piątek, maja 11, 2007

Piątek - weekednu początek:
  1. Dla mojego domowego notebooka - FinalBurner Free (nagrywa nawet DVD) - fb_free.exe
  2. Dla developerów IE - IEDeveloperToolBar - wersja 1.0, to dopiero początek
  3. Co trzeba spełnić w IE 7 (http://blogs.msdn.com/ie/archive/2006/02/14/532211.aspx):
    1. E7 includes an enhanced experience for sites that include upcoming higher assurance SSL certificates including the lock icon with a green filled address bar. Along with other browsers, the Certificate authority industry is working with us towards a tougher SSL standard for the enhanced experience. This past Sunday and Monday, we met to work on the standard with the American Bar Association here in San Jose. The certificate authorities who coolaborated with us this weekend include Geotrust, Verisign, Identrus, Comodo, Cybertrust, Go Daddy and X-Ramp. To see what the experience will be like, you can try out the enhanced experience by downloading a test root certificate and then visiting our demo site using IE7 Beta 2 Preview. If you think your site should have this experience, contact your certificate authority to learn about their plans to offer higher assurance SSL certificates that will be recognized by the IE7 address bar.
    2. In the upcoming Beta 2 release, IE7 will let users sign into web sites using visual "InfoCards" rather than passwords. This eliminates a number of common attacks because when no password is typed, there is none to be stolen (and none to forget). The "InfoCard" system uses certificates to make it harder for imposter sites to pass themselves off as genuine.
    3. IE7 checks the signatures on downloaded programs such as ActiveX controls and executables to make it easy for customers to identify your code. If you distribute software over the internet, you should sign your code with a valid code signing certificate.
  4. Funkcjonalność usunięta z IE 7 (http://msdn2.microsoft.com/en-us/ie/aa740486.aspx):
    1. Offline Favorites--Offline Favorites and Scheduled Offline Favorites have been removed from Internet Explorer 7. Internet Explorer supports RSS feeds, which provide scheduled updates to web content and offline reading of this content. For more information about RSS feeds, read the RSS Blog.
    2. Scriptlets--Internet Explorer 7 disables Dynamic HTML (DHTML) scriptlets by default. (Scriptlets were phased out in Internet Explorer 5). They can be re-enabled by system administrators by changing the advanced settings in the Internet Control Panel. To change the setting, open Internet Explorer, click Tools, and then click Internet Options. In Internet Options, click the Advanced tab, and then scroll down to find Allow Scriptlets. If you are a developer and your programs rely on scriptlets, we recommend that you use more efficient DHTML behaviors. Disabling scriptlets by default is done to deemphasize unsupported technology in Internet Explorer.
    3. ActiveX controls--The new Internet Explorer 7 ActiveX Opt-In feature disables ActiveX controls on a user's machine. When the user visits a webpage that is trying to use a disabled ActiveX control, they see an Information bar to enable the control. Controls which were used in Internet Explorer 6 before upgrading to Internet Explorer 7, along with some pre-approved controls, are not disabled.
    4. Channel Definition Format (CDF)--All CDF support was removed from Internet Explorer 7 and replaced with the RSS feed reading experience. Feeds that the user is subscribed to are available to other applications through the RSS Platform. For details, read the RSS Platform.
    5. DirectAnimation--All DLLs to support the Internet Explorer DirectAnimation component were removed in Internet Explorer 7.
    6. XBM-- XBM, an imaging format designed for X-based systems, is no longer supported.
    7. SSL--Support for weak SSL ciphers was removed from Windows Vista and support for SSLv2 was disabled for Internet Explorer 7 on all platforms.

    8. BASE Element--Internet Explorer 7 strictly enforces the BASE element rule, as documented in the HTML 4.01 standard. We no longer allow BASE tags outside of the HEAD of the document. The standard specifies that the base element must appear within the head of the document, before any elements that refer to an external source.

    9. window.opener and window.close--Internet Explorer 7 no longer allows the window.opener trick to bypass the window.close prompt. Browser windows cannot close themselves unless the windows were created in script. This security enhancement no longer allows browsing to a random site when the main browser window closes unexpectedly.

    10. Changes that affect modal or modeless dialogs created from script--Modal or modeless dialogs created from script in Internet Explorer 7 might seem to be slightly bigger than their Internet Explorer 6 counterparts. This is caused by a change to the behavior of the dialogWidth and dialogHeight properties, which now set and retrieve dimensions of the content area of a dialog (from Internet Explorer 7 and later). It will no longer be necessary to calculate the area lost by elements of a dialog’s frame. Information on these changes will be posted on the Internet Explorer Blog.

