Archive for the ‘Web Development’ Category
Posted by jpluimers on 2012/04/14
I’m experimenting with the Posting categories overview page as a prequel to a proper tag cloud (and a series of posts on how to get there).
Please let me know in the comments which of the below ones you like most:
- Left:
HTML tree with post count per category
- Middle:
HTML tree with font size indicating post count
- Right:
HTML tree with post count per category and font size indicating post count
(For comparison, you need a big screen; the most popular choice will survive on the Posting categories page).
–jeroen
via: Posting categories « The Wiert Corner – irregular stream of Wiert stuff. Read the rest of this entry »
Like this:
One blogger likes this post.
Posted in CSS, Development, HTML, Power User, SocialMedia, Software Development, Usability, User Experience, Web Development, WordPress, WordPress | Leave a Comment »
Posted by jpluimers on 2012/04/02
I’m in the midst of writing a small app that generates trees and clouds of the WordPress categories.
The main reason is that I want to better organize the categories, so I need an overview. The multi-page WordPress Categories editor isn’t of much use as it is very hard to get an overview.
Using the [Category] WordPress tag isn’t of much help as I can’t get things like this to work (I remember seeing something like this on the forums, can’t find it any more though):
[Category]
[Category number='5' method='title' order='asc' id='11,45' orderby='comment_count']
Preliminary output is at the Posting Categories page in the top menu that I will update every once in a while.
I will post the app later, as I intend to create a category cloud in addition to the tree.
–jeroen
Like this:
Be the first to like this post.
Posted in Development, SocialMedia, Software Development, Web Development, WordPress, WordPress | Leave a Comment »
Posted by jpluimers on 2012/02/23
Please one of the WordPress.com support people, contact me through my contact form.
I tried posting this question, but as you can see it is marked as ‘Topic Closed, This topic has been closed to new replies’, and looks empty on your forums’:
Please stop deleting the XML from my
</h1>
Since WordPress deletes anything but the most basic XML from [sourcecode language='xml']
tags:
See http://wiert.files.wordpress.com/2012/02/wordpress-html.doc
When I put that in a WordPress post, it deletes the XML.
It does this for anything but the most basic XML.
Please fix that!
–jeroen
Thanks in advance!
–jeroen
Like this:
Be the first to like this post.
Posted in Development, SocialMedia, Software Development, Web Development, WordPress, WordPress | Leave a Comment »
Posted by jpluimers on 2012/02/18
Tonight these most StackExchange sites have maintenance, including their bogs and meta sites (the chat sites like http://chat.stackoverflow.com/ are on-line). I checked these to be off-line, most of the bigger table below are offline too.
Later I will amend this post with the HTML and try to get some site previews too.
A bit later I got this kind of message from Chrome, that tried to protect one of the sites:
Error 139 (net::ERR_TEMPORARILY_THROTTLED): Requests to the server have been temporarily throttled.
Note that http://askubuntu.com/ is up and running 
Read the rest of this entry »
Like this:
Be the first to like this post.
Posted in Development, Pingback, Stackoverflow, Web Development | Leave a Comment »
Posted by jpluimers on 2012/02/02
Handy when copy-pasting stuff from the Web or Word Processor and your tools keep too much formatting:
HTML Tags Stripper is designed to strip HTML tags from the text. It will also strip embedded JavaScript code, style information (style sheets), as well as code inside php/asp tags ()
Edit:
John Kaster indicated that http://ckeditor.com/demo works nicely too, but I could not get their “paste from word” to emit nice clean un-styled HTML for me.
WordOff does work, and cleans away all the HTML tags (I with it didn’t clean structure tags and anchor tags, which you can keep with HTML Tags Stripper).
–jeroen
via :: Strip HTML Tags :: Online Tools.
Like this:
Be the first to like this post.
Posted in Development, HTML, Power User, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2012/02/01
While speaking at the German BASTA 2011 Fall conference, I noticed a German HTML 5 Cheat Sheet.
I recently found out that a PDF and XPS of that sheet is available.
