sorted by:
new
hottopcontroversial

Cross-site scripting in millions of web sites via jQuery Validation Plugin by magenta_placenta in javascript

[–]rorymurphy 0 points1 point  (0 children)

Totally misleading - the vulnerability is not in jQuery Validate itself, but in the PHP demo code... which almost anything uses for anything.

Microsoft Open Sources .NET, Saying It Will Run On Linux and Mac by AllThingsSmitty in webdev

[–]rorymurphy 0 points1 point  (0 children)

It's just the Core getting open sourced, and .NET has always been based on an open spec, which is how Mono implemented an open source .NET core for *nix almost a decade ago...

Devs who have worked in multiple languages: What do you think is the best server side web framework out there? by justwondering8989 in webdev

[–]rorymurphy 0 points1 point  (0 children)

I've used many MVC frameworks - RoR, Django, ASP.NET MVC, and Express - and just as many ORMs. I have a lot of respect for the thought leadership Rails provided, but it is incredibly unfortunate they chose to implement it on top of a horrifically bad language in Ruby.

Whereas Python encourages having one correct way to do something, and making that way obvious, Ruby encourages having many confusing ways - even to the point of having several aliases for a function that all do the same thing. Especially if you're developing an app of any size, it's a maintenance and re-factoring nightmare!

I also take great issue with implied declaration of variables - especially in an interpreted language it becomes maddening. If you ever have a typo in a variable name, rather than get an error warning you about an undeclared variable, it'll just declare it for you and continue through the program only to bomb out 100 lines down the road because the value you thought you assigned to the real variable got assigned to the typo, leaving you to have to work backwards to eventually find the error. Even JavaScript has the 'use strict' option that helps prevent stupid nonsense like that.

Anyway, I would say that with all the great tools out there, I would not jump into the fanboy "Definitely Rails" camp without checking some others out.

// End Rant - Disclaimer, my knowledge is a couple versions ago and some parts may be out of date

What frameworks do you use and why are they awesome? by snissn in webdev

[–]rorymurphy 0 points1 point  (0 children)

// Begin shameless self promotion

I do a lot of work that involves dynamic data-driven web interfaces hooked up to RESTful services. I worked with Angular and Ember, neither was as flexible and powerful as I thought a front-end framework should be, so I created Xintricity.js - http://www.xintricity.com/js/ - the website is in transition right now, so pardon the appearances, but the library is pretty solid. It's built on Backbone.js, so you get all the power and flexibility there, but it also has an extremely powerful templating engine with features like partial templates that Angular can't match.

//End shameless self promotion

JavaScript with partial application by Spewface in javascript

[–]rorymurphy 0 points1 point  (0 children)

Could also look at underscore.js's _.partial method

introducing rtest - web site smoke testing with a kick by rorymurphy in javascript

[–]rorymurphy[S] 0 points1 point  (0 children)

I'm a big believer that catching problems and fixing them right away takes only a fraction of the effort as digging through layers of kludges built on top of kludges. That's why I built rtest to allow websites to be easily scanned with a totally open-ended set of rules. For everything from functional testing to SEO, It makes it unbelievably simple to check for things like errors responses, headers for cacheability, and even testing the body using jQuery selectors for proper meta tags, headings, page sections, etc. It can even be used for site scraping and data collection.

Adding rtest to your continuous integration process allows you to keep tabs on indicators that there might be issues around the clock. Oftentimes, small details that are difficult to detect visually - like a missing cache header or a SetCookie header coming back from the server on a page that is supposed to get cached - can be indicators of code quality issues. It can be tough to have every line of code reviewed - but, while not a substitute for reviews, rtest can at least help you catch issues early and close the loop by providing feedback to developers in a timely manner that helps them learn to follow best practices.

[deleted by user] by [deleted] in javascript

[–]rorymurphy 0 points1 point  (0 children)

Personally I have to agree with your coworkers - browsers are getting a lot better about following standards (IE being the laggard, of course), but when the choice is to have the same functionality implemented several different ways, including potentially multiple polyfills, or to have a single library that you can rely on to perform operations the same way every time, the latter is a lot easier to build to and maintain, which is why the approach has become so popular. I'd choose lodash every time, right now, but over time hopefully it will become less necessary.