Joined August 2013
·
D3b2094f1b3386e660bb737e797f5dcc

Steve Jansen

Charlotte, NC
·
·

Hi @mlafeldt, thanks for sharing! Great tip!

FYI ChefSpec 3.4.0+ now seems to require this slight change:

chef_run.find_resources(:ruby_block).find { |r| r.name == 'Add rbenv to PATH' }.old_run_action(:create)

badass rock star tech!

Posted to Saving better SVG files over 1 year ago

Agree with @matthewwithanm

Keep the unoptimized source in source control, use Grunt (or gulp or whatever) to optimize your build artifacts. The svgmin task can automate SVG optimization.

Posted to Coderwall simple proxy upvoter over 1 year ago

Dude, did you even attempt to share this with coderwall's staff before posting this?

The netiquette of whitehat security flaw research is to direct message the vendor/site on the details of your exploit, and give the vendor/site time to patch the flaw before your show-and-tell to prove to the world just how smart you are.

If script kiddie spam bot operators get wind of this, coderwall will become overrun with everything but useful coding tips. That will ruin a great resource for the coding community.

Just because you can doesn't mean you should.

Posted to Flightplan - deploy like a boss over 1 year ago

Hey Paul,

Nice work. I'm using capistrano now for Node deployments to Linux. What do you see as the advantages of flightplan over cap for Node apps?

Cheers,
Steve

Posted to Escape HTML with Javascript over 1 year ago

Ben Vinegar's You are probably misusing DOM text methods convinced me not to use DOM fragments to escape HTML. Below mixin was inspired by Ben's post and the Mustache.js implementation for sanitizing HTML from user input

/** Mixin to extend the String type with a method to escape unsafe characters
 *  for use in HTML.  Uses OWASP guidelines for safe strings in HTML.
 * 
 *  Credit: http://benv.ca/2012/10/4/you-are-probably-misusing-DOM-text-methods/
 *          https://github.com/janl/mustache.js/blob/16ffa430a111dc293cd9ed899ecf9da3729f58bd/mustache.js#L62
 *
 *  Maintained by stevejansen_github@icloud.com
 *
 *  @license http://opensource.org/licenses/MIT
 *
 *  @version 1.0
 *
 *  @mixin
 */
(function(){
  "use strict";

  function escapeHtml() {
    return this.replace(/[&<>"'\/]/g, function (s) {
      var entityMap = {
          "&": "&amp;",
          "<": "&lt;",
          ">": "&gt;",
          '"': '&quot;',
          "'": '&#39;',
          "/": '&#x2F;'
        };

      return entityMap[s];
    });
  }

  if (typeof(String.prototype.escapeHtml) !== 'function') {
    String.prototype.escapeHtml = escapeHtml;
  }
})();
Posted to Web Development Melbourne over 1 year ago

SPAM

Posted to Why JSON5? over 1 year ago

Read more about JSON5 at http://json5.org/

Great point. How about warning and redirecting to new Foo() instead of throwing an exception?

function Foo() {
  // verify the new operator was used to
  // ensure 'this' works as expected
  if (false === (this instanceof Foo)) {
      console.warn('Foo() invoked as a function;',
                   'use `new Foo()` instead');
      return new Foo(arguments);
  }
    // ...
}

Hi @robsonsobral, thanks! It looks like this IE6 edge case effects Google's data center. However, it looks like it could work in IE6 if your hostname matches the subject of the SSL certs. Definitely good to know for anything hosted by Google, at the least.

Hi @robsonsobral, good to know however that link doesn't seem to talk about protocol relative URLs in IE6. It talks about host name mismatches when using IE6 on XP, which uses SSLv2 instead of SSLv3 or TLSv1.0. Did I misread the article?

FYI - the npm colors package is amazing for this.

screenshot

Posted to basil : a proxy middleware over 1 year ago

Hi @dawicorti, I created something very similar called json-proxy. We should sync up efforts. Your post inspired me to think about an option to capture API responses to disk and allow you to replay them without needing the API server.

Posted to Pause on error in Batch File over 1 year ago

FYI you can simplify this to a one liner

DIR nofile || (PAUSE && EXIT /B 1)

You can even create a pseudo "macro" for this in a batch script:

SET errorhandler=^|^| ^(PAUSE ^&^& EXIT /B 1^)

DIR .  %errorhandler%
DIR nofile %errorhandler%

Hi @christianbundy,

I recommend any of the great blog posts out there explaining pros and cons of the NodeJS event loop, like Node's own about page.

In a nutshell, Node uses an event loop for concurrency instead of the more common approach with multiple operating system threads. In Node, a thread should never sit idle waiting for I/O to complete. This enables a server to handle concurrent tasks using a single operating system thread. Node's position is threads are hard to code well and are expensive runtime resources, so avoiding multiple threads makes coding much simpler and more scalable at runtime.

The practical implementation of this approach is the callback pattern you described. An I/O function call initiates the work, and Node moves on to the next task in the event queue. When the I/O completes, your callback is queued on the Node event loop, and subquently invoked by Node to let you know the I/O is done and optionally tell you about any errors or results.

There are many criticisms of Node (like this famous one), however, I am amazed at what Node can accomplish in a few hundred lines of code compared to what was possible a decade ago.

Enjoy learning Node!

