September 09, 2013 - JZ

Captain's Log: 2013.09.09

  • I went solo tonight since Vyki had to take the night off
  • Sick with fever/cold! But must keep going...
  • Captain Kurt gave me some pair programming interview tips
  • Finally merged caching-support-for-preview into master, 3 weeks after opening the PR
  • Created sanitize-url-for-preview branch
    • We need to make sure oneboxes don't allow cross-site scripting, aka XSS
    • Added tests to Engine spec
      • Returns onebox wrapper
      • Doesn't allow XSS injection
    • Added tests to Onebox spec
      • No triple braces in Handlebars templates - this escapes values
      • No Javascript - <script tags or attributes like onclick, onload, etc.
    • Fixed Wikipedia onebox template to not use triple braces
    • Ready for Vyki to merge
  • We're now ready for 1.0.0 release! Now to do it together...
 

newer:

« RELEASE THE KRAKEN

older:

Captain's Log: 2013.09.05 »
 

comments powered by Disqus

Vyki Englert

Vyki Englert

@toastergrrl

Joanna Zeta

Joanna Zeta (aka JZ)

@jzeta

https://github.com/dysania

home / archive / about / rss

dysania.la@gmail.com

powered by jekyll