Simon Willison
About: Simon Willison is a consultant on client- and server-side Web development and a co-creator of the Django Web framework. Simon's interests include OpenID, unobtrusive JavaScript and rapid application development. Before going frelance Simon worked on Yahoo!'s Technology Development team, and prior to that at the Lawrence Journal-World, an award winning local newspaper in Kansas. Simon maintains a popular Web development weblog at http://simonwillison.net/
Blog Posts
A quote from Kellan Elliott-McCrea
--The only down side is everyone I’ve talked to at Freebase seems pretty solid on this being their proprietary secret sauce, because a good, fast sca...
A quote from Bill Zeller
--We’ve found CSRF vulnerabilities in sites that have a huge incentive to do security correctly. If you’re in charge of a website and haven’t specifi...
Popular Websites Vulnerable to Cross-Site Request Forgery Attacks
--Popular Websites Vulnerable to Cross-Site Request Forgery Attacks. Ed Felten and Bill Zeller announce four CSRF holes, in ING Direct, YouTube, Meta...
A Brief Tour of Graphd
--A Brief Tour of Graphd. The secret sauce behind Freebase—a custom written graph server that models everything as a typed, versioned relationship an...
CSS Systems for writing maintainable CSS
--CSS Systems for writing maintainable CSS. Nat has published the slides and notes from her BarCamp presentation this morning. I’m really excited abo...
James May's Big Ideas: Come Fly with Me
--James May’s Big Ideas: Come Fly with Me (via). The BBC made an hour-long documentary on Ekranoplans! It’s available for the next 21 days on the iPl...
Flickr Engineers Do It Offline
--Flickr Engineers Do It Offline. Flickr wrote their own queuing mechanism (in PHP), and currently run ten queue servers on dedicated hardware for ta...
Wario Land: Shake It - Amazing footage!
--Wario Land: Shake It—Amazing footage!. Some virals really do deserve linking to.
Cheap, Easy Audio Transcription with Mechanical Turk
--Cheap, Easy Audio Transcription with Mechanical Turk. Andy Baio’s in-depth tutorial on submitting HITs to Mechanical Turk. I hadn’t realised how st...
Reia
--Reia. The most common complaint I see about Erlang is the syntax. Reia is a Python-style scripting language (with a dash of Ruby) that runs on the ...
freebase-suggest
--freebase-suggest (via). A jQuery plugin that performs auto-completion against the Freebase JSONP API, and allows the results to be limited to speci...
html-whitelist
--html-whitelist (via). DeWitt Clinton’s web service wrapper aroud the html5lib HTML sanitiser, hosted on AppEngine.
Logout/Login CSRF
--Logout/Login CSRF. Alf Eaton built an example page (this link goes to his description, not the page itself) that uses a login CSRF attack to log yo...
Secure mashups with dojox.secure
--Secure mashups with dojox.secure (via). dojox.secure is brilliant and terrifying at the same time. It provides a full featured API for running untr...
csrf_protect.php
--csrf_protect.php. A PHP class for applying CSRF protection to existing PHP applications, using output buffering to rewrite any POST forms on a page...
Decorator to limit request rates to individual views
--Decorator to limit request rates to individual views. Neat piece of code for public facing web APIs written in Django. Update: some smart criticism...
Mark Zuckerberg speaking at FOWA
--Mark Zuckerberg speaking at FOWA. The Future of Web Apps Expo is just a few weeks away, and Mark Zuckerberg is the surprise keynote. I’m chairing t...
Robust Defenses for Cross-Site Request Forgery [PDF]
--Robust Defenses for Cross-Site Request Forgery [PDF]. Fascinating report which introduces the “login CSRF” attack, where an attacker uses CSRF to l...
bpgsql
--bpgsql. Barry Pederson’s pure Python PostgreSQL client library now ships with a Django backend.
Google's Usability Research on Federated Login
--Google’s Usability Research on Federated Login. Fascinating—suggests an approach to federated auth based on the Amazon.com “Yes, I have a password”...
Is your Rails application safe?
--Is your Rails application safe? (via). update_attributes(params[:foo]) in ActiveRecord is an anti-pattern.
A quote from Ed Felten
--Yahoo could also have followed Gmail’s lead, and disabled the security-question mechanism unless no logged-in user had accessed the account for fiv...
Accessibility Experiment
--Accessibility Experiment. Joe Walker asks what would happen if we threw away the idea of serving the same accessible site to every user and instead...
RestView - a class for creating a view that dispatches based on request.method
--RestView—a class for creating a view that dispatches based on request.method (via). I finally got around to writing up a simple approach I’ve been ...
backup_to_s3.py
--backup_to_s3.py. I wrote Yet Another S3 backup script today. It’s a thin wrapper about boto that doesn’t do anything particularly impressive, but i...
Introducing the Django Debug Toolbar
--Introducing the Django Debug Toolbar. Another project inspired by DjangoCon: a component based debugging toolbar for Django. I like the architectur...
Django version 1.1 roadmap
--Django version 1.1 roadmap. Django 1.1 is due out in March, but the deadline for feature proposals is November the 7th.
Django's release process
--Django’s release process. Django is moving to time-based releases, with minor releases (new features but no backwards incompatible changes) approxi...
OAuth Playground
--OAuth Playground (via). Neat OAuth API explorer from the Google Data APIs team.
Beware the time-eater: Cambridge University's monstrous new clock
--Beware the time-eater: Cambridge University’s monstrous new clock. Beware the Chronophage, my son.
When Ajax Attacks! Web application security fundamentals
--When Ajax Attacks! Web application security fundamentals. Slides and notes from my talk on web application security at @media Ajax last Tuesday.
How Companies Pay Artists to Include Brands in Lyrics
--How Companies Pay Artists to Include Brands in Lyrics. “We just feel that if it’s a product that’s admired by the artist and fits his/her image, we...
Tell-a-Friend: Leverage Word of Mouth Marketing
--Tell-a-Friend: Leverage Word of Mouth Marketing. I’d love to know how they intend to stop this free widget from becoming the world’s most popular s...
A quote from Kim Zetter, Wired
--The Palin hack didn’t require any real skill. Instead, the hacker simply reset Palin’s password using her birthdate, ZIP code and information about...
We're Never Content
--We’re Never Content. Amazon will be releasing a proper edge caching CDN on top of S3 “before the end of the year”.
DjangoCon and learning from Zope 2
--DjangoCon and learning from Zope 2. Mark Ramm presented probably the most thought-provoking talk at DjangoCon. He’s started writing it up as a seri...
Frame-Busting Gadgets
--Frame-Busting Gadgets. I’ve always been slightly suspicious of the Google Gadgets / OpenSocial idea of sandboxing untrusted third party content in ...
When Ajax Attacks! Web application security fundamentals
--When Ajax Attacks! Web application security fundamentals. Slides and (other people’s) notes from my presentation at @media Ajax on Tuesday.
