Today I learned:
- If you want to go above and beyond the Meteor documentation, the Discover Meteor book is a good place to start.
- To create a new project:
- To then run that new app at
- To stop the app from running, press
- Adding a package like Twitter Bootstrap to a Meteor app is incredibly simple. No files to link up, Meteor takes care of all of that out of the box:
Meteor has five types of packages. most can be seen in
meteor-baseis Meteor’s set of core components.
- First-party packages that come bundled with Meteor that can be removed, such as
mongo(the database) and
session(a client-side reactive dictionary).
- Local packages specific to your app, which are stored in
- Third-party packages available at Meteor’s online package repo, Atmosphere. These are named in the
- NPM packages in Node.js. They aren’t listed with other Meteor packages, but can be imported and used by other Meteor packages.
Meteor has some special directories:
/.meteor/is where Meteor stoes its own code. Don’t modify it.
- Code in
/serveronly runs on the server
- Code in
/clientonly runs on the client
- Everything else runs in both places
- Static assets should be stored in
/public(The exception is CSS. Meteor automatically loads and minifies CSS, so it should be stored in
Meteor loads files in a specific order:
- Before anything: Files in
- After everything else: Any files named
- Everything else is loaded in alphabetical order by file name.
- To quickly set up a staging server, you can create a Meteor account and deploy to a Meteor subdomain for free:
- For deploying to your own server, check out Meteor Up, a command line utility that automates setup and deployment for you.
404 Error Pages
- Making a 404 error page isn’t enough, you have to tell Apache where to find it. I’m used to working on WordPress, which takes care of that automatically. Turns out I’ve been running this site for a few months without my 404 page working. Whoops!
- To do so, add
ErrorDocument 404 /404.htmlto your
/404.htmlwith the path to your 404 page.
Secure Hash Algorithms
What are they and what is the difference between SHA1 and SHA2?
- SHA stands for Secure Hash Algorithm. The short story about how is works is that a mathematical operation is run on a given input and a unique output, or hash, is generated. By comparing the output to an expected output, you can verify the data’s integrity. The theory is that no two different input values should result in the same hash output (called a collision).
- SHA1 algorithms produce a 160-bit hash value, while SHA2 algorithms can produce 224, 256, 384 or 512 bit hash values depending on the function used.
- The very short explanation is that SHA2 hashes larger and are theoretically much less likely to have a collision than SHA1 hashes due to the underlying algorithmic changes.
What is it used for?
- Generally, SHA is used for verification. If the hash you calculate matches the expected result, your data has most likely not been tampered with or corrupted.
- Git uses SHA1 to verify data has not changed due to accidental corruption.
- SHA is used to sign SSL certificates.
- Bitcoin uses SHA2 to verify transactions
- SHA2 is used in the DKIM message signing standard (i.e. what checks to make sure someone isn’t spoofing your email account)
- Some software vendors are adopting SHA2 for password hashing.
Why should I care?
- SHA1 is on its way out. Chrome is showing errors on sites with SHA1 SSL certificates that expire past Jan 1, 2016. All major browsers will stop accepting SHA1 SSL certificates by 2017.
- Every site using SSL signed with SHA1 needs to update their certificates.
- Most certificate authorities have instructions for migrating to SHA2.