Second Post!

Told you I don’t update often…

Anyway, I did a small update to that validation project. Apparently, it allowed for xss attacks. Good thing there’s nothing valuable to get from my site (I think). So, for example, if I was to enter the following in the sitemap text box

blah.xml "/><script type="text/javascript">alert("hi");</script><input type="hidden

an alert would come up that says “hi”. I think I solved the problem by using htmlspecialchars. And just to be safe, I used the same solution for displaying the urls in the table. You can try it here. Unfortunately, I don’t have a lot of experience in xss. Is there anything I’m missing or should be more aware of?

Hello World!

I’m hopping on the bandwagon and getting myself a blog. Don’t expect too much, though. I tend not to update these things…

I intend to have this blog cover code, projects I’m working on, or something related and interesting. However, I will probably post some random stuff, too. I have a couple bad jokes in my head. Keep on the lookout for them. 😀

So, first up, I created a little thing that takes in an xml sitemap, gets all the urls in that sitemap, and checks if they’re valid with W3C. You can take a peek here:
I made it synchronously check one url at a time so that I and W3C don’t get flooded with http requests all at once.

It grabs the urls from the loc tags (from the url tags) and puts them in the table. If you don’t have javascript turned on, it will determine the validity of each page then (and may take a while to load). If you don’t, then it turns “Is Valid” text in the upper-right corner into a link and automatically clicks when the page loads.

Continue reading “Hello World!”