Posted to JavaScript function overloading over 1 year ago

For me, this technique is harder to read over putting the logic to inpsect the arguments array inside your object's function, and then make decisions on the logic to apply. I might use a closure like this:

(function(){
 function findAll() {
   // Find all users...
  }

 function findByFullName(name) {
  // Find a user by name
  }

  function findBySurname(first, last) {
     // Find a user by first and last name
  }

  Users.prototype.find = function find() {
    if (arguments.length === 0)
       return findAll.apply(this);

    if (arguments.length === 1 and typeof(arguments[1]) === 'string')
      return findByFullName.apply(this, arguments);

   // by default, search using first and last name
   return findBySurname.apply(this, arguments);
  }
})();

NodeJS is all about async methods that invoke callbacks upon completion. The typical pattern for NodeJS APIs is exactly what you describe: the last arg is a callback function, the callback will be invoked with the first param being either null or some error value, and optionally more callback arguments to provide the result of the async operation. Use of callbacks instead of synchronous return values is one of the biggest learning curves for newcomers to Node, especially if you are a UI dev specializing in browser hosted Javascript.

Don't worry, the async callback thing will eventually seem natural. There are also good libs like async and q to help avoid Node "callback hell". Node's use of callbacks is what makes Node scale pretty darn well with I/O bound operations.

Posted to Rerun your last terminal command over 1 year ago

Why not just use !!, which works in either bash or zsh?

Posted to tmux always reattach over 1 year ago

@kjellski - learned something new today. I'm going to start including unalias -a in my scripts. Thanks!

Posted to Write Tests for Regex! over 1 year ago

Great point. Even better, use any of the great JS unit test frameworks out there. I find QUnit to be extremely quick and simple for testing functions like these.

test("somethingthatshouldmatch", function () {
    var input = "somethingthatshouldmatch";
    ok(myRegex.test(input) === true);
});

test("somethingthatshouldNOTmatch", function () {
    var input = "somethingthatshouldNOTmatch";
    ok(myRegex.test(input) === false);
});

Demo of a similar situation @ http://jsfiddle.net/stevejansen/nfUb6/

Posted to tmux always reattach over 1 year ago

Cool tip!

FYI - the book From Bash to Z Shell: Conquering the Command Line (which I enjoyed) recommends alias names that do not clobber existing names, like alias ll='ls -l' instead of alias ls='ls -l'. This avoids unexpected behavior in scripts that call the command and for anyone else using your terminal (which is kind of the point for tmux, right?). Just some food for thought.

Posted to Better Diffs with SQL Files over 1 year ago

Yeah, UTF-16 .sql files were annoying for me with GitHub diffs.

There is an easier way to make this problem go away:

  1. Find the template is a file named SQLFile.sql, by default in the location %ProgramFiles%\Microsoft SQL Server\[Sql Version]\Tools\Binn\VSShell\Common7\IDE\SqlWorkbenchProjectItems\Sql\.
  2. Resave (using your tip) as UTF-8.
  3. All new query windows will default to UTF-8 files

Source: Microsoft Connect post Unicode Defaults on SSMS Save.

There is a great read at UTF-8 Everywhere explaining why Microsoft is so wedded to UTF-16 (aka "Unicode" in the Microsoft developer world).

Posted to Querying the dd command over 1 year ago

Love this nuance about dd! Been awhile since I used it. Thanks for reminding me.

FYI - use the USR1 signal on Linux and SIGINFO on OS X/BSD

Here's some a fun example backgrounding dd as well as the SIGINFO call:

dd if=/dev/zero of=/dev/null bs=512 &
pid=$!
while ps -a $pid > /dev/null 2>&1
do
  # throw away stderr if we kill dd between ps and kill -SIGINF
  kill -SIGINFO $pid 2>/dev/null 
  sleep 1
done &
sleep 5
kill $pid
Posted to AngularJS SEO over 1 year ago

Wow, great research. Thank you for sharing with the community. I am debating server-side vs SPA MVC for my next project now.

An untested hack in my mind is to create a JSON data structure describes the routes, consumed by both ngRoute and a server-side (node?) micro app to generate the sitemap. This would avoid the need to manually craft the sitemap file. Does this sound remotely reasonable?

Ah, now I see! Totally right.

I forgot about this since I use yeoman/grunt/bower now for local JS dev, which gives me 'grunt serve' for a lightweight server. Some people use a short rack config file for this too.

@koen, nice point. FYI there is a fix for this. To enable XHR/AJAX requests (like jQuery dynamic loading of scripts) with file:/// schemes:

Chrome

Pass the --allow-file-access-from-files command line arg, which you can check with chrome://flags.

Safari

Click the Develop menu > Disable Local File Restrictions.

Shameless plug for golang... go natively supports multiple return values from a function.

Posted to Create striped folders in Bash over 1 year ago

Clever... I'm a fan of parameter expansion with bash shell Never thought of using it this way before.

I'm still learning golang myself. Thanks for sharing - I learned something new today!

You can also limit this URL rewriting to an explicit list of Git repos that are outside your firewall. This way you can still use the git:// scheme inside your LAN with your internal repos.

git config --global url."https://github.com".insteadOf git://github.com
Posted to Microsoft's WebAPI over 1 year ago

Totally agree, WebAPI is good stuff.

Self-hosting WebAPI is fantastic. You can host an API right inside your unit test process for truly meaningful tests.

All of the above are pseudo-random values, which is likely fine for most scenarios.

System.Security.Cryptography.RandomNumberGenerator is the base class for cryptographically secure random values that are not deterministic/predictable.

See the example @ http://msdn.microsoft.com/en-us/library/system.security.cryptography.rngcryptoserviceprovider.aspx

Achievements
355 Karma
18,516 Total ProTip Views