Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- JSON.STRINGIFY

  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...

   XSS,PHP,Security,Code,JavaScript     2012-08-27 20:32:08

  Top 10 Go Coding Traps and Tips

Go is currently the most common programming language in cloud development. Though I use it very much in my work, I am still repeating certain mistakes. This article is more a record of these errors, figuring out the causes and solutions so that people who read this article will save themselves time when coming across the same problems. Let’s cut through to the tips. Don’t rely on index var in the for loop The most common mistake we make is that we often create goroutine&nbs...

   TIPS,GOLANG,NIL INTERFACE     2021-07-03 23:45:51

  C Macro Tips and Tricks

Preprocessor vs Compiler To properly understand C macros, you must understand how a C program is compiled. In particular, you must understand the different things that happen in the preprocessor and in the compiler. The preprocessor runs first, as the name implies. It performs some simple textual manipulations, such as: Stripping comments. Resolving #include directives and replacing them with the contents of the included file. Evaluating #if and #ifdef directives. Evaluating #defin...

   C,Macro,Preprocessor,Trick     2012-05-01 06:49:05

  Sending message to Slack Incoming Webhook using PHP

Slack is a popular work collaboration tool and it provides many features which help teams collaborate. It has one function which allows sending messages to channels from external source such as your own web service -- Incoming Webhook. This is extremely useful when want to monitor something and get notified when some event occurs and it doesn't require complicated setup. To send messages using Incoming Webhook, a service URL has to be generated on Slack and then the message can be posted to this...

   PHP,CURL,SLACK,INCOMING WEBHOOK     2017-03-11 21:32:28

  Learning Server-Side JavaScript with Node.js

Node.js is all the buzz at the moment, and makes creating high performance, real-time web applications easy. It allows JavaScript to be used end to end, both on the server and on the client. This tutorial will walk you through the installation of Node and your first “Hello World” program, to building a scalable streaming Twitter server.What is Node.js?JavaScript has traditionally only run in the web browser, but recently there has been considerable interest in bringing it to the...

   JavaScript,Server side,Node.js.Implement     2011-09-20 13:33:15

  Fastjson just fixed a bug which might cause out of memory issue

Fastjson just fixed a bug which might cause service down a few days ago. This bug is caused by some mishandling of special character \x which is an escaped character to indicate hexdecimal number. The impact of this bug would be big if the attacker constructs a malicious data which would cause the service down.  The code which causes the issue is in com.alibaba.fastjson.parser.JSONLexerBase#scanString, when a JSON string is passed in, fastjson would parse the string character by c...

   FASTJSON,ALIBABA,BUG,NEWS     2019-09-07 06:03:49

  Popular Golang JSON libraries evaluation

JSON (Javascript Object Notation), a prevailing data exchange format, is widely used in various platforms and languages. Golang, of course, will never miss the support for JSON. And with its own standard library, such as those interfaces like the REST API from the API Service in Kubernetes, it can easily process JSON. Although Go’s library works great, we can still seek those open-source JSON libs in Github to maximize our efficiency. Then the features, performance, applicability of these ...

   FASTJSON,JSON LIB,JSON LIB COMPARISON,GO-JSON     2021-12-11 23:13:23

  PHP to integrate with Sign in with Google

Google has a huge user base and hence it provides an authentication service for third party service to integrate with them so that people can sign in with Google in their services. Google also adopts OAuth 2 to provide this kind of Open ID connect service. This post will introduce how to integrate with sign in with Google functionality in your PHP website.  Create a client app on Google The first step you should follow is to create a Google app, you can follow the post here to create the p...

   PHP,GOOGLE API,OPEN API,SIGN IN WITH GOOGLE     2019-03-03 02:00:09

  Lisp: It's Not About Macros, It's About Read

Note: the examples here only work with outlet lisp. Refer to your version of lisp/scheme’s documentation for how read works (and possibly other forms) I know it’s an old post by now, but something about the article Why I love Common Lisp and hate Java, part II rubbed me the wrong way. The examples just aren’t that good. The usage of macros is plain baffling, when a function would have been fine. The author admits this, but still does it. There’s a follow-up post wh...

   Lisp,Macro,Read,Java     2012-02-19 06:12:19

  Battlelog: Modern Web Applications are Here

It's the shooter season of the year and this fall was all about Modern Warfare 3 versus Battlefield 3. And being the kind of game they are they also try to keep their audience playing by introducing some additional level of engagement. Both Call of Duty and Battlefield introduced their own online community websites and statistic platforms. Call of Duty has Elite, Battlefield has Battelog.But just because these services are sitting in the same spot it does not mean they are in any way similar. An...

   Game,Call of duty,Elite,Battlelog,Web platform     2011-11-15 08:11:40

RECENT