I am in the process of building some mobile apps for one of my clients, and while I'm pretty familiar with running the iPhone simulator and building iPhone apps, I'm pretty new to the Android development tools at this point.

If you are using jQuery UI's Autocomplete control, your IE6 users may experience some issues when the autocomplete suggestions overlay a HTML <select> list. The autocomplete suggestions show up behind the select list in Internet Explorer 6.

Adobe released a security hotfix for a path traversal vulnerability in ColdFusion administrator (CVE-2010-2861, APSB10-18). On the Adobe security bulletin page it lists affected software versions: ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and earlier versions for Windows, Macintosh and UNIX.

How do you protect your code from Cross Site Scripting (XSS) when your business requirements state that the user must be able to input HTML? This can be a difficult problem to solve and XSS is very difficult to filter against because there are hundreds of attack vectors.

As promised I just published the slides for my Writing Secure CFML presentation at CFUnited 2010.

You can even watch a recording of the presentation brought to you by Tim Cunningham of CFMumboJumbo.com:

The slides for my 2010 CFUnited presentation Locking Down ColdFusion are now available. The presentation is based on the ColDFusion 9 Lockdown Guide whitepaper that I wrote for Adobe. It covers various techniques to make your ColdFusion installation more secure.