Detecting AJAX without jQuery or PHP

… It’s all `bout the script … no jQuery!

I recently took on the task of creating an extremely lightweight page. No jQuery or PHP allowed. One of the requirements for this page is that it had to retrieve some content from a file, but the file could not be accessed directly.

My thought process:

  • I can hand-write an XMLHttpRequest to retrieve the contents of the file … no problem!
  • I can redirect a file request in .htaccess … no problem!

Ahh… but I didn’t think about the two things together.

If Javascript running in the client can access a file, what’s the difference between that and typing the URL to the file directly?

Custom Header “X-Requested-With”

Chris Coyier once said that all browsers set an “X-Requested-With” header with the value of “XMLHttpRequest”, but that’s wrong. Apparently, that’s something done by the Javascript libraries we’ve all come to rely upon.

So, I did it myself …

Javascript:

var xhr = new XMLHttpRequest();
var file = 'myfile.txt';

xhr.onreadystatechange = function() {
    // handle it
};

xhr.open('GET', file);
xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
xhr.send(null);

.htaccess:

`RewriteEngine on
RewriteBase /path/
RewriteCond %{HTTP:X-Requested-With} !XMLHttpRequest [nocase]
RewriteRule "^myfile\.txt$" "/path/" [R]

I wish it was as easy to figure out as it was to write about.

These were also helpful:

Avoiding D-Bus Issues with gvim & X11 Forwarding over SSH

~$ gvim
(gvim:2166): GConf-WARNING **: Client failed to connect to the D-BUS daemon:
Failed to connect to socket /tmp/dbus-wcJ1akPHd6: Connection refused

When you run gvim over an SSH connection with a local X11 server, you’re likely to run into this issue. It’s trying to connect to a D-Bus server which isn’t running because your local X11 server isn’t running your desktop environment.

In addition to the long delay and error messages before opening your app, it may start an instance of the D-Bus daemon which doesn’t close when you try to log out. This can prevent your SSH window or X11 server from closing when you’re done and you’ll have to force it to close even though it has open connections.

There are solutions, but I prefer another approach… I just use the Athena version of Vim:

~$ sudo apt-get install vim-athena

… followed by:

~$ sudo update-alternatives --set gvim /usr/bin/vim.athena
update-alternatives: using /usr/bin/vim.athena to provide /usr/bin/gvim (gvim) in manual mode

After this, when you run gvim, the window opens almost instantly with only a font-related error that can easily be ignored. The menus on the Athena version aren’t as pretty, but if you’re a Vim user then the menus don’t matter that much anyway.

gVim - Athena
gVim using the Athena GUI

vs.

gVim using the Gnome GUI
gVim using the Gnome GUI

Naturally, if you use Gnome apps besides GVim this solution won’t meet your needs.

PuTTY Passwordless SSH issues

I was having trouble getting PuTTY to connect to an SSH server running on Ubuntu 15.10 and it came down to two distinct problems.

On the first attempt, it would sit there for a long time with a cursor in the upper left corner. After a while, I would get this error message:

PuTTY error

Server unexpectedly closed network connection.

So, there were no meaningful errors on the client side. I checked the authentication log on the server (/var/log/auth.log) and saw this error:

sshd[3886]: error: Hm, kex protocol error: type 30 seq 1 [preauth]

It turns out that there’s an error with Kex key exchange. Although I don’t know what that is, I found the solution on blog.nytsoi.net. All I had to do was move the Diffie-Hellman group exchange algorithm to the bottom of the Algorithm selection policy list so that it would try the others first. That’s in PuTTY Configuration -> SSH -> Kex. There’s more information at the linked blog entry.

The other problem I encountered was related to password-less login and my misunderstanding of one of the settings. After fixing the Kex problem, I got this error right away when I tried to connect:

Server sent disconnect message type 2 (protocol error): "bad service request ssh-connection"
Server sent disconnect message
type 2 (protocol error):
“bad service request ssh-connection”

I also found bad service request error in the authentication log:

sshd[3961]: Disconnecting: bad service request ssh-connection [preauth]

I had Bypass authentication entirely checked because I thought that it meant that it would only try to use the Private key file for authentication. Apparently, it means what it says and it doesn’t try to authenticate at all. Simply unchecking the option in PuTTY Configuration -> Auth fixes the problem.

Unfortunately, these simple solutions came after a lot of web searching and trial-and-error with PuTTY Key Generator, but that’s just the way it goes :(

Gmail : Remove Long Quick Links

gmail_logo_nobeta_mediumIf you create a Quick Link in Gmail with a long name, it looks like you can’t remove it. A web search result made me think that the only way around this was to inspect the element in web developer tools and find the ‘x’ that removes the link. However, upon closer inspection, I see that the ‘x’ was always visible on top of the text of the Quick Link.

e.g.: A Quick Link to gaming related emails in my inbox …

20150317_101153-0500_Gmail Quick Links

A Quick Link with a long name.

20150317_103304-0500_Gmail Quick Links 'x' zoomed in

Zoomed-in, you can see that the ‘x’ is there on top of ‘%3A’ which represents the colon in the name.

 

htaccess: Removing Extensions from URLs

If you want your site to have clean and consistent URLs, you might want to drop the file extensions like .php or .html.  Judging by the number of “solutions” I found while trying to figure it out myself, I’d guess that it’s a pretty common request, but I wasn’t able to find an answer that worked for me all in one place.

Continue reading “htaccess: Removing Extensions from URLs”

What is SEO?

I recently attended my first Google Business Groups meetup and I heard something surprising: “For Google, SEO is illegal”.  This was part of the answer to a question about repeating keywords in web page code.  I nearly jumped out of my seat to question this statement and I wanted to discuss the topic further, but I let it drop rather than interrupt the talk.

I had never heard the term SEO used within a negative context before, and I realized for the first time that some abusive techniques are also considered to be part of SEO.

Search Engine Optimization, or SEO, is not illegal, immoral, or otherwise questionable.  It benefits users, content creators, and search engine makers.  I’m not by any measure an expert, but I’ll try to explain a little about what SEO is and where this confusion comes from.

Continue reading “What is SEO?”

This guy…

This guy… I gotta tell you about him…  He won an award for his web site… He helped to create the RSS standard… He authored the RDF standard… but that’s just while he was a teenager.  He also fought for the free culture movement.  He founded Infogami, which still supports OpenLibrary and later merged with Reddit.  He was an editor at Wikipedia.  He founded Demand Progress to fight against abusive laws and for our rights.  These are just some of his many accomplishments.

He was Einstein, Superman, and Robin Hood, all rolled into one.  He made our world better.

Then he killed himself.

His name was Aaron Swartz and I never knew him myself, but I wish I did.  I didn’t even know his name before he died… but I miss him.

Featured image: Tragedy designed by Karl Turner from The Noun Project

Does Klout Matter?

As a blogger and freelance developer, sometimes I have to pay attention to things that aren’t strictly related to the work.  I wish I could just focus on the code, but I also have to spend time on other things such as marketing, monetization, and, perhaps the most important, social networking.

I got an email recently from Klout telling me that my Facebook connection had been deactivated.  This wasn’t a surprise; I recently revoked permissions from a number of Facebook apps that I don’t use, but I did stop and think.  Klout hasn’t faded away like most social startups banking on Facebook’s momentum and I’ve heard it mentioned a number of times in podcasts and other tech news over the last couple of years.  So, I did some googling.

Continue reading “Does Klout Matter?”