Tag Archive | "server"

Force the Use of HTTPS (SSL)


As it turns out, forcing “www” in the URL was just the beginning. When they purchased your site, handturkey.com they got in over their heads. They hired you on as a consultant within weeks of the acquisition, and their first order of business was to lock down security. Handturkey.com has project management software, CRM, and ecommerce, after all. It seemed obvious that all the traffic in and out of the server needed to be encrypted.

“No problem.” You told them. You remembered that this can be accomplished with the mod_rewrite module in Apache. You tell them them that all they need is a few more lines in the .htaccess file in the root of handturkey.com, and that they should look like this:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.handturkey.com/$1 [R,L]

This instructs the server to take any traffic on port 80 (HTTP) and forward it to 443 (HTTPS), forcing the traffic onto a secure channel. The Duch are grateful, to say the least. A week later you receive an iPad in the mail, a personal thank you from the dutch CEO, Filibert Broos.

Posted in CodeComments (0)

How The MediaTemple Have Fallen


They say that Rome wasn’t built in a day, but that it burned in less than a week.

As a web designer I get asked certain questions more than others. What’s an Internet? Why are you so pale? What web host is best? I used to think I knew the answers to these questions. I’m not so sure about the last one anymore.

It’s so easy to write a disgruntled hatchet job about a product or service, just look at Yelp. So I am making a conscious effort to tell the story of the collapse of my opinion of the once venerable MediaTemple hosting service.

I used to describe them as the “The Gold Standard” of web hosting. It seemed like everyone who was anyone on the web was hosted at MediaTemple. Sony, Adobe, Starbucks, and Toyota adorn their client list, and that little (mt) logo appears on countless respected sites. I remember seeing it and wondering what club I was missing out on.

I wanted SSH and fancy doodads and I was willing to pay for it. I decided to give up my HostGator, and I upgraded to the best. Life was good. I had everything I needed. I had swift, informed responses to my support requests. I had web-based tools to accomplish almost any task. How did I ever live with this level of service?

Service isn’t everything. September of 2009 the outages begin. High server loads and severe latency caused incident reports to begin cropping up. My sites slowed down and became unreachable. MediaTemple repaired the issues and I was very quick to give them the benefit of the doubt. I mean, even Google goes down sometimes. Right?

In December the servers got hacked. We weren’t told how this occurred, but we were told that there was an “exploit affecting Storage Segment 01 on Cluster 05″, which was my home. This wasn’t a matter of a door being left open in my code, this was a server exploit. Files were overwritten. Data was deleted. Then the kicker: They couldn’t find my backup. The good news was that I keep backups, but data generated on the server was gone forever. They were very sorry. They gave me some service credit.

In early March, load balancing errors take my sites offline once more. All my service requests were replied to with links to the support incidents. We were all glad to hear that “The odds of a recurrence are minimal”.

Mid-March their servers get hacked again. Apparently a brute-force attack against the database servers allowed attackers to insert arbitrary code into our sites. We are now all required to change the passwords for our database users. Classy.

It is currently March 19th. All my sites are down. No one has any idea why. I can’t get to my WordPress installation, which is why I’m currently writing this post in TextEdit.

I don’t know how to move forward. The bells and whistles don’t seem to mean anything if the server isn’t up. If you can’t secure your systems against a brute-force attack, what the hell can you defend against? Switching hosts is an enormous hassle, but staying onboard isn’t exactly hassle-free. And frankly, I got no place to go.

Posted in WebComments (1)

Using Flash To Play With Images (AS3 + PHP)


Using Flash to get an image and play with it is a bit more complicated than it looks. The reason is that you can’t take an image from your hard drive and drop it directly into the Flash Player because the Flash Player doesn’t have permission to read data from your machine. The only way to get an image from your local drive into Flash is to first upload it to the server, then re-download it. Here’s a drawring.

I know, it’s the definition of circuitous, but thems the breaks. So we need to write two bits, the Flash (we will use AS3) to run on the client, and the PHP to run on the server. One note before we begin: Due to Flash’s sandbox restrictions, this is most easily tested in a live environment. I’ve had a lot of trouble testing locally.