YouTube Playlist: DjangoCon 2008 Sessions
--YouTube Playlist: DjangoCon 2008 Sessions. YouTube’s tag and search indexes appear to lag behind the main site by quite a while; this appears to be...
YouTube: djangocon tag
--YouTube: djangocon tag. Google have started posting videos of presentations at DjangoCon on YouTube.
Documents Reveal Django Pony, Caught In Tail Of Lies
--Documents Reveal Django Pony, Caught In Tail Of Lies. whytheluckystiff. Enough said.
dConstruct 2008 notes
--dConstruct 2008 notes. I missed this year’s d.Construct due to DjangoCon, but from Alastair Campbell’s notes it looks like it was the best one yet.
DjangoCon and PyCon UK
--September is a big month for conferences. DjangoCon was a weekend ago in Mountain View (forcing me to miss both d.Construct and BarCamp Brighton), ...
Gearshift
--Gearshift. Whoa, a full migrations library written in JavaScript for Gears (which uses SQLite for its data store).
Kevin Teague explains the Python packaging ecosystem
--Kevin Teague explains the Python packaging ecosystem. The distinction between setuptools, PyPI, distutils, eggs, easy_install, pkg_resources and zc...
django-batchadmin
--django-batchadmin (via). Seriously classy reusable Django app that adds batch editing (multiple delete by default, with hooks to add your own custo...
Google wants your Hotmail, Yahoo and AOL contacts
--Google wants your Hotmail, Yahoo and AOL contacts. And they’re using the password anti-pattern to get them! Despite both Yahoo! and Hotmail (and Go...
Using Python and Stompserver to Get Started With Message Queues
--Using Python and Stompserver to Get Started With Message Queues. An eminently practical guide to this year’s Hot New Thing (for web developers at l...
Goon City
--Goon City. Every internet meme ever, rendered in pixel art. See if you can find the Zeppelin.
I love Zeppelins, and you should too
--I love Zeppelins, and you should too (via). Slides from my PyCon UK lightning talk on Zeppelins. I’ve annotated them using SlideShare comments.
Django snippets: Orderable inlines using drag and drop with jQuery UI
--Django snippets: Orderable inlines using drag and drop with jQuery UI. Code example from my PyCon tutorial on customising the Django admin interface.
djangopony.com
--djangopony.com (via). “Magic that can’t be removed”
OAuth on the iPhone
--OAuth on the iPhone. Mike from Pownce explains their superbly implemented OAuth flow for the Pownce iPhone app, and how much push-back they got on ...
The TimeToLead.eu technical stack: Django and Flex
--The TimeToLead.eu technical stack: Django and Flex. Nice case study of a site using Django’s i18n support along with django-rosetta.
Prototype based programming in python
--Prototype based programming in python. Neat implementation of JavaScript-style prototype inheritance in Python.
The alt="" attribute from Ian Hickson
--The alt=“” attribute from Ian Hickson. In case you were wondering how it all ended, Hixie has a mammoth summary post explaining the facts and the p...
Interview with Ian Hickson about HTML5
--Interview with Ian Hickson about HTML5. Good questions, interesting answers, including an explanation and breakdown of the planned 2022 date for t...
Dromaeo: JavaScript Performance Testing
--Dromaeo: JavaScript Performance Testing (via). This is one classy benchmark. Run it in as many browsers as you like (each run is saved to the serve...
Hugely informative thread on multi-db support in Django
--Hugely informative thread on multi-db support in Django. I brain-dumped some ideas for a Django multi-database connection API on the developer list...
The web framework for ponies
--The web framework for ponies. At DjangoCon Cal Henderson suggested that Django should get a mascot with “magical powers”. Brian Veloso obliges.
django-html
--django-html. A small project I’m working on to make Django behave better with regards to HTML v.s. XHTML.
Django snippets: server with debugging backdoor
--Django snippets: server with debugging backdoor. Six lines of code that uses spawning to fire up a Django server on port 8000 and a remote interact...
Django tickets with keyword "djangocon"
--Django tickets with keyword “djangocon”. Adrian and Jacob ran an “I want a pony” session during their closing keynote at DjangoCon—I’ve filed the f...
Cappuccino Web Framework
--Cappuccino Web Framework. Now open source (LGPL)—the Objective-C-in-JavaScript web application toolkit from 280 North, who are speaking at this yea...
Document startups in chaos as Adobe's Flashpaper discontinues
--Document startups in chaos as Adobe’s Flashpaper discontinues. Don’t be a sharecropper.
Think Wize crew celebrates the Django 1.0 release
--Think Wize crew celebrates the Django 1.0 release. With a trip to the Django Reinhardt museum at his birthplace in the village of Liberchies, Belgi...
The story behind Google Chrome
--The story behind Google Chrome. Superbly researched by Niall Kennedy—a detailed overview of the staff and acquisitions that went in to Google Chrome.
Django 1.0 release notes
--Django 1.0 release notes. What’s new in Django 1.0. Short answer: one heck of a lot.
Django 1.0 released!
--Django 1.0 released!. Outstanding. Massive thanks to everyone who contributed. We made it!
Low level hooks for multi-database support in Django
--Low level hooks for multi-database support in Django. As discussed in this sub-thread on reddit: The internal Django Query class has a ’connection’...
dmigrations thread on Django Nashville
--dmigrations thread on Django Nashville. The Django Nashville Google Group is currently hosting the most interesting discussion of dmigrations.
Announcing dmigrations
--The team at Global Radio (formerly GCap Media) is the largest group of Django developers I’ve personally worked with, consisting of 14 developers s...
We haven't changed the name of the conference to "Over Quota"
--We haven’t changed the name of the conference to “Over Quota”. Aral is having intermittent App Engine quota problems, which are proving impossible ...
A quote from Tom Armitage
--The greatest coup Microsoft pulled with Internet Explorer was putting the word “Internet” in its name. It sits there, on the desktop of every new W...
Django: Security fix released
--Django: Security fix released. The Django admin used to save partially-submitted forms if your session expired, and continue the submission when yo...
V8 Design Elements
--V8 Design Elements. High level design details of Google’s V8 JavaScript engine, including how it uses “hidden classes” to optimise object property ...
Chromium
--Chromium. Google Chrome is out! Here’s the open source project, including the code for the new V8 JavaScript virtual machine.
What's New in Python 2.6
--What’s New in Python 2.6. The new multiprocessing package looks pretty useful, especially as it provides a way to work around Python’s GIL.
Google Chrome, the comic book
--Google Chrome, the comic book (via). Google have finally announced a browser project, though it’s currently vapourware (or rather comicware), exist...
Preparing to rescue Hubble
--Preparing to rescue Hubble. The Big Picture has pictures of the preparations for next month’s Space Shuttle Atlantis mission to repair the Hubble S...
