Maybe. One of the things I like about Node.js is that the raw abstraction it provides over HTTP is much closer to how the actual protocol works than the abstractions provided many of the more widely used frameworks such as PHP, Django or Rails. That might actually make it an effective learning tool—I’d be interested in hearing from some web developers who learnt Node.js as their first server-side technology.[... 87 words]
There are dozens of web-based image resizing APIs that could help with this. Check out http://www.imgix.com/ for example.[... 42 words]
The answer varies enormously depending on the language and the framework. Some frameworks are very easy to pick up, others are harder.[... 162 words]
XSS attacks are common and easy, and crop up all the time. What’s new is that the number of people who are aware of the potential for XSS worms has increased hugely, so when an XSS does crop up in something popular there’s a much higher chance of someone turning it in to a worm (as happened with Twitter the other day).[... 96 words]
YUI 3.0.0: First GA Release of YUI’s Next-Generation Codeline. YUI 3 has some very neat ideas—everything is dynamically loaded, so you start with a tiny bootstrap script and call YUI().use(’module-name’) to load just the code you need. Congratulations to the team. # 29th September 2009, 11:38 pm
freebase-suggest (via) A jQuery plugin that performs auto-completion against the Freebase JSONP API, and allows the results to be limited to specific categories or subsets. # 24th September 2008, 11:58 pm
When Ajax Attacks! Web application security fundamentals. Slides and notes from my talk on web application security at @media Ajax last Tuesday. # 20th September 2008, 4:16 pm
Frame-Busting Gadgets. I’ve always been slightly suspicious of the Google Gadgets / OpenSocial idea of sandboxing untrusted third party content in an iframe. Sure enough, it turns out iframe busting scripts work in Gadgets, meaning a seemingly harmless gadget could potentially launch a phishing attack. # 17th September 2008, 11:23 pm
When Ajax Attacks! Web application security fundamentals. Slides and (other people’s) notes from my presentation at @media Ajax on Tuesday. # 17th September 2008, 11:18 pm
I have another technique [...] that I’ll be switching jQuery to. If you attempt to insert into the document.body before the document is fully loaded, an exception is thrown. I take advantage of that to determine when the document is fully loaded.
DOMContentLoaded for IE, Safari, everything, without document.write. Stuart has taken Hedger’s recent IE technique, combined it with the others and compressed it in to a short-as-possible code snippet that you can paste in to your scripts without having to include the whole of jQuery/YUI/Dojo/Prototype. # 26th September 2007, 12:19 pm
IEContentLoaded. An alternative method of detecting DOMContentLoaded on IE; works by polling until the doScroll() method on an unattached element stops throwing errors. # 24th September 2007, 12:10 pm
Apparently if you try to remove/destroy/trash a FORM dom node in IE6, it won’t delete it, instead creating a bizarre orphaned node stuck sucking up memory until the browser window is refreshed.