-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path20190716.html
26 lines (24 loc) · 15.5 KB
/
20190716.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<title>小蜜蜂前端周刊第三十五期 | 小蜜蜂前端周刊</title>
<meta name="generator" content="VuePress 1.8.2">
<meta name="description" content="好好学习,天天向上。">
<link rel="preload" href="/FE-Weekly/assets/css/0.styles.a908ec75.css" as="style"><link rel="preload" href="/FE-Weekly/assets/js/app.44c279c7.js" as="script"><link rel="preload" href="/FE-Weekly/assets/js/2.946cf503.js" as="script"><link rel="preload" href="/FE-Weekly/assets/js/41.0badd321.js" as="script"><link rel="preload" href="/FE-Weekly/assets/js/6.de6a323c.js" as="script"><link rel="prefetch" href="/FE-Weekly/assets/js/10.5352507b.js"><link rel="prefetch" href="/FE-Weekly/assets/js/11.83a72ade.js"><link rel="prefetch" href="/FE-Weekly/assets/js/12.00b61850.js"><link rel="prefetch" href="/FE-Weekly/assets/js/13.d79373a6.js"><link rel="prefetch" href="/FE-Weekly/assets/js/14.462af9ef.js"><link rel="prefetch" href="/FE-Weekly/assets/js/15.8441e7fa.js"><link rel="prefetch" href="/FE-Weekly/assets/js/16.7f190713.js"><link rel="prefetch" href="/FE-Weekly/assets/js/17.d836d8bc.js"><link rel="prefetch" href="/FE-Weekly/assets/js/18.636e69cb.js"><link rel="prefetch" href="/FE-Weekly/assets/js/19.9b122cc9.js"><link rel="prefetch" href="/FE-Weekly/assets/js/20.413f7eec.js"><link rel="prefetch" href="/FE-Weekly/assets/js/21.c65a8de1.js"><link rel="prefetch" href="/FE-Weekly/assets/js/22.97da2382.js"><link rel="prefetch" href="/FE-Weekly/assets/js/23.26864382.js"><link rel="prefetch" href="/FE-Weekly/assets/js/24.3a360530.js"><link rel="prefetch" href="/FE-Weekly/assets/js/25.d971b269.js"><link rel="prefetch" href="/FE-Weekly/assets/js/26.23721e08.js"><link rel="prefetch" href="/FE-Weekly/assets/js/27.0cf07053.js"><link rel="prefetch" href="/FE-Weekly/assets/js/28.ece7a01d.js"><link rel="prefetch" href="/FE-Weekly/assets/js/29.e7a224ad.js"><link rel="prefetch" href="/FE-Weekly/assets/js/3.e8932c61.js"><link rel="prefetch" href="/FE-Weekly/assets/js/30.a70521fc.js"><link rel="prefetch" href="/FE-Weekly/assets/js/31.c82acf82.js"><link rel="prefetch" href="/FE-Weekly/assets/js/32.e092bf1f.js"><link rel="prefetch" href="/FE-Weekly/assets/js/33.a2b31d8a.js"><link rel="prefetch" href="/FE-Weekly/assets/js/34.f332a696.js"><link rel="prefetch" href="/FE-Weekly/assets/js/35.1a57f590.js"><link rel="prefetch" href="/FE-Weekly/assets/js/36.d502f847.js"><link rel="prefetch" href="/FE-Weekly/assets/js/37.0a25424b.js"><link rel="prefetch" href="/FE-Weekly/assets/js/38.7ea8abc4.js"><link rel="prefetch" href="/FE-Weekly/assets/js/39.c31b2e25.js"><link rel="prefetch" href="/FE-Weekly/assets/js/4.e6e8c85d.js"><link rel="prefetch" href="/FE-Weekly/assets/js/40.998d7921.js"><link rel="prefetch" href="/FE-Weekly/assets/js/42.3c31a06f.js"><link rel="prefetch" href="/FE-Weekly/assets/js/43.86f810a9.js"><link rel="prefetch" href="/FE-Weekly/assets/js/44.75e0f4c4.js"><link rel="prefetch" href="/FE-Weekly/assets/js/45.cc392e03.js"><link rel="prefetch" href="/FE-Weekly/assets/js/46.6278f709.js"><link rel="prefetch" href="/FE-Weekly/assets/js/47.e4eaf2a2.js"><link rel="prefetch" href="/FE-Weekly/assets/js/48.313a7005.js"><link rel="prefetch" href="/FE-Weekly/assets/js/49.3bb92779.js"><link rel="prefetch" href="/FE-Weekly/assets/js/5.f9b108dd.js"><link rel="prefetch" href="/FE-Weekly/assets/js/50.7f55cbb3.js"><link rel="prefetch" href="/FE-Weekly/assets/js/51.c323b810.js"><link