Killfile, reloaded.

Oct. 1st, 2013 02:47 am
dtm: (lizard)

So many, many, many moons ago (over seven years!) I posted about a greasemonkey script that provided a comment killfile. (See that page if you're unfamiliar with the concept)

It was popular and useful for a while, but mostly succumbed to bit rot while I was at Google and I hadn't had a chance to play with the code in a modern web environment until recently.

I now have an experimental version of my old killfile redone as a chrome extension, and am looking for a few early tester volunteers to find out the places it should work that it doesn't yet. I'm also interested to see if the chrome sync stuff works for people who aren't me. (in theory, all your chrome devices should know about who you've tagged as a troll)

Now I'm providing even less support for this version than I provided for that greasemonkey script, so don't even bother asking unless you feel comfortable following the steps on this page under the heading "Steps on adding extensions from other websites".

But if you'd like to test this thing send me an email at martin -at- snowplow -dot- org.

Tags:

Something noticed in malware distribution - one-time malware redirects

Jan. 20th, 2009 09:02 pm
dtm: (Default)
Yeah, yeah. First post in a long time, first post of the new year, first post with a new US President, etc. Assume I've groveled sufficiently for not posting in ages.

So the other day I visited a website belonging to a friend and my web-browser completely freaked out, blocking the site and saying that it linked to all sorts of disreputable places. That is to say, it warned that my friend's site was including material from sites that attempted to install all sorts of malware.

Now, this was odd, but occasionally a bad ad can get into an ad network, and then everyone showing those ads accidentally is displaying malware, and I figured that was what happened since when I went back and then visited the site again, all was fine.

Only, after reloading her page I discovered that my friend doesn't run ads on her site.

ExpandA more detailed description of what was going on, probably of interest only to techies )
Tags:

Most HTML templating languages are written incorrectly

Apr. 15th, 2007 11:42 am
dtm: (Default)
Continuing my pattern of occasional technical posts just that my journal won't be completely dormant, here's another one:

If you do much web development at all, you probably work with a template language of some kind. You know, the kind of thing where you write HTML with various placeholders in spots that get filled in by the web application - examples include jsp pages, Django's template system, Smarty templates, PHP pages, or HTML::Mason.

Anyway, the problem with virtually every HTML templating language out there is that they make it easier for the person writing HTML templates to add an XSS hole than to avoid it. This isn't a matter of making it possible for page writers to shoot themselves in the foot - that's always going to be possible, given any reasonable system - it's a matter of making it easier to do than to avoid.

ExpandMore for people who've ever worked in such environments )
Tags:

Profile

dtm: (Default)
dtm
Daniel Martin

September 2024

S M T W T F S
1234567
891011121314
15161718192021
22232425 262728
2930     

Syndicate

RSS Atom

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

Expand All Cut TagsCollapse All Cut Tags
Page generated Jun. 20th, 2025 07:10 am
Powered by Dreamwidth Studios