Schlagwort-Archive: Web

Jackson: Skip Objects conditionally

I had a simple problem when implementing this brilliant solution in one of my REST applications: As soon I was using @JsonAnyGetter / @JsonAnySetter and the HidableSerializer together, a NPE was thrown during serialization. The Problem occured in Jackson 1.9.13 … Weiterlesen

Veröffentlicht unter Jackson, REST | Verschlagwortet mit , , , , | Hinterlasse einen Kommentar

Testing XPages (2): BrowserMob Proxy

When testing XPages or other web applications, you may want to have more control about the requests and responses during the JUnit testing. For example, if you want to test if a specific HTTP header exists in the response, or … Weiterlesen

Veröffentlicht unter Java, Web, XPages | Verschlagwortet mit , , , , , , , | Hinterlasse einen Kommentar

Testing XPages

When testing XPages with Selenium, you can easily pre-generate the JUnit test code with the browser plugin. But when you then change the structure of the XPage (f.e. by moving the components from an XPage to a custom control), all the IDs … Weiterlesen

Veröffentlicht unter Allgemein, Java, Web, XPages | Verschlagwortet mit , , , , , , , | 3 Kommentare

xsp.application.context.proxy

Just a reminder for myself: To use a CDN for XPage resources, you can add a leading slash to the xsp.application.context.proxy property. xsp.application.context.proxy=/cdn.hasselba.ch  

Veröffentlicht unter Performance, Web, XPages | Verschlagwortet mit , , , , | 2 Kommentare

REST & Security: Why HTTP GET is insecure (and the other methods too)

Yesterday René commented that submitting username and password with HTTP GET is insecure, because they are submitted in clear text over the wire as part of the URI. At the first moment, I did not give some thought about it, because it is known … Weiterlesen

Veröffentlicht unter REST, Security, Server, Web | Verschlagwortet mit , , , | 2 Kommentare

REST & Security: More about the DominoStatelessTokenServlet

During the last days I have refined the DominoStatelessTokenServlet a little bit. It is now a pre-beta release, and I think it is time to explain some details about it. While it is still a proof-of-concept, it demonstrates how a … Weiterlesen

Veröffentlicht unter Allgemein, Java, REST, Security, Web | Verschlagwortet mit , , , , , , , , | 12 Kommentare

REST & Security: A Stateless Token Servlet

I have uploaded some of my projects to GitHub, including an alpha version of a stateless token servlet. The servlet has it’s own authentication mechanism (the password is currently not validated), and for developing purposes it uses HTTP GET. In … Weiterlesen

Veröffentlicht unter Java, REST, Security, Web | Verschlagwortet mit , , , , | Hinterlasse einen Kommentar

REST & Security: Same-Origin Policy / CORS

The „Same-orginin policy„ is an important concept for protecting web applications. In short, only resources from the same domain are allowed, everything else is permitted denied. To allow access other domains in your application, you have to enable „CORS„, a … Weiterlesen

Veröffentlicht unter Java Script, REST, