Does the optional Overrun rule override the creature size requirements?

The standard moving through creatures spaces rules state that in order to do this, a creature must be two sizes larger than the one they want to pass through.

The optional overrun rules in the DMG (chapter 9) now require a roll, but does it remove the size differential as well and completely replace the rules around moving through other creatures?

Prime sphere requirements to use Tass in Mage 20th Anniversary Edition

I’m confused about what level of Prime is required to use Tass in the Mage 20th Anniversary Edition rules.

In the main rulebook the following statements are made:

M20 Rulebook:

  • p 332: “To absorb Quintessence energy from the materialized Quintessence of Tass requires Prime 3.”

  • p 520: Prime 1 sphere description says: “A beginning study of Prime allows the mage to perceive and channel Quintessence from Nodes, Tass, …”

  • p 520: Prime 3 sphere description says: “… the Prime-skilled mage can draw both free and raw Quintessence from Nodes, Junctures (special times) and Tass …”

How do you DO That Rulebook says:

  • pp. 43-45: “Any mage with an Avatar Background cab absorb that Background’s worth of Quintessence from a Node or Tass …”

First off – are there ways to use Tass other than absorbing the Quintessence into your pattern? Can you spend Tass to gain Quintessence effects like lowering the difficulty of a roll without absorbing it into your pattern?

And with regard to what levels of Prime are required to do these things, I can see support for any of these positions:

  1. You don’t need any Prime at all to absorb Quintessence from Tass into your pattern, as “Any mage with an Avatar Background” can do it (How do you DO That pp. 43-45)
  2. You need Prime 1, as the description for that sphere says Prime 1 allows you to channel Quintessence from Tass. (M20 p. 520)
  3. You need Prime 3, as that is stated on M20 p. 332 and p. 520 explicitly

I have reviewed other answers at: How does the Prime Sphere affect gaining and storing Quintessence in M20? but it left me more confused than enlightented.

From a gameplay perspective, requiring Prime 3 to use Tass seems to defeat much of the purpose of Tass – as it can’t be readily exchanged between mages as portable Quintessence unless they have Prime 3.

Do the attunement requirements of the Hammer of Thunderbolts make it situational?

The properties of the Hammer of Thunderbolts seem to suggest to me that (for the vast majority of the time) the player owning this item will not have it attuned. How do you rule on the current attunement status of this item, given that players will almost certainly not “live” in their Gauntlets of Ogre Power?

You must be wearing a belt of giant strength (any variety) and gauntlets of ogre power to attune to this weapon. The attunement ends if you take off either of those items.

I can certainly see very specific cases say for example when the owner takes a specific short rest prior to entering the tower to specifically re-attune the weapon, but what about for encounters where there is less opportunity to plan. What about encounters that happen several hours after a short rest where the player might reasonably have been expected to take their gauntlets off to eat, drink, shake hands, wipe their brow, read a map, go to the bathroom…

I’m not asking about whether the gauntlets must be attuned to, as I believe that question has been settled and only wearing them is required. See this unofficial tweet by rules designer Jeremy Crawford from January 2018:

Hammer of thunderbolts has a special property that requires you to be wearing two other specific magic items. The text of hammer of thunderbolts doesn’t say you must be attuned to them.


How should I rule on the current attunement status of this item, given that players will almost certainly not “live” in their Gauntlets of Ogre Power?

Does the Thief rogue’s Use Magic Device feature let them ignore class, race, and level requirements on attuning to magic items?

The Artificer’s Magic Item Savant feature states (E:RftLW p. 58, WGtE p. 180; emphasis mine):

[…] You ignore all class, race, spell, and level requirements on attuning to or using magic items.

In contrast, the Thief rogue’s Use Magic Device feature merely states:

[…] You ignore all class, race, and level requirements on the use of magic items.

The Use Magic Device feature doesn’t mention ignoring requirements on attuning to magic items, only on using them. It seems like that would mean a Thief rogue can not attune to a magic item if it has a specific requirement on who can attune to it (e.g. the holy avenger).

Does the Use Magic Device feature let a Thief rogue ignore class, race, and level requirements on attuning to magic items?

How do “alignment” subtypes interact with magic item alignment requirements?

Let’s say we have a LG succubus (who therefore has the chaotic and evil subtypes). A nine lives stealer would be a bad weapon for her, since it bestows negative levels to good wielders, and her alignment is good.

But what about the other way around? Both the chaotic and evil subtypes say that the creature suffers effects according to their “subtype alignment”, so I’d guess a sun blade would also cause her to suffer the effect of a negative level. Using a magic item with alignment-based requirements, however, isn’t covered by the subtype rules.

So as one example, could the LG succubus use an enveloping pit (MiC p.159) in the following way?

If you are lawful evil, lawful neutral, or neutral evil, an enveloping pit functions like a portable hole, except that it is 50 feet deep.

She is lawful, but is she considered evil for this purpose? What about a fiendhelm (MiC p.99), which explicitly requires the user be “evil-aligned”, but lacks any requirements along the law-chaos axis?

I couldn’t find any examples of such an item, but what if she wanted to wield something that only required the user to be “evil”, but didn’t have the world “aligned” attached to that requirement?

Session Management Verification Requirements from ASVS 3.0.1 and SOAP web services

I am working on a new project with a team of developers. The SOPA web services will be the main channel to publish the services.
I’d like to make secure those services from the begging and give the developers the guidelines on how to securely develop. I’d like to assign requirements from chapter “Session management verification” of OWASP ASVS 3.0.1 for SOAP web services. But those requirements are specialized for the Web application. So could you advise me which one of them are adequate for SOAP?

When Contingency is cast, what are the contingent spell’s material requirements?

I thought of this looking at this question, where contingency is used to cast revivify (which consumes 300 gp worth of diamonds). A more common example would be stoneskin, which consumes 100 gp worth of diamond dust.

The spell contingency reads, in part:

Choose a spell of 5th level or lower that you can cast, that has a casting time of 1 action, and that can target you. You cast that spell—called the contingent spell—as part of casting contingency, expending spell slots for both, but the contingent spell doesn’t come into effect. Instead, it takes effect when a certain circumstance occurs…

The contingent spell takes effect immediately after the circumstance is met for the first time, whether or not you want it to, and then contingency ends…

If you cast this spell again, the effect of another contingency spell on you ends. Also, contingency ends on you if its material component is ever not on your person.

Contingency says that you cast the contingent spell. Full stop. As long as you satisfy the listed requirements, the spell gets cast, and the contingency is set. The listed requirements are: it’s a level 5 or lower spell; you can cast it; it has a casting time of 1 action; it can target you.

How is the material requirement for revivify handled? Is the 300 gp worth of diamonds consumed when the contingency spell is cast? What happens if someone swipes your 300 gp worth of diamonds part way into the casting of contingency?

Is the general idea that you have to burn a material component every time you set the contingency, whether it’s triggered or not?

What happens if one no longer meets the requirements for an attuned item?

So, I have a question that’s sort of a what-if situation that applies to many different situations, but what happens if the requirements to attune to an item are lost while that item is attuned to you?

For example, say my lawful evil Paladin has Scather, the lawful-evil sword of answering and draws the Balance card from the deck of many things. Now, Scather requires attunement to a lawful-evil person, and balance causes his alignment to become opposite to what it used to be, now becoming Chaotic-Good with Scather still attuned as this happens. Does Scather automatically unattune, or does it remain attuned?

This can also be applied to other attunement requirements such as race and ability scores

Is it a valid or acceptable practice to develop a separate page to meet accessibility requirements?

I recently visited some websites that seems to be using either deprecated technology (e.g. Flash) or contain a lot of complex front end javascript code to create the interaction of the user interface.

Some of these websites provide a link or button that takes you to a accessibility mode page which strips all the unnecessary features and provide just the content that is optimised for screen readers and provide other accessible features (e.g. keyboard navigation).

With accessibility being such a big focus today, and inclusive design slowly being incorporated into many of the standard design systems, is it still seen as an acceptable practice to provide a separate page to meet accessibility guidelines (i.e. WCAG 2.0)? Are there other reasons why this might be a better strategy/option in the current design and development culture?