SEARCH KEYWORD -- UNSAFE
The hidden risk of passing slice as function parameter
In Go's source code or other open source libraries, there are lots of cases where a slice pointer is passed to function instead of slice itself. This brings up a doubt why not passing slice directly as its internal is backed by an array pointer to point to underlying data? For example, in log package, the formatHeader function takes a parameter buf as type *[]byte instead of []byte. func (l *Logger) formatHeader(buf *[]byte, t time.Time, file string, line int) {} Let's understand the r...
GOLANG,SLICE,SLICE POINTER 2020-12-13 06:11:14
A mini guide to HTTP referer
In HTTP header, there is a field named Referer which is to provide the referrer of the current accessed page. In this post, we will introduce the usage of HTTP referer field. On the web, when a user visits a webpage, s/he must be from some place. This place is usually referred a s referer. This information is very important to some website operators and server owners as they want to know where they get the traffic from and this helps them provide better service for potential targeted users. In t...
HTML,HTTP REFERER,REFERRERPOLICY 2019-06-29 02:23:25
What can .htaccess file do?
A .htaccess file is a directory-level configuration file supported by several web servers, that allows for decentralized management of web server configuration. What can a .htaccess file do? We summarized some of them here. Hope it may help you. 1. Timezone settingSometimes when you use date() or mktime() functions in PHP, , it may display some weird information because of the timezone difference. For example, one possible warning is :Warning: date(): It is not safe to rely on the syste...
Web Security: In-Depth Explanation of X-XSS-Protection
What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...
X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP 2023-11-29 01:48:40
The Web Is Wrong
The Analogies Are Wrong Originally, web pages were static documents, and web browsers were static document viewers; there was text, some formatting, and images—if you could pay for the bandwidth to serve them. Hyperlinks were the really big thing, because they were the main point of user interaction—but what a powerful thing they were, and still are. Then along came CGI and Java, and the web was transformed: all of a sudden, a web browser became a way to serve interactive co...
Web,Feature,Static document,CSS,Text 2011-12-31 15:43:53
Why is single threaded Redis so fast
Redis is a high-performance, in-memory key-value database. According to official test reports, it can support around 100,000 QPS (queries per second) on a single machine. However, Redis uses a single-threaded architecture in its design. Why does Redis still have such high performance with a single-threaded design? Wouldn't it be better to use multiple threads for concurrent request processing? In this article, let's explore why Redis has a single-threaded architecture and still maintains its spe...
REDIS,SINGLE-THREADED,MULTI-THREADING 2023-02-28 05:16:22
bcrypt: Safeguarding Passwords with Strong Hashing and Adaptive Security
Introduction In today's digital world, passwords play a crucial role in protecting personal privacy and information security. Passwords are the most commonly used means of authentication because they are simple yet effective. Password security is the cornerstone of cybersecurity and plays a fundamental role in safeguarding the information security of individuals and organizations. However, with the increasing frequency and complexity of cyberattacks, traditional password hashing algorithms like ...
What is goroutine?
Casual Talk Golang is quite enjoyable to write, aside from the tedious if err != nil checks. One of the fundamental reasons for the joy is goroutine, a core feature of Golang. Understanding goroutines in detail is worthwhile, as they contribute significantly to the pleasure of working with Golang. So, let's talk about goroutines, hoping to provide some insights to the readers. TL;DR: We'll start by talking about assembling a computer, then delve into some concepts of the operating system, such ...
EXPLANATION,GOLANG,GOROUTINE 2024-01-21 03:26:10
FUCK PASSWORDS
I'm so tired of passwords. So, so, so tired. Most people don't understand this. Most people use the same password everywhere. Most people can just mechanically type out password3 in every password box, smirking to themselves at how clever they are, because who would ever guess 3 instead of 1? I don't do that. Let me tell you what i do. I generate a different password for every service, based on a convoluted master password and the name of the thing. I do this because it's what you're...
Security,Password,Random generation,Hard to remember 2011-12-05 11:32:45
Popular Golang JSON libraries evaluation
JSON (Javascript Object Notation), a prevailing data exchange format, is widely used in various platforms and languages. Golang, of course, will never miss the support for JSON. And with its own standard library, such as those interfaces like the REST API from the API Service in Kubernetes, it can easily process JSON. Although Go’s library works great, we can still seek those open-source JSON libs in Github to maximize our efficiency. Then the features, performance, applicability of these ...
FASTJSON,JSON LIB,JSON LIB COMPARISON,GO-JSON 2021-12-11 23:13:23
RECENT
- Streamlining the Project Invoicing Process: Tools and Strategies
- Performance comparison of string concatenation in Go language
- Why init() is not recommended in Go
- The Role of Coding Skills in Advancing Tech Careers
- Tips for Socializing With Friends During College
- Proximity Cards Do More Than Just Open Doors
- How to choose quality painted auto parts
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- more>>