thebeebs | November 2009
thebeebs
Learn the art of website security
 
 

Dynamic objects in C# 4.0

by thebeebs 16. November 2009 10:00

expando Ladies and Gentlemen allow me to introduce you to the fantastic Expando... I felt like I had to open this blog post like that because the name Expando conjures up the image of a cheap magician, a sort of dishevelled David Blaine. The similarities between this object and David Blaine do not end there; the dynamic way that this object can get and set properties really is magic. Ok it's no "Cutting a lady in half" or my imprisoned uncles "Hide the sausage" but it's special none the less.

 

Below you can see the new Expando object lets you add properties to an object on the fly at runtime...

 

dynamic contact = new ExpandoObject();
contact.Name = "Jeff";
contact.Age = 18;
contact.ContactInformation =  new ExpandoObject();
contact.ContactInformation.MobileNumber = "06078900567";
contact.ContactInformation.MobileNumber = "test@thewayithink.co.uk";
contact.Address = new List<dynamic>();
dynamic addy = new ExpandoObject();
addy.HouseNumber = 12;
addy.Postcode = "NN36QJ";
contact.Address(addy); 
 

As you can see to add an object to an object you just set the property to be a new ExpandoObject. To create a list you simply add a new List<dynamic>() to one of the properties.

 

Dynamic Languages are fun, but I'm sure this will open up the floodgates to some awfully hacky code in the future.

Tags:

Getting strict on External links

by thebeebs 15. November 2009 08:22

jquery If you want to have all links in your document that point to external sites open up in a new window then you’ll realise you can no longer use target=”_blank”… well that’s if you want to conform to XHTML strict. The Jquery Snippet below could solve your problem.

 

 

 

$.expr[':'].external = function(obj)
{    
return !obj.href.match(/^mailto\:/) && (obj.hostname != location.hostname);
};

$(document).ready(function() {
$('a:external').attr('target', '_blank');
});

Tags:

How do Facebook put text in their password fields

by thebeebs 13. November 2009 10:22

If you’ve logged into Facebook recently you may or may not have noticed that the password field says Password and the email field says Email, which is nice because it means you don’t need to waste space with labels next to your textboxes. I’ve replicated the feature here, and you can download the source here.

 

However password boxes don’t show text, when you type into them they hash the text to protect you from prying eyes… so how do Facebook do it?

 

facebook login

 

Well they do it with a little CSS and a little JavaScript, but sadly it’s not a simple effect to achieve you can’t just change the input type of the text box on focus, like you might imagine. To get a closer look It’s best if we switch CSS off in the browser and visit facebook, what you’ll see it this:

 

facelogin

 

 

 

You’ll notice we have three boxes, now the new middle box is a password input box that is hidden using CSS, If you enter text into it then it’ll be hashed:

 

facebookloginhashed

If you click on the third text box it disappears and your focus is sent to the second textbox.

facebooktwoboxes

 

 

So to recap we have to write the following features:

 

Feature: Password should be displayed then got rid of
Given the password reads “Password”

and the user clicks password

then the “Password” text should be cleared

 

Feature: Password should be displayed the got rid of when the user tabs

Given the password reads “Password”

and the user is in the Email textbox

and the user hits tab

then the “Password” text should be cleared

 

Feature: User types a password
Given a user clicks on the password

and starts typing
when the the password is displayed
Then it should be hashed

 

Feature: User pastes a password
Given a user clicks on the password
and pastes the password
when the the password is displayed
Then it should be hashed

 

Feature: User tabs then types a password
Given a user has typed their email
and hits tab
and starts typing
when the the password is displayed
Then it should be hashed

 

Feature: User tabs then pastes a password
Given a user has typed their email
and hits tab
and pastes a password
when the the password is displayed
Then it should be hashed

 

I managed to replicate the feature and have put the source below, tomorrow I’ll walk through the code and explain how it was achieved.

 

You can view a demo here: http://www.thewayithink.co.uk/code/prettypassword/prettypassword.html

 

And can download the source here: http://www.thewayithink.co.uk/code/prettypassword/jquery.prettypassword.zip

Tags: , , , ,