Firstly, let’s talk Flash upload. The main class we will use for uploading is the FileReference class. This class allows us to upload and download files using Flash.

private var myFileRef:FileReference = new FileReference();

The only mission critical function call is the browse() function. We apply a file filter to prevent Flash from sending us anything but an image. This is only client side validation, so stronger measure are required server side.

var formats:String = "All Formats (*.jpg,*.gif,*.png)", "*.jpg;*.gif;*.png;", "JPEG;jp2_;GIFF";
this.myFileRef.browse([new FileFilter(formats)]);

That alone will bring up our old friend the browse window for your local machine. Now it’s a matter for the event listeners. By attaching them to the FileReference object, we monitor events like Event.SELECT (which occurs when the user picks a file and hits select, or Event.CANCEL which is called if the user hits cancel. Here are all the events you might listen for:

myFileRef.addEventListener(Event.SELECT, this.selectFile);
myFileRef.addEventListener(Event.OPEN, this.openFile);
myFileRef.addEventListener(HTTPStatusEvent.HTTP_STATUS, this.httpStatus);
myFileRef.addEventListener(Event.COMPLETE, this.completeUpload);
myFileRef.addEventListener(SecurityErrorEvent.SECURITY_ERROR, this.securityError);
myFileRef.addEventListener(IOErrorEvent.IO_ERROR, this.ioError);
myFileRef.addEventListener(Event.CANCEL, this.cancel);
myFileRef.addEventListener(ProgressEvent.PROGRESS, this.uploadProgress);
myFileRef.addEventListener(DataEvent.UPLOAD_COMPLETE_DATA, this.uploadComplete);

So when the SELECT event fires, this handler takes care of it:

function selectFile(e:Event):void {
	myFileRef.upload(uploadURL);		
}

Where uploadURL is the address of the PHP script we will setup to receive the upload as a POST variable. So, what we’ve got so far is the equivalent of a file post form element in html. It took us a while to get there, but it gave us finer grain control. Now we need the PHP script to accept the data and turn it into a file.

if (isAllowedExtension($_FILES['Filedata']['name'])) {
	// Path to storage
	$storage = 'flash_uploads';
 
	// Create a random for file
	$newRandName = time().rand();
	$newRandFile = $newRandName.".".findExtension($_FILES['Filedata']['name']); 
	$uploadfile = $storage . "/" . $newRandFile;
 
	// Try to move the uploaded file into permanent storage
	if ( move_uploaded_file( $_FILES['Filedata']['tmp_name'] , $uploadfile ) ) {
		echo($newRandFile); // Return the name of the file
	} else { // If the move failed
		echo( '0'); // Return 0 as an error code
	}
}
// Extract the file extension from the filename
function findExtension ($filename) { 
	$filename = strtolower($filename) ; 
	$exts = split("[/\\.]", $filename) ; 
	$n = count($exts)-1; 
	$exts = $exts[$n]; 
	return $exts; 
} 
// Check to make sure the file extension is valid
function isAllowedExtension($fileName) {
	$allowedExtensions = array("gif", "jpg", "jpeg", "png");
	return in_array(end(explode(".", $fileName)), $allowedExtensions);
}

Since the Flash used regular old POST to upload the file, the result is of course is the return page. We use this to inform the Flash about what happened. In the event of a failure the Flash will receive an error code, but if things go well, the Flash will receive the name of the newly created file on the server. We must now download it with a standard Loader.

var photoloader = new Loader();
var loadRequest = new URLRequest (baseurl+"/flash_uploads/"+serverFileName);
photoloader.load(loadRequest);
photoloader.contentLoaderInfo.addEventListener(Event.COMPLETE, onLoadComplete);
 
function onLoadComplete(event:Event):void {
	stage.addChild(photoloader);
}

where serverFileName is the name of the file returned by the server, and baseurl is the url of the server on which our new file can be found. Our new loader is then added to the stage, where we can play with it. Remember this process can accumulate files on the server, so you might want to do a bit of clean up as well.

Posted in CodeComments (2)

What is a Website?


This entry is part 2 of 5 in the series Web Coding For People Who Are Tired of Being Called Dummies (click to view in order)

You know what a website is, but you’re not sure what a website is.

The best way to think about a website is simply as a group of files. Files just like the ones on your hard drive, organized into folders. Except instead of files that end in .doc and .mp3, these files end in things like .html and .jpg. Website files are kept on a server and delivered to your browser when you ask for them by visiting a particular URL. Your browser analyses them and renders them to the screen.

So next up we are going to make a very small website which will live on your hard drive. People won’t be able to access this website while it is on your hard drive, but it will allow you to build it. When it is ready you can put it on a server on the Internet and then bang. Live website.

Posted in CodeComments (0)


PHVsPjxsaT48c3Ryb25nPndvb18xY29sX2hlaWdodDwvc3Ryb25nPiAtIDIwMDwvbGk+PGxpPjxzdHJvbmc+d29vXzJjb2xfaGVpZ2h0PC9zdHJvbmc+IC0gMjAwPC9saT48bGk+PHN0cm9uZz53b29fM2NvbF9oZWlnaHQ8L3N0cm9uZz4gLSAxNTA8L2xpPjxsaT48c3Ryb25nPndvb180Y29sX2hlaWdodDwvc3Ryb25nPiAtIDEwMDwvbGk+PGxpPjxzdHJvbmc+d29vX2Fib3V0X2J1dHRvbjwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2Fib3V0X2VuYWJsZTwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fYWJvdXRfaGVhZGVyPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fYWJvdXRfcGhvdG88L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19hYm91dF90ZXh0PC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fYWRzX3JvdGF0ZTwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fYWRfY29udGVudF9hZHNlbnNlPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fYWRfY29udGVudF9kaXNhYmxlPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19hZF9jb250ZW50X2ltYWdlPC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tL2Fkcy93b290aGVtZXMtNDY4eDYwLTIuZ2lmPC9saT48bGk+PHN0cm9uZz53b29fYWRfY29udGVudF91cmw8L3N0cm9uZz4gLSBodHRwOi8vd3d3Lndvb3RoZW1lcy5jb208L2xpPjxsaT48c3Ryb25nPndvb19hZF9pbWFnZV8xPC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tL2Fkcy8xMjV4MTI1YS5qcGc8L2xpPjxsaT48c3Ryb25nPndvb19hZF9pbWFnZV8yPC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tL2Fkcy8xMjV4MTI1Yi5qcGc8L2xpPjxsaT48c3Ryb25nPndvb19hZF9pbWFnZV8zPC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tL2Fkcy8xMjV4MTI1Yy5qcGc8L2xpPjxsaT48c3Ryb25nPndvb19hZF9pbWFnZV80PC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tL2Fkcy8xMjV4MTI1ZC5qcGc8L2xpPjxsaT48c3Ryb25nPndvb19hZF9tcHVfYWRzZW5zZTwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX21wdV9kaXNhYmxlPC9zdHJvbmc+IC0gdHJ1ZTwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX21wdV9pbWFnZTwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX21wdV91cmw8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19hZF90b3A8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX3RvcF9hZHNlbnNlPC9zdHJvbmc+IC0gPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI+PCEtLQ0KZ29vZ2xlX2FkX2NsaWVudCA9IFwicHViLTcxMDQyODQwNTMwMzMzMTBcIjsNCi8qIHdoaXQuaW5mbyA0Njh4NjAsIGNyZWF0ZWQgMy8xNi8xMCAqLw0KZ29vZ2xlX2FkX3Nsb3QgPSBcIjE1MDc1NDQ2NzdcIjsNCmdvb2dsZV9hZF93aWR0aCA9IDQ2ODsNCmdvb2dsZV9hZF9oZWlnaHQgPSA2MDsNCi8vLS0+DQo8L3NjcmlwdD4NCjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiDQpzcmM9XCJodHRwOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL3Nob3dfYWRzLmpzXCI+DQo8L3NjcmlwdD48L2xpPjxsaT48c3Ryb25nPndvb19hZF90b3BfZGlzYWJsZTwvc3Ryb25nPiAtIHRydWU8L2xpPjxsaT48c3Ryb25nPndvb19hZF90b3BfaW1hZ2U8L3N0cm9uZz4gLSBodHRwOi8vd3d3Lndvb3RoZW1lcy5jb20vYWRzLzQ2OHg2MGEuanBnPC9saT48bGk+PHN0cm9uZz53b29fYWRfdG9wX3VybDwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbTwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX3VybF8xPC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tPC9saT48bGk+PHN0cm9uZz53b29fYWRfdXJsXzI8L3N0cm9uZz4gLSBodHRwOi8vd3d3Lndvb3RoZW1lcy5jb208L2xpPjxsaT48c3Ryb25nPndvb19hZF91cmxfMzwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbTwