2009 Apr 5, 5:24A cross-site request forgery issue in Twitter posts to your Twitter account for you if you're logged in. Be careful what your RESTful APIs look like.
via:swannman security twitter xss 2009 Apr 1, 9:20"Consolidating its position at the cutting edge of new media technology, the Guardian today announces that it will become the first newspaper in the world to be published exclusively via Twitter"
humor news twitter journalism newspaper 2009 Mar 26, 2:24"Yesterday's remix challenge -- to mock the ridiculous new "anti-terrorism" posters the London police have put up that tell you to spy on your neighbors -- was a smashing success. I've collected the
25 or so that came in to date below". I enjoyed: "A bomb won't go off here because people tend to be quite nice really." "Terribly convenient, isn't it? Incriminating evidence left right out where
you'll spot it and call it in..." "A bomb won't go off here because the true likelihood of you being the victim of a terror attack is really very low, especially when compared to other causes of
death or injury."
humor politics poster paranoia security via:boingboing.comments photoshop privacy 2009 Mar 25, 4:03"...we can look at the contemporary screen virus as a transitional phase - a growing pain, if you will, of the information age. Tiling our environment with screens is an extremely literal, and on top
of that rather unimaginative, way to introduce virtuality into the physical world: simply piling it on where seamless integration was what was wanted."
via:infosthetics visualization information architecture culture design art 2009 Mar 25, 11:03Mario blows the warp whistle and finds himself in Chicago.
mario video videogames warp-whistle matthew-dominick via:boingboing 2009 Mar 23, 12:58Details on a particular browser exploit and how its been resolved in IE8. "One approach they presented allowed attackers to use .NET framework DLL's to allocate executable pages of memory at
predictable locations within the iexplore.exe process. They were then able to demonstrate how .NET behavior could be combined with a separate exploitable memory corruption vulnerability to run
arbitrary code."
security ie8 ie browser hack via:ericlaw 2009 Mar 23, 9:41"So heres my trip to Chernobyl in pictures." Nice photo of the tree growing through the floor next to the chair. The whole set is like Fallout 3 but there's plants. Didn't realize plants could do
well in such a situation.
via:swannman photo history science nuclear russia chernobyl 2009 Mar 23, 9:35Ohhh some nice ones in here. "Command-Line-Fu is the place to record those command-line gems that you return to again and again."
shell unix linux cli howto tips via:swannman 2009 Mar 23, 8:13
I've made another extension for IE8,
Outline View, which gives you a side bar in IE that displays an outline of the current page and lets you make intrapage bookmarks.
The outline is generated based on the heading tags in the document (e.g. h1, h2, etc), kind of like what W3C's Semantic data extractor
tool displays for an outline. So if the page doesn't use heading tags the way the HTML spec intended or just sticks img tags in them, then the outline doesn't look so hot. On a page that does
use headings as intended though it looks really good. For instance a section from the HTML 4 spec shows up quite nicely and I find its
actually useful to be able to jump around to the different sections. Actually, I've been surprised going to various blogs how well the outline view is actually working -- I thought a lot more
webdevs would be abusing their heading tags.
I've also added intrapage bookmarks. When you make a text selection and clear it, that selected text is added as a temporary intrapage bookmark which shows up in the correct place in the outline.
You can navigate to the bookmark or right click to make it permanent. Right now I'm storing the permanent intrapage bookmarks in IE8's new per-domain DOM storage because I wanted to avoid writing
code to synchronize a cross process store of bookmarks, it allowed me to play with the DOM storage a bit, and the bookmarks will get cleared appropriately when the user clears their history via the
control panel.
technical intrapage bookmark boring html ie8 ie extension 2009 Mar 20, 10:10Its IE8 advertising that doesn't make me cringe. On the contrary it has Ask a Ninja, Janeane Garofalo, and several comedians I recall collectively from either 'I Love the [decade]' or 'Best Week
Ever'.
humor video ie8 advertising via:louis 2009 Mar 20, 4:51
Working on Internet Explorer extensions in C++ & COM, I had to relearn or rediscover how to do several totally basic and important things. To save myself and possibly others trouble in the
future, here's some pertinent links and tips.
First you must choose your IE extensibility point. Here's a very short list of the few I've used:
Once you've created your COM object that implements IObjectWithSite and whatever other interfaces your extensibility point requires as described in the above links you'll see your SetSite method
get called by IE. You might want to know how to get the top level browser object from the IUnknown site object passed in via that method.
After that you may also want to listen for some events from the browser. To do this you'll need to:
- Implement the dispinterface that has the event you want. For instance DWebBrowserEvents2, or HTMLDocumentEvents, or HTMLWindowEvents2. You'll have
to search around in that area of the documentation to find the event you're looking for.
