Watch on triplehq.tumblr.com

Emanny ~ “Ya Sex” (Official Video) | @TheOnlyEmanny |

Emanny - Ya Sex from Emanny Salgado on Vimeo. Related articles New Music: Emanny | Disrespectful (None Of These Singers) …

V5.2 - Javascript, my old friend...

image

It’s Javascript time once again!

Things are somewhat familiar since I went through a lot of lessons the previous go around. And Java is a bit familiar too since I took a course on it (with recursion and OPP being my main downfalls!). 

After building a previous site, I can see some features that I could have probably been built from scratch with Javascript. Also getting some ideas about Bootstrap and how I can tackle the two projects I have at the moment.

I thought it was interesting how they noted that jQuery selectors are like CSS selectors. Now that I understand the reasoning and name behind those things in CSS, it makes sense to have them in Javascript/jQuery.

I’m still figuring out the relationship between Javacript and jQuery though. After reading this article from Udemy, it seems like jQuery IS Javascript. It’s just in jQuery, there’s already this set of scripts that are optimized for the web. A framework if you will, a bit like Bootstrap.

image

Interesting. I remember way back in 1999, when I first got started in this field, there was no such thing as jQuery… I do remember Javascript but it was just used for those mouseovers or horrible blinking effects that you saw way back then!

It’s such an interesting experience to get back to learning the basics again after taking a long break from web development learning/training (essentially about fifteen years). So many things have changed in that span, it’s crazy but exciting at the same time.

Don’t know if I’ll ever be a good developer but if it’s going to solve my problems and my projects then that’s good enough for me. I may never catch up with them (those who stuck with it since the beginning) but it sure can be useful to know these things!

So here’s to slogging through it, once again…

Update!

I made a special page for the plugin that has more information so you can share it more easily! I also included a little live translation textbox so you can try the plugin before you download it so you can see exactly what it does! Go check it out here: http://zirka-language.tumblr.com/plugin

I also slipped in a small update for the plugin to help handle errors if you mistakenly enter a character that doesn’t exist in Zirka! It prints a tiny red “not a letter” instead of a blank space so you can make sure that your text is correct!

Progressive Quest is a game that came out of the Ruin Jam. That kind of caught my attention.

I’ve been playing a few incremental games off and on lately and thought Progressive Quest was fun and humorous.

I’ve been kicking around ideas for an incremental game of my own for a while now and I thought it’d be fun to look at Progressive Quest’s source code and tinker around.

The game’s UI is super-simple (which is part of the charm), but I thought I’d spruce it up a bit for practice.

Here’s the before-and-after:

image

image

It could still use some work, but the general concept is there. The CSS is Min Framework and a few lines of my own. Moved around and redid a little of the HTML and a little of the Javascript to make the progress bars work. (The “after” screenshot got a little messed up where it got spliced together. Ignore that.)

Anyhow, this was good practice, and with luck I’ll be back on track working on my own games sooner or later.

On Stack Overflow and our other code-related sites, creating a minimal, complete, and verifiable example is the best way to get an answer to your question. We’ve always loved JSFiddle and sites like it because they let both askers and answerers reference runnable, working code that demonstrates their problem or solution.

Unfortunately, the use of these external sites introduces a few problems:

  1. If the link breaks, the post becomes worthless.
  2. If the code isn’t embedded in the page, visitors are forced to go elsewhere to get the full content of the question or answer.
  3. Also, because the code isn’t a part of our post Markdown, changes to it don’t show up in the revision history.

The community voiced similar concerns around external sites, which eventually led us to block posts that contain links to JSFiddle and similar sites without a corresponding code block. This is an unnecessary burden for both askers and answerers.

So we’ve created our own way to embed runnable JavaScript, CSS, and HTML code blocks right in the body of a post. As of today, we’re launching “Stack Snippets,” a fully integrated feature available on Stack Overflow and any other code-related Stack Exchange sites.

http://blog.stackoverflow.com/2014/09/introducing-runnable-javascript-css-and-html-code-snippets/

New Post has been published on Voice of Arewa

New Post has been published on http://www.voiceofarewa.com/2014/09/19/ebay-security-flaw-has-existed-for-months/

eBay security flaw has existed for months

A flaw that has exposed eBay customers to malicious websites has been affecting the site since at least February, the BBC has found.