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX3VybF80PC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tPC9saT48bGk+PHN0cm9uZz53b29fYWxsX2NhdGVnb3J5X3RpdGxlPC9zdHJvbmc+IC0gQ2F0ZWdvcmllczwvbGk+PGxpPjxzdHJvbmc+d29vX2FsdF9zdHlsZXNoZWV0PC9zdHJvbmc+IC0gZGFya2JsdWUuY3NzPC9saT48bGk+PHN0cm9uZz53b29fYXJjaGl2ZXM8L3N0cm9uZz4gLSBTZWxlY3QgYSBwYWdlOjwvbGk+PGxpPjxzdHJvbmc+d29vX2FyY2hpdmVfbGF5b3V0PC9zdHJvbmc+IC0gM19jb2x1bW5zLnBocDwvbGk+PGxpPjxzdHJvbmc+d29vX2F1dGhvcjwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fYXV0b19pbWc8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2Jsb2NrX2ltYWdlPC9zdHJvbmc+IC0gaHR0cDovL3doaXQuaW5mby9ibG9nL3dwLWNvbnRlbnQvdGhlbWVzL2xpdmV3aXJlL2ltYWdlcy8zMDB4MjUwLmdpZjwvbGk+PGxpPjxzdHJvbmc+d29vX2Jsb2NrX3VybDwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbTwvbGk+PGxpPjxzdHJvbmc+d29vX2Jsb2dfY2F0ZWdvcnk8L3N0cm9uZz4gLSBTZWxlY3QgYSBjYXRlZ29yeTo8L2xpPjxsaT48c3Ryb25nPndvb19ibG9nX2NhdF9pZDwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2Jsb2dfbmF2aWdhdGlvbjwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fYmxvZ19uYXZpZ2F0aW9uX2Zvb3Rlcjwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fYmxvZ19wZXJtYWxpbms8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19ibG9nX3NpZGViYXI8L3N0cm9uZz4gLSBTZWxlY3QgYSBzaWRlYmFyOjwvbGk+PGxpPjxzdHJvbmc+d29vX2Jsb2dfc3VibmF2aWdhdGlvbjwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fYnJlYWRjcnVtYnM8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2J1dHRvbl9saW5rPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fY2F0X21lbnU8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2N1c3RvbV9jc3M8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19jdXN0b21fZmF2aWNvbjwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2Rpc2NsYWltZXI8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19lbmFibGVfYWxsX2NhdGVnb3J5PC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19lbmFibGVfYmxvZ19jYXRlZ29yeTwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29fZXhjbHVkZV9wYWdlc19mb290ZXI8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19leGNsdWRlX3BhZ2VzX21haW48L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19leGNsdWRlX3BhZ2VzX3N1Ym5hdjwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2ZlYXR1cmVkX2NhdGVnb3J5PC9zdHJvbmc+IC0gRmVhdHVyZWQ8L2xpPjxsaT48c3Ryb25nPndvb19mZWF0X2VudHJpZXM8L3N0cm9uZz4gLSAxPC9saT48bGk+PHN0cm9uZz53b29fZmVhdF9oZWlnaHQ8L3N0cm9uZz4gLSAyMTA8L2xpPjxsaT48c3Ryb25nPndvb19mZWF0X3dpZHRoPC9zdHJvbmc+IC0gMjgwPC9saT48bGk+PHN0cm9uZz53b29fZmVlZGJ1cm5lcl9pZDwvc3Ryb25nPiAtIEZlZWRidXJuZXIgSUQ8L2xpPjxsaT48c3Ryb25nPndvb19mZWVkYnVybmVyX3VybDwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2ZsaWNrcl9lbnRyaWVzPC9zdHJvbmc+IC0gU2VsZWN0IGEgTnVtYmVyOjwvbGk+PGxpPjxzdHJvbmc+d29vX2ZsaWNrcl9pZDwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2ZsaWNrcl91cmw8L3N0cm9uZz4gLSBGbGlja3IgVVJMPC9saT48bGk+PHN0cm9uZz53b29fZ29vZ2xlX2FuYWx5dGljczwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2hvbWU8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2hvbWVwYWdlPC9zdHJvbmc+IC0gbGF5b3V0LWRlZmF1bHQucGhwPC9saT48bGk+PHN0cm9uZz53b