Dougal Campbell's geek ramblings

WordPress, web development, and world domination.

Author Archives

About Dougal Campbell

Dougal is a web developer, and a “Developer Emeritus” for the WordPress platform. When he’s not coding PHP, Perl, CSS, JavaScript, or whatnot, he spends time with his wife, three children, a dog, and a cat in their Atlanta area home.

Good Breakdown of Recent WordPress Vulnerability

The Sucuri Blog has a good dissection of the recent critical WordPress REST API vulnerability. I won’t rehash the details here, but I did want to point out that this is why developers should remember to follow these two rules of defensive programming:

  1. Sanitize inputs as early as possible
  2. Sanitize outputs as late as possible

In this case, there was a failure to follow the first rule. There are a couple of different places where this could have been handled better.

Continue reading

wkhtmltopdf

wkhtmltopdf and wkhtmltoimage are open source (LGPLv3) command line tools to render HTML into PDF and various image formats using the Qt WebKit rendering engine. These run entirely “headless” and do not require a display or display service.

wkhtmltopdf

Jason Client

“Jason is a scriptable iOS client that lets you view and interact with any data and any server, in any way you desire.” Basically, you feed it a JSON config file which describes a UI and data sources. The client then consumes those sources and displays them according to your UI definition. And you get access to device-native APIs, too.

Jason Client