Three months ago, I posted on PTT ([Sharing] Free Programming Tutorial (Front-end)) saying that I was willing to provide a series of free front-end programming tutorials. Anyone with a web foundation could sign up, and I welcomed everyone to write to me with a few answers to some questions. Finally, I would select 5-10 people for training.
Recently, I encountered some cases of CSRF and took the opportunity to study it thoroughly. After in-depth research, I found that this attack is actually quite scary because it is easy to overlook. Fortunately, some frameworks now have built-in CSRF defense functions that can be easily enabled.
However, I still think it is necessary to understand what CSRF is, how it attacks, and how to defend against it. Let’s start by briefly introducing it!
CSRF is a type of attack on the web, which stands for Cross Site Request Forgery. Don’t confuse it with XSS, they are two different things. So what is CSRF? Let’s start with an example of my own.
Recently, I have been working on live streaming related projects. Although I am a frontend developer, I still need to understand some of the principles of live streaming. At least, I need to know what formats are available and what are the advantages and disadvantages of each format. This will make the development process smoother.
This article will briefly record some of my experiences and information. If you want to have a deeper understanding of HLS, you can refer to the following two articles:
(Original article published at: http://blog.techbridge.cc/2016/05/20/fast-way-to-get-apk-information/)
In a previous article, we introduced how to decompile an Android APK. By decompiling, we can obtain a lot of information related to the APK, such as AndroidManifest.xml. With this file, we can see some basic information about the APK, and also see the entire code of the APK and the resources used (pictures, videos, sounds, etc.).
But if today we only want to know the basic information, and we don’t care about how the APK is written or what resources it uses, what should we do? Decompiling takes some time, and the larger the APK, the longer it takes. Is there a better way?
(Original post published at: http://blog.techbridge.cc/2016/04/23/fast-restful-nodejs-api-backend/)
Some websites today use the Single Page Application approach, where the backend only provides APIs for the frontend to fetch data, achieving complete separation of the frontend and backend. There are many choices for the frontend, you can use Angular, Ember.js, or React + Redux. As for the backend API, it must conform to a fixed format to make it easier for frontend developers to fetch data. And this “fixed format” is most commonly known as our focus today: RESTful.
When writing programs, we often use the “search” function. The simplest search is to find the number you want in a string of numbers, which is also our topic today.
This article will be divided into three parts. The first part will introduce the linear search method, the second part will introduce the binary search method, and the last part will discuss the different implementation methods of the binary search method under different conditions.
Recently, there was an incident where our server was attacked by a large number of requests. Unfortunately, the server was hosting a forum service. Assuming that the attack point was the forum homepage, each request would query the database and there were a lot of joins. Some of the instructions were POST, which would update the database. This caused the database to lock up and the CPU to skyrocket, leading to a crash.
If the forum was self-written, we could add a cache like Redis between the database and application. However, this forum system is someone else’s and we cannot modify it.
The full name of CS50 is Introduction to Computer Science, which is a general education course at Harvard University. It is available on edx, and anyone can take it. There are even teaching assistants to help you with programming assignments (only programming assignments, not other types of assignments like paper-based ones).
The first time I heard about CS50 was through this report: CS50: A “hard” course taken by over 800 Harvard students, what makes it so attractive?. It wasn’t until I finished the course recently that I understood what makes this course so impressive.
Let’s start with the meaning of the title: An Ocean-like Programming Course. Why the ocean? Because this course is deep and wide. How deep and wide is it? I recorded the course outline and assignments for each week. If you have a friend with a computer science background, they will know what I mean.
For Android engineers, understanding how to decompile can enhance their understanding of the Android system and also consider how to protect their APK from being decompiled.
For the general public, many ready-made tools can help us easily decompile APKs and see Java source code, satisfying our curiosity.
This article only introduces the use of some tools, suitable for beginners to watch. If you want to understand more underlying knowledge, you can refer to the extended reading attached at the end of the article.