doron's blaahg: April 2005 Archives

� March 2005 | Main | May 2005 �

April 18, 2005

Mozilla Security Flaws

Looks like the flaws have been released. As some might notice, 2 were located in my plugin finder code (one was reported, the other I found combing my code based on the reported issue. For some reason they are listed as one issue, even though the 2 are in different parts of the code). Here is a tip - don't use setAttribute with a value that came from a web page - injection is really easy.

I also discovered the popup blocker issue, which means I am just down one :)

So the moral of the story is, people shouldn't be saying we are more secure than IE. We just can react faster, and that does make a difference.

Posted by doron at 7:12 PM | Comments (5)

April 14, 2005

Slow News Week?

The IBM job posting has made Slashdot, CNet and pretty much every other news site around the world. And natrually everyone reads something else into it :) Hard to believe soo much fuss is being made for a replacement posting.

Posted by doron at 7:35 PM | Comments (5)

April 4, 2005

Accessibility Matters

Having the gun-point induced pleasure of working on Firefox accessibility (one of the hardest words to spell, so lets just call it a11y), I thought I would share the pleasure and point out an interesting HTML/CSS accessibility page: http://www.access-matters.com.

Is your page screen reader ready?

Posted by doron at 2:12 PM | Comments (1)

doron's blaahg

Mozilla :: Web Services :: Web Applications :: Goats