Search
วิธีสั่ง Logout ออกจากบัญชี twitter ทุกอุปกรณ์ แบบรีโมทจากเครื่องไหนก็ได้ กันคนสวมรอย!
•
www.it24hrs.com/2019/log-out-all-device-twitter-account/
#twitter #ทวิตเตอร์
🌳 文章標題:Netflix Web 效能提升案例研究
Netflix 無疑是目前最受歡迎的串流網路電視提供業者,這篇文章描述了他們如何提升 Netflix 的使用者 Logout/Sign up , Landing Page 的效能,這篇文章主要關注在以下幾個部分
1. 載入和互動時間減少了50% (針對 Netflix .com 的桌面 logged-out 網頁 )
裡面有提到他們是使用什麼工具來度量網頁效能 - 使用Chrome的DevTools和Lighthouse來模擬在3G連接上載入 log-out 頁面
解決方案 : 原本使用 React , 現在改用少於 300 行的 vanilla JavaScript 來取代
2. 通過從 React 和其他客戶端程式庫切換到vanilla JavaScript,JavaScript 套件大小減少了200kB。React仍在伺服器端使用。
有些前端程式採用 vanilla JavaScript ,有些則採用 Server side React ,這要看你如何 trade-off ,這篇文章有提到因為優化了使用者註冊頁面,提升了 Netflix 的使用者註冊率,想一下你是不是因為使用者註冊流程太過繁瑣或是緩慢而離開那個頁面?
3. 預取 HTML,CSS和JavaScript(React)可將未來瀏覽時間縮短30%
解決方案 - 內建的 瀏覽器 API 和 XHR prefetching. 但是內建的瀏覽器 API 只有部分瀏覽器有支援, XHR 支援度比較高
這裡面也有提到,雖然 Netflix 沒有在主頁上使用React,但他們為後續頁面預載入了它。
文章最後面的注釋也值得關注,提到了
1. 為何沒有使用 preact - Fast 3kB alternative to React with the same modern API.
2. 評估 Service Worker 做靜態資源的快取
3. 登陸網頁的 A/B testing - 要支援全世界 200 個以上的國家動態登入頁面 A/B testesting ... Orz
✍ 相關電子書與線上課程
1. 電子書 – Web Performance in Action http://bit.ly/2KdGtce
2. 對於 Server Side React 有興趣可以參考相關線上課程 - 使用 React 與 Redux 在伺服器端排版構圖 http://bit.ly/2KdXumA
3. vanilla JavaScript - Wes Bos免費 JavaScript 30 課程 http://bit.ly/2KdXLG8
https://medium.com/…/a-netflix-web-performance-case-study-c…
+++ access token คืออะไรใน facebook ++++
😋 ปกติ facebook เปิดให้เว็บ (รวมทั้งแอพ) ที่เราเขียนขึ้น
สามารถใช้ระบบ login ของ facebook ได้
ทำให้เว็บนั้นได้สิทธิเข้าถึงข้อมูลส่วนตัวของ user นั้นๆ บน facebook
....
Continue Reading+++ What is access token on Facebook ++++
😋 Facebook is usually open for web (including apps) that we write up.
Facebook login system can be used
Make that web access to user's personal information on Facebook.
.
And in many sites, we must have seen.
Just have an account on Facebook, you can log in.
No need to waste time. Fill out a new subscription.
:
In this post will quote
Using Facebook Login
Behind that success, Facebook will give away access token
So that any web can manage user login
:
Before talking about access token, let me go back to the age of 2534
When "Timberners-Lee" delivered the world's first website.
It's a common thing that human beings use to be.
:
❣ but my weaknesses.... is in the heart
Hey, it's not the weaknesses of the website.
Well it uses HTTP potocol
Which is stateless. Don't remember any status.
The meaning is that Server is very short of memory. Alzheimer's disease.
When it gets request from browser
I don't remember where it came from???
Who sent it, I can't remember anymore!!!!!
:
🤔 to solve this cuddle nha technically
He will give you a server to send session id (or session token)
Which session id is something we can't read and long
It will be sent to browser. Keep this in the cookie.
.
.. Wrong is not that cookie.. but cookies are text
Server will send session id to browser
Keep the value in cookies (keep text on browser side)
:
Programming time on server side
Like PHP when using session _ start ();
Will tell browser to collect session id in text photos such as
PHPSESSID=tqb4s5q7k25234eabbvs11dp02
(session id is a random code)
:
But if it's another language, it may be seen in other words.
E.g. JSSIONID (JAVA EE), PHPSESSID (PHP), and ASPSESSIONID (Microsoft ASP).
.
😉 Even here session id... may think it's a ID code.
:
From now on when users click on what on the web page
Browser will be kind.
Secretly sending this session id to server automatically
Make the server recover from Alzheimer's.
... I remember where the request sent this... yay yay
.
So if the request sent in
It has the same session id
It's considered the same friends.
(Computer vocabulary says these request is in the same SESSION)
.
What if it's not the same session id
It's considered that request is not the same people.