Here is the English translation of the German download page (I did some editing on the Google Translate result):
Free: HTML5 Cheat Sheet
Know-how | 06/27/2011
MSDN Germany has put on line a cheat sheet with the most important new HTML5 tags and attributes. The handy two-page information informs web developers about how to use the audio, video and canvas element through JavaScript, what CSS3, and geolocation can provide you with and how websites with “Pinned Sites” can become even more useful. Simply download the free PDF (2.17 MB) or XPS file (601 KB), print it, and place it next to your keyboard!
Note that the PDF and XPS are German, but very handy even though your German is not perfect.
–jeroen
via: Google Translate.
Like this:
Be the first to like this post.
Posted in Development, HTML, HTML5, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2011/12/29
When writing my Patch your ASP.NET servers ASAP early this morning, I didn’t have time to research the full extend of the vulnerabilities published at 28C3 (slides, mp4), though a small bell was ringing a message that I had seen something like it before earlier this century.
I was right, this posting on perlmonks direct me to a /. posting in 2003 pointing me to the research paper on low-bandwidth attacks based on hash collisions (pdf version) that I had seen before. Perl 5.8.1 fixed it September 2003 (search for “hash” in that link).
The attack can be used for DoS because a normal distributed hash table insert of n elements will be running O(n), but a carefully crafted insert of those elements will run O(n^2).
Carefully crafting a worst case scenario depends on how well you can predict collisions in the underlying hash table implementation, which - apparently - is not too difficult, and requires little bandwidth.
Many platforms and languages are vulnerable, including those based on Java, Tomcat, .NET, Ruby, PHP and more in greater or lesser extent. I have the impression that the list only includes big names, but presume platforms based on smaller names (ASP, Delphi, Objective C) are equally vulnerable.
Just read the articles on CERT 903934, oCERT 2011-003, Arstechnica, Cryptanalysis.eu, Heise (German), Hackillusion and the research paper published at 28C3.
a few quotes:
“This attack is mostly independent of the underlying Web application and just relies on a common fact of how Web application servers typically work,” the team wrote, noting that such attacks would force Web application servers “to use 99% of CPU for several minutes to hours for a single HTTP request.”
“Prior to going public, Klink and Wälde contacted vendors and developer groups such as PHP, Oracle, Python, Ruby, Google, and Microsoft. The researchers noted that the Ruby security team and Tomcat have already released fixes, and that “Oracle has decided there is nothing that needs to be fixed within Java itself, but will release an updated version of Glassfish in a future CPU (critical patch update).”
“The algorithmic complexity of inserting n elements into the
table then goes to O(n**2), making it possible to exhaust hours of CPU time using a single HTTP request”
“We show that PHP 5, Java, ASP.NET as well as v8 are fully vulnerable to this issue and PHP 4,
Python and Ruby are partially vulnerable, depending on version or whether the server
running the code is a 32 bit or 64 bit machine.”
Microsoft seems to have been notified pretty late in the cycle, I presume because the researchers started with a some platforms and finally realized the breath of platforms involved.
The ultimate solution is to patch/fix the platforms using for instance a randomized hash function a.k.a. universal hashing.
Microsoft will provide a patch for ASP.NET later today, Ruby already patched and other vendors will soon or have already (please comment if you know of other platforms and patches).
The links this morning indicated there were no known attacks. That is (maybe was) true for ASP.NET, but for PHP a public proof of concept of such a DoS is has been published by Krzysztof Kotowicz (blog) with sources at github and a demo html page.
Temporary workarounds (based on the some of the links in this and the prior blog post, and the workarounds mentioned here and here):
- If you can: replace hash tables by more applicable data structures
(I know this falls in the for-if anti-pattern category, but lots of people still use a hammer when a different tool works much better)
- Limit the request size
- Limit the maximum number of entries in the hash table
- Limit form requests only for sites/servers/etc that need it.
- Limit the CPU time that a request can use
- Filter out requests with large number of form entries
Some platforms already have applied temporary workarounds (I know of Tomcat (default max 10000 parameters), and PHP (default max_input_vars = 1000) did, and looks like the ASP.NET fix will do too).
