Monthly Archives: March 2018

XXE attack and mitigation

Recently I’ve got a security violation report from Sonar. It is the XXE attack. This is indeed a scary scenario, with attacker able to access server internal file with ease. The simplest approach is to disable this feature. However in … Continue reading

Posted in Computer and Internet, Programming and Algorithm | Tagged | Leave a comment

在线课程推荐:Astrophysics: The Violent Universe

edX 在线课程 Astrophysics: The Violent Universe 很多人都知道宇宙中除恒星之外的那些奇异天体:白矮星,中子星,黑洞,也听说过诸如新星和超新星这样的暂态现象。然而多数人并不了解人类是如何发现和理解数万乃至数亿光年之外的天体的物理形态和物质组成。 得益于科学和技术进步,一方面,更大更精确的天文望远镜成为可能,最终有了大气层外的哈伯太空望远镜;另一方面,无线电,X射线,gamma射线,乃至中微子和引力波的发现则进一步拓宽了观测手段。 而量子力学和相对论的理论突破则提供了理解和计算这些极端条件下的天体构成的手段和方法。 该 Astrophysics 系列由4门课程组成: Greatest Unsolved Mysteries of the Universe Exploring Exoplanets The Violent Universe Cosmology

Posted in Science | Tagged | Leave a comment