Simon Willison blogs at http://simon.incutio.com/ xml

A Curious Course on Coroutines and Concurrency

24/04/2009 @ 12:00 UTC

Simon Willison : A Curious Course on Coroutines and Concurrency - A Curious Course on Coroutines and Concurrency. David Beazley’s sequel to last year’s mind-expanding “Generator Tricks for System Programmers?, perfect for if you’ve ever puzzled over what exactly you can use Python’s generator-based corouti

OAuth Security Advisory 2009.1

23/04/2009 @ 16:00 UTC

Simon Willison : OAuth Security Advisory 2009.1 - OAuth Security Advisory 2009.1. It’s a show-stopper: an attacker can start an OAuth permission request flow from a consumer site, then trick another user from the same site in to completing that flow and hence authorising the attacker to act on their

The First Ten Things the New CEO of MySpace Should Do

23/04/2009 @ 12:00 UTC

Simon Willison : The First Ten Things the New CEO of MySpace Should Do - The First Ten Things the New CEO of MySpace Should Do. From the always thought provoking Jason Calacanis.

And Now For Something Entire... Oooh! Shiny!

22/04/2009 @ 13:00 UTC

Simon Willison : And Now For Something Entire... Oooh! Shiny! - And Now For Something Entire... Oooh! Shiny!. Alex Russell on O3D, the new 3D browser plugin from Google that makes OpenGL accessible to JavaScript (and embeds V8 so performance won’t suck even on slower browsers).

Finding and fixing memory leaks in Python

22/04/2009 @ 13:00 UTC

Simon Willison : Finding and fixing memory leaks in Python - Finding and fixing memory leaks in Python. Using Dozer, a clever piece of WSGI middleware which displays sparklines of Python object counts and allows you to introspect them, using the gc module under the hood.

Some Notes on Distributed Key Stores

21/04/2009 @ 10:00 UTC

Simon Willison : Some Notes on Distributed Key Stores - Some Notes on Distributed Key Stores. Another ringing endorsement for Tokyo Cabinet, this time from Leonard Lin.

joshua : Some Notes on Distributed Key Stores - some issues w voldemort, summary of other things

Rod Begbie : Some Notes on Distributed Key Stores - Leonard Lin's summary of "the market" of distributed key stores. I haven't needed to do anything terribly large-scale yet, so redis has been Good Enough for me. [via#

Jeremy Zawodny : Some Notes on Distributed Key Stores « random($foo) - Some Notes on Distributed Key Stores « random($foo): good stuff form Leonard... also see the comments and discussion

peeping into memcached

20/04/2009 @ 20:00 UTC

Simon Willison : peeping into memcached - peeping into memcached. “Peep uses ptrace to freeze a running memcached server, dump the internal key metadata, and return the server to a running state?—you can then load the resulting data in to MySQL using LOAD LOCAL INFILE and analyse it using

pubsubhubbub

20/04/2009 @ 20:00 UTC

Simon Willison : pubsubhubbub - pubsubhubbub. From Brad Fitzpatrick, a simple but clever way of using web hooks (HTTP callbacks) to inform subscribers that an Atom feed has updated in almost real-time—solving the constant polling problem and making it easier for small sites to offer

Phusion Passenger for nginx

20/04/2009 @ 06:00 UTC

Simon Willison : Phusion Passenger for nginx - Phusion Passenger for nginx. Passenger (aka mod_rails / mod_rack) enables easy deployment of Rails and Ruby apps under Apache... and the latest version adds support for nginx as well. It works as an HTTP proxy and process manager, spawning worker proces

Sign in with Twitter

20/04/2009 @ 05:00 UTC

Simon Willison : Sign in with Twitter - Sign in with Twitter. Intriguing: Twitter are now an OpenID-style identity provider... using OAuth.

Haystack

17/04/2009 @ 23:00 UTC

Simon Willison : Haystack - Haystack. A brand new modular search plugin for Django, by Daniel Lindsley. The interface is modelled after the Django ORM (complete with declarative classes for defining your search schema) and it ships with backends for both Solr and pure-python Whoos [via]

joshua : Haystack - Search for Django

The Pac-Man Dossier

17/04/2009 @ 21:00 UTC

Andy Baio : The Pac-Man Dossier - an exhaustively researched and well-written guide, with gameplay details I've never seen before  [via]

Simon Willison : The Pac-Man Dossier - The Pac-Man Dossier. Exuberantly detailed. Everything from how collision detection works to the exact pathfinding and target selection algorithms used by the four different ghosts. There’s even a tutorial for playing the legendary 256th level, where a

Rod Begbie : The Pac-Man Dossier - Relentlessly thorough documentation of the history, design and strategy of Pac-Man. [via#

Make your site faster and cheaper to operate in one easy step

17/04/2009 @ 18:01 UTC

Jeremy Zawodny : Make your site faster and cheaper to operate in one easy step - Make your site faster and cheaper to operate in one easy step: yes, compress your shit. this is not 1995 anymore

Simon Willison : Paul Buchheit: Make your site faster and cheaper to operate in one easy step - Paul Buchheit: Make your site faster and cheaper to operate in one easy step. Paul promotes gzip encoding using nginx as a proxy, and mentions that FriendFeed use a “custom, epoll-based python server? as their application server. Does that mean that

Drop ACID and think about data

17/04/2009 @ 18:01 UTC

Simon Willison : Drop ACID and think about data - Drop ACID and think about data. I’ve been very impressed with the quality and speed with which the PyCon 2009 videos have been published. Here’s Bob Ippolito on distributed databases and key/value stores.