Earlier this week it was revealed how clicking on some listings automatically redirected users to the harmful sites.

EBay removed several posts, but said it was an isolated incident.

But the BBC has since found multiple listings, from multiple users, exploiting the same vulnerability.

Furthermore, several readers contacted the BBC detailing complaints they had made to the site.

In a statement, eBay said it had a dedicated team working on security, but that criminals “intentionally adapt their code and tactics to try to stay ahead of the most sophisticated security systems”.

‘Big problem’

A transcript from February this year showed user Paul Castle explaining the issue, in detail, to eBay support staff.

“I was just browsing in Digital Cameras and came across a password-harvesting scam,” wrote Mr Castle during the online chat with eBay support staff.

Clicking on the listing link, Mr Castle explained, “transfers immediately to a password harvest scam page”.

“This is potentially a big security problem for eBay users,” he said, adding: “There could be hundreds.”

EBay staff told Mr Castle that the problem had been escalated to “higher authorities”.

Other users got in touch with the BBC to outline how they too had found listings that, when clicked on, behaved in the same way.

‘Abusive ways’

EBay’s search function allows users to find only completed auctions that are no more than 15 days old.

However, a brief search by the BBC uncovered 64 listings from the past 15 days that posed a danger to users.

In each case, it appears cross-site scripting (XSS) has been used to hijack the user’s browsing – placed in the listings page using Javascript.

In a statement on Friday, a spokeswoman for eBay said: “This is not a new type of vulnerability on sites such as eBay.

“This is related to the fact that we allow sellers to use active content like Javascript and Flash on our site.

“Many of our sellers use active content like Javascript and Flash to make their eBay listings more attractive. However, we are aware that active content may also be used in abusive ways.”

She added: “Cross-site scripting is not allowed on eBay and we have a range of security features designed to detect and then remove listings containing malicious code.”

‘A bad thing’

Ebay has been criticised by security experts for not responding to the vulnerability quickly enough.

While some listings were removed after being reported, the underlying issue has yet to be fixed.

Ilia Kolochenko, XSS expert and chief executive of security firm High-Tech Bridge, said it was difficult for “large complicated sites to be completely free of XSS vulnerabilities”.

But he said that once a particular XSS exploit was being used for malicious purposes – as demonstrated by the redirects to harmful websites – companies must act quickly to not just remove offending content, but to prevent the flaw being exploited again.

He said: “If someone has reported an issue to eBay, and the vulnerability was not fixed promptly, this is a bad thing.”

Dr Steven Murdoch, from University College London’s Information Security Research Group, agreed.

He told the BBC: “EBay should as a matter of priority have looked for all the other links which exploited the same vulnerability and removed these too, as well as closing off the vulnerability from future attackers.

“It’s clear they need to be more careful about what they allow – particularly when it comes to Javascript.”

SOURCE: BBC News (5)

Close

web audio API + canvas

Watch on epicwebdev.tumblr.com

Great lesson about Memory Management with Addy Osmani

JavaScript: BrowserSync を使ってみる
BrowserSync を使うとファイル内容の変更を監視してブラウザを自動でリロードできる。 また、Grunt や Gulp といったタスクランナーとのインテグレーションも行われている。

まずは NPM で BrowserSync をインストールする。
$ npm install -g browser-sync

既定のブラウザには LiveReload のプラグインをインストールしておく。 例えば Chrome なら以下で良さげ。
https://chrome.google.com/webstore/detail/livereload/jnihajbhpnppcggbcgedagnkighmdlei

監視対象とする HTML を用意する。
$ cat << EOF > index.html 
<!doctype html>
<html lang="ja">
<head>
  <meta charset="UTF-8" />
  <title>Document</title>
</head>
<body>
  <p>Hello, World!</p>
</body>
</html>
EOF

BrowserSync をサーバモード (—server) で起動するとブラウザで上記の HTML が表示されるはず。 サーバモードは静的なページの開発に使うモードで、—files オプションを使って変更の監視対象となるファイルを指定する。
$ browser-sync start --server --files "*.html"

