Simon Willison’s Weblog

Subscribe

647 items tagged “javascript”

2005

The Dojo Manual (via) Dojo finally gets some really good extensive documentation. # 24th December 2005, 6:21 pm

Don’t be eval()

JavaScript is an interpreted language, and like so many of its peers it includes the all powerful eval() function. eval() takes a string and executes it as if it were regular JavaScript code. It’s incredibly powerful and incredibly easy to abuse in ways that make your code slower and harder to maintain. As a general rule, if you’re using eval() there’s probably something wrong with your design.

[... 431 words]

Rich Text Editing With Dojo. Utterly fantastic. Beautiful API, and it even works in Safari. # 8th November 2005, 12:52 am

TurboDbAdmin. Ajax phpMyAdmin clone built on Dojo. Worth trying the live demo. # 4th November 2005, 3:27 pm

Firefox 1.5 developer highlights

Firefox 1.5 Beta 1 is out, and is the most exciting browser release in a very long time. It comes with the Gecko 1.8 rendering engine, which includes a ton of interesting new features. New in this version (unless you’ve been tinkering with the Deer Park series):

[... 719 words]

Understanding the Greasemonkey vulnerability

If you have any version of Greasemonkey installed prior to 0.3.5, which was released a few hours ago, or if you are running any of the 0.4 alphas, you need to go and upgrade right now. All versions of Greasemonkey aside from 0.3.5 contain a nasty security hole, which could enable malicious web sites to read any file from your hard drive without you knowing.

[... 809 words]

Staying social

June is finals month, but the call of @media 2005 is hard to resist. I won’t be attending the actual conference (sadly my student budget doesn’t stretch that far) but I’ll be in London on Saturday the 11th to ride on the coat-tails of the conference.

[... 174 words]

Stuart’s book

I meant to mention this earlier, but Stuart’s book, DHTML Utopia: Modern Web Design Using JavaScript & DOM, has been published. I worked as a technical editor on the book, and I’m proud to have been associated with it. Don’t worry about the hairy title (apparently you have to have DHTML in it or bookshops won’t know where to put it / people won’t know what it’s about), the inside is pure gold. In their usual style, SitePoint have posted the first four chapters online for your perusal so you don’t have to take my word for it, you can try it out for yourself.

[... 107 words]

Firefox Counter. How the Firefox counter works. # 28th April 2005, 6 pm

Safari 1.3 has a JavaScript Console

My single biggest complaint about Safari in the past has been its terrible support for JavaScript debugging. Safari 1.3 has just been released, and tucked away in the Debug menu is a brand new JavaScript console option. It’s not as good as the Firefox equivalent (it throws up far too many “Undefined value, line: 0” errors for my liking) but it’s a big step in the right direction.

[... 80 words]

Flickr without the Flash

One of my favourite panels at SxSW this year was the Flash vs. HTML Game Show, in which a team of HTML/JavaScript gurus took on a team of Flash gurus showing off pre-prepared solutions to tasks set for the panel. One of the challenges was to come up with enhancements to Flickr using the team’s assigned technology.

[... 353 words]

Greasemonkey: Hacking the Web with JavaScript. Greasemonkey rocks! Here’s a simple tutorial from Michael Moncur. # 8th January 2005, 12:38 pm

2004

The Register hit by XSS

Here’s a nasty one: popular tech news site The Register was hit on Saturday by the Bofra exploit, a nasty worm which uses an iframe vulnerability in (you guessed it) Internet Explorer to install nasty things on the victim’s PC. Where it gets interesting is that the attack wasn’t against the Register themselves; it came through their third party ad serving company, Falk AG.

[... 262 words]

Executing JavaScript on page load

Peter-Paul Koch recently wrote:

[... 772 words]

2003

Silly JavaScript Security. “Sorry, you do not have permission to press this key,” # 5th December 2003, 10:42 pm

The good and the ugly

PHP.net has a new feature on their search page—a really nice implementation of an auto complete text widget in Javascript. Even better, the search page is valid XHTML 1.0 Strict and uses CSS for the layout. Let’s hope this is an indication of things to the come for the rest of the site, which still mostly consists of tag soup.

[... 368 words]

getElementsBySelector()

Inspired by Andy, I decided to have a crack at something I’ve been thinking about trying for a long time. document.getElementsBySelector is a javascript function which takes a standard CSS style selector and returns an array of elements objects from the document that match that selector. For example:

[... 172 words]