This Gist is created in 2014, and it's highliy outdated now, according to one of mitmproxy's manjor contributor (check his comment below). Thanks for letting us know, @mhils!
Modern applications usually make use of back-end API servers to provide their services. With a non-transparent HTTPs proxy, which intercepts the communication between clients and servers (aka the man-in-the-middle scheme), you can easily manipulate both API requests and responses.
Many mobile apps have back-end API servers. They usually rely on the API replies to determine whether certain information is supposed to be shown. If the API responses could be manipulated on the fly, we may easily fool an unmodified app to expose some private data.
This manual guides you to set up nginx as non-transparent SSL proxy, which just subsitutes strings in the server responses (i.e. man-in-the-middle attack ourself). For both server-side (their API servers) and client-side (your device), the whole process is almost transparent.
| package main | |
| import ( | |
| "log" | |
| "net/http" | |
| "net/http/httputil" | |
| "net/url" | |
| ) | |
| func main() { |
| References: | |
| [1] http://www.virtualzone.de/2012-05-01/ubuntu-12-04-on-citrix-xenserver-5-6/ | |
| [2] http://thetechshop.org/showthread.php?847-Citrix-Xenserver-Template-for-Ubuntu-12.04-and-the-weird-Rebooting-to-Read-Only-Mode | |
| Steps: | |
| 1. New VM | |
| * Two choices: |
jQuery does good jobs when you're dealing with browser compatibility. But we're living in an age that fewer and fewer people use old-school browsers such as IE <= 7. With the growing of DOM APIs in modern browsers (including IE 8), most functions that jQuery provides are built-in natively.
When targeting only modern browsers, it is better to avoid using jQuery's backward-compatible features. Instead, use the native DOM API, which will make your web page run much faster than you might think (native C / C++ implementaion v.s. JavaScript).
If you're making a web page for iOS (e.g. UIWebView), you should use native DOM APIs because mobile Safari is not that old-school web browser; it supports lots of native DOM APIs.
If you're making a Chrome Extension, you should always use native APIs, not only because Chrome has almost the latest DOM APIs available, but this can also avoid performance issue and unnecessary memory occupation (each jQuery-driven extension needs a separate
The list would not be updated for now. Don't write comments.
The count of contributions (summary of Pull Requests, opened issues and commits) to public repos at GitHub.com from Wed, 21 Sep 2022 till Thu, 21 Sep 2023.
Because of GitHub search limitations, only 1000 first users according to amount of followers are included. If you are not in the list you don't have enough followers. See raw data and source code. Algorithm in pseudocode:
githubUsers
| --- Day changed 六 4月 14 2012 | |
| 00:00 < hcchien> 算了,洗澡睡覺去。明天看緣份了 :D | |
| 00:18 < cls_bsd> .... | |
| 00:34 < jnlin> hcchien: 我有... | |
| 07:37 < darkx> 大家早安 | |
| 08:36 < miyagawa> which building is the venue? http://www.sinica.edu.tw/as/map/asmap_c.html | |
| 08:39 < clkao_> miyagawa: 24 | |
| 08:39 < miyagawa> thanks | |
| 08:39 < clkao_> hcchien: 為什麼我的 abstract 沒有出現 | |
| 08:57 clkao_ is now known as clkao |
| Security Alert - Please reset your npm registry account | |
| ================================================== | |
| The security of the npm registry has just been upgraded. This corrects a known | |
| flaw which led to the leakage of the password_sha and salt fields. The good | |
| news is that the leak is plugged. The bad news is that it existed for quite a | |
| while. | |
| tl;dr |
| class PostsController < ActionController::Base | |
| def create | |
| Post.create(post_params) | |
| end | |
| def update | |
| Post.find(params[:id]).update_attributes!(post_params) | |
| end | |
| private |