Month: February 2011

The whitespace of death

February 21, 2011
PHP, PHP related, WTF

As the first entry to the list of my PHP-related WTFs, I present:

**The whitespace of death**

This one has taken me almost a **full hour** to sort out. There may be some good features to PHP, yet this one I don’t think is even one. It should be considered a bug. As my experience has grown in [reporting bugs myself][php-bug1] or trying to [report a bug][php-bug2], I reconsidered and chose not to report it as a “bug”.

[php-bug1]: https://bugs.php.net/bug.php?id=48458
[php-bug2]: https://bugs.php.net/bug.php?id=51112

(more…)

yasco released

February 18, 2011
Projects, yasco

My first release of a project is yasco. yasco (yet another source code obfuscator) is a medium-weight Javascript source code obfuscator written in Perl.

yasco has been made available on [Google Code][1]. Details on the project’s page.

[1]: http://code.google.com/

Why HTTP_HOST is evil

February 17, 2011
PHP Security

When browsing [Stackoverflow][so] I often notice users [asking questions][so-q] somehow involving the use of `HTTP_HOST`. I nonchalantly hint on its vulnerable nature and fail to produce a hint on an article explaining why. Which is why I decided to take matters into my own hands.

[so]: http://stackoverflow.com/
[so-q]: http://stackoverflow.com/questions/4652464/how-to-chain-on-mod-rewrite

(more…)

perfect-co.de - Theme by Grace Themes