Stuff I did in March...
...before spending time doing silly things like earning money and before the development server went down.
- The autorefreshing chatbox (chatterlight(er)) only automatically refreshes private messages and chat, rather than refreshing the entire nodelet, so there is no longer any chance at all of the text you are writing being stomped on, as occasionally happened previously. Conversely, they continue to be updated even if you have text in the message box.
- Ajaxed action links and controls continued to spread.
- Some security holes in the Ajax Update setup on the server have been closed. Instead of going through the Ajax Update superdoc, requests for AJAX update using htmlcodes are dealt with by an htmlpage: the AJAX call asks for a node by id with displaytype ajaxupdate. The usual restrictions on access to nodes are thus enforced, and the htmlpage carries out further security checks on the htmlcode requested and the arguments to be passed to it.
- Because of this, a node id is always sent along with an AJAX request. If no node id is given in the ajax trigger element's class attribute, the id of the current NODE is used. I can't see any reason ever to specify a different node id but there is a bug I haven't yet tracked down in the regular expression used to interpret the AJAX instructions that sometimes messes things up if no node id is given.
- If a maxlength attribute is specified on a text input element that is specified as expandable, the length limit is enforced on the textarea that replaces it.
- Expandable input boxes work properly with Opera as well as less Norwegian browsers.