Told you I don’t update often…
Anyway, I did a small update to that validation project. Apparently, it allowed for xss attacks. Good thing there’s nothing valuable to get from my site (I think). So, for example, if I was to enter the following in the sitemap text box
an alert would come up that says “hi”. I think I solved the problem by using htmlspecialchars. And just to be safe, I used the same solution for displaying the urls in the table. You can try it here. Unfortunately, I don’t have a lot of experience in xss. Is there anything I’m missing or should be more aware of?
I’m hopping on the bandwagon and getting myself a blog. Don’t expect too much, though. I tend not to update these things…
I intend to have this blog cover code, projects I’m working on, or something related and interesting. However, I will probably post some random stuff, too. I have a couple bad jokes in my head. Keep on the lookout for them. 😀
So, first up, I created a little thing that takes in an xml sitemap, gets all the urls in that sitemap, and checks if they’re valid with W3C. You can take a peek here: michael.lavaveshkul.com/projects/validation/validator.php
I made it synchronously check one url at a time so that I and W3C don’t get flooded with http requests all at once.
Continue reading “Hello World!”