Chris Shiflett has a post today, Allowing HTML and Preventing XSS. The problem is how to allow users to format their contributed content without introducing security vulnerabilities. The answer is usually some sort of markup language or filtering and sanitization of HTML.
BBCODE was designed for this purpose. There is no actual standard, [...]
Well, I'm finally back in town after the holidays. Let me tell you, I'm glad to be home. Between multiple holidays and taking my grandma to her cancer treatments in Ann Arbor, I was gone far too much of last month.
My Grandma is doing well. They used an experimental new procedure called [...]
If, for some unfathomable reason, you put a meta tag refresh on every page of your site, you may want to consider not putting it on any page with a form on it. Especially a long complicated form. 30 minutes may seem like a long time to fill out a form, but sometimes [...]
I don't like to just link to stuff, but outsourcing choice at 37 signals is worth linking to. The post talks about designing interfaces with fewer choices. Really, the interesting thing here is Barry Schwartz and his book, The paradox of Choice. The paradox of choice being that having more choices makes [...]
Could this be the manifesto of "Extreme Simplicity?"
10 fundamental rules for the age of user experience technology:
More features isn't better, it's worse.
You can't make things easier by adding to them.
Confusion is the ultimate deal-breaker.
Style matters
Only features that provide a good user experience will be used.
Any feature that requires learning will only be adopted by a [...]
Del.icio.us has been down for a while. I use it for my public bookmarks, which are listed on the side of this blog. Here is a post with some recent random things that I would bookmark if I could.
The departure of the hyper-enthusiasts - "The Java hyper-enthusiasts have left the building" (along [...]
There seems to be much interest lately in input filtering in PHP, especially in cross site scripting prevention. I've always preferred input validation to input filtering, but I am giving filtering a new examination. My problem with filtering is with usability. The comments to this post are a good example. There [...]
Mac OS X has made an art of the process of installing an application on the desktop. For a properly packaged application, the process is:
Download.
Locate the application icon in your download directory and optionally move it to another location.
Double click on the application icon to run.
This is the essence of what apple calls Drag [...]
I just got back from helping my grandmother with her computer. We got her an iMac and she uses Apple's Mail program pretty effectively. Watching her use Mail is a real education in software usability. I've written before about some problems she had with mail. Apple has pretty much fixed every [...]
Here is a wrap up of some links and information from the friendster PHP conversion of a couple weeks ago.
First, it appears performance really was a major problem for friendster. Friendster Quickly Gathering Foes:
The key issues behind the Friendster abandonment trend, according to users, are the service's inability to do anything about its habitual [...]
All Posts