rel="prefetch" href="/FE-Weekly/assets/js/52.12606e67.js"><link rel="prefetch" href="/FE-Weekly/assets/js/53.2d7b3e69.js"><link rel="prefetch" href="/FE-Weekly/assets/js/54.92e08cca.js"><link rel="prefetch" href="/FE-Weekly/assets/js/55.012f73b8.js"><link rel="prefetch" href="/FE-Weekly/assets/js/56.03073a43.js"><link rel="prefetch" href="/FE-Weekly/assets/js/57.e3439957.js"><link rel="prefetch" href="/FE-Weekly/assets/js/58.baa6fd74.js"><link rel="prefetch" href="/FE-Weekly/assets/js/59.a4ed02f6.js"><link rel="prefetch" href="/FE-Weekly/assets/js/60.42e7e9e5.js"><link rel="prefetch" href="/FE-Weekly/assets/js/61.48f6b23c.js"><link rel="prefetch" href="/FE-Weekly/assets/js/62.43bc49af.js"><link rel="prefetch" href="/FE-Weekly/assets/js/7.eefe6189.js"><link rel="prefetch" href="/FE-Weekly/assets/js/8.02d5fb3e.js"><link rel="prefetch" href="/FE-Weekly/assets/js/9.473470b2.js">
<link rel="stylesheet" href="/FE-Weekly/assets/css/0.styles.a908ec75.css">
</head>
<body>
<div id="app" data-server-rendered="true"><div class="theme-container"><header class="navbar"><div class="sidebar-button"><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" role="img" viewBox="0 0 448 512" class="icon"><path fill="currentColor" d="M436 124H12c-6.627 0-12-5.373-12-12V80c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12zm0 160H12c-6.627 0-12-5.373-12-12v-32c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12zm0 160H12c-6.627 0-12-5.373-12-12v-32c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12z"></path></svg></div> <a href="/FE-Weekly/" class="home-link router-link-active"><!----> <span class="site-name">小蜜蜂前端周刊</span></a> <div class="links"><div class="search-box"><input aria-label="Search" autocomplete="off" spellcheck="false" value=""> <!----></div> <nav class="nav-links can-hide"><div class="nav-item"><a href="/FE-Weekly/" class="nav-link">
首页
</a></div><div class="nav-item"><a href="https://github.com/bee-fe/FE-Weekly" target="_blank" rel="noopener noreferrer" class="nav-link external">
Github
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></div> <!----></nav></div></header> <div class="sidebar-mask"></div> <aside class="sidebar"><nav class="nav-links"><div class="nav-item"><a href="/FE-Weekly/" class="nav-link">
首页
</a></div><div class="nav-item"><a href="https://github.com/bee-fe/FE-Weekly" target="_blank" rel="noopener noreferrer" class="nav-link external">
Github
<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></div> <!----></nav> <ul class="sidebar-links"><li><section class="sidebar-group depth-0"><p class="sidebar-heading open"><span>小蜜蜂前端周刊第三十五期</span> <!----></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/FE-Weekly/20190716.html#个人" class="sidebar-link">个人</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/FE-Weekly/20190716.html#es6-promise" class="sidebar-link">ES6-Promise</a></li><li class="sidebar-sub-header"><a href="/FE-Weekly/20190716.html#flutter入门集" class="sidebar-link">Flutter入门集</a></li><li class="sidebar-sub-header"><a href="/FE-Weekly/20190716.html#nginx-指令-try-files-使用方法" class="sidebar-link">Nginx 指令 try_files 使用方法</a></li></ul></li><li><a href="/FE-Weekly/20190716.html#新鲜事" class="sidebar-link">新鲜事</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/FE-Weekly/20190716.html#flutter-1-7-发布-你关心的特性增加了吗" class="sidebar-link">Flutter 1.7 发布,你关心的特性增加了吗?