osx icon

Swift - WebKit-based browser for Windows

Posted in Sat, 12 Aug 2006 19:05:00 GMT

Let's face it, testing a website with OS-X's Safari browser can be difficult if a Mac doesn't happen to be available. Many developers only have non-Apple Intel-based hardware and run both Linux and Windows which allows for testing of Firefox and IE. Unfortunately this doesn't work for Safari because:

del.icio.us:Swift - WebKit-based browser for Windows digg:Swift - WebKit-based browser for Windows reddit:Swift - WebKit-based browser for Windows spurl:Swift - WebKit-based browser for Windows wists:Swift - WebKit-based browser for Windows simpy:Swift - WebKit-based browser for Windows newsvine:Swift - WebKit-based browser for Windows blinklist:Swift - WebKit-based browser for Windows furl:Swift - WebKit-based browser for Windows fark:Swift - WebKit-based browser for Windows blogmarks:Swift - WebKit-based browser for Windows Y!:Swift - WebKit-based browser for Windows smarking:Swift - WebKit-based browser for Windows magnolia:Swift - WebKit-based browser for Windows segnalo:Swift - WebKit-based browser for Windows


typo icon

MediaWiki and Typo - Pros and Cons for Personal Use

Posted in Fri, 11 Aug 2006 18:37:00 GMT

Now that this site runs both MediaWiki and Typo, I need to decide what to post where. Unfortunately I want to continue running both because they each have their advantages but ideally I could just run one, at least externally facing. These are some of the features I like of both MediaWiki and Typo which makes it hard to choose one over the other for all my posts. As a disclaimer, this is a personal wiki so I won't be discussing multiple users. The below lists the pros for each, If it's listed it means the other one doesn't have it ;)

del.icio.us:MediaWiki and Typo - Pros and Cons for Personal Use digg:MediaWiki and Typo - Pros and Cons for Personal Use reddit:MediaWiki and Typo - Pros and Cons for Personal Use spurl:MediaWiki and Typo - Pros and Cons for Personal Use wists:MediaWiki and Typo - Pros and Cons for Personal Use simpy:MediaWiki and Typo - Pros and Cons for Personal Use newsvine:MediaWiki and Typo - Pros and Cons for Personal Use blinklist:MediaWiki and Typo - Pros and Cons for Personal Use furl:MediaWiki and Typo - Pros and Cons for Personal Use fark:MediaWiki and Typo - Pros and Cons for Personal Use blogmarks:MediaWiki and Typo - Pros and Cons for Personal Use Y!:MediaWiki and Typo - Pros and Cons for Personal Use smarking:MediaWiki and Typo - Pros and Cons for Personal Use magnolia:MediaWiki and Typo - Pros and Cons for Personal Use segnalo:MediaWiki and Typo - Pros and Cons for Personal Use


dreamhost iconsvk icon

How to install SVK on Dreamhost posted

Posted in , Fri, 11 Aug 2006 01:50:00 GMT

I just posted my Installing SVK on Dreamhost notes on the wiki. I wasn't able to find any information on installing SVK, or Subversion with its Perl bindings for that matter, on Dreamhost so I took the time to work through it and document it (mostly because I believe SVK is essential to running a modded Typo). The end result looks pretty straight-forward but it was a reasonably time consuming process to backtrack all the errors, nail them down and find out if they are worth worrying about. In the end, the test failures weren't important but I wasn't willing to trust the SVK/SVN install without knowing for sure.

I was eager to get SVK up and running because it seems to be the popular way to keep one's private changes up to sync with a public repo. This is especially important for my Typo install as I have numerous Typo mods that I want automatically merged with new versions of Typo. Just recently we've had Typo 4.0.0, 4.0.1 and 4.0.2. I've been reluctant to make so many changes due to the manual merging I do now. Edge Typo and SVK, here I come!

Apparently Site5 doesn't come with SVK either so you can try to use this there. TextDrive, however, does come with SVK pre-installed.

