Tornado Basic and Demo

Long Polling with tornado

Tornado的异步架构可以对HTTP的long polling得心应手,所谓的long polling是一种技术用来
处理实时提醒或者构建高性能的多人聊天室。早期实现这种技术是使用在客户端定时更新的方法,
但是带来的挑战是“实时更新”的“频率”必须足够的快,但是太快的客户端请求又会使服务器不堪
重负。

所以现在使用一种叫做“Server Push”的技术,要求在“网络应用”端在有状态(state)更新(
update)时,实时推送给客户端。在现在的常见的server端push技术中,需要跟客户端的浏览器
有很好的兼容,所以最流行的技术使用的是,通过客户端发起的连接去模拟“Server Push”。这类
有客户端发起的用来server push的连接,叫做“Long Polling”或者“Comet Request”。

Long Polling技术是客户端发起一个连接,并保持在open状态,然后客户端等待服务器端“推送”
状态更新。当服务器端推送更新完成后,将会关闭该连接。然后,客户端打开另外一个新的连接,
等待服务器端的另外一次推送。

Benefits of Long Polling

  • 减少服务器负载
  • 服务端只在客户端发起连接后,推送状态更新
  • 浏览器只需要支持AJAX
  • 相比其他的推送技术,“Long Polling”得到更广泛的应用
  • 参考实现:
    • Google Doc使用Long Polling实现实时文档编辑与协作
    • Twitter使用long polling去更新用户的提醒
    • Facebook使用long polling实现聊天

Tornado最佳代码结构:

Tornado示例站点

  1. https://github.com/ajdavis/motor-blog
  2. https://github.com/viewfinderco/viewfinder/
  3. https://github.com/ipython/ipython/tree/master/IPython/html
  4. https://github.com/cdkr/tornado-cantas
  5. https://github.com/nellessen/tornado-shortener
  6. https://github.com/livid/v2ex
  7. https://github.com/rande/python-element
  8. http://thomas.rabaix.net/under-the-hood
  9. https://github.com/abdelouahabb/essog
  10. https://github.com/mitotic/graphterm
  11. https://github.com/peterbe/worklog
  12. https://github.com/peterbe/toocool
  13. https://github.com/martinrusev/amon
  14. https://github.com/tornadoweb/tornado
  15. https://github.com/peterbe/tornado_gists
  16. https://github.com/bgolub/tornado-blog
  17. https://github.com/peterbe/tiler
  18. https://bitbucket.org/black_rez/lola21/
  19. https://github.com/finiteloop/socialcookbook
  20. https://github.com/familonet/
  21. https://github.com/GovLab/OpenData500

参考:

Python and Signals

  1. http://www.qtcentre.org/threads/36911-Can-t-send-a-Ctrl-C-to-a-QProcess-(Win32)
  2. http://doc.qt.io/qt-5/qprocess.html#terminate
  3. http://forum.qt.io/topic/27478/qprocess-terminate-can-not-stop-windows-console-application-with-setconsolectrlhandler
  4. http://forum.qt.io/topic/27478/qprocess-terminate-can-not-stop-windows-console-application-with-setconsolectrlhandler/4
  5. http://bytes.com/topic/python/answers/801937-sending-cntrl-c
  6. http://www.gossamer-threads.com/lists/python/python/546571
  7. https://msdn.microsoft.com/en-us/library/windows/desktop/ms683155.aspx
  8. http://www.qtcentre.org/threads/36911-Can-t-send-a-Ctrl-C-to-a-QProcess-(Win32)
  9. http://stackoverflow.com/questions/7632589/getting-realtime-output-from-ffmpeg-to-be-used-in-progress-bar-pyqt4-stdout
  10. http://doc.qt.io/qt-4.8/qprocess.html

Selion自动化测试框架介绍

发现的一个好玩的新的基于selenium(browser based automation framework)的新型的框架,
开发和维护者来自于Paypal公司。

项目地址:https://github.com/paypal/SeLion

Selion的基本介绍:

客户端

  • 客户端基于TestNG进行管理,并且支持DataProvider进行数据注入
  • 支持selenium的POP(Page Object Pattern)开发模式,好玩的是支持使用类DSL语言使用YAML
    格式预定义page object

服务端

  • 服务端基于Grid进行管理,并支持对hub和node的自定义

文档

注意

  • 该项目依然处于开发状态

Understanding CORS

About CORS

Cross-origin resource sharing (CORS) is a mechanism that allows many resources (e.g. fonts, JavaScript, etc.) on a web page to be requested from another domain outside the domain from which the resource originated.

A web page may freely embed images, stylesheets, scripts, iframes, videos and some plugin content (such as Adobe Flash) from any other domain.

However embedded web fonts and AJAX (XMLHttpRequest) requests have traditionally been limited to accessing the same domain as the parent web page (as per the same-origin security policy).

“Cross-domain” AJAX requests are forbidden by default because of their ability to perform advanced requests (POST, PUT, DELETE and other types of HTTP requests, along with specifying custom HTTP headers) that introduce many security issues as described in cross-site scripting.

CORS defines a way in which a browser and server can interact to safely determine whether or not to allow the cross-origin request. It allows for more freedom and functionality than purely same-origin requests, but is more secure than simply allowing all cross-origin requests. It is a recommended standard of the W3C[*](http://www.w3.org/TR/cors/).

