Simon Willison’s Weblog

Subscribe

June 2010

June 1, 2010

django-boss (via) Management commands are one of the few bits of Django that I still have to look up in the documentation whenever I write them. django-boss offers a smart alternative to regular management commands, based around decorators and taking the containing app as the first argument.

# 10:02 am / decorators, django, djangoboss, python, zachary-voase, recovered

June 2, 2010

Appending the request URL to SQL statements in Django. A clever frame-walking monkey-patch which pulls the most recent HttpRequest object out of the Python stack and adds the current request.path to each SQL query as an SQL comment, so you can see it in debugging tools such as slow query logs and the PostgreSQL “select * from pg_stat_activity” query.

# 9:09 am / chris-lamb, debugging, django, monkeypatch, orm, postgresql, python, sql, recovered

Parsing file uploads at 500 mb/s with node.js. Handling file uploads is a real sweet spot for Node.js, especially now it has a high performance Buffer API for dealing with binary chunks of data. Felix Geisendörfer has released a new library called “formidable” which makes receiving file uploads (including HTML5 multiple uploads) easy, and uses some clever algorithmic tricks to dramatically speed up the processing of multipart data.

# 3:57 pm / binary, buffers, felixgeisendorfer, files, html5, javascript, node, nodejs, uploads, recovered

On Django And Migrations. South author Andrew Godwin on the plans for migrations in Django. His excellent South migration library will be split in to two parts—one handling database abstraction, dependency resolution and history tracking and the other providing autodetection and the South user interface. The former will go in to Django proper, encouraging other migration libraries to share the same core abstractions.

# 4:27 pm / andrew-godwin, django, migrations, orm, south, recovered

June 3, 2010

“Likejacking” Takes Off on Facebook. The Facebook Like button is vulnerable to Clickjacking, and is being widely exploited. Since Likes show up in your Facebook stream, it’s an easy attack to make viral. The button is implemented on third party sites as an iframe, which would seem to me to be exploitable by design (just make the iframe transparent in the parent document and trick the user in to clicking in the right place). I can’t think of any way they could support the embedded Like button without being vulnerable to clickjacking, since clickjacking prevention relies on not allowing your UI elements to be embedded in a hostile site while the Like button’s functionality depends on exactly that.

# 10:01 am / clickjacking, facebook, iframes, likebutton, likejacking, phishing, security, recovered

June 8, 2010

I’m renaming the book to “Dive Into HTML 5” for better SEO. This is not a joke. The book is the #5 search result for “HTML5” (no space) but #13 for “HTML 5” (with a space). I get 514 visitors a day searching Google for “HTML5” but only 53 visitors a day searching for “HTML 5”.

Mark Pilgrim

# 8:48 pm / diveintohtml5, html5, mark-pilgrim, seo, recovered

June 9, 2010

Today’s Guardian, by Phil Gyford. An alternative interface for reading today’s Guardian, built using the new Open Platform Content API and with extensive design notes from creator Phil Gyford.

# 11:21 pm / contentapi, design, guardian, newspapers, openplatform, phil-gyford, recovered

woedb. Aaron Straup Cope’s stylish new tool for browsing the GeoPlanet database.

# 11:42 pm / aaron-straup-cope, geoplanet, woedb, recovered

List of important publications in computer science (via) Amazingly comprehensive list on Wikipedia.

# 11:50 pm / computer-science, wikipedia, recovered

June 17, 2010

Great Literature Retitled To Boost Website Traffic (via) “7 Awesome Ways Barnyard Animals Are Like Communism”.

# 10:32 am / awful, copy, funny, headlines, seo, recovered

TfL Live Traffic Cameras. Part of the new set of APIs released by the Greater London Authority—a list of 177 live traffic camera feeds from around London, all geocoded.

# 7:14 pm / apis, cameras, london, tfl, webcams, recovered

pdf.js. A JavaScript library for creating simple PDF files. Works (flakily) in your browser using a data:URI hack, but is also compatible with server-side JavaScript implementations such as Node.js.

# 7:39 pm / datauri, javascript, node, nodejs, pdf, recovered

Falsehoods Programmers Believe About Names. People’s names are complicated. I’m not at all comfortable with the commonly used first name / last name distinction (as baked in to Django auth) since it doesn’t take cultural factors in to account.

# 7:44 pm / django, i18n, internationalisation, l10n, localisation, names, recovered

Slide, Inc.—open source. slide.com have open sourced a whole bunch of interesting Python libraries, most of them involving C extensions or greenlet non-blocking I/O. wirebin (fast binary serialization of native Python types) and meminfo (an extension for finding precise in-memory sizes of Python objects) look particularly interesting. No documentation yet—not even a readme.

# 8:05 pm / open-source, python, slide, slideinc, recovered

Mongrel2 is “Self-Hosting”. Zed Shaw’s Mongrel2 is shaping up to be a really interesting project. “A web server simply written in C that loves all languages equally”, the two most interesting new ideas are the ability to handle HTTP, Flash Sockets and WebSockets all on the same port (thanks to an extension to the Mongrel HTTP parser that can identify all three protocols) and the ability to hook Mongrel2 up to the backend servers using either TCP/IP or ZeroMQ. I’m guessing this means Mongrel2 could hold an HTTP request open, fire off some messages and wait for various backends to send messages back to construct the response, making async processing just as easy as a regular blocking request/response cycle.

# 8:11 pm / async, c, http, mongrel2, webserver, zed-shaw, zeromq, recovered, websockets

Unlocking the Huawei E5830 aka 3 Mifi. 3 will post you an unlocked replacement for your MiFi for £15, if you can figure out how to ask them to do it. Reports on the internet are that it can take several weeks and they sometimes forget to unlock the one you send them, so I went the self-unlocking route. These instructions (involving Windows running in VMWare Fusion, Firmware updates, PayPal, some very dodgy looking software and a PDF file half-written in Japan) ended up working a treat.

# 10:57 pm / 3g, mifi, mobile, unlocking, vmware, recovered

June 21, 2010

Getting married and going travelling

Visit Getting married and going travelling

It’s been a busy month. On Saturday the 5th of June I married the wonderful Natalie Downe in a beautiful ceremony at Roedean School in Brighton. The reception had owls, cheese, a ferret, a golden eagle, amazing Turkish food, Jewish chair dancing and lovely guests. It was the happiest day of my life.

[... 342 words]

June 30, 2010

Conflict Minerals and Blood Tech. Capacitors are made from tantalum. Tantalum is extracted from coltan ore. 20% of the world’s supply of coltan is conflict metal from the Congo, and funds the world’s most vicious conflict.

# 12:57 pm / capacitors, coltan, conflictmetal, congo, tantalum, recovered

jQuery.queueFn. “Execute any jQuery method or arbitrary function in the animation queue”. I’m surprised this isn’t baked in to jQuery itself—the plugin is only a few lines of code.

# 12:59 pm / ben-alman, javascript, jquery, recovered

Repolygonizing Fonts (via) Part of Scribd’s fascinating series of posts explaining how their document conversion technology works.

# 1:04 pm / fonts, scribd, recovered

2010 » June

MTWTFSS
 123456
78910111213
14151617181920
21222324252627
282930