Programming

bobman0330 · December 27, 2020, 6:42pm

So, some of the JSON values would be provided by the user, and it’s all going inside a tag. But as long as the JSON literal is wrapped in single quotes, anything malicious would have to escape the single quotes first, but those will all be escaped by the JSON encoder, so there can’t be a problem. Right?

bobman0330 · December 27, 2020, 7:22pm

Ah-ha!:

json_script ¶

Safely outputs a Python object as JSON, wrapped in a <script> tag, ready for use with JavaScript.

Argument: HTML “id” of the <script> tag.

For example:

{{ value|json_script:“hello-data” }}

If value is the dictionary {'hello': 'world'} , the output will be:

The resulting data can be accessed in JavaScript like this:

const value = JSON.parse(document.getElementById(‘hello-data’).textContent);

XSS attacks are mitigated by escaping the characters “<”, “>” and “&”. For example if value is {'hello': 'world</script>&'} , the output is:

This is compatible with a strict Content Security Policy that prohibits in-page script execution. It also maintains a clean separation between passive data and executable code.

jmakin · January 5, 2021, 4:37pm

I am starting to make a 2d game in python with the kid I am mentoring. He expressed an interest in learning C++ - I said, let’s just stick to python for now and when we get comfortable with that we can explore C++.

Anyway since he’s curious of stuff outside python I was considering recommending him some books to read. Top on my list for him is probably “clean code” but I’m not sure how daunting that would be for a 13 year old. I really really wanna introduce him to “The C programming language” book but am afraid C might be throwing him into the fire.

He’s got confidence issues, like any 13 year old I guess, so I’m very much not wanting to intimidate him with concepts he doesnt need to worry about right now.

He’s surprised me though. He showed me some of the stuff he created in Scratch, and I was pretty impressed at the logic of it. I explained to him that a lot of programming is just like using Scratch - you take code “blocks” and put them together in ways that create something more complex. When I told him that he appeared relieved.

Anyone got good book recs for a young programmer who is very competent for his age?

d2_e4 · January 5, 2021, 4:40pm

What about C# rather than C or C++? Probably both easier to pick up and more marketable today.

jmakin · January 5, 2021, 4:43pm

I feel like C is the easiest language to “learn” of all the C languages. Its library is small and well documented and there’s a lot of resources out there for it. It’s purely functional and you don’t need to worry about complicated class structures and all that. Clean and simple.

C# is something I’ve never personally touched. In 10 years when he’s hitting the job market, we may all be programming in Golang, idk. Hard to predict what will be marketable then.

grue · January 5, 2021, 4:48pm

lol C++ cmon. Stick with python.

microbet · January 5, 2021, 4:51pm

There’s also a big benefit to just sticking with one language.

suzzer99 · January 5, 2021, 4:51pm

Do it in assembly. Kid needs to learn the basics. Better yet - do it on circuit board with and, or and nor gates.

d2_e4 · January 5, 2021, 4:53pm

Real programmer works with sand and a soldering iron. Everything else is abstraction.

jmakin · January 5, 2021, 4:54pm

Haha I’ve learned both. As well as punchcard programming. There’s still a very big “you need to learn how we did it 60 years ago” school of thinking in CS education.

suzzer99 · January 5, 2021, 4:54pm

And vacuum tubes. I don’t trust those transistors. Quantum tunneling my ass. It’s all a scam by big silicon.

d2_e4 · January 5, 2021, 4:55pm

What do you think the sand is for?

suzzer99 · January 5, 2021, 4:56pm

I built a smiley face on a 5x7 led display that cycled through different faces - using all logic chips. Still probably my most satisfying programming accomplishment.

jmakin · January 5, 2021, 4:57pm

Probably the thing I learned in school that gave me the biggest respect for the tools I use every day was writing a simple compiler for a C-style language, targeting MIPS assembly language. Idk I think there’s value to learning some of this stuff at least from a mile high view, but overall, I think my education was a massive waste of effort.

The most fun project I did was making a circuit board with LED display I personally soldered on to it. It had a small processor, lights and could play sounds so I made a simon says toy. It still works.

microbet · January 6, 2021, 2:24am

OMG UR AWESOME!

microbet · January 6, 2021, 2:26am

I no longer scroll though most of the posts on this site. I “J” through them.

zikzak · January 6, 2021, 2:36am

Click on Keyboard Shortcuts in the hamburger menu. There’s tons of them.

eta: I think the reason is for accessibility.

microbet · January 6, 2021, 3:06am

That’s pretty cool. In the last programming gig I had, which was like two years ago now, accessibility was part of it, but it was something that never seemed to make it to top priority. People lament that it’s not a higher priority, but still, something else is always more urgent.

eta: I don’t see it in my hamburger menu though.

suzzer99 · January 8, 2021, 4:57pm

Tell them you’ll give them $1000 if they figure it out. When they say “really?” say no, but you were already thinking weren’t you?

jmakin · January 8, 2021, 5:33pm

Haha a few months back I sent a full stack dev a list of bash commands to type in the prompt and he came back like 20 mins later super confused and huffy about how none of the commands were working, turns out he was including the dollar sign notation that is customary when you are describing a command line instruction, like:

$ echo “hello world”

To me, it’s like a monkey could figure that out but for him he apparently had never seen bash or any CLI before.