Day 15, BART strike and XSS

Exhausting day, mostly due to the **** BART strike. It forced me to spend ~4 hours to commute today.

Waked up at 3am, checked the news, #@#$, BART strike is ON…. Waked up again at 6am. Zak picked me up and we went to take the ferry to SF. Waited in line for half an hour, then on ferry for half an hour, then walked for half an hour to the class room. We kept saying that today was so surreal and I just couldn’t believe that this strike thing is actually happening….

The ferry trips were long, but turned out to be pretty cool. We watched sunrise in the morning and sunset on our way back. It was quite a scenic ride and I would totally do it a couple more times when my friends are visiting SF.

Back to work…. We used Parse as the backend to build a chat client. It was very similar to our pre-course work, just more advanced. My pair Savannah was young and a quick learner. Everything went quite well and we made solid progress before I had to leave to catch the 8:15pm ferry.

Lessons:

– Planning out the overall structure of the program is crucial. It allows much faster refactor latter on. For examples, we knew we need to have multiple chat rooms in the end, so we put everything under a room object at the very beginning.

– XSS attacks. Our chat client needs to display user generated chat messages, hence is vulnerable to XSS. In the first half hour, our client was hijacked and redirected to a pic where Jake smiled at you. It was both fun and frustrating. The fix was easy, we just need to do _.escape() or $.text(). A good lessons though.

– Parse is picky about the data you submitted along $.ajax. The data has to be an object with key-value pairs AND JSON.stringified. Wasted half a hour to trying to figure out why…

Advertisements
Standard