Simon Willison’s Weblog

Subscribe

Thursday, 15th May 2008

Engineering @ Facebook: Facebook Chat. The new Facebook Chat uses Comet (long polling with a hidden iframe) against a custom web / chat server written in Erlang, designed to handle a launch to all 70 million users at once. It was tested using a “dark launch” period where live pages simulated chat request traffic without showing any visible UI.

# 7:55 am / facebook, comet, javascript, erlang, darklaunch, scaling

Crossdomain.xml Invites Cross-site Mayhem. A useful reminder that crossdomain.xml files should be treated with extreme caution. Allowing access from * makes it impossible to protect your site against CSRF attacks, and even allowing from a “circle of trust” of domains can be fatal if just one of those domains has an XSS hole.

# 8:06 am / jeremiah-grossman, flash, javascript, security, csrf, xss, crossdomainxml

Cubescape. Beautiful isometric cube building tool by Cameron Adams, written in JavaScript and jQuery.

# 8:40 am / isometric, cubescape, cameronadams, javascript, jquery

Using Git as a versioned data store in Python. gitshelve supports the same interface as Python’s built-in shelve module but stores things to a versioned Git repository instead of just a pickled dictionary. I’ve been casually wondering what a Git-powered CMS would look like.

# 3:25 pm / git, cms, gitshelve, python

2008 » May

MTWTFSS
   1234
567891011
12131415161718
19202122232425
262728293031