Monthly Archive for August, 2008

XP Pen graphic tablet

Published on August 25, 2008 in lifestyle. 538 Comments Tags: , , .

Update: I’ve done some exten­sive research and this graphic tablet DOES NOT work in Win­dows Vista. The Vista driver in the offi­cial home­page doesn’t work, and I see no signs from the vendor updat­ing it. Con­sid­er­ing all P-ACTIVE tablets use the same driver, I’d advice against any Vista user to buy from them :p

Update #2: After some time, I acci­den­tally got this tablet work­ing again in Vista. The prob­lem seem to be related to wisptis.exe. If you don’t see this run­ning in your tasklist, try Win + R -> wisptis. I did this before I installed the offi­cial Vista driver. It worked fine as a point­ing device (with­out pres­sure detec­tion), then I installed the offi­cial driver and voilia! It worked like a charm!

After all these years of comptem­plat­ing, yes­ter­day I finally bought the my P-Active XP Pen graphic tablet:

Played around with it for a while. It was not as dif­fi­cult to pick up as I thought. Here’s a quick sketch I did after like 10 min­utes of practice:

Pretty fun to play with, not bad for around $500 HKD 🙂

let the Web browser “remember” HTTP authentication credentials using AJAX – the correct way vs. the wrong way

Published on August 25, 2008 in geek stuffs. Closed Tags: , , .

Under nor­mally cir­cum­stances, if you request an HTTP pro­tected resource with your Web browser, the server would return 401 Unau­tho­rized and an popup would appear to ask you for the cor­rect credentials:

That doesn’t look too Web 2.0-ish. Cur­rently there is way to work around this using an AJAX request first (there’s an arti­cle that dis­cusses the spe­cific tech­nique used). That way, the browser would “remember” the Autho­riza­tion header used in the pre­vi­ous AJAX request, so when the user requests another pro­tected resource in the same domain, the browser would also try to include the pre­vi­ously used Autho­riza­tion header.

How­ever, I couldn’t get it to work.

It turns out that the dif­fer­ence between my approach and the approach used in the arti­cle above is this:

// My way (doesn't work) var xhr = new XMLHttpRequest; xhr.open ( 'GET', '/url/to/resource', false ); xhr.setRequestHeader ( "Authorization", "Basic " + Base64.encode ( username, password ) ); xhr.send ( null ); // The working way var xhr = new XMLHttpRequest; xhr.open ( 'GET', '/url/to/resource', false, username, password ); xhr.send ( null );

Unbe­known to me was the fact that the 4th and 5th para­me­ter of XMLHttpRequest.open() could be used to spec­ify the user­name and pass­word for the request.

Appar­ently, the browser doesn’t remem­ber the cre­den­tials if I call XMLHttpRequest.setRequestHeader directly.

Note: All these have only been tested to work with MSIE/Firefox. Opera for instance, doesn’t seem to remem­ber the cre­den­tials no matter what I tried – it would still pop up an autho­riza­tion box when the user request a pro­tected resource.