Last year I wrote a popular post titled AJAX For Evil: Spyjax when I described a technique called “Spyjax”:

Spyjax, as I know it, is taking information from the user’s computer for your own use — specifically their browsing habits. By using CSS and JavaScript, I can inject anchor links into the page and tell whether you’ve been to the link’s URL. How? Quite easy actually.

I’ve taken the time to demonstrate this technique using jQuery.

I develop customer websites on a publicly accessible web server so that my customers may check the progress of their website at any given time. I could use .htaccess to require username and password for the site but then I’m constantly needing to remind customers what their password is. My big concern is preventing search engines from finding their way to my development server. Luckily I can add a robots.txt file to my development server websites that will prevent search engines from indexing them.

I recently developed a complex system for a customer that involved PHP, cURL, and a SSL connection to a third party vendor. The third party vendor would validate the security certificate of the source (the system I created) and either allow or reject access. My code looked like this:

$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,'https://thirdparty.com/token.php'); //not the actual site
curl_setopt($ch,CURLOPT_TIMEOUT,60);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch,CURLOPT_POSTFIELDS,'customer_id='.$cid.'&password='.$pass);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,true); 
curl_setopt($ch,CURLOPT_CAINFO,'ca-bundle.crt'); /* problem here! */
$result = curl_exec($ch);
if(empty($result)) { /* error: nothing returned */ } else { /* success! */ }
curl_close($ch);

Unfortunately I was persistently receiving the following error message:

If you develop eCommerce websites or create applications that request sensitive user information, you’re probably well aware of the advantages of using SSL certificates. For those that haven’t, SSL certificates:

• Encrypt data between the user’s browser and the web server.
• Provide peace of mind to users giving their information.
• Are required by credit card companies for vendors accepting credit card payment (even for vendors that have a website WITHOUT eCommerce.

Purchasing a SSL certificate can be quite an investment. Many vendors charge up to $400 per certificate. That’s right: $400! Peace of mind and security are important but that doesn’t mean that SSL certificates should put a dent in your budget. Enter a great SSL certificate vendor called SSLmatic.

We all know how spammers write scripts to slurp pages and collect as many emails as they possibly can, right? Well, I’ve created a really easy way to avoid this problem using MooTools JavaScript. Let me show you the process.

The XHTML

	<a href="/david|davidwalsh.name" class="email" title="Email me.">David Walsh</a>

We create a link with the CSS class “email”. The email address is inside the href attribute, but the “@” is replaced with “|”. Worthless to a spammer’s slurp script. The href’s beginning “/” is an IE workaround.