Suppose you are sent a link to a website - e.g. https://example.com/page/1234 But, before you can access it, you need to log in. So the website redirects you to: https://example.com/login?on_success=/page/1234 If you get the password right, you go to the original page you requested. Nice! But what happens if someone manipulates that query string? Suppose an adversary sends you a link like…
Continue reading →
I was browsing the web recently when I can across this utter horror show of a font. Warning, not for the faint of heart. The thing is, I can't adequately describe why I - and many others - find it so disturbing. In all my years of reading English, I've never found a font which slants backwards. I'm used to italics so there's no reason it should seem weird. And yet... it's like the uncanny…
Continue reading →
I've never heard such whooping and hollering from a Bloomsbury Theatre audience. When Rachel Bloom prances on to the stage it is like seeing a revivalist preacher work the faithful. It would have been so easy for Bloom to rest on her laurels and give a "best of Bloom" revue - the crowd would have lapped it up. But, instead, she puts in the hard work to make something new and incredible. Because…
Continue reading →
When I was... Oooh... 8 or 9 I entered a "count the number of spots on the giraffe" competition one summer holiday. Apparently I was the only child who noticed that there was a spot on the tail, so I won a YEAR'S SUPPLY of Cadbury's Curly Wurlys. Nothing I've ever won since has lived up to that childish feeling of absolute glee I got from seeing a HUGE box of chocolate which was MINE! ALL MINE! …
Continue reading →
Sometimes you learn the most from failures! I wanted a <select multiple> element where the <options> were laid out in a grid. I nearly got there. It's possible to have the <option>s in a horizontal row - but only on Chrome and Firefox. Here's a quick fiddle showing the results: As you can see, it's possible to do some pretty extravagant styling of the individual <options> you can even…
Continue reading →
I'm a reasonably adventurous eater - but a rather underwhelming cook. So I thought I'd give these "posh ready-meals" a go. The pitch is simple. GreenChef will send you a big box of ingredients and a bunch of recipes to follow. You get exactly 175g of tomatoes, a precise number of lentils, and a sachet containing a perfect measure of spice. Follow the instructions and you'll have a tasty,…
Continue reading →
Many years ago, Google applied for the .zip Top Level Domain. ICANN, in its infinite wisdom, granted it. And now, I think, bad things are going to happen. You see computers try to be helpful. They see you wrote "visit example.com" and autolink the thing which looks like a domain name. That's handy - especially as most people don't have the time or skill to write HTML. So what happens when…
Continue reading →
Doing vocal impressions is hard. Doing them while singing is even harder. But Chirstina Bianco does it effortlessly, backwards and in high heels. I remember seeing the Forbidden Broadway show decades ago - Bianco is an alumna - and being slightly confused by all the "inside baseball" terminology. This new one-woman show is much more accessible. We were treated to Shania Twain singing Bucks Fizz, …
Continue reading →
This pissed me off and I couldn't figure out what I was doing wrong. So I'm blogging about my ignorance. Imagine you're using Symfony and Doctrine to access a database. You are using prepared statements to prevent any SQL injection problems. There are two main ways of doing this - and they disagree about how positional variables should be specified. Data Retrieval And Manipulation Here's a…
Continue reading →
I couldn't work out how to use Route Aliasing within my controller. I couldn't find anything in the documentation about it. But, thanks to a StackOverflow comment it is possible. Suppose you want users to be able to access a page using /users/123 and /people/123 - with both routes displaying the same data? Normally you'd write something like #[Route('/user/{id}', name: 'show_user')] - as it…
Continue reading →
The journalist David Pierce has written a piece about the birth and (almost) death of Google's AMP. Regular readers know I have been a vocal critic of AMP even when I was serving on its advisory committee. Nowadays, well, I can't remember when I last saw an AMP page (yay Firefox!) and I've never had a client ask me to develop an AMP site. Last year, I had a long chat with David about my…
Continue reading →
The Yamaguchi Foodstuffs Conglomerate emphatically denies causing tumours in vegetables. They did not "give a beansprout cancer". That would be irresponsible and against their 250 year commitment to responsible bio-agriculture development. Every culture has their own version of Grimm's "Der süße Brei". A cautionary tale of a magic porridge dispenser which, thanks to one woman's forgetfulness, e…
Continue reading →