29faG9tZV9sYXlvdXQ8L3N0cm9uZz4gLSAzX2NvbHVtbnMucGhwPC9saT48bGk+PHN0cm9uZz53b29faG9tZV9zaWRlYmFyPC9zdHJvbmc+IC0gU2VsZWN0IGEgc2lkZWJhcjo8L2xpPjxsaT48c3Ryb25nPndvb19ob21lX3RodW1iX2hlaWdodDwvc3Ryb25nPiAtIDU3PC9saT48bGk+PHN0cm9uZz53b29faG9tZV90aHVtYl93aWR0aDwvc3Ryb25nPiAtIDEwMDwvbGk+PGxpPjxzdHJvbmc+d29vX2ltYWdlX3NpbmdsZTwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29faW5jX2ludHJvX3BhZ2U8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2luY19pbnRyb19wYWdlX2xlZnQ8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2luY19pbnRyb19wYWdlX3JpZ2h0PC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19pbmNfdGFiYmVyX3BhZ2VzPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19pbnRyb19wYWdlPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29faW50cm9fcGFnZV9sZWZ0PC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29faW50cm9fcGFnZV9yaWdodDwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2xheW91dDwvc3Ryb25nPiAtIGJsb2cucGhwPC9saT48bGk+PHN0cm9uZz53b29fbG9nbzwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX21hZ19mZWF0dXJlZDwvc3Ryb25nPiAtIFNlbGVjdCBhIG51bWJlcjo8L2xpPjxsaT48c3Ryb25nPndvb19tYWdfc2Vjb25kYXJ5PC9zdHJvbmc+IC0gU2VsZWN0IGEgbnVtYmVyOjwvbGk+PGxpPjxzdHJvbmc+d29vX21hbnVhbDwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbS9zdXBwb3J0L3RoZW1lLWRvY3VtZW50YXRpb24vZ2F6ZXR0ZS1lZGl0aW9uLzwvbGk+PGxpPjxzdHJvbmc+d29vX21pZF9leGNsdWRlPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fbmF2X2V4Y2x1ZGU8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19vdGhlcl9lbnRyaWVzPC9zdHJvbmc+IC0gU2VsZWN0IGEgTnVtYmVyOjwvbGk+PGxpPjxzdHJvbmc+d29vX3BhZ2Vfc2lkZWJhcjwvc3Ryb25nPiAtIFNlbGVjdCBhIHNpZGViYXI6PC9saT48bGk+PHN0cm9uZz53b29fcG9ydF9pbWFnZXM8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX3Jlc2l6ZTwvc3Ryb25nPiAtIHRydWU8L2xpPjxsaT48c3Ryb25nPndvb19zaG9ydG5hbWU8L3N0cm9uZz4gLSB3b288L2xpPjxsaT48c3Ryb25nPndvb19zaG93X2Nhcm91c2VsPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19zaG93X3ZpZGVvPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19zaW5nbGVfaGVpZ2h0PC9zdHJvbmc+IC0gMTgwPC9saT48bGk+PHN0cm9uZz53b29fc2luZ2xlX3dpZHRoPC9zdHJvbmc+IC0gMjUwPC9saT48bGk+PHN0cm9uZz53b29fc2xpZGVyPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19zbWFsbHRodW1iX2hlaWdodDwvc3Ryb25nPiAtIDQyPC9saT48bGk+PHN0cm9uZz53b29fc21hbGx0aHVtYl93aWR0aDwvc3Ryb25nPiAtIDU2PC9saT48bGk+PHN0cm9uZz53b29fc3VibmF2PC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb190YWJiZXJfcGFnZXM8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb190YWJzPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb190aGVtZW5hbWU8L3N0cm9uZz4gLSBHYXpldHRlPC9saT48bGk+PHN0cm9uZz53b29fdGhlX2NvbnRlbnQ8L3N0cm9uZz4gLSB0cnVlPC9saT48bGk+PHN0cm9uZz53b29fdGh1bWJfaGVpZ2h0PC9zdHJvbmc+IC0gNzY8L2xpPjxsaT48c3Ryb25nPndvb190aHVtYl93aWR0aDwvc3Ryb25nPiAtIDEwMDwvbGk+PGxpPjxzdHJvbmc+d29vX3R3aXR0ZXI8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb190d2l0dGVyX2VuYWJsZTwvc3Ryb25nPiAtIHRydWU8L2xpPjxsaT48c3Ryb25nPndvb190d2l0dGVyX3VzZXJuYW1lPC9zdHJvbmc+IC0gd29vdGhlbWVzPC9saT48bGk+PHN0cm9uZz53b29fdmlkZW9fY2F0ZWdvcnk8L3N0cm9uZz4gLSBTZWxlY3QgYSBjYXRlZ29yeTo8L2xpPjwvdWw+