How CORS works

The CORS standard describes new HTTP headers which provide browsers and servers a way to request remote URLs only when they have permission. Although some validation and authorization can be performed by the server, it is generally the browser’s responsibility to support these headers and respect the restrictions they impose.

For AJAX and HTTP request methods that can modify data (usually HTTP methods other than GET, or for POST usage with certain MIME types), the specification mandates that browsers “preflight” the request, soliciting supported methods from the server with an HTTP OPTIONS request header, and then, upon “approval” from the server, sending the actual request with the actual HTTP request method. Servers can also notify clients whether “credentials” (including Cookies and HTTP Authentication data) should be sent with requests.

Sample

  1. The browser sends the request with an Origin HTTP header. The value of this header is the domain that served the parent page. When a page from http://www.foo.com attempts to access a user’s data in bar.com, the following request header would be sent to bar.com:
Origin: http://www.foo.com
  1. The server may respond with:

    • An Access-Control-Allow-Origin (ACAO) header in its response indicating which origin sites are allowed. For example:

      Access-Control-Allow-Origin: http://www.foo.com
    • An error page if the server does not allow the cross-origin request

    • An Access-Control-Allow-Origin (ACAO) header with a wildcard that allows all domains: Access-Control-Allow-Origin: *

This is generally not appropriate when using the same-origin security policy. The only case where this is appropriate when using the same-origin policy is when a page or API response is considered completely public content and it is intended to be accessible to everyone, including any code on any site. For example, this policy is appropriate for freely-available web fonts on public hosting services like Google Fonts.

Preflight example

When performing certain types of cross-domain AJAX requests, modern browsers that support CORS will insert an extra “preflight” request to determine whether they have permission to perform the action.

OPTIONS /
Host: bar.com
Origin: http://foo.com

If bar.com is willing to accept the action, it may respond with the following headers:

Access-Control-Allow-Origin: http://foo.com
Access-Control-Allow-Methods: PUT, DELETE

Headers

The HTTP headers that relate to CORS are:
Request headers

Origin
Access-Control-Request-Method
Access-Control-Request-Headers

Response headers

Access-Control-Allow-Origin
Access-Control-Allow-Credentials
Access-Control-Expose-Headers
Access-Control-Max-Age
Access-Control-Allow-Methods
Access-Control-Allow-Headers

(待续……非完成)

About RCU Read Copy Update

Overview

在操作系统中,RCU(Read-Copy-Update)是一种“排它锁”(mutual exclusion/Mutex)的一种
底层的实现,有时也被用来模拟“读写锁”(Reader-Writer-Lock)。它的特点是极低的锁开销和
不用等待的“读操作”。但是,由于RCU的Update操作可能消耗的资源较多,原因是系统必须保留数
据结构的老的版本用来服务之前存在的“读操作”。这些在更新之前的较老的数据结构只能够在所有
之前存在的“读操作”完成之后才能够被系统回收。

在2008年之前,Linux的kernel中大概有2000处使用RCU的API,使用的地方包括网络协议栈和内
存管理系统。截至到2014年3月,大概有9000处使用RCU的API。

Read More

Android Unit Test Framework Review

Robolectric

网址:http://robolectric.org/

现在比较流行的测试框架,主要特点是:

  • 对所有的内生的方法、SDK、资源进行模拟,不需要模拟器
  • 不需要mock框架
  • 可以直接在IDE中运行

示例:

@RunWith(RobolectricTestRunner.class)
public class MyActivityTest {

@Test
public void clickingButton_shouldChangeResultsViewText() throws Exception {
MyActivity activity = Robolectric.setupActivity(MyActivity.class);

Button button = (Button) activity.findViewById(R.id.button);
TextView results = (TextView) activity.findViewById(R.id.results);

button.performClick();
assertThat(results.getText().toString()).isEqualTo("Robolectric Rocks!");
}
}

Espresso

网址:https://google.github.io/android-testing-support-library/docs/espresso/index.html

是Google提供一个UI测试框架,本身是用来做黑盒测试,但是用于Unit Testing也是很方便,它的特点是:

  • 运行于真实的设备中或者模拟器中
  • 速度可靠性较好
  • 但是需要Android的开发能力较高一点

Android Junit Runner

网址:https://google.github.io/android-testing-support-library/docs/androidjunitrunner-guide/index.html

是android里面最基础的测试框架,它的特点是:

  • 支持Junit4语法
  • Instrumentation Registry
  • Test Filter
  • Test Timeout
  • Sharding of tests
  • RunListener supporting the testing cycle
  • Activity and Applicatioon life cycle monitoring
  • Intent Monitoring and Stubbing

Android Junit Runner with ATSL

网址:https://google.github.io/android-testing-support-library/docs/rules/index.html

是android里面最基础的测试框架,它的特点是:

  • 除了上面的之外还有很多Rules
    • ActivityTestRules
    • ServiceTestRules

UI Automator

网址:https://google.github.io/android-testing-support-library/docs/uiautomator/index.html

是android提供的最底层的测试框架,它的特点是:

  • 主要支持UI测试
  • 可以跨APPs测试,比如经典的P2P测试(Driver->Host->User)
  • 不能测试hybrid view,可以使用espresso替代

Accessibility Checking

网址:https://google.github.io/android-testing-support-library/docs/accesibility-checking/index.html

是android用来检查view的可访问性的,比如是否可以点击或者是否可以使用一些助听设备等,可以使用的测试框架包括:

  • AndroidJunit
  • Espresso