Other platforms (like JRuby 1.6.5.1, CRuby 1.8.7 (comments) and Perl 5.8.1 in September 2003 ) fixed it the proper way.
Note: workarounds are temporary measures that will also deny legitimate requests. The only solution is to apply a fix or patch.
A major lesson learned today for a few people around me: when vendors start publishing “out of band” updates, do not trust a single 3rd party assessment with state “initial investigation”, but be diligent and do some further research.
–jeroen
PS: Just found out that most Azure users won’t need to manually apply a fix: just make sure your Hosted Service OS servicing policy is set to “Auto”.
Like this:
One blogger likes this post.
Posted in .NET, ASP.NET, C#, Delphi, Development, Java, JavaScript, PHP, Scripting, Software Development, Web Development, Windows Azure | 5 Comments »
Posted by jpluimers on 2011/05/20
I just found out that the talk that Eric Law gave on Fiddler during MIX2011 : he blogged MIX2011 Fiddler talk is now live, you can find the video here.
During that talk he:
- launched the new version of Fiddler2
- that IE9 allows localhost traffic to be intercepted by Fiddler (so no more ipv4.fiddler hacks)
- indicated that FireFox now can use the INET layer that Fiddler2 intercepts, so no more need for FiddlerHook
–jeroen
Like this:
Be the first to like this post.
Posted in Development, Power User, Software Development, Web Development | 1 Comment »
Posted by jpluimers on 2011/04/18
SharePoint security can be tricky business.
Here are a few URLs that helped me going:
–jeroen
Like this:
Be the first to like this post.
Posted in Development, SharePoint, Web Development | Leave a Comment »
Posted by jpluimers on 2011/02/10
Greg Hewgill published a bunch Stack Overflow ebooks and StackExchange stats.
His readme explains a bit more on the books.
The blog he maintains makes up for some nice reading too.
Be sure to read the blog entry on the ebooks.
–jeroen
via Stack Overflow ebooks.
Like this:
Be the first to like this post.
Posted in *nix, .NET, ASP.NET, C#, C# 2.0, C# 3.0, C# 4.0, Database Development, Delphi, Delphi for PHP, Development, HTML, HTML5, Java, JavaScript, Pingback, Power User, RegEx, Scripting, SocialMedia, Software Development, SQL, SQL Server, Stackoverflow, XML/XSD | Leave a Comment »
Posted by jpluimers on 2011/02/09
Quite a while ago, user bobince wrote great answer on why not to parse html with RegEx.
Somehow people fail to recognize the brilliance of the answer, and try to simplify it into something like “don’t, use an XML or HTML parser in stead”.
bobince even posted some nice contra-examples that are impossible to parse in RegEx (heck, even most regular HTML and XML parsers have difficulties with them).
So: enjoy the beauty of the answer while it is still locked for editing.
–jeroen
Like this:
Be the first to like this post.
Posted in Development, HTML, RegEx, Software Development, Web Development, XML, XML/XSD | 1 Comment »
Posted by jpluimers on 2011/01/18
In the past I wrote a few blog posts on posting sourcecode in WordPress.
Nick Hodges‘ last Flotsam and Jetsam blog post pointed me to the SyntaxHighlighter JavaScript that is used by WordPress and many other engines/sites.
Their site contains an even more elaborate list of supported languages.
I had the basic list right in my last post, but was missing all the aliases (which often are easier than the longer proper names).
This is the new table adapted from their list: Read the rest of this entry »
Like this:
Be the first to like this post.
Posted in .NET, Batch-Files, C#, CSS, Database Development, Delphi, Delphi for PHP, Development, HTML, HTML5, Java, JavaScript, PowerShell, RegEx, Scripting, SQL, VBS, Web Development, WordPress, XML, XML/XSD, XSD | 5 Comments »
Posted by jpluimers on 2010/10/15
WordPress Page Order is a number increasing from left to right.