Socks away! Roald Dahl's wartime sex raids
--Socks away! Roald Dahl’s wartime sex raids. That explains “My Uncle Oswald”.
Google's undocumented favicon to png convertor
--Google’s undocumented favicon to png convertor (via). Showing the favicon of a domain next to a link is a really nice trick, but it’s slightly tric...
addSizes.js: Snazzy automatic link file-size generation
--addSizes.js: Snazzy automatic link file-size generation. Posted to Nat’s snazzy new blog: a script that uses my json-head API to grab the file size...
cascadenik: cascading sheets of style for mapnik
--cascadenik: cascading sheets of style for mapnik. Great idea. Mapnik (the open source tile rendering system used by OpenStreetMap and others) has a...
WolfenFlickr 3D - An unlikely mashup
--WolfenFlickr 3D—An unlikely mashup. Brilliant: Wolfenstein 3D style raycasting in JavaScript with images on the walls that have been pulled in usin...
A quote from Tim Anderson (in the Guardian)
--New authentication schemes such as OpenID, or Microsoft’s CardSpace, may help as adoption increases. These systems make it possible to register for...
Coding Horror: Protecting Your Cookies: HttpOnly
--Coding Horror: Protecting Your Cookies: HttpOnly. Jeff Atwood discovers the hard way that writing an HTML sanitizer is significantly harder than yo...
Capital Radio's London Guide
--Capital Radio’s London Guide. Worth pointing out: the search / map interface on this page is one of the best examples of progressive enhancement I’...
How to use Google Code's code review tool
--How to use Google Code’s code review tool. I missed this, but Google Code now has a pleasantly simple code review system built in to the source cod...
Capital Radio (the new site)
--Capital Radio (the new site). Launched today, this is the Django-powered project I’ve been working on with the fantastic team at GCap.
FriendFeed Blog: Simple Update Protocol
--FriendFeed Blog: Simple Update Protocol. FriendFeed infamously poll RSS feeds on the 43 services they support millions of times an hour in an effor...
Using Akismet with Django's new comments framework
--Using Akismet with Django’s new comments framework. A nice example that demonstrates two features that were recently rolled in to the Django 1.0 be...
URLsafe base64 encoding/decoding in two lines
--URLsafe base64 encoding/decoding in two lines. A much better solution than my base65 hack—if you understand how base64 padding works (I didn’t) you...
Django snippets: Sign a string using SHA1, then shrink it using url-safe base65
--Django snippets: Sign a string using SHA1, then shrink it using url-safe base65. I needed a way to create tamper-proof URLs and cookies by signing ...
Django 1.0 beta 2 released!
--Django 1.0 beta 2 released!. 1.0 draws ever closer. Important new features include major documentation and comment system refactorings, plus the re...
Django 1.0 release party
--Django 1.0 release party. The big ass-party will be at the Tied House in Mountain View on Saturday the 6th from 7pm. RSVP on the linked announcement.
json-tinyurl
--json-tinyurl. Because sometimes you want to be able to create a shorter version of a URL directly from JavaScript without hosting your own server-s...
A quote from Merlin Mann
--As duplicitous and sad as “fake following” sounds—and let’s be honest: the whole idea’s pathetic on a number of levels—for a certain kind of user, ...
Gears for Safari Beta
--Gears for Safari Beta. “Chances are it will break your browser. Please proceed with caution.”
Flickr Developer Blog: API Responses as Feeds
--Flickr Developer Blog: API Responses as Feeds (via). Flickr API calls that return a “standard photos response” (e.g. flickr.photos.search and flick...
Oxford Geek Night 8 - 27th August 2008
--Oxford Geek Night 8—27th August 2008. Once again in the Jericho Tavern, this time with a musical theme.
"You're No One If You're Not On Twitter"
--“You’re No One If You’re Not On Twitter”. The inevitable Twitter song by Ben Walker (@ihatemornings), the resident troubadour at the Oxford Geek Ni...
A quote from The Long Now Foundation
--The Long Now Foundation was established in 01996*... (The Long Now Foundation uses five digit dates, the extra zero is to solve the deca-millennium...
jeresig's sizzle
--jeresig’s sizzle. Sizzle is a new selector engine (work in progress, no IE support yet) from John Resig, designed to be small, standalone, library ...
Django documentation (for 1.0)
--Django documentation (for 1.0). The documentation refactor is in: the docs for the upcoming 1.0 release have been tidied up, rearranged and ported ...
The Python Property Builtin
--The Python Property Builtin. The always-educational Adam Gomaa explains the Python property built-in and shows how it can be used to improve Django...
Film + Food & drink | guardian.co.uk
--Film + Food & drink | guardian.co.uk (via). The Guardian’s publishing system supports tag intersections based on the URL; this page shows all f...
Tip: Configure SAX parsers for secure processing
--Tip: Configure SAX parsers for secure processing. Explains the billion laughs attack, among others.
DoS vulnerability in REXML
--DoS vulnerability in REXML. Ruby’s REXML library is susceptible to the “billion laughs” denial of service attack where recursively nested entities ...
TraceMonkey
--TraceMonkey. Brendan Eich has been preaching the performance benefits of tracing and JIT for JavaScript on the conference circuit for at least a ye...
Back to full-time employment
--I’ve been freelance for a year and a half now, and it’s been a great deal of fun. For me, being freelance meant having the freedom to pursue all so...
Visualization Strategies: Text & Documents
--Visualization Strategies: Text & Documents. “List of ...” style posts usually make me want to stab someone with a fork; this is how that kind o...
Get Lat Lon now has a "Get my location (by IP)" button
--Get Lat Lon now has a “Get my location (by IP)” button. It took all of five minutes to add using the new google.loader.ClientLocation API. The butt...
Gears API Blog: Gears 0.4 is here!
--Gears API Blog: Gears 0.4 is here!. New features are Geolocation, a Blob API for dealing with arbitrary binary data, onprogress() events for tracki...
Google Code Blog: Two new ways to location-enable your web apps
--Google Code Blog: Two new ways to location-enable your web apps. The Gears Geolocation API isn’t very exciting just yet as it only really works on ...
A quote from Randall Munroe
--A convention once saw, for example, that I had worked at NASA, and put me on a panel about the future of space exploration. I felt a little out-of...
A quote from Alex Russell
--Making queries faster isn’t in the critical path for improving the real-world performance of any Dojo apps I know of, and I bet the same is true fo...
django-timezones
--django-timezones. Models, form fields and a template filter for dealing with timezones in Django.
Persistent Django on Amazon EC2 and EBS - the easy way
--Persistent Django on Amazon EC2 and EBS—the easy way. Useful tutorial on getting Django up and running on EC2 with EBS for a persistent PostgreSQL ...
Package Management Sudoku
--Package Management Sudoku. “A package management system that can solve Sudoku based on package dependency rules is not something that I think would...
