Subscribe to this list via RSS Blog posts tagged in Web
How to best load an image from a URL using TWebBrowser when targeting multiple devices I recently got a question from a customer on how to restrict the image size to the actual device screen dimensions when using TWebBrowser, so I thought I would create a blog post about it. Often times, images that are loaded from the web using an URL may be bigger than the form factor the app is being run on, causing the user to have to scroll to see the entire image. Below is a code snippet that shows you how to restrict the web image to fit perfectly to the form factor the app is being run on. Read on to find the full snippet code! Start a free trial of RAD Studio!
Мир учится: новая книга по HTML5 Builder Пока у нас в стране идут ожесточенные споры о качестве того или иного продукта в стиле "религиозных войн", большинство практиков в динамично развивающемся мире ИТ-технологий старается освоить и применить наиболее подходящие для них способы создания программного обеспечения, как для продажи, так и для "домашнего применения". В том числе, сразу же после появления на рынке, HTML5 Builder также вызвал большой интерес, но сказывался недостаток практических руководств и учебников. Недавно книга "App...
Записи прошедших вебинаров по DB Tools (февраль-март) Мои коллеги и хорошие друзья все время жалуются на своего сисадмина, который заблокировал доступ с работы ко всем вебинарам, причем не только нашей компании, но и других "крупняков" типа Oracle. Несмотря на то, что мы используем платформу проведения вебинаров, которая позволяет участие в них не только с ПК, но и с мобильных устройств, я знаю достоверно, что упомянутая проблема есть не только у моих друзей, но и многих других заинтересованных разработчиков и администраторов БД. Участие в onlin...

Posted by on in Blogs
YAML and Remote Code Execution YAML's security risks are in no way limited to Rails or Ruby. YAML documents should be treated as executable code and firewalled accordingly. Deserializing arbitrary types is user-controlled, arbitrary code execution. It's Not Just Ruby A few weeks ago, I had a need to parse Jasmine's jasmine.yml in some C# code. I spent some time looking at existing YAML parsers for .NET and ended up deciding that spending a couple of hours writing a lightweight, purpose-specific parser for jasmine.yml made m...
Faking a placeholder Attribute for an Editable div, and Some CSS Tricks HTML input elements have a placeholder attribute which you can use to show a bit of text to prompt the end user. Although you can make an editable div by using the contenteditable attribute, it will not support the placeholder attribute. I needed to do both, so I ended up reinventing the placeholder attribute for editable divs. Here's how I did it. I wanted the "placeholder" in the editable div to behave as much as possible like a "real" placeholder in an input element. So I started by making...
Faking a placeholder Attribute for an Editable div, and Some CSS Tricks HTML input elements have a placeholder attribute which you can use to show a bit of text to prompt the end user. Although you can make an editable div by using the contenteditable attribute, it will not support the placeholder attribute. I needed to do both, so I ended up reinventing the placeholder attribute for editable divs. Here's how I did it. I wanted the "placeholder" in the editable div to behave as much as possible like a "real" placeholder in an input element. So I started by making...

Posted by on in Blogs
Would You Buy a Used Framework from This Tool? I think the Web Platform Installer is a great tool, but I have to question the wisdom of its home page: If you click on these, you see... nothing. A description would be nice. ("Application Request Routing? What's that? EC-CUBE?") But that's not really the problem. The bigger problem is this: A "spotlighted installers" feature probably sounded great on the drawing board, but this tool is intended for public-facing web servers. It isn't the App Store; public-facing web frameworks should...

Posted by on in Blogs
Would You Buy a Used Framework from This Tool? I think the Web Platform Installer is a great tool, but I have to question the wisdom of its home page: If you click on these, you see... nothing. A description would be nice. ("Application Request Routing? What's that? EC-CUBE?") But that's not really the problem. The bigger problem is this: A "spotlighted installers" feature probably sounded great on the drawing board, but this tool is intended for public-facing web servers. It isn't the App Store; public-facing web frameworks should...
An Excuse Not to Roll Your Own Authentication Scheme The Rails 3.1 Release Candidate announcement contained news of many new and useful features, plus these regretful words: has_secure_password: Dead-simple BCrypt-based passwords. Now there’s no excuse not to roll your own authentication scheme. I will briefly provide an excuse. "Simple BCrypt-based passwords" is a reasonable feature, but shouldn't be mistaken for end-to-end authentication, or even a substantial subset of that problem. Web site authentication in the real world is a far harder...
An Excuse Not to Roll Your Own Authentication Scheme The Rails 3.1 Release Candidate announcement contained news of many new and useful features, plus these regretful words: has_secure_password: Dead-simple BCrypt-based passwords. Now there’s no excuse not to roll your own authentication scheme. I will briefly provide an excuse. "Simple BCrypt-based passwords" is a reasonable feature, but shouldn't be mistaken for end-to-end authentication, or even a substantial subset of that problem. Web site authentication in the real world is a far harder...

Check out more tips and tricks in this development video: