惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

月光博客
月光博客
L
LangChain Blog
Jina AI
Jina AI
WordPress大学
WordPress大学
人人都是产品经理
人人都是产品经理
S
Secure Thoughts
T
The Exploit Database - CXSecurity.com
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 聂微东
小众软件
小众软件
Apple Machine Learning Research
Apple Machine Learning Research
C
Cyber Attacks, Cyber Crime and Cyber Security
Project Zero
Project Zero
T
Threat Research - Cisco Blogs
量子位
G
GRAHAM CLULEY
腾讯CDC
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
C
CERT Recently Published Vulnerability Notes
The Hacker News
The Hacker News
C
Cisco Blogs
Scott Helme
Scott Helme
Spread Privacy
Spread Privacy
宝玉的分享
宝玉的分享
V
V2EX
博客园 - 三生石上(FineUI控件)
T
Tor Project blog
P
Proofpoint News Feed
雷峰网
雷峰网
D
Darknet – Hacking Tools, Hacker News & Cyber Security
V
Vulnerabilities – Threatpost
PCI Perspectives
PCI Perspectives
博客园_首页
L
LINUX DO - 最新话题
IT之家
IT之家
有赞技术团队
有赞技术团队
博客园 - Franky
Hacker News: Ask HN
Hacker News: Ask HN
Last Week in AI
Last Week in AI
The Cloudflare Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
美团技术团队
博客园 - 【当耐特】
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Security Archives - TechRepublic
Security Archives - TechRepublic
L
LINUX DO - 热门话题
AWS News Blog
AWS News Blog
S
Security Affairs
T
Tailwind CSS Blog

Stonecharioteer on Tech

I Traced My Traffic Through a Home Tailscale Exit Node What Was I Reading Last? In Three Not-So-Easy Pieces Dogfooding Is Hard Code blocks in your books, finally GoForGo v0.9.0 Merrilin - We built an app to read books I use a Macbook now Data Structures & Algorithms - Preparing for Interviews Using a local DNS namespace for local service discovery Direction KOllector - Publishing KOReader Highlights gbt: branches touched in the last 24 hours A Soiree into Symbols in Ruby Some Smalltalk about Ruby Loops Ruby Blocks Returning from Ruby Blocks, Procs and Lambdas My Linux Laptop Finally Works: How Claude Helped Me Fix Years of Annoyances TIL: Watchexec - Modern File Watching for Development Workflows A Less Busy Mind GoForGo - Learn Go through live examples Migrating My Old Blog to Hugo with Claude The Qtile Window Manager: A Python-Powered Tiling Experience Read the RFCs that Built the Internet Py-x-Protobuf - Or How I Learned to Stop Worrying and Love Protocol Buffers Python Reverse a List New Beginnings Leaving ChainSafe Systems Screen Lock for Cinnamon Desktop using Zenity and Terminal Commands Crews Not Teams A System for Getting Better at LeetCode So Far So Rust Retrying HTTP Requests with Rust A Primer on Control Charts Learning Rust Explicit is Better than Implicit: Rust for Pythonistas Using Custom Delimiters in Jinja Templates TIL: Creating Fixed Length Iterables in Python Documentation Without Assumption Vagrant Python - A Reflection in 2022 Learning Golang No, A Virtual Machine Is Not Enough: Why Developers Need Native Linux Empathy in Tech For Those Who Came in Late A Weekend With PostgreSQL TIL: Gooey and Python Fire for Quick GUIs and CLIs TIL: 2ality - Dr. Axel Rauschmayer's JavaScript Blog TIL: MassDNS - High-Performance Bulk DNS Lookups TIL: Matomo Analytics, Google Tech Writing, Memory Programming, and NES TV Signals TIL: MontyDB - MongoDB Implemented in Python Returning to the Craft of Programming TIL: CPUFetch, OneFetch, and Learn CSS TIL: DNS Performance Testing and Pi-hole with Unbound TIL: Eli Bendersky's Blog, Awesome By Example, NoCoDB, and Martin Kleppmann TIL: CRDTs, Extreme HTTP Performance, and BYTEPATH Game TIL: AutoInvent, ASGI, Python Packaging, RAPIDS GPU Computing, and FlaskCon TIL: MangaDesk - Terminal Client for MangaDex TIL: McFly - Smart Shell History Search TIL: Siege Load Testing and Awesome FastAPI Resources TIL: Ventoy Bootable USB and Justniffer Network Analysis TIL: CLI Code Review, Git Split Diffs, and Internal Combustion Engine TIL: Benford's Law, Web Security Headers, Event Sourcing, and Mozilla Security Guidelines How to Write Documentation - The README.md File The Importance of Documentation TIL: NNgroup UX Research, SponsorBlock, and Labella Python Library TIL: The Little Book of Rust Macros and Rust Performance Book TIL: Git-Bug Distributed Issue Tracker and Omni Kubernetes Monitoring TIL: Zellij - Modern Terminal Multiplexer TIL: How Discord Handles 2.5 Million Concurrent Voice Users TIL: Volumio - The Audiophile Music Player TIL: Areopagitica - Milton's Defense of Free Speech TIL: Fast Node Manager, Zoxide Smart CD, Technical Writing, PyO3, and Qubes OS TIL: Slurm Workload Manager for HPC Clusters TIL: Data Visualization Guide and Oso Authorization Academy TIL: Raspberry Pi OS Development, Vim Beginner Guide, Password Management, and QueryBook TIL: uBlock Origin Performance Optimization on Firefox TIL: Breaking PostgreSQL at Scale and LeetCode Problem Patterns TIL: Awesome Tmux Resources for Terminal Multiplexing TIL: Grit - A Multitree-Based Personal Task Manager TIL: Lens 4.2 Kubernetes IDE, Shell Scripting Guide, and Dark HTTP Server Do The Job You Hate So You Won't Hate The Job You Love TIL: Innernet VPN Solution and NoteCalc Calculator App TIL: Argo CD for GitOps and Lens Kubernetes IDE TIL: Modern Rust CLI Tools - System Monitoring, HTTP Requests, and DNS TIL: tz - A Time Zone Helper Tool TIL: Distributed Systems Education, Fallacies, and Self-Hosted Internet Archiving TIL: Real-Time Voice Cloning Technology TIL: ChartMuseum for Helm, AMD's Corporate Journey, and Kubernetes Pod Scaling TIL: Docker and Kubernetes Tools - Whaler, Descheduler, and Dive TIL: Post-Mortem Collection, Terminal Plotting, and Technical Twitter TIL: Dark Mode Toggle Web Component by Google Chrome Labs TIL: Python eval(), exec(), and compile() Functions TIL: Camelot PDF Tables, PostgreSQL Row Level Security, Zerodha Varsity, and Write Yourself a Git TIL: fuser Command for Process and File Investigation TIL: i Hate Regex - The Ultimate Regex Cheat Sheet TIL: Dolt - Git for Data and Database Version Control TIL: x86 Assembly Programming and SafeEyes Break Reminder TIL: Comprehensive Distributed Systems Reading List TIL: Cosmopolitan C Library, Distributed Systems Book, High Performance Browser Networking, and Rust Roguelike Tutorial TIL: ABlog for Sphinx - Documentation as a Blog Platform
TIL: CORS Deep Dive, Piku Tiny PaaS, Rust Strings, and Deno Standard Library
2021-04-15 · via Stonecharioteer on Tech