Amazon Elastic Block Store (EBS)
--Amazon Elastic Block Store (EBS). EC2 just got a whole lot more useful—you can now create “block level storage volumes” (think virtual hard drives)...
A quote from Install Photosynth page
--Unfortunately, we’re not cool enough to run on your OS yet. We really wish we had a version of Photosynth that worked cross platform, but for now i...
querySelectorAll in Firefox 3.1
--querySelectorAll in Firefox 3.1. John Resig benchmarks the various JavaScript libraries’ support for querySelelectorAll, and finds an impressive 2-...
SecondLife rolls out Mono-powered servers
--SecondLife rolls out Mono-powered servers. Most of the work on this was done in Linden Lab’s Brighton UK office. If you’re interested in Mono and w...
Facebook engineering notes on Scaling Out
--Facebook engineering notes on Scaling Out. Jason Sobel explains a couple of tricks Facebook use to deal with consistency between their California a...
UnicodeDictWriter - write unicode strings out to Excel compatible CSV files using Python
--UnicodeDictWriter—write unicode strings out to Excel compatible CSV files using Python. Stuart Langridge and I spent quite a while this morning bat...
Cyberstar
--Cyberstar. Adrian made the front cover of the Chicago Tribune magazine!
Dare left something out (and it's important)
--Dare left something out (and it’s important). Dave Winer: “You should at least learn the lessons and add to REST what it needs to catch up with XML...
Explaining REST to Damien Katz
--Explaining REST to Damien Katz. I didn’t know that it was Mark Baker back in 2002 who first pointed out that SOAP was flawed because it ignored the...
A quote from Steven Frank
--I can’t question that [the App Store] is probably the best mobile application distribution method yet created, but every time I use it, a little pi...
Untitled
--???????? ??????? (via). Another great Airship blog. I don’t speak Russian, but the photos and videos speak for themselves.
Historic Airship Pictures: the Shenandoah, the Los Angeles, the Akron and the Macon as well as the Zeppelins and many more
--Historic Airship Pictures: the Shenandoah, the Los Angeles, the Akron and the Macon as well as the Zeppelins and many more. The US Navy built some ...
Domain-Driven Design in an Evolving Architecture
--Domain-Driven Design in an Evolving Architecture. How the team at guardian.co.uk used Domain-Driven Design in their recent two year rebuild. The co...
minidetector
--minidetector. Neat piece of Django middleware that adds a “mobile = True” attribute to the request object if the request’s user-agent matches a lis...
REST, I just don't get it
--REST, I just don’t get it. Read the comments for some excellent practical reasons to care about REST, including cache management (PUT and DELETE ca...
A quote from Damien Katz
--If it’s easy to make all your calls conform to the RESTful verb architecture, then that’s good, I guess. But if not, then just use a POST as an RPC...
This Week in Django
--This Week in Django. After 33 episodes Django’s usually-weekly podcast finally has its own website.
YUI 3.0 Preview Release 1
--YUI 3.0 Preview Release 1. YUI sandboxing is a really good idea, which cleverly addresses both the need to run multiple versions of the library at ...
A quote from Blaine Cook
--OAuth came out of my worry that if the Twitter API became popular, we’d be spreading passwords all around the web. OAuth took longer to finish than...
ECMAScript Harmony
--ECMAScript Harmony. John Resig explains the outcome of the recent “Oslo meeting” where proponents of ECMAScript 3.1 (incremental improvements to JS...
Free licenses upheld by US "IP" court
--Free licenses upheld by US “IP” court. Free software and CC licenses which dictate conditions that, when violated, turn you in to a copyright infri...
Around the world and back again
--Around the world and back again. Flickr are using data from OpenStreetMap to provide street-level detail of Beijing for the Olympics.
Keyczar
--Keyczar (via). New open source cryptography toolkit from Google, designed to get algorithm selection, key rotation and versioning right so you don’...
Underscores are now word separators, proclaims Google
--Underscores are now word separators, proclaims Google. I missed this story last year—the change was announced by Matt Cutts at WordCamp 2007.
A quote from Me, on Twitter
--The statement that the password anti-pattern “teaches users to be phished” should be rephrased “has taught users to be phished” - Me, on Twitter
Fire Eagle has launched!
--Fire Eagle has launched!. No need for an invite any more, hooray!
Django snippets: RequestFactory
--Django snippets: RequestFactory. I’ve been wanting this for ages; when I finally got around to writing it it turned out to only be a dozen or so li...
Carphone crackdown on phone insurance scam
--Carphone crackdown on phone insurance scam. Story from 2005 but relevant today: I’ve been pestered by scam calls about phone insurance since buying...
Reviews of the Pownce app on the iPhone app store on Flickr
--Reviews of the Pownce app on the iPhone app store on Flickr. I had to stitch together a screenshot because you can’t actually link to content in th...
IMG-2-JSON
--IMG-2-JSON (via). I’m not the only person deploying simple JSON-P APIs on App Engine: Adam Burmister’s tool extracts dimension, mimetype and EXIF m...
Exposure (iPhone app) behaves suspiciously
--Exposure (iPhone app) behaves suspiciously. Exposure on the iPhone does OAuth-style authentication incorrectly—it asks the user to authenticate in ...
MapIconMaker
--MapIconMaker. Extension API that lets you programatically construct a Google Maps bubble marker icon with a custom size, gradient and stroke colour...
Why I can't put Tibet in my Hotmail address
--Why I can’t put Tibet in my Hotmail address. Apparently it’s because “TIB” is name of a bank in Florida, and Microsoft are trying to prevent phishe...
Changeset 8266 - Added ModelAdmin.save_model() and ModelAdmin.save_formset() methods
--Changeset 8266—Added ModelAdmin.save_model() and ModelAdmin.save_formset() methods. One of those small changes that opens up enormous possibilities...
Facebook Security Advice: Never Ever Enter Your Passwords On Another Site, Unless We Ask You To
--Facebook Security Advice: Never Ever Enter Your Passwords On Another Site, Unless We Ask You To. Nice to see TechCrunch highlighting the hypocrisy ...
Open Web Podcast Episode 1
--Open Web Podcast Episode 1. I haven’t listened yet, but Alex Russell, John Resig and Dion Almaer all at once? Awesome.
Django 1.0 alpha 2 release notes
--Django 1.0 alpha 2 release notes (via). The last preview release before the 1.0 beta. Big new features are GeoDjango, pluggable file storage (which...
End of Life for PHP 4
--End of Life for PHP 4. Apparently 8/8/8 marks the end of the line for PHP 4—no new releases, no support, not even security patches.
A quote from John Dowdell
--Download size has been an issue in the past. [...] In the early days Macromedia did studies adding null kilobytes to Player downloads and measuring...
South
--South. A brand new light-weight Django migrations tool from Andrew Godwin. On first glance, this is spookily similar to the system we’ve been putti...
