Relate to https://stackoverflow.com/a/7086621

Response must be in Head and remains in Head:

1. res.writeContinue()
2. res.statusCode = 404
3. res.setHeader(name, value)
4. res.getHeader(name)
5. res.removeHeader(name)
6. res.header(key[, val]) (Express only)
7. res.charset = 'utf-8' (Express only; only affects Express-specific methods)
8. res.contentType(type) (Express only)

Response must be in Head and becomes Body:

1. res.writeHead(statusCode, [reasonPhrase], [headers])

Response can be in either Head/Body and remains in Body:

1. res.write(chunk, encoding='utf8')

Response can be in either Head/Body and becomes Finished:

1. res.end([data], [encoding])

Response can be in either Head/Body and remains in its current state:

1. res.addTrailers(headers)

Response must be in Head and becomes Finished:

1. return next([err]) (Connect/Express only)
2. Any exceptions within middleware function(req, res, next) (Connect/Express only)
3. res.send(body|status[, headers|status[, status]]) (Express only)
4. res.attachment(filename) (Express only)
5. res.sendfile(path[, options[, callback]]) (Express only)
6. res.json(obj[, headers|status[, status]]) (Express only)
7. res.redirect(url[, status]) (Express only)
8. res.cookie(name, val[, options]) (Express only)
9. res.clearCookie(name[, options]) (Express only)
10. res.render(view[, options[, fn]]) (Express only)
11. res.partial(view[, options]) (Express only)

Cookie 是由 Set-Cookie: NAME=VALUE; Expires=DATE; Path=PATH; Domain=DOMAIN_NAME;SECURE 组成

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The SameSite attribute of the Set-Cookie HTTP response header allows you to declare if your cookie should be restricted to a first-party or same-site context.

Note: Standards related to the Cookie SameSite attribute recently changed such that:

• The cookie-sending behavior if SameSite is not specified is SameSite=Lax. Previously the default was that cookies were sent for all requests.
• Cookies with SameSite=None must now also specify the Secure attribute (they require a secure context/HTTPS).
• Cookies from the same domain are no longer considered to be from the same site if sent using a different scheme (http: or https:).

The SameSite attribute accepts three values:

• Lax

Cookies are not sent on normal cross-site subrequests (for example to load images or frames into a third party site), but are sent when a user is navigating to the origin site (i.e., when following a link).

This is the default cookie value if SameSite has not been explicitly specified in recent browser versions (see the "SameSite: Defaults to Lax" feature in the Browser Compatibility).

Note: Lax replaced None as the default value in order to ensure that users have reasonably robust defense against some classes of cross-site request forgery (CSRF) attacks.

• Strict

Cookies will only be sent in a first-party context and not be sent along with requests initiated by third party websites.

• None

Cookies will be sent in all contexts, i.e. in responses to both first-party and cross-origin requests. If SameSite=None is set, the cookie Secure attribute must also be set (or the cookie will be blocked).

Warnings like the ones below might appear in your console:

Cookie "myCookie" rejected because it has the "SameSite=None" attribute but is missing the "secure" attribute.

This Set-Cookie was blocked because it had the "SameSite=None" attribute but did not have the "Secure" attribute, which is required in order to use "SameSite=None".

The warning appears because any cookie that requests SameSite=None but is not marked Secure will be rejected.

Set-Cookie: flavor=choco; SameSite=None

Copy to Clipboard

To fix this, you will have to add the Secure attribute to your SameSite=None cookies.

Set-Cookie: flavor=choco; SameSite=None; Secure

Copy to Clipboard

A Secure cookie is only sent to the server with an encrypted request over the HTTPS protocol. Note that insecure sites (http:) can't set cookies with the Secure directive.

Note: On older browser versions you might get a warning that the cookie will be blocked in future. For example:

Cookie myCookie will be soon rejected because it has the SameSite attribute set to None or an invalid value, without the secure attribute.

Recent versions of modern browsers provide a more secure default for SameSite to your cookies and so the following message might appear in your console:

Cookie "myCookie" has "SameSite" policy set to "Lax" because it is missing a "SameSite" attribute, and "SameSite=Lax" is the default value for this attribute.

The warning appears because the SameSite policy for a cookie was not explicitly specified:

Set-Cookie: flavor=choco

Copy to Clipboard

You should explicitly communicate the intended SameSite policy for your cookie (rather than relying on browsers to apply SameSite=Lax automatically). This will also improve the experience across browsers as not all of them default to Lax yet.

