QR Code Notes

I tried out an inverted QR code recently (i.e. black is white, and white is black). I thought it would work if the readers used contrast rather than colour to read the barcode.

Well it worked great on iOS, but fails completely on the Android and Windows Phone readers. Moral of the story? 1. Standard black on white QR codes are probably going to be the most readable (dark colours are probably OK instead of black). 2. Test the readability of the QR code on a number of different platforms.

Adding a certificate chain to Heroku

SSL endpoint on Heroku rocks.  However, sometimes your certificates (like ones from PositiveSSL) need additional certificates to establish the chain of trust.

In my case, I have a Wildcard cert from PositiveSSL.

$ heroku certs:add STAR_mydomain_com.crt mykey.key  --app myapp
Adding SSL endpoint to myapp... done
geospike-production-endpoint now served by aichi-1111.herokussl.com
Certificate details:
    subject: /OU=Domain Control Validated/OU=PositiveSSL Wildcard/CN=*.mydomain.com
    start date: 2012-05-15 08:00:00 CST
    expire date: 2013-05-16 07:59:59 CST
    common name(s): *.mydomain.com, mydomain.com
    issuer: /OU=Domain Control Validated/OU=PositiveSSL Wildcard/CN=*.mydomain.com
    SSL certificate is self signed.

Notice that it says SSL certificate is self signed..

Adding the CA certificate in the same way doesn’t work, Heroku insists on a single certificate.

What you need to do is bundle all the certificates into one file and give that to Heroku. Importantly, your site’s certificate must be the first one. Here’s how I did that:

$ cat STAR_mydomain_com.crt PositiveSSLCA2.crt AddTrustExternalCARoot.crt > STAR_mydomain_com_bundle.crt 

Remember: put your cert first in the cat command. I ordered the remaining certificates in reverse order of the chain of trust, not sure if that is necessary but it can’t hurt I guess.

Now when I update it on Heroku, it shows as trusted:

$ heroku certs:update STAR_mydomain_com_bundle.crt mykey.key --app myapp
Updating SSL endpoint aichi-1111.herokussl.com for myapp... done
Updated certificate details:
    subject: /OU=Domain Control Validated/OU=PositiveSSL Wildcard/CN=*.mydomain.com
    start date: 2012-05-15 08:00:00 CST
    expire date: 2013-05-16 07:59:59 CST
    common name(s): *.mydomain.com, mydomain.com
    issuer: /OU=Domain Control Validated/OU=PositiveSSL Wildcard/CN=*.mydomain.com
    SSL certificate is verified by a root authority.

Sideloading apps on BlueStacks for Mac Beta

Bluestacks player is an awesome idea: run Android apps on Mac/Windows. I’m super keen about a version of Geospike I can run on my computer, so I can add bigger stories to my spikes on a full-sized keyboard.  Unfortuantely for now they restrict the apps you can install.

But there is a way.  Thanks to this post.  Basically:

  1. Open Twitter, view a tweet with a link to a web page, and click it
  2. Now you have the browser open, point it to the URL of an APK file
  3. Tap the menu icon (near bottom left) -> More -> Downloads to get the download list
  4. Install the app. If you want to install more, press “Done”
  5. Now the app is a first-class citizen app within Bluestacks, yey!

Vector version of Android App on Google Play

It’s always bewildered me why Google doesn’t provide a vector version of the “Available on Google Play” icon, equivalent to the “Available on the App Store” that is a very common sight.

At SXSW this year, I saw people who had blown up their graphics, and the App Store graphic looked beautifully crisp, while the android one looked shit.

Even when Apple re-badged from Google Marketplace to Google Play, they didn’t take the optertunity to provide us with vector graphics.

Fortunately, the community has stepped in where Google has failed, and you can get a lovely vector EPS version of the Android graphic here.

‘ab’ doesn’t work on OS X Lion out of the box

$ ab -n 300 -c 75 http://example.com/
This is ApacheBench, Version 2.3 <$Revision: 655654 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking example.com (be patient)
Send request failed!
Send request failed!
Send request failed!
Send request failed!
Send request failed!
Send request failed!
Send request failed!
Send request failed!
Send request failed!
Send request failed!
Send request failed!
Send request failed!
Send request failed!
apr_socket_recv: Connection reset by peer (54)

Simple fix: Download apache from http://httpd.apache.org/download.cgi#apache24

tar -jxvf httpd-2.4.2.tar.bz2
cd httpd-2.4.2
./configure
make
find . | grep ab
./support/ab

No need to “make install” and mess up your other config – you have the “ab” binary, enjoy.

Google Nexus Factory Images

Are located here: https://developers.google.com/android/nexus/images#yakju

Useful if you use a custom ROM day-to-day but need to switch back to the official ones for some testing.

Using L2TP StrongVPN with Android

ICS Settings

 

Here’s how I setup StrongVPN’s L2TP with Android 4.0 ICS:

Name: <up to you>

Type: L2TP/IPSec PSK

Server Address: <address of server>

IPSec pre-shared key: <shared secret>

Then save this information.

The username & password are entered when you connect for the first time, and can be saved.

