yyamanoのブックマーク - はてなブックマーク

Fortify JavaScript Hijacking FUD
Recently, Fortify Software has claimed that there is a pervasive and critical vulnerability in Web 2.0 with their JavaScript Hijacking paper. The way they wrote the paper is extremely misleading and was likely constructed this way on purpose to garner press and business for their company. The first egregious dishonesty in their paper is that it analyzes client-side Ajax frameworks. This is not whe
yyamano 2007/04/09
Security

Ajax

JSON
リンク
Erlang Mode for Emacs
Erlang ships with a quite nice Erlang mode for Emacs. Editing Erlang code is actually the only thing I ever use Emacs for. Setting it up is only slightly painful. For a default R11B-3 installation your .emacs will look like this: (setq load-path (cons "/usr/local/lib/erlang/lib/tools-2.5.3/emacs" load-path)) (setq erlang-root-dir "/usr/local/lib/erlang") (setq exec-path (cons "/usr/local/lib/erlan
yyamano 2007/03/16
Erlang

Emacs
リンク
from __future__ import * Remote JSON - JSONP
The browser security model dictates that XMLHttpRequest, frames, etc. must have the same domain in order to communicate. That's not a terrible idea, for security reasons, but it sure does make distributed (service oriented, mash-up, whatever it's called this week) web development suck. There are traditionally three solutions to solving this probl em. Local proxy: Needs infrastructure (can't run a s
yyamano 2007/03/08
JSON
リンク
1

はてなブックマーク