Skip to a section of this page:
Getting closer with the Buttonise concept.
Again, the concept is not quite production-ready, but the OS mantra is Release early. Release often
(and a week between updates is often for me 
).
The key improvement of this release is that it will run well in common browsers (tested in Firefox 2, Opera 9, Safari 3).
There are still some styling issues to work through and a couple of functionality issues with IE6.
Here’s a sneak preview of something I’ve been thinking about and working on for a while: Buttonise.
Its already been through quite a few variations and reviews, but its not quite production-ready yet (and it only works in Firefox ATM), but it is getting closer.
Buttonise is a way to style buttons consistently between browser makes and versions, what’s more, it allows you to style links as buttons, for those situations when you would like to use a link in amongst buttons without confusing the end user.
It is entirely unobtrusive, maintains the accessibility of the page it is incorporated into and conforms to the principle of progressive enhancement.
Let me know whay you think.
I finally got around to finishing the jQuery redevelopment of ExMenu.
As ever, ExMenu is an unobtrusive DHTML tree menu widget.
The new version boasts a smaller footprint (thanks to jQuery) and more flexible setup options.
Version 2 also sports some cute new styling options.
I have finally found the time to upload the latest version of the compact sections JavaScript class.
The new version of class.CompactSectionsManager.js supports a tabbed-pane display mode as a subtle variation of the same simple semantic XHTML used to markup the expandable sections display mode.
A working example page is also now available!
Today we start a new category of article called How Not to Build a Web Application.
This sort of ridicule may seem petty, but in the interest of Full Disclosure, I think it is justified. And of course: Critisicing is easier than doing .
In this first installment we take a look at a simple security hole in willitblend.com based around URL parameters.
Will it blend? is a textbook example of Viral Marketing done well. From a Marketing point of view, it is executed flawlessly: the content, the format, the presenter, the music, the shameless self-promotion… all perfect! Unfortunately the technical implementation of the site leaves a little more to be desired.
willitblend.com has two categories of video, Don’t Try This @ Home and Try This @ Home. The former category comes with a large warning notice to ensure that small children don’t attempt these dangerous blending experiments at home. Videos in the latter category come with an equally eye-cathing message encouraging all and sundry to attempt what is portrayed in the video in the comfort of their own kitchen. (I may be paraphrasing)
We will examine my favourite Will it blend? video which features blending glass marbles into deadly powdered glass vapour, fantastic!!
Lets take a look at the URL and resulting page:
The first thing you’ll notice is video=rake. Okay, so they jumbled up their links, the rake URL points to the marbles video, and the marbles URL points to the rake video. That’s okay, everybody makes mistakes.
The second thing you’ll notice is that the URL includes the parameter type=unsafe.
At this point you are probably wondering: they wouldn’t rely on URL parameters to display the warning message, would they?
Try the following URL:
By removing the type URL parameter, the warning dissapears.
Following this through to its illogical conclusion, when the type parameter is replaced with safe, we get the message encouraging home participation above the highly dangerous video.
The moral of the story is, when creating websites or web applications you can avoid basic security holes (and blender-related injury) if you: Use URLs appropriately.
To exaggerate further:
And before I go, remember Kiddes: Try this at home! 
