|
I don't think I know enough about the subject to warrant an article.
Luc Pattyn [Forum Guidelines] [My Articles] Nil Volentibus Arduum
Please use <PRE> tags for code snippets, they preserve indentation, improve readability, and make me actually look at the code.
|
|
|
|
|
Me neither, we should get john to do it
"I do not know with what weapons World War 3 will be fought, but World War 4 will be fought with sticks and stones." Einstein
"Few things are harder to put up with than the annoyance of a good example." Mark Twain
|
|
|
|
|
|
There is absolutly no need to protect against Javascript injection. Just asume it is not safe.
It runs on the "attackers" machine in his/her browser. They can mess with anything they want anyway.
Your application defenses should be on the server side anyway.
On the other hand, using Javascript's ability to dynamically eval code from string can
be extremely powerfull.
---
Adar Wesley
|
|
|
|
|
I can see your point.
Adar Wesley wrote: Your application defenses should be on the server side anyway.
Absolutely, the main defenses are the ones on the server, I agree.
Luc Pattyn [Forum Guidelines] [My Articles] Nil Volentibus Arduum
Please use <PRE> tags for code snippets, they preserve indentation, improve readability, and make me actually look at the code.
|
|
|
|
|
I don't know why you needed to modify the string prototype, but Function and eval both allow you to dynamically execute javascript. You can also just type it directly into the address bar, use a bookmarklet or a debug console.
|
|
|
|
|
Hi VectorX,
That code fragment just tells me that JavaScript, like LISP, and PostScript, happens to be a programming language in which the distinction between groups of characters and executable code is trivial to blur.
best, Bill
"Many : not conversant with mathematical studies, imagine that because it [the Analytical Engine] is to give results in numerical notation, its processes must consequently be arithmetical, numerical, rather than algebraical and analytical. This is an error. The engine can arrange and combine numerical quantities as if they were letters or any other general symbols; and it fact it might bring out its results in algebraical notation, were provisions made accordingly." Ada, Countess Lovelace, 1844
|
|
|
|
|
And now, to the unexpecting, there are people on facebook asking others on facebook to copy something and paste that into the address bar. It then sends itself to all of the user's facebook friends. Very insidious!
|
|
|
|
|
I wonder what this lisp is all about. Hmmm... void(0).
"Courtesy is the product of a mature, disciplined mind ... ridicule is lack of the same - DPM"
|
|
|
|
|
... Mono Droid .net offer expire on May 31, 2011. http://mono-android.net/[^]
We already have MonoTouch for iPhone and iPad.
My question, is it a No-brainer to buy Mono for Android and save 50% on the price?
Has any one had good or bad experience on MonoDroid ? - We have a hope of being able to recycle as much of the code that we use on MonoTouch on MonoDroid.
|
|
|
|
|
OK, just got an email with the following contents...
Am Mrs Annabel Laura am going on a cancer surgery today.contact my lawyer,
Tell him that I have WILLED 14.258M to you.
quoting my personal reference number BB/AMZ/900/2015/SWYI/316uk
My lawyer Namearrister Lio Bacon.
Attorney at-Law.
Just doesn't seem kosher that someone would put BACON in Spam. What's this world coming to? *sigh*
|
|
|
|
|
That is terrible, taking BACON's name in vain. 
Panic, Chaos, Destruction.
My work here is done.
or "Drink. Get drunk. Fall over." - P O'H
OK, I will win to day or my name isn't Ethel Crudacre! - DD Ethel Crudacre
Have a bit more patience with newbies. Of course some of them act dumb -- they're often *students*, for heaven's sake. -- (Terry Pratchett, alt.fan.pratchett)
|
|
|
|
|
It just doesn't seem kosher that someone would put bacon in spam.
It isn't.
|
|
|
|
|
JimmyRopes wrote: It isn't.
I am painfully aware of that. *double sigh*
|
|
|
|
|
|
... of my first semester back in grad school since 1975. I have one grade already posted - an A in Numerical Methods. (I did most of the programming in C#, some in C/C++.) I have one final exam left in Stochastic Modeling on Tuesday morning. The good news is that it appears I survived and will be 40% through the course work for my degree after next week.
On the other hand I learned quite a bit this semester:
1) What the h*ll was I thinking when I applied to come back to grad school and why didn't someone talk me out of it!?!?!?