This Week in HTML 5 - Episode 1
--This Week in HTML 5—Episode 1. It looks like the most controversial aspect of the HTML 5 spec has been addressed—now, instead of omitting the alt a...
How Comet Brings Instant Messaging to meebo
--How Comet Brings Instant Messaging to meebo. “What started off as a hack appears to be fulfilling one of the most basic needs of the Web, which is ...
Battery Statistics
--Battery Statistics. Run “ioreg -w0 -l | grep Capacity” on a MacBook or MacBook Pro to find out the DesignCapacity (original) and MaxCapacity (curre...
FLOSS Weekly 34: Django
--FLOSS Weekly 34: Django. Randal Schwartz interviewed Jacob Kaplan-Moss at OSCON for the consistently excellent FLOSS Weekly podcast.
Firebug Lite 1.2
--Firebug Lite 1.2 (via). Huge upgrade to the IE/Opera/Safari bookmarklet version of Firebug—it now has DOM element inspection, XHR tracking and an i...
Your guilt at work
--Your guilt at work. If ten people sign up for a tenner-a-month ORG membership and send their confirmation code to Danny O’Brien, he’ll put out a sp...
Silverback has launched!
--Silverback has launched!. Clearleft’s “guerilla usability” software for OS X Tiger and Leopard—specialist screencasting software optimised for cond...
The Open Web Foundation
--The Open Web Foundation. Launched today at OSCON, an independent, non-profit organisation dedicated to incubating and protecting new specifications...
Why "variables" in CSS are harmful
--Why “variables” in CSS are harmful. Bert Bos thinks constants or macros in CSS will make it harder to learn. I personally think that the problem wi...
GeoDjango Documentation
--GeoDjango Documentation. Merged to Django trunk a few hours ago. The tutorial isn’t there yet, but the rest of the docs are worth exploring.
A quote from Mark Pilgrim
--My Universal Feed Parser was conceived as a weapon against what I considered the gravest error of XML: draconian error handling. Recently, someone ...
A quote from Piers Cawley
--Maybe git is the monads of version control - Piers Cawley
A quote from Seth Gordon
--There are two kinds of people who try to learn Haskell: the people who give up because they can’t figure out monads, and the people who go on to wr...
Facelift Image Replacement
--Facelift Image Replacement. Like sIFR but with JavaScript and a PHP text rendering component. I question the need for the JavaScript if you’re alre...
simple-thrift-queue
--simple-thrift-queue (via). Phillip Pearson’s surprisingly concise in-memory message queue written in Python using Facebook’s Thrift library (which ...
Dojango version 0.3 released
--Dojango version 0.3 released. A reusable Django application that provides Dojo, helper functions (dojo.data integration) and tools for switching be...
PDFMiner
--PDFMiner. Useful looking PDF parsing library in Python—can produce an XML representation of the text and style information in a PDF document.
"THIS IS NOT MLM!!!" - An Appreciation
--“THIS IS NOT MLM!!!”—An Appreciation. Merlin Mann explains his fascination with the “cash gifting” pyramid scams that keep cropping up on YouTube.
knol: content w/out context, collaboration, capital, or coruscation
--knol: content w/out context, collaboration, capital, or coruscation. danah boyd: “A system that is driven by individualism quickly becomes a tool f...
Quick OAuth Notes
--Quick OAuth Notes. Yesterday’s XMPP Summit resulted in a proposed standard for using OAuth to authenticate XMPP streams.
window.name Transport
--window.name Transport. The cleverest use of the window.name messaging hack I’ve seen yet: Dojo now has dojox.io.windowName.send for safe, performan...
How Dopplr learns
--How Dopplr learns. Dopplr uses global and personal trip histories to disambiguate place names, and your friends’ schedules to help disambiguate dat...
YouTube: Large Hadron Rap
--YouTube: Large Hadron Rap. The first time I saw this I thought it was incredibly dorky. By the third watch I realised I was actually learning things.
The quality of (US) journalism
--The quality of (US) journalism. Just wow.
A quote from Fredrik Lundh
--(It’s probably just me, but every time I stumble upon some thread involving people from the so-called “security community”, it’s like watching a Je...
Drizzle, Clouds, "What If?"
--Drizzle, Clouds, “What If?”. Exciting news in the world of MySQL: Drizzle is a new project to produce a massively stripped down version of the data...
Silicon Swings and Silicon Roundabouts
--Silicon Swings and Silicon Roundabouts. Matt Locke’s advice for anyone hoping to build a “Tech Hub” for startups, based on personal experience gain...
Beginner's Guide to Discovery
--Beginner’s Guide to Discovery. Extremely approachable introduction by Eran Hammer-Lahav.
A quote from Eran Hammer-Lahav
--Without a discovery process, machines must be told about resources ahead of time and will only be able to interact with resources that they already...
Large Hadron Collider nearly ready - The Big Picture
--Large Hadron Collider nearly ready—The Big Picture. Stunningly beautiful set of photographs of the LHC. I love Big Science.
Email Address to URL Transformation (EAUT) specification now available!
--Email Address to URL Transformation (EAUT) specification now available!. Allows OpenID users to login using their E-mail address, which is converte...
Python BoF and Django Drinkup
--Python BoF and Django Drinkup (via). At OSCON? Come along to the Jax Bar tonight (Tuesday 22nd) from 7pm to 10pm to hang out with fellow Pythoneers...
Replacing Django's Template Language With Jinja2
--Replacing Django’s Template Language With Jinja2. Part of Wil Larson’s series on taking advantage of Django’s loose coupling.
ComicVine.com
--ComicVine.com. Also powered by Django, Whiskey Media’s comic book encyclopedia and community. 43,000 characters and 94,000 issues and counting.
Changeset 8162
--Changeset 8162. “Implemented a secure password reset form that uses a token and prompts user for new password”—also sneaks base36 encoding and deco...
Super User Conditional Page Exception Reporting
--Super User Conditional Page Exception Reporting. The name is almost as long as the code snippet: this serves Django’s debug page to logged in super...
"Simon Willison's Weblog" on the redesigned Delicious
--“Simon Willison’s Weblog” on the redesigned Delicious. The new search feature is extremely impressive; I can see myself coming here before hitting ...
Spawning + Django
--Spawning + Django. The latest version of Spawning (a fast Python web server built on top of the Eventlet non-blocking coroutine networking library)...
DjangoCon & Django 1.0 updates
--DjangoCon & Django 1.0 updates. DjangoCon tickets will be released in two batches of 100. The first set will be available at 12 noon UTC on Thu...
OSCON in 37 minutes
--OSCON in 37 minutes. 45 OSCON talks summarised by their presenters in just 37 minutes, compiled by Gregg Pollack. I get to rant about OpenID for a ...
json-head
--json-head. I’ve deployed another App Engine mini-app, which provides a JSON-P API for running HEAD requests against an arbitrary URL (useful for ch...