Installing CouchDB from source on OS X

17/04/2009 @ 17:01 UTC

Simon Willison : Installing CouchDB from source on OS X - Installing CouchDB from source on OS X. So far I’ve just been playing with it in an Ubuntu virtual machine.

Cross Browser Base64 Encoded Images Embedded in HTML

17/04/2009 @ 17:01 UTC

Simon Willison : Cross Browser Base64 Encoded Images Embedded in HTML - Cross Browser Base64 Encoded Images Embedded in HTML. Scarily clever. View the PHP source to see what’s going on—most browsers get image tags that use data URIs starting with data:image/png;base64, but IE gets served a Content-type:message/rfc822 he [via]

Developing Django apps with zc.buildout

16/04/2009 @ 11:00 UTC

Simon Willison : Developing Django apps with zc.buildout - Developing Django apps with zc.buildout. Jacob went ahead and actually documented one of Python’s myriad of packaging options.

Paul Lamere interviews a 4chan hacker about the TIME poll manipulation

16/04/2009 @ 01:00 UTC

Andy Baio : Paul Lamere interviews a 4chan hacker about the TIME poll manipulation - custom Windows apps, Perl scripts, and proxies to submit thousands of votes per minute

Simon Willison : Inside the precision hack - Inside the precision hack. How 4chan members subverted a Time.com online poll to reorder the options and spell out their own message. Partly poor application design from Time (the first version used a GET request without input validation), but I challen

Digg drops the DiggBar for all non-Digg users

15/04/2009 @ 23:00 UTC

Andy Baio : Digg drops the DiggBar for all non-Digg users - which, really, they should've done in the first place  [via]

Simon Willison : (Yet) Another DiggBar Update - (Yet) Another DiggBar Update. Digg are responding in exactly the right way in my opinion—the DiggBar will start returning 301 redirects for anonymous users, while users who are logged in to Digg can opt-out of the feature if they want to (usage statis

10 Cool Things We'll Be Able To Do Once IE6 Is Dead

15/04/2009 @ 15:00 UTC

Simon Willison : 10 Cool Things We'll Be Able To Do Once IE6 Is Dead - 10 Cool Things We’ll Be Able To Do Once IE6 Is Dead. Highlights include child and attribute selectors, 24bit PNGs and max-width and min-width. Simple pleasures, but I can hardly wait.

London's abandoned Underground Stations on Google Street View

14/04/2009 @ 16:00 UTC

Simon Willison : London's abandoned Underground Stations on Google Street View - London’s abandoned Underground Stations on Google Street View. “The network is littered with buildings that belonged to stations that closed their doors to the public because routes were changed and diverted, or because there was just too little tra

Counting the ways that rev="canonical" hurts the Web

14/04/2009 @ 15:00 UTC

Simon Willison : Counting the ways that rev="canonical" hurts the Web - Counting the ways that rev=“canonical? hurts the Web. Mark Nottingham complains about misapplied trust (a page can falsely claim to be the canonical URL for another page), the easy confusion between rev and rel and the lack of discussion with releva

deusx : mnot’s Web log: Counting the ways that rev="canonical" hurts the Web - "That’s because while I was watching the kids rolling down the grass slope on top of Parliament House, rev="canonical" started to gain some serious momentum, billing itself as a way to shorten URLs that “doesn’t hurt the Internet.?

Reducing XSS by way of Automatic Context-Aware Escaping in Template Systems

14/04/2009 @ 11:00 UTC

Simon Willison : Reducing XSS by way of Automatic Context-Aware Escaping in Template Systems - Reducing XSS by way of Automatic Context-Aware Escaping in Template Systems. The Google Online Security Blog reminds us that simply HTML-escaping everything isn’t enough—the type of escaping needed depends on the current markup context, for example [via]

deusx : Google Online Security Blog: Reducing XSS by way of Automatic Context-Aware Escaping in Template Systems - "For larger and complex web applications, we notice two related vectors for XSS: 1. A developer forgetting to apply escaping to a given variable. 2. A developer applying the wrong escaping for that variable for the context in which it is being

Visualising Sorting Algorithms

14/04/2009 @ 10:00 UTC

Simon Willison : Visualising Sorting Algorithms - Visualising Sorting Algorithms. Aldo Cortesi dislikes animations of sorting algorithms, so he designed a beautiful technique for statically visualising them instead (using Python and Cairo to generate the images).

joshua : visualizing sorting algorithms - nice use of python + cairo

Amazon Says Listing Problem Was an Error, Not a Hack

14/04/2009 @ 10:00 UTC

Simon Willison : Amazon Says Listing Problem Was an Error, Not a Hack - Amazon Says Listing Problem Was an Error, Not a Hack. “A friend within the company told him that someone working on Amazon’s French site mistagged a number of keyword categories, including the ’Gay and Lesbian’ category, as pornographic, using w [via]

xml
Upian.