Wrapping Gutenberg Blocks with a div/section/article

I would like to be able to create sections of blocks from within the Gutenberg editor. This way I can apply styles around groups of blocks.

The idea would be to either:

  • Nest one or more blocks within a container div/section/article
  • Add an opening tag before a block or group of blocks and a closing tag afterwards

I have tried adding a ‘Custom HTML’ block before and afterwards with opening/closing tags. This works apart from when revisiting the editor the you’re welcomed with a ‘This block contains unexpected or invalid content’ warning.

How can I achieve this?

Establish a symmetric key: KDF based on shared secret and random salt or key wrapping?

I am designing a basic KMS based on a simple HSM, I only have access to: AES256, SHA256, PBKDF2, HMAC (and combinations like AES256-HMAC-SHA256). The admin and the users of the system have a personal HSM where the keys are stored and it works like this:

  1. The administrator generates a key inside his HSM with PBKDF2 (random salt and random seed)
  2. The HSM of the administrator encrypts the new key using AES-256 with a different symmetric key for each user (the key used for key wrapping was established during the physical initialization of the HSM of the user) and sends it to every user that needs it along with key’s metadata. The whole payload (encrypted key value + key’s metadata) is encrypted another time with AES256 with another unique key for each user.
  3. The payload reaches the user that, thanks to the two symmetric keys previously shared with the admin (during the HSM physical initialization), is able to retrieve the requested key and metadata.

I was thinking about another possible approach that could be better but I am not really sure about it:

  1. The administrator establishes a shared secret common to every user of the system. This secret is stored in every HSM belonging to the users or to the administrator.
  2. When a key must be generated, the administrator computes it with PBKDF2 using the common secret and a random salt.
  3. When a key must be sent to any user, only the salt that was used by the administrator is actually sent to the user. The salt may be encrypted with a pre-shared symmetric key (like the example above) and it is used by every user along with the shared secret to generate again the key.

The first approach has the following problems: I need to send the actual key value, I have to perform two encryptions, the HSM must offer an API to retrieve from its internal flash memory the actual value of a key (as cleartext or ciphertext depending on the choice of the caller, the API can be called only if the administrator is logged in the HSM and it can’t be called if the user is logged).

The second approach has the following problems: the secret is common to all users so if an attacker finds the secret of a single user, he founds the secret of everyone. The HSM must offer an API to retrieve the secret as cleartext from its internal flash memory because the secret must be the same for every user, even for users that are added to the system weeks/months later (again this API is callable only if the administrator is logged in the HSM).

I suppose that the second approach, in principle, could be better because the keys are not actually sent from the administrator to the users. But the secret common to everybody is a problem, moreover I imagine that if an attacker finds out the value of a random salt, he may simply try to compute all possible keys given that salt using PBKDF2 and all possible seeds (because the implementation is open source so he knows that the secret is 32 bytes long and he also has access to the PBKDF2 code).

In conclusion I think that in the real world the first approach is more secure, provided that the login as administrator to the HSM is protected by a very complex PIN and possibly by a second factor (i.e. fingerprint). Do you agree? Any thoughts about other vulnerabilities in my approach?

Parent class wrapping child method

I have this Worker classes doing some job

class WorkerOne implements IWorker {     @Override     public doWork(Resource resource){      // do some work     } } 

I want all doWork() methods to be wrapped by the same operation.

Currently it is done by sub-classing Worker classes from abstract class like this:

abstract class WorkWrapper implements IWorker {     @Override     public doBetterWork(){        Resource resource = // ...        doWork(resource)        reource.close();     } }   class WorkerOne extends WorkWrapper {      protected doWork(Resource resource){      // do some work     } } 

and being invoked by

WorkerOne worker = new WorkerOne(); worker.doBetterWork(); 

I don’t like this inheritance solution since its not actually ‘is-a’ relationship, and would appreciate your help for better solution.

Non-testable class wrapping Java Properties with basic logic

I written simple java.util.Properties wrapping class. Unfortunatelly in my opinion it isn’t testable at the moment and I don’t have any great idea, how to improve it. I could use PowerMockito to change properties after loading or add setter for them or inject some class that provides properties, but I don’t like any of that. I would like to avoid exposing properties by making it public or by getter/setter.

My application details:

  • Spring boot
  • my class is injected by @Bean mechanic
  • CONF_FILE_NAME contains key=value formatted properies with names same as in Keys subclass.

I would like to unit-test logic in this class (both public method) without relying on values in file.

My class:

package pl.myapp;  imports ...  public class PropertiesManager  {     private final String secretToken = "SECRET";      public final class Keys      {         public final static String KEY1 = "VALUE1";         public final static String KEY2 = "VALUE2";     }      private static final Logger logger = LogManager.getLogger(PropertiesManager.class);     private final String CONF_FILE_NAME = "conf_file.conf";      private Properties properties;      public PropertiesManager() throws IOException     {         logger.info("Looking for configuration file " + CONF_FILE_NAME + " in directory:" + System.getProperty("user.dir")); //          properties = new Properties();         InputStream in = new FileInputStream(CONF_FILE_NAME); // not finding properties is program-breaking so I allow this exception to propagate         properties.load(in);     }      public String getProperty(String name)     {         String property = properties.getProperty(name);         if (property == null) {             logger.warn("Property " + name + " not found in properties file");         }         return property;     }      public HashMap<String, String> getAllPublicProperties()     {         HashMap<String, String> map = new HashMap<>();           properties.keySet().stream().map(f -> (String)f).filter(f -> !f.contains(secretToken)).forEach(f -> map.put(f, properties.getProperty(f)));         return map;     } }  

Truncation vs. Wrapping text when designing for responsive page for multiple devices – which is better?

