August 20, 2010
I am in the process of building some mobile apps for one of my clients, and while I'm pretty familiar with running the iPhone simulator and building iPhone apps, I'm pretty new to the Android development tools at this point.
This entry was:
August 16, 2010
If you are using jQuery UI's Autocomplete control, your IE6 users may experience some issues when the autocomplete suggestions overlay a HTML <select> list. The autocomplete suggestions show up behind the select list in Internet Explorer 6.
This entry was:
August 12, 2010
Adobe released a security hotfix for a path traversal vulnerability in ColdFusion administrator (CVE-2010-2861, APSB10-18). On the Adobe security bulletin page it lists affected software versions: ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and earlier versions for Windows, Macintosh and UNIX.
This entry was:
August 05, 2010
How do you protect your code from Cross Site Scripting (XSS) when your business requirements state that the user must be able to input HTML? This can be a difficult problem to solve and XSS is very difficult to filter against because there are hundreds of attack vectors.
This entry was:
August 05, 2010
As promised I just published the slides for my Writing Secure CFML presentation at CFUnited 2010.
You can even watch a recording of the presentation brought to you by Tim Cunningham of CFMumboJumbo.com:
This entry was:
August 04, 2010
The slides for my 2010 CFUnited presentation Locking Down ColdFusion are now available. The presentation is based on the ColDFusion 9 Lockdown Guide whitepaper that I wrote for Adobe. It covers various techniques to make your ColdFusion installation more secure.
This entry was: