2018年3月29日 星期四

json 跟python 的資料型別轉換

NewImage

What should change for a software test in the Saas world?

In previous, the release cycle of on-premise product, it can take 6 months to 18 months to release a new version.  But in the Saas world, the release schedule was reduced to 2 months , even in

1 week.  So what should change as a software tester.   Here is some draft things from me.

1) Mindset change,   Learn by analogy ==> Think Efficiency.   Because  we don’t have much time on testing.   So we need to find out what should we spend on and what should not?

2) New tool adoption.   Need to adopt the CI, CD tool to reduce the release cycle.

3) efficacy  test case selection.  

2018年3月8日 星期四

Why sometime IE missed "Continue to this website (not recommended). " for website with invalid certificate

The possible root cause is because you enable server certificate revocation option .

Once you enable it, it will hide “Continue to this website(not recommended)”, therefore you can’t add exception to continue 

browser this page.    The solution is to disable “check server certificate revocation* to have exception option for your insecure

website

NewImage

[Mac] how to list the open ports in Mac

1.

netstat -ap tcp|grep -i "listen"

2. sudo lost -PiTCP -sTCP:LISTEN

 

2018年3月7日 星期三

YAML: 一個具高可讀性的設定檔案格式

YAML 語法基本規則

*  區分大小寫

*  使用縮排

*  不允許使用Tab 縮排,只能使用空格

* 縮排的空格數不重要,只要同一階層使用相同空格數即可

 

YAML支援的數據結構有三種

* 物件(object): 對應其他語言的dictionary, hash or object

  Car: wheel

* 序列 (Sequences)

-Dog

-Bird

-Fish

* 數值 (Scalars)

number: 12.3

2018年3月6日 星期二

What is Clickjacking?

Clickjacking 就是一種攻擊手法,讓使用者在不知不覺的情況下進行攻擊,常見攻擊為使用網頁的iFrame將造假的網頁

與正常的網頁載入,在透過iframe visibility 的屬性改成隱藏,讓使用者看起來是登入假的網頁,但實際上卻是登入正常的網頁

可以分為

frame-based clickjacking ( UI redressing)

plugin-base clickjacking

 

比較容易防護的方式就是使用在http header 使用same origin policy

The Same-Origin Policy[SOP] and How to cross domain

Sop is a nutshell.  It restrict the access to the element in the document object model of page only

to the scripts which having the exact same origin of the domain name.  Only if the web page have the 

exact same origin can pass SOP check.

 

 

2018年3月1日 星期四

Install m2crypto on Mac

 

  $> brew install openssl
  $> brew install swig
  $> env LDFLAGS="-L$(brew --prefix openssl)/lib" \
  CFLAGS="-I$(brew --prefix openssl)/include" \
  SWIG_FEATURES="-cpperraswarn -includeall -I$(brew --prefix openssl)/include" \
  pip install m2crypto

 
 

2017勞退分紅:從2018/03/05起,可至自己的勞退帳戶查詢

新聞來源:https://tw.news.yahoo.com/%E5%8B%9E%E9%80%80%E5%9F%BA%E9%87%91%E5%88%86%E7%B4%85-%E6%9C%80%E9%AB%98%E7%8D%A8%E6%8B%BF110%E8%90%AC-215005574--finance.html

去年度勞動基金規模為3兆6288億元,其中新制勞退基金為1兆8984億元,收益數約1407億元,收益率為7.93%,相較前一年收益率3.23%成長2倍以上,勞保局預計今年3月5日起,將收益分配金額揭示於勞工退休金個人專戶。

勞動基金: 收益2552億    收益率7.59%

勞退基金: 收益1407億   收益率7.93%

 

 

 

017年全球股市榮景一片,帶動政府管理的勞動基金去年整年度的投資收益高達2,552億餘元,收益率7.59%創下歷史新高,其中攸關廣大勞工朋友的新制勞退基金也大有斬獲,收益率有7.93%,勞工每人平均可分1萬2,600多元。

如何下載Facebook 相簿跟影片

影片:透過chrome plug-in : Video Downloader for Facebook<sup>TM</sup> 相簿: 透過chrome plug-in : Tampermonkey 搭配script : Facebo...