Pull to refresh

All streams

Show first
  • New
  • Top
Rating limit
  • All
  • ≥0
  • ≥10
  • ≥25
  • ≥50
  • ≥100

XSS: attack, defense — and C# programming

PVS-Studio corporate blogInformation Security*Programming*.NET*C#*

XSS - or cross-site scripting - is one of the most common vulnerabilities in web applications. It has been on the OWASP Top 10 list (the list of the most critical security risks to web applications) for a while now. So let's figure out together how your browser can acquire and execute a script from a third-party website, and what this may lead to (spoiler: your cookies could get stolen, for example). And while we're at it, we'll talk about ways you can protect yourself from XSS.

Read more
Rating0
Views59
Comments 0

Load testing for WebRTC mixer

Flashphoner corporate blogSystem administration*Working with video*IT Infrastructure*DevOps*

This article is a continuation of our series of write-ups about load tests for our server. We have already discussed how to compile metrics and how to use them to choose the equipment, and we also provided an overview of various load testing methods. Today we shall look at how the server handles stream mixing.

Read more
Total votes 1: ↑1 and ↓0+1
Views57
Comments 0

How to create a custom Scrollbar in Flutter using RenderShiftedBox

Flutter*
Sandbox

In my project, I was faced with the need to implement a scroll bar. The standard approaches didn't fully satisfy what designers wanted to see. Here is an example, it is slightly different in appearance from what I needed, but the essence is approximately the same: the scroll bar should be on the right side of the list and take into account the padding of the scroll bar, with the slider displaying the percentage of the scrolled part of the list.

Read more
Total votes 3: ↑3 and ↓0+3
Views64
Comments 0

One does not simply calculate the absolute value

Programming*Java*Mathematics*
Translation

It seems that the problem of calculating the absolute value of a number is completely trivial. If the number is negative, change the sign. Otherwise, just leave it as it is. In Java, it may look something like this:


public static double abs(double value) {
  if (value < 0) {
    return -value;
  }
  return value;
}

It seems to be too easy even for a junior interview question. Are there any pitfalls here?

Read more →
Total votes 10: ↑9 and ↓1+8
Views21K
Comments 4

How to setup TON (The Open Network) validator

Cryptocurrencies
Tutorial
The The Open Network (TON) is a fast, secure and scalable blockchain and network project, capable of handling millions of transactions per second.

It was originally introduced by Telegram and called Telegram Open Network. Unfortunately, in May 2020, they announced the closure of the project due to the US court decision. Right after that, three different organizations announced their intentions to continue work on the blockchain: TON Labs, NewTON (TON Foundation), and the Chinese TON community.


In early August, the Telegram team transferred the original repository on GitHub, as well as the ton.org domain, to the open developer community of the TON Foundation.


You can read more about it here.


Introduction


In this tutorial, you will learn how to set up & run a TON validator using mytonctrl on Ubuntu. Note that, it is only dedicated to validators on the NewTON (TON Foundation) blockchain.

Read more
Total votes 5: ↑5 and ↓0+5
Views293
Comments 0

New features of the hybrid monitoring AIOps system Monq

Gals Software corporate blogIT systems testing*System administration*IT Infrastructure*Software


In one of the previous articles, I’ve already written about the hybrid monitoring system from Monq. Almost two years have passed since then. During this time, Monq has significantly updated its functionality, a free version has appeared, and the licensing policy has been updated. If monitoring systems in your company start to get out of control, and their number rushes somewhere beyond the horizon, we suggest you take a look at Monq to take control of monitoring. Welcome under the cut.
Read more →
Total votes 9: ↑9 and ↓0+9
Views133
Comments 0

Десятка лучших frontend-сообществ и каналов

Конференции Олега Бунина (Онтико) corporate blogJavaScript*ConferencesDesign

Что может быть ценнее новых идей и нового опыта? Только возможность обсудить их вместе с людьми, которые в теме. 

Мы решили сделать для вас подборку самых интересных frontend-сообществ и полезных каналов на YouTube для разработчиков JavaScript и веб-дизайнеров.

Read more
Total votes 24: ↑23 and ↓1+22
Views903
Comments 0

Quantitative‌ ‌Funds:‌ ‌What’s‌ ‌Interesting‌ ‌for‌ ‌Coders?

Luxoft corporate blogBig Data*Machine learning*IT careerFinance in IT

Hello, Habr! Not only traders but also mathematicians and programmers work with stock markets. Director of Engineering at Luxoft Artem Sosulnikov tells about data, which specialists of quantitative hedge funds work with, things they pay attention to, and conditions in such companies.

