0:00:25
hey ho hey ho welcome back guys to
0:00:28
another session of buildbreaking fix
0:00:34
for today which is
0:00:36
yeah you guessed it the one that's
0:00:44
yeah really good to be back
0:00:47
for another session and um yeah
0:00:50
let's do the acknowledgement of the
0:00:52
and pay our respects to the elders of
0:00:54
the past present and future so here we
0:00:59
i begin today by acknowledging the
0:01:01
traditional custodians of the land on
0:01:03
which we gather today and pay my
0:01:05
respects to the elders past present and
0:01:08
future i extend their respect to
0:01:10
aboriginal and torres strait islander
0:01:16
fantastic that was smoothly done isn't
0:01:20
all right guys um so
0:01:22
in today's so just so you know um tory
0:01:26
won't become uh i mean finish well um
0:01:29
isn't with us anymore sadly yeah but um
0:01:36
let's get the pie popping and have some
0:01:43
good to hear from you
0:01:45
oops that was my burp i just had dinner
0:01:48
a big one and a tasty one
0:01:52
huh and i'm kind of still hungry but i
0:01:55
don't know why i don't want to eat more
0:02:02
um yeah so i guess i'll choose a letter
0:02:05
this time uh which would be l
0:02:21
just a bit of a context on what we did
0:02:24
yesterday so what we did was we went on
0:02:27
a journey to implement um
0:02:31
to save the uh to save the notes uh
0:02:34
they're coming for the websocket into
0:02:39
and um i guess i really hope that story
0:02:42
managed to twist the code if not then we
0:02:46
will have to start from scratch
0:02:51
so let's see how we go over there
0:02:53
all right i'll just share my screen and
0:02:56
let's get it rolling
0:03:02
okay so i'll open up my terminal and
0:03:09
already have the code opened
0:03:22
the code has been saved
0:03:36
hang on so i've already got how many
0:03:42
ah purify that was working on no i don't
0:03:46
need that one don't need that one either
0:03:57
yeah couldn't need this one either
0:04:00
actually how about if we just switch
0:04:05
uh how many branches have we got
0:04:08
let's have a look shall we
0:04:12
bronze so there's that one board
0:04:21
concurrent users yeah that was the one
0:04:24
so we actually we're already on that
0:04:34
yes we are on that one already
0:04:45
yeah okay cool so apparently
0:04:51
the code hasn't been pushed up
0:04:55
let's confirm that
0:05:01
the last major quest no
0:05:09
that's just front and yeah we on the
0:05:13
yep that hasn't been pushed up kill
0:05:17
we will have to start again
0:05:23
from the point where we are
0:05:53
all right record okay
0:05:56
so what we need to do is basically
0:06:13
why am i yawning too much
0:06:31
we have the over here
0:06:35
basically what we need to do
0:06:38
is this is our get message action in it
0:06:44
so we need to dispatch websocket message
0:07:03
dispatches this one action default
0:07:09
um any messages no
0:07:42
so this is not being used
0:07:47
so what we want to do is
0:08:04
save it in that way
0:08:07
so all columns array post board columns
0:08:11
no we don't need that
0:08:13
post patch on notes and save
0:08:24
no we don't need that one
0:08:28
popular board notes map
0:08:33
populate board notes map
0:08:41
knows from db no so this is just
0:08:50
oh my god why am i going that much
0:09:32
um what we need to do is base uh i know
0:09:35
why because i'm feeling really hot
0:09:39
and eventually relaxed and that's where
0:09:42
the sleep is coming in
0:09:46
now binding to focus focus focus all
0:09:53
so the logic that we're gonna basically
0:09:56
use is we're gonna
0:09:58
as in take all the
0:10:01
notes that are on the on the ui add that
0:10:18
gonna require testing offline again
0:10:28
so get messy popular board notes map
0:10:35
dispatch okay that one is there
0:10:55
send a websocket message to
0:11:05
form valid note okay uuid
0:11:32
i guess the first part that we want to
0:11:45
get all the notes from the websocket
0:11:52
or we want to get all the
0:11:55
notes from the ui itself
0:11:57
but how are we gonna determine
0:12:02
which notes as in which ones are those
0:12:46
it's a good support url
0:13:06
so this is basically dispatching
0:13:12
not if that one is board id is undefined
0:13:15
then have the one otherwise have null
0:13:18
then post send the message
0:13:24
jason stringer for dispatch um just
0:13:28
