SeachessIssue 2022-W27
Published on
Subscribe to new issues of the bulletin via the RSS feed or via email.
This week has been about abusing PDF XML Forms, a new JavaScript runtime in Zig, a paper on organising digital files, a Deno full stack web framework, a SQLite extension for Excel and a batteries-included backend.
# XLite
A SQLite extension to query Excel (.xlsx, .xls, .ods) files as virtual tables.
# Two faces of a same PDF document
An article presenting a way to abuse PDF XML Forms Architecture (XFA) fallback content to display malicious documents when the PDF reader does not support XFA.
# Bun
An JavaScript runtime with integrated bundling and transpilation able to run both JavaScript and TypeScript. Built with Zig.
# Finding and reminding: file organization from the desktop
A paper summarizing two independent studies of the ways users organize and find files on their computers. The first study (Barreau 1995) investigated information organization practices among users of DOS, Windows and OS/2. The second study (Nardi, Anderson and Erickson 1995), examined the finding and filing practices of Macintosh users. There were more similarities in the two studies than differences.
# Fresh
A full stack web framework for JavaScript and TypeScript. At its core, it is a combination of a routing framework and templating engine that renders pages on demand, on the server. In addition to this just-in-time (JIT) rendering on the server, it also provides an interface for rendering components on the client for maximum interactivity. The framework uses Preact and JSX for rendering and templating on both the server and the client.
# PocketBase
An open source backend consisting of embedded database (SQLite) with realtime subscriptions, built-in users management, convenient dashboard UI and simple REST-ish API.