I’ve been looking around the last few days for an open source code snippet library to put in place at my workplace. Most of the ones I came across by doing some searching either didn’t impress me or they had not been supported or updated in quite a few years. Does anyone know of or use one of these snippet libraries? In short, I am just looking for something that you can paste some code into and either categorize or tag by language, etc… Thanks in advance for any feedback!

It appears as though Facebook is finally getting the hint about it’s API. The company announced today they have released the Open Stream API. This new API will allow developers to take advantage of all kinds of Facebook features. This same openess has worked wonders for Twitter, and I am sure Facebook is hoping for the same. In my opinion Facebook was forced to do this in order to keep up Twitter, as their service is growing like a wildfire every day. I for one, have stopped using Facebook on a regular basis due to this. I do not like having to log into their website (which is slow) to interact with certain features. I love Twitter because I have a plethora of desktop and cell phone apps to choose from.

On a related note Facebook has also announced an application built for Adobe AIR. Now I can’t wait for TweetDeck to update and use all the new Facebook features!

Canonical officially announced the release of Ubuntu 9.04, previously code named Jaunty Jackalope. As with all Ubuntu releases you can download a desktop edition or a server edition. You can download your new version here.

Geek.com covers some of the major highlights of the new release:

• OpenOffice 3.0
• Latest Skype
• Latest Adobe Flash
• Faster boot times (reportedly as low as 25 seconds)
• Gnome 2.26
• Brasero 2.26 (all-in-one CD burning application)
• Better (more intuitive) multi-monitor support
• X.Org server 1.6, which supports several new video cards, as well as ATI-specific improvements including EXA acceleration (by default), 2D support for R6/R7 series, 3D support for R5 series, along with an updated -fglrx proprietary driver for R6/R7 series 3D support.
• More uniform notifications and system messages
• Ext4 file system support
• A Netbook Remix version, which offers:
  • Even faster boot speeds
  • Enhanced power management
  • Easier network switching
  • More intuitive icons and other design changes
  • Native support for Acer Aspire One, Asus Eee PC 1000, Dell Mini 9
• A Server Edition, which offers:
  web, print, file, database and mail servers – more efficiently. Ubuntu 9.04 Server Edition integrates the latest, stable Open Source applications from across the community, packaged and ready for users to deploy. New enhancements include improved virtualization with the latest KVM features, clustering support in Samba file server and easier mail server setup with out-of-the-box Dovecot-Postfix integration.In addition, Ubuntu 9.04 Server Edition will preview Ubuntu Enterprise Cloud (UEC). Ubuntu is the first commercially-supported distribution to enable businesses to build cloud environments inside their firewalls. With Ubuntu 9.04 Server Edition, organizations can explore the benefits of cloud computing without the data or security issues associated with moving data to an external cloud provider. Following a successful beta program last year, Ubuntu Server Edition 9.04 will also be fully available on Amazon Elastic Compute Cloud (EC2).

For the past week or so I have been trying out a beta version of a new Twitter application on my Blackberry, called UberTwitter. So far I have liked what I have seen. Previously I had been using TwitterBerry, which is probably the most used Twitter app for the Blackberry out there. There were just a few things I really didn’t like about it, with the biggest pain being the speed of the application in general. I have been very pleased with the speed of UberTwitter so far, especially considering this is the first beta release of the application. It also includes integration with GTalk, the Blackberry’s GPS functionality (it can geo tag the location of your Tweets), and also integrates it’s own picture functionality. The developers are already working on an update. You can read more about UberTwitter from their official site.

When you have a few spare minutes, check out this Boston.com photo gallery of some images taken from NASA’s Cassini spacecraft. These are some amazing photos!

I have been working on a new application the last few days and one of the requirements was to generate a short URL. There are many different URL shortening services out there today, but I decided to go with one of the original services, TinyURL. Although this service does not provide any sort of API, they do offer a quick and dirty HTTP post method of grabbing a short URL. Using CFHTTP in ColdFusion makes this easy, and only requires a single line of code:

 ColdFusion | 
 copy code |
?
 
1
<cfhttp method="get" result="tinyURL" url="http://tinyurl.com/api-create.php?url=http://www.yourlongurl.com">

All this does is call the TinyURL post URL and pass in the URL you would like shortened. The post simply returns the text that contains the shortened URL. Now that was to easy! It is a good idea to check the status code of the HTTP call. If a status of 200 is returned, then all is well. If not you can handle the error any way you would like.

