30:      bd:02:bf:e5:3e:7c:b1:c6:0f:04:50:f5:96:76:37:bb:ed:7a:      ba:3c:7c:07 

The config file I used to create the csr and key is here

[req] distinguished_name = req_distinguished_name req_extensions = v3_req prompt = no  [req_distinguished_name] C = US ST = TX L = Austin O = MYCOMPANY OU = MYUNIT CN = 172.28.4.89  [v3_req] keyUsage = keyEncipherment, dataEncipherment extendedKeyUsage = serverAuth subjectAltName = @alt_names [alt_names] DNS.1 = 172.28.4.89 DNS.2 = rit5.mycompany.com DNS.3 = rit5 

To generate the csr I used the following command

openssl req -new -out my.csr -newkey rsa:2048 -nodes -sha512 -keyout my-private-key.pem -config ssl.ext 

To self sign it used the following command

 openssl x509 \         -signkey my-private-key.pem \         -in my.csr \         -req -days 365 -out my-public-key-cert.pem 

I’m at my wits end. Any help would be appreciated. The certificate is generated without the SANs.

Certificate:     Data:         Version: 1 (0x0)         Serial Number:             c7:af:ad:c2:98:be:7b:c1     Signature Algorithm: sha256WithRSAEncryption         Issuer: C=US, ST=TX, L=Austin, O=MYCOMPANY, OU=MYUNIT, CN=172.28.4.89         Validity             Not Before: Jun  5 20:26:00 2020 GMT             Not After : Jun  5 20:26:00 2021 GMT         Subject: C=US, ST=TX, L=Austin, O=MYCOMPANY, OU=MYUNIT, CN=172.28.4.89         Subject Public Key Info:             Public Key Algorithm: rsaEncryption                 Public-Key: (2048 bit)                 Modulus:                     00:b9:1d:0c:80:ee:b3:20:06:df:6e:f1:04:e5:10:                     54:5d:70:07:fd:68:25:33:12:37:73:98:45:8b:35:                     ba:cf:9b:7c:63:82:0a:e2:16:0d:33:36:10:dd:b5:                     f9:21:da:04:8c:18:15:77:e2:65:72:e8:c9:6e:01: