Simon Willison’s Weblog

Subscribe

Thursday, 15th May 2008

Engineering @ Facebook: Facebook Chat. The new Facebook Chat uses Comet (long polling with a hidden iframe) against a custom web / chat server written in Erlang, designed to handle a launch to all 70 million users at once. It was tested using a “dark launch” period where live pages simulated chat request traffic without showing any visible UI.

# 7:55 am / comet, darklaunch, erlang, facebook, javascript, scaling

Crossdomain.xml Invites Cross-site Mayhem. A useful reminder that crossdomain.xml files should be treated with extreme caution. Allowing access from * makes it impossible to protect your site against CSRF attacks, and even allowing from a “circle of trust” of domains can be fatal if just one of those domains has an XSS hole.

# 8:06 am / crossdomainxml, csrf, flash, javascript, jeremiah-grossman, security, xss

Cubescape. Beautiful isometric cube building tool by Cameron Adams, written in JavaScript and jQuery.

# 8:40 am / cameronadams, cubescape, isometric, javascript, jquery

Using Git as a versioned data store in Python. gitshelve supports the same interface as Python’s built-in shelve module but stores things to a versioned Git repository instead of just a pickled dictionary. I’ve been casually wondering what a Git-powered CMS would look like.

# 3:25 pm / cms, git, gitshelve, python

2008 » May

MTWTFSS
   1234
567891011
12131415161718
19202122232425
262728293031