Read more
Rating0
Views228
Comments 0

Tutorial: how to port a project from Interop Word API to Open XML SDK

PVS-Studio corporate blogProgramming*.NET*C#*Development for Office 365*
Tutorial

With the .NET5 release further development of some projects was questionable due to the complexity of porting. One can abandon small outdated libraries or find a replacement. But it's hard to throw away Microsoft.Office.Interop.Word.dll. Microsoft doesn't plan to add compatibility with .NET Core/5+, so in this article we focus on creating Word files with Open XML SDK.

Read more
Total votes 3: ↑3 and ↓0+3
Views215
Comments 0

Controlling Brushless Motors using a Linux computer or a PLC

*nix*SCADA*Computer hardwareDIYElectronics for beginners
Tutorial

In this video, we will look at how to connect brushless motor controllers to a Linux computer. Specifically, we will use a computer running Debian. The same steps would work for Ubuntu Linux and other Linux distributions derived from Debian.

I've got a small sensorless brushless motor, and a bigger brushless motor with a built-in absolute encoder. Lets look at how to control those from my Debian Linux computer. Servosila brushless motor controllers come in several form factors with either a circular or a rectangular shape. The controllers come with a set of connectors for motors and encoders as well as for USB or CANbus networks.

The controllers can be powered by a power supply unit or by a battery. To spice up my setup, I am going to use a battery to power the controllers and thus their motors. The controllers need 7 to 60 volts DC of voltage input. If I connect the battery, the controllers get powered up. The small LED lights tells us that the controllers are happy with the power supply.

We need to connect the brushless motor controllers to the Linux computer. There are two ways to do that - via CANbus or via USB. Lets look at the USB option first. A regular USB cable is used. Only one of the controllers needs to be connected to a computer or a PLC.

Next, we need to build an internal CANbus network between the controllers. We are going to use a CANbus cross-cable to interconnect the controllers. Each controller comes with two identical CANbus ports that help chain multiple controllers together in a network. If one of the interconnected brushless motor controllers is connected to a computer via USB, then that particular controller becomes a USB-to-CANbus gateway for the rest of the network. Up to 16 controllers can be connected this way via a single USB cable to the same control computer or a PLC. The limit is due to finite throughput of the USB interface.

Video & Read more
Total votes 4: ↑3 and ↓1+2
Views301
Comments 0

Шпаргалка по CSS свойству display

CSS*
Привет, Хабр. Я часто вижу, что разработчики плохо знают, как работает свойство display. Это приводит к разного рода ошибкам. Чтобы побороть это, я собрал наиболее популярные значения и описал, как они влияют на элемент. Все эксперименты я выложил в виде шпаргалки на Codepen, чтобы вы могли проинспектировать их и изучить.



P.S. Если я что-то пропустил, то поправляйте меня в комментариях. Спасибо!
Total votes 3: ↑3 and ↓0+3
Views557
Comments 0

CodeIgniter 4. Prelude to PHPUnit

PHP*CodeIgniter*
Tutorial

Thanks for your feedbacks

I thank the members of the Habr community for their benevolent attitude to the article by the author «Speed Dating with the CodeIgniter 4 on GitHub» in the form of votes and comments.

The friendly attitude to the author prompted him to continue developing a topic dedicated to PHPUnit as part of CodeIgniter 4.

Install Xdebug on XAMPP (Windows 32-bit (x86))

1. Why Xdebug? In file «appstarter/tests/README.md» in the «Requirements» section explicitly states: «You also need to install XDebug to successfully calculate code coverage».

Read more
Total votes 1: ↑0 and ↓1-1
Views214
Comments 0

Using a headless browser for WebRTC load tests

Flashphoner corporate blogSystem administration*Working with video*IT Infrastructure*DevOps*

In the previous article we went over a load test whose data could be used to choose a load-appropriate server. In the course of the testing, we would publish a stream on one WCS, and we would pick up that stream several times using a second WCS. The acquired results could be used as a basis for decisions on server operability.

Some would (justly) have concerns regarding the possible biases in such a test — after all, one of our servers was used to test another one of our servers. Could it be that we were using a specially optimized code that skewed the results in our favor?

Read more
Total votes 1: ↑1 and ↓0+1
Views222
Comments 0

Controlling Brushless Motors from Windows

Robotics development*Development for IOT*Development for Windows*RoboticsIOT
Tutorial

In this video, we will look at how to connect brushless motors to a Windows computer via USB. We are going to connect a network of Servosila brushless motor controllers to the computer. The other option is CANbus interface, but we will look at CANbus in a dedicated video. A regular USB cable is used. Note that the USB cable is not used to power the controller and its motor.