You can have holes in the number sequence.
So, back to the BASIC and FORRAN line numbering schemes (increment bij 100, 10, or you name it).
–jeroen
via: Pages « WordPress Codex.
Like this:
Be the first to like this post.
Posted in Development, Software Development, Web Development, WordPress | Leave a Comment »
Posted by jpluimers on 2010/09/16
Dropbox can show you this message when it can’t update (and the icon in the system tray gets a red cross 
):
can’t establish a secure connection
In my case, it was because I was using the Fiddler2 tool to debug some web-traphic.
Fiddler intercepts the WinInet API layer by putting itself as a proxy in it.
The great thing is that Fiddler2 can hook HTTPS traffic.
The not so cool thing is that I forgot that DropBox routes its’ HTTPS traphic through the WinInet API too
Disabling Fiddler2 enabled DropBox to start connecting 
again and finally making a good connection 
.
As soon as DropBox has a good connection, you can restart Fiddler2 again to debug your internet traffic.
–jeroen
via: Dropbox – Why cant I establish a secure connection? -.
Like this:
Be the first to like this post.
Posted in Development, Fiddler, Power User, Web Development | Leave a Comment »
Posted by jpluimers on 2010/07/07
Last week, Jean-Baptiste Jung started a bit of a stir when posting on Smashing Magazine about 10 Useful WordPress Security Tweaks.
He totally missed the official Hardening WordPress page and generated a lot of comment traffic.
All of his tweaks were rebutted by commenter Vid Luther (Mobile Commerce and Technology Evangelist and ZippyKid owner) in a separate How to Secure a WordPress Site.
This once again shows that for serious work you really need to know what you are doing.
If you don’t, then leave the work to people who do: Vid is one of those guys.
–jeroen
via: 10 Useful WordPress Security Tweaks – Smashing Magazine.
http://www.smashingmagazine.com/author/jean-baptiste-jung
Like this:
Be the first to like this post.
Posted in Development, Software Development, Web Development, WordPress | Leave a Comment »
Posted by jpluimers on 2010/06/30
It seems quite a few “web 2.0″ apps too have the same glitch: they throw away user input when the first page finishes loading.
This is especially noticeable on slow connections (UMTS, DSL that is a long distance from the phone company, EDGE, GPRS, etc): the connection speeds that a lot of developers don’t seem to test on.
So, the sequence of events goes like this:
- The data entry fields (in this case, from and to location) become visible
- You put the focus on the from field
- You type the from address (I do blind typing)
- You press the tab key to go to the to field (more and more Web 2.0 apps get their tab order right nowadays)
- You type the to address
- You wait until the “GO” button becomes visible
- The Web 2.0 app keeps loading
- It erases the “from” and “to” fields that you just typed
Or more general:
when you start typing in a Web 2.0 app which is still loading, almost all the times you loose your input.
And since there is usually no visual clue when the Web 2.0 app has finished loading, you have to wait until you feel comfortable not loosing your input.
Bad!
Examples that get this wrong:
Please add your own in the comments…
–jeroen
Like this:
Be the first to like this post.
Posted in Development, Opinions, Software Development, UI Design, Web Development | 1 Comment »
Posted by jpluimers on 2010/06/07
For a good laugh: read the Modern computer languages are a bit like people in some ways thread in the CodeProject lounge.
–jeroen
Via: The Lounge – CodeProject.
Like this:
Be the first to like this post.
Posted in .NET, C#, Delphi, Development, HTML, Java, Opinions, Software Development, VBS, Web Development, WPF | Leave a Comment »
Posted by jpluimers on 2010/06/02
Next to Greasemonkey – the script engine that empowers FireFox and Chrome, there is another very powerful way to enhance your browser:
Bookmarklets.
Bookmarklets are like shortcuts, but they don’t point to a static URL: they add action, usually by some JavaScript.
If the bookmarklet returns a string, then the browser will follow that as a URL.
But the since bookmarklet has access to the current page, it can also perform just a local action.
