Episode 89 of The SitePoint Podcast is now available! This week your hosts are Patrick O’Keefe (@iFroggy), Stephan Segraves (@ssegraves), Brad Williams (@williamsba), and Kevin Yank (@sentience).
SitePoint Podcast的第89集现已发布! 本周的主持人是Patrick O'Keefe( @iFroggy ),Stephan Segraves( @ssegraves ),Brad Williams( @williamsba )和Kevin Yank( @sentience )。
You can also download this episode as a standalone MP3 file. Here’s the link:
您也可以将本集下载为独立的MP3文件。 这是链接:
SitePoint Podcast #89: Podcast of the Year (MP3, 44.1MB, 48:11)
SitePoint播客#89:年度播客 (MP3,44.1MB,48:11)
Here are the topics covered in this episode:
以下是本集中介绍的主题:
Browse the full list of links referenced in the show at .
浏览。
Brad: min.us
布拉德: 最小
Stephan: Instapaper’s Backup Method
斯蒂芬: Instapaper的备份方法
Kevin: repeat-x repeat-y
凯文: 重复x重复y
Patrick: Why You Need to Open the Kimono in Social Media
帕特里克: 为什么需要在社交媒体中打开和服
November 26, 2010: A big Google security hole gets patched, how all spinners are not created equal, and Internet Explorer 9 cheats on a test. I’m Kevin Yank and this is the SitePoint Podcast #89, Podcast of the Year.
2010年11月26日:修补了一个巨大的Google安全漏洞,如何使所有微调器均不平等,并且Internet Explorer 9作弊。 我是Kevin Yank,这是SitePoint播客#89,年度播客。
We did it guys! We are Podcast of the Year!
我们做到了! 我们是年度播客!
Brad: Yay!
布拉德:是的 !
Kevin: According to the Magazine that I went to London and went to the awards ceremony and I was there with Karn Broad, the producer for our interview shows, and yeah, it was amazing. We were up against The Big Web Show which one Video Podcast of the Year and well deserved to Jeffrey Zeldman and his co-host Dan Benjamin, they put on a really interesting interview show every week. But, yeah, we won the audio category guys! Congratulations.
凯文:根据《 杂志》 ,我去伦敦参加了颁奖典礼 ,当时我和我们的访谈节目的制片人卡恩·布罗德(Karn Broad)在一起,是的,真是太神奇了。 我们面对的是The Big Web Show (年度最佳视频播客),当之无愧的Jeffrey Zeldman和他的联合主持人Dan Benjamin,他们每周都会进行一次非常有趣的访谈节目。 但是,是的,我们赢得了音频类别的家伙! 恭喜你
Patrick: So paint a picture for us, Kevin, give us a visual. What was it like?
帕特里克:为凯文画一幅画,给我们一个视觉。 那是什么感觉
Brad: I envision like the Oscars or something. Like some grand ballroom!
布拉德:我设想像奥斯卡之类的东西。 像一些盛大的宴会厅!
Patrick: What was it like, how cool was it? Make it dramatic.
帕特里克:感觉如何,有多酷? 使其生动。
Kevin: There was no podium, but I think they did away with the podium at the Oscars a while ago now. It was held in The Ministry of Sound dance club in London, so just on the south bank of the Thames near Waterloo if you know London, that’s where The Ministry of Sound is, apparently this iconic dance club. I have several music geeks here in the office who are jealous that I was gonna get to spend an evening in the famous Ministry of Sound; I’ll be honest with you it just looked like a dance club to me.
凯文:没有讲台,但我想他们不久前在奥斯卡颁奖典礼上就取消了讲台。 它在伦敦的声部舞蹈俱乐部举行,所以如果您知道伦敦,就在滑铁卢附近的泰晤士河南岸,这就是声部的所在地,显然是这个标志性的舞蹈俱乐部。 我办公室里有几个音乐极客,他们嫉妒我要去著名的声音部度过一个晚上。 我对你说老实话,对我来说它就像一个舞蹈俱乐部。
Patrick: Oh!
帕特里克:哦!
Kevin: But, the nerds poured in and at about 7 o’clock they turned down the music a little and a stand-up comic who is very well known in England started emceeing, and I don’t even know his name, I don’t even know who the guy is, but everyone who is local went, “Aw, he’s hilarious! He’s on TV all the time, I need to get my picture with him because my wife is such a huge fan!” That’s a direct quote from Karn our producer, by the way. And so he stepped up and category by category called out the, well, through to the announcer who was on the PA who announced the nominees. They had like a big video done on the big screen behind him that kind of went through the nominees and showed either screenshots or bits of logos and things like that, just sort of a motion graphics kind of presentation showing off each of the nominees in each category, and then they threw back to the emcee who announced the winner. And, yeah, Karn and I — the podcast category was the very first category of the night, they called our name and Karn Broad and I stepped up and thanked the crowd. There were several cheers when the SitePoint Podcast was named among the nominees; we definitely had some fans in the audience so it was a really fun night. And after that we as winners were whisked up into the VIP lounge, which between you and me was actually the “stand in front of the sponsors banner and get your photo taken for their magazine” lounge. But, yeah, we got to chill out and hang out with other winners like Jeffrey Zeldman and Faruk Ate? who we’ve mentioned on this podcast before and is the author of Modernizr, which I think won Open Source Project of the Year, and a few other locals, Jeremy Keith, who you might know on Twitter as @adactio, was in attendance because his digital agency was nominated, Clearleft, was nominated for Digital Agency of the Year, but Jeffery Zeldman took that one out as well with Happy Cog. In fact, Zeldman won no less than three different categories at the awards; he was the man of the night for sure.
凯文:但是,书呆子们涌进来,大约7点钟,他们把音乐调低了一点,一个在英国很出名的单口相声漫画开始主持,我什至不知道他的名字,我不知道甚至都不知道那个家伙是谁,但是每个本地人都去了,“噢,他很搞笑! 他一直在电视上,我需要和他合影,因为我的妻子是个超级粉丝!” 顺便说一下,那是我们制片人卡恩的直接报价。 因此,他加强了工作,并逐个类别地召集了一位一直到PA上宣布提名人的播音员。 他们就像在他身后的大屏幕上观看了一个大型视频,经历了被提名者,并显示了屏幕截图或徽标的片段以及类似的内容,只是一种运动图形演示,展示了每个被提名者的身份。类别,然后他们又回到主持人,宣布获胜者。 是的,Karn和我-播客类别是当晚的头一个类别,他们叫我们的名字,而Karn Broad和我上前感谢人群。 当SitePoint Podcast在被提名人中被提名时,欢呼声很高。 我们的观众中肯定有一些粉丝,所以这是一个非常有趣的夜晚。 之后,作为获奖者的我们被赶到VIP休息室,在您我之间实际上是“站在赞助商横幅前,为您的杂志拍照”休息室。 但是,是的,我们必须放松一下,并与其他获胜者(例如Jeffrey Zeldman和Faruk Ate)闲逛吗? 我们之前在此播客上提到的他是Modernizr的作者,我认为它是“年度开源项目”,还有其他一些本地人Jeremy Keith(您可能在Twitter上称为@adactio )参加了会议,因为他的数字代理公司被提名为Clearleft ,被提名为“年度数字代理”,但是Jeffery Zeldman也与Happy Cog一起将其淘汰。 实际上,泽德曼(Zeldman)在这些奖项中获得了不少于三个奖项。 他肯定是当晚的人。
Patrick: I love us and everything, I mean we’re awesome and all that, but I have to say after seeing the initial list of nominees I was a little intimidated as far as our chances, but, not to say we don’t produce a quality show because we do, and it’s great to be honored, but I guess there was no video taken, huh?
帕特里克:我爱我们和一切,我的意思是我们都很出色,但是我不得不说,看到最初的提名名单后,我对我们的机会有点被吓到了,但并不是说我们没有制作高质量的节目是因为我们这样做了,很荣幸能得到荣誉,但是我想没有录制视频,对吧?
Kevin: No. There were some photos; there was a photographer in the back of the crowd with a long lens who was taking photos of people as they accepted their awards, but they didn’t mention that to the winners, so we didn’t know where to look for the photos, so I think there might be a photo of Karn and I sort of side-on standing in front of the trophy somewhere, if I find that I’ll let you know. The awards are officially announced at thenetawards, this is the same site where we were asking you to go and vote for us earlier in the year, now it just lists the winners in each category, but I think they’re gonna make their big splash in the next issue of their magazine, that being #210, which I assume comes out next month. So I think Karn is going to send me a copy of that and hopefully we can see our names in print.
凯文:没有。有一些照片。 人群的后方有一个戴着长镜头的摄影师,当他们接受奖项时正在拍照,但是他们没有向获奖者提及,所以我们不知道在哪里寻找照片,所以我想可能会有卡恩的照片,如果我发现我会让你知道的话,我有点侧身站在奖杯的前面。 奖项已在thenetawards上正式宣布,这是我们要求您在今年早些时候去投票的网站,现在它只列出每个类别的获奖者,但我认为他们将做出自己的贡献他们的下一期杂志大放异彩,那就是#210,我认为这是下个月出版的。 因此,我认为Karn会向我发送一份副本,希望我们能看到我们的姓名。
Brad: I think we need to make sure to thank Paul Boag for stepping aside and allowing us to actually win this thing (laughter).
布拉德:我认为我们需要确保感谢保罗·博阿格(Paul Boag)辞职,让我们实际上赢得了这场比赛(笑声)。
Kevin: He won last year and I think yeah just quietly there was a separate video and audio category because, yeah, the Zeldman and Benjamin show is a class act and it would’ve been really stiff competition. But, yes, thank you to the Awards, I intend to from now on refer to this as “the award winning SitePoint Podcast.”