The first brushless motor controller in network appears to Windows as a Virtual COM port. Once connected via USB, it can be found in a general list of devices in the Window's "Settings" window. Up to 16 controllers can be connected this way via a single USB cable to the same control computer or a PLC. If one of the interconnected brushless motor controllers is connected to a computer via USB, then that particular controller becomes a USB-to-CANbus gateway for the rest of the network.

If your computer happens to have more that one serial port, you may wish to check a COM port's number assigned by Windows to the controller. Then, you pick this COM port in a drop down menu in the Servoscope software, and click Connect. If the COM port is not listed in the drop-down menu, click the Refresh button. If everything is good, the controller appears in a list of devices. Double-click to open up a control and configuration window.

Video & Read more
Total votes 5: ↑3 and ↓2+1
Views243
Comments 0

PVS-Studio 7.14: intermodular analysis in C++ and plugin for JetBrains CLion

PVS-Studio corporate blog

0854_Release_714/image2.png


The PVS-Studio team is increasing the number of diagnostics with each new release. Besides, we are improving the analyzer's infrastructure. This time we added the plugin for JetBrains CLion. Moreover, we introduced intermodular analysis of C++ projects and speeded up the C# analyzer core.

Read more →
Total votes 5: ↑5 and ↓0+5
Views237
Comments 0

System-on-Chip bus: AXI4 simplified and explained

FPGA*Robotics development*Programming microcontrollers*Circuit design*Manufacture and development of electronics*

Protocol AXI4 was developed for High-bandwidth and low latency applications. It is designed to allow communication between master and slave devices. Master is typically a DMA or CPU and slaves are DRAM controllers, or other specific protocol controllers: UART, SPI, and others. Sometimes one component can implement multiple instances of this protocol. Usually, a prefix is used to differentiate between multiple AXI4 interfaces.

For example, Ethernet MAC can integrate DMA and slave interface used to command MAC. MAC can accept commands on the slave interface that contain data about the location of the next ethernet packet and MAC can start fetching this packet using the separate master interface instance.

This article was motivated by common design mistakes AXI4 designers make when they are designing their Digital IP. (Looking at you Xilinx)

Read more
Total votes 10: ↑10 and ↓0+10
Views554
Comments 0

Private party protocol: how to distinguish friends and foes using cryptographic tools

Information Security*Cryptography*Network technologies*
Tutorial

ENCRY presents a new interactive identification protocol aimed at controlling the access of selected users to various resources.

Close your eyes and imagine Nice, a luxurious estate whose extravagant owner throws epic parties with jazz and fireworks every weekend.

To attend such a party is a lot of the elite. Invitations are sent out in advance, and guests do not know the names of other invited persons. The owner of the estate, the mysterious Jay Gatsby, an eager luxury-lover, values ​​privacy so much that he is not ready to entrust the list of invitees to anyone, not even his buttress. Moreover, the owner of the estate would like the guests not to reveal their names when entering the property. After all, there may be the mayor of the city, or the chief prosecutor among them, and they would like to keep their visit secret. Unfortunately, the owner of the estate himself is so busy that he cannot independently check each guest at the entrance, especially since there are several access roads to his house. How could he solve this problem?

Read more
Total votes 2: ↑2 and ↓0+2
Views388
Comments 0

Doubling effective digitization frequency by multiple pass approach, is it possible?

Algorithms*Programming microcontrollers*DIY

As already described in the previous article, in the process of reworking the DSO138 oscilloscope toy, the idea arose in the DSO303 firmware at some point to try to double the maximum sampling frequency to achieve scanning times of 500 and 200 nanoseconds per cell. In fact, for the STM32F303, the theoretically maximum achievable sampling rate from the point of view of the ADC input, and this is determined by the minimum opening time of the ADC sampling unit, which in our case is 1.5 clock cycles x (1/72 MHz) = 20.8 nanoseconds, is 48 MSPS (millions of counts per second). However, with the parallel operation of 4 ADCs at 6 MHz, it is possible to achieve only 24 MSPS due to the limited speed of the ADC.

Let's imagine that we are considering correctly-periodic signal, which is also constant, i.e. it does not experience fluctuations in frequency and amplitude over time. Is it possible to somehow digitize it not in one, but in several passes, thereby increasing the effective sampling frequency? 

Read more
Rating0
Views297
Comments 0