For a ready only form that is also designed to be responsive, some fields are long and some short. Currently, the default behavior is truncating long fields based on the space constraint. And on hover, tooltip kicks in to read the truncated text.

How does this work with tablets or mobile devices where there is no hover over tooltips or alt tags for these responsive pages?

I would think of using wrapping instead of truncation, but this results in pushing down the content and making a long form even longer.

So, are there best practices or rules on how to deal with long text that does not fit a space?

Is wrapping Selenium WebDriver Methods makes it asynchronous?

As I know async/await keywords convert in simple words in task.ContinueWith("All code after await operator") with AsyncStateMachine and so on. But I don’t know details in what level calling thread returns callback to the thread pull. For example File.ReadAllBytesAsync() return from the method when roughly the file driver starts to process task. But, if I wrap _driver.Navigate().GoToUrl("..."); like Task.Run(() => _driver.Navigate().GoToUrl("...")) and awaiting it on the caller side? Is it make it asynchronous, or when some thread will process lambda (() => _driver.Navigate().GoToUrl("...")) it will be blocked any way?

What internet browsers are able to provide text wrapping (fitting the screen) when zooming (beside Opera)?

I am not sure I am using the proper terms, therefore I will exemplify them with screenshots. Please help me improve my terminology if I am wrong.

(I’m not sure Browser which always allows scale/zoom? is about the same topic, as I don’t grasp the meaning of terms like ” viewport metatag parameters user-scalable” and “meta viewport tag”.)

Taking a Wikipedia page:

enter image description here

Simply zooming it – whether with forced zoom enabled or not – would give this (like in Chrome), where the font size appears larger but the text body is not seen in its entirety, as it doesn’t fit the screen:

enter image description here

while what I would like to see would be this – what I call text fit or text wrap, where the font is enlarged without losing the entirety of the text body, which in this case fits the screen:

enter image description here

I know this is available in Opera. I would like to know what other browsers have this feature.

Design pattern for wrapping multiple apis into single api

I have 3 different libraries that provide depth data as well as gesture information. I need to wrap these libraries into a single simpler to use for user api. The apis I am trying to wrap provide a set of utilities as well as information that are not equal. The core data such as depth images or color images are provided but tracking can have different method or amount of information provided may differ. For example, one api provides a list of hands being detected and each hand has internally an orientation info(l/r). Another api provides l/r hand objects with NULL if not found and info if found.

I need to wrap these apis into a single api in the same language(c++) that allows user to have to write way less code to get the core functionalities. Is there a pattern that provides best-practices for such a task? Or any examples in industry that do something similar? I understand that single tight-knit apis are better than a large api, but for my current use-case, a large api makes sense, so I need to do that.

Best Practice – Wrapping if around function call vs Adding early exit if guard in function

I know this can be very use-case specific, but I find myself wondering this far too often. Is there a generally preferred syntax.

I’m not asking what is the best approach when in a function, I am asking should I exit early or should I just not call the function.

Wrap if around function call

 if (shouldThisRun) {   runFunction(); }  

Have if (guard) in function

runFunction() {   if (!shouldThisRun) return; } 

The latter option obviously has the potential to reduce code duplication if this function is called multiple times, but sometimes it feels wrong to add it in here as then you may be losing the purity of the function.

Heres an example

If I have an updateStatus() function that simply updates the status of something. I only want the status updated iff the status has changed. I know the places in my code where the status has the potential to change, and I know other places where it defiantly has changed.

I’m not sure if its just me but it feels somewhat dirty to check this inside function as I want to keep this function as pure as possible – if I call it I expect the status to be updated. But I can’t tell whether it’s any better to wrap the call in a check the few places where I know it has the potential to not have changed.

Wrapping fetch(), preserve promise-based API for outer function

One of my react component’s methods is using an async fetch() internally. After fetching the response from the server, it is being converted to JSON, then I perform a check on that JSON string. Finally, I return the result wrapped in a new promise. Here is the code:

fetchCalendarData(offset, length) {     return fetch(this.props.Uri + '?offset=' + offset + '&length=' + length)     .then(response => response.json())     .then((result) => {         if (result.hasOwnProperty('redirect_to_login') && result.redirect_to_login == true) {             window.location.reload(window.globalAppState.base_url + "/login");         }         return Promise.resolve(result);     })     .catch(() => {         return Promise.reject('FAILURE');     }); } 

When I call the method, I do it like this:

this.fetchCalendarData(0, 6).then((fetched_calendar_data) => {     this.calendar_data = fetched_calendar_data; }); 

The code works, but I am not familiar with promise based flow at all, and those 3 return statements look a little weird to me. I also read about the promise constructor antipattern but am not sure if that applies here. And, is it necessary to return the result wrapped in a new promise, at all?