    11. Generic Spoofing Risk Reduction in Internet Explorer 7--The window.prompt script method is blocked and the gold Information bar is displayed by default in Internet Zone for Internet Explorer 7. The helps prevent websites from spoofing things such as the logon screens of other websites. This is a new security enhancement for Internet Explorer 7.

    12. WWW-Auth--Internet Explorer 7 changes the precedence rules for WWW-Auth. Previous releases of Internet Explorer used the first header encountered. Internet Explorer 7 uses the first header except when the header is Basic. Internet Explorer 7 uses Basic authentication if no other authentication mechanism is present.

    13. HTTPOnly Cookies--HTTPOnly cookies can no longer be overwritten from scripts.

      _SEARCH--The _SEARCH sidebar is disabled by default in Internet Explorer 7. It is now a setting and can be turned by checking Enable websites to use the search pane in the Advanced tab of the Internet control panel.

      View Source--The view-source protocol no longer works in Internet Explorer 7.

      Gopher Protocol--Support for the Gopher protocol was removed at the WinINET level. (Gopher support was turned off by default in Internet Explorer 6.)

    14. window.external.ImportExportFavorites--window.external.ImportExportFavorites has been removed in Internet Explorer 7.

      Telnet--The Telnet protocol handler is no longer supported in Internet Explorer 7.

    15. SysImage URL Scheme--The SysImage URL Scheme has been removed from Internet Explorer 7.

      Status Bar Scripting--Scripts will no longer be able to set the status bar text through the window.status and window.defaultStatus methods by default in the Internet and Restricted Zones. This helps prevent attackers from leveraging those methods to spoof the status bar. To revert to previous behavior and allow scripts to set the status bar through window.status and window.defaultStatus, follow these steps:

      1. Open Internet Explorer, click the Tools button, click Internet Options, and then click the Security tab.
      2. Click Internet or Restricted sites, and then click the Custom level button.
      3. Scroll down to Allow status bar updates via script, select Enable.
      4. Click OK until you return to Internet Explorer.
    16. Security Settings for Script Access to the Clipboard--New security-related updates for Microsoft Internet Explorer 7 include a change in the default security settings for Script Access to the clipboard. Sites using scripts to access the clipboard in the Internet and Trusted sites zones will receive a prompt that will inform the user that their clipboard is being accessed by script. The prompt will require user permission to continue. Giving permission will allow the website to save information to the clipboard, and read any existing information from the clipboard. This security setting is designed to help prevent the possibility of information disclosure through script access to the clipboard.
    17. Installing Internet Explorer 7 with The Microsoft Windows Server® 2003 operating systems with Service Pack SP1 (SP1)--The home page will be reset to the secure page (res://shdoclc.dll/hardadmin.htm).
    18. Upgrading from Internet Explorer 6 to Internet Explorer 7 on Windows Server® 2003 operating systems with Service Pack SP1 (SP1)--Users upgrading from Internet Explorer 6 to Internet Explorer 7 on Windows Server® 2003 with the setting Enhance Security Configuration turned on might notice that the machine will not be set to the correct Enhanced Security Configuration (Internet Explorer Hardening) defaults for Internet Explorer 7. To change the settings back to the correct defaults, an administrator should turn OFF Enhanced Security Configuration and then turn it ON again. To do this,
      1. Open the Control panel.
      2. Select Add/ Remove Programs.
      3. Locate the Enhanced Security Configuration option.
      4. Turn it OFF.
      5. And now turn it ON again.
      6. Your server settings would be set to the correct Enhanced Security Configuration defaults for Internet Explorer 7.
    1. Active Desktop--Active Desktop has been removed from Windows Vista. It is still available on 32-bit versions of Windows 2003 Server and Windows XP SP2 with reduced functionality. The following features have changed:
      1. Synchronization of Active Desktop with online content is no longer supported.
      2. The ability to restore Active Desktop if software or the operating system stops responding is no longer supported.
      3. The Active Desktop item’s window does not show the title of the webpage (it shows the address of the webpage).
      4. For a webpage restricted by Content Advisor, the Action Cancelled page is not displayed.
  1. Skype 3.2 Gold - nowe możliwości.
  2. Concept Draw - witryny http://www.giveawayoftheday.com/
  3. Ciekawe programy -www.dobreprogramy.pl
Opracował w Brak komentarzy:

czwartek, maja 10, 2007

Co nowego w czwartek:

  1. W betanews - nowa wersja Yahoo widgets
  2. Część pierwsza świetnego tutoriala do uruchomienia na platformie AIX środowiska PHP/JAVA - ciekawe czy będą nastepne? Są dwa sposoby na uruchomienie tych dwóch technologii: "There is no convenient direct link between Java and PHP technology—they are two different technologies using completely different logic, binary, and deployment environments. However, one way that you could enable both systems to communicate with each other is to employ Service-Oriented Architectures (SOAs) and Web services to exchange information. In this example scenario, you would expose your Java application through a series of Web services. The PHP application would then act as a Web services client to communicate with the Java Web services interface.

    The other alternative is to use the PHP Java Bridge, which provides a direct object interface that allows you to share Java and PHP code directly within the same application."

  3. Nowy atak SUN w kierunku upowszechnienia Java w środowisku NetBeans - powstaje wersja 6 (oferowana jako early access na konferencji JavaOne), która umożliwi uruchamianie JavaScript i Ruby (JRuby w środowisku JVM). Język JS będzie potraktowany jako pełnoprawny obywatel w tym RAD. Ogólna dostępność - koniec 2007.
  4. Zalecenia odnośnie jak tworzyć w JS (autorstwa doświadczonego programisty Mat Kruse)
  5. Nowy rywal dla Google Apps - "Bringing OpenOffice to the Internet,” Mahdi Abdulrazak, Chief GravityZoo Evangelist, proclaimed to me."
  6. Ciekawe linki z VFP - http://www.cetus-links.org/oo_visual_foxpro.html - duże zasoby do sprawdzenia (źródło - http://www.foxclub.ru/)
  7. http://www.computerworld.com.au/index.php?id=1472160102&eid=-301 - dywagacje na temat PostgreSQL prowadzone przez autora.
  8. Nowy, ciekawy portal dla PHP - http://www.codewalkers.com/ coś ala developershed (http://www.devshed.com/c/a/Oracle/Data-Manipulation-and-More-for-HTML-DB-Applications/)
  9. Stosowanie MS SQL 2005 z produktami Expression - http://www.sqlservercentral.com/articles/articlelink.asp?articleid=2993
  10. Tutorialsy na różne tematy - http://www.tutorialdownloads.com/tutorials/C%20SHARP/C%20sharp-books-shelf1.html
  11. Dev shed na teamt Flex-a
  12. Zrozumieć JS - http://www.devshed.com/c/b/JavaScript/
Opracował w Brak komentarzy:

środa, maja 09, 2007

Ciekawe artykuły:
  1. http://www.lifetrainingonline.com/blog/how_to_read_people.htm
  2. http://www.devx.com/dotnet/Article/32421/0/page/1 -dekorowanie właściwosci w C#
  3. http://news.zdnet.com/2100-3513_22-6181922.html?tag=nl.e539 - Sun być może na konfrencji JavaOne ogłosi udostępnienie JavaFX script - uproszczonego język skryptowego do Javy
  4. http://www.oracle.com/technology/tech/oci/instantclient/index.html - dostęp do bazy 10gi bez konieczności "zabawiania się" plikami i zmiennymi konfiguracyjnymi.
  5. http://www.javascripttoolbox.com/bestpractices/ - Mathew Kruse - rady dla JS
  6. http://bignosebird.com/ - kolejny poradnik dla webmasterów
  7. http://www.codeproject.com/useritems/C__Instant_Oracle.asp - jak wystartować w C# z programowaniem do bazy Oracle 10gi przy pomocy "instant" oracle
  8. http://davidhayden.com/blog/dave/archive/2006/03/14/2883.aspx - blog dewelopera w C#
  9. http://www.eol.org/home.html
  10. http://www.motherearthnews.com/gallery.aspx?id=113446
  11. http://www.ndesign-studio.com/blog/mac/css-dock-menu
  12. http://brainden.com/logic-puzzles.htm

Opracował w Brak komentarzy:

wtorek, maja 08, 2007

Wtorek 8 maja:

  1. Ciekawe na temat możliwości JS - JavaScript allows you to perform an assignment at the same time as testing if the assignment worked. This can be used inside any conditional, including inside an 'if', 'for', 'while' and 'do - while'.

    if( x = document.getElementById('mydiv') ) {...}
    do {
      alert( node.tagName );
    } while( node = node.parentNode );

    Note that Internet Explorer on Mac will produce an error if you try to do this with an array, when it steps off the end of the array.

