Quantcast
Channel: Bill Sempf - Javascript
Browsing latest articles
Browse All 18 View Live

They aren't kidding about that 'enable exceptions' thing

In the default templates for WinJS Windows 8 applications, there are two lines that are easy to ignore:     // Uncomment the following line to enable first chance exceptions.    //...

View Article


Direct Object References

I have to use the Open Graph API from Facebook ton my current project, and I found a real life example of the Direct Object Reference flaw I discuss in my Pentesting ASP.NET talk.The Direct Object...

View Article


Win8 Metro Style navigation

WARNING! This is based on Developer Preview, and much has changed.Navigation in Metro is a little fuzzy right now. Fortunately Visual Studio has a navigation template. If you click File.NewProject, and...

View Article

Upcoming talks

I'm speaking at the Louisville .NET Developer's group about ASP.NET MVC pen testing and the OWASP Top 10 on Thursday June 21.I'm also scheduled to speak at That Conference, a developer summer camp in...

View Article

Image may be NSFW.
Clik here to view.

Updating your Windows 8 HTML 5 Metro project to RC

In updating my Metro app to Windows 8 RC, I only ran into one incompatibility - Microsoft revved WinJS (as they should!) The error I got was:Error 1 Could not find SDK "Microsoft.WinJS, Version=0.6"....

View Article


Treating users right

This is an excerpt from the upcoming book Programming Windows 8 with HTML5 for Dummies----------------------------------------Metro apps are different.  As I mentioned in This Is Not .NET, Metro apps...

View Article

Animating Windows

 This is an excerpt from the upcoming book Programming Windows 8 with HTML5 for Dummies-----------------------------------------The component animation that is inherent to HTML5 and even JQuery is not...

View Article

Image may be NSFW.
Clik here to view.

Doing security analysis on Windows 8 Metro Apps with Zed Attack Proxy

This is the first in a series of articles about attacking Windows 8 applications using Zed Attack Proxy, or ZAP. Windows 8 is the new version of the venerable Windows operating system from Microsoft....

View Article


Don't put secrets in the URL Querystring

I am working on an app for Facebook right now, and I came across this gem:Note that because this request uses your app secret, it must never be made in client-side code or in an app binary that could...

View Article

Browsing latest articles
Browse All 18 View Live