A better bookmark manager than the world’s best bookmark manager

About a year ago I wrote about the "the world’s best bookmark manager.". Well, forget that. I was wrong! I’ve since switched to using Bookmark Ninja. I’ve learned my lesson and won’t go off the deep end this time, but Bookmark Ninja is a really good?1 bookmark manager. It has a superb search facility and easy tagging to group bookmarks (its bookmark listview is shown below in Figure 1).

Figure 1. Bookmark Ninja bookmark list.

A minor downside is that Bookmark Ninja isn’t a browser add-in or extension, but rather it’s simply a bookmarklet. In some ways, a bookmarklet is better than a browser extension (works on any browser and is crazy easy to install by dragging its bookmarklet to your browsers bookmark toolbar). A downside to it being a bookmarklet is that there are some sites configured with very strict content security policies and Bookmark Ninja doesn’t work on those. The only site where this consistently frustrates me is GitHub so for saving links there I use Bookmark Ninja’s Web panel to add them.

Bookmarklet’s are, by definition, supposed to be exempt from strict content policies, but, apparently, browsers just don’t handle bookmarklets correctly in this case. Maybe one day they’ll get that figured out.

Bookmark Ninja isn’t free, but it only costs $24 US per year. Its search engine makes that very worthwhile for me. I haven’t had to reach out to its tech support, but its creator stays in touch with regular emails with tips and techniques. Bookmark Ninja’s import feature pulled in all of my existing bookmarks very easily. Since writing the other bookmark manager article, several of you have asked, “why don’t you just use the bookmark feature in your browser?” There are two reasons why browsers’ built-in bookmark features aren’t enough for me:

OWASP foundation

Effective security measures are paramount when creating Web-hosted applications. One of the best places to learn a lot about pretty much any security topic is Open Web Application Security Project (OWASP) foundation. Don’t be confused by the “Open” in the foundation’s title. It might be taken to mean security measures for open source software; that isn’t what it means here. The OWASP site is a wiki (using the same wiki engine as WikiPedia) and the “Open” here refers to OWASP’s crowd-sourced, but curated, nature. One of the interesting things about the articles at OWASP is that they don’t just tell you what to do, but also what not to do–and why. See its section on cross site request forgery to see an example of this. The OWASP wiki is full of links and resources. If you’re a Web developer, give OWASP some of your time on a regular basis. I think it’s likely that some of the many AVR for .NET Websites created (especially those with some serious years under their belt) have security weaknesses that OWASP would help to resolve. A good place to start with OWASP is with the index to its Cheat Sheet Series Project. This index provides a great entry point into the basics on many important security topics.

Web input formatting with cleave.js

Formatting HTML input in real-time (as the user types) is very challenging to get right. A little library called cleave.js gets it quite right. It is multi-culture away, comes with lots of default inputs, allows custom input masks, and is small (< 8kb compressed). cleave.js is all plain-vanilla JavaScript so no other dependencies (such as JavaScript) are needed. It’s home page has several examples and you can see cleave.js in action here. cleave.js is open-source and available on GitHub (where it has nearly 15,000 stars. Its example for credit card number formatting is shown below in Figure 2:
Figure 2. Cleave.js’s credit card number formatting.