The blog for absolutely nothing!
I’ve updated my userscripts for Google with Greasemonkey.
I added the Classic homepage to the list where it should add the buttons. I also added a button to search Google News.
Fixed the layout crash due to Google’s tiny HTML adjustment. Also added support for Google News and Images.
Please feel free to respond if you have a request!
I discovered a type 1 XSS issue in the StumbleUpon website. Input in the POST form at http://www.stumbleupon.com/delete_account.php was not properly sanitized. I’ve create an example that executed script in the www.stumbleupon.com domain. It shows a popup containing your current username (if you are logged in), the domain and the cookie for the domain. The repro can be found here:
http://skypher.com/SkyLined/Repro/StumbleUpon/XSS%20in%20delete_account.php.html. The StumbleUpon people were very quick to respond and fix the issue. You will notice that the repro no longer works.
XSS bugs in social websites like StumbleUpon are especially dangerous as such websites may allow an attacker to create an XSS worm. An XSS worm is a piece of JavaScript and HTML which uses XSS to post messages on behalf of any user visiting a page that contains the worm. These messages will put the worm code on other pages as well, causing those pages to also start spreading it whenever a victim visits the page. This causes it to spread faster and fast as more and more pages are infected.
I’ve put some of the ASCII Art I’ve created over the years online here. This includes never before publicly released ASCII Art shellcode.
Jens Lorenz’ function list plugin is a very handy tool!
After installation, there are a few things you need to customize. For php this is what I did:
Keep in mind that this might be different with your code convention, in that case, you’ll have to adjust the second (function name) regex.
At my current job we don’t have that much objects and classes, so I’ll see if i can whiff up a class based regex later.
[edit]
More posts about Notepad++ can be found here: Notepad++ customization.
Apple has released a patch for a remote code execution vulnerability that I reported to them. This vulnerability affects JavaScripCore, which is part of Safari. The patch should fix the vulnerability on iPhones and iPods. Other products that use JavaScriptCore, such as Safari for Mac and Windows, are still vulnerable.
Notepad++ released 5.0 some time ago, and recently a rebuffed version. It’s looking good!
I have some small adjustments for myself and maybe for you.
[ctrl]+[enter] now opens the function suggest by default which was the QuickText Replacer. Look in the shortcutmapper for this one (#36), just clear it and you’re back to normal.
The new function hinting system is great. I wish there was a way to add () when inserting a function name, and move the cursor in the brackets. Additionally, some comment on the function’s use would be helpful on hovering.
I noticed some people were coming to my site to find out how to change the font size, well, this is easy, just hit [ctrl] and scroll your mouse!
For entering some Quicktext please see my Quicktext Wiki.
[edit]
Don’t forget to install the Quicktext plugin which you can find here.
More posts about Notepad++ can be found here: Notepad++ customization.
My vista managed to screw up big time yesterday, as it tried to install SP1, for the 7th time I think..
I can’t boot and am looking for an external DVD drive to reinstall everything. So devving is moved back a bit..
[update 14/07]
I managed to reinstall everything.. bah, now removing pre-installed crap and customizing…
Yesterday we had an amazing party in some catacombs under a bridge (RHCP hurray). It was a lovely scene with the old games we all know, donkey kong, space invaders and good ol’ pacman. If only I could convince my girlfriend to buy this version of the ’surface’ table!
[will re-add picture later]
But I also had some drinks and made some crazy pictures again, here is me with Joe Wilson, who is think is scared:
I also met Martin, Jukka and a really crazy Norwegian girl named Trude:
So much for yesterday, today is going to be a long one, first we have to wait for the train and then the ‘whopping’ 3½ hours ride home. 1st class thou.
Oh and i have to show you this one, a picture of Edwin’s Socrates face:
So this leaves me to closing up this blogpost, but not without thanking Paris and Microsoft for the lovely time here. It was quite an experience!
I lost count, I think day 6. The finalists were announced today and the fact that next years’ competition is in Egypt! That promises some amazing settings.
Just had a nap and in about 45 minutes its off to the undisclosed location, but rumour has it that it is in catacombs beneath the Champs d’elysees. We’ll see. It’s been an amazing journey and the team met a lot of people, got contact info and learned a lot!
So yesterday was a day of leisure. I took the team on a cultural day, which brought us to the Eiffel Tower. We got tickets from Microsoft to go all the way to the top, which is quite an experience. The tickets also allowed us to skip the queueing, which was rather nice.
Ricardo insisted on eating his breakfast ON the Eiffel Tower, which he did. Then we took our day pass for the Metro and headed for the Sacre Coeur, which gave us an excellent lunch setting:
Then we went in the Sacre Coeur and even up to the dome which is a whopping 220 steps up. But it’s a must-go! You walk on the roof and through small openings to get to the dome and then get a spectacular panoramic view of Paris:
This is me thinking it’s excellent.
After about 30 minutes gazing at Paris we had to go down again, and meet some journalists which came from Holland aswell. We sat down in the sun and the team had a nice session. Time to get back to the hotel and off to the arranged ‘dinner’ cruise.
The boat left at 2030 for a trip on the Seine, we quickly found our way to some beers and started mingling. I took some excellent shots:
Day 5
So now it’s day five and I was just in time for breakfast. Some more R&R and then off to the Louvre to set up the showcase and watch the top teams’ presentations. The bus leaves in 40 minutes…