2011 Oct 19, 5:58
The following code works fine. I have a ccomptr named resolvedUri and I want to update its hostname so I do the following:
CreateIUriBuilder(resolvedUri, 0, 0, &builder);
builder->SetHost(host);
builder->CreateUri(0xFFFFFFFF, 0, 0, &resolvedUri);
But the following similar looking code has a bug:
ResolveHost(resolvedUri, &resolvedUri);
The issue is that doing &resolvedUri gets the address of the pointer but also clears out the pointer due to the definition of my smart pointer class:
operator T**()
{
T *ptrValue = mPtrValue;
mPtrValue->Release();
mPtrValue = NULL;
return &ptrValue;
}
In C++ there’s no guarantee about the order in which parameters for a function or method are evaluated. In the case above, &resolvedUri clears out the ccomptr before evaluating
resolvedUri.Get() and so ResolveHostAlias gets a nullptr.
An interesting and related thread on stack overflow on
undefined behavior in C++.
c++ technical bug programming smart-pointer cpp 2011 Oct 18, 4:52
I haven't been updating my blog recently. But I have three excellent reasons:
2011 Oct 17, 5:58
Essentially anybody can resolve it however they like except for tokens from the about URI special token registry which currently only contains 'blank'.
technical 2011 Jul 18, 2:38Neat idea: "When the user wants to visit a blacklisted site, the client establishes an encrypted HTTPS connection to a non-blacklisted web server outside the censor’s network, which could be a normal
site that the user regularly visits... The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called
public-key steganography... As the connection travels over the Internet en route to the non-blacklisted site, it passes through routers at various ISPs in the core of the network. We envision that
some of these ISPs would deploy equipment we call Telex stations."
internet security tools censorship technical 2011 Jul 1, 10:15"This specification defines the canonical link relation -- an element which designates the preferred version of content/URI from a set of duplicate or near duplicate pages."
link uri url html rel technical standard rfc canonical 2011 Jun 21, 1:22"This document defines the concept of an "origin", which is often used
as the scope of authority or privilege by user agents. Typically,
user agents isolate content retrieved from different origins to
prevent malicious web site operators from interfering with the
operation of benign web sites. In addition to outlining the
principles that underly the origin concept, this document defines how
to determine the origin of a URI, how to serialize an origin into a
string, and an HTTP header, named "Origin", that indicates which
origins are associated with an HTTP request."
ietf reference technical web browser user-agent webbrowser origin 2011 May 28, 11:00
I wanted to ensure that my switch statement in my implementation of IInternetSecurityManager::ProcessURLAction had a case for every possible documented URLACTION. I wrote the following short
command line sequence to see the list of all URLACTIONs in the SDK header file not found in my source file:
grep URLACTION urlmon.idl | sed 's/.*\(URLACTION[a-zA-Z0-9_]*\).*/\1/g;' | sort | uniq > allURLACTIONs.txt
grep URLACTION MySecurityManager.cpp | sed 's/.*\(URLACTION[a-zA-Z0-9_]*\).*/\1/g;' | sort | uniq > myURLACTIONs.txt
comm -23 allURLACTIONs.txt myURLACTIONs.txt
I'm
not a sed expert so I had to read the
sed documentation, and I heard about
comm from Kris Kowal's blog which happilly was in the
Win32 GNU tools pack I
already run.
But in my effort to learn and use PowerShell I found the following similar command line:
diff
(more urlmon.idl | %{ if ($_ -cmatch "URLACTION[a-zA-Z0-9_]*") { $matches[0] } } | sort -uniq)
(more MySecurityManager.cpp | %{ if ($_ -cmatch "URLACTION[a-zA-Z0-9_]*") { $matches[0] } } | sort -uniq)
In
the PowerShell version I can skip the temporary files which is nice. 'diff' is mapped to 'compare-object' which seems similar to comm but with no parameters to filter out the different streams
(although this could be done more verbosely with the ?{ } filter syntax). In PowerShell uniq functionality is built into sort. The builtin -cmatch operator (c is for case sensitive) to do regexp is
nice plus the side effect of generating the $matches variable with the regexp results.
powershell tool cli technical command line 2011 Apr 6, 10:00
I used FiddlerCore in GeolocMock to edit HTTPS responses and ran into two stumbling
blocks that I'll document here. The first is that I didn't check if the Fiddler root cert existed or was installed, which of course is necessary to edit HTTPS traffic. The following is my code
where I check for the certs.
if (!Fiddler.CertMaker.rootCertExists())
{
if (!Fiddler.CertMaker.createRootCert())
{
throw new Exception("Unable to create cert for FiddlerCore.");
}
}
if (!Fiddler.CertMaker.rootCertIsTrusted())
{
if (!Fiddler.CertMaker.trustRootCert())
{
throw new Exception("Unable to install FiddlerCore's cert.");
}
}
The second problem I had (which would have been solved had I read all the sample code first) was that my changes weren't being applied. In my app I only need the BeforeResponse but in order to
modify the response I must also sign up for the BeforeRequest event and mark the bBufferResponse flag on the session before the response comes back. For example:
Fiddler.FiddlerApplication.BeforeRequest += new SessionStateHandler(FiddlerApplication_BeforeRequest);
Fiddler.FiddlerApplication.BeforeResponse += new SessionStateHandler(FiddlerApplication_BeforeResponse);
...
private void FiddlerApplication_BeforeRequest(Session oSession)
{
if (IsInterestingSession(oSession))
{
oSession.bBufferResponse = true;
}
}
http fiddler technical https geolocmock programming fiddlercore 2011 Mar 22, 12:51We've now got IE9 and FF4 which means time for more cake!
