Annyang — Control your site using voice commands

<script type="text/javascript" src="annyang.min.js"></script> <script type="text/javascript"> if (annyang) { // Let’s define our first command. First the text we expect, and then the function it should call var commands = { ‘show tps report’: function() { $(‘#tpsreport’).animate({bottom: ‘-100px’}); } }; // Initialize annyang with our commands annyang.init(commands); // Start listening. You can call this here, or …

WordPress < 3.6.1 PHP Object Injection

WordPress 3.6.1 contains a PHP Object Injection Vulnerability Fix, detected by one of my former students. He also made an extensive writeup about it: Let’s recap: maybe_serialized(‘i:1;<funkycharacterhere>’) is inserted to the database. As WordPress does not see this as a serialized string (because it doesn’t end in ; or }), this will result in i:1;. …

Live filter using CSS selectors

Using data- attributes for indexation, and a dynamic stylesheet with a CSS3 selector for search, it is straightforward to implement a client-side full-text search in CSS rather than JavaScript. Clever use of data-* attributes. A shame though the title of the original post, namely Client-side full-text search in CSS, is poorly chosen though, as it’s …

WebMention – A modern alternative to Pingback

A webmention is a type of linkback that can be requested by Web authors to keep track of activity relating to a page or document on their website somewhere else on on the web. It is similar to pingbacks but was designed to be simpler than the xmlrpc protocol that pingback relies upon, by instead …