Today's Question:  What are you most afraid of as a programmer?        GIVE A SHOUT

SEARCH KEYWORD -- security



  JavaScript cross domain request solution


1. What is cross domain? We may often using AJAX to request data from other domain, now we will have cross domain request issues. It's because JavaScript only allows to request data from the same domain because of security consideration. In short, same domain strategy means a piece of code can read data from the same source, the same source here means the combination of the same domain, protocol and port number. For example: URLDescriptionAllow communication? http://www.a.com/a.js http:/...

   AJAX,cross domain,security     2013-03-13 20:04:52


  Here is what XcodeGhost author says


The first compiler malware in iOS was disclosed by Chinese iOS developers on Wednesday(Beijing time). The name of this malware is XcodeGhost as described by Alibaba researchers who released the analysis of this malware.  The malicious code is located in a Mach-O object file that was repackaged into some versions of Xcode installers. These malicious installers were then uploaded to Baidu’s cloud file sharing service for used by Chinese iOS/OS X developers. Xcode is Apple’s offic...

   IOS,SECURITY,XCODEGHOST,APP STORE,APPLE     2015-09-18 20:51:38


  Is Facebook becoming Tencent like?


Recently there is news that Facebook is developing a Reader application which is to compete with Flipboard and Pulse. This reminds me a few movements of Facebook in the past few months. First they built a copy of Snapchat named Poke which failed badly at last. Then they launched a new feature on Instagram named Video on Instagram which allows users to shoot and share short videos up to 15 seconds. This feature is to compete with Vine from Twitter. It seems Instagram wins over Vine on this. You c...

   Facebook,Tencent,Copy     2013-06-24 01:17:27


  GO AHEAD, SELL MY DATA


More and more I see articles popping up that bash social networks for "violating" our privacy and selling our information to advertisers. Inevitably, Facebook has been at the center of many of these "scandals". Today on HN I came across this interviewwith Disconnect co-founder Casey Oppenheim and I just don't get it.In it, he bashes Facebook (and other online advertisers) for using our information in order to serve up targeted ads. He points out that many of the " “free” services aren...

   Social network,Facebook,Privacy,Data,Ads     2011-10-19 14:12:08


  Want to install 64 bit OS on VirtualBox?


By default, VirtualBox only allows to install 32 bit OS on it. But sometimes, 64 bit OS is wanted for specific uses such as running platform specific tests. To allow installing 64 bit OS on VirtualBox. Below information is needed. Here is the official documentation about 64 bit OS: VirtualBox supports 64-bit guest operating systems, even on 32-bit host operating systems, provided that the following conditions are met: You need a 64-bit processor with hardware virtualization support (see the ...

   VirtualBox,64 bit,hardware virtualization,Ubuntu     2014-11-08 03:52:07


  Remove browse button from input type=file


In Web 2.0 era, many websites will ask the user to upload their avatar when creating their profile. In HTML, the input control we should use is input="file". This is a file control provided by the browser vendor and it should be ran in a sandbox for security consideration. Browsers don't provide ways to choose file from local and upload to the remote server without the input="file" control.  There is one annoying part about the input="file", which is a default button named "Choose File" or...

   file,html,browse,remove browse button     2015-07-12 05:17:51


  Hacking Vs. Programming


What is the difference between Hacking and programming? One opinion I have heard expressed is that a hacker can put a lot of code together in a hurry but if a change is needed the code has to be completely rewritten. A programmer may take a little longer but if changes are needed they are more quickly and easily installed without the need for a complete rewrite. One source I heard attributed an observation like this to Maggie Johnson of Google. It rings true to me though. Hacking is usual...

   Hacking,Programming,Coding style     2012-04-23 06:09:24


  Developing an eCommerce Website? Here are 4 Things to Keep in Mind


  When it comes to Web development, it is a complicated process. There is a plethora of facets to assess, from performance to user experience. As far as building an eCommerce site is concerned, it is quite a challenging task. Most of the users tend to visit the website in order to gather information about and purchase products. For this reason, a Web Application Development Company tries its best to make this process intuitive and effortless. Besides considering usability, there are some po...

       2015-12-22 05:28:33


  Why should we drop or reduce use of MD5?


MD5 is a frequently used one-way hash algorithm, it is commonly used in following situations: Check data integrity. We take hash of the data stored in two different places and compare them. If the hash results are the same, then there is no need to check the actual data. This utilizes the collision-resistant feature. Two different data block will have little chance that their hash values will be the same. Many data service providers use such technique to check repeated data to avoild repeating...

   MD5,Vulnerability,attack     2012-09-29 04:47:49


  How One Missing `var` Ruined our Launch


Well, that was a veritable shitstorm (sorry for the language).  Long story short, MelonCard was featured today on TechCrunch (along with other500Startups companies, also on VentureBeat, Forbes, …) and everything broke all at once.  Every. little. thing.  We had rolled out a huge change to MelonCard over the last few days to make our site a seamless “everything just updates” look-good / feel-good product using NodeJS long-polling w...

   JavaScript,NodeJs,jQuery,Variable,Scope,Global     2011-11-02 13:01:22