凯文:他去年获得了冠军,我想是的,这里只是一个单独的视频和音频类别,因为,是的,扎德曼和本杰明的表演是集体表演,竞争真的很激烈。 但是,是的,谢谢大奖,我打算从现在起将其称为“屡获殊荣的SitePoint播客”。
Patrick: Has a nice ring to it.
帕特里克:对此有好感。
Kevin: Without further ado let’s get into our stories because we’ve got a bit to get through. So, Brad, why don’t you lead us off.
凯文:事不宜迟,让我们进入我们的故事,因为我们还有点需要做的。 所以,布拉德,你为什么不带我们离开。
Brad: So, Google had a little embarrassing moment over the past week, an actual 21 year old Armenian developer found a little security hole in the Google Apps API Script, and according to him he actually contacted Google a number of times trying to report the vulnerability and could not get through. So, what’s the next best thing you can do? Well, set up a site and show everybody what you found. So he actually set up a site on BlogSpot that hosted this page and the script that he wrote, and if you visited that site and you were logged into Google or Gmail currently, any type of a Google site, the website would immediately grab your Google email and send you an email and say, hey, I just got your email. And that’s as simple as the exploit was but as you can imagine that’s a pretty big exploit especially for somebody like Google to miss. So it was actually kind of a big story there; luckily as soon as Google saw the website they took the site down, they say they fixed the exploit, and the developer actually in my mind probably did about the best thing he could have other than just reporting it. Since he wasn’t getting a response he actually set up a site to show it but he didn’t tell anybody what it was, he didn’t release this is how you do it, this is what you do, he actually just kind of showed it off from a functional standpoint, which I think is a little bit better than what I’ve seen a lot of other people do when they find exploits, so definitely hats off to him. But it was a little scary, especially Google, a site as big as Google, I mean I’m sure all of us maybe other than Patrick have at least something at Google that we use.
布拉德:所以Google在过去一周有一个尴尬的时刻,一位21岁的亚美尼亚实际开发人员在Google Apps API脚本中发现了一个安全漏洞,据他说,他实际上多次联系Google,试图举报漏洞,无法解决。 那么,您能做的下一件事是什么? 好吧,建立一个网站,然后向所有人展示您找到的内容。 因此,他实际上是在BlogSpot上建立了一个托管该页面和他编写的脚本的网站,如果您访问了该网站并且当前登录到Google或Gmail(任何类型的Google网站),该网站都将立即抓住您的Google电子邮件并向您发送电子邮件,说,嘿,我刚收到您的电子邮件。 这和漏洞利用程序一样简单,但是您可以想象这是一个很大的漏洞利用,特别是对于像Google这样的人来说,是不容错过的。 因此,那里实际上是一个大故事。 幸运的是,一旦Google看到该网站,他们就将该网站关闭了,他们说他们已经修复了漏洞,而在我看来,开发人员实际上是在尽其所能,而不仅仅是报告了它。 由于没有得到回应,所以他实际上建立了一个网站来展示它,但是他没有告诉任何人这是什么,他没有发布这就是你的做法,这就是你的做法,他实际上只是一个好人从功能的角度展示了它,我认为这比我看到许多其他人在发现漏洞时所做的要好一些,因此绝对可以接受他。 但这有点令人恐惧,尤其是Google,它的规模与Google一样大。我的意思是,我敢肯定,除了Patrick之外,我们所有人中至少有一些我们可以使用的。
Patrick: Even Patrick.
帕特里克:甚至帕特里克。
Brad: Okay, even Patrick. But seeing a vulnerability as big as this that escaped Google has got to make you worry a little bit.
布拉德:好的,甚至是帕特里克。 但是,看到像这样大的漏洞已经逃脱了Google,就必须让您有些担心。
Kevin: Yeah. I had a look into this Google Apps Script API, and in fact before Google fixed it no one even knew what API he was using. He was as you say very tightlipped about exactly how he was managing to do it and I suppose that was fairly responsible of him to do. But as soon as Google had fixed the problem they posted a little note saying that their first response was to take down the site from BlogSpot; obviously, BlogSpot is Google’s blogging platform so they had full control over that site, but from what I have read I’m guessing this exploit did not depend on the page being hosted by BlogSpot. I think he probably could’ve put it just about anywhere. But, yeah, Google’s response says, “We quickly fixed the issue in the Google Apps Script API,” and just by saying that everyone suddenly knew exactly which API, which part of the Google ecosystem had the error in it. So hat’s off to Google, I don’t think they had to be as open as that but I’m glad they were because this Google Apps Script API is something that I wasn’t familiar with beforehand. They went on to say “That vulnerability could have allowed for emails to be sent to Gmail users without their permission if they visited a specially designed website while signed into their account. We immediately removed the site that demonstrated this issue and disabled the functionality soon after. We encourage responsible disclosure of potential application security issues to security@google.” That closing remark there suggests to me that what they’re saying is, uh, yeah, we know he said he tried to contact us and didn’t get a reply, well, he didn’t go through the right channels. They seem to be implying that if he had dropped a line to that very special email address they would have gotten right on to it. What do you think, do you buy that Brad?
凯文:是的。 我研究了这个Google Apps Script API ,实际上,在Google对其进行修复之前,甚至没有人知道他使用的是哪种API。 正如您所说,他对自己如何做到这一点非常谨慎,我想这对他的工作负有相当责任。 但是,一旦Google解决了该问题,他们便发布了一条小纸条,说他们的第一React是从BlogSpot删除该网站。 显然,BlogSpot是Google的博客平台,因此他们可以完全控制该网站,但是据我所读的内容,我猜想这种利用并不取决于BlogSpot托管的页面。 我想他大概可以把它放在任何地方。 但是,是的, Google的回答是 :“我们Swift解决了Google Apps Script API中的问题,”并只是说所有人突然知道确切的API,即Google生态系统的哪个部分出现了错误。 因此,对Google表示敬意,我认为他们不必那么开放,但是我很高兴他们这样做,因为我以前并不熟悉此Google Apps Script API。 他们接着说:“如果该漏洞在登录帐户时访问了专门设计的网站,则该漏洞可能允许未经许可将电子邮件发送给Gmail用户。 我们立即删除了展示此问题的站点,并在不久后禁用了该功能。 我们鼓励您向security@google负责地披露潜在的应用程序安全问题。” 那里的结束语向我表明,他们的意思是,嗯,是的,我们知道他说他试图与我们联系并且没有得到回复,好吧,他没有通过正确的渠道。 他们似乎在暗示,如果他在该非常特殊的电子邮件地址中添加一行,他们将可以继续使用。 您如何看待,您会购买布拉德吗?
Brad: I don’t know, I mean the developer’s name is Vahe G., and he’s not real specific about how he contacted Google, he just said he contacted Google a few different ways and they just don’t answer emails. So, you know, sure if you just email certain areas of Google it’s probably going to be very hard to get through. So, but it would’ve been nicer if he actually said I did email this, this, this and this and nobody responded, but he didn’t actually say that so it’s hard to say. I mean I know you can only imagine the amount of emails that Google gets a day across their various services, so it’d be very easy for an email or two to get lost I’m sure.
布拉德:我不知道,我的意思是开发人员的名字叫Vahe G.,他对联系Google的方式并不确定,他只是说他以几种不同的方式联系Google,而他们只是不回复电子邮件。 因此,您知道,如果仅通过电子邮件发送Google的某些区域,则可能很难通过。 因此,但是如果他实际上说我确实通过电子邮件,这个,这个和这个电子邮件发送了,并且没有人回复,那会更好,但是他实际上没有这么说,所以很难说。 我的意思是,我知道您只能想象Google每天通过其各种服务收到的电子邮件数量,因此,我敢肯定,一两封电子邮件很容易丢失。
Patrick: If you Google ‘Google Security’, oddly enough—and not to say they couldn’t have changed this because obviously Google controls the index—but if you Google it my first hit here, the first site listed is google/corporate/security.html, and actually in the description of the search result is the email address, security@google, so it seems like it would be difficult to miss if you searched for it via Google anyway.
帕特里克(Patrick):如果您使用Google“ Google安全性”,这很奇怪-并不是说他们不能更改它,因为显然是Google控制了该索引-但是如果您在这里首次点击Google,则列出的第一个网站是google/ Corporate / security.html,实际上在搜索结果的描述中是电子邮件地址security@google,因此,无论如何通过Google搜索,似乎都很难错过。
Kevin: Yeah, I see that! My first result is the Google Online Security Blog at googleonlinesecurity.blogspot, and hmm, was last updated Thursday, November 11th, so they have not talked about this particular vulnerability on the Google Online Security Blog. But I think it’s more about helping—
凯文:是的,我明白了! 我的第一个结果是位于googleonlinesecurity.blogspot和hmm的Google Online Security Blog,最近一次更新是11月11日,星期四,因此他们没有在Google Online Security Blog上谈论此特定漏洞。 但我认为更多是关于帮助-
Patrick: General Internet safety and security.
