Interactive Web Development

Twitter Bootstrap {8}

by Silva H

Twitter Bootstrap

           Bootstrap was developed by Mark Otto and Jacob Thornton at Twitter in August 2011 as a framework to encourage consistency across internal tools. Before the creation of Twitter Bootstrap, engineers had lot of difficulties to create descent websites and web application. They used various libraries that they were familiar with for interface development; however, there were lot of inconsistencies among the individual applications that made the scaling and maintaining them very difficult. Bootstrap began as an answer to these challenges and quickly accelerated during Twitter’s first Hackweek. read more...

Common Security Mistakes in Web Apps {2}

by Asim K
When creating a website, especially one that is either controversial or recieves a lot of hits, one is entrusted with the golden realm of keeping the website secure. Among just getting the website up, one has to worry about a multitude of issues including general security on the web. Is user data safe? Can an attacker pollute fake data onto your website? These are just some questions author Philip Tellis raises of Smashing Magazine. The first security mistake mentioned is Cross Site Scripting. This would be pulling and executing code from an attacker’s site, except on the server of the victim website. The second is Cross Site Request Forgery, where a website can trick visitors into performing an action onto a victim site. The third valuable tip is Click Jacking where buttons are invisibly coded onto websites to trick users into submitting information they would never have to begin with. The fourth is most relevant to our class: it is SQL Injection. SQL Injectin is a method when an attacker exploits inputs inside the website to gain access to the database server and make changes to it from the control they’ve received. SQL injection even gives the attacker power to run any line of sql code they want on your server, including the drop tables function which drops all information from your database. Similar to this is Shell Injection, which accesses priveledges on websites to add JavaScript or HTML code that is unwanted. The last and most popular is Phishing, which is creating scam websites. read more...

Checklist To Creating The Perfect WordPress Website {2}

by Asim K
Danny Cooper’s article, “A Comprehensive Checklist to Creating the Perfect WordPress Website” argues that, 1. WordPress is the number one Content Management System (CMS) for your website and 2. Presents a way to creating a perfect website based on the mentioned CMS. Cooper goes from step A to Z, beginning from purchasing the domain, to creating a database, to backing up the database, the recommended plugins, etc. Among the more technical details, Cooper also relates to the readers a very important post-website step: caching the website and injecting some tracking analytics to track traffic, both steps which, as a web designer myself, I find too often and easily overlooked. Also among the technicalities there are always the most important details: the bare basics. Cooper illustrates the basics of settings up the website in a very easy to understand manner citing other appropriate sources when needed. Although I may not agree with the thesis that WordPress is the best CMS out there (I’m more of a Joomla fanguy), Cooper makes very valid points in great step-by-step curriculum. read more...

The Emergence of Cascading Style Sheets {Comments Off on The Emergence of Cascading Style Sheets}

by Taylor G
This article I decided to blog about was written in 1999.  The reason I chose to write about it was because I found it interesting to see what these experts had to say about CSS back over 10 years ago.  The author of the article talks about when CSS was first released there was a lot of hype over it and how he didn’t want to commit to that hype.  He talked about how the web authoring tools, and how they were constantly changing back then.  There were so many standards that when a new one would come out a majority of the browsers wouldn’t be able to fully support them.  He talks about a specific incident when he was working on a page and was creating a table with lots of text, and the <font> tag wouldn’t be able to format every cell in the table, so for each cell he would have to include a <font> tag causing a lot of wasteful space.  Instead using CSS it could be eliminated by typing a simple <style> tag in the header of each page.  He later goes on to talk about how you can reference a page that is simply used for defining different parts of the page.  The method of calling these pages would be as simple as using a <link> tag.  He also talks about all the advantages of using a CSS page. read more...