del.icio.us:How to install SVK on Dreamhost posted digg:How to install SVK on Dreamhost posted reddit:How to install SVK on Dreamhost posted spurl:How to install SVK on Dreamhost posted wists:How to install SVK on Dreamhost posted simpy:How to install SVK on Dreamhost posted newsvine:How to install SVK on Dreamhost posted blinklist:How to install SVK on Dreamhost posted furl:How to install SVK on Dreamhost posted fark:How to install SVK on Dreamhost posted blogmarks:How to install SVK on Dreamhost posted Y!:How to install SVK on Dreamhost posted smarking:How to install SVK on Dreamhost posted magnolia:How to install SVK on Dreamhost posted segnalo:How to install SVK on Dreamhost posted

no comments

rails icon

Rails 1.1.4 LOAD_PATH vulnerability

Posted in , Thu, 10 Aug 2006 17:20:00 GMT

A couple of people have blogged about their use of the "elite hacking tool diff -r" to identify the problem solved by the Rails 1.1.5 Mandatory Mystery Patch. The problem is that Rails accepted LOAD_PATH as a HTTP request header with any file upload so a hacker could upload ruby controllers and then execute them by accessing the newly exposed URIs. This is discussed by Kristian Köhntopp and Evan Weaver.

del.icio.us:Rails 1.1.4 LOAD_PATH vulnerability digg:Rails 1.1.4 LOAD_PATH vulnerability reddit:Rails 1.1.4 LOAD_PATH vulnerability spurl:Rails 1.1.4 LOAD_PATH vulnerability wists:Rails 1.1.4 LOAD_PATH vulnerability simpy:Rails 1.1.4 LOAD_PATH vulnerability newsvine:Rails 1.1.4 LOAD_PATH vulnerability blinklist:Rails 1.1.4 LOAD_PATH vulnerability furl:Rails 1.1.4 LOAD_PATH vulnerability fark:Rails 1.1.4 LOAD_PATH vulnerability blogmarks:Rails 1.1.4 LOAD_PATH vulnerability Y!:Rails 1.1.4 LOAD_PATH vulnerability smarking:Rails 1.1.4 LOAD_PATH vulnerability magnolia:Rails 1.1.4 LOAD_PATH vulnerability segnalo:Rails 1.1.4 LOAD_PATH vulnerability


rails icon

Rails 1.1.5 routing vulnerability

Posted in , Thu, 10 Aug 2006 15:37:00 GMT

People are reporting a Rails 1.1.5 routing vulerability where accessing certain URIs will crash Rails. The problem has been reported on Mongrel, WeBrick and FastCGI. Piers Cawley is working on an explicit routes fix for Typo and discusses the issue on his blog. This has not been mentioned on the RoR blog yet. Good thing for public forums.

del.icio.us:Rails 1.1.5 routing vulnerability digg:Rails 1.1.5 routing vulnerability reddit:Rails 1.1.5 routing vulnerability spurl:Rails 1.1.5 routing vulnerability wists:Rails 1.1.5 routing vulnerability simpy:Rails 1.1.5 routing vulnerability newsvine:Rails 1.1.5 routing vulnerability blinklist:Rails 1.1.5 routing vulnerability furl:Rails 1.1.5 routing vulnerability fark:Rails 1.1.5 routing vulnerability blogmarks:Rails 1.1.5 routing vulnerability Y!:Rails 1.1.5 routing vulnerability smarking:Rails 1.1.5 routing vulnerability magnolia:Rails 1.1.5 routing vulnerability segnalo:Rails 1.1.5 routing vulnerability

no comments

typo iconrails icon

Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6

Posted in , , Thu, 10 Aug 2006 06:14:00 GMT

It was recently announced that Rails 1.1.0, 1.1.1, 1.1.2, and 1.1.4. have a very serious security hole. Although the RoR blog hasn't discussed exactly what the hole is, it has been rumored to involve uploading of .rb files to execute arbitrary code on the server (UPDATE: now confirmed). Typo only allows file uploads by administrators so certain applications may be somewhat safer. (UPDATE: Running arbitrary code was fixed in 1.1.5 however you could still crash it. 1.1.6 has been released to fix these lingering bugs. Just change 1.1.5 to 1.1.6 below).

del.icio.us:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 digg:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 reddit:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 spurl:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 wists:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 simpy:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 newsvine:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 blinklist:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 furl:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 fark:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 blogmarks:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 Y!:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 smarking:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 magnolia:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6 segnalo:Upgrading Typo 4.0.0 to Rails 1.1.5/1.1.6

no comments

firefox icon

Firefox, Atom 1.0 and namespacing

Posted in Wed, 09 Aug 2006 10:16:00 GMT

It seems that Firefox's basic xml parser gets confused by xmlns and namespacing. Namely that if the feed is defined by:

<feed xmlns="http://www.w3.org/2005/Atom"

Firefox's basic XML tree renderer won't recognize the XML if the entry content is wrapped by:

    <content type="xhtml">
      <div xmlns="http://www.w3.org/1999/xhtml">
        <p>Show submenus depending on where your users are.</p>

Basically it confuses xhtml:div with atom:div. If xmlns is removed from the div, Firefox is fine.