帕特里克:一般的互联网安全性。
Kevin: Yeah, yeah, exactly. So this API, this Google Apps Script API that had the vulnerability in it, I had a look at the documentation for it and it’s really a lot like— I don’t know if you, listener, have been around long enough to remember the heyday of Microsoft Office and when everyone did … like there were a lot of businesses whose accounting hung off of intricate combinations of VBScript running in something like Microsoft Excel or something like that. But these scripting languages that run inside of your office applications. Well, Google Apps Script API is really the Google Apps version of that, so if Google Apps is your office suite in The Cloud then the Google Apps Script API is what lets you write these scripts that run within your office suite in The Cloud. So rather than being like JavaScript that runs in your browser this is scripts that you write and deliver to Google and then Google runs them on their servers against the documents and data that you store in your Google account. And it looks like if I had to guess, given the evidence at hand, what the developer discovered is one of the APIs, one of the parts of Google’s Apps that you can get at through this API, is your Gmail address book. And I don’t know if he was able to somehow exploit that part of the API to get the currently logged in user’s address or even it was something just a whole lot simpler, that the API did expose your Google account name and that he from that could guess your Gmail account and send you email, something like that. But the fact that any old site, a BlogSpot blog page for example, could do that using JavaScript is a bit scary so I’m glad they fixed that.
凯文:是的,是的。 因此,这个API,这个带有漏洞的Google Apps脚本API,我看了一下它的文档,它的确很像-我不知道您(听众)是否已经足够长的时间来记住在Microsoft Office的全盛时期,以及每个人都做的…就像许多企业的会计处理都依赖于在Microsoft Excel之类的工具中运行的VBScript的复杂组合。 但是这些脚本语言在您的Office应用程序内部运行。 好吧,Google Apps Script API确实是该版本的Google Apps版本,因此,如果Google Apps是The Cloud中的办公套件,那么Google Apps Script API是让您编写在The Cloud中的Office套件中运行的这些脚本的工具。 因此,不是像您的浏览器中运行JavaScript那样,而是您编写并交付给Google的脚本,然后Google根据您存储在Google帐户中的文档和数据在它们的服务器上运行它们。 看起来,如果我不得不猜测,根据现有证据,开发人员发现的就是其中一种API,可以通过此API获得的Google Apps的一部分就是您的Gmail通讯录。 而且我不知道他是否能够以某种方式利用API的这一部分来获取当前登录用户的地址,或者甚至简单得多,API确实公开了您的Google帐户名,并且他从可能会猜出您的Gmail帐户并向您发送电子邮件,诸如此类。 但是,事实上任何旧站点(例如BlogSpot博客页面)都可以使用JavaScript做到这一点,这有点令人恐惧,因此我很高兴他们解决了这一问题。
Brad: It’s kind of funny, if you look at the — TechCrunch has a screenshot of what the website looked like before they took it down and it actually has Google ads all over it (laughter). Not only is there an exploit but at least there’s some Google ads on there too.
布拉德:这很有趣,如果您看一下-TechCrunch截取了网站被关闭之前的屏幕截图 ,实际上它上面遍布Google广告(笑声)。 不仅有漏洞利用,而且至少那里也有一些Google广告。
Kevin: Well, you can’t fault the guy for trying to make a little pocket change in the process. It’s a tough life being a security researcher; no one wants to pay you anything.
凯文:嗯,你不能责怪这个家伙在这个过程中尝试做些零花钱。 作为一名安全研究员,这是艰辛的生活; 没有人愿意付你任何钱。
Patrick: No one even wants to respond to your email.
帕特里克:甚至没有人希望回复您的电子邮件。
Stephan: Until you get hacked.
斯蒂芬:直到被黑为止。
Kevin: Yeah. Another Google story is something that I picked up from the SitePoint Tech Times newsletter this past week from Louis Simoneau, our lead technical editor here at SitePoint, and this is a comic book from Google called 20 Things I Learned about Browsers and the Web. Not a comic book, just an online book, sorry, I’m just used to Google expressing everything they have to say in comic book form, it seemed like that’s what they were doing for a while there. But this is a site, 20thingsilearned, where the 20 is a number, 20thingsilearned, and this is a very slick presentation of an online book, and it’s a book that’s— You remember when we talked about that story where what was it less than eight percent of people stopped on the street in New York City knew what a web browser was?
凯文:是的。 另一个Google的故事是我上周从SitePoint技术时事通讯中从我们在SitePoint的首席技术编辑路易斯·西蒙诺(Louis Simoneau)那里摘得的,这是谷歌的一本漫画书,名为“ 我从浏览器和网络中学到的20件事” 。 不是漫画书,只是一本在线书,对不起,我只是习惯了Google以漫画书形式表达他们必须说的一切,这似乎就是他们在那里做了一段时间了。 但这是一个20thingsilearned网站,其中20是一个数字20thingsilearned,这是一本非常精美的在线图书演示,它是一本书-您还记得当我们谈论那个故事的时候仅不到8%的人停在纽约市的街道上,知道什么是网络浏览器?
Brad: This is the book they should be reading?
布拉德:这是他们应该读的书吗?
Kevin: Yeah, it seems like Google took that to heart and went alright, well, we’re gonna write the book on this stuff. And so it explains in layman’s terms with really sort of charming illustrations by an artist named Christoph Neimann, how the Web works. And you can flip through this thing and if you’ve played with these, you know, the slick e-book reader experiences on things like Apple iPad where you get that very tactile kind of page curl effect, well it’s the same thing as that, you get that sort of thing. But the illustrations a lot of them are animated and it’s all done with HTML5 web technology and it’s pretty impressive. I notice one of the things in the prologue that they talk about is you get to find out what happens if your laptop gets run over by a truck, and I flipped through to that page to find out and it turns out that’s in a chapter called Cloud Computing where they tell you that it’s okay if your laptop gets run over by a truck as long as you store all of your data in The Cloud using Google services. (Laughter)
凯文:是的,看来Google对此深有体会,好吧,好吧,我们要写这本书。 因此,它以外行的术语解释了一位名叫克里斯托夫·内曼(Christoph Neimann)的艺术家的确有魅力的插图,说明了网络的工作原理。 而且,您可以翻阅此内容,如果您玩过这些东西,就可以知道,在Apple iPad等产品上使用光滑的电子书阅读器时,您会获得非常触觉的页面卷曲效果,这是一样的,您会得到类似的信息。 但是其中很多插图都是动画的,并且全部使用HTML5网络技术完成,非常令人印象深刻。 我注意到他们在序言中谈到的一件事是,您要弄清楚如果笔记本电脑被卡车撞倒会发生什么,我翻到该页面进行查找,结果就是在名为他们告诉您,只要您使用Google服务将所有数据存储在The Cloud中,如果笔记本电脑被卡车撞倒就可以了。 (笑声)
Patrick: Did anyone get a Dr. Seuss vibe on this because it’s listed as Thing One, Thing Two, Thing Three and so on, and they have little guys dressed in red.
帕特里克(Patrick):有没有人获得苏斯博士的共鸣,因为它被列为“一件事”,“第二件事”,“第三件事”等等,而且他们的小伙子们都穿着红色。
Brad: Yeah, as soon as I saw Thing One that’s actually the first thing that popped in my head, especially with the graphics.
布拉德:是的,当我看到Thing One时,这实际上是我脑海中浮现的第一件事,尤其是图形。
Patrick: The idea of Cloud computing it was interesting to read that part about how — no, it wasn’t Cloud Computing, what section was it, it was another section that talked about keeping your data in The Cloud and how it was better for safety. I think it was using apps, using the Web apps, how it’s safer because you don’t have to download things, and I thought well that’s one way to look at it I guess. You know me and The Cloud, so, yeah.
帕特里克(Patrick):关于云计算的概念,很有趣的一点是,阅读了有关如何-不,不是云计算,它是哪个部分,这是另一部分,它讨论了如何将数据保留在云中以及如何更好地用于云计算。安全。 我认为它使用的是应用程序,使用的是Web应用程序,它的安全性如何,因为您不必下载内容,我想这是一种看待它的方式。 你认识我和云,是的。
Brad: I really like that Google’s done quite a few of these little sites about various different topics, but they’re really — I mean at the end of the day they’re really showcasing some really cool HTML5 stuff here.
布拉德(Brad):我真的很喜欢Google在涉及不同主题的这些小站点中做了很多,但它们确实是-我的意思是说,归根结底,他们在这里确实展示了一些非常酷HTML5内容。
Kevin: Yeah, that’s true. If you haven’t spotted it try clicking the little light bulb switch in the bottom right corner of the page, you can switch the page into dark mode if you’re reading in the dark and it does a really nice fade. It’s all very slick; I haven’t had a look at the code behind the scenes to see how accessible this is, for example, if you have JavaScript turned off. In fact, I’m gonna try that now, I’m gonna disable JavaScript and reload this page and see what happens.
凯文:是的,是的。 如果您没有发现它,请尝试单击页面右下角的小灯泡开关,如果您在黑暗中阅读,则可以将页面切换为黑暗模式,并且褪色效果非常好。 都非常光滑。 我没有看过幕后的代码,例如,如果您关闭了JavaScript,就无法看到它的可访问性。 实际上,我现在要尝试一下,我要禁用JavaScript并重新加载此页面,然后看看会发生什么。
Patrick: And when Kevin’s Skype connection crashes we’re gonna be in a lot of trouble.
帕特里克:当凯文的Skype连接崩溃时,我们将陷入很多麻烦。
Kevin: I get a completely blank page. This is not nice. Okay. With JavaScript turned off you just get a completely blank web page, so that’s not a whole lot of fun. Even though if you look at the markup of the page there’s plenty of content there. Seems like JavaScript is required on the Web these days, that’s one of the 20 things I learned about the Web by reading this book. A nice touch I found is if you go away from the site and come back it will offer to let you resume reading where you left off last time, very nice.
