Yeuk Hon Wong yeukhon

## local_min.py
import unittest

def find_local_min(A):
    if len(A) == 0:
        return None
    elif len(A) == 1:
        return A[0]
    else:
        if A[0] < A[1]:
            return A[0]

## gist:122a72f9221fd3240953
Definitely take

1. Software engineering
2. Database

Elective courses:

Category A:
   - AI
   - Computer Security

## task-in-sdk.js
const { Task } = Cu.import("resource://gre/modules/Task.jsm", {});
const { defer, all } = require("sdk/core/promise");
const { setTimeout } = require("sdk/timers");

Task.spawn(function * () {
    let item1 = yield getItem(1);
    let [item2, item3] = all([getItem(2), getItem(3)]);
    console.log(item1, item2, item3); // 1, 2, 3
}).then(function () {
    console.log('all items processed')

## gist:00d25f354b6bf44eff0a
First time

hg pull -u
hg qnew bug1.patch


Next week, refresh latest before submitting my patch to bugzilla
hg qpop -a
hg pull -u
hg qpush <the patch i want>

## gist:5d1a30eed185e53deb86
http://docs.oracle.com/javase/tutorial/java/


Books:
1.  http://introcs.cs.princeton.edu/java/home/

2. http://greenteapress.com/thinkapjava/thinkapjava.pdf


MIT: http://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-092-introduction-to-programming-in-java-january-iap-2010/

## security-to.md

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                yeukhon
                / security-to.md
            
            
              Last active
              August 29, 2015 14:03
            
              
                Security TODO
              
          
    XSS escape effectiveness in popular template render engine

In the Python ecosystem, there are three popular template render engines: Django's built-in template engine,
Jinja2 and Mako.
How good are these render engines against XSS. Is {{ foo }} enough? Under what sitations do {{ foo }}
fail? The importance of this research is to understand (1) the context-awareness of template engine, if at all,
(2) understand the challenge of encoding in the HTML world, and (3) and best practices when using template
render engine.

  
## .hgrc
[ui]
username = Yeuk Hon Wong <yeukhon@acm.org>

[alias]
diff-color = !hg diff --git --color=always | less -r
diff-color-tip = !hg diff -c tip --git --color=always | less -r
diff-color-qtip = !hg diff -c qtip --git --color=always | less -r
pushtry = push -f -rtip try
qlist = qseries -v
latest = log --limit 5

## 1.html
<html>
<body>
    <script>
        alert('xss');
    </script>
</body>
</html>

## demo.js
// See your dev console. Don't forget the reason you use promise
// is to write asynchronous code in synchronous way.
// We duplicate two instances of step1-3 whichever comes back first
// gets the counter = 1 and the latter one gets counter  = 2.
// The message "end of program let's quit" will print before
// any result comes back.
// Require Q.js (just go to jsfiddle)

var counter = 0;
function step1() {

## bad.html
<html>
<body>
    <script>alert("xssssss");</script>
</body>
</html>
	import unittest

	def find_local_min(A):
	if len(A) == 0:
	return None
	elif len(A) == 1:
	return A[0]
	else:
	if A[0] < A[1]:
	return A[0]
	Definitely take

	1. Software engineering
	2. Database

	Elective courses:

	Category A:
	- AI
	- Computer Security
	const { Task } = Cu.import("resource://gre/modules/Task.jsm", {});
	const { defer, all } = require("sdk/core/promise");
	const { setTimeout } = require("sdk/timers");

	Task.spawn(function * () {
	let item1 = yield getItem(1);
	let [item2, item3] = all([getItem(2), getItem(3)]);
	console.log(item1, item2, item3); // 1, 2, 3
	}).then(function () {
	console.log('all items processed')
	First time

	hg pull -u
	hg qnew bug1.patch


	Next week, refresh latest before submitting my patch to bugzilla
	hg qpop -a
	hg pull -u
	hg qpush <the patch i want>
	http://docs.oracle.com/javase/tutorial/java/


	Books:
	1. http://introcs.cs.princeton.edu/java/home/

	2. http://greenteapress.com/thinkapjava/thinkapjava.pdf


	MIT: http://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-092-introduction-to-programming-in-java-january-iap-2010/
	[ui]
	username = Yeuk Hon Wong <yeukhon@acm.org>

	[alias]
	diff-color = !hg diff --git --color=always \| less -r
	diff-color-tip = !hg diff -c tip --git --color=always \| less -r
	diff-color-qtip = !hg diff -c qtip --git --color=always \| less -r
	pushtry = push -f -rtip try
	qlist = qseries -v
	latest = log --limit 5
	// See your dev console. Don't forget the reason you use promise
	// is to write asynchronous code in synchronous way.
	// We duplicate two instances of step1-3 whichever comes back first
	// gets the counter = 1 and the latter one gets counter = 2.
	// The message "end of program let's quit" will print before
	// any result comes back.
	// Require Q.js (just go to jsfiddle)

	var counter = 0;
	function step1() {
	<html>
	<body>
	<script>alert("xssssss");</script>
	</body>
	</html>