Set-Cookie: flavor=choco; SameSite=Lax

For IT professionals, the seven layers refer to the Open Systems Interconnection (OSI) model, a conceptual framework that describes the functions of a networking or telecommunication system.

To further our bean dip analogy, the Application Layer is the one at the top - it’s what most users see. In the OSI model, this is the layer that is the “closest to the end user”. Applications that work at Layer 7 are the ones that users interact with directly. A web browser (Google Chrome, Firefox, Safari, etc.) or other app - Skype, Outlook, Office - are examples of Layer 7 applications.

• 它是计算机用户，以及各种应用程序和网络之间的接口，其功能是直接向用户提供服务，完成用户希望在网络上完成的各种工作。
• 应用层为用户提供的服务和协议有：文件服务、目录服务、文件传输服务（FTP）、远程登录服务（Telnet）、电子邮件服务（E-mail）、打印服务、安全服务、网络管理服务、数据库服务等
• 应用层向最终用户应用程序提供网络服务。网络服务通常是处理用户数据的协议。例如，在Web浏览器应用程序中，应用程序层协议HTTP打包了发送和接收网页内容所需的数据。该层7将数据提供给表示层（并从中获得数据）。

The Presentation Layer represents the area that is independent of data representation at the application layer. In general, it represents the preparation or translation of application format to network format, or from network formatting to application format. In other words, the layer “presents” data for the application or the network. A good example of this is encryption and decryption of data for secure transmission - this happens at Layer 6.

• 它对来自应用层的命令和数据进行解释，对各种语法赋予相应的含义，并按照一定的格式传送给会话层。其主要功能是“处理用户信息的表示问题，如：数据格式处理、数据的编码、压缩和解压缩、加密和解密。
• 表示层是所有OSI模型中最简单的功能。

When two devices, computers or servers need to “speak” with one another, a session needs to be created, and this is done at the Session Layer. Functions at this layer involve setup, coordination (how long should a system wait for a response, for example) and termination between the applications at each end of the session.

• 负责连接，建立和断开连接的时机，数据的发送顺序

The Transport Layer deals with the coordination of the data transfer between end systems and hosts. How much data to send, at what rate, where it goes, etc. The best known example of the Transport Layer is the Transmission Control Protocol (TCP), which is built on top of the Internet Protocol (IP), commonly known as TCP/IP. TCP and UDP port numbers work at Layer 4, while IP addresses work at Layer 3, the Network Layer.

• 负责连接的建立和断开和数据的传输，并保证数据的可靠性（数据不丢失）和完整性（数据不缺失）和正确性（顺序不混乱）
• 传输的数据单位是段segment
• 传输层通过网络连接传递数据。TCP是传输第4层网络协议的最常见示例。 不同的传输协议可能支持一系列可选功能，包括错误恢复，流控制以及对重传的支持。

Here at the Network Layer is where you’ll find most of the router functionality that most networking professionals care about and love. In its most basic sense, this layer is responsible for packet forwarding, including routing through different routers. You might know that your Boston computer wants to connect to a server in California, but there are millions of different paths to take. Routers at this layer help do this efficiently.

• 选择合适的路径将数据发送到目标地址（ip地址）
• 传输的是数据包
• 网络层在数据链路层之上添加了路由的概念。当数据到达网络层时，将检查每个帧内包含的源地址和目标地址，以确定数据是否已到达其最终目标。如果数据已到达最终目的地，则此第3层将数据格式化为传递到传输层的数据包。否则，网络层将更新目标地址，并将帧向下推至较低层。 为了支持路由，网络层维护逻辑地址，例如 网络上设备的IP地址。网络层还管理这些逻辑地址和物理地址之间的映射。在IP网络中，此映射是通过地址解析协议（ARP）完成的。

数据链路层和网络层的共同点和区别：

1、都是基于目标地址将数据发给接收端，但网络层是ip地址，数据链路层是mac地址。网络层发送的整个数据，数据链路层发送的是数据的一个分段

The Data Link Layer provides node-to-node data transfer (between two directly connected nodes), and also handles error correction from the physical layer. Two sublayers exist here as well - the Media Access Control (MAC) layer and the Logical Link Control (LLC) layer. In the networking world, most switches operate at Layer 2.

