server page 2 - Dave's Blog

Search
My timeline on Mastodon

Internet Media Types and the Web

2010 Sep 30, 2:48A surprisingly readable and delightfully accurate summary of the history of MIME in the web followed by proposed next steps. Sounds like a plan to me! "We need a realistic transition plan from the unreliable web to the more reliable one. Part of this is to encourage senders (web servers) to mean what they say, and encourage recipients (browsers) to give preference to what the senders are sending."PermalinkCommentsmime contenttype browser web ietf reference history mimetype mime-sniffing sniffing technical

Access Hulu from Outside the U.S. Without a Proxy Server

2010 Jul 12, 7:11How to get around Hulu's physical location filtering: Use something like Fiddler to add the X-Forwarded-For header that HTTP proxies with an IP address associated with a phyiscal location you desire and block your port 1935 which Flash uses for RTMP (see http://kb2.adobe.com/cps/164/tn_16499.html)PermalinkCommentshulu proxy security tv howto technical

What every programmer needs to know about game networking « Gaffer on Games

2010 Jul 5, 8:38"This way the player appears to control their own character without any latency, and provided that the client and server character simulation code is deterministic – giving exactly the same result for the same inputs on the client and server – it is rarely corrected."PermalinkCommentsnetwork programming game technical quake history

Installable Web Apps - Google Code

2010 May 24, 6:29Installable web apps makes total sense given the Google Chrome OS: "An installable web app is a normal web site with a bit of extra metadata. You build and deploy this app exactly as you would build and deploy any web app, using any server-side or client-side technologies you like. The only thing that is different about an installable web app is how the app is packaged."PermalinkCommentstechnical web browser webapp google chrome

RFC 5849 - The OAuth 1.0 Protocol

2010 Apr 21, 6:49"OAuth provides a method for clients to access server resources on behalf of a resource owner (such as a different client or an end-user). It also provides a process for end-users to authorize third-party access to their server resources without sharing their credentials (typically, a username and password pair), using user-agent redirections."PermalinkCommentsoauth authorization security privacy internet web rfc standard technical

EricLaw's IEInternals : HTTP/HTTPS Port-Blocking in WinINET

2010 Mar 26, 5:16Interesting point that web browsers block HTML FORMs from submitting to some ports in order to avoid malicious servers from getting clients to do their dirty work. Of course it requires the host on the other side of that port to be able to interpret the HTTP request as something relevant to the protocol they actually expect.PermalinkCommentssecurity web browser ie http html form technical

How to Setup Your Own Web Proxy Server For Free with Google App Engine [Video Tutorial]

2010 Mar 4, 3:05Intro to Google App Engine plus get a somewhat more trustworthy web proxy than you'd normally find on the Internet...PermalinkCommentsapi proxy web google free technical

Researchers identify command servers behind Google attack

2010 Jan 14, 2:54Wow: "If the report's findings are correct, it suggests that the government of China has been engaged for months in a massive campaign of industrial espionage against US companies."PermalinkCommentsinternet google china security politics privacy

WPAD Server Fiddler Extension

2010 Jan 5, 7:42

I've made a WPAD server Fiddler extension and in a fit of creativity I've named it: WPAD Server Fiddler Extension.

Of course you know about Fiddler, Eric's awesome HTTP debugger tool, the HTTP proxy that lets you inspect, visualize and modify the HTTP traffic that flows through it. And on the subject you've probably definitely heard of WPAD, the Web Proxy Auto Discovery protocol that allows web browsers like IE to use DHCP or DNS to automatically discover HTTP proxies on their network. While working on a particularly nasty WPAD bug towards the end of IE8 I really wished I had a way to see the WPAD requests and responses and modify PAC responses in Fiddler. Well the wishes of me of the past are now fulfilled by present day me as this Fiddler extension will respond to WPAD DHCP requests telling those clients (by default) that Fiddler is their proxy.