凯文:我得到一个完全空白的页面。 不好 好的。 关闭JavaScript,您将获得一个完全空白的网页,因此,这并不是很多乐趣。 即使您查看页面的标记,那里也有很多内容。 如今,似乎Web上需要JavaScript,这就是我通过阅读本书了解到的20件事之一。 我发现一个不错的感觉是,如果您离开站点然后再回来,它将使您可以继续阅读上次中断的地方,非常好。
Improving Perceived Site Performance with Spinners is a blog post on the YUI Blog. Again, this is from the Tech Times Newsletter, Louis Simoneau put together a nice list of what’s new on the Web links, and I grabbed a couple of those for the show today because they really pushed my buttons. And this one is a story explaining how it’s pretty well known that if you’re gonna make your users wait you want to show them some sort of animation or give them something to look at, hopefully something that moves whether it’s a progress bar or a spinner if you don’t have a way of determining exactly what progress is being made. But if you give them something to look at, something that moves, you’ll give them the feeling that something is happening and it makes that wait feel less long. Well, it looks like Yahoo! has done some research here, or in fact Piotr, they say, who spoke at the London Ajax meetup this week, “Piotr, one of the creators of the rather good jsfiddle talked about spinners, the pretty common ‘I’m doing something’ indicator and how users perceive them.” And he says that depending on exactly how it’s displayed it can give a different sense of the time that’s passing or how long it takes. Have you guys ever experienced this where you’ve watched a spinner and felt time slow to a crawl because it just is doing the same thing over and over and over again?
使用Spinners改善感知的网站性能是YUI博客上的博客文章。 再次,这是来自《科技时报》的通讯,路易斯·西蒙娜(Louis Simoneau) 在Web链接上整理了一份很棒的新功能列表 ,而我之所以在今天的演出中抓了几个,因为他们确实按下了按钮。 这是一个故事,说明了如何众所周知的是,如果您要让用户等待,您想向他们展示某种动画或给他们看一些东西,希望它们可以移动,无论是进度条还是进度条。如果您没有办法确定确切的进度,请使用微调器。 但是,如果您给他们看些东西,移动一些东西,您会给他们一种正在发生的感觉,使等待的时间减少了。 好吧,看起来像Yahoo! 他们在这里做过研究,或者实际上是Piotr,他们说,他本周在伦敦Ajax见面会上说:“ Piotr,相当不错的jsfiddle的创建者之一,谈到了微调器,这很常见,'我在做事物指标以及用户如何看待它们。” 他说,取决于确切的显示方式,可以对经过的时间或所需的时间有所不同。 你们是否曾经体验过这种情况,因为您曾经看过旋转器,并且因为一次又一次地重复做同一件事而感到爬行的时间很慢?
Patrick: I think the idea of a loading screen in general, I don’t know, it’s the same kind of thing in principle, right, is loading something whether it be like a Flash animation or just one of those spinners. I don’t know, I don’t know that it’s ever had much of an effect to me, but the idea for me is that if it’s loading, it’s loading, and that’s what it’s showing me. But if it’s not showing me it’s loading I just assume it’ll be there in a second, so I don’t know, maybe a blind assumption.
帕特里克(Patrick):我认为通常来说,加载屏幕的想法是相同的,对,无论是像Flash动画还是其中一个微调器,它都是在加载东西。 我不知道,我不知道它对我有很大的影响,但是对我来说,想法是,如果它正在加载,它正在加载,那就是它向我展示的。 但是,如果它没有显示我正在加载,我只是假设它会在一秒钟内出现,所以我不知道,也许是一个盲目的假设。
Kevin: I’m playing with the example they have here, and this survey that he ran and it shows two buttons and you can click load A and load B and when you click load A it shows a little progress spinner and then completes. And if you click load B it does a similar thing but just with a slightly different presentation. Reading again from the blog post here, “When you click the button there’s a delay before the spinner is shown and then a short random time later the results are shown, then you click another button and the same thing happens and then you say which one is faster.” And according to the results “By delaying the display of the spinner slightly users perceive things to be happening quicker, but if you wait too long they start to think that something’s broken, 0.4 seconds seems to be the optimal delay.” If you let them click and then before you display the spinner rather than displaying it right away you wait 0.4 seconds and then display the spinner. It’s like when the spinner appears the user‘s brain resets and goes, okay, I’m seeing the spinner now I’m starting to wait, and it then loses track of that original 0.4 seconds that you waited and makes the whole thing feel a little faster, very interesting.
凯文:我正在玩他们在这里的示例,他进行的这项调查显示了两个按钮,您可以单击加载A和加载B,单击加载A时,它会显示一个小进度条,然后完成。 而且,如果单击负载B,它会执行类似的操作,但显示方式略有不同。 在这里再次从博客文章中读到,“当您单击按钮时,显示微调框之前有一个延迟,然后在短暂的随机时间之后显示结果,然后单击另一个按钮,发生相同的事情,然后您说出哪个是比较快的。” 并根据结果显示:“通过稍微延迟微调器的显示,用户会感觉事情发生得更快,但是如果等待时间太长,他们会开始认为发生了问题,0.4秒似乎是最佳的延迟。” 如果让他们单击,然后在显示微调框而不是立即显示它之前,请等待0.4秒,然后显示微调框。 就像旋转器出现时一样,用户的大脑复位并走了,好吧,我现在看到旋转器了,我开始等待,然后它失去了您等待的原始0.4秒的轨迹,使整个过程感觉有点更快,很有趣。
It’s like the amount of time that the spinner is displayed is interpreted as the amount of time the wait, and the longer you can get away with without making it look broken the better the result, very interesting.
就像将微调器显示的时间解释为等待的时间一样,在不使外观看起来破碎的情况下,您可以花的时间越长,结果越好,这非常有趣。
Patrick: Put this knowledge into action today.
帕特里克:今天将这些知识付诸实践。
Kevin: Yeah, exactly. Something we did last new show that I wanted to do again this week was take a look at the SitePoint Poll because I had a lot of fun when we talked about whether, what was it, whether Silverlight was dead or not. And the SitePoint Poll this week is, and there’s a whole blog post and forum thread associated with this, but I thought we could just sort of shoot from the hip here and this one’s especially for the developers amongst us so, Brad, pay attention. What do you think the worst MySQL mistake is, A) not using Innodb, B) not using PDO or MySQLi, C) not using Input Validation, or D) not using UTF-8?
凯文:是的,确实如此。 我们最近一次上演的新节目是我本周要再次做的一件事,就是看一下SitePoint民意测验,因为当我们谈论它是什么,Silverlight是否死了时,我很开心。 本周的SitePoint投票是,与此相关的还有整篇博客文章和论坛主题,但我认为我们可以从这里进行一些拍摄,而这尤其适合我们当中的开发人员,因此请Brad注意。 您认为MySQL最严重的错误是,A)不使用Innodb,B)不使用PDO或MySQLi,C)不使用输入验证,或D)不使用UTF-8?
Brad: For me I would definitely without a doubt say Input Validation. I mean if you’re not sanitizing any type of user input right into the database you’re just asking for SQL injection. And that’s something I remember back to one of my — back when I was learning classic ASP and I was real active in the classic ASP section of the SitePoint Forums. I was still learning and one day one of my larger sites was hacked, like all the information was wiped out and ‘you’ve been hacked’ messages everywhere and I couldn’t for the life of me figure out why, and that’s the day I learned about SQL injection and I had this thread I bookmarked and I look at it maybe once a year because it brings back some, well, not great memories but memories nonetheless. And that was literally people in the forums walking me through. This is SQL injection, you’re not validating anything you’re doing in your queries. So ever since that day that’s always been a really key aspect of anything I develop is to make sure that it’s — the input is validated as absolutely tight as it can be.
布拉德:对我来说,我无疑会说输入验证。 我的意思是,如果您不对数据库中的任何类型的用户输入进行清理,您只是在请求SQL注入。 这是我回想起的一件事,那是我学习经典ASP的时候,我非常活跃于SitePoint论坛的经典ASP部分。 我仍在学习,有一天,我的一个较大的站点被黑了,就像所有信息都被清除掉了,到处都是“您已被黑”的消息一样,我无法一生找出原因,那一天我了解了SQL注入,并为该线程添加了书签,并且我可能每年检查一次,因为它带回了一些美好的回忆,但不是美好的回忆。 从字面上看,论坛上的人都引导我通过。 这是SQL注入,您无需验证查询中正在执行的任何操作。 因此,从那天起,我开发的任何东西一直都是一个真正关键的方面,就是要确保它是正确的-输入信息经过绝对严格的验证。
Patrick: That sounds like a scavenger hunt idea for SitePoint Podcast listeners, find that thread and put it in the comments (laughs).
帕特里克(Patrick):这听起来像是SitePoint Podcast侦听器的拾荒者想法,找到该线程并将其放入评论中(笑)。
Brad: It’s out there. It’s probably from like 2001, 2002 maybe.
布拉德:就在那里。 大概是2001年或2002年。
Patrick: No, no hints!
帕特里克:不,没有提示!
Brad: Oh, sorry, it’s out there.
布拉德:哦,对不起,它在那里。
Patrick: Okay, well, there you go.
帕特里克:好吧,那你去了。
Kevin: Stephan, what do you think?
凯文:斯蒂芬,你怎么看?
Stephan: Oh, I have to agree with Brad. I don’t think any of the others, I mean they’re mistakes but I wouldn’t say they’re catastrophic like Input Validation, lack of Input Validation. I mean I agree with Brad, it’s the worst thing you can do.
