Very fast whois function.

Redotted from Mike

This is the master directory of all Google API's; not all of these are displayed on code.google.com - so if you want to find something in particular, go here.

Redotting from Mike Koss (good find)

Good reference to a paper on cross-site scripting vulnerabilites is AJAX code.

http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf

The attack using a hook to capture any event that sets a know property:

function Object()
{
this.email setter = captureObject;
}

Note the flame-war between antibozo and kentaromiura in the comments. It actually resolves itself quite amicably in the end.

Quoted: An application can be mashup-friendly or it can be secure, but it cannot be both.
...
Solutions:
o Include a hard-to-guess identifier, such as the session identifier, as part of each request
that will return JavaScript. This defeats cross-site request forgery attacks by allowing the
server to validate the origin of the request.
o Include characters in the response that prevent it from being successfully handed off to a
JavaScript interpreter without modification. This prevents an attacker from using a
<script> tag to witness the execution of the JavaScript.

Vulnerable frameworks include: Prototype, Script.aculo.us, Dojo, Moo.fx, jQuery, Yahoo! UI, and MochiKit.

Quoted: How to paginate, sort and search a table with Ajax and Rails

Quoted: mHub is a constantly updated list of web applications, services, resources, blogs or sites with a focus on next generation web (web 2.0), blogging, Ajax, Ruby, Rails and open source developments ...

Quoted: If you're like me, then your excitement is on a downward spiral as it pertains to the Lightbox technique. I'm not totally sick of the ongoing variations, but almost.

Quoted: Prototype is a JavaScript framework that aims to ease development of dynamic web applications. Featuring a unique, easy-to-use toolkit for class-driven development and the nicest Ajax library around, Prototype is quickly becoming the codebase of choice for web application developers everywhere.

Haven't looked at these yet. The ToDo list one is apparently out of date.

Quoted: A former student asked me a few days ago how I learned Ruby on Rails. The answer was that I simply read alot of great tutorials. So in the spirit of sharing, here are the 12 tutorials that I found most useful

Redotting from Mike

Rich client (AJAX) support for .Net applications.

Quoted: ASP.NET AJAX is a free framework for quickly creating a new generation of more efficient, more interactive and highly-personalized Web experiences that work across all the most ...