I've found an interesting, but low severity, way for a malicious user to selectively deny access to specific GitHub issues and Pull Requests. This doesn't affect the whole site - just targeted pages. It doesn't require elevated permissions, nor any special skills. This is just GitHub punching itself in the face. Here's how it works. An attacker creates thousands of comments in their own repos which contain references to a specific issue or PR in an external repo. When that issue or…
Continue reading →
In the glorious past, Amazon had an API for interacting with its "Wishlist" service. Not any more though. So, here's the inspiring story of how a rag-tag band of adventurers brought it back from the dead! Several years ago, Justin Scarpetti created a tool to extract data from an Amazon wishlist - the imaginatively named Amazon Wish Lister. It used that most vulgar of programming practices - Screen Scraping! Yup, gobble up the HTML and attempt to parse it. Needs must in a dire situation. …
Continue reading →
One of the interesting aspects of privilege is how it lays bare our unconscious assumptions about the world. A male software developer may never consider that a user would want or need to change their name. Thus they would design a product which ignored the millions of women changing their names after marriage. It's very temping to see software as racist when, in reality, it's more likely to have a root cause of unconscious assumptions. Take, for example, GitHub. You can host all of your…
Continue reading →
My good friend Richard Brent has often complained that my blog has very little Shakespeare content. Despite the domain name, I don't think I've ever blogged about The Big S. For shame! Fear not, my Brentish-Boy, this post is all about Shakespeare. And MySQL.... Ahem... When I first started shkspr.mobi it was intended to be an easy way to get Shakespeare on your phone. At that time, there were no mobile formatted texts of his plays and sonnets, so I had to create them. Finding…
Continue reading →
When people ask me which QR generator to use, I usually suggest Google Charts. However, recently I've become dissatisfied with its limitations, so I've decided to write and release my own QR encoder. I'm still looking for a catchy name for it (suggestions welcomed) - so for now it's called "QR Generator PHP". It's available on GitHub or you can use it directly. So, how does it compare to Google Charts? FeatureNew QR EncoderGoogle Charts Image FormatsPNG, JPG, GIFPNG Maximum Image…
Continue reading →