Deep dive in CORS: History, how it works, and best practices

Comprehensive exploration of Cross-Origin Resource Sharing:

Historical Context:

  • Same-Origin Policy: Browser security feature from the early web
  • AJAX Era: XMLHttpRequest created need for cross-origin requests
  • CORS Solution: W3C specification to safely allow cross-origin requests
  • Modern Challenges: Single-page applications and microservices architecture

How CORS Works:

Simple Requests:

  • Automatic Headers: Browser adds Origin header automatically
  • Server Response: Server includes Access-Control-Allow-Origin header
  • Browser Enforcement: Browser blocks response if origins don’t match

Preflight Requests:

  • OPTIONS Method: Browser sends preflight request for complex requests
  • Permission Check: Server responds with allowed methods, headers, origins
  • Actual Request: Browser sends actual request only if preflight succeeds

Best Practices:

  • Specific Origins: Avoid wildcard (*) in production
  • Minimal Headers: Only allow necessary headers
  • Credential Handling: Careful with Access-Control-Allow-Credentials
  • Error Handling: Proper CORS error responses

Piku - Tiny PaaS

GitHub - piku/piku - The tiniest PaaS you’ve ever seen. Git push deployments to your own servers.

Lightweight Platform-as-a-Service for simple deployments:

Key Features:

  • Git-Based Deployment: Deploy with simple git push
  • Minimal Dependencies: Single Python script with minimal requirements
  • Multi-Language Support: Python, Node.js, Go, Ruby, and more
  • Process Management: Automatic process supervision and restart
  • Environment Variables: Configuration through environment files

How It Works:

1
2
git remote add piku piku@server:app-name
git push piku main

Perfect For:

  • Small Projects: Personal projects and prototypes
  • Learning: Understanding deployment concepts
  • Resource-Constrained: Single server deployments
  • Simplicity: When Kubernetes is overkill

Why Rust Strings Seem Hard

Why Rust strings seem hard

Excellent explanation of Rust’s string complexity:

The Challenge:

  • Multiple Types: String, &str, OsString, Path, etc.
  • Memory Management: Ownership and borrowing with strings
  • UTF-8 Enforcement: Always valid Unicode, unlike C strings
  • Performance Considerations: Zero-copy operations when possible

Key Concepts:

String Types:

  • String: Owned, mutable, heap-allocated
  • &str: Borrowed, immutable, string slice
  • Relationship: String can be borrowed as &str

Common Patterns:

1
2
3
let owned = String::from("hello");    // Owned string
let borrowed = &owned;                // Borrowed as &str
let slice = &owned[0..2];            // String slice

Why It’s Actually Logical:

  • Memory Safety: Prevents buffer overflows and use-after-free
  • Performance: Zero-cost abstractions where possible
  • Correctness: UTF-8 validity guaranteed at compile time

Deno Standard Library

Deno Standard Library

Modern standard library for Deno JavaScript/TypeScript runtime:

Philosophy:

  • Modern APIs: Built for contemporary JavaScript features
  • TypeScript First: Full TypeScript support out of the box
  • Web Standards: Aligned with web platform APIs
  • Security: Secure by default with explicit permissions

Key Modules:

  • HTTP: Web server and client functionality
  • File System: File and directory operations
  • Testing: Unit testing framework
  • Encoding: Base64, hex, and other encoding utilities
  • Crypto: Cryptographic functions
  • UUID: UUID generation and validation

Advantages Over Node.js:

  • No package.json: Direct URL imports
  • Built-in TypeScript: No compilation step needed
  • Web Standards: Fetch, WebCrypto, etc.
  • Secure: Permissions required for file, network access

Each tool represents a different approach to solving common development challenges with emphasis on simplicity, security, and modern standards.