Simon Willison’s Weblog

Subscribe

Monday, 25th October 2010

Firesheep (via) Oh wow. A Firefox extension that makes sniffing for insecured (non-HTTPS) cookie requests on your current WiFi network and logging in as that person a case of clicking a couple of buttons. Always possible of course, but it’s never been made easy before. Private VPNs are about to become a lot more popular.

# 9:11 am / cookies, security, wifi, recovered, firesheep

What is the best way to maintain a API wrapper class across multiple languages?

1. Use JSON for your API. That takes away a lot of the necessity for an API wrapper, since it means you’re automatically returning native data types (hashes, lists, strings etc) for most programming languages.

[... 175 words]

What are the best APIs for creating location-based Wikipedia mashups?

GeoNames has a fantastic API for finding Wikipedia articles near a specific latitude/longitude pair:

[... 32 words]

Bleach, HTML sanitizer and auto-linker. HTML sanitisation is notoriously difficult to do correctly, but Bleach (a Python library) looks like an excellent effort. It uses the html5lib parsing library to deal with potentially malformed HTML, uses a whitelist rather than a blacklist and has a neat feature for auto-linking URLs that is aware of the DOM (so it won’t try to auto-link a URL that is already wrapped in a link element). It was written by the Mozilla team for addons.mozilla.org and support.mozilla.org so it should be production ready.

# 1:32 pm / django, python, security, recovered, bleach

What is the best Mac OS X text editor for a web developer? And what makes it great?

It’s still TextMate for me. It gets the basics right—syntax highlighting, sensible indentation, a good project pane (I use “mate ~/Development/my-project” at the terminal to open TextMate with my entire folder hierarchy), solid extensions and good unix integration (Filter selection through command).

[... 77 words]

2010 » October

MTWTFSS
    123
45678910
11121314151617
18192021222324
25262728293031