斯蒂芬:哦,我必须同意布拉德。 我不认为其他任何人都是错误的,但我不会说它们是灾难性的,例如输入验证,缺少输入验证。 我是说我同意布拉德,这是你最糟糕的事情。
Patrick: Third it. Third it, Kevin, third it.
帕特里克:第三。 第三,凯文,第三。
Kevin: Oh, yeah, you think Input Validation as well. Well, I’m not sure Input Validation qualifies as a MySQL mistake, to be honest.
凯文:哦,是的,您也认为输入验证。 好吧,老实说,我不确定输入验证是否等同于MySQL错误。
Stephan: Oh, come on, semantics.
史蒂芬:哦,来吧,语义。
Brad: Oh, boy, is this a trick question? He totally set us up for this one.
布拉德:哦,男孩,这是一个棘手的问题吗? 他完全为我们做好了准备。
Kevin: (Laughs)
凯文:(笑)
Patrick: You have access to the SitePoint backend, edit the poll. No, I’m just kidding.
帕特里克:您可以访问SitePoint后端,编辑投票。 不,我只是在开玩笑。
Kevin: Yeah, I could, I could. Well, yeah, you know what I mean though; Input Validation is something that you do at the level of your scripting language before you get to your database. And, yeah, I would totally agree that if we’re just talking about problems you can make in web development not validating your input is a pretty huge one, and you end up in the front page of TechCrunch just like Google did this week because people discover ways to insert stuff into your site that you didn’t intend them to or you didn’t expect them to, and often to catastrophic results. But, yeah, I’d call that a scripting issue whereas some of the other ones, Innodb of course is the preferred database engine for use with MySQL these days but it’s not the default. When you first set up MySQL by default if you create a new table and you don’t tell it what type of engine to use it’s gonna use the older MyISAM engine which is really fast for doing select queries on just out of the box, just raw select query performance is really good, but as soon as your queries get complicated or you’re doing a lot of writes into your database things slow down, especially because MyISAM doesn’t support this thing called row-level locking where it’s able to be writing one record in the table while selecting another part of the table. And those sort of high tech features are what make Innodb in practice perform a lot better, and so yeah, we several times have accidentally broken our MySQL configuration and we’ve wondered why a particular application has suddenly slowed to a crawl and it’s because the session table that’s getting updated for every single page request on our site is a MyISAM table all of a sudden, it slows right down.
凯文:是的,我可以,我可以。 好吧,是的,你知道我的意思。 输入验证是在进入数据库之前在脚本语言级别进行的操作。 而且,是的,我完全同意,如果我们只是在谈论您可能会在Web开发中遇到的问题,那么不验证您的输入内容就是一个巨大的问题,您最终会像本周Google一样进入TechCrunch的首页,因为人们发现了将内容插入到您不希望或不想得到的内容中的方法,并且常常会导致灾难性的结果。 但是,是的,我将其称为脚本问题,而在其他一些问题中,Innodb当然是如今与MySQL一起使用的首选数据库引擎,但这并不是默认的。 默认情况下,当您第一次默认创建MySQL时,如果您创建一个新表并且不告诉它使用哪种类型的引擎,它将使用较旧的MyISAM引擎,该引擎对于开箱即用地进行选择查询确实非常快。原始选择查询性能确实很好,但是一旦查询变得复杂或对数据库执行大量写入操作,速度就会降低,尤其是因为MyISAM不支持这种称为行级锁定的功能在选择表的另一部分时在表中写入一条记录。 这些高科技功能使Innodb在实践中表现更好,所以是的,我们几次不小心破坏了MySQL的配置,我们想知道为什么特定的应用程序突然变慢了爬行的速度,这是因为我们网站上针对每个页面请求而更新的会话表突然变成了MyISAM表,它的运行速度变慢了。
Patrick: So what you’re saying is that it’s not a fair fight here, it’s not a fair fight, because one of them essentially allowing people to execute whatever they want on your website.
帕特里克:所以您要说的是,这不是公平竞争,不是公平竞争,因为其中之一本质上允许人们执行您想要在您的网站上执行的任何操作。
Kevin: Yeah, yeah.
凯文:是的,是的。
Patrick: It will always sink the boat.
帕特里克:它将永远沉没在船上。
Kevin: PDO and MySQLI, those are features of PHP that make dealing with a MySQL database better, they’re a more modern API, and so I’d say yeah you probably should be using something like that, but it’s not a huge deal if you don’t. UTF-8 just means that you’re accommodating larger numbers of characters and storing them properly in your database whereas, again, the default that you get out of the box with MySQL is they use Latin-1 character set that’s not aware of these things like curly quotes and things like that, and so when those get stored in the database they get stored and retrieved correctly but your database doesn’t know what it’s dealing with so it’s not an ideal situation. Let’s take a look at the results here and, well, it looks like the SitePoint Community agrees with you guys because Input Validation has won with 58% of the vote, Innodb 12%, PDO and MySQLI 12% and UTF8 18%. But, yeah, it looks like no one cares about semantics (laughter), Input Validation is a big enough problem that if you have that problem it’s a problem across everything you do. Alright, Input Validation wins. Validate your input boys and girls.
凯文: PDO和MySQLI,这些都是PHP的功能,它们使与MySQL数据库的处理变得更好,它们是更现代的API,所以我想是的,您可能应该使用类似的东西,但是这没什么大不了的如果不这样做。 UTF-8只是意味着您要容纳大量字符并将它们正确存储在数据库中,而MySQL再次默认提供的默认设置是它们使用的Latin-1字符集不知道这些内容例如卷曲引号和类似的东西,因此当它们被存储在数据库中时,它们将被正确地存储和检索,但是您的数据库不知道它在处理什么,所以这不是理想的情况。 让我们看一下这里的结果,好吧,SitePoint社区似乎也同意你们的看法,因为输入验证赢得了58%的选票,Innodb 12%,PDO和MySQLI 12%以及UTF8 18%的选票。 但是,是的,似乎没人在乎语义(笑声),输入验证是一个足够大的问题,如果您遇到该问题,那么在您所做的所有事情中都会遇到问题。 好的,输入验证成功。 验证输入的男孩和女孩。
Why aren’t tool tips triggered by the keyboard? This is a question raised by James Edwards, a frequent blogger for sitepoint, and he’s well known as an accessibility guru. And he is wondering out loud in this blog post on sitepoint whether the tool tips you see when you hover over things with your mouse should also appear when you tab to them with your keyboard. What do you think guys?
为什么工具提示不是由键盘触发的? 这是sitepoint的经常博客作者James Edwards提出的一个问题,他是知名的无障碍专家。 他在sitepoint上的此博客文章中大声地想知道,当您使用鼠标悬停在鼠标上方时,您看到的工具提示是否还会出现在您使用键盘将其切换至鼠标时。 你们觉得怎么样?
Patrick: I don’t really tab to things with my keyboard except to text fields so it’s not really an experience that I have thought of.
帕特里克(Patrick):除了文本字段外,我没有真正使用键盘进行切换的功能,因此这并不是我真正想到的体验。
Kevin: Well, this is something that you could definitely do. If you put a title attribute on the fields in your form you could have these sort of pop-up tool tips that assist you with filling in those fields, but I guess no one does those because generally people don’t hover their mouse over their form fields, they tab to them or they click on them to give them focus and then they start typing. So I guess what he’s suggesting, especially for keyboard users who would want to be able to access things like tool tips on links and stuff like that, that you would put again with a title attribute, currently there’s no way of doing that, right now you have to hover with the mouse if you want to get that information. And, yeah, I guess he’s wondering if those tool tips would be improved, would be made more functional, more accessible if browsers displayed them when you tabbed to things. Obviously, yeah, Patrick if you’re a mouse user, and I guess most people are, you would never see them then, at least not from keyboard focus, you’d still see them from mousing around. So I guess what you’re saying is they wouldn’t get in your way if they did?
凯文:嗯,这绝对是您可以做的。 如果将title属性放在表单的字段中,则可以使用此类弹出工具提示来帮助您填写这些字段,但是我想没人会这样做,因为通常人们不会将鼠标悬停在其上方表单字段时,可以使用它们进行制表,也可以单击以使其具有焦点,然后开始输入。 因此,我猜想他的建议是,特别是对于希望能够访问诸如链接上的工具提示之类的东西的键盘用户,以及诸如此类的东西,您将再次添加title属性,目前无法做到这一点。如果要获取该信息,则必须用鼠标悬停。 而且,是的,我想他想知道这些工具提示是否会得到改进,如果您在点按内容时浏览器显示它们,它们是否将变得功能更强大,更易访问。 显然,是的,帕特里克(Patrick),如果您是鼠标用户,并且我想大多数人都是这样,那么您将永远看不到它们,至少从键盘焦点上看不到它们,您仍然会从鼠标周围看到它们。 因此,我想您是在说什么,否则他们不会妨碍您?
Stephan: It doesn’t affect me either way, right, if I’m using my keyboard I don’t usually tab through a website. I’m on the SitePoint page and it takes me forever just to get to what I want if I’m tabbing.
史蒂芬(Stephan):这两种方式都不会影响我,对,如果我使用键盘,通常不会在网站上切换。 我在SitePoint页面上,如果我进行制表,花了我很长时间才能到达想要的位置。
Kevin: Yeah, yeah. Definitely.
凯文:是的,是的。 绝对是
Brad: Yeah, I’m kind of, I mean I’m the same way, I’m a mouse user certainly, but I’m kind of of the habit if there’s something, a button or whatever on a site and I’m curious if it has more information I usually just hover it to see if there is more, and a lot of times there is these days, so it’s kind of become a habit that if I’m looking for more information I’ll hover whatever that item is and see what pops up.
