Archive for the ‘javascript’ Category

Awakened by Mikeyy. Little punk.

Sunday, April 12th, 2009

I was browsing Twitter late into the night.  At some point I hit a profile with a funny ASCII animation at the top.  Maybe that was where it started, I don’t know.

This is what I saw in my Twitter account…

Dude! Mikeyy! Seriously? Haha. ;)
Dude, Mikeyy is the shit! :)
Dude, Mikeyy is the shit! :)

What I do know is I woke up and was unpleasantly surprised.  I checked my emails.  A nice and informed person had notified me that my Twitter profile had been hit with the “mikeyy exploit” and I may want to check it out and change my password or something.

He left me this link to read up on the situation.

http://www.sophos.com/blogs/gc/

Then I went to search.twitter.com and looked up tweets people had sent me.  Other people were either asking why I was saying things about Mikeyy, but some knew what was happening and sent more links like this one.

http://dcortesi.com/2009/04/11/twitter-stalkdaily-worm-postmortem/

I don’t claim to understand what exactly happened, other than it seems some temporary Javascript can be applied to a page and funny business can be made to happen on that page by a page from another site.  This is apparently called a cross-site scripting attack or XSS.

http://en.wikipedia.org/wiki/Cross-site_scripting

The issue can be addressed by Firefox users with the “NoScript” extension.  I hate the idea of installing this.  Seems like there should be a better way.  Indeed maybe one of Explorer’s annoying popups has addressed it over in that camp.  I need to look more into that.

Here is the Firefox solution.

http://noscript.net/

I have installed it.  It is annoying.  I went into the preferences and cranked it down a little.  There is also an “S” logo at the bottom of the browser that lets me change specific preferences for a site.  I turned on a sound effect when it is called up so I can change the settings for a given site and not miss the intended and good functionality of that site.

In this particular situation, I do not believe the code is still in my Twitter profile.  I think last night’s issue has been resolved.

Being someone who makes websites and loves Javascript, this is a troubling fix.  The browsers should step it up here, as they may have already begun doing.

I have exposed some of my ignorance here.  I hope if you know more you will leave a helpful comment below.  Thank you!

Tags: , , ,
Posted in javascript, learning, programming | 6 Comments »

Ranking, Blog Code, Custom Search, Firefox Add Ons

Saturday, September 20th, 2008

Improving your site’s Alexa Rank and Google PageRank, showing code in your blog posts with syntax highlighting and line numbers, creating a custom Google search box for your website, surviving and thriving in Google Reader using PostRank, and exploring Firefox addons for web developers including GreaseMonkey and Web Developer.

Source code in blog posts:

Ranking:

Google Custom Search

Toolbars:

Firefox Add Ons:

jQuery Experimenting:

Tags: , , , , , , , , , , , , , ,
Posted in javascript, jquery, learning, programming, tools | 1 Comment »

Hooking Javascript Validation to an HTML Form

Sunday, August 24th, 2008

HTML forms, which collect data from users, usually have more going on under the hood than meets the eye. They need to check the inputs to make sure they’re formatted correctly for the database. The server needs to validate the input, but validating input at the client makes for a better user experience. Let’s look at the what, why, and how of validating HTML forms on the client-side.

DavidVanVickle.com Javascript Validation Demo and Tutorial

webcheatsheet.com Validation Functions

Tags: , , , , , , , , ,
Posted in javascript, jquery, programming | No Comments »