According to this article from CNET, Adobe will announce today that the next version of the Flash platform will allow it to be used on internet connected TV’s and other set top boxes. This includes Blu-ray players. Using Flash on these devices will allow users to see high-definition video, interactive applications and new user interfaces. Adobe has already signed up some major companies to adopt the technology, including Netflix, Intel, Disney and the New York times.

This announcement is great news for the Flash community, as they can develop applications for an ever bigger audience going forward.

I’ve been using jQuery quite a lot lately in my ColdFusion apps. I’ve been working on a .NET site and yesterday I needed to throw a little jQuery into that site. I quickly found that ASP.NET poses one issue when using jQuery or simple Javascript in the situations where you are performing an operation on a named element. This relates specifically to using the ASP.NET controls, or any HTML control that has a runatserver command. As soon as you set runatserver=”true” on a control or HTML element, ASP.NET will rename that element when the page is loaded. For example, if I have a div element with an id attribute of “displayInfo”, ASP.NET will convert the ID into something like: ctl00_MainContent_displayInfo. As you can imagine this makes it difficult to use in some situations. But there is a very quick solution.

Microsoft has provided a simple ClientID variable that you can call that returns the correct ID of the control or HTML element. You just append .ClientID to the ID of your element. So in our example of above we would use displayInfo.ClientID anytime we needed to reference the displayInfo div in our jQuery or Javascript code.

Below is an example of using this with a little jQuery:

 Javascript | 
 copy code |
?
 
01
<script type="text/javascript">
02
        jQuery(document).ready(function($) {
03
            init();
04
        })
05
 
06
        function init() {
07
            $("#<%= news_item_type.ClientID %>").change(function() { slideForm($("#<%= news_item_type.ClientID %>").val()) });
08
        }
09
 
10
        function slideForm(formVal) {
11
            if (formVal == 'Detail') {
12
                $('#<%= detailDisplay.ClientID %>').slideDown();
13
                $('#<%= urlDisplay.ClientID %>').slideUp();
14
                $('#<%= fileDisplay.ClientID %>').slideUp();
15
            } else if (formVal == 'URL') {
16
                $('#<%= detailDisplay.ClientID %>').slideUp();
17
                $('#<%= urlDisplay.ClientID %>').slideDown();
18
                $('#<%= fileDisplay.ClientID %>').slideUp();
19
            } else if (formVal == 'File') {
20
                $('#<%= detailDisplay.ClientID %>').slideUp();
21
                $('#<%= urlDisplay.ClientID %>').slideUp();
22
                $('#<%= fileDisplay.ClientID %>').slideDown();
23
            }
24
        }
25
    </script>

Wow, this looks way too cool….

With the recent issues Twitter has faced in recent days, I thought it would be important to show how you can prevent XSS attacks in ColdFusion. For a detailed explanation of what XSS is you can read a good summary here. So how can you protect against this type of attack?

ColdFusion has some built in functionality to make this really easy. These are the steps I would recommend you take to help prevent XSS attacks:

1. You can enable Global Script Protection in your application. You can accomplish this by using the scriptProtect attribute in your application.cfc. You can set this to automatically add some protection to your form, URL, CGI and cookie variables. You can also pass in a column delimited list of the scopes you wish to add the default protection to.
2. You can also globally enable script protection at the server level via the ColdFusion Administrator. Under settings is a checkbox to Enable Global Script Protection. This will default every application on the server to use script protection by default.
3. Use HTMLEditFormat around ANY variables that contain user submitted input. This function will convert any submitted HTML tags into their HTML character entity. This can help to stop malicious Javascript code for example from being served to the browser.
4. The sure fire way to prevent this type of attack is to simply search and replace any maliciuous data. In other words, replace script tags, etc… with nothing.
5. Validate user submitted input on the server side. If you are expecting a numeric value in a field, make sure it’s numeric. Also validate maximum lengths. If you have a state field that is only 2 characters in length, validate it to make sure it’s no bigger.

As you can see ColdFusion provides many features and functions to aid you in preventing an XSS attack on your site. It’s up to you to put these practices in place!