| import asyncio | |
| loop = asyncio.get_event_loop() | |
| async def hello(): | |
| await asyncio.sleep(3) | |
| print('Hello!') | |
| if __name__ == '__main__': | |
| loop.run_until_complete(hello()) | |
Disclaimer: This piece is written anonymously. The names of a few particular companies are mentioned, but as common examples only.
This is a short write-up on things that I wish I'd known and considered before joining a private company (aka startup, aka unicorn in some cases). I'm not trying to make the case that you should never join a private company, but the power imbalance between founder and employee is extreme, and that potential candidates would
| // Usage: | |
| // | |
| // function loader() { | |
| // return new Promise((resolve) => { | |
| // if (process.env.LAZY_LOAD) { | |
| // require.ensure([], (require) => { | |
| // resolve(require('./SomeComponent').default); | |
| // }); | |
| // } | |
| // }); |
| <button class="material-btn"> | |
| <div class="wave"></div> | |
| WAVE | |
| </button> | |
| <button class="slide-btn"> | |
| <div class="text">SLIDE</div> | |
| </button> |
This is a guide that I wrote to improve the default security of my website https://fortran.io , which has a certificate from LetsEncrypt. I'm choosing to improve HTTPS security and transparency without consideration for legacy browser support.
I would recommend these steps only if you have a specific need for information security, privacy, and trust with your users, and/or maintain a separate secure.example.com domain which won't mess up your main site. If you've been thinking about hosting a site on Tor, then this might be a good option, too.
The best resources that I've found for explaining these steps are https://https.cio.gov , https://certificate-transparency.org , and https://twitter.com/konklone
| #!/bin/bash | |
| # - Matches on source and compiled code | |
| # - Searches in user home directories by default | |
| # - Detects certain strings in files smaller 300 kbyte | |
| # - Does not print anything if nothing was found | |
| # - Appends the file's time stamp of the files in question > good indicator to spot false positives | |
| # - Should work on most Linux systems with bash | |
| # Old version | |
| # for f in $(find /home/ -type f -size -300 2> /dev/null); do if [[ $(strings -a "$f" 2> /dev/null | egrep "/proc/(self|%d)/(mem|maps)") != "" ]];then m=$(stat -c %y $f); echo "Contains DirtyCOW string: $f MOD_DATE: $m"; fi; done; | |
| for f in $(find /home/ -type f -size -300 2> /dev/null); do if [[ $(egrep "/proc/(self|%d)/(mem|maps)" "$f") != "" ]];then m=$(stat -c %y "$f"); echo "Contains DirtyCOW string: $f MOD_DATE: $m"; fi; done; |
| android.permission.ACCESS_ALL_DOWNLOADS | |
| android.permission.ACCESS_BLUETOOTH_SHARE | |
| android.permission.ACCESS_CACHE_FILESYSTEM | |
| android.permission.ACCESS_CHECKIN_PROPERTIES | |
| android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY | |
| android.permission.ACCESS_DOWNLOAD_MANAGER | |
| android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED | |
| android.permission.ACCESS_DRM_CERTIFICATES | |
| android.permission.ACCESS_EPHEMERAL_APPS | |
| android.permission.ACCESS_FM_RADIO |
This gist had a far larger impact than I imagined it would, and apparently people are still finding it, so a quick update:
(async main(){...}()) as a substitute for TLA. This completely eliminates the blocking problem (yay!) but it's less powerful, and harder to statically analyse (boo). In other words the lack of TLA is causing real problemsI'll leave the rest of this document unedited, for archaeological
It's now here, in The Programmer's Compendium. The content is the same as before, but being part of the compendium means that it's actively maintained.
I recently had several days of extremely frustrating experiences with service workers. Here are a few things I've since learned which would have made my life much easier but which isn't particularly obvious from most of the blog posts and videos I've seen.
I'll add to this list over time – suggested additions welcome in the comments or via twitter.com/rich_harris.
Chrome 51 has some pretty wild behaviour related to console.log in service workers. Canary doesn't, and it has a load of really good service worker related stuff in devtools.