New form of HTML Compression {Comments Off on New form of HTML Compression}

by Taylor G
This article I choose to write about I found really interesting.  Since this web development class deals with an understanding of HTML I enjoyed this article.  The article talks about how HTML is a standard for web pages, but it has disadvantages like “verbosity”.  The article deals with compression, so their solution to this problem would be using data compression.  Deflate is a general compression algorithm not tailored for HTML documents.  So they say that with a better compression algorithm based only for HTML documents would be able to achieve a much better compression ratio.  The main goal of their research was to find an efficient way to compress HTML documents, which in the long run would reduce internet traffic, and the storage of HTML.  They named their algorithm ‘Lossless HTML Transform’ (LHT).  They talked about two different dictionaries, a static dictionary and a semi-static dictionary.  Each dictionary and version has its own disadvantages.  Static LHT has a fixed English dictionary that it uses for compression.  Semi-static LHT doesn’t allow streams and it requires two passes over an input file.  The authors say that their compression algorithm can be combined with a general compression algorithm, in their case they used Deflate and PPMVC.  PPMVC achieves a very good compression ratio for a short amount of time and without the use of a lot of memory.  In their experiments they used HTML files without images from the internet.  The size of the files ranged from 5kB to 170kB.  As a result, compared to general compression algorithms, LHT improved HTML compression by an average of 17% while using Deflate and nearly 8% for PPMVC. read more...

Covering ASP.net in the Curriculum {1}

by Mike Y
Colleges need to teach students about new software and how to use them. There can be infinite opinions on the amount of lecturing on old versus new technology, but most can see that a mixture of both new and old is mostly beneficial for the student. The authors recommend instructing on “traditional mainframe as well as the Internet client/server environments.” Both Wallace and Wolf foresee an integration of the mainframe and web based technologies. Although the article is from 2006, it is still relevant today. read more...

Server Side Scripting Languages {Comments Off on Server Side Scripting Languages}

by Han C
My article is written by a columnist, Gary Roberts, who compare and contrasts the most popular scripting languages used to create dynamic service oriented web sites. He discusses how server-side scripting can be implemented and the software architectures involved. The comparison touches on the balance between security, productivity and service concerns. LAMP, a Linux based server running Apache, MySQL, and PHP or Perl, would ultimately require an “significant investment in knowledge acquisition.” On the other hand, Microsoft IIS, active server pages would be “the path of least resistance” because ASP would be easier to learn when compared to PHP or Perl. This is not to be confused with ASP.NET, which is a bit more difficult to learn but would be valuable to learn if you were to pursue a sizable project. The author selects Cold Fusion as his language of choice based on the ability for it to run on Microsoft, Linux, and Unix systems. In addition, it is considerably easy to learn. Ultimately, the choice of a server-side scripting language would be ranked by taking into consideration of cost, convenience, and ability to adopt or implement the technology. read more...

Microsoft Healthvault {3}

by Han C
The article discusses a partnership between the Microsoft Corporation and St. Jude Medical Center to better integrate data from implantable devices with patient health records. It reveals that since 2008, Microsoft has collaborated with companies such as Health Solutions Group and Merlin.net in an effort to share device information directly from patient care devices such as implanted cardioverter defibrillators. Health devices such as these monitors a patients vitals, collects data, and securely transmits the information to a internet-based system in which physicians can remotely follow-up with a patients progress and recovery. Data such as these can determine a patients’ heartbeat, rhythm, and even real-time electrograms. The collaboration with Merlin.net is to assure the standards of reliability regarding patient privacy and security while meeting regulatory requirements by the International Quality Certification Standards as all transmissions are encrypted using industry standard cryptography. read more...

Session Hijacking in ASP.NET {2}

by Gerardgon Z
The article talks about how easy it is to find and exploit unsecured websites using ELMAH (Error Logging Modules and Handlers for ASP.NET). ELMAH is an error logging module for ASP.NET websites that makes it easy for web masters to view the errors their websites are giving. It is a very popular module for ASP.NET and used widely. The information it gives administrators is so informative that hackers can use the same module to exploit and hijack a website by looking at the same logs. Unsecured ELMAH logs can be used to hijack the entire website because it can provide authentication cookies and user types which the hacker can easily spoof and create their own authentication cookies. Unsecured ELMAH logs can also provide sqlstatements and passwords from the internal database making it a very big security breach. The article then talks about how to protect and secure ELMAH and some best practices to avoid this easily mitigated exploit. read more...

Mac Excel 2011 Supports Visual Basic {2}

by Daniel S
Microsoft Office will support Visual Basic for Application macros for Mac’s Excel 2011. If you’re unaware the benefits of using Visual Basic for Applications macros, you can design interactive worksheet in Mac’s Excel 2011. Mac users would be happy to hear the news, since Visual Basic for Applications was discontinued for the release of Excel 2008. read more...