humor browser webbrowser firefox ie ie9 ff4 mozilla microsoft 2010 Dec 6, 12:17Ye olde DoS: "The Berners Street Hoax was perpetrated by Theodore Hook in the City of Westminster, London, in 1809. Hook had made a bet with his friend, Samuel Beazley, that he could transform any
house in London into the most talked-about address in a week, which he achieved by sending out thousands of letters in the name of Mrs Tottenham, who lived at 54 Berners Street, requesting
deliveries, visitors, and assistance."
humor history prank 2010 Sep 27, 3:08Adam Barth's URI API draft starts to appear in webkit: "One of the things Adam Barth is currently working on is an URL API. Citing it, the API can be used for constructing, parsing and resolving URLs
through scripting, easening up tasks like getting and setting parameters. Today the first part landed in WebKit, which added the “origin” property."
webkit adam-barth uri url api javascript dom html html5 browser webbrowser technical 2010 Sep 4, 7:40"In the past, Lions Gate, which owns the rights to the “Mad Men” clip, might have requested that TomR35’s version be taken down. But it has decided to leave clips like this up, and in return, YouTube
runs ads with the video and splits the revenue with Lions Gate."
ad advertising copyright economics google internet tv video youtube article 2010 Aug 17, 3:05
I've just got a new media center PC connected directly to my television with lots of HD space and so I'm ripping a bunch of my DVDs to the PC so I don't have to fuss with the physical media. I'm
ripping with DVD Rip, viewing the results in Windows 7's Windows Media Center after turning on the WMC DVD Library, and using a powershell script I wrote to copy over cover art and metadata.
My powershell script follows. To use it you must do the following:
- Run Windows Media Center with the DVD in the drive and view the disc's metadata info.
- Rip each DVD to its own subdirectory of a common directory.
- The name of the subdirectory to which the DVD is ripped must have the same name as the DVD name in the metadata. An exception to this are characters that aren't allowed in Windows paths (e.g.
<, >, ?, *, etc)
- Run the script and pass the path to the common directory containing the DVD rips as the first parameter.
Running WMC and viewing the DVD's metadata forces WMC to copy the metadata off the Internet and cache it locally. After playing with Fiddler and reading this
blog post on WMC metadata I made the following script that copies metadata and cover art from the WMC cache to the corresponding
DVD rip directory.
Download copydvdinfo.ps1
powershell wmc technical tv dvd windows-media-center 2010 Jul 12, 7:11How to get around Hulu's physical location filtering: Use something like Fiddler to add the X-Forwarded-For header that HTTP proxies with an IP address associated with a phyiscal location you desire
and block your port 1935 which Flash uses for RTMP (see http://kb2.adobe.com/cps/164/tn_16499.html)
hulu proxy security tv howto technical 2010 Jul 1, 10:51"Sometimes it’s hard to judge whether an engineering effort has been successful or not. It can take years for an idea to catch on, to go from being the butt of jokes to becoming an international
imperative (IPv6). Uniform Resource Names (URNs), which are part of the Uniform Resource Identifier (URI) family, are conceptually at least as old as IPv6. While not figuring in international
directives for deployment, they-and the technology engineered to resolve them-are still going concerns."
ietf urn uri history technical internet url 2010 Jun 29, 1:24
An excellent movie I'd never heard of. An entertaining and humorous sci-fi indie romance comedy. It stars Emma Caulfield (who I recognize as Anya from Buffy the Vampire Slayer) who obsesses over
her timer, an implanted device that counts down to when she'll meet the love of her life. Thematically its similar to Eternal Sunshine of the Spotless Mind which similarly adds a scifi device to
society in order to examine the value of failed relationships on a persons life.
movie review netflix TiMER 2010 May 10, 8:43Charles Stross on the intersection of ebooks and the publishing industry. Includes the answer to the misinformed question "why are you charging so much for access to the file your authors emailed
you?" Also includes this quote on Cory Doctorow "... Cory is a Special Snowflake with EFF superpowers and New York Times Bestseller mojo which make him immune to the normal laws of man and nature."
charles-stross cory-doctorow ebook drm amazon publishing kindle apple book 2010 Apr 21, 1:47So... There's Downfall a 2004 film about the final days of Hitler's life. Then folks take the most dramatic scene and parody it with new subtitles having Hitler yell about various things like his
cell phone or Burning Man. It becomes a meme and meta Downfall parodies show up with Hitler yelling about the Downfall parodies. Now the studio producing the film has sent DMCA takedown notices to
Youtube and many of the videos are disappearing. In response is a new Downfall parody in which Hitler issues DMCA notices to Youtube...
censorship hitler humor copyright dmca eff legal youtube video fairuse meme web internet technical 2010 Apr 4, 2:02
I've just updated Encode-O-Matic with a Guess Input Encoding feature. When you start Encode-O-Matic or when you use the 'Guess
Input Encoding' menu item from the 'Tools' menu, Encode-O-Matic will try out various combinations of encodings and guess at which set seem to apply to your input. For instance given the following
text, Encode-O-Matic will correctly guess that it is percent encoded, base64 encoded, deflate compressed text:
S%2BWqUEhLLMoFUulFpXnZQLogMa%2BkmCuPqxzILk%2FMyeHK4QIA
It should work fairly well for simple things but I did pick 'Guess' for the name of the feature to intentionally lower
expectations. It doesn't currently apply to character encodings but that may be something to consider in the future.
technical encodeomatic tool encoding 2010 Mar 18, 7:23Right behind Bruce Schneier, Douglas Crockford now gets his own Facts page including awesome facts like "Crockford is the sole user of the super-strict equality operator (====), which either returns
true or kicks you in the balls."
douglas-crockford humor javascript nerd technical
Some rights reserved