布拉德:是的,我的意思是,我的意思是一样的,我当然是鼠标用户,但是如果站点上有东西,按钮或其他东西,我是一种习惯,而我我很好奇它是否有更多信息,我通常只是将其悬停以查看是否有更多信息,而且这些日子很多时候都在出现,所以这是一种习惯,如果我正在寻找更多信息,我会悬停任何信息该项目是,看看弹出。
Kevin: This of course is an accessibility issue because there are users out there who for whatever reason have motor impairments and they can’t use a mouse and so they use a keyboard or sometimes even like a wand that they hold in the mouth that they then tap the keyboard keys with, and therefore they are entirely interacting with the Web through the keyboard. And browsers like Opera especially have an especially good support for keyboard navigation, but all browsers these days have at least basic support of tabbing through all of the elements, or all of the clickable elements in the page anyway, and allowing you to focus them one at a time and then interact with them. On the surface I think it would seem like having the tool tips appear on keyboard focus would be a good thing for these types of users, it would improve the accessibility of the information that you probably couldn’t get at otherwise if you weren’t a mouse user. But when I was thinking about this it occurred to me that even if you are a mouse user and you don’t tab around the page you still do move keyboard focus around the page, so as you said, Patrick, if you click in a form field you are effectively doing the same thing as someone who would tab to that form field, you’re giving it keyboard focus. And if at that point the browser went, oh, he’s put keyboard focus on that field, I’m going to display the tool tip, I’m not sure that would be ideal, that tool tip might cover some other label or some other part of the page that you were referring to when you wanted to fill in that form field and that wouldn’t be too great.
凯文:这当然是一个可访问性问题,因为那里的用户出于某种原因会出现运动障碍,并且无法使用鼠标,因此会使用键盘,有时甚至会像魔杖一样握在嘴里,然后使用敲击键盘按键,因此它们完全通过键盘与Web交互。 而且,像Opera这样的浏览器尤其对键盘导航提供了特别良好的支持,但是如今,所有浏览器至少都具有基本的支持,即可以逐页浏览页面中的所有元素或所有可单击的元素,并允许您将它们集中于一个一次与他们互动。 从表面上看,我认为对于这些类型的用户来说,使工具提示出现在键盘焦点上似乎是一件好事,它将改善您可能无法获得的信息的可访问性。鼠标用户。 但是,当我考虑到这一点时,我想到即使您是鼠标用户并且没有在页面上切换,您仍然会在页面上移动键盘焦点,因此正如您所说,Patrick,如果您单击表单字段实际上是在与将选项卡切换到该表单字段的某人做相同的事情,您将键盘焦点赋予了它。 如果那时候浏览器运行了,哦,他将键盘焦点放在了该字段上,那么我将显示工具提示,我不确定是否理想,该工具提示可能会覆盖其他标签或其他标签当您要填写该表单字段时所指的页面的一部分,那不会太好。
Patrick: Right, yeah, that’s a good point. I was thinking about that but I guess I was thinking of like when I mouse over something and a tool tip pops up it doesn’t steal focus, but I mean if it did steal focus that would be an issue obviously.
帕特里克:对,是的,这很重要。 我当时在想,但我想我想的是,当我将鼠标悬停在某个东西上并且弹出一个工具提示时,它并不会失去焦点,但是我的意思是,如果它确实窃取了焦点,那显然是个问题。
Kevin: The other thing that I thought is sometimes, I don’t know if you guys do this, but sometimes a form is really complicated and you’re not really sure what the difference between two fields are, and so you might want to have your keyboard focus in one field but go and check the tool tip that’s applied to another field. I know we’re splitting hairs now, but this is like the more I think about it the less easy a problem this is to solve and I guess that’s why browsers still haven’t implemented a way to access tool tips using the keyboard. I bet Opera could figure out a way though, it seems like Opera always leads the way with these kinds of features, the slight accessibility refinements that push the Web forward into slightly more polished territory. These obscure things that the majority of users would never even notice or care about, it seems like Opera tends to be the browser that sweats those details.
凯文:我想过的另一件事是,有时我不知道你们是否这样做,但是有时表格真的很复杂,您不确定两个字段之间的区别是什么,所以您可能想将您的键盘焦点放在一个字段上,但是去检查应用于另一个字段的工具提示。 I know we're splitting hairs now, but this is like the more I think about it the less easy a problem this is to solve and I guess that's why browsers still haven't implemented a way to access tool tips using the keyboard. I bet Opera could figure out a way though, it seems like Opera always leads the way with these kinds of features, the slight accessibility refinements that push the Web forward into slightly more polished territory. These obscure things that the majority of users would never even notice or care about, it seems like Opera tends to be the browser that sweats those details.
Well, I like James Edwards’ blog posts on this sort of stuff because there’s always great food for thought. This thing that we take for granted about how the Web works you realize wow, yeah, there’s a whole class of people out there that they’d never be able to see the tool tips in a page.
Well, I like James Edwards' blog posts on this sort of stuff because there's always great food for thought. This thing that we take for granted about how the Web works you realize wow, yeah, there's a whole class of people out there that they'd never be able to see the tool tips in a page.
Patrick: And now our story that helps grow our listener base.
Patrick: And now our story that helps grow our listener base.
Kevin: (Laughs) Oh, it’s the Internet Explorer story.
Kevin: (Laughs) Oh, it's the Internet Explorer story.
Brad: Yeah, there’s trouble afoot, or allegations afoot I should say that Internet Explorer 9, which is still in Beta, might have cheated a little bit or maybe fudged some numbers on the SunSpider JavaScript Benchmark Test, which is becoming one of the standard tests to kind of benchmark a browser JavaScript engine. So Rob Sayre, a Mozilla engineer, which is kind of interesting, first discovered this and he says IE might be cheating. He noticed that Internet Explorer 9 was around 10 times faster than all the other browsers he tested in a particular test which is the math quartic test. So what he did is he made a few modifications to that section of the test, and one was by adding a true value and by adding a return value which essentially do nothing just to see what would happen. And after he made that change it took Internet Explorer 9 twenty times longer to run the two new tests versus the original which was a big red flag on why would adding two things that virtually do nothing increase it to 20 milliseconds versus one millisecond on that test.
Brad: Yeah, there's trouble afoot, or allegations afoot I should say that Internet Explorer 9, which is still in Beta, might have cheated a little bit or maybe fudged some numbers on the SunSpider JavaScript Benchmark Test , which is becoming one of the standard tests to kind of benchmark a browser JavaScript engine. So Rob Sayre, a Mozilla engineer, which is kind of interesting, first discovered this and he says IE might be cheating. He noticed that Internet Explorer 9 was around 10 times faster than all the other browsers he tested in a particular test which is the math quartic test. So what he did is he made a few modifications to that section of the test, and one was by adding a true value and by adding a return value which essentially do nothing just to see what would happen. And after he made that change it took Internet Explorer 9 twenty times longer to run the two new tests versus the original which was a big red flag on why would adding two things that virtually do nothing increase it to 20 milliseconds versus one millisecond on that test.
Kevin: Especially since Google Chrome and Opera, which he also did the same tests with, they as you would expect showed very minimal differences in the timing when he made those changes to the code.
Kevin: Especially since Google Chrome and Opera, which he also did the same tests with, they as you would expect showed very minimal differences in the timing when he made those changes to the code.
Brad: As they should. I mean you know adding two lines of code that essentially do nothing, or they were two separate tests but changing a little bit in each test that basically does nothing should have little to no effect on the runtime, but it had a major effect on Internet Explorer 9 which raised some flags. But Microsoft actually came out and they kind of explained what happened and they’re blaming this on what they called Dead Code Elimination. And they actually explained it pretty well, I was reading a few different posts, so from the Internet Explorer Blog they explained, “Dead code elimination optimizations look for code that has no effect on a running program and removes the code from the program. This has the benefit of both reducing the size of the compiled program in memory and running the program faster. And essentially the benchmark test is an expensive loop that essentially does nothing.” And so what they’re saying is IE9 actually recognizes that, rips out all the code that does nothing, which is pretty much the test, and that’s why it’s running 20 times faster than all the other browsers, so that’s Microsoft’s answer.
Brad: As they should. I mean you know adding two lines of code that essentially do nothing, or they were two separate tests but changing a little bit in each test that basically does nothing should have little to no effect on the runtime, but it had a major effect on Internet Explorer 9 which raised some flags. But Microsoft actually came out and they kind of explained what happened and they're blaming this on what they called Dead Code Elimination. And they actually explained it pretty well, I was reading a few different posts, so from the Internet Explorer Blog they explained, “Dead code elimination optimizations look for code that has no effect on a running program and removes the code from the program. This has the benefit of both reducing the size of the compiled program in memory and running the program faster. And essentially the benchmark test is an expensive loop that essentially does nothing.” And so what they're saying is IE9 actually recognizes that, rips out all the code that does nothing, which is pretty much the test, and that's why it's running 20 times faster than all the other browsers, so that's Microsoft's answer.
