Archive for the 'Solutions' Category

Patching StaticMatic’s deficiencies: setting HAML options and fixing the locals hash

Sunday, November 30th, 2008

Staticmatic 0.9.4 ships with 2 surprisingly serious deficiencies:

1. Configuration options can’t be passed to HAML
2. The locals hash isn’t passed to partials

The solution for partials has been given by Randy Parker.

The solution for HAML options has been given by Jason Tennier.

Either of these issues would have been a dealbreaker for me, so I was glad to see they both had relatively easy fixes. Although coming from the Perl world, I do get pissed off whenever I have to hand-edit the source of a gem :)

And as a newbie to StaticMatic, I do wonder how well the gem is being maintained now. Both of these patches have been around for a while, yet they haven’t made it into the distribution, and I wonder why?

Updated: So the maintainer says he’s been busy, fair enough. With the bug fixes above in place, Staticmatic is nice enough. Having an application server obviates the need to “build,” and if you know me you know how much I hate the build process ^.~ So that to me already sets staticmatic apart from other template engines. I’m really looking forward to 2.0

I’m about to start blogging for the Science Channel

Tuesday, October 28th, 2008

Check out my new blog, Nerdabout New York. Launching November 15.

For some reason someone thought I knew something about nerds, and it led, very rapidly to this.

So here we go.

News groups and mailing lists 2008

Saturday, September 27th, 2008

I’ve got some suggestions as to which usenet news groups and mailing lists (or listservs) are worth following with regard to keeping up-to-date on what’s happening in Client-Side (or Presentation Layer or Front-End) Web development.

(more…)

Progressive Enhancement

Thursday, September 25th, 2008

One of the things I was doing while working for the College Board was researching strategies for accessible Web content. So it became apparent that Pragmatic Progressive Enhancement, or what we used to call Graceful Degradation, was in fact the best architectural strategy for ensuring an accessible and robust user experience.

(more…)

Delicious via: tag bookmarklet

Saturday, August 16th, 2008

I just got finished writing a new version of the del.cio.us whuffie bookmarklet. It’s a bookmarklet that adds via: tags to your bookmarks for attribution purposes, so you can have a little extra meta-data about where your links are coming from.

(more…)

Firefox Extensions

Thursday, August 14th, 2008

Lately I have been fielding a lot of questions at work about strategies for assuring that the markup is semantic, accessible and valid. I recently compiled a short list of Firefox extensions that test whether XHTML is standards-compliant.

(more…)

Oops! I accidentally hit the Back button and canceled my attack!

Wednesday, March 19th, 2008

Danny Alan’s demo of Ajax XSS attacks and exploits had to be one of the best talks I went to at Ajax World 2008. Aside from wowing the audience with a demonstration of the power and ease of Cross-Site Request Forgery attacks, he also uttered the most hilarious soundbite of the conference:

Oops! I accidentally hit the Back button and canceled my attack!

In all serious, the CSRF attack toolkit put together by Danny and his colleagues was impressively unsettling.

(more…)

Notes from Ajax World 2008, day 2

Wednesday, March 19th, 2008

Overall the emphasis was on XSS attacks and (the problem of) JavaScript security, proposing a “safe subset” of JavaScript; supported by the “adsafe” option in JSLint. A policy of “cooperation under mutual suspicion.” Other memes included “advertising is a mashup.”

The title of this slide was Vats: Communicating Computational Containment. Crockford said that “vats” are the solution to what he calls “the turducken problem.” That is, there is no way to reliably detect the various perfectly permissible variations of JavaScript-inside-HTML-encodeded-as-a-URL.

Macbook vs. WRT54G wireless router

Monday, February 18th, 2008

Today I brought my Macbook to my mom’s house for the first time. Like me, she has a Linksys wireless router, but unlike me she is connected to the internet via Verizon DSL. Now, her Windows PC and laptop connect to the network through the router automatically (there’s no wi-fi password since this is northern Vermont and the next house is a mile away).

The Macbook likewise connected instantly to the wi-fi network, but couldn’t see the internet. When I’d try to ping a Web address, I just got “no route to host.” Very sad.

(more…)

HTML Validation

Sunday, October 28th, 2007

Today I wanted to know how to get the functionality of the HTML validator Firefox extension. The extension has two modes: Tidy and SGML parser. Each of these modes reports differently on the HTML under test. Both reports can be useful (I’m not going to get into the differences here).

Specifically, I wanted to be able to generate either a Tidy or an SGML parser report from the command line. And I wanted to be able to run my report for any public Web page.

(more…)