Simon Willison’s Weblog

jQuery.Rule (via) jQuery plugin for manipulating stylesheet rules. For me, this is the single most important piece of functionality currently missing from the core jQuery API. The ability to add new CSS rules makes an excellent complement to the .live() method added in jQuery 1.3.

# 22nd February 2009, 5:53 pm / jquery, plugins, css, javascript, arielflesler

jQuery 1.3.2 release notes. Not just a bug fix—there are a number of subtle behaviour changes, including to the :visible/:hidden selectors and the appendTo/prependTo/*To family of methods. I strongly recommend testing and reviewing those changes before upgrading.

# 21st February 2009, 4:42 pm / jquery, javascript

Twitter Don’t Click Exploit. Someone ran a successful ClickJacking exploit against Twitter users, using a transparent iframe holding the Twitter homepage with a status message fed in by a query string parameter. Thiss will definitely help raise awareness of ClickJacking! Twitter has now added framebusting JavaScript to prevent the exploit.

# 12th February 2009, 7:56 pm / framebusting, javascript, security, clickjacking, twitter, chris-shiflett

Ehy IE8, I Can Has Some Clickjacking Protection? (via) IE8 has built-in protection against clickjacking, but it’s opt-in (with a custom HTTP header) and IE only. It turns out the usual defence against clickjacking (using framebusting JavaScript) doesn’t work in IE as it can be worked around with a security=“restricted” attribute on an iframe.

# 29th January 2009, 1:39 pm / clickjacking, ie, ie8, http, security, javascript, iframes

OCR and Neural Nets in JavaScript. John dissects the brilliant Greasemonkey script that solves simple captchas using the canvas element and HTML5’s getImageData API.

# 25th January 2009, 12 am / getimagedata, captcha, ocr, javascript, greasemonkey, canvas, john-resig

google-mobwrite. Neil Fraser’s terrifyingly clever differential synchronization algorithm (for SubEthaEdit-style collaboration over the web) is now available as an open source Python and JavaScript library.

# 24th January 2009, 11:55 pm / mobwrite, google, open-source, python, javascript, collaboration, subethaedit, neil-fraser

AJAX APIs Playground. Ferociously useful collection of executable and editable example code for all(?) of Google’s JavaScript APIs, including Google Maps and the increasingly interesting Visualization API.

# 22nd January 2009, 6:38 pm / google, javascript, ajax, google-maps, googlevisualization

jQuery 1.3.1 Released. Bug fix for 1.3, mainly browser compatibility issues. Of interest: jQuery no longer ship a packed version (where JS is used to further decompress a string), as their tests show that this reduces performance due to the overhead of the extra decompression. They still provide a YUI Compressor minified version.

# 22nd January 2009, 10:41 am / minification, jquery, javascript, performance

jQuery 1.3 and the jQuery Foundation. The IP for jQuery and jQuery UI now rests with the Software Freedom Conservancy (a smart alternative to setting up a brand new foundation), while Sizzle is a separate project looked after by the Dojo Foundation.

# 14th January 2009, 5:59 pm / jquery, javascript, jqueryui, sizzle, dojofoundation, software-freedom-conservancy

Sloppy—the slow proxy. Java Web Start GUI application which runs a proxy to the site of your choice simulating lower connection speeds—great for testing how well your ajax holds up under poor network conditions.

# 13th January 2009, 4:17 pm / ajax, javascript, performance, sloppy, java, javawebstart, proxy, richard-dallaway

Visualising Radio, pushing, not pulling. The BBC’s new radio player uses Comet over a Flash XMLsocket connection transport, with an ActiveMQ message queue behind the scenes. I’d like to know what server they’re using to broadcast out to the XMLsocket connections.

# 13th January 2009, 12:59 am / bbc, duncan-robertson, activemq, comet, flash, javascript, xmlsocket

A Snapshot of The Yahoo! Photos Beta (from 2006). Scott Schiller shares an internal retrospective on the Yahoo! Photos interface from 2006, which was years ahead of its time (they started building it before the term Ajax had even been coined). The material on memory management and event delegation is particularly interesting.

# 12th January 2009, 10:21 pm / eventdelegation, scott-schiller, yahoo, yui, yahoophotos, ajax, javascript

instanceof considered harmful (or how to write a robust isArray. JavaScript’s instanceof operator breaks when dealing with objects that may have been created in a different document or frame, since constructors are unique to each frame. Instead, you can check for arrays using the default Object.toString method which the JS spec guarantees will return [object Array].

