25 Matching Annotations
  1. May 2020
  2. developer.chrome.com developer.chrome.com
    1. If a user clicks on that button, the onclick script will not execute. This is because the script did not immediately execute and code not interpreted until the click event occurs is not considered part of the content script, so the CSP of the page (not of the extension) restricts its behavior. And since that CSP does not specify unsafe-inline, the inline event handler is blocked.
    1. If you’re selling products and keep record of users’ choices for marketing purposes, dividing them into meaningful categories, such as by age, gender, geographical origin etc., you’re profiling them.
  3. Apr 2020
    1. A website (also written as web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server
    1. In math, idempotence describes only unary functions that you can call on their own output. Math-idempotence is, “If you take the absolute value of a number, and then you take the absolute value of that, the result doesn’t change on the second (or subsequent) operations.” Math.abs is math-idempotent. Math-idempotence only applies to functions of one parameter where the parameter type and return type are the same. Not so useful in programming.
    1. Since the authenticity token is stored in the session, the client cannot know its value. This prevents people from submitting forms to a Rails app without viewing the form within that app itself. Imagine that you are using service A, you logged into the service and everything is ok. Now imagine that you went to use service B, and you saw a picture you like, and pressed on the picture to view a larger size of it. Now, if some evil code was there at service B, it might send a request to service A (which you are logged into), and ask to delete your account, by sending a request to http://serviceA.com/close_account. This is what is known as CSRF (Cross Site Request Forgery). If service A is using authenticity tokens, this attack vector is no longer applicable, since the request from service B would not contain the correct authenticity token, and will not be allowed to continue.
  4. Mar 2020
    1. The process of collecting and storing user consent from a technical perspective
    2. First-party cookies are the lifeblood of every website, enabling businesses to remember key pieces of information about users and to collect analytics data. Third-party cookies are the bread and butter of AdTech, allowing publishers to monetize their websites, and brands to run advertising and marketing campaigns.
    1. They are in place to prevent brute forcing a password. If you had to complete these every time you login, a person has to be there to answer it. This makes it so you can’t leave a guessing software to break your password. So, in short, it's for your account’s safety.
    1. The visitors of that blog post will get third-party non-essential cookies unless they previously set their browser to block cookies.
    1. the feature was dropped to “lack of use.”

      I don't find the reason "lack of use" sufficient in its own right. (I personally didn't use this feature.) People might not use it because they don't know about. And those that do use may find it extremely useful; it's not their fault if others don't know about it or use. It seems to discriminate a bit against the minority who may use a useful feature. They would rather be in the majority, safe from having one of their favorite features removed.

      But I do understand and appreciate the good explanation given below.

  5. Feb 2020
  6. Dec 2019
    1. So if you create one backup per night, for example with a cronjob, then this retention policy gives you 512 days of retention. This is useful but this can require to much disk space, that is why we have included a non-linear distribution policy. In short, we keep only the oldest backup in the range 257-512, and also in the range 129-256, and so on. This exponential distribution in time of the backups retains more backups in the short term and less in the long term; it keeps only 10 or 11 backups but spans a retention of 257-512 days.
    1. Neutrino only babel-compiles first party source (the JSX -> JS transformation is handled by a babel plugin). It does this because even when using the module entry in package.json, it's expected that the provided file (and it's imports) still be JS and not in some other format - ie: the only difference from the content in main should be that it can use modules syntax (that is import and export rather than require etc).

      module version compared to main version:

      only difference from the content in main should be that it can use modules syntax (that is import and export rather than require etc).

      You can see the difference in this example: https://unpkg.com/browse/reactstrap@8.0.1/es/Alert.js ("module": "es/index.js": import) vs. https://unpkg.com/browse/reactstrap@8.0.1/lib/Alert.js ("main": "lib/index.js": require)

  7. Nov 2019
    1. Oh, is it like Object.assign() then? Almost like Object.assign({}, divElement, {newProp: 'newProp'})?

      React.cloneElement(divElement, {newProp: 'newProp'})

      is a lot like

      Object.assign({}, divElement, {newProp: 'newProp'})?

    2. React.cloneElement() allows us to clone a runtime element (not the class), and apply an enhancement to it.
  8. Oct 2019
    1. well explained article
    2. Rack middleware is more than "a way to filter a request and response" - it's an implementation of the pipeline design pattern for web servers using Rack. It very cleanly separates out the different stages of processing a request - separation of concerns being a key goal of all well designed software products.
    1. It would be safer to just register the JS entrypoints and automatically add CSS packs if there are any required by that JS. Webpacker does this already. Check your webpacker.yml and ensure that extract_css is false. This will prevent webpacker from separating the 2 files.
    1. You probably have extract_css: true in your webpacker.yml. This removes import '../scss/index'; and generates the equivalent style sheet. You do need to add stylesheet_pack_tag yourself.
    1. React is hanging on to a reference to previous functions because memoization typically means that we keep copies of old values to return in the event we get the same dependencies as given previously
  9. Sep 2019