didn't dispatch it
0:13:31
and then send it right
0:13:36
so send the websocket message to api
0:13:42
we want to include
0:13:51
or notes that are coming in
0:14:04
we would have to implement that okay
0:14:30
and it caused in script js
0:14:54
what's the deal for this
0:14:57
uh objective the due date
0:15:00
for this is hopefully this month
0:15:04
but let's see how we go
0:15:19
all right so any cards in script.js
0:15:36
if this is the dispatch websocket
0:15:43
she's just sending the message
0:16:39
suppose notice and save
0:16:43
that's not that one
0:16:56
they will come through here
0:17:02
message okay so this is connecting to
0:17:06
the websocket only
0:17:14
and then this is send some message to
0:17:18
api gateway which in turn sends to all
0:17:23
so i think we would need to do something
0:17:27
then sending the dispatch
0:17:30
and send and then ascending
0:17:35
so basically something
0:17:42
so you wanna do after you send it no i
0:17:46
wanted it before i send the message
0:18:05
so this check was dispatch coming up as
0:18:21
and then probably deploy it oh i'd have
0:18:26
well this isn't going to be
0:18:30
for a long one now
0:18:33
but yeah let's do it
0:19:28
three four zero six zero seven
0:19:55
i want to test something but i don't
0:19:58
want to put this on online
0:20:03
what i might do is put this a hero
0:20:08
hey tory really good to have you mate
0:20:14
something i'm thinking that my work but
0:20:18
i wanna um i don't wanna put put the the
0:20:24
what i'm gonna do is just um basically
0:20:26
call it a day and um continue working on
0:20:31
offline and see how we go but yeah i'll
0:20:36
i'll still be working though
0:20:43
unless you guys say that you won't do
0:20:46
anything that i'm expecting to i'm more
0:20:49
than happy to work
0:20:54
because it is actually slowing down the
0:20:59
slowing down the project
0:21:06
all right yeah i'll
0:21:08
i'll take those out yeah i can go off
0:21:12
work on it cuz i'm not gonna get
0:21:18
yep cool guys so i'll probably call it a
0:21:21
day now and um work on it off
0:21:24
line i really want to see if the if the
0:21:28
actually gone through and the approach
0:21:32
down thinking would work or not so
0:21:35
basically what i want to do is check
0:21:42
what's being sent in the dispatch so
0:21:53
sent here and if if i can
0:21:56
basically um use this
0:22:03
that are coming from the websockets as
0:22:09
see if that if that works
0:22:15
but yeah guys thank you very much for
0:22:17
joining i really appreciate every one of
0:22:29
let's sanitize the backhand
0:22:41
oh okay i i see where you're coming from
0:22:47
yeah i think that's actually a good
0:22:49
point we can focus on the back end and
0:22:51
then when this stream is over i can
0:22:54
basically focus on
0:22:56
this part all right yeah
0:23:02
all right so share my screen
0:23:22
let's do this so the front end has gone
0:23:26
out the window for now
0:23:48
so we need to sanitize
0:23:54
in the back end as well so let's do that
0:23:58
so first of all what we would need
0:24:04
i actually just wanted to give that if
0:24:06
you guys can see my screen
0:24:15
um right honestly at the moment my brain
0:24:28
but yeah let's do this
0:24:55
sanitize text to html node
0:25:01
sanitize my input values in node
0:25:04
yep that's exactly what we want
0:25:10
for most of the framework you can
0:25:14
sanitizing not module right
0:25:17
let's use this one
0:25:20
actually white my own keyplay web
0:25:25
that's knowing the right branch
0:25:30
we need to switch we need to switch the
0:25:34
yeah oh no no no no no no
0:25:39
keep live refactoring saving seminars
0:25:42
maps of integration now
0:25:46
get gambled names cat board name
0:25:52
no okay cool we need to
0:25:55
create another brand
0:26:21
let's do this and now we need to do mpm
0:26:30
actually where is our
0:26:37
so all the packages are you know here
0:26:42
why is the two of these
0:26:45
okay no no one there that depends so you
0:26:49
will probably be on this
0:26:50
one yeah because all of them are here
0:26:54
dev dependence is cool
0:26:58
there and we will do
0:27:11
where did it install
0:27:14
motor added free packages
0:27:18
let me close this and then reopen it
0:27:25
it's anytime not sanitizing
0:27:34
there has to be somewhere here
0:27:38
ah there you go please in here yes
