Sorry about the dramatic title; I really doubt that input sanitization has killed anything. TL;DR: Don't sanitize password inputs. TL;RA*: Can you spot the bugs in the following code? /** * Sanitizes the given input by removing "<", and ">" characters. */ function sanitizeUserInput ( input ) { return input.replace( /</g, "&…
For XLSM files: Open the XLSM file with 7-Zip (right click -> 7-Zip -> Open archive). Copy the xl/vbaProject.bas file out of the file (you can drag and drop from 7-Zip), don't close 7-Zip Open the vbaProject.bas file with HexEdit Search for "DPB=" and replace it with…
The point of this post is so I don't forget how to solve this in the future. Every once in a while I receive the error message: "The target principal name is incorrect. Cannot generate SSPI context." when trying to connect to a SQL Server instance on another machine on…
Update: this project now has its own GitHub repo: https://github.com/davidmurdoch/ga-localstorage TL;DR: Click here to make the web faster. Oh, and share on Twitter, too! TL;RA: In 2010 I postulated on Stack Overflow that it may be possible to use Google Analytics without the baggage…
I recently released my first android app, Cashify. This post is a reflection on my experience building an Android app for the first time. If you want to know what the app does visit its Google Play page (and download it). Android Studio Lately, my daily IDE has been Visual…
Stoyan Stefanov at phpied.com explained how to do non-onload-blocking async JS. TL;DR: window.onload can now fire before your async script loads and we don't trigger the browser's loading indicators (except in Opera). I loved the method; but thought we could take it a bit further. I…
Use this at your own risk. If you try this and you break your system, I am not responsible. :-) I recently built a new computer and opted for an 120GB SSD for Windows 7 Pro and programs with a separate 1TB HDD for data. After installing the OS,…
This is just a proof-of-concept and quite is fragile and hacky. For this reason, I won't be explaining any of the techniques or even providing the code snippets for you. You can always fork the pen to play with it. See the Pen HfulB by David Murdoch (@davidmurdoch) on CodePen.…
We all know that "best practice" states that we should place all of our external javascript files at the end of the document body. And generally, we'd like to put all of our own scripts into a /js/scripts.js file and place it right after jQuery (and our…
My GoogleFu turned up nothing today when searching for IE9 only CSS hacks. After a couple hours of searching, and combining the hacks found in Paul Irish's excellent post about Browser CSS Hacks I gave up. I just moved on. I settled for that 1px difference between every…