having fun with code

Tag Archives: bug

Titanium Developer: love and hate (Part II)

Written by Eneko Alonso on August 18, 2010 Leave a Comment

For the last four weeks and despite other projects and deadlines, I’ve been working on a mobile app for iPhone and Android, using Titanium Developer from Appcelerator. I still hate it. And I still love it. More to come…

Posted in uncategorized | Also tagged , , , , , , , , , , , , , , , , ,

Interesting JSON vulnerability (old stuff)

Written by Eneko Alonso on May 14, 2010 Leave a Comment

Somebody at work passed this article about an interesting vulnerability in web APIs that use JSON. The exploit combines Cross Site Request Forgery (CSRF) with a JSON Array hack allowing an evil site to grab sensitive user data from an unsuspecting user. The hack involves redefining the Array constructor, which is totally legal in Javascript. http://haacked.com/archive/2008/11/20/anatomy-of-a-subtle-json-vulnerability.aspx [...]

Posted in uncategorized | Also tagged , , , , , , , ,

About the blog

This is a blog about development, focused mainly on Javascript but also other languages like python, shell scripts and more.

About the author

Eneko Alonso is a software engineer and UI developer with more than eight years of experience in software and web development. He lives in San Luis Obispo, California and works at LEVEL Studios.

Contact Info

Contact Info

PromoteJS

JavaScript JS Documentation