手机浏览 RSS 2.0 订阅 膘叔的简单人生 , 腾讯云RDS购买 | 超便宜的Vultr , 注册 | 登陆
浏览模式: 标准 | 列表2011年11月的文章

apache 404转发

平时我们用apache的404转发,大多数是:
ErrorDocument 404 /404.html
但这样其实也只能做到404的提示信息,会更加人性化一一点,但事实上我们要做到几件事情
比如我的图片不存在,我转发后,会根据图片的URL自动生成一张,这一点行不行呢?
于是乎,利用404转发就势在必行了
ErrorDocument 404 /xxx.php
在PHP里写上
<?php
header("Location:http://xxx.xxx.com".$_SERVER['REQUEST_URI']);
?>
或许有人说,为什么我的不起作用呢?
嗯,在ErrorDocument中,如果用其他域名就不行了
比如说我ErrorDocument 404 http://xxx.xxx.com/xxx.php
在其他域名下的Xxx.php不要说$_SERVER['REQUEST_URI']取不到,连HTTP_REFERER也没有的。
所以,还是在自己当前的项目写一下文件 ,利用header转发一下才是最OK的

Tags: apache, 404, header

Infomation:WebKit Does HTML5 Client-side Database Storage

资料备份,其中有两个链接很重要 :
原资料中的:client-side database storage.已经打不开了,好象是换成这个了:10.1.2.2 A worker for updating a client-side database
但我也说不准,详情还是看这个页面吧:http://www.whatwg.org/specs/web-apps/current-work/multipage/

对了,因为是基于webkit的,所以,FF上是没法用的。更多的还是用于ipad,iphone之类的上面吧。

jQueryMobile的代码里应该是有了

WebKit Does HTML5 Client-side Database Storage

Posted by Brady Eidson on Friday, October 19th, 2007 at 4:04 pm

The current working spec for the HTML5 standard has a lot of exciting features we would eventually like to implement in WebKit. One feature we felt was exciting enough to tackle now even though the spec is still in flux is client-side database storage. So for the last few weeks andersca, xenon, and I have been cooking up an implementation!

The client-side database storage API allows web applications to store structured data locally using a medium many web developers are already familiar with – SQL.

The API is asynchronous and uses callback functions to track the results of a database query.
Compact usage defining a callback function on the fly might look something like this:

var database = openDatabase("Database Name", "Database Version");

database.executeSql("SELECT * FROM test", function(result1) {
   // do something with the results
   database.executeSql("DROP TABLE test", function(result2) {
     // do some more stuff
     alert("My second database query finished executing!");
   });
});

There will also be a small example of how to use the API in a real site that we’ll try to keep up to date as things evolve.

This initial implementation has some things missing from the spec as well as a few known bugs. But it does the basics and the best way to discover what needs work is to get it out there for people to start using it!

If you find any bugs, would like to suggest features, or have gripes about the spec itself, please drop by #webkit or drop us a line on the WebKit email lists.

Oh, and one more thing…

We’re landing this initial implementation with pretty cool Web Inspector support!
So far you can view the full contents of any table and run arbitrary queries on each database a page is using. We have a lot of ideas for improvements but would also love to hear yours.
DatabaseInspector

Tags: html5, database, storage

光棍节

最后一秒

 

----

还是晚了。。。晚了一秒。

光棍节又可以称为六一儿童节,所以我和老婆去过儿童节了,很开心。Over

你妹啊,19129540惹的祸

受不了,最近很多人加我QQ说要跳舞,我就纳闷了。我没有说过我要跳舞啊?
怎么会有这种事情?然后居然在QQ邮箱里也收到了邮件,说是什么闵行跳舞总群活动了。。
一下子纠结起来,看了一下所谓的贴子,居然还真是留的19129540
我一开始以为是某个人冒充我的名义发的贴子,想着谁那么无聊,但后来一想,不对啊。跳舞总群,难道是QQ群
所以。。。搜索了一下,果然:

大小: 34.41 K
尺寸: 417 x 270
浏览: 993 次
点击打开新窗口浏览全图

哎,真悲催啊

Oauth的变迁

因为新浪的Oauth即将变成2.0,所以找找资料
老王更新了,还画了ascii图,说实话我是对他文中的那个画ascii图的视频有兴趣。。。
老王在博客里是这么介绍的:

OAuth2.0

OAuth1.0虽然在安全性上经过修补已经没有问题了,但还存在其它的缺点,其中最主要的莫过于以下两点:其一,签名逻辑过于复杂,对开发者不够友好;其二,授权流程太过单一,除了Web应用以外,对桌面、移动应用来说不够友好。

为了弥补这些短板,OAuth2.0做了以下改变:

首先,去掉签名,改用SSL(HTTPS)确保安全性,所有的token不再有对应的secret存在,这也直接导致OAuth2.0不兼容老版本。

其次,针对不同的情况使用不同的授权流程,和老版本只有一种授权流程相比,新版本提供了四种授权流程,可依据客观情况选择。

在详细说明授权流程之前,我们需要先了解一下OAuth2.0中的角色:

OAuth1.0定义了三种角色:User、Service Provider、Consumer。而OAuth2.0则定义了四种角色:Resource Owner、Resource Server、Client、Authorization Server:

  • Resource Owner:User
  • Resource Server:Service Provider
  • Client:Consumer
  • Authorization Server:Service Provider

也就是说,OAuth2.0把原本OAuth1.0里的Service Provider角色分拆成Resource Server和Authorization Server两个角色,在授权时交互的是Authorization Server,在请求资源时交互的是Resource Server,当然,有时候他们是合二为一的。

-------
当然,我这里CP的不全,更详细的请看:http://huoding.com/2011/11/08/126
如果不把ascii图CP过来,老王是不是很伤心?

这是第二次CP的。希望成功
  1. +----------+  
  2. | resource |  
  3. |   owner  |  
  4. |          |  
  5. +----------+  
  6.      ^  
  7.      |  
  8.     (B)  
  9. +----|-----+          Client Identifier      +---------------+  
  10. |         -+----(A)-- & Redirection URI ---->|               |  
  11. |  User-   |                                 | Authorization |  
  12. |  Agent  -+----(B)-- User authenticates --->|     Server    |  
  13. |          |                                 |               |  
  14. |         -+----(C)-- Authorization Code ---<|               |  
  15. +-|----|---+                                 +---------------+  
  16.   |    |                                         ^      v  
  17.  (A)  (C)                                        |      |  
  18.   |    |                                         |      |  
  19.   ^    v                                         |      |  
  20. +---------+                                      |      |  
  21. |         |>---(D)-- Authorization Code ---------'      |  
  22. |  Client |          & Redirection URI                  |  
  23. |         |                                             |  
  24. |         |<---(E)----- Access Token -------------------'  
  25. +---------+       (w/ Optional Refresh Token) 
哈哈,好象失败了。。。
OK,还有一篇介绍 :http://hueniverse.com/2010/05/introducing-oauth-2-0/

6 New Flows

  • User-Agent Flow – for clients running inside a user-agent (typically a web browser).
  • Web Server Flow – for clients that are part of a web server application, accessible via HTTP requests. This is a simpler version of the flow provided by OAuth 1.0.
  • Device Flow – suitable for clients executing on limited devices, but where the end-user has separate access to a browser on another computer or device.
  • Username and Password Flow – used in cases where the user trusts the client to handle its credentials but it is still undesirable for the client to store the user’s username and password.  This flow is only suitable when there is a high degree of trust between the user and the client.
  • Client Credentials Flow – the client uses its credentials to obtain an access token. This flow supports what is known as the 2-legged scenario.
  • Assertion Flow – the client presents an assertion such as a SAML assertion to the authorization server in exchange for an access token.

Native application support (applications running on a desktop or mobile device) can be implemented using many of the flows above.

----其实看起来就很纠结,反正先了解一下,refresh_token还得向新浪申请。真纠结

 

Tags: oauth, 新浪

Records:351234567