Kevin: So whether it was malicious, or—I’m not sure if malicious is the right word. Whether they were knowingly being duplicitous or not they are admitting that Internet Explorer 9 kills on this particular benchmark simply by recognizing that it’s not worth running and not running it at all. So it sees this code it goes, oh, that code doesn’t do anything useful, I’m just gonna skip it, and that’s how it kills at this benchmark. So they’re basically saying that if you want meaningful performance results you need to write a better benchmark. But, looking at the discussion that went on on Hacker News around this it seems like, I don’t know, they’re calling it into question a bit. For example, the dead code in question is a for loop in the test, and someone on Hacker News just rewrote that code as a while loop, which if you know your JavaScript you know that a for loop is just a fancy way of expressing a while loop with a counter variable in it most of the time. And so re-expressing it as a while loop doesn’t change the meaning of the code, doesn’t change what the code does, in fact, the internal representation of that code by the browser should be pretty much the same. And yet, just making that change from a for loop to a while loop is enough to fool Internet Explorer into not recognizing that the code is dead and running it. And so what the skeptics are saying is that, Microsoft your “dead code elimination”, is oddly specific to the exact code that was used in this benchmark. It’s as if their dead code elimination was written specifically to eliminate tests from this particular benchmark, not from real world code. What do you think, Brad, do you buy Microsoft’s story?
Kevin: So whether it was malicious, or—I'm not sure if malicious is the right word. Whether they were knowingly being duplicitous or not they are admitting that Internet Explorer 9 kills on this particular benchmark simply by recognizing that it's not worth running and not running it at all. So it sees this code it goes, oh, that code doesn't do anything useful, I'm just gonna skip it, and that's how it kills at this benchmark. So they're basically saying that if you want meaningful performance results you need to write a better benchmark. But, looking at the discussion that went on on Hacker News around this it seems like, I don't know, they're calling it into question a bit. For example, the dead code in question is a for loop in the test, and someone on Hacker News just rewrote that code as a while loop, which if you know your JavaScript you know that a for loop is just a fancy way of expressing a while loop with a counter variable in it most of the time. And so re-expressing it as a while loop doesn't change the meaning of the code, doesn't change what the code does, in fact, the internal representation of that code by the browser should be pretty much the same. And yet, just making that change from a for loop to a while loop is enough to fool Internet Explorer into not recognizing that the code is dead and running it. And so what the skeptics are saying is that, Microsoft your “dead code elimination”, is oddly specific to the exact code that was used in this benchmark. It's as if their dead code elimination was written specifically to eliminate tests from this particular benchmark, not from real world code. What do you think, Brad, do you buy Microsoft's story?
Brad: I want to, but at the end of the day it’s Microsoft.
Brad: I want to, but at the end of the day it's Microsoft.
Patrick: Sure you do, Brad, sure you do. You really want to; I can see you falling over yourself.
Patrick: Sure you do, Brad, sure you do. You really want to; I can see you falling over yourself.
Kevin: (Laughs)
凯文:(笑)
Brad: Hey, you know what, I’m a huge supporter of Windows 7 so nobody can say I hate everything Microsoft.
Brad: Hey, you know what, I'm a huge supporter of Windows 7 so nobody can say I hate everything Microsoft.
Patrick: Oh! A long-time supporter.
Patrick: Oh! A long-time supporter.
Brad: Long-time supporter from day one, so I want to believe them, you know, who knows, it’s a Beta, I think it’s one of these things that’ll go back and forth and when the final version comes out we’ll see where it’s at. It’s hard to say, it is kind of interesting that all these different changes they’re making and it’s spitting back quite a bit different results, but it’s a Beta at the end of the day, so maybe there are some bugs in this dead code elimination process.
Brad: Long-time supporter from day one, so I want to believe them, you know, who knows, it's a Beta, I think it's one of these things that'll go back and forth and when the final version comes out we'll see where it's at. It's hard to say, it is kind of interesting that all these different changes they're making and it's spitting back quite a bit different results, but it's a Beta at the end of the day, so maybe there are some bugs in this dead code elimination process.
Patrick: I wish Microsoft would’ve just come out with some swagger on this and not even gave an explanation and just said, you know what, this is us saying take your benchmark and shove it, it means nothing and just throw some swagger on this thing and sound really cool going about it but, no, they have to have an explanation.
Patrick: I wish Microsoft would've just come out with some swagger on this and not even gave an explanation and just said, you know what, this is us saying take your benchmark and shove it, it means nothing and just throw some swagger on this thing and sound really cool going about it but, no, they have to have an explanation.
Kevin: I don’t think Microsoft can afford much swagger with web developers these days.
Kevin: I don't think Microsoft can afford much swagger with web developers these days.
Stephan: I love a good conspiracy theory.
Stephan: I love a good conspiracy theory.
Kevin: Yeah?
Kevin: Yeah?
Stephan: Yeah, this is enjoyable.
Stephan: Yeah, this is enjoyable.
Kevin: What I like is that the numbers that were revealed show the true performance though. If the dead code elimination renders this particular benchmark the results meaningless, well, then by simply adding those bits and pieces that do nothing and then running that code again across all the browsers, the table of results in the story here tell the story, which is that as of right now Google Chrome and Opera are still faster browsers than Internet Explorer on this particular test. With the extra do-nothing code added Google Chrome passes the test in about 9 ½ seconds, Opera runs the test in about 7.9 seconds, sorry, not seconds, milliseconds, and Internet Explorer is way up at 20 milliseconds. So, it’s true that whether intentionally or not the dead code elimination here is making it appear like Internet Explorer runs faster on this test when in fact it runs slower. How much these tests have to do with real world performance is the big question, and if Microsoft wrote a big article about dead code elimination and how it actually sped things up in the real world that’s something I’d be really interested to see because if they can get more performance out of their browser by skipping code that doesn’t need to be run, if they detect that code in the real world even though the code they do is run more slowly, then great, that’s a valid approach I’d say.
Kevin: What I like is that the numbers that were revealed show the true performance though. If the dead code elimination renders this particular benchmark the results meaningless, well, then by simply adding those bits and pieces that do nothing and then running that code again across all the browsers, the table of results in the story here tell the story, which is that as of right now Google Chrome and Opera are still faster browsers than Internet Explorer on this particular test. With the extra do-nothing code added Google Chrome passes the test in about 9 ½ seconds, Opera runs the test in about 7.9 seconds, sorry, not seconds, milliseconds, and Internet Explorer is way up at 20 milliseconds. So, it's true that whether intentionally or not the dead code elimination here is making it appear like Internet Explorer runs faster on this test when in fact it runs slower. How much these tests have to do with real world performance is the big question, and if Microsoft wrote a big article about dead code elimination and how it actually sped things up in the real world that's something I'd be really interested to see because if they can get more performance out of their browser by skipping code that doesn't need to be run, if they detect that code in the real world even though the code they do is run more slowly, then great, that's a valid approach I'd say.
Stephan: Yeah, because I always put empty for loops in my code.
Stephan: Yeah, because I always put empty for loops in my code.
Kevin: (Laughs) Yes, point taken, that’s the big question I have, whether this has anything to do with real world code.
Kevin: (Laughs) Yes, point taken, that's the big question I have, whether this has anything to do with real world code.
So let’s talk about the real world with our host spotlights, these are things that we look at every show that we four hosts have noticed in the real world that we think are worth your attention. Brad, why don’t you start us off.
So let's talk about the real world with our host spotlights, these are things that we look at every show that we four hosts have noticed in the real world that we think are worth your attention. Brad, why don't you start us off.
Brad: Sure. My Host Spotlight is a website called Min.us. And I love domains like this, I don’t know why but they’re catchy. And basically it’s probably the simplest photo sharing site I’ve ever seen. And I like photo sharing sites, everyone’s very social, we’re always sharing photos, so the easier you can make it on me the better, and literally you load this site up and it says just drag pictures onto the page. So you can drag one picture, you can drag 50 pictures and drop them in your browser and it will load them all up into a little gallery, it’ll give you sharing links for each individual image as well as the gallery, it will give you a zip download link, it’s really cool and it couldn’t be easier. So it just popped up a month or two ago and I just got wind of it the other day, but it’s a pretty slick little app.
布拉德:好的。 My Host Spotlight is a website called Min.us . And I love domains like this, I don't know why but they're catchy. And basically it's probably the simplest photo sharing site I've ever seen. And I like photo sharing sites, everyone's very social, we're always sharing photos, so the easier you can make it on me the better, and literally you load this site up and it says just drag pictures onto the page. So you can drag one picture, you can drag 50 pictures and drop them in your browser and it will load them all up into a little gallery, it'll give you sharing links for each individual image as well as the gallery, it will give you a zip download link, it's really cool and it couldn't be easier. So it just popped up a month or two ago and I just got wind of it the other day, but it's a pretty slick little app.
Kevin: It seems like they’d have to have some sort of limits to keep you from putting your whole 50 gigabyte photo library on there.
Kevin: It seems like they'd have to have some sort of limits to keep you from putting your whole 50 gigabyte photo library on there.
Brad: Yeah, I would imagine. I wasn’t one of those guys that dropped 10 gigs worth of photos to see what happens, but I’m sure someone’s tried it so I would imagine there’s some type of limits.
Brad: Yeah, I would imagine. I wasn't one of those guys that dropped 10 gigs worth of photos to see what happens, but I'm sure someone's tried it so I would imagine there's some type of limits.
Kevin: Very slick though. Stephan what have you got?
Kevin: Very slick though. Stephan what have you got?
Stephan: Well, I’ve been a big Instapaper supporter on this show.
Stephan: Well, I've been a big Instapaper supporter on this show.
Kevin: Oh, yes, you and me both.
Kevin: Oh, yes, you and me both.