When I started working on this project I didn't really understand how DHCP worked especially with respect to WPAD. I won't bore you with my misconceptions: it works by having your one DHCP server on your network respond to regular DHCP requests as well as WPAD DHCP requests. And Windows I've found runs a DHCP client service (you can start/stop it via Start|Run|'services.msc', scroll to DHCP Client or via the command line with "net start/stop 'DHCP Client'") that caches DHCP server responses making it just slightly more difficult to test and debug my extension. If a Windows app uses the DHCP client APIs to ask for the WPAD option, this service will send out a DHCP request and take the first DHCP server response it gets. That means that if you're on a network with a DHCP server, my extension will be racing to respond to the client. If the DHCP server wins then the client ignores the WPAD response from my extension.

Various documents and tools I found useful while working on this:

PermalinkCommentsproxy fiddler http technical debug wpad pac tool dhcp

Get cached images from your visitors | Diovo

2009 Dec 15, 2:01"Jeff Atwood (Coding Horror fame) was in for a horror when he realized that his server crashed and his data was gone and due to some reason, the backup mechanism was not working. ... So what should Jeff do now? Since Coding horror is a high traffic blog, I think there is a way to get back at least some of the images." Reconstruct the HTML from Google's cache, change the HTTP server to tell the client it has the correct cached image for all the images, add script to the HTML to grab the images and send them back. Awesome idea. Of course now I want to setup Fiddler to swap in random images...PermalinkCommentsvia:ericlaw jeff-atwood backup web http cache image javascript technical

Google Public DNS

2009 Dec 3, 4:52Having replaced HTTP with SPDY, Google digs deeper into the Web stack providing their own DNS servers. Also, as Waxy noted, you can't argue with the most memorable IP addresses I've seen: "Configure your network settings to use the IP addresses 8.8.8.8 and 8.8.4.4 as your DNS servers". Also check out their DNS server's DNS prefetching in the performance notes.PermalinkCommentsgoogle dns internet network security performance dns-prefetching technical

Common Web Server software comparison report

2009 Jul 1, 2:24Stats on HTTP servers and HTTP server response headers. "Current statistics are based on a sample of 84604 probed servers, gathered in the last 386 days."PermalinkCommentshttp statistics server internet http-header via:mnot technical

Eat Pants - Interactive Fiction Sessions from my Server Logs

2009 Jun 29, 4:19

I've looked at my web server logs previously to see if anyone had used my Web Frotz Interpreter and until recently didn't realize that awstats (the web server log report generator) was truncating the query from my URL, so I couldn't tell that anyone was actually using it. But after grepping the logs manually I've pulled out the URLs of visitor's text adventure sessions. If you'll recall, my Web Frotz Interpreter stores the game state in the URL so its easy to see user's game states in the web server logs.

I've put some of the links up on the Web Frotz Interpreter page. Some of the interesting ones:

PermalinkCommentsserver-logs technical zork frotz pants interactive-fiction uri if

Content-Type Processing Model

2009 Jun 22, 3:12HTML5's mime-sniffing is getting moved to an IETF doc: "Many web servers supply incorrect Content-Type headers with their HTTP responses. In order to be compatible with these servers, user agents must consider the content of HTTP responses as well as the Content-Type header when determining the effective media type of the response. This document describes an algorithm for determining the effective media type of HTTP responses that balances security and compatibility considerations."PermalinkCommentsmime mime-sniffing ietf http w3c html5 technical

Hulu, a Victim of Its Own Success? | Epicenter

2009 May 12, 2:32If Hulu removes programming or Netflix doesn't make something available to watch instantly, its a safe bet it wasn't their idea to make their service worse. '"Whose retarded idea was that?" Well, not Hulu's. The move was taken at the network's request. Powerful forces are working against free, legal online TV - and the decision to pull Sunny may have made that show the canary in the server farm.'PermalinkCommentshulu business wired tv web internet

