att page 5 - Dave's Blog

Search
My timeline on Mastodon

First crawls of Alex (by Sarah Moffatt)

2012 Apr 23, 11:22


First crawls of Alex (by Sarah Moffatt)

PermalinkCommentspersonal alex crawling

The Dancebulance - Gov Ball 2012 Lineup (by...

2012 Apr 18, 6:10


The Dancebulance - Gov Ball 2012 Lineup (by nathanjbarnatt)

Another Nathan Barnatt video with awesome music and dance moves.  Also enjoying the music video for third song in this video “Barbara Streisand” by Duck Sauce: http://www.youtube.com/watch?v=uu_zwdmz0hE

PermalinkCommentshumor music dance nathan-barnatt video

Madeon - Pop Culture (Dance Video) (by nathanjbarnatt)

2012 Apr 17, 12:21


Madeon - Pop Culture (Dance Video) (by nathanjbarnatt)

PermalinkCommentshumor dance video nathan-barnatt madeon

Dark Patterns are UI patterns used to trick users into doing...

2012 Mar 12, 7:05


Dark Patterns are UI patterns used to trick users into doing things they’d otherwise rather not: buy traveler’s insurance, click on ads, etc.  Covers the anti-patterns and how we as technical folk can help stop this.

PermalinkCommentstechnical ui programming dark-pattern

The Blowholes - Summerbaby (Pete & Pete Reunion 2-24-12) (by...

2012 Mar 2, 4:48


The Blowholes - Summerbaby (Pete & Pete Reunion 2-24-12) (by matt00092)

Via http://www.avclub.com/articles/inside-the-adventures-of-pete-and-pete-reunion,70177/

PermalinkCommentsmusic pete-and-pete video

Client Side Cross Domain Data YQL Hack

2012 Feb 27, 2:28

One of the more limiting issues of writing client side script in the browser is the same origin limitations of XMLHttpRequest. The latest version of all browsers support a subset of CORS to allow servers to opt-in particular resources for cross-domain access. Since IE8 there's XDomainRequest and in all other browsers (including IE10) there's XHR L2's cross-origin request features. But the vast majority of resources out on the web do not opt-in using CORS headers and so client side only web apps like a podcast player or a feed reader aren't doable.

One hack-y way around this I've found is to use YQL as a CORS proxy. YQL applies the CORS header to all its responses and among its features it allows a caller to request an arbitrary XML, HTML, or JSON resource. So my network helper script first attempts to access a URI directly using XDomainRequest if that exists and XMLHttpRequest otherwise. If that fails it then tries to use XDR or XHR to access the URI via YQL. I wrap my URIs in the following manner, where type is either "html", "xml", or "json":

        yqlRequest = function(uri, method, type, onComplete, onError) {
var yqlUri = "http://query.yahooapis.com/v1/public/yql?q=" +
encodeURIComponent("SELECT * FROM " + type + ' where url="' + encodeURIComponent(uri) + '"');

if (type == "html") {
yqlUri += encodeURIComponent(" and xpath='/*'");
}
else if (type == "json") {
yqlUri += "&callback=&format=json";
}
...

This also means I can get JSON data itself without having to go through JSONP.
PermalinkCommentsxhr javascript yql client-side technical yahoo xdr cors

Why I Like Glitch

2012 Feb 17, 4:00

Sarah and I have been enjoying Glitch for a while now. Reviews are usually positive although occasionally biting (but mostly accurate).

I enjoy Glitch as a game of exploration: exploring the game's lands with hidden and secret rooms, and exploring the games skills and game mechanics. The issue with my enjoyment coming from exploration is that after I've explored all streets and learned all skills I've got nothing left to do. But I've found that even after that I can have fun writing client side JavaScript against Glitch's web APIs making tools (I work on the Glitch Helperator) for use in Glitch. And on a semi-regular basis they add new features reviving my interest in the game itself.

PermalinkCommentsvideo-game glitch glitch-helperator me project game

The 'Undue Weight' of Truth on Wikipedia (chronicle.com)

2012 Feb 15, 5:13

Interesting article on an expert attempting to modify an article on Wikipedia.  Sounds like an issue when presented in this fashion, but looking at it from Wikipedia’s perspective, I don’t know how they could do better.

PermalinkCommentstruth wikipedia internet

Blackmail DRM - Stolen Thoughts

2012 Feb 13, 4:00

Most existing DRM attempts to only allow the user to access the DRM'ed content with particular applications or with particular credentials so that if the file is shared it won't be useful to others. A better solution is to encode any of the user's horrible secrets into unique versions of the DRM'ed content so that the user won't want to share it. Entangle the users and the content provider's secrets together in one document and accordingly their interests. I call this Blackmail DRM. For an implementation it is important to point out that the user's horrible secret doesn't need to be verified as accurate, but merely verified as believable.