People don't generally use Firefox's XML tree to read Atom and the W3C Feed Validator doesn't have a problem with it so I'm wondering if this bug exists anywhere else.

This shows up when using XML::Atom because it uses XML::LibXML, which explicitly adds xmlns everywhere.

UPDATE 1: I thought it would be useful to include the following:

The Atom spec (section Processing Model) says:

If the value of "type" is "xhtml", the content of atom:content MUST be a single XHTML div element [XHTML] and SHOULD be suitable for handling as XHTML. The XHTML div element itself MUST NOT be considered part of the content.

UPDATE 2: Apparently this behavior may be by design. Not very useful IMO but perhaps intentional. I think it would be more useful to have some Firefox settings that let you switch to XML tree mode or apply a default stylesheet.

del.icio.us:Firefox, Atom 1.0 and namespacing digg:Firefox, Atom 1.0 and namespacing reddit:Firefox, Atom 1.0 and namespacing spurl:Firefox, Atom 1.0 and namespacing wists:Firefox, Atom 1.0 and namespacing simpy:Firefox, Atom 1.0 and namespacing newsvine:Firefox, Atom 1.0 and namespacing blinklist:Firefox, Atom 1.0 and namespacing furl:Firefox, Atom 1.0 and namespacing fark:Firefox, Atom 1.0 and namespacing blogmarks:Firefox, Atom 1.0 and namespacing Y!:Firefox, Atom 1.0 and namespacing smarking:Firefox, Atom 1.0 and namespacing magnolia:Firefox, Atom 1.0 and namespacing segnalo:Firefox, Atom 1.0 and namespacing


catalyst iconplagger icon

Planet Catalyst

Posted in , Thu, 03 Aug 2006 15:28:00 GMT

I just set up Planet Catalyst at http://planet.catalystframework.org to aggregate blogs about the Catalyst MVC framework. It is also linked from the main Catalyst homepage and Planet Perl so you can reach it from there. The planet is focused on articles related to Catalyst and friends which means it filters articles on catalyst, dbic, dbix(::|-)?class or html(::|-)?widget, h::w or handel (case insensitive). Let me know if there are any other topics of interest that should be included.

Planet Catalyst is powered by Plagger, a Perl-based RSS/Atom feed aggregator. Thanks to Tatsuhiko Miyagawa for writing Plagger and answering my questions on the #plagger FreeNode IRC channel. It was very easy to add filtering on keywords by specifying a rule in the config file.

If you have questions or would like a blog added, send email to the catalyst-dev mailing list, comment on this article or ask on #catalyst / #catalyst-dev perl.org IRC channels.

del.icio.us:Planet Catalyst digg:Planet Catalyst reddit:Planet Catalyst spurl:Planet Catalyst wists:Planet Catalyst simpy:Planet Catalyst newsvine:Planet Catalyst blinklist:Planet Catalyst furl:Planet Catalyst fark:Planet Catalyst blogmarks:Planet Catalyst Y!:Planet Catalyst smarking:Planet Catalyst magnolia:Planet Catalyst segnalo:Planet Catalyst

no comments

typo icon

Typo Upgrade: 2.6.0 to 4.0.0 r1188

Posted in Wed, 02 Aug 2006 23:32:00 GMT

I finally got around to upgrading Typo here to the latest trunk. At first I was waiting to upgrade to 4.0.0 (officially r1161) but decided to move to SVN after hearing about some post-r1161 bugfixes and it seems like a fairly common practice to run off SVN, at least for Typo. I've hacked a few changes onto 2.6.0 and had to manually merge the mods to r1181. Merging one's own mods to the trunk was discussed today on the Typo mailing list under the heading "Version Controling Modifications" and most of the respondents have their own mods and use Chia-Liang Kao's SVK to keep their mods synced with the trunk. Scott Laird has a number of articles on using SVK with Typo's repo. Seems like running off of the trunk with SVK may be a best practice for Typo installations.

Hopefully I'll be on SVK for my next upgrade since I had to manually update the following files this time around:

  • app/controllers/articles_controller.rb
  • app/helpers/application_helper.rb
  • app/helpers/articles_helper.rb
  • app/views/articles/_article.rhtml
  • app/views/articles/_articles_toc.rhtml
  • app/views/articles/index.rhtml
  • app/views/articles/read.rhtml
  • components/plugins/sidebars/category/content.rhtml
  • components/plugins/sidebars/xml/content.rhtml
  • config/routes.rb
  • themes/azure/layouts/default.rhtml

I've moved all my Azure theme changes to a custom theme so the changes are easier to keep track of and don't interfere with the base Azure theme.