この状態で例えば HTML を変更すると、ブラウザでリロードが走って表示が更新される。
$ cat << EOF > index.html 
<!doctype html>
<html lang="ja">
<head>
  <meta charset="UTF-8" />
  <title>Document</title>
</head>
<body>
  <p>Hello, World!?</p>
</body>
</html>
EOF

変更対象はカンマ区切りで複数指定できる。 例えば CSS や JavaScript を対象とする場合は以下のようにすれば良い。
$ browser-sync start --server --files "*.html,css/*.css,js/*.js"

次に Web アプリケーションと共に開発する場合に必要なプロキシモード (—proxy) を試す。 まずは Web API のモックを easymock で作っておく。
$ npm install -g easymock
$ mkdir api
$ cat << EOF > api/_get.json
{
  "msg": "Hello, World!"
}
EOF

デフォルトのポートが easymock と BrowserSync でかぶっているので 8000 番に変更して起動する。
$ easymock -p 8000

起動したら curl コマンドで動作確認しておく。
$ curl http://localhost:8000/api/
{
  "msg": "Hello, World!"
}

次に BrowserSync をプロキシモードで起動する。
$ browser-sync start --proxy "localhost:8000" --files "*.html,css/*.css,js/*.js"

すると BrowserSync が起動しているオリジンで easymock で作った API にアクセスできるようになった。
$ curl http://localhost:3000/api/
{
  "msg": "Hello, World!"
}

もちろん HTML ページにもアクセスできる。
$ curl http://localhost:3000/
<!doctype html>
<html lang="ja">
<head>
  <meta charset="UTF-8" />
  <title>Document</title>
</head>
<body>
  <p>Hello, World!?</p>
</body>
</html>

次にタスクランナーの Gulp と一緒に使ってみる。 まずは NPM で Gulp と BrowserSync をインストールする。
$ npm install -g gulp
$ npm install gulp browser-sync

まずはサーバモードを Gulp から使ってみる。 以下は ‘browser-sync’ タスクで BrowserSync を起動するように設定している。
$ cat << EOF > Gulpfile.js
'use strict';

var gulp = require('gulp');
var browserSync = require('browser-sync');

gulp.task('browser-sync', function() {
    browserSync({
        server: {
            baseDir: './'
        }
    });
});

EOF

上記で設定したタスクを実行するとブラウザで HTML が開かれる。
$ gulp browser-sync

同様にプロキシモードを試す。
$ cat << EOF > Gulpfile.js
'use strict';

var gulp = require('gulp');
var browserSync = require('browser-sync');

gulp.task('browser-sync', function() {
    browserSync({
        proxy: 'localhost:8000'
    });
});

EOF

先ほどと同様 easymock を起動しておく。
$ easymock -p 8000

‘browser-sync’ タスクを実行する。
$ gulp browser-sync

すると BrowserSync と同一オリジンで Web API にアクセスできるようになった。
$ curl http://localhost:3000/api/
{
  "msg": "Hello, World!"
}

ちなみに、残念ながら gulp-webserver と同様 WebSocket のプロキシには対応していなさげ。

Today Smashing Magazine turns eight years old. Eight years is a long time on the web, yet for us it really doesn’t feel like a long journey at all. Things have changed, evolved and moved on, and we gratefully take on new challenges one at a time. To mark this special little day, we’d love to share a few things that we’ve learned over the last year about the performance challenges of this very website and about the work we’ve done recently. If you want to craft a fast responsive website, you might find a few interesting nuggets worth considering. – Ed

http://www.smashingmagazine.com/2014/09/08/improving-smashing-magazine-performance-case-study/

Game info and level 1 revealed!

image

I’ve been hard at work during the last few weeks working on some levels on the platformer. Nothing’s set in stone yet, but I do have a good idea of what the first level looks like.

The platformer takes place in space, and the levels are grouped into planets; each planet has 2-3 levels in it. Different planets means different gravity, physics, aliens, artifacts and appearance. The game plays out like a Run n’ Gun platformer.

I still don’t have a name, though.

Text
Photo
Quote
Link
Chat
Audio
Video