2010 Mar 13, 5:27WebFinger is finger but for the Web...
webfinger web google finger http metadata url technical 2010 Mar 3, 6:15Finally giving the javascript URI scheme its own IETF doc.
javascript ietf url uri scheme reference technical 2010 Feb 27, 10:17Weave syncs web browser user data. Its an open platform using JSON data, RESTful URL based APIs, with basic auth over HTTPS.
weave firefox web browser mozilla development technical reference 2010 Jan 10, 4:07
Irritatingly, my G1 won't show me PDFs so I've made the Google Docs PDF viewer which will load PDFs on the
web up in Google Docs. Google Docs has the useful ability to display PDFs in web
browsers without any Adobe software and works (mostly) on Android.
This was very easy to put together as an Android activity. First its necessary to register the application as handling PDFs from the web. This is done via the intent-filter declaration in the
manifest:
intent-filter
action android:name="android.intent.action.VIEW"/
data android:scheme="http" android:mimeType="application/pdf"/
category android:name="android.intent.category.DEFAULT"/
category android:name="android.intent.category.BROWSABLE"/
/intent-filter
The action part says my activity will view PDFs, the data part says it accepts data with the PDF mime-type and with a URL that has an HTTP scheme. The browsable category
is necessary to allow links from a browser to open this activity.
Second, the activity opens up the browser to Google Docs pointing to the PDF.
Intent intent = new Intent();
intent.setAction(getIntent().getAction());
intent.setData(Uri.parse(
"http://docs.google.com/gview?embedded=true&url=" +
percentEncodeForQuery(getIntent().getData().toString())));
startActivity(intent);
This is very simple code to invoke a new intent browsing to a newly constructed URL for the PDF in Google Docs. That was easy.
google docs technical g1 code activity programming android google pdf 2009 Dec 28, 2:19"This document specifies Metalink, an XML-based download description format. Metalink describes download locations (mirrors), checksums, and other information. Clients can transparently use this
information to reliably transfer files."
xml download browser web url todo 2009 Dec 23, 9:58Results of a set of black box tests on various characters in various parts of URLs in various popular browsers.
via:mnot url uri iri idn dns browser web technical 2009 Dec 1, 9:40Wow: 'The fact that federal, state, and local law enforcement can obtain communications "metadata"—URLs of sites visited, e-mail message headers, numbers dialed, GPS locations, etc.—without any real
oversight or reporting requirements should be shocking, but it isn't. The courts ruled in 2005 that law enforcement doesn't need to show probable cause to obtain your physical location via the cell
phone grid. All of the aforementioned metadata can be accessed with an easy-to-obtain pen register/trap & trace order. But given the volume of requests, it's hard to imagine that the courts are
involved in all of these.'
privacy security gps phone cellphone government politics 2009 Nov 25, 7:09Relative URI resolution differences in browsers vs programming language libraries.
via:ericlaw url uri rfc web browser programming dotnet java technical 2009 Nov 24, 5:51"Metalink/HTTP describes multiple download locations (mirrors), Peer-to-Peer, checksums, digital signatures, and other information using existing standards for HTTP headers. Clients can transparently
use this information to make file transfers more robust and reliable."
http metalink url p2p http-header cache redirect reference technical 2009 Nov 13, 6:36Hooray for the Internet Archive! "The Internet Archive and founding companies announce today the launch of 301Works.org, a service to archive shortened Universal Resource Locators (URLs). This will
enable redirect services to incorporate these shortened URLs when a member company ceases business activities."
url http redirect internet web internet-archive archive via:waxy technical 2009 Oct 30, 10:33"What does a Uniform Resource Identifier (URI) mean? Does it have a sense, and can it refer to things?" I hope it will cover some of the new scheme vs always HTTP scheme and distinct vs not distinct
URLs for a real world object and its web page perma-arguments.
via:connolly url uri w3c semanticweb http todo technical 2009 Oct 5, 4:27Lets get toDataURL everywhere!
