Jun 4 2012

JavaScript Debugging With The console Object

In the early days of JavaScript there were few options for debugging large web applications. You could have used the multiple alert notifications or possibly even calling document.write to write messages into the document. Firebug changed web developers lives, and I think how we view JavaScript, by making it incredibly easy to debug HTML, CSS, and JavaScript. Since Firebug, most current versions of web browsers include powerful debugging tools. In addition to the debugging tools browsers have made available a JavaScript console object to help write debug statements. With console, there is no need to pop up alerts to inspect the state of an object. To write a log message intended for the console, just write the following JavaScript statement in the right place.

console.log("This is a log message");
console.log("Message one", "Message two", "Message three");

To open the console, you can find it in Safari by looking for the the Web Inspector, in Chrome it’s called Developer Tools, and in Firefox you’ll find it under the Tools menu as Web Console.

The console object has a lot of useful debugging messages for errors with different severity, such as log, debug, info, warn, and error.

console.info("I'm here.");
console.warn("Do I smell smoke?");
console.error("The roof, the roof, the roof is on fire.");

In addition to logging String messages, you can log whole JavaScript objects. It may be useful to inspect a complete object and it’s state. To write out the state of an object to the console use the dir method as in the following example.

console.dir({fname:"Bill", lname:"Gates"});

In Chrome and Safari, you can also use dirxml to display the a HTML element object in the console as HTML. In my version of Firefox, this method did not work.


You can also group related log messages, no matter their severity. To group console messages surround them with a group and groupEnd. You can even nest groups inside of groups.

console.group("Server update");
console.log("calling server...");
// ... any number of console log messages.

You can also test the performance of your JavaScript code with time and timeEnd. Both of these methods accept a String label and it needs it needs to be the same value for both methods.

console.time("Process Data");
// ... some time consuming code
console.timeEnd("Process Data");

When the timeEnd method is executed it will generate a message in the log console with the amount of time it took to run the code between the time and timeEnd method.

Chrome Developer Tools Web Console

Chrome Developer Tools Web Console

Apr 7 2012

Retweet March 2012

From time to time I just blast tweets about software development, project planning, team dynamics, or whatever else comes to mind. Here is a synopsis of recent tweets and rants. If you want to follow the conversation follow me at techknow and/or juixe.

Software Development

  • Say no to consultant code. No to complacent code. No to sloppy and crappy code. No to cut and past code.
  • Developing a machine learning algorithm so we don’t have to learn anymore.
  • Hacking, art or science!?
  • Great hacking weather… Well most weather is great hacking weather as long as your computer don’t overheat.
  • What would an autonomous algorithm do?
  • Sex, drugs, and hacking.
  • You don’t go on Hacker News to show off your project, act arrogant that it’s a closed network, and not expect someone to hack a clone.
  • Nothing worse than setting a test to run overnight only to have a Windows update restart your computer in the middle of the test/night.
  • Refactor with conviction.
  • Building on assumptions is like building on quicksand.
  • When in doubt, step through it in a debugger.

Team Leadership

  • Every problem is an opportunity in the rough.
  • Mo’ money, mo’ problems. Mo’ problems, mo’ opportunity.
  • Ask the right questions is better than making the wrong assumptions.
  • Everything is mental, even when it’s physical.
  • Being successful means you are only a mistake away from not.
  • Don’t use the fact you don’t know a fact as a reason for not knowing it.
  • Just because a team member knows one thing does not excuse the rest of the team from learning for themselves and knowing it too.
  • A team is composed of a group of individuals, but a group of individuals is not a team.

Product Placement

  • Google used to be a search engine and return search results now it wants to be an answer engine and return you the answer.
  • What do you call a Pinterest user? Pinner? Pinhead?
  • Facebook IPO: it’s complicated.
  • How hard is it to add filters to Flickr’s iPhone app?
  • These @calottery lotto ticket should have a QR code so that I can quickly scan to see if I’m a winner.
  • The Google of today is the sort of operation that Sergey and Larry originally set out to disrupt.
  • Somewhere some evil genius is building a super computer out of a cluster of The New iPad.
  • AT&T is in the phone business, so of course when you call customer support they will always have you call someone else who transfers you that gives you a different number that redials…


  • P.S. GitHub sorry, I was bored. — Egor Homakov, the guy that hacked GitHub
  • I have never seen someone try so hard for attention while looking so atrocious at the same time. -Anna Wintour on Nicki Minaj
  • I would give my life for her but she also wants me to do the dishes. – Hellboy


  • Are you killing time or is time killing you?
  • Do The Simpsons pay royalties for basing their episodes on popular movies?
  • Why do single people love cats?
  • Why is it that sometimes when you don’t do a thing people notice, but when you do they don’t?
  • Which would you prefer, an iPad with a keyboard or a net book?
  • If you could only attain one thing which would you choose, money, happiness, or longevity?


  • Fear is free but it will cost you opportunities.
  • Ideas are cheap, but originality will cost you.
  • Hot sauce makes everything better.
  • The odds of you being a loser are better than you winning the lottery.
  • There are people I follow on Twitter that I would never follow in real life, who I would rather push of a cliff in real life.
  • Complainers are worse than haters.
  • College is not for the uber successful.
  • future obituary: died of chili cheese fries.
  • “Really? Really?” Is the new “Oh My God”
  • The term “gateway drug” doesn’t make sense, if you are already doing a drug, you are already past the gateway for drugs.
  • Power drinks are the new gateway drugs.
  • Power drinks are making me fat and jittery.
  • All advice is relative, especially advice from a relative.
  • Life is a journey not a destination, death in the other hand seems like the destination.

Mar 30 2010

Top 25 Most Dangerous Programming Errors

I’ve always been interested in understanding common programming errors so that I can easily recognize and diagnose problems, hopefully without spending hours staring at my breakpoints in my debugger. Previously, I’ve written on Common Groovy Errors and Top Worse Java Errors.

The US Department of Homeland Security, under the Common Weakness Enumeration initiative put out the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors. Most of the errors noted related to web application security programming errors.

  • Failure to Preserve Web Page Structure (‘Cross-site Scripting’)
  • Improper Sanitization of Special Elements used in an SQL Command (‘SQL Injection’)
  • Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)
  • Cross-Site Request Forgery (CSRF)
  • Improper Access Control (Authorization)
  • Reliance on Untrusted Inputs in a Security Decision
  • Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
  • Unrestricted Upload of File with Dangerous Type
  • Improper Sanitization of Special Elements used in an OS Command (‘OS Command Injection’)
  • Missing Encryption of Sensitive Data
  • Use of Hard-coded Credentials
  • Buffer Access with Incorrect Length Value
  • Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP File Inclusion’)
  • Improper Validation of Array Index
  • Improper Check for Unusual or Exceptional Conditions
  • Information Exposure Through an Error Message
  • Integer Overflow or Wraparound
  • Incorrect Calculation of Buffer Size
  • Missing Authentication for Critical Function
  • Download of Code Without Integrity Check
  • Incorrect Permission Assignment for Critical Resource
  • Allocation of Resources Without Limits or Throttling
  • URL Redirection to Untrusted Site (‘Open Redirect’)
  • Use of a Broken or Risky Cryptographic Algorithm
  • Race Condition