0:27:41
sanitizes independencies
0:27:45
cool so how do we use this just to
0:27:49
wrap the whole project in this sanitizer
0:28:03
wrap the whole project in sanitizer yeah
0:28:07
so i've just done that
0:28:09
wrapped it all in sanitizer
0:28:12
so now what we need to do is basically
0:28:30
and then do a request sanitize here
0:29:00
bomb breakfast as well it doesn't make
0:29:07
says should be listed in the project
0:29:09
dependencies from to inside you know
0:29:13
all right okay so i need to add it in
0:29:25
why is he not picking it up
0:29:31
i scrum right then anyway scramblers api
0:29:43
and then add it there
0:29:49
all right so this one comes here
0:29:58
so now what we need to do is go back to
0:30:09
then what we need to do is
0:30:14
any comments not good
0:30:20
um then what we need to do
0:30:25
use it so how do we use it
0:30:28
uh we use sanitize the value itself
0:30:32
ah so we just basically have to sanitize
0:30:41
so if we go down down down down down
0:30:52
texturing embedded code
0:31:09
ah here we go so we can basically
0:31:13
type one note is object
0:31:34
variable for sanitizer
0:31:37
any comments there no that's brilliant
0:31:51
a positive self-talk always helps
0:31:55
all right cool so um
0:32:00
coming here all the way and then
0:32:04
what we need to do basically
0:32:33
how what was that again
0:32:43
sanitizer and then value
0:32:47
and then the objective name
0:32:50
and then and then it's type i guess
0:32:57
actually i need the sanitizer
0:33:09
and then it would be value
0:33:14
and it would be note
0:33:29
it's an object so i would need to do
0:33:43
space is quite fine have this you
0:33:49
there should be no space before
0:34:07
okay and then we can use
0:34:13
there's no sign choose cost
0:34:27
function parameter
0:34:32
okay say for we did this one equals this
0:34:48
so basically i'm saying that this is
0:34:52
note and then i want to put
0:34:56
nose equals to the notes no no no no i
0:34:59
wanted the other all the way around
0:35:04
equals to sanitize no and then the
0:35:08
reason why i want it in this way is
0:35:12
i don't want to change all these
0:35:15
variables as in these this one this one
0:35:24
notes in the prime parameter here and
0:35:31
and then assign their sanitized
0:35:35
value to this parameter
0:35:39
hopefully uh send actually sanitize
0:35:46
no no that wouldn't make sense
0:36:01
any comments we have
0:36:04
from our lovely viewers no no at the
0:36:13
note that's a that's the strings now
0:36:23
that's how to property or function
0:36:25
parameter that one
0:36:47
is a valid note yeah that is an object
0:36:56
so this would basically be
0:37:27
and then what we basically need to do is
0:37:54
um so the rest of it falls in that way
0:38:09
the valid notes key check the key length
0:38:16
no position that one
0:38:18
twin volts and if not
0:38:29
no left so tap on top
0:38:32
it's not top down return false
0:38:35
check where the check value prop is
0:38:38
valid prop is string
0:38:42
uh opening my report
0:38:48
check if note is valid yeah so this is
0:38:52
just checking if note is valid
0:39:00
so i want to see how is it sanitizing it
0:39:12
so how does it how can i even tell that
0:39:15
if it's sanitizing it
0:39:18
um that then you use in that way yeah
0:39:25
can go through sanitizer if you're using
0:39:27
express then you can validate sanitize
0:39:30
using express metadata
0:39:33
and express sanitize import packages as
0:39:42
we don't want to do then we just want to
0:39:47
so that would come as
0:39:56
you know free yeah yeah yeah for more
0:40:01
over there and validate it's been true
0:40:05
if you're using happy well
0:40:10
if you don't use third point motor and
0:40:33
actually i want to see that the
0:40:35
documentation of it input sanitizing
0:40:42
library's for purpose of center ninja's
0:40:45
input for example we'll show some of the
0:40:48
built-in sanitizers
0:40:51
uh you you can create your custom
0:40:53
sanitizer printer by choosing uh-huh
0:40:56
right so this is testing it which is
0:41:02
so it's expressed oh i expressed that
0:41:04
one request sentence has middleware
0:41:13
and then sending pog
0:41:22
sanitize primitive
0:41:24
object plain objects and there's very
0:41:28
this will remove all keys
0:41:31
from the plain object they're not string
