background preloader


Facebook Twitter

Understanding Digest Access Authentication. Digest Access Authentication is one method that a client and server can use to exchange credentials over HTTP.

Understanding Digest Access Authentication

This method uses a combination of the password and other bits of information to create an MD5 hash which is then sent to the server to authenticate. Sending a hash avoids the problems with sending a password in clear text, a shortfall of Basic Access Authentication. Digest Access was originally defined in RFC 2069, and optional security enhancements were later added in RFC 2617 which should be considered the current standard if you wish to implement this method yourself.

Node.js and Express - Basic Authentication. Basic authentication can be a quick and efficient way to protect your content.

Node.js and Express - Basic Authentication

Combined with SSL it’s also very secure. This article describes how to add basic authentication to a Node.js Express application. Express App The first thing we need is an Express application. Creating an Express app is extremely simple, and the makers of Express do a pretty good job documenting the process. Using CORS. Introduction APIs are the threads that let you stitch together a rich web experience.

Using CORS

But this experience has a hard time translating to the browser, where the options for cross-domain requests are limited to techniques like JSON-P (which has limited use due to security concerns) or setting up a custom proxy (which can be a pain to set up and maintain). Cross-Origin Resource Sharing (CORS) is a W3C spec that allows cross-domain communication from the browser. By building on top of the XMLHttpRequest object, CORS allows developers to work with the same idioms as same-domain requests. The use-case for CORS is simple. As you can see from this example, CORS support requires coordination between both the server and client. Santiago Ortiz website.


Angular. Jquery plugins. Java. RemoteCollab. Remote Collab is an open-source SublimeText plugin for remote pair programming, allowing multiple developers to work together on the same project in real-time.


How to Install Via Package Control The easiest way to install is using Sublime Package Control. Open Command Palette using menu item Tools -> Command Palette... (⇧⌘P on Mac)Choose Package Control: Install PackageFind RemoteCollab and hit Enter Manual You can also install Remote Collab manually: Download the .zip or .tar.gz archiveUnzip and rename the folder to RemoteCollabCopy the folder into Packages directory, which you can find using the menu item Sublime Text -> Preferences -> Browse Packages... RemoteCollab. YUI Compressor. Infographics-and-chart-design-elements-vector-03-48119.jpg (592×839) Display icons using a single image and CSS "Sprites" Recently, I have been working on a website that has numerous icons being displayed on a single page.

Display icons using a single image and CSS "Sprites"

One of the ways to reduce server requests is to store all of your icons in a single image and use CSS to display only the portion of the image you need for a particular location on your page. This technique is commonly used by designers to display icons from a single image. It is often termed CSS sprites. First, lets take a look at an image with the icons we will be using. I have chose these grunge icons for this example. Icons we will use for displaying via CSS The setup First, we need to figure out the grid of the icons on this image.

Using CSS, we will display each icon in it’s own DIV tag. This shows the top,left coordinates for the image to be displayed using CSS. Those aren’t coordinates! Conclusion. Designing a Secure REST (Web) API without OAuth. Situation You want to develop a RESTful web API for developers that is secure to use, but doesn’t require the complexity of OAuth and takes a simple “pass the credentials in the query” approach… or something equally-as-easy for people to use, but it needs to be secure.

Designing a Secure REST (Web) API without OAuth

You are a smart guy, so you start to think… Problem You realize that literally passing the credentials over HTTP leaves that data open to being sniffed in plain-text; After the Gawker incident, you realize that plain-text or weakly-hashed anything is usually a bad idea. You realize that hashing the password and sending the hash over the wire in lieu of the plain-text password still gives people sniffing at least the username for the account and a hash of the password that could (in a disturbing number of cases) be looked up in a Rainbow Table. That’s not good, so you scratch your head some more… “Still not quite right!” Solution. Git - the simple guide - no deep shit! Git - the simple guide just a simple guide for getting started with git. no deep shit ;) by Roger Dudler credits to @tfnico, @fhd and Namics this guide in deutsch, español, français, indonesian, italiano, nederlands, polski, português, русский, türkçe, မြန်မာ, 日本語, 中文, 한국어 Vietnamese please report issues on github Drive deeper customer connections with Mailchimp's marketing via Carbon setup Download git for OSX Download git for Windows Download git for Linux.

git - the simple guide - no deep shit!

ProgrammableWeb - Mashups, APIs, and the Web as Platform. TodoMVC. Building Apps With the Yeoman Workflow. Trick question.

Building Apps With the Yeoman Workflow

It's not a thing. It's this guy: Basically, he wears a top hat, lives in your computer, and waits for you to tell him what kind of application you wish to create. As an example, scaffolding a web application would look something like this: How to execute shell command from Java. In Java, you can use Runtime.getRuntime().exec to execute external shell command : p = Runtime.getRuntime().exec("host -t a " + domain); p.waitFor(); BufferedReader reader = new BufferedReader(new InputStreamReader(p.getInputStream())); String line = ""; while ((line = reader.readLine())!

How to execute shell command from Java

= null) { sb.append(line + "\n"); } 1. PING example Classical example to execute the ping command and print out its output. Output. Understanding Browser HTTP Accept Headers: Firefox, Internet Explorer, Opera, and WebKit (Safari / Chrome) Update: WebKit team responds to this post.

Understanding Browser HTTP Accept Headers: Firefox, Internet Explorer, Opera, and WebKit (Safari / Chrome)

Admits error, downplays importance. When a web browser make a request it sends information to the server about what it is looking for in headers. One of these headers is the Accept header. The Accept header tells the server what file formats, or more correctly MIME-types, the browser is looking for. Let's take a look at Firefox's Accept header: