Quickly add SSH public key

One liner to quickly add SSH public key from your computer to the remote server:

1
cat ~/.ssh/id_rsa.pub | ssh YourUserName@127.100.100.100 "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

Replace 127.100.100.100 with your hostname or server IP address.

AngularJS 1.2 released

AngularJS 1.2.0 timely-delivery brings numerous new features:

  • Animations and transitions
  • Better error messages (including error minification)
  • Strict contextual escaping
  • Track By function to prevent duplicates in ng-repeat
  • Controller As syntax to access controller instances in templates
  • Promise A+ Compliance
  • Separation of ngRoute into its own module

Also vastly improved is the documentation.

AngularJS

Check it out in more detail in Angular JS blog.

On camel-casing abbreviations

This bothered me the most:

1
new XMLHttpRequest();

I never understood why XML deserves to be capitalized and HTTP doesn’t; both are abbreviations after all.

Whatever you do, keep consistent.

What’s XMLHttpRequest?

XMLHttpRequest (XHR) has an important role in Ajax and is subject to the browser’s same-origin policy.

Did Singapore government website got hacked?

TODAY Online reported that Istana government website in Singapore has been hacked.

Subpages on the Prime Minister’s Office (PMO) and Istana websites were hacked into late last night (Nov 7).

The IDA said the PMO subpage was compromised at 11.17pm last night, and that the Istana website was hacked into at around 12.20am this morning (Nov 8).

Istana Hack

Image is from TODAY.

On closer examination, it isn’t a hack per say but more like a compromise. From the screenshot, you can see the search term being manipulated and somehow it isn’t sanitized.

To resolve this issue, simply sanitize your search terms. You can check out Google Caja’s HTML sanitizer. This works in the browser.

If you’re using PHP, you can try:

1
2
3
4
5
6
7
8
9
<?php
$str = "A 'quote' is <b>bold</b>";
// Outputs: A 'quote' is <b>bold</b>
echo htmlentities($str);
// Outputs: A 'quote' is <b>bold</b>
echo htmlentities($str, ENT_QUOTES);
?>

Detecting an undefined variable

This is the wrong way of detecting an undefined variable:

1
2
3
if (foo == undefined) {
console.log('foo undefined');
}

That’s because, before you even get to checking if foo is undefined, you accessed foo which is will result in the error ReferenceError: foo is not defined.

However the following will work:

1
2
3
4
var foo;
if (foo == undefined) {
console.log('foo undefined');
}

The more reliable way of detecting if a variable is undefined is to check the typeof:

1
2
3
4
5
6
7
var foo;
if (typeof foo == 'undefined') {
console.log('foo undefined');
}
if (typeof bar == 'undefined') {
console.log('bar undefined');
}

Alternatively if you’re using Lodash.js or Underscore.js, you can use _.isUndefined for checking if the variable is defined:

1
2
3
4
5
6
7
var foo;
if (_.isUndefined(foo)) {
console.log('foo undefined');
}
if (_.isUndefined(bar)) {
console.log('bar undefined');
}

Here’s the corresponding code in Lodash:

1
2
3
function isUndefined(value) {
return typeof value == 'undefined';
}

This is one of the major pitfalls in JavaScript and many beginner JavaScript developers simply check for undefined and you can’t blame them as it seems to make sense.

Getting started with JavaScript

Learning JavaScript isn’t hard but if you’re already familiar with a strongly typed language such as Java, you might need a bit of retuning.

I also noticed new users of JavaScript tend to hide behind jQuery to do the simplest thing. That’s totally fine but try exploring JavaScript without jQuery a bit more and you’ll find jewels.

Some good links I’ve gathered and shared:

Using Uglify's screw-ie8 option

By default UglifyJS will try to be IE-proof, you can pass a flag in Uglify if you don’t care about full compliance with Internet Explorer 6-8 quirks.

You can run

1
cat input.js | uglifyjs --screw-ie8 -o output.js

If you’re using Grunt, check out the grunt-contrib-uglify package.

Example usage:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
grunt.initConfig({
uglify: {
options: {
compress: {
screw_ie8: true
},
mangle: {
except: ['jQuery', 'Backbone'],
screw_ie8: true
}
},
my_target: {
files: {
'dest/output.min.js': ['src/input.js']
}
}
}
});

At my work, we recently were given the option not to support IE8 and I’ve been removing my IE8 hacks since.

Shortcuts for true and false

Let’s explore Uglify.js today. UglifyJS2 is a JavaScript parser, minifier, compressor or beautifier toolkit.

Installing UglifyJS

To install Uglify.js:

1
sudo npm install uglify-js -g

Compressing with UglifyJS

You take one simple file test.js:

1
2
var foo = true;
var bar = false;

And uglify it into test.min.js using the following command:

1
cat test.js | uglifyjs -o test.min.js -c

Here’s the result in test.min.js:

1
var foo=!0,bar=!1;

So what’s interesting is how Uglify compresses literals such as true and false into smaller units. You see that true is represented with !0 and false with !1.

You can learn a lot from exploring how Uglify compresses JavaScript.

Installing Node.js in Ubuntu

To avoid using a dated version of Node.js, don’t ever run an install of nodejs from the Ubuntu repository. You’ll end up with Node.js 0.6 and that’s practically incompatible with every NPM package you see today.

Instead, following instructions here, you can add Chris Lea’s repository through this method:

1
2
3
4
5
6
sudo apt-get update
sudo apt-get install -y python-software-properties
python g++ make
sudo add-apt-repository -y ppa:chris-lea/node.js
sudo apt-get update
sudo apt-get install nodejs