Political parties have no sense of humour. Far from being a revelation, it was merely reinforced yet again as both the major parties in this country had their sites fall victim to XSS.
Political parties have no sense of humour. Far from being a revelation, it was merely reinforced yet again as both the major parties in this country had their sites fall victim to XSS. The end result of a bit of harmless fun and pointing out that particular sites are vulnerable is having the Feds make some inquiries of you.
Considering that a majority of these types of attack can be easily fixed by escaping and not trusting URL GET variables, it really is much ado about nothing. My personal favourite site for fun and profit happens to be space.com which has this lovely habit of having captions in the URL, leading to hard-hitting social commentary like this.
In other news this week, Nick Gibson wrapped up his Web Directions South coverage. With 11 features, six of which are videos, a wide variety of topics was covered: from kickstarting your own startup to a demonstration of Popfly, Microsoft's mashup application, were covered.
Nick also turned his attention to an AJAX application that interacts with Second Life -- and was developed in a week by a 15-year-old schoolgirl.
If dynamically creating classes and methods is more your thing, then you would want to check out Meta-Programming with Ruby.
And finally, Mozilla puts out the "wake me when it is ready" sign as they wait for mobile phone hardware to find more grunt.
A good weekend to all, I shall be here amusing myself with no end of humourous captions on space.com until the next week's roundup.