The Google Caja team has put forward a fantastic document on JavaScript-based injection attacks. This is a fascinating subject and one that receives little attention (but will, undoubtedly, receive more in the upcoming months and years as JavaScript receives more attention). In their document they detail an injection attack against a SQL database (an obvious […]
Comment · Posted: February 1st, 2008
In a follow-up to this question I’ve begun pondering what the most-relevant browsers of 2009 will be. I tend to determine relevance by the question “Is this browser cost beneficial to us supporting it” being answered by a significant number of developers and corporations. For example, I would probably rate the current, 2008, list as […]
Comment · Posted: January 31st, 2008
I wanted to pull together some of the recent events that have occurred, related to native JSON support within a web browser, that should be of importance to many web developers. This should serve as a sort-of follow-up to my previous post: Native JSON Support is Required. Early API Standardization Attempts – Last year, a […]
Comment · Posted: January 30th, 2008
One method that I’ve been wanting for quite a while now was a simple way to format old JavaScript dates in a “pretty” way. For example “2008-01-28T20:24:17Z” becomes “2 hours ago”. Here’s some more examples: Note that I only care about dates in the past (by far the most common use case) and only dates […]
Comment · Posted: January 29th, 2008
» JavaScript Ninja JavaScript Jobs The jobs listed here have been relocated to the new JavaScript Ninja JavaScript Jobs board. While I’m not, currently, looking for any extra work (a full-time job and writing a book will slow you down a bit) I’m frequently forwarded job openings that I would like to pass on to […]
Comment · Posted: January 26th, 2008
One problem that we’ve encountered with jQuery, and that I did not foresee by any stretch, was the difficulty in synchronizing releases with other projects and companies. Specifically, when certain projects need the latest copies of your code by a certain time in order to make it for inclusion. There’s two classes of problems, as […]
Comment · Posted: January 25th, 2008
Assuming that it’ll be a while before most browsers attempt to implement most of HTML 5 (a perfectly reasonable assumption) we need to start thinking of ways to tackle the creation and rendering of HTML 5 components in the meantime. Obviously, using the tools of JavaScript and CSS we can accomplish a lot. However, there […]
Comment · Posted: January 24th, 2008
Remember the whole crazy Internet Explorer 8 meta http-equiv hub-bub, yesterday? There was one post in all of that mess that was really, really, important. To sum it up: Internet Explorer 8 will support DOCTYPE switching for new DOCTYPEs (like HTML5). “Steve“: Are there any doctypes that do not require this new meta tag to […]
Comment · Posted: January 23rd, 2008