Extra fields on many-to-many relationships
--Extra fields on many-to-many relationships (via). Checked in just over an hour ago, Django now lets you specify a custom “through” table for a Many...
The law behind "tell a friend" services
--The law behind “tell a friend” services. Useful guide based on UK law, updated in July 2008.
Silicon Roundabout
--Silicon Roundabout. Matt Biddulph maps the abundance of interesting startups and tech companies that have popped up around Old Street in London.
The Price of Anonymity: Our Principles?
--The Price of Anonymity: Our Principles?. Alex Russell calls for a constructive step towards better gender balance in open source: make it clear tha...
Amazon S3 Availability Event: July 20, 2008
--Amazon S3 Availability Event: July 20, 2008. Don’t let the newspeak put you off; this is an honest and informative description of the bug that took...
ZeroMQ
--ZeroMQ. Open source message queue optimised for performance: claims 25?sec latency and 2.6 million messages per second.
A quote from Robert Lofthouse
--DjangoCon 2008. Venue: Gooleplex, San Francisco Bay Area. Dates: 6th and 7th Sept. Official post will be on djangoproject.com soon. - Robert Lofthouse
ftputil
--ftputil. Python’s built-in ftplib is ridiculously low level, requiring you to send RETR commands and even assemble downloaded chunks yourself using...
Protocol Buffers: Google's Data Interchange Format
--Protocol Buffers: Google’s Data Interchange Format. Open sourced today. Highly efficient binary protocol for storing and transmitting structured da...
A quote from Matt Cutts
--Question: how do you upgrade servers when you need to pass new information between them? It’s a fool’s game to try to upgrade both servers at the s...
Apple just gave out my Apple ID password because someone asked
--Apple just gave out my Apple ID password because someone asked. “am forget my password of mac,did you give me password on new email marko.[redacted...
Opera Web Standards Curriculum
--Opera Web Standards Curriculum. Opera commissioned an impressive sequence of articles from a bunch of very talented people to help address the mons...
A quote from Me, on Twitter
--It looks like the first ever Django conference will take place in early September in the San Francisco bay area. - Me, on Twitter
Growing the ORG community
--Growing the ORG community. The Open Rights Group want a fiver a month from 750 new people to support their excellent work fighting for digital civi...
Up Ship!: New Branding
--Up Ship!: New Branding. I hadn’t realised the Airpship Ventures Zeppelin (en route to San Francisco) is going to be used for the Stella Artois Star...
A quote from Tom Lane
--Historically the project policy has been to avoid putting replication into core PostgreSQL, so as to leave room for development of competing soluti...
OpenTech 2008 "Impossibox" presentation
--OpenTech 2008 “Impossibox” presentation. One of my favourite Open Tech sessions—Tom Loosemore describes the “Impossibox”, a cloud of PVRs collabora...
Django Unit Tests and Transactions
--Django Unit Tests and Transactions. If you’re using a transactional database engine (MySQL with InnoDB, Postgres or SQLite) you can speed things up...
3 and 1/2 minutes to sort a Terabyte, and a look at Hadoop's code structure
--3 and 1/2 minutes to sort a Terabyte, and a look at Hadoop’s code structure. Bill de hÓra uses some clever static analysis tools to explore Hadoop’...
Berlin Zoo on OpenStreetMap
--Berlin Zoo on OpenStreetMap. Someone has added all of the animal enclosures in Berlin Zoo (with German animal names) to OpenStreetMap.
OSM routing, A*, cycle-filtered, python
--OSM routing, A*, cycle-filtered, python (via). A python library for finding routes using OpenStreetMap data.
CKAN - Comprehensive Knowledge Archive Network
--CKAN—Comprehensive Knowledge Archive Network. Aims to be the “Debian of data”, with apt-get style tools for installing datasets. Presented at Open ...
quipt
--quipt (via). Extremely clever idea: Cache JavaScript in window.name (which persists between page views and can hold several MB of data), but use do...
A Look at the Presidential Candidates
--A Look at the Presidential Candidates. The Big Picture (the Boston Globe’s fantastic photojournalism blog) presents a fascinating collection of his...
Queue everything and delight everyone
--Queue everything and delight everyone. Les Orchard explains why I’ve been getting interested in queues recently: “One of the problems it seems most...
A browser sniffing warning: The trouble with Acid3 and TinyMCE
--A browser sniffing warning: The trouble with Acid3 and TinyMCE. Opera recommend “bug detection”, a step up from object detection and browser sniffi...
Running C and Python Code on The Web
--Running C and Python Code on The Web. Adobe are working on a toolchain to compile C code to target the Tamarin VM in Flash. This will allow existin...
A quote from Kroc Camen
--A printer driver is a folder with one “.ini” file, and a couple of “.dll”s and that’s it. It is not a 50 MB download. It is not an IE Toolbar, and ...
Phasing out support for IE 6 across all 37signals products on August 15, 2008
--Phasing out support for IE 6 across all 37signals products on August 15, 2008. Interesting move considering BaseCamp is used for communicating with...
Show Us a Better Way
--Show Us a Better Way. The UK Government’s Power of Information Taskforce are running a mashup competition (a.k.a. “ideas for new products that coul...
Independence Day: HTML5 WebSocket Liberates Comet From Hacks
--Independence Day: HTML5 WebSocket Liberates Comet From Hacks. The HTML5 spec now includes WebSocket, a TCP-style persistent socket mechanism betwee...
Table Drag and Drop jQuery plugin
--Table Drag and Drop jQuery plugin. Drag and drop of table rows is a special case (jQuery UI doesn’t seem to support it)—this plugin works pretty we...
Portable Social Networks, The Building Blocks Of A Social Web
--Portable Social Networks, The Building Blocks Of A Social Web. Ben Ward’s tour de force of practical tools and techniques for building out the dist...
IE8 Security Part IV: The XSS Filter
--IE8 Security Part IV: The XSS Filter (via). IE8 will include an XSS filter to identify and neutralise “reflected” XSS attacks (where malicious code...
ratproxy
--ratproxy. “A semi-automated, largely passive web application security audit tool”—watches you browse and highlights potential XSS, CSRF and other v...
eval() Kerfuffle
--eval() Kerfuffle. The ability to read supposedly private variables in Firefox using a second argument to eval() will be removed in Firefox 3.1.
ORG verdict on London Elections: "Insufficient evidence" to declare confidence in results
--ORG verdict on London Elections: “Insufficient evidence” to declare confidence in results. Electronic voting strikes again. Also of interest: the a...
Ruby's Vulnerability Handling Debacle
--Ruby’s Vulnerability Handling Debacle. The critical Ruby vulnerabilities are over a week old now but there’s still no good official patch (the secu...
Poking new holes with Flash Crossdomain Policy File
--Poking new holes with Flash Crossdomain Policy File. This is an old article from 2006 which describes the crossdomain.xml hidden in a GIF exploit I...