2) Working 20 - 30 hrs per week along with a full course load is insane. (Guilty as charged.)
3) I can keep up with the kids on academic subjects, but not in foot races.
4) I'm not near as fast on tests as I was 35 or 40 years ago, but I'm much more thorough on homework.
5) I know why they say memory is the second thing to go as you get old.
6) The student discount on software is a pretty good deal, but the senior citizen discount at restaurants is better.
It's been a real fun semester, but I hardly had time to breathe, so I'm glad it's over. I haven't quit yet and they haven't kicked me out, so I guess I'm a survivor -- so far.
At least I'll be able to cut back some on my workload to concentrate more on classes during the summer and fall semesters. Then I hope to survive the qualifying exams ...
Now back to the books to study for the last exam. Right after the exam I have to travel to teach a 3 day seminar, then spend a week finishing up some work in Paramaribo before starting the summer semester.
CQ de W5ALT
Walt Fair, Jr., P. E.
Comport Computing
Specializing in Technical Engineering Software
|
|
|
|
|
Walt Fair, Jr. wrote: Working 20 - 30 hrs per week along with a full course load is insane. (Guilty as charged.)
 I had a hard enough time working 10 hours a week during a semester I was taking only 12 (or was it 15?) credits. 
|
|
|
|
|
Yeah, I did that too as an undergrad. Full load for grad school is 9 credits, but it's more intense and we also have our dissertation research to work on, so it's pretty much a full time job doing 9 credits.
CQ de W5ALT
Walt Fair, Jr., P. E.
Comport Computing
Specializing in Technical Engineering Software
|
|
|
|
|
Congrats for sticking with the program; sounds like hard work and fun at the same time. You would not have liked us telling you off, would you?
Luc Pattyn [Forum Guidelines] [My Articles] Nil Volentibus Arduum
Please use <PRE> tags for code snippets, they preserve indentation, improve readability, and make me actually look at the code.
|
|
|
|
|
Well, Luc, let me put it this way: I found out I have only 2 true friends - the two people who questioned my sanity at going back to school after so long. Everyone else said "Yeah, you can do it." and I'm convinced they were snickering behind my back the whole time. 
Seriously, though, yes it is fun. It's been hard work and taking tests again was a traumatic experience, but I don't regret doing it. I've refreshed myself on a lot of theory, in fact found out mathematically why some things I did over the years worked. I also think my 30+ years of work experience was a benefit to the class, too, as I was able to give the professors some good real world examples to show that the theory was indeed correct.
Still, I'm looking forward to getting the rest of the course work done, so I can concentrate on the fun part -- my dissertation research. My topic has pretty much been approved and I'm fortunate that I get to work on exactly what I'm most interested in, rather than what a professor decides.
CQ de W5ALT
Walt Fair, Jr., P. E.
Comport Computing
Specializing in Technical Engineering Software
|
|
|
|
|
You being motivated enough to start it, while you didn't have to, I expected you would find it interesting, hard work, and fun all at the same time. And sure, experience makes you look differently at the course material. Good luck with your dissertation research.
Luc Pattyn [Forum Guidelines] [My Articles] Nil Volentibus Arduum
Please use <PRE> tags for code snippets, they preserve indentation, improve readability, and make me actually look at the code.
|
|
|
|
|
|
Yeah, I took numerical methods as an under grad a long, long time ago. This course was basically the numerical solution of simultaneous nonlinear partial differential equations. I had done a lot of that on my own over the years, but it was a good refresher. I got 100% on all of the assignments, so it wasn't particularly difficult.
It should come in handy once I dive into the heart of my research. So far I'm in the early stages, but ultimately I'll be integrating various numerical and semi-numerical models in a nonlinear optimization effort.
CQ de W5ALT
Walt Fair, Jr., P. E.
Comport Computing
Specializing in Technical Engineering Software
|
|
|
|
|
Water resources or weather modelling, perhaps? Just guessing.
/ravi
|
|
|
|
|
No, oil reservoirs and wells. I'm working on optimizing marginally economic wells and oil fields.
CQ de W5ALT
Walt Fair, Jr., P. E.
Comport Computing
Specializing in Technical Engineering Software
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