# 12th January 2009, 10:55 am / arrays, javascript, instanceof, tostring, frames

Manage Amazon EC2 With New Web-Based AWS Management Console. Finally! I’m amazed it took Amazon so long to do this. Managing EC2 instances from a custom Firefox extension was pretty bizarre. It’s a very nice interface, built on top of YUI. Unfortunately you still have to manage your entire virtual server farm using a single shared Amazon account.

# 9th January 2009, 9:34 am / amazon, aws, ec2, cloud-computing, yui, javascript

ReferenceError: console is not defined. Since Firebug 1.2 you need to call window.loadFirebugConsole() in order for console.log and friends to work.

# 23rd December 2008, 10:22 pm / firebug, firefox, javascript, debugging

Quickchoice—a Speed Dial clone (via) Lovely demonstration of the CSS transform property, as supported by modern browsers. The magic is all in the iframe { transform: scale(0.25, 0.25) translate(-1200px, -900px) }

# 23rd December 2008, 12:49 pm / speeddial, javascript, css, csstransform, iframes

jQuery: Changeset 5990. “Added a new liveQuery/event delegation hybrid method”. Lets you add events that continue to work as new elements are dynamically appended to the DOM, e.g. $(’div p.foo’).live(’click’, fn). Works by adding an event handler to the root document element itself and relying on event bubbling. I have to admit I preferred the earlier proposal of $(’div’).delegate(’p.foo’..), which feels like it should have much better performance—anyone know of a good plugin that supports this?

# 23rd December 2008, 12:22 pm / jquery, delegate, livequery, javascript, events

jQuery changeset 5985 (via) jQuery trunk has ditched browser sniffing in favour of feature testing, where a small suite of unit-test-like code blocks is used to detect whether a browser supports specific idioms. If the tests fail jQuery still makes assumptions about what the fix is, but it’s not hard to imagine the library eventually using code tests to ensure the fix will work as well.

# 22nd December 2008, 10:58 am / jquery, feature-testing, javascript

Integrating Facebook Connect with Django in 15 minutes. Django authentication middleware that calls the Facebook REST API using a cookie set by Facebook Connect and checks if that person is your Facebook friend. Despite most of the magic happening on the server you still need Facebook’s JavaScript to set that cookie in the first place.

# 17th December 2008, 1:18 pm / facebook, facebookconnect, cookies, javascript, django, middleware

husk.org. a flickr machine tag browser (via) Flickr recently added API methods for exploring the machine tags used by the community. Paul Mison has built a neat OS X Finder style interface for exploring them, using JSONP and jQuery.

# 15th December 2008, 11:24 pm / json, jsonp, jquery, javascript, flickr, machinetags, paul-mison

Visual Event. External code loading bookmarklet that visualises the JavaScript events hooked up to the current page, and lets you view the source code of the event handling function for each one. Only works for events added by jQuery, YUI or MooTools since those libraries maintain a cache of event handlers that they add, to work around the standard DOM’s omission of handler introspection.

# 10th December 2008, 3:38 pm / events, javascript, allan-jardine, bookmarklet, dom, jquery, mootools, visualevent, yui

Internet explorer mystery #1376. IE executes function definitions inside an “if (0)” block. That frightens me.

# 3rd December 2008, 9:04 am / ned-batchelder, internet-explorer, javascript

lightningtimer.net. I'm fed up of having to dig out or knock up a timer script every time I manage lightning talks, so I've given one a domain name. You can use lightningtimer.net/#90 to set a different start time for the counter.

Update March 25th 2025: I rescued an old copy of this from the Internet Archive and re-published it to tools.simonwillison.net/lightning-timer.

# 12th November 2008, 4:43 pm / lightningtimer, projects, javascript, lightning-talks, tools

Introducing Acre. I’m losing track of all the server-side JavaScript hosted web application platforms now. Here’s the Freebase contribution to the genre, complete with IDE, templating language and strong integration with Freebase itself.

# 7th November 2008, 11:23 pm / javascript, freebase, acre, serversidejavascript

jQuery history plugin. I used this plugin to add back button support to a small Ajax app today, with great results. I tried it a while ago and it didn’t work in Safari, but someone has updated it since and now it works perfectly.

# 7th November 2008, 5:32 pm / jquery, history, ajax, javascript, plugins, backbutton

Yahoo, Caja, OpenSocial. Yahoo!’s new application platform uses OpenSocial, and protects itself from malicious JavaScript using Google’s Caja secure JavaScript engine. I hadn’t realised that Caja was ready for production use—this is excellent news.

# 30th October 2008, 5:14 pm / caja, yahoo, opensocial, javascript, security

JSSpeccy. A ZX Spectrum emulator written in Javascript.

# 29th October 2008, 5:25 pm / emulator, canvas, matt-westcott, javascript, jsspeccy, spectrum, zxspectrum