We’re building a fancy modularized, templated framework based on Smarty. I’m a firm believer in Filter Input, Escape Output, so I’m working on making Smarty apply htmlentities by default, which seems like the XSS equivalent of SQL prepared statements. Have any of you ever tried an automated approach to XSS protection like this?
Latest Updates RSS
-
Braden
-
Braden
Finally got a chance to learn Google Charts, which I’ve been lusting after for months now. Rythym tester.
-
Braden
Good old posts from Joel on tech business: capturing consumer surplus, cheapening complements.
-
Braden
I put together a LAMP security overview for my writing class. Most of you probably know this stuff, but I think it’s a decent guide.
-
Braden
Firefox will support resumable downloads in 3.0.
Time to research HTTP Range and 206 Partial Content.
-
Aaron
You know an interview is going bad when the interviewee can’t distinguish between JavaScript and Java…
-
Braden
What systems do and don’t do for you “cheaply” defines their character, and in many systems those choices aren’t made consciously.
-
Aaron
Eat that, Blackboard.
-
Aaron
It’s probably a no-brainer for most of you, but since most web apps don’t use borders around images I just use this in the main CSS file:
img{border: 0;}
Also, if you have given some kind of WYSIWYG control to users, this lessons the inevitable ugliness that ensues.
-
Aaron
So I’m back to using Yugma for screen sharing with three or more people, but I still prefer TeamViewer when there’s only two people.