I admit I am no front-end web developer. For me, writing code for a website is basically:
- Does this work? Yes. Cool.
- Does it really work? Yes. Awesome.
- Does it look kind of decent? Yes. Nice!
- Can I do some security stuff with it? Kind of. Good.
Yesterday was Crack Day at Yahoo! and I guess Alice was in the mood to do a security review of my mindof code. And she had some nifty front-end engineering security tips for me (since she is a front-end engineer). And of course, she came up with some horrific hacks that could happen if I didn’t update my code.
So, I just updated the code with the tips that she gave me on the security side (updated code here). There are some scalability and not-as-critical security enhancements she found, which I need to work on soon. But, I wanted to get the critical stuff in there right away and released.
My thanks to Alice for the awesome tips and for teaching me some cool stuff.
Latest Entries
Recent Comments
- Redemption 3
Carlo Zottmann, mookie, Carlo Zottmann - O'Biden vs. McPalin 6
Sista, alice, chanter [...] - Gamefly Cancelled 64
Jay, jason, Seth [...] - Get Your Palpatine On 4
Idiots, all of them., mookie, jr [...] - Good Stalker 2
mookie, wife - "Survivorman" vs. "Man vs. Wild" 174
AWOL, victorforce007, Pan kaj [...]
May 15th, 2008 at May 15, 2008 3:26 pm
And yet, despite caring about security, you and Alice both still use WordPress. Tsk tsk!
May 15th, 2008 at May 15, 2008 4:51 pm
Actually, if we are nitpicking I am using Wordpress 1.5.x which is both out of date and has some nice security holes. Though that has more to do with laziness being the biggest factor of all!