SEARCH KEYWORD -- CASE


  A serious security vulnerability found in MySQL/MariaDB

Recently a serious security vulnerability was found in MySQL/MariaDB. It relates to the access to the database. The issue is described below.When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value. Because of incorrect casting, it might've happened that the token and the expected value were considered equal, even if the memcmp() returned a non-zero value. In this case MySQL/MariaDB would think that the p...

   MySQL,MariaDB,bug,fix,password,memcmp()     2012-06-11 10:28:09

  Ways to undo wrong Git operations

While using Git to version code, programmers would inevitably perform some invalid operations which are not expected. Sometimes it's difficult to deal with this kind of awkward situations. If the programmer chooses to undo the operation, the programmer needs to bear the risk of deleting something which is not supposed to be deleted if the undo is done improperly. If the programmer leaves it as is, the file needs to be updated again manually with a new commit. In this post, we will try to pr...

   GIT,GIT COMMIT,GIT RESET     2018-07-07 03:28:21

  4 ways to obtain access token in OAuth 2.0

OAuth 2.0 is an authorization mechanism, it's ,mainly used for issuing access token. There are 4 ways to obtain access token as per RFC 6749. Authorization code Implicit Password Client credentials The third party application must obtain a client id and client secret from the target service before obtaining access token no matter which method to use. This is to prevent token to be used maliciously. Authorization code With this method, the third party application must first get an authorization...

   OAUTH2,ACCESS TOKEN,REFRESH TOKEN     2019-06-29 07:12:03

  Service discovery with etcd

In previous post, we have talked about etcd and its usage. This post we will cover how to implement server discovery with etcd. Service discovery is to solve one of the most commonly seen scenarios in distributed system where how to find the corresponding target service to talk to. In short, it is to find some server which one can talk to based on some service name. A complete service discovery system include below three key functions: Service registration: A service must register itself to so...

   ETCD,SERVICE DISCOVERY,DEMO,TUTORIAL     2021-03-08 05:36:29

  Data as code

What is a good command line parser API? A good command line parser should consider below 5 aspects: Support convenient help information generation Support sub commands, for example, git has push,pull,commit sub commands. Support single character option, word option, flag option and option with parameter. Support default option, for example, if no -port is set, set it as 5037 Support usage model, for example, tar's -c and -x is mutually exclusive, they belong to different usage models. Here are...

   Command line,API     2013-08-08 22:40:36

  TikTok confirms to sue US government

TikTok confirmed on Saturday to sue US government and US president Donald Trump over Trump administration's executive order on potentially banning TikTok in US. This Chinese short video app is the most downloaded app on App Store and PlayStore over past few months and has gained extremely high popularity among American youths. The parent company ByteDance claimed that the government's ban is illegal and hurts the interests of America people. "Even though we strongly disagree with the administra...

   BYTEDANCE,TIKTOK,US GOVERNMENT     2020-08-22 22:27:29

  Pandora's killer--iTunes Radio

As expected, this year's WWDC may make many people happy, but also doomed to make many start-up companies sleepless. iTunes Radio is such a product creates insomnia. In WWDC, iTunes Radio was released on schedule and it becomes Apple's new music service. iTunes Radio is a music stream service which can learn your taste, it can recommend your music based on what you heard and you're listening to. From the conference we can see this new service can access the entire iTunes catalog, i.e, there wil...

   iTunes Radio,iRadio,Apple     2013-06-10 23:19:23

  Undefined property or variable in JavaScript

JavaScript is a weak type language, and also you can use a variable or property where it's undefined. If we don't have correct ways to check whether a property or variable is defined, we may get unexpected results when we try to access the,. How can we check whether a property or variable is undefined? This is actually a somewhat tricky question. Let's start off with some facts about undefined and then see what kind of function is consistent with the ones we care about. JavaScript attaches type...

   Property,Undefined,Array,JavaScript     2014-07-24 06:56:07

  Supervisord, God and Monit, which one to choose?

With the popularity of Docker, more and more service have been moved into docker containers and they are easy to build up and maintain for each atomic service(though it's a bit complex to maintain multiple docker containers which contain different service to form a complete solution). Ideally, each docker container should only contain one service which has only one running process. However, in reality there would be cases multiple processes would run in one single docker container and there is a...

   DEVOPS,MONIT,SUPERVISORD,GOD,DOCKER     2017-11-25 12:28:11

  Regular expression to get html meta description

When we need to process a HTML page source code, we often need to retrieve the meta description of the page besides the links in the page. This description is usually located in <meta> tag of a HTML page. The meta description is very useful for search engine index. How can we retrieve the meta description? If we use a regular expression, we can easily get the meta description. In JavaScript, the regular expression looks like : var pattern = /<meta.*?name="description".*?content="(.*?)"....

   Regular expression,meta description,HTML,JavaScript     2012-07-03 10:09:20

RECENT