TAG | javascript
I have unofficially unveiled yavascript.org, by that I mean it’s on-line but this is the first public mention of it. It is fairly basic at the moment but has all the important information relating to the first version of my yavascript compiler and development system. So yeah, head on over and check it out, download and try out the tool and, if you’re so inclined, read my report on its development:
javascript · release · Site · website · yavascript · yavascript.org
Recently I saw a question on a board I visit asking about how to make tooltips in Javascript, now I am a big JS fan, having spent a lot of time writing yavascript to aid in it’s development, but it’s a last resort – if you can’t do something any other way, use Javascript. Although doing things such as tooltips without Javascript is admittedly hard and people may not even realise it’s possible – it is, so I did:
Example 1 – CSS tooltips:
http://yavascript.org/css/tooltip.html
Note: CAN be dodgy in IE6 if you don’t make the offset big enough to appear under the link.
Example 2 – CSS lightbox:
http://yavascript.org/css/lightbox.html
Note: Currently only works in Firefox 3.
css · html · javascript · proof-of-concept
Sprockets is a tool from the makers of the “Prototype” Javascript library designed to ease the integration of multiple files via an inclusion system. yavascript is that and so much more, integrating syntax-aware minification and conditional compilation. While writing up my report on yavascript as part os my third year project I had to justify why I chose not to use Sprocket’s way of doing things. The simple answer is I didn’t want to, I like C and wanted to do it C’s way, but I figured that wouldn’t cut it in a technical report, so this led to a serious critical analysis of both systems.
(more…)
API · javascript · Prototype · Sprockets · yavascript
Over the last few weeks the website Twitter has been the victim of a number of XSS attacks, responsibility for which have been claimed by a young hacker from Brooklyn called Michael “Mikeyy” Mooney. As a result of these hacks he has been offered a web development and security analysis job with a company called exqSoft (see The Register). All this would imply he’s quite good at what he does, he has stated that the Twitter attacks were done out of boredom, however it seems that his time may have been better spent attacking his own site. At least one of the attack worms were designed to advertise his website, stalkdaily.com, a twitter clone he claims is better. Given his attacks on Twitter I decided to have a look and see just how secure his site was. In short the answer is not very…
