Web Security… It’s almost an oxymoron. Security for the web has always been a long and difficult battle, often a losing one. With this segment on web security, I am focusing specifically on development techniques that you can apply to your web applications to make them more secure. I really want to concentrate on making security easy, for both the end-user and the developer alike. Who said security has to be hard?
This is a multipart segment that will cover:
- XSS (Cross Site Scripting) Attacks
- CSRF (Cross Site Request Forgery) Attacks
- SQL Injection Attacks
- JSON Hijacking
(and perhaps more as I think of topics)
Continue reading ‘Web Security - Introduction’
The other day my collegue, Steve Skrla, was having an infinite recursion issue caused by my javascript clone function. We discovered that the for some reason it was equating a string value with an array value. After a little more digging Steve found the culprit. Simply put, Javascript’s == operator is broken.
I did a little more digging and discovered exactly what Javascript is doing. It turns out that when comparing anything to a string, Javascript first runs a toString on the other item being compared.
Continue reading ‘Javascript ‘==’ operator and indexOf failure’
Some people were asking for some additions to my ExtJS ComboBox replacement, so here is a quick little update.
This version adds in some minor fixes and a new feature. The ComboBox will now properly consume an existing combo. If you do not have selected=”true” on one of the options then this combo will clear the value of the ExtJS Combo box so that no value is selected.
I need to add some more documentation and testing and then I will make it an official UX component. I am also working on some examples of Ext’s combo vs this combo to show you why it is better.
Continue reading ‘ExtJS - Update to ComboBox Replacement’
At Stark Enterprises I learned that if you want to get work done, you have to know how to work “the process”. The process… well what I really mean…is… ok here is my definition:
“The Process” : A systematic series of steps (see “hoops” and “hurdles”), defined in a directed cyclical graph.
I am pretty sure there were some Top Secret level computer scientists at Stark Industries that accidentally solved the Travalling Salesman Problem in polynomial time while trying to find a way to push their software request form through. Continue reading ‘Stark Industries - “The process”’
We often need to do deep copies of Javascript objects so that we can modify the copy without it affecting the original. I have created the following clone function that does this quickly and easily; however, it does have limitations. If you clone an instance of, lets say, an Ext.Panel, Javascript’s instanceof function will fail to recognize it as an instance of Ext.Panel. From what I can gather, this is because the Javascript engine has some kind of internal reference to an object’s constructor and instanceof doesn’t actually look at the constructor we are able to modify… lets look at an example so it is more clear:
Continue reading ‘ExtJS / Javascript - Deep Copy’
A question appeared on the ExtJS forums today regarding how to bind event listeners on multiple links that are generated from the server. Bind an event listener to each link, right? Wrong! This is wrong in the sense that it wastes system resources and is unnecessary. Can you imagine how much resources TreePanel would take up if it bound a click listener on every single node element!? Oh wait… that’s probably what you though it did :-). But it doesn’t.
Continue reading ‘ExtJS Performance - Element click events’
Aaron Conran of ExtJS just published a post today recommending using namespaces to organize your Javascript code. I have a rewrite of the Ext.namespace function that I find a little more useful.
Continue reading ‘ExtJS - Using Namespaces Improved’
Check out the first post in this series: Stark Industries - Entrance into Madness
One of the things I learned at Stark Industries is how to do your job without the proper tools available… I was like MacGyver. Continue reading ‘Stark Industries - Doing your job, MacGyver Style’
A TEMPORARY table is a table that is bound to a connection and is dropped when that connection is closed. It seems like this would just be a normal table with some meta data attached to it indicating the connection it is bound to. I suppose for some reason it is more complicated than that… seems unnecessarily so…
Anyways, the limitation is that you cannot refer to a given temporary table more than once in a single query. If you do you will get a “Can’t reopen temporary table” error. So, for instance you cannot insert into a temporary table some data that you select from it in in the same query. This limitation has bit me several times.
The bug is here: http://bugs.mysql.com/bug.php?id=10327
Continue reading ‘MySQL Temporary Table reference limitation’
I consider myself to be an expert in ExtJS. However, there is one component that I have to lookup how to use just about every single time I use it: Ext.form.ComboBox. For me, the default implementation just doesn’t cut it. There are a number of problems I have all the time:
- Forgetting to set “mode” to remote when I provide a store that is obviously “remote”
- Drop-down list width sometimes is smaller than the combo box itself
- I hate having to setup a store every time I need a remote ComboBox
- After the store loads, the value in the input box is not automatically replaced with displayValue
Maybe these issues are more my issues, but I maintain that ComboBox is one of poorer ExtJS components. Here is my replacement:
Please see the new code here: Update to ComboBox Replacement
Use it like this:
var combo1 = new com.succinctllc.form.ComboBox({
displayField:'name',
valueField:'id',
url:"/path/to/dataSource"
}); |
Edited to set lastQuery properly so ComboBox does not load the store twice when autoLoad is set to true (default).