

Show HN: PatchBin.com - Pastebin for patches + comments + code review. - antileet
http://patchbin.com/haLJ28

======
oinopion
XSS open. <http://github.com/ninjagod/patchbin/issues#issue/1>

~~~
antileet
I disabled escaping because it had trouble rendering XML code. I thought it
was safe but I was wrong.

Fixing now. Thanks! [edit] fixed

~~~
oinopion
I played a bit with code and I think you could benefit from reading:

<http://www.python.org/dev/peps/pep-0008/>

<http://docs.djangoproject.com/en/dev/topics/forms/>

[http://docs.djangoproject.com/en/dev/topics/db/models/#many-...](http://docs.djangoproject.com/en/dev/topics/db/models/#many-
to-one-relationships)

------
mcav
I know horizontal space is tight, but it'd be nice if you could have 2 at-
least-80-character-wide views (rather than hard-wrapping them at whatever they
are now) when you have a wider screen. Looks good though.

~~~
antileet
Thanks!

I'm having a tough time with CSS right now. I hope to add a client-side way to
detect when the screen is large enough and show 80 character wide views.

~~~
dimarco
$(window).width() will display the viewable width of the client in jQuery. and
onResize will fire on <body> when the window is resized. (food for thought)

I think this is a pretty neat idea. Often a coworker is working remotely and
our boss has been begging for some code review. This could have some use.

------
thegoleffect
I really like this implementation. Very clean, effective, and simple. I hope
you continue to make progress on it ^_^.

------
antileet
To the folks who tried out the commenting:

A lot of comments are blank. If you entered valid text and that didn't get
written to the database, and is a bug. Can you please describe any bad
experience you had with the commenting system.

Thanks!

~~~
bloonlabs
You might want to put a "cancel" button on the comment form. The blank
comments might be people who are trying to get rid of the comment form after
accidentally double-clicking.

~~~
antileet
Done! Thanks!

------
woadwarrior01
Nice. One minor nitpick, your django instance is running in DEBUG mode.

