escapegoat.org

The latest round of development (a.k.a “weekend”) was focused mostly on providing good HTML editing features. This is somewhat trickier than it seems, because it can potentially open up a load of security holes. The site now uses the tiny mce editor, and some special Rails plugins ( white_list and sanitize_params ) to make it safe.

If you know what an XSS attack is, please take a crack at attacking the site and hassle us in #hyperactive on irc.indymedia.org (or just leave a comment on the site) if any of your attacks make it through the filters. I’ve already tried all of the attacks on the XSS Cheat Sheet and none of them succeeded.

We’ve been hard at work on the Hyperactive codebase for the last few months, it’s probably time to post an update here. This release was code-named “Planet Male Madness” in tribute to one of the greats in the Indymedia movement.

Recent development effort has been spent mostly on video. If you take a look at a video page on the development site you’ll notice that there are lots of new features available.

Second in our “friendly web programming” series, this installment starts with a pop-quiz for new programmers. If you’re trying to learn programming for the first time, you’ve got a whole lot of unfamiliar stuff to think about, and most of the time you don’t understand at least half of what’s going on. In such a situation, which of the following two options would you like to be presented with when you are trying to learn web programming?

It’s not tough to set up a video-encoding facility in Rails. Here’s a quick run-through with some code examples.

Video encoding is a long-running process and you don’t want to have to wait for the video encode to finish before the web-request can complete. One strategy to avoid having extremely long web-requests is to have Rails hand off the encoding job to BackgroundRb, a job-scheduling server which does long-running work in a separate thread. The same thing could be accomplished in most other web-languages by spawning a new thread and doing the work, but BackgroundRb gives us a bit of extra love: if multiple users upload a whole bunch of videos at the same time, BackgroundRb will queue them up and work on them in sequence so the CPU doesn’t go through the roof.

Here are some installation instructions for installing a Ruby development environment on a Debian or Ubuntu computer. It’s targeted at people who have never tried programming before or installed a computer language, but who are ok with firing up a terminal and installing stuff. While there are lots of programming tutorials on the web, there aren’t very many available for people who don’t know what the hell they’re doing but want to try web programming.