</a></li><li class="sidebar-sub-header"><a href="/FE-Weekly/20190716.html#lodash-库爆出严重安全漏洞-波及-400-万-项目" class="sidebar-link">Lodash 库爆出严重安全漏洞,波及 400 万 + 项目</a></li></ul></li><li><a href="/FE-Weekly/20190716.html#安全" class="sidebar-link">安全</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/FE-Weekly/20190716.html#深入理解-javascript-prototype-污染攻击" class="sidebar-link">深入理解 JavaScript Prototype 污染攻击</a></li></ul></li></ul></section></li></ul> </aside> <main class="page"> <div class="theme-default-content content__default"><h1 id="小蜜蜂前端周刊第三十五期"><a href="#小蜜蜂前端周刊第三十五期" class="header-anchor">#</a> 小蜜蜂前端周刊第三十五期</h1> <h2 id="个人"><a href="#个人" class="header-anchor">#</a> 个人</h2> <h3 id="es6-promise"><a href="#es6-promise" class="header-anchor">#</a> <a href="https://www.jianshu.com/p/d2f61e8795d2" target="_blank" rel="noopener noreferrer">ES6-Promise<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></h3> <ul><li>推荐理由:关于 Promise 的知识点总结</li> <li>推荐人:徐梦婷</li></ul> <h3 id="flutter入门集"><a href="#flutter入门集" class="header-anchor">#</a> <a href="https://www.jianshu.com/p/2f9ed303c8ec" target="_blank" rel="noopener noreferrer">Flutter入门集<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></h3> <ul><li>推荐理由:跟一把潮流,实现自己做个App的梦想</li> <li>推荐人:徐晨</li></ul> <h3 id="nginx-指令-try-files-使用方法"><a href="#nginx-指令-try-files-使用方法" class="header-anchor">#</a> <a href="https://lichangwei.github.io/2019/07/15/nginx-try-files/" target="_blank" rel="noopener noreferrer">Nginx 指令 try_files 使用方法<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></h3> <ul><li>推荐理由:本文介绍了如何通过 Nginx 的 try_files 指令将多个目录或站点合并成起来形成统一服务</li> <li>推荐人:李长伟</li></ul> <h2 id="新鲜事"><a href="#新鲜事" class="header-anchor">#</a> 新鲜事</h2> <h3 id="flutter-1-7-发布-你关心的特性增加了吗"><a href="#flutter-1-7-发布-你关心的特性增加了吗" class="header-anchor">#</a> <a href="https://www.infoq.cn/article/8-TbGbx7Ut26D9O3808a" target="_blank" rel="noopener noreferrer">Flutter 1.7 发布,你关心的特性增加了吗?<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></h3> <ul><li>推荐理由:Flutter 1.7 版本发布,Flutter 1.7 包含了对 AndroidX 的支持,满足了 Play 商店近期对应用提出的要求,包含了一些新的和增强过的组件,修复了开发者们提出的 bug 等。</li></ul> <h3 id="lodash-库爆出严重安全漏洞-波及-400-万-项目"><a href="#lodash-库爆出严重安全漏洞-波及-400-万-项目" class="header-anchor">#</a> <a href="https://www.infoq.cn/article/k7C-ZvXKOHh284ToEy9K" target="_blank" rel="noopener noreferrer">Lodash 库爆出严重安全漏洞,波及 400 万 + 项目<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></h3> <ul><li>推荐理由:安全漏洞的问题一直是大家关心的问题,仿佛是巧合,在云视频会议服务提供商 Zoom 刚刚被爆出存在”零日漏洞“威胁 Mac 用户隐私和信息安全的同时,开发者熟知的 npm 库 Lodash 也被爆出存在高严重性安全漏洞——原型污染漏洞,该漏洞将威胁超过 400 万个项目的服务安全性。</li></ul> <h2 id="安全"><a href="#安全" class="header-anchor">#</a> 安全</h2> <h3 id="深入理解-javascript-prototype-污染攻击"><a href="#深入理解-javascript-prototype-污染攻击" class="header-anchor">#</a> <a href="https://www.leavesongs.com/PENETRATION/javascript-prototype-pollution-attack.html" target="_blank" rel="noopener noreferrer">深入理解 JavaScript Prototype 污染攻击<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></h3> <ul><li>推荐理由:JavaScript是一门非常灵活的语言,我感觉在某些方面可能比PHP更加灵活。所以,除了传统的SQL注入、代码执行等注入型漏洞外,也会有一些独有的安全问题,比如今天要说这个prototype污染。</li></ul> <div class="gitalk-container"><div id="gitalk-container"></div></div></div> <footer class="page-edit"><!----> <div class="last-updated"><span class="prefix">最后更新:</span> <span class="time">2021/12/10 上午10:52:50</span></div></footer> <!----> </main></div><div class="global-ui"></div></div>
<script src="/FE-Weekly/assets/js/app.44c279c7.js" defer></script><script src="/FE-Weekly/assets/js/2.946cf503.js" defer></script><script src="/FE-Weekly/assets/js/41.0badd321.js" defer></script><script src="/FE-Weekly/assets/js/6.de6a323c.js" defer></script>
</body>
</html>