11 Matching Annotations
  1. Sep 2023
  2. Aug 2022
    1. If you're using JavaScript for writing to a HTML Attribute, look at the .setAttribute and [attribute] methods which will automatically HTML Attribute Encode. Those are Safe Sinks as long as the attribute name is hardcoded and innocuous, like id or class.
  3. Oct 2021
  4. Jun 2021
    1. Yeah, "virtual attribute" seems like dated terminology to me, so conceptually just a method.
    2. I see a 'virtual attribute' as something we're forced to implement when using frameworks, ORMs and the like. Something that lets us inject our code into the path of whatever metaprogramming has been put in place for us. In a simple PORO like this, I don't see how it has meaning; it's just a method. :)

      Hmm, good point. Maybe so. Though I think I'm fine with calling it a virtual property here too. :shrug:

    3. has_sauce is a "virtual attribute", a characteristic of the model that's dependent on the underlying toppings attribute.
  5. Oct 2020
  6. Aug 2018
    1. There is also a need for mechanisms to support transformations and processesover time, both for scientific data and scientific ideas. These mechanisms should not only help the user visualize but also express time and change.

      This is still true today. Is the problem truly a technical one or an opportunity to re-imagine the human process of representing time as an attribute and time as a function of evolving data?

    2. Temporal Data and Data Temporality: Time is change, not only ord


  7. May 2018
    1. Traditional approaches to information processing present ‘‘information’’as given, well-defined and stable.

      This assumption about information attributes runs completely counter to humanitarian crisis data, broadly spreaking, and SBTF data collection/analysis, in general. In fact, this couldn't further from the truth.