Christian Heilmann

Sorry BBC, my pimped Firefox made me think you did wrong

Sunday, May 17th, 2009 at 7:48 pm

Here’s an interesting example of me being a typical developer. This morning I checked a news piece of Danger Mouse sticking it to EMI by releasing their album as a blank CDR and got an alert() on the BBC site:

Failed to load Yahoo libraries cannot load menus by  you.

As you can see the alert clearly states that it comes from the BBC site – a nice anti-phishing feature that browsers added in the last few years.

I was confused, first and foremost because the BBC has their own library “Glow” which is yet to be released as open source and secondly as there are no menus on the page that are JavaScript or Yahoo dependent. Furthermore I was amazed to see the BBC to be as unprofessional as using an alert in a live site.

As BBC JavaScript overlord Jake Archibald rightly pointed out the alert did not come from their site or is anywhere in their code. I had looked through the numerous JavaScript includes (seriously, collate on the server, folks) in the page and couldn’t find it either.

Jake’s second comment made me aware what happened. Instead of seeking the error in my own setup I immediately thought the BBC messed up (this is the typical developer bit I was talking about). The solution to the problem was easy to remember once I was aware of it.

Friday before Hack Day we had the press in the office and wanted to show them some of the hacks previously built on hack days. One of them was Dharmafly’s HackHud which is a GreaseMonkey script that injects menus at interesting keywords into the BBC site. The script was broken and Premasgar tried to quickly fix it right on the spot leaving an alert in the GM script:

Sorry BBC, the alert() was my mistake by  you.

My lesson learned: don’t trust alerts, even when they tell you where they come from. Your pimped browser might give you a wrong message.

Tags: , , , , , ,

Share on Mastodon (needs instance)

Share on Twitter

Newsletter

Check out the Dev Digest Newsletter I write every week for WeAreDevelopers. Latest issues:

160: Graphs and RAGs explained and VS Code extension hacks Graphs and RAG explained, how AI is reshaping UI and work, how to efficiently use Cursor, VS Code extensions security issues.
159: AI pipelines, 10x faster TypeScript, How to interview How to use LLMs to help you write code and how much electricity does that use? Is your API secure? 10x faster TypeScript thanks to Go!
158: 🕹️ Super Mario AI 🔑 API keys in LLMs 🤙🏾 Vibe Coding Why is AI playing Super Mario? How is hallucinating the least of our worries and what are rules for developing Safety Critical Code?
157: CUDA in Python, Gemini Code Assist and back-dooring LLMs We met with a CUDA expert from NVIDIA about the future of hardware, we look at how AI fails and how to play pong on 140 browser tabs.
156: Enterprise dead, all about Bluesky and React moves on! Learn about Bluesky as a platform, how to build a React App and how to speed up SQL. And play an impossible game in the browser.

My other work: