Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Explanation

  Web Security: In-Depth Explanation of X-XSS-Protection

What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...

   X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP     2023-11-29 01:48:40

  Leaving comments in real life

As a programmer I like to write comments because I know that some future person (often me) is going to need to know something about my code that won't be immediately obvious from reading it. Here's a recent example from my homebrew display's code:// protocol_init: Set up a newly powered-on string of lights.  The lights are arranged// in an array wired diagonally starting from the bottom left.  For ease of programming// it's better if they are given numbers which correspond to coor...

   Comment,Programming,Style,Format,Coding standard     2011-11-15 11:42:19

  Understanding the "this" keyword in JavaScript

Many people get tripped up by the this keyword in JavaScript. I think the confusion comes from people reasonably expecting this to work like “this” does in Java or the way people use “self” in Python. Although this is sometimes used to similar effect, it’s nothing like “this” in Java or other languages. And while it’s a little harder to understand, its behavior isn’t magic. In fact, this follows a relatively small set of simple rules. This...

   JavaScript,this,understanding     2012-03-29 13:48:59

  Understand Virtual DOM

With the popularity of React, the internals and implementation of Virtual DOM has becoming top discussed topic in tech communities and interviews. This post will give an introduction of Virtual DOM and how to implement a simple Virtual DOM logic. How to understand Virtual DOM In early days, front end developers would update a webpage view based on the data status change(usually after making AJAX call). But it brings performance penalties when there is frequent update as it would cause page reflo...

   JAVASCRIPT,DOM,VIRTUAL DOM     2019-12-07 23:43:04

  Do You Make These 5 Database Design Mistakes?

Look, everyone makes mistakes. It’s true. But not all of us have the chance to make mistakes that end up costing millions of dollars in hardware and production support costs. Any one of the following five mistakes listed below will add additional costs to your company. It’s guaranteed. The costs could be hardware related (extra disk space, network bandwidth), which tend to add up quickly. The costs are also support related (bad performance, database re-design, report cre...

   Database design,Mistake,Advice,Data type,Compatibility     2012-01-03 11:25:13

  Why is single threaded Redis so fast

Redis is a high-performance, in-memory key-value database. According to official test reports, it can support around 100,000 QPS (queries per second) on a single machine. However, Redis uses a single-threaded architecture in its design. Why does Redis still have such high performance with a single-threaded design? Wouldn't it be better to use multiple threads for concurrent request processing? In this article, let's explore why Redis has a single-threaded architecture and still maintains its spe...

   REDIS,SINGLE-THREADED,MULTI-THREADING     2023-02-28 05:16:22

  When to use STDERR instead of STDOUT

Every process is initialized with three open file descriptors, stdin, stdout, and stderr. stdin is an abstraction for accepting input (from the keyboard or from pipes) and stdout is an abstraction for giving output (to a file, to a pipe, to a console). That's a very simplified explanation but true nonetheless. Those three file descriptors are collectively called 'The Standard Streams'. Where does stderr come from? It's fairly straightforward to understand why stdin and stdout exist, however ...

   UNIX,STDERR,STDOUT,Difference     2012-01-14 12:07:43

  Why Dynamic Programming Languages Are Slow

In a statically typed language, the compiler knows the data-type of a variable and how to represent that. In a dynamically-typed language, it has to keep flag describing the actual type of the value of the variable, and the program has to perform a data-dependent branch on that value each time it manipulates a variable.  It also has to look up all methods and operators on it. The knock-on effect of this on branching and data locality is lethal to general purpose runtime performance. T...

   Dynamic language,Slow,Analysis     2012-03-26 15:33:11

  php://input in PHP

When using xml-rpc, server side will get the data from client with php://input method instead of $_POST. Hence today we will discuss php://input. PHP official manual has below explanation to php://input: “php://input allows you to read raw POST data. It is a less memory intensive alternative to $HTTP_RAW_POST_DATA and does not need any special php.ini directives. php://input is not available with enctype=”multipart/form-data”. Here we und...

   php://input, IO, input     2013-02-25 20:43:00

  The mystery of Duqu Framework solved

The Quest for Identification In my previous blogpost about the Duqu Framework, I described one of the biggest remaining mysteries about Duqu – the oddities of the C&C communications module which appears to have been written in a different language than the rest of the Duqu code. As technical experts, we found this question very interesting and puzzling and we wanted to share it with the community. The feedback we received exceeded our wildest expectations. We got more than 200...

   Duqu,Code mystery,OO C,C++     2012-03-21 09:29:18

RECENT