• 设备： 网卡
• 负责建立和管理节点间的链路（mac地址）
• 传输的是frame数据帧
• 从物理层获取数据时，数据链路层会检查物理传输错误，并将位打包到数据“帧”中。数据链路层还管理物理寻址方案，例如用于以太网的MAC地址，控制任何各种网络设备对物理介质的访问。因为数据链路层是OSI模型中最复杂的单个层，所以它通常分为两部分：媒体访问控制子层和逻辑链路控制子层

At the bottom of our OSI bean dip we have the Physical Layer, which represents the electrical and physical representation of the system. This can include everything from the cable type, radio frequency link (as in an 802.11 wireless systems), as well as the layout of pins, voltages and other physical requirements. When a networking problem occurs, many networking pros go right to the physical layer to check that all of the cables are properly connected and that the power plug hasn’t been pulled from the router, switch or computer, for example.

• 传输介质： 网线电缆、集线器、光纤、还有无线信道。
• 传输的是比特流，单位是bit比特位（本质上是0、1高低电平）。
• 在物理层，使用物理介质支持的信号类型来传输数据：电压，射频或红外或普通光脉冲。

& 的意思是在后台运行，什么意思呢？意思是说，当你在执行 ./a.out & 的时候，即使你用 ctrl C, 那么 a.out 照样运行（因为对 SIGINT 信号免疫）。但是要注意， 如果你直接关掉 shell 后， 那么，a.out 进程同样消失。可见， & 的后台并不硬（因为对 SIGHUP 信号不免疫）。

nohup 的意思是忽略 SIGHUP 信号，所以当运行 nohup ./a.out 的时候，关闭 shell, 那么 a.out 进程还是存在的（对 SIGHUP 信号免疫）。但是，要注意，如果你直接在 shell 中用 Ctrl C，那么，a.out 进程也是会消失的（因为对 SIGINT 信号不免疫）

所以，& 和 nohup 没有半毛钱的关系，要让进程真正不受 shell 中 Ctrl C 和 shell 关闭的影响， 那该怎么办呢？那就用 nohup ./a.out & 吧， 两全其美。

• > 代表override
• >> 代表append

• 可以将 /dev/null 看作"黑洞"。 它非常等价于一个只写文件，所有写入它的内容都会永远丢失。而尝试从它那儿读取内容则什么也读不到。然而，/dev/null 对命令行和脚本都非常的有用。

用处:

• 禁止标准输出 command 1>/dev/null stdout 被遗弃
• 禁止标准错误 command 2>/dev/null stderr 被遗弃

解读 1>/dev/null 2>&1 分为两部分

• 1 表示stdout标准输出，系统默认值是1，所以
  • command>/dev/null 等同于 command 1>/dev/null
  • command 1>/dev/null 2>&1 等同于 command>/dev/null 2>&1
• 2 表示stderr标准错误
• & 表示等同于的意思，2>&1，表示2的输出重定向等同于1

Relate to https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

A simple request is one that meets all the following conditions:

• One of the allowed methods:
  • GET
  • HEAD
  • POST
• Apart from the headers automatically set by the user agent (for example, Connection, User-Agent, or the other headers defined in the Fetch spec as a forbidden header name), the only headers which are allowed to be manually set are those which the Fetch spec defines as a CORS-safelisted request-header, which are:
  • Accept
  • Accept-Language
  • Content-Language
  • Content-Type
• The only type/subtype combinations allowed for the media type specified in the Content-Type header are:
  • application/x-www-form-urlencoded
  • multipart/form-data
  • text/plain
• If the request is made using an XMLHttpRequest object, no event listeners are registered on the object returned by the XMLHttpRequest.upload property used in the request; that is, given an XMLHttpRequest instance xhr, no code has called xhr.upload.addEventListener() to add an event listener to monitor the upload.
• No ReadableStream object is used in the request.

一些 ES6 新加的特性。

Relate to https://exploringjs.com/es6/ch_tail-calls.html

Roughly, whenever the last thing a function does is to call another function then the latter does not need to return to its caller. As a consequence, no information needs to be stored on the call stack and the function call is more of a goto (a jump). This kind of call is named tail call; not growing the stack is named tail call optimization (TCO).

