SEARCH KEYWORD -- HTTP request
UIWebView Secrets - Part1 - Memory Leaks on Xmlhttprequest
My first blog post on iphone subject reveal a big memory bug when using UIWebView component. This is the (only one) component to display some HTML content in an iphone interface. UIWebView object has a lot of differents issues and I’m going to highlight the biggest of them. Actually, all XMLHttpRequests used in javascript code are fully leaking!!! I mean when you do a request that retrieve 100ko of data, your memory used grow up for 100ko! This bug is not always active, but almost always....
XMLHttpRequest,Memory leak,Mobile device,UIWebView 2011-11-25 13:46:30
The war with spam comment
Spam comments are annoying and notorious. They are either malicious data from hackers to exploit the loopholes of the site or advertisements posted by robots. These kinds of comments have their own features and patterns, if we are careful enough, we can find ways to block most of them although it's not so easy. To block the comment with malicious executable codes such as JavaScript, we should remember one rule : never trust user input. So wherever there are user inputs, we need to check the vali...
Spam comment,Block,Filter 2013-11-29 20:29:43
SameSite attribute in cookie
Starting from Chrome 51, a new attribute SameSite has been introduced for browser cookie. This attribute is to prevent CSRF attack. Cookie is normally used to store data exchanged between client and server. It frequently stores user login information. If a malicious website can forge a HTTP request with the valid third party website cookie, it may be called a CSRF attack. For example, if a user logins to a bank website your-bank.com, the bank server responds a cookie: Set-Cookie:id=a3fWa; L...
JAVASCRIPT,COOKIE,SAMESITE,CHROME,CSRF 2019-09-14 04:57:51
Use Java ThreadLocal with caution
According to Oracle documentation, ThreadLocal is a class provides thread-local variables. These variables differ from their normal counterparts in that each thread that accesses one (via its get or set method) has its own, independently initialized copy of the variable. ThreadLocal instances are typically private static fields in classes that wish to associate state with a thread. In short, ThreadLocal variables are variables belong to a thread, not a class or an instance of a class. One common...
JAVA,MEMORY LEAK, THREADLOCAL 2015-11-03 07:31:57
Introduction to OAuth (in Plain English)
Last week we talked about giving away your passwords and how you should never do it. When a website wants to use the services of another—such as Bitly posting to your Twitter stream—instead of asking you to share your password, they should use OAuth instead. OAuth is an authentication protocol that allows you to approve one application interacting with another on your behalf without giving away your password. This is a quick guide to illustrate, as simply as possibl...
Security,OAuth,Permission,Partial access 2012-04-05 11:39:54
A mini post on GoLang context
In a GoLang web server, every request coming in will be handled by a goroutine. In the request handler, the logic may also need to create new goroutine to handle other tasks like RPC call. When the request is processed and response is returned, these goroutines created need to be exited so that no goroutine leak should happen. package main import ( "fmt" "log" "net/http" ) func main() { http.HandleFunc("/echo", func(w http.ResponseWriter, r *http.Request) { fmt.Println(&r) w.Write(...
How to play with cross domain request
What is cross domain request In simple, cross domain request is to request resource from other domain in one domain. Note, the "other domain" doesn't just mean domain name only, it includes much more. If the protocol, domain name, port is not the same, two domains will be considered different. Below example describes what is considered as different domain. http://www.a.com/a.jshttp://www.a.com/b.js # Same domainhttp://www.a.com/lab/a.js &nb...
FRONT END,JSONP,CROSS DOMAIN,CROSS ORIGIN,CORS,DOCUMENT.DOMAIN,WINDOW.NAME 2016-11-06 00:48:54
What you may not know about PHP session
When we access one website, the site usually should have a mechanism to keep track of the status of the user on the site. There are a few mechanisms supported by many server side languages to help track user status such as session and cookie. Today we will talk about session, when creating a session, we need to keep track of many data, besides user data, we also need to tell the server what is the timeout of the session so that we can garbage collect the session data which should not be stored a...
PHP session,session timeout,example 2013-07-06 08:44:18
A mini guide to HTTP referer
In HTTP header, there is a field named Referer which is to provide the referrer of the current accessed page. In this post, we will introduce the usage of HTTP referer field. On the web, when a user visits a webpage, s/he must be from some place. This place is usually referred a s referer. This information is very important to some website operators and server owners as they want to know where they get the traffic from and this helps them provide better service for potential targeted users. In t...
HTML,HTTP REFERER,REFERRERPOLICY 2019-06-29 02:23:25
High performance web apps with C++
It is Christmas over here, and it is time of giving. So I decided to give something back to the community. I guess this is as old as web programming itself. Trying to create C++ web framework. If you search on the web, you can find dozen of guys that had exactly the same idea. I am not different. For one of the previous projects(discontinued now) I created simple web framework in C++. If you like to hack in C++, here it is. Code is provided as-is, as part of larger application. You can ex...
C++,Web apps,Web framework 2012-01-08 10:06:48
RECENT
- The Role of Coding Skills in Advancing Tech Careers
- Tips for Socializing With Friends During College
- Proximity Cards Do More Than Just Open Doors
- How to choose quality painted auto parts
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- A journey to investigate a goroutine leakage case
- Understanding Slice Behavior in Go
- Breaking Barriers: How 3D Printing is Democratizing Product Development
- more>>