I've updated my Installing Typo article to cover SVN checkout, Feedburner customization and rake migrate. The Typo TOC How-to has also been updated for 4.0.0.

While code diving, I was happy to see lots of refactoring though the code is still pretty easy to follow and modify. Hopefully soon I'll be back to hacking more enhancements. I'm particularly interested in extending the sidebar functionality so groups of plugins can be positioned in multiple locations on the page, e.g. a 3-col layout.

Upgrade Gotchas

  • UPDATE: this section on Feed URIs seems to be inaccurate because I chose to use my old 2.6.0 routes.rb file. I didn't think the feed URIs would change. New approach: don't assume anything has stayed the same and move to svk.
    Feed URIs: Typo 4.0.0 changes the feed URIs from 2.6.0 so if you have these URIs registered somewhere, e.g. Feedburner or LiveJournal, you'll need to upgrade your URIs. The new URI styles are:
    • http://www.dev411.com/blog/xml/feed/feed.xml?type=feed&format=atom
    • http://www.dev411.com/blog/xml/feed/feed.xml?type=feed&format=rss20
    For comparison, the 2.6.0 style is:
    • http://www.dev411.com/blog/xml/rss/feed.xml
    Everytime this URI changes I need to file a support ticket at LiveJournal whereas on Feedburner I can change the URI myself. I've been wondering if I should just have LiveJournal use the Feedburner URI ;)
  • Categories sidebar no longer alphabetized: My categories list was no longer alphabetized so I edited the components/plugins/sidebars/category/content.rhtml page from:
    <% for category in @categories -%>
    <% for category in @categories.sort {|a,b| a.name <=> b.name} -%>
  • config no longer used in ArticlesController: If you used config, the code needs to be changed like this example:
del.icio.us:Typo Upgrade: 2.6.0 to 4.0.0 r1188 digg:Typo Upgrade: 2.6.0 to 4.0.0 r1188 reddit:Typo Upgrade: 2.6.0 to 4.0.0 r1188 spurl:Typo Upgrade: 2.6.0 to 4.0.0 r1188 wists:Typo Upgrade: 2.6.0 to 4.0.0 r1188 simpy:Typo Upgrade: 2.6.0 to 4.0.0 r1188 newsvine:Typo Upgrade: 2.6.0 to 4.0.0 r1188 blinklist:Typo Upgrade: 2.6.0 to 4.0.0 r1188 furl:Typo Upgrade: 2.6.0 to 4.0.0 r1188 fark:Typo Upgrade: 2.6.0 to 4.0.0 r1188 blogmarks:Typo Upgrade: 2.6.0 to 4.0.0 r1188 Y!:Typo Upgrade: 2.6.0 to 4.0.0 r1188 smarking:Typo Upgrade: 2.6.0 to 4.0.0 r1188 magnolia:Typo Upgrade: 2.6.0 to 4.0.0 r1188 segnalo:Typo Upgrade: 2.6.0 to 4.0.0 r1188


dreamhost icon

Dreamhost and DNS hosting

Posted in Tue, 01 Aug 2006 08:56:00 GMT

If you are hosting at Dreamhost, you are better off letting Dreamhost host the DNS for your domain as well. This is because Dreamhost can change the IP of your server without notifying you. They will update their own DNS servers when this happens but this won't help if you if your DNS is being hosted elsewhere. Use their nameservers and you should be all set.

Sometimes when the DNS is pointing to the incorrect IP, you'll see the following error:

Site Temporarily Unavailable

We apologize for the inconvenience. Please contact the webmaster/ tech support immediately to have them rectify this.

error id: "bad_httpd_conf"

del.icio.us:Dreamhost and DNS hosting digg:Dreamhost and DNS hosting reddit:Dreamhost and DNS hosting spurl:Dreamhost and DNS hosting wists:Dreamhost and DNS hosting simpy:Dreamhost and DNS hosting newsvine:Dreamhost and DNS hosting blinklist:Dreamhost and DNS hosting furl:Dreamhost and DNS hosting fark:Dreamhost and DNS hosting blogmarks:Dreamhost and DNS hosting Y!:Dreamhost and DNS hosting smarking:Dreamhost and DNS hosting magnolia:Dreamhost and DNS hosting segnalo:Dreamhost and DNS hosting

1 comment

Older posts: 1 ... 3 4 5 6 7 ... 10