For Sale! SOLD
2001 VW Passat – V6 – 5spd
167,800 Miles
Founder of Kernl.us. Working and living in Raleigh, NC. I manage a team of software engineers and work in Python, Django, TypeScript, Node.js, React+Redux, Angular, and PHP. I enjoy hanging out with my wife and son, lifting weights, and advancing Kernl.us in my free time.
For Sale! SOLD
2001 VW Passat – V6 – 5spd
167,800 Miles
A client of mine recently tasked me with figuring out why the newer versions of IE were throwing a Cross Site Scripting (XSS) error. For the life of me, couldn’t figure out why. Maybe it was because they were submitting a form to another server? Or perhaps because the Javascript was closing the window when it was done? I don’t know. But, I did find a nice little trick that allows you to disable the Cross Site Scripting(XSS) filter in IE.
All that you need to do is add “X-XSS-Protection: 0” to the response header. For instance, to disable the Cross Site Scripting(XSS) filter all you do is:
header(“X-XSS-Protection: 0”);
That’s it. Usually that will resolve any XSS errors you have. It may not be the best solution from a security stand point, but it’ll work in a pinch,
As any good free-lance web developer does, I was browsing my competition’s portfolio earlier this evening. I was curious as to how the layout was done on one of their client’s web pages, so I opened the source. Near the bottom, there were probably 100 links injected into the page. It turns out that they were the victim of a cross-site scripting attack.
I immediately notified the owner, but I’m still pretty excited that I made a discovery like this. You hear about cross-site scripting attacks all the time, but I’ve never actually discovered one.
For those interested, the site in question is: http://www.skydivecms.com/
Last Christmas I graduated from college. One of my graduation gifts was a 2nd generation iPod Touch! At the time, the iPod Touch was one of the coolest things I had ever got. I immediately started to play with it, and was impressed with it’s ability to know the orientation of the device. It’s multi-touch support was also impressive. Probably the coolest part of owning an iPod Touch was that “there’s an app for that” attitude. The sheer volume of available apps was mind blowing.
After graduation I started grad school, so I didn’t have much time to play on the technical side of iPod Touch and iPhone development. However, I now have the time, and what follows is my journey on the road to iPod Touch and iPhone development enlightenment.
Before I even got started with iPhone development, I already ran into a problem: I don’t own a Mac, nor do I want to own one. It’s not that I don’t like them. They’re beautiful machines with top of the line hardware and software, it’s just they’re a little outside my
price range. So, how does one go about developing for the iPod Touch and iPhone on a Windows machine? Well, there are a few different options. Some revolve around Cygwin, while others around VMWare. There is a good thread going on over at Stack Overflow (here) about it. Depending on your situation, you may want to just pony up the cash for a Mac Mini, but to each their own. In my case, I went with one of the methods listed above.
The book I’ll be using for this adventure is “Beginning iPhone 3 Development: Exploring the iPhone SDK” by Dave Mark and Jeff LaMarche. It was reasonably priced, well reviewed, and had a grapefruit on the cover. How could I possibly go wrong with this? While I’ve only read the back cover at this point, the only problem I have with it is that it fails to mention the need for a Mac. Some people might say “Duh! Of course you need a Mac for iPhone and iPod Touch development!”, but it’s not always obvious to everyone.
As with most development projects, there are a few things you need before you get started. In the case of iPhone & iPod Touch development, you need the iPhone SDK (also, from this point forward I’m going to start referring to “iPhone & iPod Touch development” as “iPhone development”). To get at the iPhone SDK, you need to visit http://developer.apple.com/iphone/ and sign up to be an iPhone developer. It’s free (or has free options), so that’s a relief.
The sign up process seemed fairly painless. While I’m not a huge fan of having to register and give out personal information, they control the SDK, so I suppose I must do as they say. Nothing too suprising once you’re through the registration though, except the download is 2.5 GB!!! The worst part is that I have no idea why. I always thought Netbeans with the JDK/JRE was huge, but this thing blows it out of the water.
It’s a programming tradition to learn any new programming language with a simple “Hello World” program. Even when not programming, some programmers still use “Hello World” to break the ice. Hardly one to break with tradition, I’m going to be starting with a “Hello World” too, except this time for an entire platform, instead of just a programming language.
After much fumbling around, here are the steps to getting a “Hello World” program started.
Honestly, I expected it to be a bit harder than this. Next time I’m hoping to make it though chapter 3, where I get to learn how to handle basic user interaction! As always, any feedback is welcome.
I’m not a Flex developer, but I’m quickly becoming one. Recently I was tasked with creating a Flex form, sending it to the server, waiting for a response, and handling things accordingly. My problem was that I couldn’t figure out how to use my result set that I received from the server. Turns out, I needed to import a EventResult library, which was the turning point.
The Actionscript
import mx.rpc.events.ResultEvent;
private function thanks(evt:ResultEvent):void{
var dataFromServer:XML = XML(evt.result);
mx.controls.Alert.show(dataFromServer.toXMLString());
}
The Flex
<mx:HTTPService
id=”srv” useProxy=”false”
url=”http://localhost/form.php” method=”POST”
contentType=”application/x-www-form-urlencoded”
resultFormat=”xml” result=”thanks(event); “>
<mx:request>
<name>
{ bname.text }
</name>
<address>
{ baddress.text }</address>
</mx:request>
</mx:HTTPService>
What happens here is that the HTTPService sends my data to the server, then some new data is returned in XML format. Important things to remember are the ResultEvent that is passed to the event handler. Just passing a normal event didn’t do much for me.
After dragging my feet on open source contribution for some time, I’ve decided to get actively involved with Ubuntu. I’m going to start by learning how to package different things, and then go from there. I would eventually like to get a new package into the next version of Ubuntu, but I think starting small would be great too 🙂
As the job prospects in my neck of the woods are few and far between, I will most likely be returning to grad school this spring. While it isn’t best situation, it is currently the best choice I have to make ends meet and further my career. I won’t be taking my grad assistant-ship back either. It was far too time consuming and did little to further me as a person or as a software developer. I have instead opted for contracting through various people with hopes that it may eventually become a full time thing.
Wish me luck!
The coming weeks are going to be big at Re-Cycled Air. I hope to get the following things done:
That being said, if you need any help with web design / web programming, drop me a line.