programming page 2 - Dave's Blog

Search

Welcome to TypeScript

2012 Oct 1, 6:41

TypeScript is a typed superset of JavaScript that adds interfaces, and type safety and compiles to JavaScript. In VS this means you get much better auto completion suggestions.  Watch the Channel9 video.

PermalinkCommentstechnical javascript typescript Microsoft programming programming-language

AbleGamers creates how-to accessibility guide for devs, publishers | Joystiq

2012 Sep 14, 4:20

A howto on making your video game accessible to those with disabilities (blind, color blind, deaf, etc)

The AbleGamers Foundation has created a 48-page document it hopes will serve as a how-to guide for game developers and publishers on how to create more accessible games. The in-depth guide by the disability non-profit covers in great detail how to make games available to those with varying degrees of mobility, hearing, visual and cognitive issues.

PermalinkCommentsgame technical video-game programming accessibility howto

Stripe Web Security CTF Summary

2012 Aug 30, 5:00

I was the 546th person to complete Stripe's web security CTF and again had a ton of fun applying my theoretical knowledge of web security issues to the (semi-)real world. As I went through the levels I thought about what red flags jumped out at me (or should have) that I could apply to future code reviews:

Level Issue Code Review Red Flags
0 Simple SQL injection No encoding when constructing SQL command strings. Constructing SQL command strings instead of SQL API
1 extract($_GET); No input validation.
2 Arbitrary PHP execution No input validation. Allow file uploads. File permissions modification.
3 Advanced SQL injection Constructing SQL command strings instead of SQL API.
4 HTML injection, XSS and CSRF No encoding when constructing HTML. No CSRF counter measures. Passwords stored in plain text. Password displayed on site.
5 Pingback server doesn't need to opt-in n/a - By design protocol issue.
6 Script injection and XSS No encoding while constructing script. Deny list (of dangerous characters). Passwords stored in plain text. Password displayed on site.
7 Length extension attack Custom crypto code. Constructing SQL command string instead of SQL API.
8 Side channel attack Password handling code. Timing attack mitigation too clever.

More about each level in the future.

PermalinkCommentscode-review coding csrf html internet programming script security sql stripe technical web xss

Brainfuck beware: JavaScript is after you! | Patricio Palladino

2012 Aug 10, 10:18

“tl;dr I just made a tool to transform any javascript code into an equivalent sequence of ()[]{}!+ characters. You can try it here, or grab it from github or npm. Keep on reading if you want to know how it works.”

JavaScript has some crazy implicit casts.

PermalinkCommentstechnical humor programming javascript obfuscation

(via An Unexpected Ass Kicking (joelrunyon.com))

2012 Aug 6, 4:08


(via An Unexpected Ass Kicking (joelrunyon.com))

PermalinkCommentshistory programming computing

The Netflix Tech Blog: Chaos Monkey released into the wild

2012 Jul 30, 3:49

Chaos Monkey randomly kills your Amazon Web Service VMs increasing the failure rate forcing your web service to deal with it.

PermalinkCommentstechnical programming web amazon netflix

Newsroom: Miscellaneous: New Online Tool Gives Public Wider Access to Key U.S. Statistics

2012 Jul 28, 2:35

The U.S. Census Bureau today released a new online service that makes key demographic, socio-economic and housing statistics more accessible than ever before. The Census Bureau’s first-ever public Application Programming Interface (API) allows developers to design Web and mobile apps to explore or learn more about America’s changing population and economy.

PermalinkCommentstechnical api census statistics stats web restful rest

Windows Executable Walkthrough Graphic (corkami.com)

2012 Jul 19, 5:58

Breakdown of the bytes of a Windows executable in a big old chart!

PermalinkCommentstechnical windows programming

Eyeo2012 - Robert Hodgin Robert Hodgin presents various 3D...

2012 Jul 18, 8:39


Eyeo2012 - Robert Hodgin

Robert Hodgin presents various 3D animation projects in a humorous fashion.

PermalinkComments3d animation humor video programming

The Fiddler Book: "Debugging with Fiddler: The official reference from the developer of Fiddler"

2012 Jun 23, 9:19

THE Fiddler Book straight from the source, EricLaw - the developer of Fiddler!

Fiddler is a wonderful tool with never ending extensibility. With this book I shall master it!

PermalinkCommentstechnical programming book ericlaw fiddler http

FuckItJS

2012 Jun 22, 9:19

jQuery plugin that blindly removes lines with errors and recompiles until it works  

PermalinkCommentstechnical humor javascript programming coding jquery

Web Intents

2012 Jun 15, 8:05

This page is a high-level overview of the project and provides guidence on how to implement the intents in your applications without the need for the you to understand the entire spec.

PermalinkCommentstechnical programming web web-intents html javascript

Application Protocols in Windows 8

2012 Jun 12, 4:09
In Windows 8 you can still register a desktop application to handle a particular URI scheme, but now you can also register a Metro Win8 application to handle a particular URI scheme. No more manually modifying the registry - now there's pretty UI in VS to handle this.
PermalinkCommentsapplication-uri programming technical uri windows windows8

Testing 3 million hyperlinks, lessons learned

2012 Jun 7, 2:42

Won’t someone think of the URIs?!  At some point in the not too distant past, MSDN changed how you link to documentation and broke all existing links.  This included some of links in documents on MSDN.

PermalinkCommentsuri technical http programming web

Working with files in JavaScript, Part 5: Blobs

2012 Jun 5, 4:13

How to create Blobs directly and via BlobBuilder.

PermalinkCommentsblob javascript programming technical web web-browser

Code: Flickr Developer Blog » Parsing Exif client-side using JavaScript

2012 Jun 1, 2:51

Flickr parses the exif out of images using Web Workers, and Blob (File API)!

PermalinkCommentsjavascript blob exif image technical programming dom webworker web-browser

Working with files in JavaScript, Part 4: Object URLs

2012 Jun 1, 2:50

On the topic of blobs and createObjectURL.  Woo blobs!

PermalinkCommentsjavascript blob dom web-browser technical programming

Permanently Add Path to System PATH Environment Variable in PowerShell

2012 May 17, 7:16
According to MSDN the proper way to permanently add a path to your system's PATH environment variable is by modifying a registry value. Accordingly this is easily represented in a PowerShell script that first checks if the path provided is already there and otherwise appends it:
param([Parameter(Mandatory = $true)] [string] $Path);
$FullPathOriginal = (gp "HKLM:\System\CurrentControlSet\Control\Session Manager\Environment").Path;
if (!($FullPathOriginal.split(";") | ?{ $_ -like $Path })) {
sp "HKLM:\System\CurrentControlSet\Control\Session Manager\Environment" -name Path -value ($FullPathOriginal + ";" +
$Path);
}
PermalinkCommentspowershell registry technical code programming

C++ Algorithms: next_permutation()

2012 May 4, 1:56

Breakdown of the STL’s implementation of next_permutation.  Ever wondered how that works?

PermalinkCommentstechnical stl c++ algorithm permutation math programming

The Metro Developer Show

2012 Apr 20, 9:15

The Metro Developer Show is the first podcast exclusively for Metro developers and enthusiasts.

Each week Ryan and Travis Lowdermilk traverse the exciting world of Metro (phone, tablet, desktop and Xbox); covering the latest news and exploring what it means for the developer community and everyday users.

PermalinkCommentsaudio technical podcast metro windows programming win8
Older EntriesNewer Entries Creative Commons License Some rights reserved.