Web Proxy Autodiscovery Protocol IETF Draft Document

2009 Feb 5, 8:39The long expired draft of the Web Proxy Autodiscovery Protocol (WPAD). To summarize, use DHCP and failing that DNS to find the name of a web server and on that web server find a Proxy Auto-Config file at a well known localtion.PermalinkCommentswpad proxy internet reference browser dns dhcp

Tab Expansion in PowerShell

2008 Nov 18, 6:38

PowerShell gives us a real CLI for Windows based around .Net stuff. I don't like the creation of a new shell language but I suppose it makes sense given that they want something C# like but not C# exactly since that's much to verbose and strict for a CLI. One of the functions you can override is the TabExpansion function which is used when you tab complete commands. I really like this and so I've added on to the standard implementation to support replacing a variable name with its value, tab completion of available commands, previous command history, and drive names (there not restricted to just one letter in PS).

Learning the new language was a bit of a chore but MSDN helped. A couple of things to note, a statement that has a return value that you don't do anything with is implicitly the return value for the current function. That's why there's no explicit return's in my TabExpansion function. Also, if you're TabExpansion function fails or returns nothing then the builtin TabExpansion function runs which does just filenames. This is why you can see that the standard TabExpansion function doesn't handle normal filenames: it does extra stuff (like method and property completion on variables that represent .Net objects) but if there's no fancy extra stuff to be done it lets the builtin one take a crack.

Here's my TabExpansion function. Probably has bugs, so watch out!


function EscapePath([string] $path, [string] $original)
{
    if ($path.Contains(' ') -and !$original.Contains(' '))
    {
        '"'   $path   '"';
    }
    else
    {
        $path;
    }
}

function PathRelativeTo($pathDest, $pathCurrent)
{
    if ($pathDest.PSParentPath.ToString().EndsWith($pathCurrent.Path))
    {
        '.\'   $pathDest.name;
    }
    else
    {
        $pathDest.FullName;
    }
}

#  This is the default function to use for tab expansion. It handles simple
# member expansion on variables, variable name expansion and parameter completion
# on commands. It doesn't understand strings so strings containing ; | ( or { may
# cause expansion to fail.

function TabExpansion($line, $lastWord)
{
    switch -regex ($lastWord)
    {
         # Handle property and method expansion...
         '(^.*)(\$(\w|\.) )\.(\w*)$' {
             $method = [Management.Automation.PSMemberTypes] `
                 'Method,CodeMethod,ScriptMethod,ParameterizedProperty'
             $base = $matches[1]
             $expression = $matches[2]
             Invoke-Expression ('$val='   $expression)
             $pat = $matches[4]   '*'
             Get-Member -inputobject $val $pat | sort membertype,name |
                 where { $_.name -notmatch '^[gs]et_'} |
                 foreach {
                     if ($_.MemberType -band $method)
                     {
                         # Return a method...
                         $base   $expression   '.'   $_.name   '('
                     }
                     else {
                         # Return a property...
                         $base   $expression   '.'   $_.name
                     }
                 }
             break;
          }

         # Handle variable name expansion...
         '(^.*\$)([\w\:]*)$' {
             $prefix = $matches[1]
             $varName = $matches[2]
             foreach ($v in Get-Childitem ('variable:'   $varName   '*'))
             {
                 if ($v.name -eq $varName)
                 {
                     $v.value
                 }
                 else
                 {
                    $prefix   $v.name
                 }
             }
             break;
         }

         # Do completion on parameters...
         '^-([\w0-9]*)' {
             $pat = $matches[1]   '*'

             # extract the command name from the string
             # first split the string into statements and pipeline elements
             # This doesn't handle strings however.
             $cmdlet = [regex]::Split($line, '[|;]')[-1]

             #  Extract the trailing unclosed block e.g. ls | foreach { cp
             if ($cmdlet -match '\{([^\{\}]*)$')
             {
                 $cmdlet = $matches[1]
             }