- Register for events using AtlAdvise. The object you need to subscribe to depends on the events you want. For example, DWebBrowserEvents2 come from the webbrowser object, HTMLDocumentEvents come
from the document object assuming its an HTML document (I obtained via get_Document method on the webbrowser), and
HTMLWindowEvents2 come from the window object (which oddly I obtained via calling the get_script method on the document object).
Note that depending on when your SetSite method is called the document may not exist yet. For my extension I signed up for browser events immediately and then listened for events like NavigateComplete before signing up for document and window events.
- Implement IDispatch. The Invoke method will get called with event notifications from the dispinterfaces you sign up for in AtlAdvise. Implementing Invoke manually is a slight pain as all the
parameters come in as VARIANTs and are in reverse order. There's some ATL macros that may make this easier but I didn't bother.
- Call AtlUnadvise at some point -- at the latest when SetSite is called again and your site object changes.
If you want to check if an IHTMLElement is not visible on screen due how the page is scrolled, try comparing the Body or
Document Element's client height and width,
which appears to be the dimensions of the visible document area, to the element's bounding client rect which appears to be
its position relative to the upper left corner of the visible document area. I've found this to be working for me so far, but I'm not positive that frames, iframes, zooming, editable document
areas, etc won't mess this up.
Be sure to use pointers you get from the IWebBrowser/IHTMLDocument/etc. only on the thread on which you obtained the pointer or correctly marshal the pointers to other threads to avoid weird crashes and hangs.
Obtaining the HTML document of a subframe is slightly more complicated then you might hope. On the other hand this might
be resolved by the new to IE8 method IHTMLFrameElement3::get_contentDocument
Check out Eric's IE blog post on IE extensibility which has some great links on this topic as well.
technical boring internet explorer com c++ ihtmlelement extension 2009 Mar 18, 9:35Team of teenagers attach camera to weather balloon and send it to space!
photography photos via:boingboing.comments science space flickr 2009 Mar 16, 2:35"Society doesn't need newspapers. What we need is journalism. For a century, the imperatives to strengthen journalism and to strengthen newspapers have been so tightly wound as to be
indistinguishable. That's been a fine accident to have, but when that accident stops, as it is stopping before our eyes, we're going to need lots of other ways to strengthen journalism instead."
internet clay-shirky newspaper copyright history journalism via:ethan_t_hein 2009 Mar 14, 10:23TED talks from Aimee Mullins mostly on the topics of her prosthetic legs. The two talks are eleven years apart and you can note the advances in tech. "A record-breaker at the Paralympic Games in
1996, Aimee Mullins has built a career as a model, actor and activist for women, sports and the next generation of prosthetics."
aimee-mullins video ted prosthetic body-mod via:boingboing 2009 Mar 10, 9:42Music professor tests students and finds 'they seemed to prefer "sizzle sounds" that MP3s bring to music. It is a sound they are familiar with.' Then told the students to get off his lawn and to turn
down their sizzling music.
mp3 music via:swannman audio article 2009 Mar 7, 12:43Photos of printed all-caps hilarious signs attached to posts. Can't ignore the time travel. Or the darning!
via:swannman time-travel humor sign photo 2009 Mar 4, 2:39
I knew that the command line tool subst would create virtual drives that map to existing directories but I didn't know that subst lets you name the virtual drives with characters that aren't
US-ASCII letters. For instance you can run 'subst 4: C:\windows' and then 'more 4:\win.ini' to dump C:\windows\win.ini. This also works for non-US-ASCII characters like, "C" (aka U+FF23, Fullwidth Latin Capital Letter C), which when displayed by cmd.exe via some best fit style character conversions looks just like the regular US-ASCII 'C'. None of Explorer, IE, or the common file
dialogs allow the use of these odd virtual drives -- just cmd.exe, so I'm not sure how this would ever be useful but I thought it was odd and I wanted to share.
cli technical boring subst windows 2009 Feb 28, 2:21
Sarah and I met up with Jon, Scott, Jesse, and Grib in Las Vegas last weekend and we had a fun time.
- I got to play the Monorail Song via YouTube on my phone while on the Las Vegas Monorail rather than just chanting monorail like last
year.
- I didn't lose more gambling than I spent on food for the trip.
- Contrary to what some suggested, Sarah and I did not get married in Vegas.
- I finally saw a live Penn & Teller show and it was great!
personal2 monorail vegas penn-and-teller 2009 Feb 26, 11:52This is what I'd like in a newspaper: "1: Focus on original content, do not rewrite wire stories or press releases." and "2: Focus on hyper-local coverage, newspapers should "own" their regional beat
because they have the best contacts and the best understanding of local companies and issues."
via:sambrook newspaper advertising business journalism internet
Some rights reserved