Articles

Tutorials, notes-to-self and other rants

Web Development

Registering custom URLs with custom templates in WordPress (without using page templates)

It’s fairly common to find yourself on a situation where you want to use a specific URL to show a custom content (perhaps something an archive page with two different custom post types), and think: “well, that’s easy. I’ll just create a page to register the URL and a custom page template where I’ll query…

Read post :Registering custom URLs with custom templates in WordPress (without using page templates)

Desarrollo Web

Mitigating CVE-2018-6389 WordPress DoS attack with lighttpd

Early in 2018, Barak Tawily published a possible DoS attack for WordPress, that basically works by requesting all possible scripts on the /wp-admin/load-scripts.php, a script that fetches and concatenates javascript files — there’s also a load-styles.php file that does the same for styles. His vulnerability report was rejected by the WordPress team, on the account…

Read post :Mitigating CVE-2018-6389 WordPress DoS attack with lighttpd

Web Development

Filtering active menu element class on WordPress

When using a navigation menu on WordPress, you’ve probably seen the various HTML classes that are added on active elements, such as current-menu-item, current-menu-parent, current-menu-ancestor… While that kind of classes are fine if you must fully reflect the navigation hierarchy on the menu element, there are some times that you just need a more simple…

Read post :Filtering active menu element class on WordPress

Web Development

Let’s talk about usernames

Usernames are a much, much harder problem than what you might think at first glance… even if you can get away with a really simple and naive implementation on a prototype, a large, global and secure service must consider lots of not-so-obvious details and possible attack vectors. Let’s talk about usernames deals with the problem…

Read post :Let’s talk about usernames

Culture

In Praise of Theory in Design Research: How Levi-Strauss Redefined Workflow

It is now well known that people use technology in unexpected ways (at least, in ways that software engineering and product teams had not intended) […] Our original charge was to find ways to improve and optimize users’ browser workflows following software and design-oriented assumptions. Instead, we saw that users were doing just fine with…

Read post :In Praise of Theory in Design Research: How Levi-Strauss Redefined Workflow