9 Anti-Patterns Every Programmer Should Be Aware Of

Every once in a while we’d interrupt that to discuss the typography and the color of the cover. And after each discussion, we were asked to vote. I thought it would be most efficient to vote for the same color we had decided on in the meeting before, but it turned out I was always in the minority! We finally chose red. (It came out blue.)

— Richard Feynman, What Do You Care What Other People Think?

Source: 9 Anti-Patterns Every Programmer Should Be Aware Of

This Is Your Brain on Podcasts: Why Audio Storytelling Is So Addictive – The Atlantic

“Audio is one of the most intimate forms of media because you are constantly building your own images of the story in your mind and you’re creating your own production,” Rodero says. “And that of course, is something that you can never get with visual media.”

Source: This Is Your Brain on Podcasts: Why Audio Storytelling Is So Addictive – The Atlantic

JSONExport

Code Issues 1 Pull requests 0 Wiki Pulse Graphs SSH clone URL You can clone with HTTPS, SSH, or Subversion. Clone in Desktop Download ZIP JSONExport is a desktop application for Mac OS X which enables you to export JSON objects as model classes with their associated constructors, utility methods, setters and getters in your favorite language.

Source: Ahmed-Ali/JSONExport

Technical Note TN2232: HTTPS Server Trust Evaluation

If this trust evaluation fails, the client refuses to connect. This can happen for a variety of reasons, some benign—the server might be using a self-signed certificate, an intermediate certificate is missing, and so on—and some malicious—the server is an impostor, looking to steal the user’s data. This document describes the reasons why server trust evaluation can fail, and how this problem can be resolved while not compromising the user’s security.

Source: Technical Note TN2232: HTTPS Server Trust Evaluation

OAuth2 for iPhone and iPad applications

  • A client requests access to a provider’s service using its own unique client ID and secret token.
  • The user logs into the service directly (using a web page on the provider’s server) and grants the client permission to access.
  • The provider redirects the user to a URL unique to the client passing along a verification code in the query string.
  • The client verifies the authorization request and uses the verification code from step 3 to obtain an access token.
  • The client may periodically refresh the access token when it expires.

Source: OAuth2 for iPhone and iPad applications

Flow Chart 和 UI Flow

上圖只是簡單的流程示範,不過是隨口多一句「喂、幫我加個驗證碼功能」,Flow Chart 就會突然肥一截。真正的會員登入驗證還有更多花樣以及安全性考量,比如登入錯誤 3 次就多提示一句「忘記密碼」等等,更狠的直接鎖帳號請使用者找客服申訴。Flow Chart 和 UI Flow 相輔相成,甚至是先有 Flow Chart 才有 UI Flow 。在沒有 Flow Chart 、不知道要處理多少判斷時就產出 UI Flow,規劃不周掉頁面漏功能的機率非常非常高。

Source: Flow Chart 和 UI Flow « 嫁給RD的 UI Designer