html html5 svg canvas javascript technical 2009 Sep 30, 4:07The hashing part makes sense, but not the 'why no URL query' bit: "But because victim=12345 has already been visited they satisfy condition 2 and they get the 404 page fooling them into thinking the
site has already been taken down. So query strings don't really work." You could implement the same thing in the path and even were that not the case there's no telling that removing the query would
get you the same page. What's described here is a general method to circumvent the AP filter not an explaination as to why it avoids the query portion of the URL.
phishing technical web browser http url hash 2009 Sep 11, 8:39"In the W3C Media Fragment Working Group (MFWG) we have had long discussions about the use of the URI query (”?”) or the URI fragment (”#”) addressing approach for addressing directly into media
fragments, and the diverse new HTTP headers required to serve such URI requests, considering such side conditions as the stripping-off of fragment parameters from a URI by Web browsers, or the
existence of caching Web proxies."
fragment uri via:connolly media url query http http-header 2009 Sep 10, 6:11Google Documents can render any PDF on the web simply via an URL API. Step 2, implement HTML5. Step 3, call registerContentHandler('application/pdf', 'http://docs.google.com/gview?url=%s')
pdf google web internet html5 technical via:waxy 2009 Aug 24, 9:56AtYourLibraryOrg interviews Cory Doctorow on library and librarian related Cory Doctorow topics, then breaks up his answers into short videos. Easy to watch and interesting.
video cory-doctorow library information drm literature business economics 2009 Aug 21, 3:13"At Black Hat USA 2009 and Defcon 17 Nathan Hamiel and Shawn Moyer introduced an attack called Dynamic Cross-Site Request Forgery (CSRF). This white paper discusses the attack and discusses several
Dynamic CSRF attack vectors." Seems to require sites trying to secure CSRF scenarios using session IDs in their URLs.
security csrf research browser web technical 2009 Aug 18, 4:19
Before we shipped IE8 there were no Accelerators, so we had some fun making our own for our favorite web services. I've got a small set of tips for creating Accelerators for other people's web
services. I was planning on writing this up as an IE blog post, but Jon wrote a post covering a
similar area so rather than write a full and coherent blog post I'll just list a few points:
- The first thing to try is looking for developer help for the web service, specifically if there's a REST-ful URL based API. For example, Bing Maps has great URL API documentation that would
be enough to create an Accelerator.
- The Accelerator XML is very similar to HTML forms. If you can find an HTML form for the web service for which you want to create an Accelerator, you can view the HTML source and create an
Accelerator based on that.
- I created the FormToAccelerator extension based on the previous idea. You can
use the extension to create an Accelerator from an HTML form, or just use it to create the start of one and edit it manually after.
- If the page doesn't use an HTML form, you can start up an HTTP debugger like Fiddler, use the web service from the normal web
page, and then in Fiddler see if you can find a REST-ful looking URL you can use.
- When looking to create a preview for your Accelerator, see if the web page for the web service has a mobile version or a version that's intended to embed in other web pages via an iframe. On
this same line, iPhone apps make great Accelerators usually with lovely previews.
- If there's no mobile or embeddable version and the only thing wrong with the normal web page for the web service is that the useful information doesn't fit in the preview window then see if you
can find an HTML tag with a name or id near the useful information, and stick a '#' fragment pointing to that tag onto the preview URL template.
- Without a reasonable REST-ful API you can use a combination of Google's "site:" and "I'm Feeling Lucky" to find the most relevant page on a particular site.
- The value of a name and value pair need not consist of only a single Accelerator variable. You can get creative and put other text in there. For instance, I implemented a Google currency conversion by setting the query to "{selection} in US Dollars".
technical accelerator ie8 ie 2009 Aug 12, 5:02W3C File API makes it to first published working draft. Like the use of data URLs, don't like the new filedata URLs.
html5 w3c file upload script url data-scheme technical
Some rights reserved