Apparently I need to get these blog posts written faster because only recently I read about Social DRM which is a light weight version of my idea but with a misleading name. Instead of horrible secrets, they say they'll use personal information like the user's name in the DRM'ed content. More of my thoughts stolen and before I even had a chance to think of it first!

PermalinkCommentsdrm blackmail blackmail-drm technical humor social-drm

MapReduce Patterns, Algorithms, and Use Cases

2012 Feb 10, 3:42PermalinkCommentstechnical map-reduce programming howto

Vim anti-patterns (geek.nz)

2012 Feb 7, 11:58

Things you do in VIM but faster with more obscure and specific commands.

PermalinkCommentstechnica vi vim reference howto

(via Defend our freedom to share (or why SOPA is a bad idea):...

2012 Jan 18, 3:21


(via Defend our freedom to share (or why SOPA is a bad idea): Clay Shirky on TED.com)

PermalinkCommentsvideo copyright clay-shirky sopa pipa legal politics mpaa ted

MPAA attacks Ars for "challenging efforts to curb content theft" (arstechnica.com)

2012 Jan 12, 5:12PermalinkCommentstechnical mpaa copyright ars-technica

Color Thief, script for grabbing the color palette from an image (lokeshdhakar.com)

2012 Jan 7, 6:42

Picks out dominant color or palette from an image. Not only is that cool, but it is in JavaScript using canvas, and is licensed under Creative Commons attribution.

PermalinkCommentstechnical color javascript canvas library

My Hometown Is Better Than Yours « Rottin' in Denmark

2012 Jan 6, 6:20

FTA: “Three mountain ranges, four lakes and a fucking Sound. That’s a geographical feature your hometown hasn’t even heard of.”

PermalinkCommentshumor via-ericlaw seattle

URI Empty Path Segments Matter

2011 Nov 23, 11:00

Shortly after joining the Internet Explorer team I got a bug from a PM on a popular Microsoft web server product that I'll leave unnamed (from now on UWS). The bug said that IE was handling empty path segments incorrectly by not removing them before resolving dotted path segments. For example UWS would do the following:

A.1. http://example.com/a/b//../
A.2. http://example.com/a/b/../
A.3. http://example.com/a/
In step 1 they are given a URI with dotted path segment and an empty path segment. In step 2 they remove the empty path segment, and in step 3 they resolve the dotted path segment. Whereas, given the same initial URI, IE would do the following:
B.1. http://example.com/a/b//../
B.2. http://example.com/a/b/
IE simply resolves the dotted path segment against the empty path segment and removes them both. So, how did I resolve this bug? As "By Design" of course!

The URI RFC allows path segments of zero length and does not assign them any special meaning. So generic user agents that intend to work on the web must not treat an empty path segment any different from a path segment with some text in it. In the case above IE is doing the correct thing.

That's the case for generic user agents, however servers may decide that a URI with an empty path segment returns the same resource as a the same URI without that empty path segment. Essentially they can decide to ignore empty path segments. Both IIS and Apache work this way and thus return the same resource for the following URIs:

http://exmaple.com/foo//bar///baz
http://example.com/foo/bar/baz
The issue for UWS is that it removes empty path segments before resolving dotted path segments. It must follow normal URI procedure before applying its own additional rules for empty path segments. Not doing that means they end up violating URI equivalency rules: URIs (A.1) and (B.2) are equivalent but UWS will not return the same resource for them.
PermalinkCommentsuser agent url ie uri technical web browser

(via please reblog and remove all attribution (3 Comments))

2011 Nov 17, 2:22


(via please reblog and remove all attribution (3 Comments))

PermalinkComments

A shuffled deck of cards is unique in all human history (matthewweathers.com)

2011 Nov 17, 1:01

Possible combinations to shuffle a deck of cards is 8.0658X1067 compared to the number of times a deck of cards has been shuffled thus far in history 1.546X1023

PermalinkComments

The three terrifying minutes that created The Gunstringer

2011 Sep 29, 8:35This story is funny and also reminds me to go eat at Matador... "Twisted Pixel chief creative officer Josh Bear had responded with abounding confidence, if only to mask the truth. Because the fact of the matter, the fact that he and CEO Mike Wilford were all too aware of, as they sat in Redmond, WA Tex-Mex restaurant The Matador, was this: The idea wasn't "awesome." It was nonexistent."
PermalinkCommentsfood microsoft game gunstringer humor technical

Man-in-the-Middle Attack Against SSL 3.0/TLS 1.0

2011 Sep 23, 4:37PermalinkCommentstechnical
Older EntriesNewer Entries Creative Commons License Some rights reserved.