:
👉 Benefits of session id
Will be used in conjunction with login / logout mechanism
1) When user name XXX comes in, there will be a session id.
2) When another user name YY does login, there will be a session id as a different ID.
3) When both users do logout, it will expire session id.
:
Question if we went to wash all the cookies in browser what would happen?
- answer for session id will be gone.
- So who secretly login is holding this web? What is that... huhu
- I have to logout automatically for new login... So sad. Haha.
(server doesn't remember us anymore
Because browser doesn't send session id)
:
Session id sounds like good
😨 but using user / password to login will have disadvantage such as
1) Easy to hacker to sneak in session
To wear sesion id (Cross-Site Request Forgery: CSRF)
... Technically, let's not talk about it. Read it on the
2) It is a burden for server to remember the session id. What rights you have and remember other information of user etc.
3) If you want to give the same user, login different devices such as
Web is fine. Mobile phone is good... It will be more difficult. (I have to copy session)
4) and other disadvantage not mentioned
:
😘 but he has a technique to solve the way.
.
Well, use what's called "acces token"
To get access token
I have to login with user / password to exchange it.
... We have to stand in the cat before we get access token.
Then we can use it instead of login
.
Keep us from feeding user / password often
And each user will get access token. Different look alike.
When it's time for user to do logout, access token will expire immediately.
:
😙 Here access token may compare like a key
Or maybe you can see it as a ticket or a pass... It's up to the imagination.
Difference from session id is
1) access token will not be kept in cookies
2) access token will collect information that can be revealed.
e.g. user _ id, rights, expiration date
(Not a burden for server to remember these information)
:
If you use access token with login mechanism, you will see the advantages like
1) Prevent hacker from using session by Cross-Site Request Forgery (CSRF)
2) Can login from mobile phone and just use the same user.
Just giving away access token... It's like Facebook.
(Not stored in browser cookies)
3) The server can leave a hassle login / logout duty... Throw it to authenticate service outside.
4) Server doesn't need to take care of user information.
:
😀 Cut back to see login mechanism with facebook user / password
The concept is as shown in the photo that I posted. (as an example of php)
Simple summary
- user time login
- It will sneak a switch to Facebook to do login instead.
- Then Facebook will throw back access token to our web
- Then user will use it as a pass. No need to login again.
:
There are many types of access token of Facebook such as
-User Access Token
- App Access Token
- Page Access Token
-Client Token
Each type has different rights. I can't ask for deep.
:
👉 session id and access token all this story
It's a sweet, fragrant hacker. I like it very much.
If they can steal, they can wear a login user.
Then hacker will get all rights like user... done here
.
Except we logout
To make session id or access token expire
Then the hacker will be out of bogs.
:
In the user corner. Just login.
Don't mind access token behind the scenes
But if it's a #programmer, you need to be extra mindful.
Because even four feet know that the philosopher knows.
The biggest giant. Big brother like Facebook.
Still missed it. Let access token out so that it's a big news.
.
👌 So, programming
Let's be mindful about access token. Don't fall off.
Be safe from hakcker to the best
Good luck to all of you.
:
:
Written by Thai programmer thai programmer
:
+++++++++++++
Reference
1) https://developers.facebook.com/docs/php/howto/example_facebook_login?locale=th_TH
2) https://developers.facebook.com/docs/facebook-login/access-tokens?locale=th_THTranslated
ใช้บัญชี Gmail ใช้แล้วอย่าลืม Logout ไม่งั้นอาจจะโดนสวมรอยได้ แต่ถ้าลืมล็อกเอาท์จริงๆ ไม่ต้องห่วง สามารถรีโมท Logout ออกจากบัญชี Gamil จากที่ไหนก็ได้
หลายครั้งเรา Login เข้าบัญชี Gmail จากหลายๆที่ หลายๆเครื่อง จนบางครั้งก็จำไม่ได้ว่า Login Gmail ไว้ที่เครื่องไหนบ้าง ซึ่งก็เสี่ยงต่อการถูกขโมยข้อมูล และบางทีสถานที่ที่เราใช้งานก็อาจจะอยู่ไกลเกินกว่าจะกลับไปเพื่อ Logout ออกจากบัญชี Gmai ได้ แต่โชคดีที่เราสามารถ Logout ออกจากบัญชี Gmail จากที่ไหนก้ได้ .
ไม่อยากโดนขโมยตัวตน โดนสวมรอย โดนขโมยบัญชี Gmail ต้องดูไอที 24 ชั่วโมง รายการย้อนหลังตอนนี้เลยค่ะ
ออกอากาศวันอาทิตย์ที่ 13 ธันวาคม 2563
สามารถติดตาม รายการไอที 24 ชั่วโมง ทางช่อง 9MCOT HD ทุกวันอาทิตย์ เวลา 13.00 น.
ติดตามรับข้อมูลข่าวสารเพิ่มเติมได้ที่
facebook.com/it24hrs
twitter.com/panraphee
twitter.com/it24hrs
IG: panraphee
ติดต่อโฆษณา it24hrs@it24hrs.com โทร 0802345023
