Coder Social home page Coder Social logo

hknycd-snapshot's Introduction

2020香港除夕倒數大抽獎 (https://www.hknycd.com/zh-Hant/)

今次擲千萬辦除夕補飛活動,程鼎一透露,只讓團隊用3星期籌備,形容今次除夕活動是「全民參與式、香港未試過、世界未試過」-- 蘋果日報

建立此 Repository 的目的

據未經實証的消息了解,「香港除夕倒數大抽獎」好像是一個所費不菲的網站,但除夕倒數大抽獎的整體體驗劣評如潮。

作為香港的一份子有責任去探究事件的始未,讓公眾及其它香港開發者了解此網站的設計代碼質素處理高流量時的相應工序

檔案取得方法

所有檔案均是公開的檔案給公眾下載,作者於 GitHub Repository 內的檔案只使用簡單的指令取得,指令如下

curl https://hknycd.com/zh-Hant/images/TB2020_Sponsor_chi_1.png > images/TB2020_Sponsor_chi_1.png

現在公開可能な情報

API List (從公開 的 HTML 中找出)

  • /api/v1/list-card-game-winner-coupon-number
  • /api/v1/login
  • /api/v1/card-game-check
  • /api/v1/list-lucky-draw-winner-ticket-number
  • /api/v1/lucky-draw-redeem
  • /api/v2/register
  • /api/v2/get-verify-token

Security Issues

  • access_token saved in cookie (No HttpOnly flag), that can be accessed via javascript
  • localToken saved in localStorage
  • No CSRF Token
  • No Content security policy rules

Performance Issue

  • No Minify javascript, CSS, HTML files
  • No Obfuscation on Javascript files
  • Short cache age ~300 - 900
  • No jpeg/png files compression (50% size different)

促請

現促請旅發局將有關代碼開源,令更多香港的開發人員可以從這次失敗中學習相關經驗;日後香港的開發人員再開發高流量的應用程序時,可以避免重蹈覆轍,從而推動香港科網發展,最後提升香港互聯網相關產業鏈的質素。

代碼開源更可以令整個開發環境、進度及代碼質素透明化,令更多廣大市民知道公帑花費的去向,從而一步一步減輕民怨。

以下是各地政府在 GitHub 開源的案例:https://github.com/collections/government

其中一個例子 Search API for GOV.UK

hknycd-snapshot's People

Contributors

gaplo917 avatar

Stargazers

Ira Chan avatar Stella C avatar Tom Chan avatar Jason Kwok avatar UnKnoWn avatar Willi#m ⬣ avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.