Simon Willison’s Weblog


Sunday, 6th January 2008

IE7.js version 2.0 (beta). Dean Edwards has updated IE7, shifting enhancements that weren’t fixed by the real IE7 in to a new script called IE8. You can also now hotlink the library directly from Google’s servers, though I don’t know how intended Google Code’s subversion repository is for that purpose. # 11:15 pm

Django Tip: Complex Forms. Malcolm demonstrates some advanced tricks with newforms. # 10:14 pm

Filtering foreign key choices in newforms-admin. A nice introduction to the Django newform-admin branch, including an example of how to easily implement row-level permissions. # 8:31 pm

XSS Vulnerabilities in Common Shockwave Flash Files. Is the word “shockwave” still relevant to Flash? Regardless, it turns out Flash can be a serious vector for XSS attacks, and many commonly used components have recently fixed holes (and hence should be updated ASAP). # 9:35 am