Stephan: But I was reading Marco’s blog and he has a really write-up on how he’s doing his backups for Instapaper and his method for backing up his code and the database, and I thought the database portion was relevant to the show just because we were talking about MySQL just a minute ago and his database method uses MySQL replication and it writes the binary log, which is a feature—I don’t know how many people are familiar out there with this feature—but it contains the events that happen to the database and you can go back to these events and bring, if someone destructively inserts or deletes from the table, we can go back and look at the events and rebuild the database based on those events. So he goes through this process and it’s really neat, it’s a good read if you’re a database developer or a MySQL/PHP guy.
Stephan: But I was reading Marco's blog and he has a really write-up on how he's doing his backups for Instapaper and his method for backing up his code and the database, and I thought the database portion was relevant to the show just because we were talking about MySQL just a minute ago and his database method uses MySQL replication and it writes the binary log, which is a feature—I don't know how many people are familiar out there with this feature—but it contains the events that happen to the database and you can go back to these events and bring, if someone destructively inserts or deletes from the table, we can go back and look at the events and rebuild the database based on those events. So he goes through this process and it's really neat, it's a good read if you're a database developer or a MySQL/PHP guy.
Kevin: Yeah. This is something we talked about I think was it the Magnolia Bookmark sharing service when they lost their database and we said it would be great if more web services were public about their backup strategies. This is exactly what I had in mind when we were talking about that.
凯文:是的。 This is something we talked about I think was it the Magnolia Bookmark sharing service when they lost their database and we said it would be great if more web services were public about their backup strategies. This is exactly what I had in mind when we were talking about that.
Stephan: Yeah, I mean this is a good strategy for sites where you can have a master and a slave database, I think this is really cool to have.
Stephan: Yeah, I mean this is a good strategy for sites where you can have a master and a slave database, I think this is really cool to have.
Kevin: Patrick, what do you got for us?
Kevin: Patrick, what do you got for us?
Patrick: So my Spotlight is a blog post by Jay Baer over at convinceandconvert, and the post is called Why You Need to Open the Kimono in Social Media. And my favorite part of the post, the part I want to highlight are the two videos in it. So what happened was the Boston Bruins they’re a hockey team in the NHL, National Hockey League, here in the U.S. and there are teams from Canada as well, and someone posted a video online, about a 20 second video, and it was of a Bruins fan I guess, they were dressed as a Bruins fan, damaging a portion of the restroom where the Bruins play their games, basically kicking a pillar and it becoming a hole, and it looks like they hurt themselves and basically they’re damaging property. And they posted this online; you can’t really see their faces very much.
Patrick: So my Spotlight is a blog post by Jay Baer over at convinceandconvert, and the post is called Why You Need to Open the Kimono in Social Media . And my favorite part of the post, the part I want to highlight are the two videos in it. So what happened was the Boston Bruins they're a hockey team in the NHL, National Hockey League, here in the US and there are teams from Canada as well, and someone posted a video online, about a 20 second video, and it was of a Bruins fan I guess, they were dressed as a Bruins fan, damaging a portion of the restroom where the Bruins play their games, basically kicking a pillar and it becoming a hole, and it looks like they hurt themselves and basically they're damaging property. And they posted this online; you can't really see their faces very much.
Kevin: It’s like a security camera video?
Kevin: It's like a security camera video?
Patrick: Two people, one person kicking something and one person recording it, so it’s amateur footage, right, so what happened, the cool part of this, the funny part, is you have to check out the second video because the Bruins actually put out a response video to this video of someone damaging their property. And if you haven’t followed their Bruins Hockey Rules campaign, basically they have a — their mascot is a bear, a Bruin, and so they have a person in a bear suit who has been in their commercials and online and I think on television as well giving the rules of being a Bruins fan and rooting for the team. So, in this particular video the bear is fixing the hole and patching it, and I don’t want to give it away because I can’t do it justice but it’s a short clip, the sound in it and the whole thing, it’s excellent, it’s really cool, it’s really funny and probably maybe the most interesting thing is that they turned it around in 18 hours. So they recorded this video, they shot it, the edited it, they got approval for it, they got it online in 18 hours, and I think it’s a great example of an organization using kind of the Internet and social media to generate and positive buzz and respond to something and just get the name out there. So it’s a really funny video, definitely check it out.
Patrick: Two people, one person kicking something and one person recording it, so it's amateur footage, right, so what happened, the cool part of this, the funny part, is you have to check out the second video because the Bruins actually put out a response video to this video of someone damaging their property. And if you haven't followed their Bruins Hockey Rules campaign, basically they have a — their mascot is a bear, a Bruin, and so they have a person in a bear suit who has been in their commercials and online and I think on television as well giving the rules of being a Bruins fan and rooting for the team. So, in this particular video the bear is fixing the hole and patching it, and I don't want to give it away because I can't do it justice but it's a short clip, the sound in it and the whole thing, it's excellent, it's really cool, it's really funny and probably maybe the most interesting thing is that they turned it around in 18 hours. So they recorded this video, they shot it, the edited it, they got approval for it, they got it online in 18 hours, and I think it's a great example of an organization using kind of the Internet and social media to generate and positive buzz and respond to something and just get the name out there. So it's a really funny video, definitely check it out.
Kevin: Amazing. If you haven’t listened to Podcast 88 we have our interview with Jay Baer and Amber Naslund, the co-authors of The Now Revolution book, and yeah, we talked with them for several minutes at BlogWorld Expo and that’s a great interview worth checking out if you want to hear more stuff along these lines.
Kevin: Amazing. If you haven't listened to Podcast 88 we have our interview with Jay Baer and Amber Naslund, the co-authors of The Now Revolution book , and yeah, we talked with them for several minutes at BlogWorld Expo and that's a great interview worth checking out if you want to hear more stuff along these lines.
Patrick: That’s a good mind there, Kevin, I totally forgot about that.
Patrick: That's a good mind there, Kevin, I totally forgot about that.
Kevin: repeatxrepeaty is my Spotlight. This is just a site that has tiled patterns that you can use for whatever you want, and it’s just a bunch of different artists, digital artists, have submitted these patterns for free use, and some of them are really kind of slick. If you want to go back to the heyday of desktop backgrounds that were repeating patterns you can do it in style using these, but I think also just as kind of a snappy background to start with if you’re building, you know, designing your personal site. I’ve seen a couple of websites out there that use some of these patterns and they do look really slick. The site itself is just a bunch of thumbnails of these patterns but you can click on any one of them and get a preview of what it looks like tiled, and yeah, just a really nice resource if you want, if you need something stylish to start with, a bit of graphical inspiration, head over to repeatxrepeaty and check it out.
Kevin: repeatxrepeaty is my Spotlight. This is just a site that has tiled patterns that you can use for whatever you want, and it's just a bunch of different artists, digital artists, have submitted these patterns for free use, and some of them are really kind of slick. If you want to go back to the heyday of desktop backgrounds that were repeating patterns you can do it in style using these, but I think also just as kind of a snappy background to start with if you're building, you know, designing your personal site. I've seen a couple of websites out there that use some of these patterns and they do look really slick. The site itself is just a bunch of thumbnails of these patterns but you can click on any one of them and get a preview of what it looks like tiled, and yeah, just a really nice resource if you want, if you need something stylish to start with, a bit of graphical inspiration, head over to repeatxrepeaty and check it out.
And that brings this show to an end. Guys, let’s go around the tables.
And that brings this show to an end. Guys, let's go around the tables.
Brad: I’m Brad Williams from webdevstudios and you can track me down on Twitter @williamsba.
Brad: I'm Brad Williams from webdevstudios and you can track me down on Twitter @williamsba .
Patrick: I’m Patrick O’Keefe of the iFroggy Network, I blog at managingcommunities, find me on Twitter @iFroggy, i-f-r-o-g-g-y.
Patrick: I'm Patrick O'Keefe of the iFroggy Network, I blog at managingcommunities , find me on Twitter @iFroggy , ifroggy.
Stephan: I’m Stephan Segraves, I blog about getting groped by the TSA at badice (laughter) and you can find me on Twitter @ssegraves.
Stephan: I'm Stephan Segraves, I blog about getting groped by the TSA at badice (laughter) and you can find me on Twitter @ssegraves .
Kevin: That’s a booming business that TSA blogging at the moment.
Kevin: That's a booming business that TSA blogging at the moment.
Patrick: They may need to dedicate a domain name for that one.
Patrick: They may need to dedicate a domain name for that one.
Kevin: Yeah, gropedbythetsa, get it now. You can follow me on Twitter @sentience, and follow SitePoint on Twitter @sitepointdotcom, that’s sitepoint d o t c o m. Visit us at sitepoint/podcast to leave comments on this show and to subscribe to receive every show automatically. The SitePoint Podcast is produced by Carl Longnecker and I’m Kevin Yank, thanks for listening. Bye, bye.
Kevin: Yeah, gropedbythetsa, get it now. You can follow me on Twitter @sentience , and follow SitePoint on Twitter @sitepointdotcom , that's sitepoint dotco m. 请访问sitepoint/podcast访问我们,以对该节目发表评论并订阅以自动接收每个节目。 The SitePoint Podcast is produced by Carl Longnecker and I'm Kevin Yank, thanks for listening. Bye, bye.
Theme music by Mike Mella.
Theme music by Mike Mella .
Thanks for listening! Feel free to let us know how we’re doing, or to continue the discussion, using the comments field below.
Thanks for listening! Feel free to let us know how we're doing, or to continue the discussion, using the comments field below.
翻译自: /
本文发布于:2024-01-31 13:29:44,感谢您对本站的认可!
本文链接:https://www.4u4v.net/it/170667898528872.html
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。
| 留言与评论(共有 0 条评论) |
