All content on jerakeen.org
Unsubscribe
19 November 2008
in notes
tagged with
[cms]
[mailinglist]
You really want your template language to automatically escape all strings unless they’re flagged as ‘I know this contains HTML and I know what I’m doing’. This stops many trivial forms of cross-site-scripting attacks.
You probably also want certain columns of your database to be annotated in such a way that your CMS doesn’t accidentally display them to users.
Web Development Bookmarklets
19 November 2008
in links
tagged with
[bookmarklet]
[development]
[html]
[web]
useful-looking bookmarklets, for when I’m not using firefox, and therefore firebug, or safari. Which is a lot recently, because they’re both annoying me.
EtherPad: Realtime Collaborative Text Editing
19 November 2008
in links
tagged with
[appjet]
[collaborative]
[editor]
[javascript]
It’s SubEthaEdit, on the web, and it’s astonishingly good. AppJet clearly does something comet-like as well.