The cool thing is that most bookmarklets work on almost any popular browser.
These are a few bookmarklets that I use on a regular base, most are from bookmarklets.com: Read the rest of this entry »
Like this:
Be the first to like this post.
Posted in Development, Power User, Web Development | Leave a Comment »
Posted by jpluimers on 2010/06/01
After years of doing web-development, I just stumbled on example.com/example.net/example.org second level domain names.
Those are domains meant for documentation or example purposes.
And there is RFC 2606 that documents them.
There are even these first level domain names:
.test/.example/.invalid/.localhost
You’re never too old to learn something new
–jeroen
Like this:
Be the first to like this post.
Posted in Development, Software Development, Web Development | 1 Comment »
Posted by jpluimers on 2010/05/25
Having done quite a bit of C and C++ work in the past, I often still use “Yoda Conditions”, especially in environments where you have both = and == as an operator.
So, in a boolean expression, I often put the constant to test in front of the test.
I recently learned at stackoverflow that quite a few people call these “Yoda Conditions”:
“Yoda Conditions”— the act of using if(constant == variable) instead of if(variable == constant), like if(4 == foo). Because it’s like saying “if blue is the sky” or “if tall is the man”.
Thanks to dreamlax for helping me find that.
This is a problem in languages that have both the = and == operators, and the result of an assignment itself is also a value (i.e. allowing a = b = true). Read the rest of this entry »
Like this:
Be the first to like this post.
Posted in .NET, C#, Delphi, Development, Java, JavaScript, Software Development | 17 Comments »
Posted by jpluimers on 2010/05/04
Last week, I blogged that we should move away from Flash to HTML5, CSS and JavaScript, commenting on Steve Jobs’ Thoughts on Flash post announcing support for HTML5 including video playback of H.264 encoded video.
In the mean time, the Microsoft Internet Explorer team announced that in IE9 they are going to support HTML5 and that H.264 will be the only supported video encoding standard.
There is a truckload of hardware that supports H.264 decoding acceleration.
So the movement is from a plethora of video encoding standards into one broadly accepted H.264 standard.
When you look at the combination of support in HTML5/H.264 for all the major browsers, only FireFox has not announced support. This is probably because H.264 is not a free (as in beer) standard: commercial use requires payment. But - if I read the H.264 article right – content that is free for end users requires no royalties to be paid.
This combined hardware and software support means that there is a pretty strong backing for H.264!
–jeroen
Reference: IEBlog : HTML5 Video.
Like this:
Be the first to like this post.
Posted in CSS, Development, HTML, HTML5, JavaScript, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2010/05/03
I just noticed that WhiteHouse.gov last week released some of their code as Open Source.
In addition to using the Open Source Drupal project, they actually contribute to the Open Source community as well.
–jeroen
Like this:
Be the first to like this post.
Posted in Development, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2010/04/30
Steve Jobs just posted his Thoughts on Flash.
Let me add another thought: I hate flash apps.
Flash should go, and we all should go for HTML5, CSS and JavaScript.
The primary reason I dislike Flash is similar to this quote from Steve Jobs’ post: Read the rest of this entry »
Like this:
Be the first to like this post.
Posted in CSS, Development, HTML, HTML5, JavaScript, Software Development, Web Development | 2 Comments »
Posted by jpluimers on 2010/04/20
A client recently asked me what space should reserve to store URLs in their DBMS.
The plurality in the topic title is a hint: different systems have different limits on URL lengths.
But first:
Don’t use long URLs
If you use long URL’s (longer than say a coupe of 100 characters), then usually you have a problem.
First of all: short URL’s are easier to remember, index and search.
Second: long URL’s can pose problems.
It might be that your browser and server support them.
But a user might be behind an intercepting proxy (sometimes invisible to both you and your user) that imposes a URL limit.
In stead of long URLs with a HTTP GET, use shorter URLs with a HTTP POST. Read the rest of this entry »
Like this:
Be the first to like this post.
Posted in .NET, ASP.NET, Delphi, Development, Web Development | 5 Comments »
Posted by jpluimers on 2010/04/14
Every major release of software will bring great new stuff, but the price of upgrading from a previous version is that some stuff will break.
.NET 4.0 brings a lot of nice stuff as well, but there are a few things that break.
There is a nice Breaking changes in .NET 4.0 – Stack Overflow article on this.
The article is now a community wiki, and refers to these pages:
Since the article is a community wiki, expect it to be updated over time.
I wonder what these changes will bring (and break) in the upcoming Delphi Prism release (the datasheet is out now, the product should be out before the end of may).
–jeroen
PS:
If you do not have an MSDN subscription, but still want to see if things break for you, try one of these:
Scott Guthrie has a nice post on the bells and whistles of VS2010.
Like this:
Be the first to like this post.
Posted in .NET, ASP.NET, C#, C# 4.0, Delphi, Development, Prism, Software Development, Visual Studio and tools, Web Development | 1 Comment »
Posted by jpluimers on 2010/02/15
I just found out that the sourcecode tag in WordPress now supports even more languages.
This is the list of languages is below, it contains links to Wikipedia for each language.
Starred ones (bold and hyperlinks in this theme are the same ) are new since my post last year.
This is a follow up on the original article Including formatted sourcecode in WordPress « The Wiert Corner – Jeroen Pluimers’ irregular stream of Wiert stuff.
–jeroen
Like this:
Be the first to like this post.
Posted in .NET, C#, CSS, Database Development, Delphi, Development, Encoding, Java, JavaScript, Software Development, SQL Server, Web Development, WordPress, XML, XML/XSD | Tagged: sourcecode language | 2 Comments »
Posted by jpluimers on 2010/02/12
Google published an interesting graph generated from their internal data based on their indexed web pages.
A quick summary of popular encodings based on the graph:
- Unicode – almost 50% and rapidly rising
- ASCII – 20% and falling
- Western European* – 20% and falling
- Rest – 10% and falling
Conclusion: if you do something with the web, make sure you support Unicode.
When you are using Delphi, and need help with transitioning to Unicode: contact me.
–jeroen
* Western European encodings: Windows-1252, ISO-8859-1 and ISO-8859-15.
Reference: Official Google Blog: Unicode nearing 50% of the web.
Edit: 20100212T1500
Some people mentioned (either in the comments or otherwise) that a some sites pretend they emit Unicode, but in fact they don’t.
This doesn’t relieve you from making sure you support Unicode: Don’t pretend you support Unicode, but do it properly!
Examples of bad support for Unicode are not limited to the visible web, but also applications talking to the web, and to webservices (one of my own experiences is explained in StUF – receiving data from a provider where UTF-8 is in fact ISO-8859: it shows an example where a vendor does Unicode support really wrong).
So: when you support Unicode, support it properly.
–jeroen
Like this:
Be the first to like this post.
Posted in .NET, ASP.NET, C#, Database Development, Delphi, Development, Encoding, Firebird, IIS, InterBase, ISO-8859, ISO8859, Prism, SOAP/WebServices, Software Development, SQL Server, Unicode, UTF-8, UTF8, Visual Studio and tools, Web Development | 7 Comments »
Posted by jpluimers on 2010/02/07
The recently launched Google Chrome 4 introduced plugin support (they call it support for extensions).
Greasemonkey is a scripting plugin allowing you to on-the-fly modify the HTML in your browser. Originally it was Mozilla Firefox only.
On February 1st, Aaron Boodman – the original Geasemonkey developer who now works as Google – announced that Greasmonkey support it is available natively in Google Chrome 4.
There are some 40-thousand scripts available on userscripts.org, lots of them written by people like you and me (from simple things like filling out forms and removing ads to complex stuff like re-layouting complete pages).
The vast majority of those scripts will work in Google just as well as in Firefox, the rest (some 15 to 25 percent) need adaption. Read the rest of this entry »
Like this:
Be the first to like this post.
Posted in Development, Google Apps, JavaScript, Power User, Software Development, Web Development | 2 Comments »