Django File Uploads
--Django File Uploads (via). Nearly two years in the making, Django???s file upload capacity has received a major (and backwards incompatible) upgrad...
Evil GIFs: Partial Same Origin Bypass with Hybrid Files
--Evil GIFs: Partial Same Origin Bypass with Hybrid Files. First there were PNGs that had crossdomain.xml files embedded in them, now there are GIFs ...
Delighting with Data
--Delighting with Data. Tom Taylor’s full transcript and slides for his recent talk at Oxford Geek Night—talks about Twitter bots, wikinear, iamnear....
Whitespace Sensitivity
--Whitespace Sensitivity. Amusingly, Ruby is actually far more sensitive about whitespace than Python is.
A quote from Bruce Schneier
--???Digital Manners Policies??? is a marketing term. Let???s call this what it really is: Selective Device Jamming. It???s not polite, it???s danger...
Javascript protocol fuzz results
--Javascript protocol fuzz results. If your HTML sanitizer uses blacklisting rather than whitelisting here are a few more weird ways of injecting jav...
Enough Already with the Connections!
--Enough Already with the Connections!. Comet doesn’t mean making long-lived HTTP connections (which most browsers do anyway thanks to HTTP keep-ali...
The end of LugRadio
--The end of LugRadio. Wow. LugRadio was a podcast before the term podcast had even been coined. It will be sorely missed.
Microformats and accessibility: the soap opera that never ends
--Microformats and accessibility: the soap opera that never ends. “Be sure to tune in next week, when we’ll drown a leading accessibility expert to s...
Dissecting today's Internet traffic spikes
--Dissecting today’s Internet traffic spikes (via). Theo Schlossnagle on how the increasing popularity of interest aggregation services such as Digg ...
Dark Launches, Gradual Ramps and Isolation: Testing the Scalability of New Features on your Web Site
--Dark Launches, Gradual Ramps and Isolation: Testing the Scalability of New Features on your Web Site. Smart advice from Dare Obasanjo that extend t...
BBC iPlayer Beta
--BBC iPlayer Beta. Preview of the new version of the iPlayer. Nice to be able to listen to Radio programmes in the same interface as TV without havi...
RefactorMyCode.com
--RefactorMyCode.com. Neat community for discussing improvements to code snippets. Login using OpenID.
Graphite
--Graphite. Real-time graphing package for server monitoring, similar to RRDTool. Created by the team at Orbitz, using Django and ExtJS for the front...
How to sell your software for $20,000
--How to sell your software for $20,000 (via). The best article I’ve read on software entrepreneurship in ages.
Capital FM London Traffic Map
--Capital FM London Traffic Map. We launched this today at GCap (née Global Radio). I’m particularly impressed with how well the team handled cluster...
Module Pattern Provides No Privacy... at least not in JavaScript(TM)
--Module Pattern Provides No Privacy... at least not in JavaScript(TM) (via). JavaScript variables hidden inside a closure aren’t as hidden as I thou...
OAuth for Google Data APIs
--OAuth for Google Data APIs (via). Awesome. Now, how’s OAuth support shaping up over at Twitter (who are serious offenders when it comes to encourag...
sfical.py
--sfical.py. Neat idea: write a CGI script that turns a proprietary API (in this case the SalesForce events API) in to standard ical format, then run...
How-to: Full-text search in Google App Engine
--How-to: Full-text search in Google App Engine. Use search.SearchableModel instead of db.Model—it’s pretty rough at the moment which is probably why...
He/She/They: Grammar and Facebook
--He/She/They: Grammar and Facebook. Facebook are going to start requiring gender information because foreign language translations wind up being too...
The Cron Commandments
--The Cron Commandments. How to write well-behaved cron scripts, from Dean Wilson.
Browser Uploads to S3 using HTML POST Forms
--Browser Uploads to S3 using HTML POST Forms. I didn’t know you could do this: create a regular HTML form that gives people permission to upload dir...
A quote from Anil Dash
--Bill Gates has pulled off one of the greatest hacks in technology and business history, by turning Microsoft’s success into a force for social resp...
CookBookNewFormsFieldOrdering
--CookBookNewFormsFieldOrdering. Handy tip—change the order of fields in a Django newforms instance by over-riding form.fields.keyOrder (since fields...
Why do browsers still not have file upload progress meters?
--Why do browsers still not have file upload progress meters?. Great question.
BUG: XSS Security flaw in BaseCamp Messages
--BUG: XSS Security flaw in BaseCamp Messages (via). BaseCamp lets users include HTML and JavaScript in messages, on the basis that anyone with a Bas...
A quote from Andy Rutledge
--You may find that there are plenty of job listings where the job requirements are described as, “must be expert with Photoshop and Illustrator…” or...
mod_rpaf for Apache
--mod_rpaf for Apache. A more secure alternative to Django’s equivalent middleware: sets the REMOTE_ADDR of incoming requests from whitelisted load b...
A quote from Sean Nolan
--OpenID is a new and maturing technology, and HealthVault is frankly the most sensitive relying party in the OpenID ecosystem. It just makes sense f...
The point of "Open" in OpenID
--TechCrunch report that Microsoft are accepting OpenID for their new HealthVault site, but with a catch: you can only use OpenIDs from two providers...
Tailor
--Tailor. “Tailor is a tool to migrate or replicate changesets between ArX, Bazaar, Bazaar-NG, CVS, Codeville, Darcs, Git, Mercurial, Monotone, Subve...
The basics of creating a tumblelog with Django
--The basics of creating a tumblelog with Django (via). Ryan Berg suggests having a StreamItem model that links uses a GenericForeignKey to link to o...
Django snippets: Command to dump data as a python script
--Django snippets: Command to dump data as a python script. Extremely useful—dumps the data for an application as an executable Python script which w...
Oxford Geek Night 7: 25 June 2008
--Oxford Geek Night 7: 25 June 2008. I won’t be able to make this one, but a reminder for anyone in the area that the seventh Oxford Geek Night takes...
Removing Microformats from bbc.co.uk/programmes
--Removing Microformats from bbc.co.uk/programmes. “Until these issues are resolved the BBC semantic markup standards have been updated to prevent th...
jsontime
--jsontime. Nat and I threw this together this morning—it runs on Google App Engine and exposes Python’s pytz timezone library over JSONP.
Arbitrary code execution vulnerabilities in Ruby
--Arbitrary code execution vulnerabilities in Ruby (via). Sounds nasty—integer overflows and unsafe allocs leading to memory corruption. Definite DoS...
A quote from ator_fighting_eagle
--This is the new blog-spam. [...] ’web design company’ takes the highest ranking comment from reddit, and posts it on the site that the original com...
Google Trends for Websites: myspace.com,facebook.com
--Google Trends for Websites: myspace.com,facebook.com. New fun tool from Google Trends.