Debugging multipart/form-data form requests with Ruby on Rails

I have a rails app which can accept POST API requests using multipart/form-data. We had some trouble however with one client trying to connect, and the POST arguments simply not appearing rails’ params hash.

Here are my steps to debug this issue:

In the application controller, I created a before_filter to print the following debug info:

    puts "***"
    puts params.inspect
    puts request.body.string
    puts "***"

This will print out both all the params ruby parses, and also the request body (to help see what data the app received, and compare it to what was parsed).

I can test the API with the following CURL command, and it works (by works I mean that params[:example] contains the string test.

curl -X POST -F example=test http://localhost:3000/test

My debug text above prints:

***
{"example"=>"test", "controller"=>"users", "action"=>"syndication_tokens", "format"=>"json"}
------------------------------50c34e88eb11
Content-Disposition: form-data; name="example"

test
------------------------------50c34e88eb11--
***

However, the clients don’t use curl. They have to generate these requests themselves. While I’ve proved that the API works – how can I test the client request using curl (thus removing bugs in the client from the equation)? I’ve looked at RFC2046, and the body above is a decent example, and have an idea of how these messages were formatted. My first attempt was to create a text file named test.txt with the following data:

------------------------------4ebf00fbcf09
Content-Disposition: form-data; name="example"

test
------------------------------4ebf00fbcf09--

And call CURL like so:

curl -X POST -H "Content-Type: multipart/form-data; boundary=----------------------------4ebf00fbcf09" -d @test.txt http://localhost:3000/test

However, this does not work in Rails.

Here is what is printed:

***
{"controller"=>"users", "action"=>"syndication_tokens", "format"=>"json"}
------------------------------4ebf00fbcf09Content-Disposition: form-data; name="example"test------------------------------4ebf00fbcf09--
***

It looks like the line breaks are being lost. Considering I’m quite sure that the format of the multipart/form-data message is correct, I wonder if that’s why the data is not being parsed correctly.

There is a useful debug method from the CURL end --trace-ascii output.txt which lets you see what CURL is sending. Lets take a look. I’m just going to show the Send data output. Firstly with the -F approach:

0097: Host: localhost:3000
00ad: Accept: */*
00ba: Content-Length: 146
00cf: Expect: 100-continue
00e5: Content-Type: multipart/form-data; boundary=--------------------
0125: --------2752933cd6dd
013b: 
== Info: Done waiting for 100-continue
=> Send data, 146 bytes (0x92)
0000: ------------------------------2752933cd6dd
002c: Content-Disposition: form-data; name="example"
005c: 
005e: test
0064: ------------------------------2752933cd6dd--

And then the -d @test.txt approach:

0097: Host: localhost:3000
00ad: Accept: */*
00ba: Content-Type: multipart/form-data; boundary=--------------------
00fa: --------4ebf00fbcf09
0110: Content-Length: 136
0125: 
=> Send data, 136 bytes (0x88)
0000: ------------------------------4ebf00fbcf09Content-Disposition: f
0040: orm-data; name="example"test------------------------------4ebf00
0080: fbcf09--
== Info: upload completely sent off: 136 out of 136 bytes

The line breaks are missing from this data as well. Definitely looks like the issue.

From the RFC, I’ve noted that they use CRLF as the line breaks. So I open my test.txt file in an editor which I know and trust for line-break issues (jEdit, instructions here), and convert it to \r\n. However, the issue is the same.

It turns out, that curl will actually munge your file when using -d @test.txt notation. So the solution to this issue is to parse in the text as binary data using --data-binary

Thus, the final answer is: for this to work the HTTP body MUST use CRLF line endings. And, to test this with curl, you MUST use --data-binary instead of plain -d. The final command (where the contents of test.txt are listed above, and the line endings are converted to CRLF) is:

curl -X POST -H "Content-Type: multipart/form-data; boundary=----------------------------4ebf00fbcf09" --data-binary @test.txt http://localhost:3000/test

If you want a one-liner that avoids temporary files, then you can do something like:

curl -X POST -H "Content-Type: multipart/form-data; boundary=----------------------------4ebf00fbcf09" -d $'------------------------------4ebf00fbcf09\r\nContent-Disposition: form-data; name="example"\r\n\r\ntest\r\n------------------------------4ebf00fbcf09--\r\n' http://localhost:3000/test

Regarding the other clients – the important thing when generating the multi-part requests is to use \r\n line endings. I tried variants of test.txt with other line endings, and none of them were parsed correctly by rails (which is correct, as the RFC does call for CRLF).

When you have too many apps in iOS…

iOS behaves oddly when you have more app than fit on the 11 allowed homescreen pages. Additional apps are installed. You can find them by searching. But you can’t see them on the home screen, and thus you can’t delete them.

What’s worse, is that making room on the final home page still doesn’t show these icons.  If you delete/move say 8 apps from the last page you will have 8 gaps. Only when you install a new app (if you’re a dev, e.g. by XCode), will the hidden apps use up the available space.

The Gmail iOS app doesn’t allow saving of attachments

A email client that doesn’t let you save attachments. #fail

Version: 1.1.1