  2. To samo dotyczy instrukcji break, podobnie działa continue - 
    myForLoop:
    for( var x = 1; x < 5; x++ ) {
      var y = 1;
      while( y < 7 ) {
        y++;
        if( y == 5 ) { break myForLoop; }
        document.write(y);
      }
    }
  3. DHTMLxGrid - dhtmlxGrid is flexible JavaScript grid control with powerful API and Ajax support. It provides client-side solution for displaying, editing and sorting tabular data. Using dhtmlxGrid you can easily create dynamic tables with scroll bars, frozen columns, fixed multiline headers and multiple cell types (text, image, checkbox, radio button, combobox etc.). Smart rendering and paging output allow this grid to work effectively with large datasets.
  4. Biblioteka w JS dla base64 i sprintf (document.writeln('Result: ' + sprintf("Decimal %+05d, Float %07.2f, String '%-10.4s', Hexadecimal %05X", 123, 123, 'abcdefg', 123123));).
  5. To wszystko powyższe wziąłem z http://www.roscripts.com/.

  6. Writing after the page has loaded

    After the page has completed loading, the rules change. Instead of adding content to the page, it will replace the page. To do this, you should firstly open the document stream (most browsers will automatically do this for you if you just start writing). Then you should write what you want, and finally, you should close the document stream. Again, most browsers will automatically close the stream for you. The notable exception here is the Mozilla/Firefox family of browsers, that will continue to show a loading graphic until you close the stream. Some other browsers may fail to render part or all of the content. Just to be safe, make sure you always close the stream.

    <script type="text/javascript">
    document.open();
    document.write('<p>What ever you want to write</p>');
    document.write('<p>More stuff you want to write</p>');
    document.close();
    </script>

    That will remove everything that is currently being shown and replace it with what you write in there. This is the equivalent of moving the user to a completely new page. You should put <html> tags and things like that in there too if you want to use that method.

    You may notice that I close my HTML tags inside the script with a backslash before the forward slash in the closing tag. This is a requirement of the specification (and can cause the HTML validator not to validate your page if you forget it), although all browsers will understand if you omit the backslash.

    However, since you can write HTML with script, you can write style or even script tags with it, making one script import another. If you omit the backslash on any </script> tags that you are writing with the script, the browser will read that as the closing tag for the current script, and your script will fail.

    The same applies to opening or closing comments (although I fail to see why you would want to write comments using a script). These can be written as '<'+'!--' and '-'+'->'. When the script runs, the plus sign tells it to append the strings, creating a valid HTML comment.

  7. Ciekawe dywagacje na temat funkcji - http://www.howtocreate.co.uk/tutorials/javascript/functions
  8. Zabezpieczenie tarnsmisji -

    Normally, this cannot be done with JavaScript using the Internet alone. You can encrypt text at the user's end and unencrypt it at your end. The problem is that the user has to encrypt it with a password that you know so that you can unencrypt it. They would have to tell you by telephone or post. Alternatively, you could put the password in the source of the page and get the function to encrypt using that key. But this password would have to be sent over the internet in plain text. Even if you did encode it, it would not be too much work for a snooper to crack it. In fact, the encryption could even be broken with brute force techniques. So what do you do?

    The best possible technique would be to create a symmetric encryption key using a twin public/private key pair as with techniques such as Diffie-Hellman or SSL, or use an asymetric public/private key pair and encryption technique as with PGP or RSA. The problem is that in order to prevent brute force cracking techniques, these require the browser to handle numbers as high as 2x10600 or higher. JavaScript is just not natively capable of working with numbers as high as this. As yet, I have found no solution to this, although on http://shop-js.sourceforge.net/ there is an algorithm for emulating large number handling, and an example of JavaScript powered RSA. The technique seems to work and takes only a few seconds to create keys, by using complex mathematics and algorithms (look at the source of crypto.js) to emulate large number handling.

    Even so, if doing the equivalent of RSA (etc.), it is still not possible for the user to verify your identity as with SSL certificates, so it would be possible for a third party to inject their own code and have the information sent to them instead, without the user's knowledge. For the best security, stick to real SSL.

  9. Obiekty z JS - http://www.howtocreate.co.uk/tutorials/javascript/javascriptobject.
  10. Struktura DOM - http://www.howtocreate.co.uk/tutorials/javascript/domstructure
Opracował w Brak komentarzy:
Subskrybuj: Posty (Atom)