0:41:38
this grip was sanitizing
0:41:49
it's great for sanitizing the object
0:41:56
great presents our object before
0:41:57
inserting the badly
0:42:02
express middleware
0:42:08
request body string
0:42:11
oh this is harder than i thought it
0:42:33
this will remove all the keys from
0:42:36
playing or jump down not string
0:42:42
not string into your booty
0:42:44
this group was sanitizing objects before
0:42:48
so we just want to
0:42:50
sanitize the string that's all
0:42:56
yeah we don't want to touch the header
0:42:58
we want to touch the body
0:43:02
yeah so body string body param string
0:43:15
query string no we don't need the query
0:43:19
actually param string
0:43:26
they're gonna need that
0:43:31
wow okay this is the first time i'm
0:43:46
so usage is in that way
0:44:00
reduce sanitize middleware
0:44:03
and then it's just simply
0:44:07
you just sanitize the middleware
0:44:17
any comments not good
0:44:38
so how do we test this now
0:44:52
so does that mean that
0:44:55
it will prevent it
0:44:59
the user will enter but you won't or you
0:45:02
won't let the user even enter
0:45:08
i'm a bit confused
0:45:10
so sanitize is when
0:45:16
the user enters but they won't be able
0:45:18
to enter because it's been sanitized
0:45:44
real require appears requirement away
0:45:59
so if we check in this one
0:46:03
so we're just sanitizing the note text
0:46:06
that's all we want to do
0:46:10
sanitize no text so once it comes here
0:46:51
when is sane ties in what does it do
0:46:54
basically basically
0:47:01
not allow the user to enter anything
0:47:12
a string here is forever still letting
0:47:14
you want to match third level you want
0:47:22
here's the this and it's hard
0:47:44
this is just an example to show how it
0:47:57
or regular expression right
0:48:06
so basically this is just an example
0:48:13
tell it how will it look like
0:48:18
or regular expression instead of abc one
0:48:22
go through document actually let's go
0:48:25
for the documentation because i'm really
0:48:29
well okay never mind it brought me back
0:48:34
instead no good links for
0:48:54
by the dance and italians for jazz form
0:49:05
once expressed validator
0:49:08
to validate and sanitize
0:49:11
js form it's based on validation and it
0:49:15
use your luggages ready branching create
0:49:19
applied form if i use metadata
0:49:26
then inhale here is use is using credit
0:49:34
that one that one that one which is fine
0:49:59
identify the rules
0:50:01
for input before you write validation
0:50:04
for your human 75 what criteria they
0:50:10
for example you choose your name
0:50:43
add sanitization in this project we use
0:50:46
free sanitization method train escape
0:50:49
and normalize email
0:50:56
here's how we ask sanitization
0:51:05
we are trim escape to check out password
0:51:52
what could go wrong
0:51:56
i haven't get that
0:51:59
i haven't sanitized anything before no
0:52:03
my hands elbow legs
0:52:34
this isn't actually my first time using
0:52:37
this sanitizing thing
0:52:40
where it sanitizes so many times
0:52:44
what's this it says experiments where
0:52:51
it's just science has a tree of dom
0:52:55
removing any unwanted elements
0:53:02
when we basically want to sanitize it
0:53:04
but we would have to tell it what we
0:53:07
wanted to sanitize isn't it
0:53:10
because that's how it would work
0:53:12
sanitize new sanitizer
0:53:19
unsanitized frame tree yet
0:53:23
sanitize the document
0:53:26
tree and update the frame
0:53:38
sanitizing is sanitized
0:53:52
create a hundred plus children
0:54:02
all right guys um i am having a really
0:54:06
focus to be honest i'm gonna probably
0:54:10
call it a day and do some
0:54:23
it has to be tomorrow i can't
0:54:30
waste everyone's time though
0:54:33
yeah thank you very much guys for
0:54:35
joining it is kind of a
0:54:39
yeah a bit of a progress but yeah we
0:54:42
again there and um
0:54:44
yeah we'll come back to it tomorrow um
0:54:48
hopefully there's a lot more progress
0:54:50
there i'm really hoping
0:54:52
actually we're gonna make it happen
0:54:56
wanna see us what how we progress
0:55:02
join us at same time same place and a
0:55:05
different task all right i felt not a
0:55:10
see i'm not even realizing what i'm
0:55:13
talking at the moment but yeah um this
0:55:18
all right guys catch you later have a