Let’s look at an example to better understand TCO. I’ll first explain how it is executed without TCO and then with TCO.

file location ~/.ssh/config
file template is below

bash
Copy Code
1
2
3
4
5
Host github.com
    HostName github.com
    User git
    Port 22
    IdentityFile ~/.ssh/private_key

use command ssh-keygen

1. Append the content of xxx.pub into ~/.ssh/authorized_keys file on the server-side.
2. Change the permission of the ~/.ssh/authorized_keys file.

   bash
   Copy Code
   1
   2
   cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
   chmod 600 ~/.ssh/authorized_keys

1. Edit /etc/ssh/sshd_config in server, PasswordAuthentication no.

   bash
   Copy Code
   1
   PasswordAuthentication no

2. Add this configuration PubkeyAuthentication yes in /etc/ssh/sshd_config.

   bash
   Copy Code
   1
   PubkeyAuthentication yes

3. To enable the change, restart SSH daemon with this command systemctl restart sshd.

• 修改ssh设置
• vim ~/.ssh/config

  bash
  Copy Code
  1
  ServerAliveInterval 60

shell
Copy Code
1
ssh -L [LOCAL_IP:]LOCAL_PORT:DESTINATION:DESTINATION_PORT [USER@]SSH_SERVER

参数说明：

• [LOCAL_IP:]LOCAL_PORT - 本地 IP 和端口号，LOCAL_IP 默认是 localhost。
• DESTINATION:DESTINATION_PORT - 目标机器的 IP 地址和端口号。
• [USER@]SERVER_IP - 远程 SSH 地址和登录用户。

案例：

使用本地地址 127.0.0.1:58211 连接远程的数据库 127.0.0.1:58211

bash
Copy Code
1
ssh -L 58211:127.0.0.1:58211 user@remote-server

1. Check if the Hyper-V Windows feature is installed
2. Create a new VM for Windows 11
   • Specify Generation choose Generation 2
   • After the VM is created, start VM. Will get boot fail error!
   • Turn off VM.
   • Then right click on it and go to Settings, Open Security tab and make sure Enable Secure Boot are not selected and Enable Trusted Platform Module are selected.
   • Connect to VM, then you can install Win11.

英文版的 win11 默认渲染中文会使用日文，导致文字变形，需要一些额外的设置来让文字显示正常。

打开 Settings -> Time & language -> Related settings -> Administrative language settings -> Administrative Tab -> Change system locale -> Current system locale Chinese (Simplified, China)

• Run belong script with administrator privilege.

powershell
Copy Code
1
2
3
4
5
6
7
8
9
$vm = "virtual machine name"

Add-VMGpuPartitionAdapter -VMName $vm

Set-VMGpuPartitionAdapter -VMName $vm -MinPartitionVRAM 80000000 -MaxPartitionVRAM 100000000 -OptimalPartitionVRAM 100000000 -MinPartitionEncode 80000000 -MaxPartitionEncode 100000000 -OptimalPartitionEncode 100000000 -MinPartitionDecode 80000000 -MaxPartitionDecode 100000000 -OptimalPartitionDecode 100000000 -MinPartitionCompute 80000000 -MaxPartitionCompute 100000000 -OptimalPartitionCompute 100000000

Set-VM -GuestControlledCacheTypes $true -VMName $vm
Set-VM -LowMemoryMappedIoSpace 1Gb -VMName $vm
Set-VM -HighMemoryMappedIoSpace 32GB -VMName $vm

• Copy Host machine C:\Windows\System32\DriverStore\FileRepository\ to Virtual machine C:\Windows\System32\HostDriverStore\FileRepository\.
• Copy Host machine C:\Windows\System32\nvapi64.dll to Virtual machine same path.
• Press Win + R and type dxdiag to check.

1. Press Win + R and type gpedit.msc.
2. Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Remote Session Environment
   • Select it, then double click Use hardware graphics adapters for all Remote Desktop Services sessions and edit value to Enabled.

Settings Location: Settings -> Time & language -> Language & region -> Language tab -> Chinese (Simplified, China) -> Language options -> Keyboards -> Microsoft Pinyin -> Keyboard options -> Keys -> Mode Switch -> ...

1. Ctrl + Space Chinese/English mode switch
2. Ctrl + Shift + F Simplified/Traditional Chinese input switch

关于 css 小细节的集合:

word-break: normal | break-all | keep-all | break-word
overflow-wrap: normal | break-word | anywhere

In contrast to word-break, overflow-wrap will only create a break if an entire word cannot be placed on its own line without overflowing.

