One of the things that gets a lot of news time these days is XSS. There are a lot of places that explain what it is and how to prevent it but most are oversimplified or don’t provide real world examples. I thought I’d explain a couple of the ways AMO attempts to [...]
Also tagged AMO, CakePHP, Mozilla, PHPSome quick background for those who don’t live in Oregon: In Oregon we do our governmental voting by mail and we’re given the option of sticking a stamp on it and mailing it or dropping it off at any of the ballot drop boxes scattered around the counties.
What we mail back consists of the [...]
Verbatim is the second project I’ve been the lead on recently where the requirements included people committing to SVN as themselves via the application. At first glance this means storing the authentication tokens of the user in plain text since we’ll need to pass them along to SVN whenever they commit. I wasn’t [...]
Also tagged code, Mozilla, SVN, VerbatimThese are our current options for submitting forms in Firefox 3:
I don’t know anyone that has the “I submit information that’s not encrypted” option checked. We used to prompt for submitting information that was unencrypted, next we added an option on the dialog that disabled the warning (and was checked by default), and finally [...]
Also tagged Firefox, Mozilla