r2 - 06 Feb 2007 - 15:04:03 - TravisVachonYou are here: OSAF > Journal Web > BobbyRulloNotes > LaundryList
- The "Collection of currently loaded collections" needs to have a name, a class with methods, etc.
- Same goes for "The collection which has a collection and a subscription and a transport info"
- The way that topics are being used for saving events is confusing. A lot of it can be replaced by simple method dispatching
- Complete transition to Dojo-based package management. Move all code to appropriate and sensible homes within the code
- Formalization of Javascript data structures in model.js
- Move to static css. Get rid of dynamic styling as much as possible.
- Make page resizing craziness work correctly
- Only resize calendar on page resize
- Work with PPD on edge cases (very small, very big)
- Move all pages (pim, admin, etc) to unified page layout (right now, we have separate logic for creating the admin page nav bar and the pim nav bar).
- Shore up CMP security situation:
- Don't store password in a cookie (duh). Instead, store something that will allow us to get the password given either a) a time-based nonce from the server side or b) some details about the user's current execution environment that XSS attackers could not grab
- Only store password in cookie between page loads using window.onunload. This should guard against XSS attacks.
- Shore up security on server side? Right now, once we figure out the password on the client side, we send the password in plain text (cause it's Basic auth). Could we avoid this?
- Cool error messages a-la-Enso
Log In
Except where otherwise noted, this site and its content are licensed by OSAF under an Creative Commons License, Attribution Only 3.0.
See list of page contributors for attributions.
See list of page contributors for attributions.