Simon Willison's Weblog: ed-eliothttp://simonwillison.net/2008-09-03T00:14:00+00:00Simon WillisonDjango: Security fix released2008-09-03T00:14:00+00:002008-09-03T00:14:00+00:00https://simonwillison.net/2008/Sep/3/django/#atom-tag
<p><strong><a href="http://www.djangoproject.com/weblog/2008/sep/02/security/">Django: Security fix released</a></strong></p>
The Django admin used to save partially-submitted forms if your session expired, and continue the submission when you logged in. It turns out that’s actually an unblockable CSRF exploit and is hence broken as designed, so it’s now been removed. Thanks Ed Eliot and other GCap colleagues for helping me flesh out the potential attack.
<p>Tags: <a href="https://simonwillison.net/tags/csrf">csrf</a>, <a href="https://simonwillison.net/tags/django">django</a>, <a href="https://simonwillison.net/tags/django-admin">django-admin</a>, <a href="https://simonwillison.net/tags/ed-eliot">ed-eliot</a>, <a href="https://simonwillison.net/tags/exploit">exploit</a>, <a href="https://simonwillison.net/tags/gcap">gcap</a>, <a href="https://simonwillison.net/tags/security">security</a></p>
CSS Sprite Generator2007-09-27T22:59:01+00:002007-09-27T22:59:01+00:00https://simonwillison.net/2007/Sep/27/sprite/#atom-tag
<p><strong><a href="http://spritegen.website-performance.org/">CSS Sprite Generator</a></strong></p>
Upload a zip file of images and get back a CSS sprite plus a set of pre-calculated background image rules. Tool built by Ed Eliot and Stuart Colville for their forthcoming book “High Performance Web Site Techniques”.
<p><small></small>Via <a href="http://www.ejeliot.com/blog/112">Ed Eliot</a></small></p>
<p>Tags: <a href="https://simonwillison.net/tags/css">css</a>, <a href="https://simonwillison.net/tags/csssprites">csssprites</a>, <a href="https://simonwillison.net/tags/ed-eliot">ed-eliot</a>, <a href="https://simonwillison.net/tags/performance">performance</a>, <a href="https://simonwillison.net/tags/spritegenerator">spritegenerator</a>, <a href="https://simonwillison.net/tags/stuart-colville">stuart-colville</a></p>
Tips for Writing Nicer Site Badges2007-02-14T23:26:14+00:002007-02-14T23:26:14+00:00https://simonwillison.net/2007/Feb/14/badges/#atom-tag
<p><strong><a href="http://www.ejeliot.com/blog/80">Tips for Writing Nicer Site Badges</a></strong></p>
Ed Eliot’s putting together a much needed set of best practices for badges and widgets.
<p>Tags: <a href="https://simonwillison.net/tags/badges">badges</a>, <a href="https://simonwillison.net/tags/ed-eliot">ed-eliot</a></p>