             # Extract the longest unclosed parenthetical expression...
             if ($cmdlet -match '\(([^()]*)$')
             {
                 $cmdlet = $matches[1]
             }

             # take the first space separated token of the remaining string
             # as the command to look up. Trim any leading or trailing spaces
             # so you don't get leading empty elements.
             $cmdlet = $cmdlet.Trim().Split()[0]

             # now get the info object for it...
             $cmdlet = @(Get-Command -type 'cmdlet,alias' $cmdlet)[0]

             # loop resolving aliases...
             while ($cmdlet.CommandType -eq 'alias') {
                 $cmdlet = @(Get-Command -type 'cmdlet,alias' $cmdlet.Definition)[0]
             }

             # expand the parameter sets and emit the matching elements
             foreach ($n in $cmdlet.ParameterSets | Select-Object -expand parameters)
             {
                 $n = $n.name
                 if ($n -like $pat) { '-'   $n }
             }
             break;
         }

         default {
             $varNameStar = $lastWord   '*';

             foreach ($n in @(Get-Childitem $varNameStar))
             {
                 $name = PathRelativeTo ($n) ($PWD);

                 if ($n.PSIsContainer)
                 {
                     EscapePath ($name   '\') ($lastWord);
                 }
                 else
                 {
                     EscapePath ($name) ($lastWord);
                 }
             }

             if (!$varNameStar.Contains('\'))
             {
                foreach ($n in @(Get-Command $varNameStar))
                {
                    if ($n.CommandType.ToString().Equals('Application'))
                    {
                       foreach ($ext in @((cat Env:PathExt).Split(';')))
                       {
                          if ($n.Path.ToString().ToLower().EndsWith(($ext).ToString().ToLower()))
                          {
                              EscapePath($n.Path) ($lastWord);
                          }
                       }
                    }
                    else
                    {
                        EscapePath($n.Name) ($lastWord);
                    }
                }

                foreach ($n in @(Get-psdrive $varNameStar))
                {
                    EscapePath($n.name   ":") ($lastWord);
                }
             }

             foreach ($n in @(Get-History))
             {
                 if ($n.CommandLine.StartsWith($line) -and $n.CommandLine -ne $line)
                 {
                     $lastWord   $n.CommandLine.Substring($line.Length);
                 }
             }

             # Add the original string to the end of the expansion list.
             $lastWord;

             break;
         }
    }
}

PermalinkCommentscli technical tabexpansion powershell

XSLT Meddler Script

2008 Nov 9, 11:25

I've made an XSLT Meddler script in my continued XSLT adventures. Meddler is a simple and easy web server that runs whatever JScript.NET code you give it. I wrote a script that takes an indicated XSLT on the server, downloads an indicated XML from the Internet and returns the result of running that XML through the XSLT. This is useful when you want to work with something like the Zune software or IE7's feed platform which only reads feeds over the HTTP protocol. I'll give more interesting and specific examples of how this could be useful in the future.

PermalinkCommentsmeddler technical xml script xslt

Testing Tools

2008 Oct 31, 2:37"The Microsoft Active Accessibility SDK provides several utilities that can be used by both clients and servers as testing tools."PermalinkCommentsmsdn microsoft accessibility tool free download

Failing Electronics

2008 Oct 22, 12:54

Electronic devices shouldn't fail, they should just sit wherever I place them and work forever. A while back my home web server started failing so I moved over to a real web hosting service. And this was the home web server I built from pieces Eric gave me after my previous one died during the big power failure the year before. The power socket on my old laptop has come undone from the motherboard so that it can no longer be powered. Just a week or two ago my Xbox 360 stopped displaying video. The CPU fan on my media center died. I also want to put my camera and GPS in this list, but the camera died due to accidentally turning on in my pocket and the GPS was stolen so those aren't the devices just arbitrarily failing.

PermalinkCommentsboring personal complaining nontechnical
Older EntriesNewer Entries Creative Commons License Some rights reserved.