SitePoint.com

Recent Blog Posts

Blogs » Archive for January, 2007

---

News Wire: Chris Wilson to Chair W3C HTML Working Group

by Kevin Yank

• The Adobe PDF XSS Vulnerability
  A new XSS vulnerability has been found in Acrobat and Acrobat Reader 7.0.8 and earlier for Windows. If a vulnerable user follows a malicious link to a PDF on your site, the browser will silently execute the attacker’s JavaScript code on the user’s behalf.
  (tags: security acrobat)
• OpenID for non-SuperUsers
  Sam Ruby walks through setting up your site to provide your OpenID for auto-discovery. With OpenID quickly becoming the flavour of the month for de-centralized ID solutions, this is as good a time as any to get up to speed on the topic. (thanks, andrewk)
  (tags: http php identity)
• Really easy field validation
  Requires prototype, but if your project is already using it this is a nice and simple form validation method. Just remember, only fools leave input validation solely in the hands of JavaScript… (thanks, andrewk)
  (tags: javascript)
• IE Developer Toolbar Beta 3 - Now Available
  This latest beta from Microsoft adds a number of features that bring it closer to a tool like Firebug. It also adds a couple of unique features, such as the ability to track down CSS selectors that don’t match any elements on the page.
  (tags: ie css html software)
• You, me and the W3C (aka Reinventing HTML)
  Chris Wilson, Platform …

Friday, January 12th, 2007 | Posted in Industry Links | 1 Comment »

2007: The Year of OpenID (?)

by Harry Fuecks

A late but Happy New Year - recent silence related to starting new job at local.ch - more on that another time.

So let’s call this one the Year of OpenID - or at least the part up to March. OpenID is starting to gain traction as a solution to some (not all) online authentication problems.

While some good resources are starting to show up explaining how OpenID works, there’s a tendency towards either “here’s how to add to your blog - don’t ask difficult questions” or significant assumed knowledge. So it’s nice if you have someone around who can explain it directly, which is what happened last webtuesday, Cédric’s providing an OpenID Overview. As well as doing a great job of explaining key points of what OpenID is and is not, he also took a good stab at illustrating OpenID transactions in terms of the communication between the hosts involved, something that seems poorly documented online right now - images here.

One particular concern the talk raised regards the final redirect of an OpenID transaction, when a new account is being setup on the relying party (the site you want to register and log into) - step 6 here. As I’ve …

Thursday, January 11th, 2007 | Posted in PHP | 3 Comments »

2007: Beginning with the End in Mind

by Dave Hecker

With just one week of vacation remaining, I’m beginning to consider both my personal and business objectives for 2007. The beginning of a new year is, of course, a great time to look at last year’s progress and make a short list of objectives for the coming year. It’s important that such a list be short, achievable, and for (small business owners) geared towards our personal satisfaction rather than simply an increase in revenue or profits. Two or three main objectives is more than enough, and any more than that will most likely result in the list being forgotten early in the year!

Looking back on 2006, the primary business objective was to improve our marketing strategy. It was quite a lot of work, but this objective appears to have been fulfilled. We’ve sharpened our marketing message, adjusted our pricing, renewed our website content, and established a new mailing list system.

My primary personal goal was to ‘disconnect’ a bit, and better separate business time from personal time by eliminating points of contact between myself and the Internet during non-work hours. This has also been successful – I’ve cancelled my mobile phone’s connection to the internet, stopped …

Thursday, January 11th, 2007 | Posted in Web Pro Business | 7 Comments »

Talks Online: JavaScript Mashups and Coping with the New Web

by Kevin Yank

Two of the conference presentations I gave last year are now online in multimedia formats, so you can get the virtual experience while sitting at home in your underwear (or take me with you on your iPod if you get out more than I do).

From the Web Directions South conference in Sydney on September 29th 2006, you can listen to the audio and view the slides of the talk I gave with Cameron Adams on JavaScript APIs and Mashups: Work you don’t have to do.

If your tastes run more to the server side, you can grab the slides, listen to the audio, or view the television coverage of my talk, Coping with the New Web on the Server Side from Fundamentos Web 2006 in Spain (don’t worry—it’s in English).

Happy viewing!

Thursday, January 11th, 2007 | Posted in Web Tech | 5 Comments »

Microsoft Breaks HTML Email Rendering in Outlook 2007

by Kevin Yank

The following is republished from the Tech Times #156.

If support for web standards in browsers is improving slowly, then support in email clients is moving at a glacial pace. Attempts to document things like CSS support in the major email clients have revealed a depressing state of affairs, but with recent desktop clients like Thunderbird now sitting on solid rendering engines, things have been looking up.

All that changed when Microsoft dropped a lump of coal into every web developer’s stocking with the end-of-year release to business customers, and the upcoming consumer release, of Outlook 2007.

At the risk of turning this newsletter into a biweekly Microsoft bash, Redmond has done it again. While the IE team was soothing the tortured souls of web developers everywhere with the new, more compliant Internet Explorer 7, the Office team pulled a fast one, ripping out the IE-based rendering engine that Outlook has always used for email, and replacing it with … drum roll please … Microsoft Word.

That’s right. Instead of taking advantage of Internet Explorer 7, Outlook 2007 uses the very limited support for HTML and CSS that is built into Word 2007 to display HTML email messages.

Wednesday, January 10th, 2007 | Posted in Web Tech | 148 Comments »

News Wire: How’s Your Uncached Performance?

by Kevin Yank

• Make your pages load faster by combining and compressing javascript and css files
  With the combination of a few URL rewrite rules and a PHP script, you can automate the process of combining, compressing, and caching the JavaScript and CSS files used by your site to vastly improve performance.
  (tags: php css javascript)
• Developer Notes for prototype.js
  Updated to cover Prototype 1.5.0_rc2, this excellent set of developer notes will get experienced JavaScript coders up to speed on Prototype in no time. With official documentation still lacking, unofficial sources like this remain vital references.
  (tags: javascript ajax)
• The Dojo Offline Toolkit
  The Dojo Offline Toolkit project will enable anyone to build a web application that works transparently offline by caching the data it needs locally. Users will need to install a small runtime the first time they use an application offline.
  (tags: javascript)
• JSON vs. XML: The Debate
  Thanks to Ajaxian, a comprehensive round-up of the JSON vs. XML debate that seems to have raged over the holiday break.
  (tags: javascript xml ajax)
• IE+JScript Performance Recommendations Part 3: JavaScript Code Inefficiencies
  The third in the IE team’s series on improving JavaScript performance. Unfortunately, the advice in this part isn’t particularly practical. It boils down to: don’t use closures unless you have to, and …

Wednesday, January 10th, 2007 | Posted in Industry Links | No Comments »

Let’s Speculate for 2007

by Wyatt Barnett

In between holiday events and cocktail hours, it is traditional for some to make sweeping predictions about the world to come and then write about them. Read on for my musings.

Monday, January 1st, 2007 | Posted in .NET | 27 Comments »