Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [wp-hackers] WordPress 2 and Client Side Scripting

  • To: wp-hackers@xxxxxxxxxxxxxxxxxxxx
  • Subject: Re: [wp-hackers] WordPress 2 and Client Side Scripting
  • From: Roy Schestowitz <r@xxxxxxxxxxxxxxx>
  • Date: Mon, 28 Nov 2005 12:11:00 +0000
  • Delivery-date: Mon, 28 Nov 2005 12:11:04 +0000
  • Envelope-to: s@schestowitz.com
  • In-reply-to: <00fb01c5f384$5c91aa50$57ebd4cb@unicorn>
  • References: <BAY109-DAV14220216EB1F9961C9AB7190570@phx.gbl> <ca7320070511251335m3bb8ea4egcff61b887ed2dc5a@mail.gmail.com> <00fb01c5f384$5c91aa50$57ebd4cb@unicorn>
  • User-agent: Internet Messaging Program (IMP) H3 (4.0.3)
_____/ On Sun 27 Nov 2005 18:57:02 GMT, [Amit Gupta] wrote : \_____

Theodor Ramisch <theodor_ramisch@xxxxxxxxxxx> wrote:
|  Unfortunately I had to see that you are using custom
|  classes to do such "common" effects. That makes
|  plugin development harder if you have to deal
|  with them on plugin options pages for example.
|
|  Why not rely on well known, stable libraries
|  like script.aculo.us and prototype? There are
|  a lot of developers who already worked with
|  them and adapted to functions like "$" which
|  replaces the document.getElementById.

I'd say that learning to use the libraries that WordPress is using
won't be that hard. I mean you learnt to use the plugin API as
well, no? its not similar to other blogging systems if I'm not
wrong, so why the fuss over the client-side API? its not mandatory
afterall, you can take it as an expansion to the plugin API if you
want & learn it if you want to make use of it in your blog, else you
can just leave it.


Aaron Brazell <aaron@xxxxxxxxxxxxxxxx> wrote:
|  While I don't know the answer to this, I might point out that
WordPress
|  opted NOT to use the "common" XML-RPC libraries and by doing so,
|  avoided having thousands of blogs vulnerable to an exploit a few
|  weeks ago.  Mob tendencies, while often nice for developers, aren't
|  always a good thing.

yeah well, you can say that!! :) every coin has two sides. ;) using a
commonly
used library has its pros as well as cons!! its just a matter of
weighing the
pros & cons to determine the correct library!! :)


Exactly. Let's not forget that less commonly-used libraries, e.g. homebred
implementations, even with flawed security, are less unlikely to have their
vulnerabilities exploited.

There are exceptions nonetheless. There used to be many 'in-the-wild' viruses
for RISCOS despite it being a scarce minority. The platform suffered despite
claims such as the ROM-based O/S making immune to trojans. Then again, we see
cases where Sony's rootkit is maliciously 're-used' by malice. Obscurity is
valuable in the context of security.

Roy

--
Roy S. Schestowitz
http://Schestowitz.com

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index