The Quantum Foam Deadline @quantum-foam-deadline - Tumblr Blog

I found this when reading my email for a packtpub beagleboard book.

Let’s Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG). ISRG is a California public benefit corporation, and is recognized by the IRS as a tax-exempt organization under Section 501(c)(3) of the Internal Revenue Code.

The Open Development Method is a summary of lessons learned in leading large teams around Agile, Scrum, Waterfall and other common methodologies.

The open development method is better for business. Scrum is dead.

We want more people to see themselves as citizens of the web. The Mozilla Learning Network offers programs and a global community dedicated to helping people learn the most important skills of our age: the ability to read, write and participate in the digital world.

Google said it will move gmail.com to a policy of rejecting any messages that don’t pass the authentication checks spelled out in the DMARC specification.

Jim Whitehurst, president and CEO of Red Hat, shares his Linux story.

#linux

ES6 In Depth is a series on new features being added to the JavaScript programming language in the 6th Edition of the ECMAScript standard, ES6 ...

JavaScript Inheritance Example

Creating a JavaScript object utilizing inheritance

A simple method for JavaScript inheritance is describe below. The referenced code is available at here at my github page.

There is more than one way to complete this programming pattern. I use the following when writing my own JavaScript code.

You first create your base object. in this example it is called page. You then create your child object. In this example it is called mainPage.

Code Example

The page object

function page() {

this.ajax = function() {

return new Ajax();

};

this.doAjax = function(ajax) {

$.ajax({

url : ajax.url,

data : ajax.data,

success: ajax.success

});

};

$.ajaxSetup({

type : "POST",

dataType : 'json'

});

return this;

}

The mainPage object

function mainPage() {

this.getMessage = this.ajax();

this.saveData = this.ajax(); this.getMessage.url = '/ajaxData.php';

this.getMessage.data = 1;

this.getMessage.success = function(data) { get.obj(mainPage).getMessage.data = data; console.log(data); };

this.saveData.success = function(data) { alert(data.message);

};

this.setupModal = function() { $('#launchModal').click(function() {

$('#myModal').modal();

});

this.doAjax(this.getMessage);

$('#myModal').on('show.bs.modal', function(event) {

var button = $(event.relatedTarget) // Button that triggered the // modal var recipient = button.data('whatever') // Extract info from data-* // attributes

var modal = $(this)

modal.find('.modal-title').text(get.obj(mainPage).getMessage.data.title); modal.find('.modal-body').text(get.obj(mainPage).getMessage.data.message); })

};

return this;

}

Extend the mainPage object

mainPage.prototype = new page(); mainPage.prototype.constructor = mainPage;

A full working example is in my github page. Here is the

link

.

#javascript #inheritance #web develoment

Contribute to java_script_examples development by creating an account on GitHub.

#javascript #inheritance #web development

qf_jspkg - A JavaScript AMD Loader Framework

#Drupal PHP JavaScript AMD

wp-mvc-js - A Blog plugin providing access to a javascript MVC Framework ready to go

#wordpress javascript mvc plugin

wp-jspkg-plugin - A wordpress plugin that can add JavaScript libraries to WordPress

#wordpress #javascript #plugin

Firefox 36 was just uplifted to the Developer Edition channel, so let’s take a look at the most important Developer Tools changes in this release. ...

#mozilla #web development #web inspector

Firefox 29 issued half a year ago, so this post is long overdue. Nevertheless I wanted to pause for a second to discuss the Internationalization ...

#javascript #i18n

Input Validation

In programming input validation is very important. When user input is not validated malicious users can exploit security issues in computer applications.

For example, most recently PHP has had a buffer overflow in the file info functionality when checking elf files. Additionally XML has had some serious security holes in 2014. The first was heartblead and the second was a version of the billion laughs exploit. An integer overflow was recently discovered in RPM which allowed arbitrary code execution.

Historically there have also been null byte security issues with user input files and file handling during program execution.

Ways to validate user input

1.) Regular Expressions

Regular expressions are a available to each programmer through api's in the language. What if all of your data was in the Latin char set by database restriction and a user input UTF-8 data. This could result in a database overflow. A regular expression could be used to remove and place an error message to the user which would mitigate the overflow.

2.) PHP Filter Functionality

PHP has the filter api. This has two types of filters the validate and sanitize filters. Calling these functions removes the null byte and validate or sanitize the input. Built in functionality can process request variables in a web application.

3.) Data Type Casting

Data can be cast to the correct type, but can result in data loss due to truncation. This should be used as a last resort, due to data loss.

Size Checking

In addition to type checking the programmer should also check the size of the data. If this is not done applications can have issues related to program overflow errors.

All data should be checked that it is in range with the bounds of the application, which in some cases could be restricted by the database. Here is an example of an integer overflow in CVE-2014-7185.

Conclusion

Input validation is important for security and correct functioning of the application. It can improve the user experience and prevent malicious users from using the application in a way other than it was intended.

#security #data validation #input validation #programming #cve

Trending Blogs

Recently Viewed Blogs

The Quantum Foam Deadline