"There is much that is attractive about HTML5," says Douglas Crockford, known
Notation), the widely used lightweight data-interchange format.
"But ultimately," Crockford continues, "the thing that made the browser into
workaround tool." The problem is that there is what he calls "a painful gap"
result? XSS and other maladies. The responsible course of action, Crockford
contends, is to correct that defect first before pushing ahead with HTML5.
In an email exchange with Jeremy Geelan, here is what Crockford (pictured
above) says, in his own words...
"The most serious defect in web browsers is the incorrectly named Cross Site
Scripting (XSS) vulnerability. XS... (more)
Douglas Crockford's Blog
I was invited to speak at XML 2007 last month. I was given the topic "Does
XML have a future on the web?" My answer was "yes." As evidence, I offered
that there are still people selling Cobol compilers. Once this stuff gets
into the enterprise, it can take generations to get rid of it.
A more interesting question is "Is XML on the web trending up or trending
down?" Clearly, it is trending down. For data transfer applications, XML is
losing ground to JSON because JSON is simply a better data transfer format.
And XHTML has failed to displace HTML in the mark... (more)
JSON is a universal data format. It provides an uncommonly effective bridge
for moving data between systems and between languages. It is rendering the X
in AJAX superfluous. JSON is also really simple. This talk will spend several
seconds to fully explain the entire JSON language. There will also be a first
look at a new JSON solution to the Cross Domain Problem.
Douglas Crockford's Blog
DRM is sometimes called an enabling technology, in that it is supposed to
enable new business models. But it is really a disabling technology. As DRM
fails, there have been suggestions that the name be changed to something that
includes the word enabling; give it a better image; something more right than
DRM isn't just a disabling technology, it is also a disabling contractual
framework. To sell a DVD device, you must make a deal with the DVD Copy
Control Association in order to use the CSS copy protection system that was
broken nine years ago.
Yahoo! User Interface Blog
Cooperating applications, such as mashups, must be able to exchange objects
with robust interfaces. An object must be able to encapsulate its state such
that the state can be modified only as permitted by its own methods.
include any means to harden them, so an attacker can easily access the fields
directly and replace the methods with his own.
can perfectly guard their state by using a variation of the Modul... (more)