We're all ops people now
--We’re all ops people now. Edd’s experience reflects my own: the kind of systems I’m building these days involve way more than just development, the...
Comic Sans, the Film
--Comic Sans, the Film. “A documentary film coming soon”
What is it like to write a technical book?
--What is it like to write a technical book?. Plenty of food for thought from the lead author of the new edition of High Performance MySQL. It’s amaz...
PortingDjangoTo3k
--PortingDjangoTo3k. Martin von Loewis has started assembling a patch. His write-up illustrates some key differences between Python 2.X and Python 3—...
When Bugs Collide: Fixing Text Dimming in Firefox 2
--When Bugs Collide: Fixing Text Dimming in Firefox 2. Handy tips from Drew on fixing the glitchy text rendering in Firefox 2 when you animate opaci...
Kellogg's™ Lego® Fruit Flavored Snacks
--Kellogg’s™ Lego® Fruit Flavored Snacks (via). On the one hand, from a child safety point of view this is clearly one of most stupid product ideas i...
ncache
--ncache. A squid-style caching system built on top of nginx. Supports the HTTP PURGE method for cache invalidation.
James Bennett: Why HTML
--James Bennett: Why HTML. Finally, somewhere to point people when they ask why I avoid XHTML that’s a bit more up to date than Hixie’s rant from 2002.
Reddit release their codebase
--Reddit release their codebase. Under the same Common Public Attribution License used by Facebook for their recent source release.
New foundation for Django
--New foundation for Django. Django now has its own nonprofit software foundation (courtesy of a bunch of tough paperwork by Jacob Kaplan-Moss), and ...
Scaling your website with the Perlbal web server (PDF)
--Scaling your website with the Perlbal web server (PDF) (via). Perlbal documentation is pretty thin on the ground; this is a really useful introduct...
How not to apply for a job
--How not to apply for a job. Quite reasonably, 37signals care if job applicants get their wordmark right. Having worked for Yahoo! I know how import...
PEP 372 - Adding an ordered dictionary to collections
--PEP 372—Adding an ordered dictionary to collections. Yes please!
A quote from James Bennett
--There are two [Wikipedias]: One is the public-facing reliable-enough-on-average encyclopedia that people read every day, which makes for nice fluff...
Wikipedia:Canvassing
--Wikipedia:Canvassing (via). Apparently it’s considered bad form to tell people about debates occurring on Wikipedia (such as votes for deletion). L...
A quote from Jeff Atwood
--The fatal flaw of deletionism is the mindset of deciding what someone else *should* find interesting - Jeff Atwood
Comet (programming) on Wikipedia on 4th June 2008
--Comet (programming) on Wikipedia on 4th June 2008 (via). The last useful version (which I had pointed many people to) before it was gutted down to ...
Deep Profiling jQuery Apps
--Deep Profiling jQuery Apps. Neat plugin from John Resig that monkey-patches most (all?) of the jQuery methods to build up a detailed profile of whi...
A quote from Dare Obasanjo
--There is a reason why Flickr eventually killed Yahoo! Photos and why it was decided that Google Video be relegated to being a search brand while Yo...
A quote from Steve Yegge
--XML is better if you have more text and fewer tags. And JSON is better if you have more tags and less text. Argh! I mean, come on, it’s that easy. ...
Caffeine
--Caffeine. I’ve been using this for several months and I love it: it’s a simple OS X menu bar icon that lets you prevent your Mac from dimming the s...
Camouflage
--Camouflage. My other key piece of OS X presenting software—hides all of the icons on the desktop (no need to drag them all in to an “Archive” folde...
Spicing Up Embedded JavaScript
--Spicing Up Embedded JavaScript. John Resig collects the various ways in which a JavaScript interpreter can be hosted by Python, PHP, Perl, Ruby and...
Minimal
--Minimal. James Bennett follows Ryan Tomayko’s example and experiments with the minimalist school of blog design.
Trebuchets, Geohashes, and Richmond, VA
--Trebuchets, Geohashes, and Richmond, VA. I love how Randall Munroe lives his life in the spirit of XKCD.
DebugFooter middleware with Pygments sql syntax highlighting
--DebugFooter middleware with Pygments sql syntax highlighting. Andreas Marr has enhanced my Django DebugFooter middleware with proper syntax highlig...
Censoring the Internet at Paraguay
--Censoring the Internet at Paraguay. The state owned telecommunication company DNS hijacked the opposition party’s domain to point at a porn site du...
RFC: Django 1.0 roadmap and timeline
--RFC: Django 1.0 roadmap and timeline. Jacob’s proposed target is “early September” for the final 1.0 release.
Saturday Mornings: Going Live!
--Saturday Mornings: Going Live!. Some 1980s/1990s British nostalgia. I pinched a video of the theme tune from here for my talk on Comet at Brighton ...
A quote from Damien Katz
--Static typing in OO languages isn’t the solution to software complexity, rather it’s an enabler of it. Static typing is like giving a drunk a bunch...
the tls report
--the tls report (via). Clever service that analyses a web server’s SSL implementation and grades it based on things like the protocols, certificates...
Is It OK to Require JavaScript?
--Is It OK to Require JavaScript?. Not if you can avoid doing so. Unobtrusive JavaScript really isn’t hard if you design it in from the start, and si...
Reputation patterns in the Yahoo! Design Pattern Library
--Reputation patterns in the Yahoo! Design Pattern Library (via). Pragmatic advice from Yahoo! on encouraging community participation.
Shortcutting render_to_response
--Shortcutting render_to_response. I tend to use a simple wrapper function, but the other options described here are worth exploring. This is why I’m...
OS OpenSpace from Ordnance Survey
--OS OpenSpace from Ordnance Survey (via). Ordinance Survey now provide a free JavaScript mapping API for “non-commercial purposes” by “private indiv...
The X-Robots-Tag HTTP header
--The X-Robots-Tag HTTP header. News to me, but both Google and Yahoo! have supported it since last year. You can add per-page robots exclusion rules...
Ordnance Survey OpenSpace Demo
--Ordnance Survey OpenSpace Demo (via). Niall Kennedy threw a demo up on his site—the map seems to load a lot faster than Google Maps and the level o...
Updated jQuery Bookmarklet
--Updated jQuery Bookmarklet. Nicer than my own “Inject jQuery” bookmarklet because it drops in a temporary message confirming that jQuery has been i...
Geohash for spatial index and search
--Geohash for spatial index and search. Nice, clear explanation of what a Geohash is. It’s a way of encoding a lat/lon position as a short string, wi...
A quote from Joe Gregorio
--There was a time when you could whip out a parser in lex and yacc, stitch together a naive VM and throw it over the wall and you’d have a new scrip...
280slides and Objective-J
--280slides and Objective-J. 280 slides uses an Objective-C clone written in 13KB of JavaScript. I have to admit I’m completely baffled as to why yo...