Blogmarks
Filters: Sorted by date
CookBookNewFormsFieldOrdering. Handy tip—change the order of fields in a Django newforms instance by over-riding form.fields.keyOrder (since fields is a SortedDict).
BUG: XSS Security flaw in BaseCamp Messages (via) BaseCamp lets users include HTML and JavaScript in messages, on the basis that anyone with a BaseCamp account is a trusted party. I’m not convinced: you could use this to circumvent BaseCamp’s access control stuff and read messages you’re not meant to. On the flip side, you could also use this to add brand new features to BaseCamp by using JavaScript in a message as a server-side equivalent to Greasemonkey.
Why do browsers still not have file upload progress meters? Great question.
mod_rpaf for Apache. A more secure alternative to Django’s equivalent middleware: sets the REMOTE_ADDR of incoming requests from whitelisted load balancers to the X-Forwarded-For header, without any risk that if the load balancers are missing attackers could abuse it to spoof their IP addresses.
Oxford Geek Night 7: 25 June 2008. I won’t be able to make this one, but a reminder for anyone in the area that the seventh Oxford Geek Night takes place tomorrow night at the Jericho Tavern.
Django snippets: Command to dump data as a python script. Extremely useful—dumps the data for an application as an executable Python script which will re-import it in to another database without any risk of colliding with existing IDs, sorting out foreign keys along the way.
The basics of creating a tumblelog with Django (via) Ryan Berg suggests having a StreamItem model that links uses a GenericForeignKey to link to other content types, then using signals to cause a StreamItem to be created for every other model type. I should switch to doing that on this blog: at the moment I have to query three separate tables to build the tumblelog part which results in messy code for ordering and pagination.
Tailor. “Tailor is a tool to migrate or replicate changesets between ArX, Bazaar, Bazaar-NG, CVS, Codeville, Darcs, Git, Mercurial, Monotone, Subversion and Tla repositories.”—written in Python.
Removing Microformats from bbc.co.uk/programmes. “Until these issues are resolved the BBC semantic markup standards have been updated to prevent the use of non-human-readable text in abbreviations.”
jsontime. Nat and I threw this together this morning—it runs on Google App Engine and exposes Python’s pytz timezone library over JSONP.
Arbitrary code execution vulnerabilities in Ruby (via) Sounds nasty—integer overflows and unsafe allocs leading to memory corruption. Definite DoS and possible code injection as well. Upgrade to Ruby “1.8.5-p231, or 1.8.6-p230, or 1.8.7-p22” ASAP.
Comic Sans, the Film. “A documentary film coming soon”
We’re all ops people now. Edd’s experience reflects my own: the kind of systems I’m building these days involve way more than just development, they often involve significant sysadmin type skills as well. Desperately need to get better at that stuff.
Google Trends for Websites: myspace.com,facebook.com. New fun tool from Google Trends.
What is it like to write a technical book? Plenty of food for thought from the lead author of the new edition of High Performance MySQL. It’s amazing how Word is still an integral part of most technical book projects despite its obvious inadequacies compared to a toolchain based on plain text files and Subversion (the Django Book used ReST and Subversion to great effect).
When Bugs Collide: Fixing Text Dimming in Firefox 2. Handy tips from Drew on fixing the glitchy text rendering in Firefox 2 when you animate opacity without breaking alpha-transparent PNGs in IE6.
PortingDjangoTo3k. Martin von Loewis has started assembling a patch. His write-up illustrates some key differences between Python 2.X and Python 3—it looks like Django’s unicode handling is going to require the most work.
Kellogg’s™ Lego® Fruit Flavored Snacks (via) On the one hand, from a child safety point of view this is clearly one of most stupid product ideas in recent history. On the other hand, I really, really want some.
ncache. A squid-style caching system built on top of nginx. Supports the HTTP PURGE method for cache invalidation.
Reddit release their codebase. Under the same Common Public Attribution License used by Facebook for their recent source release.
James Bennett: Why HTML. Finally, somewhere to point people when they ask why I avoid XHTML that’s a bit more up to date than Hixie’s rant from 2002.
Scaling your website with the Perlbal web server (PDF) (via) Perlbal documentation is pretty thin on the ground; this is a really useful introduction from Frank Wiles.
New foundation for Django. Django now has its own nonprofit software foundation (courtesy of a bunch of tough paperwork by Jacob Kaplan-Moss), and fittingly the Lawrence-Journal World get the exclusive.
How not to apply for a job. Quite reasonably, 37signals care if job applicants get their wordmark right. Having worked for Yahoo! I know how important that ! is. What really winds me up is companies that aren’t consistent with name capitalisation across their own sites—many startups are guilty of this.
PEP 372—Adding an ordered dictionary to collections. Yes please!
Deep Profiling jQuery Apps. Neat plugin from John Resig that monkey-patches most (all?) of the jQuery methods to build up a detailed profile of which methods are being used by a given page.
Comet (programming) on Wikipedia on 4th June 2008 (via) The last useful version (which I had pointed many people to) before it was gutted down to just a couple of paragraphs by infuriating deletionists.
Wikipedia:Canvassing (via) Apparently it’s considered bad form to tell people about debates occurring on Wikipedia (such as votes for deletion). Looks like a policy designed to discourage the participation of subject experts in favour of the participation of Wikipedia process gnomes.
Camouflage. My other key piece of OS X presenting software—hides all of the icons on the desktop (no need to drag them all in to an “Archive” folder every time I give talk).
Caffeine. I’ve been using this for several months and I love it: it’s a simple OS X menu bar icon that lets you prevent your Mac from dimming the screen, going to sleep or starting a screen saver. Perfect for giving presentations and watching Flash movies full screen.