最近遇到的一个问题，首页的文章列表使用了未知颜色的图片做背景，想在上面显示标题和日期，遇到的问题就是颜色重合导致看不清文字。

其实使用 mix-blend-mode: difference 可以尝试去解决，但是我当时并没有意识到。

• ps: 估计效果不太好因为颜色太斑驳。

当时的解决办法是在角落加了一个：半透明的的黑色背景，然后再显示文字，当然效果也不差。

可以下载 69版本 的。

2022-03-12的时候按时间排序下载最上面的文件，当然这个是给 斐讯N1 使用的。
解压之后里面的内容

Etcher 是一款帮助用户快速将镜像文件刻录到 USB 驱动器或 SD 卡的工具软件， 并且可以在 Windows、macOS 和主流 Linux 版本等多种操作系统中使用。

1. 准备一个空 U 盘，下载 Etcher 并打开。
2. 打开上一步骤解压后的文件，选中 .img 后缀的文件。
3. 选择要刻录的 U 盘，点击 Flash! 按钮。

到此一个带 OpenWrt 的 U 盘就制作好了。

1. 下载 N1 傻瓜包
2. 把 U 盘插入 N1 中，然后开机 很重要的一点 我买的是 yyf 系统的 N1 好像原版 N1 需要降级，但是好像没有原版系统卖基本上
3. 点开傻瓜包里面的 U盘启动.BAT
4. 然后等重启了，插上网线。 OpenWrt 的管理界面是 192.168.1.1, 可能和路由器冲突哦，可以拔掉网线连 N1 的Wifi。

1. ### Chrome in iOS, history.pushState will casue bottom toolbar to disappear.

   https://github.com/powerfulyang/powerfulyang.com/issues/23
   So don't use history.pushState.

2. ### How to disable overflow-x scroolbar in monaco-editor?

   https://github.com/powerfulyang/powerfulyang.com/issues/28
   options => wordWrap: 'on'

3. ### Safari don't send browser cookies during a 302 redirect

   https://github.com/powerfulyang/api.powerfulyang.com/issues/46 https://developer.apple.com/forums/thread/113892
   Safari executes redirect before reading all headers, set-cookie did after redirect. In iOS 15.3.1, set-cookie did behind redirect.

4. ### Nest.js, Error: Can't set headers after they are sent to the client

   https://github.com/powerfulyang/api.powerfulyang.com/issues/50 https://powerfulyang.com/post/40

5. ### Click to edit should ensure it exist.
   Before go to edit page, ensure item exist to prevent crash.

6. ### OpenWrt can't resovle domain DNS to Local Area Network，LAN.
   Uncheck Network => DCHP and DNS => General Settings => Rebind protection

7. ### NestJS Request Lifecycle.

   https://docs.nestjs.com/faq/request-lifecycle

   In general, the request lifecycle looks like the following:

   1. Incoming request
   2. Globally bound middleware
   3. Module bound middleware
   4. Global guards
   5. Controller guards
   6. Route guards
   7. Global interceptors (pre-controller)
   8. Controller interceptors (pre-controller)
   9. Route interceptors (pre-controller)
   10. Global pipes
   11. Controller pipes
   12. Route pipes
   13. Route parameter pipes
   14. Controller (method handler)
   15. Service (if exists)
   16. Route interceptor (post-request)
   17. Controller interceptor (post-request)
   18. Global interceptor (post-request)
   19. Exception filters (route, then controller, then global)
   20. Server response

8. ### Why have typescript property decorators stopped working after an upgrade?

   https://stackoverflow.com/questions/68941453/why-have-typescript-property-decorators-stopped-working-after-an-upgrade

   The fix for TypeScript property decorators breaking when you upgrade TypeScript is to add "useDefineForClassFields": false to your tsconfig.json.

• command + shift + f

鸽了

2022年，这个用起来已经很简单了吧

2022年夏天了，怎么还多了个 swc

• Windows ipconfig /flushdns
• 其余的暂时还没用到 macOS, CentOS

• 清空无用的 images docker image prune -a

下面的命令仅测试过 linux
netstat -tunlp

• -t (tcp) 仅显示tcp相关选项
• -u (udp) 仅显示udp相关选项
• -n 拒绝显示别名，能显示数字的全部转化为数字
• -l 仅列出在Listen(监听)的服务状态
• -p 显示建立相关链接的程序名

也是只在 linux 使用
traceroute [-n] -T -p [$Port] [$Host]

• -n：直接使用IP地址而非主机名称（禁用DNS反查）。
• -T：通过TCP探测。
• -p：设置探测的端口号。
• [$Port]：需要探测的端口号，比如80。
• [$Host]：需要探测的目标服务器地址，比如 10.10.1.1。

