Shortly after joining the Internet Explorer team I got a bug from a PM on a popular Microsoft web server product that I'll leave unnamed (from now on UWS). The bug said that IE was handling empty
path segments incorrectly by not removing them before resolving dotted path segments. For example UWS would do the following:
In step 1 they are given a URI with dotted path segment and an empty
path segment. In step 2 they remove the empty path segment, and in step 3 they resolve the dotted path segment. Whereas, given the same initial URI, IE would do the following:
IE simply resolves the dotted path segment against the empty path segment and removes them both. So, how
did I resolve this bug? As "By Design" of course!
The URI RFC allows path segments of zero length and does not assign them any special meaning. So generic user agents that intend to work on the web must not treat an empty path segment any
different from a path segment with some text in it. In the case above IE is doing the correct thing.
That's the case for generic user agents, however servers may decide that a URI with an empty path segment returns the same resource as a the same URI without that empty path segment. Essentially
they can decide to ignore empty path segments. Both IIS and Apache work this way and thus return the same resource for the following URIs:
The issue for UWS is that it removes empty path segments before resolving dotted path segments. It must
follow normal URI procedure before applying its own additional rules for empty path segments. Not doing that means they end up violating URI equivalency rules: URIs (A.1) and (B.2) are equivalent
but UWS will not return the same resource for them.
Essentially anybody can resolve it however they like except for tokens from the about URI special token registry which currently only contains 'blank'.
2011 Jul 18, 2:38Neat idea: "When the user wants to visit a blacklisted site, the client establishes an encrypted HTTPS connection to a non-blacklisted web server outside the censor’s network, which could be a normal
site that the user regularly visits... The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called
public-key steganography... As the connection travels over the Internet en route to the non-blacklisted site, it passes through routers at various ISPs in the core of the network. We envision that
some of these ISPs would deploy equipment we call Telex stations."internetsecuritytoolscensorshiptechnical
2011 Jul 9, 1:49Glasses that whisper in your ear the mood of the person with whom you're speaking and a jerk-o-meter you wear around your neck that tells you when you're being a jerk. Social devices.socialsciencetoolaugmented-reality
2011 Jun 20, 2:09"Why did the hackers at Lulz Security ("LulzSec") invade Sony Pictures websites, take down cia.gov, and release 60,000+ e-mail addresses and passwords? For the lulz, of course—but what might look
lulzy to one person could certainly enrage another. In honor of its 1,000th tweet, the witty wankers of LulzSec released a manifesto of sorts, defending their actions to the angry Internets."internetsecurityprivacyhacktechnical
2011 Apr 30, 4:05"This document discusses our experiences from moving a small number of users to an IPv6-only network, with access to the IPv4-only parts of the Internet via a NAT64 device. The document covers
practical experiences as well as road blocks and opportunities for this type of a network setup. The document also makes some recommendations about where such networks are applicable and what should
be taken into account in the network design. The document also discusses further work that is needed to make IPv6-only networking applicable in all environments."internetipipv6ipv4nattechnicalreference
For my GeolocMock weekend project I intended to use the Bing Maps API to display a map in a WebBrowser control and allow the user to
interact with that to select a location to be consumed by my application. Getting my .NET code to talk to the JavaScript in the WebBrowser control was surprisingly easy.
To have .NET execute JavaScript code you can use the InvokeScript method passing the name of the JavaScript function to execute and an object array of parameters to pass:
this.webBrowser2.Document.InvokeScript("onLocationStateChanged", new object[] { latitudeTextBoxText, longitudeTextBoxText, altitudeTextBoxText, uncertaintyTextBoxText });
The other direction, having JavaScript call into .NET is slightly more complicated but still pretty easy as far as language interop goes. The first step is to mark your assembly as ComVisible so
that it can interact with JavaScript via COM. VS had already added a ComVisible declaration to my project I just had to change the value to true.
[assembly: ComVisible(true)]
Next set ObjectForScripting attribute to the object you want to expose to JavaScript.
Now that object is exposed as window.external in JavaScript and you can call methods on it.
window.external.Set(lat, long, alt, gUncert);
However you don't seem to be able to test for the existence of methods off of it. For example the following JavaScript generates an exception for me even though I have a Set method:
2011 Mar 28, 4:06"ILSpy is the open-source .NET assembly browser and decompiler. Development started after Red Gate announced that the free version of .NET Reflector would cease to exist by end of February 2011.".nettoolsreflectorc#developmentcsharpdotnettechnicaltool
2010 Sep 24, 8:38"Comedian Stephen Colbert joined the panel of witnesses at a House hearing on immigrant farm workers. Mr. Colbert has partnered with United Farm Workers and their campaign calling on unemployed
Americans to take jobs in the agriculture sector. The organization's president, Arturo Rodriguez, also testified at the Judiciary Subcommittee on Immigration and Border Security hearing chaired by
Rep. Zoe Lofgren (D-CA).
Washington, DC : 2 hr. 10 min."humorvideostephen-colbertpoliticsimmigrationfarmlaborhouse
2010 Sep 4, 8:10"Reminiscent of the Beastie Boys "Awesome; I Fuckin'Shot That", more than 50 Radiohead fans captured the band's Aug. 23 show in Prague on Flip cameras, with the resulting footage later assembled into
the new Live In Praha DVD." radioheadmusicvideoyoutube
An excellent movie I'd never heard of. An entertaining and humorous sci-fi indie romance comedy. It stars Emma Caulfield (who I recognize as Anya from Buffy the Vampire Slayer) who obsesses over
her timer, an implanted device that counts down to when she'll meet the love of her life. Thematically its similar to Eternal Sunshine of the Spotless Mind which similarly adds a scifi device to
society in order to examine the value of failed relationships on a persons life.
Did I mention that I got married
two weeks ago today on May 29th? Its true! Our wedding was a kind of planning singularity -- all of my planning efforts would get sucked into that day and I couldn't make any plans past that date.
But the actual wedding itself was lovely and I didn't feel nearly as stressed out or nervous during the wedding as I did trying to plan for it. I've been gathering wedding photos on our wedding website photos page.
2010 May 10, 7:23"Kevin Frei - Exception Hanlding Cost September 2006 meeting of the Northwest C++ Users Group. Discussion of the assembly language cost of exception handling on the x86 Windows and x64 Windows
platform"C++programminglanguageexceptionmicrosoftwindowsperformancetechnicalvideo
2010 May 6, 7:16"Today web gadgets, mashup components, advertisements, and other 3rd party content on websites either run with full trust alongside your content or are isolated inside of IFrames. As a result, many
modern web applications are intrinsically insecure, often with unpredictable service quality. Live Labs Web Sandbox addresses this problem."webbrowserweb-sandboxtechnicaljavascripthtmlwindowslivesecuritysandboxmicrosoftsilverlight
2010 Apr 29, 11:53"I wrote Gopherbot, a spidering archiver for Gopherspace. I ran it in June 2007, and saved off all the documents and sites it could find. That saved 40GB of data, or about 780,000 documents." Now
available as a compressed 15GB torrent.torrentgopherinternetwebtechnicalhistoryarchive
Did I mention that I got married
two weeks ago today on May 29th? Its true! Our wedding was a kind of planning singularity -- all of my planning efforts would get sucked into that day and I couldn't make any plans past that date.
But the actual wedding itself was lovely and I didn't feel nearly as stressed out or nervous during the wedding as I did trying to plan for it. I've been gathering wedding photos on our wedding website photos page.
Some rights reserved