相关 Windows 下使用 tracecert

• 可以使用head（查看前几行）、tail（查看末尾几行）两个命令。
  查看/etc/profile的前10行内容，应该是： head -n 10 /etc/profile
  查看/etc/profile的最后5行内容，应该是： tail -n 5 /etc/profile
  注意:

  • tail -n 1000 显示最后1000行
  • tail -n +1000 从1000行开始显示，显示1000行以后的
  • head -n 1000 显示前面1000行

• sed 命令
  sed -n '5,10p' filename 这样你就可以只查看文件的第5行到第10行。

• 使用 df -k 命令以千字节为单位显示磁盘空间信息。
  • -k 表示 kb
  • -m 表示 mb
  • -g 表示 gb

shell
Copy Code
1
2
3
df -k
Filesystem            kbytes    used   avail capacity  Mounted on
/dev/dsk/c0t3d0s0     192807   40231  133296    24%    /

• 其中每列的含义

  字段名	说明
  kbytes	文件系统中可用空间的总大小
  used	已用空间
  avail	可用空间
  capacity	已用空间百分比
  mounted on	挂载点

example: drwxrwxrwx
第一位代表文件类型，有两个数值：“d”和“-”，“d”代表目录，“-”代表非目录。
后面9位可以拆分为3组来看，分别对应不同用户，2-4位代表所有者 user 的权限说明，5-7位代表组群 group 的权限说明，8-10位代表其他人 other 的权限说明。
r 代表可读权限，w 代表可写权限，x 代表可执行权限。
drwxrwxrwx 表示所有用户都对这个目录有可读可写可执行权限。

• u 代表所有者 (user)-The Owner permissions apply only the owner of the file or directory, they will not impact the actions of other users.
• g 代表所有者所在的组和群 (group)-The Group permissions apply only to the group that has been assigned to the file or directory, they will not effect the actions of other users.
• o 代表其他人但不是 u 和 g(other)
• a 代表全部人 - The All Users permissions apply to all other users on the system, this is the permission group that you want to watch the most.

• read – The Read permission refers to a user’s capability to read the contents of the file.
• write – The Write permissions refer to a user’s capability to write or modify a file or directory.
• execute – The Execute permission affects a user’s capability to execute a file or view the contents of a directory.

• _ – no special permissions
• d – directory
• l – The file or directory is a symbolic link
• s – This indicated the setuid/setgid permissions. This is not set displayed in the special permission part of the permissions display, but is represented as a s in the read portion of the owner or group permissions.
• t – This indicates the sticky bit permissions. This is not set displayed in the special permission part of the permissions display, but is represented as a t in the executable portion of the all users permissions

r,w,x 可以用数字表示 r=0x100 w=0x10 x=0x1

• rw------- (600) 只有所有者才有读和写的权限
• rw-r–r-- (644) 只有所有者才有读和写的权限，组群和其他人只有读的权限
• rwx------ (700) 只有所有者才有读，写，执行的权限
• rwxr-xr-x (755) 只有所有者才有读，写，执行的权限，组群和其他人只有读和执行的权限
• rwx–x--x (711) 只有所有者才有读，写，执行的权限，组群和其他人只有执行的权限
• rw-rw-rw- (666) 每个人都有读写的权限

The potential Assignment Operators are + (plus) and – (minus); these are used to tell the system whether to add or remove the specific permissions.
use command chmod to modify permissions;

• To make this modification you would invoke the command: chmod a-rw file1
• To add the permissions above you would invoke the command: chmod a+rw file1
• You use the chown command to change owner and group assignments, the syntax is simple chown owner:group filename, so to change the owner of file1 to user1 and the group to family you would enter chown user1:family file1.

下载地址：https://nodejs.org/zh-cn/

css units

The numeric type you will come across most frequently is <length>. For example 10px (pixels) or 30em. There are two types of lengths used in CSS — relative and absolute. It's important to know the difference in order to understand how big things will become.

The following are all absolute length units — they are not relative to anything else, and are generally considered to always be the same size.

Most of these units are more useful when used for print, rather than screen output. For example, we don't typically use cm (centimeters) on screen. The only value that you will commonly use is px (pixels).

Relative length units are relative to something else, perhaps the size of the parent element's font, or the size of the viewport. The benefit of using relative units is that with some careful planning you can make it so the size of text or other elements scales relative to everything else on the page. Some of the most useful units for web development are listed in the table below.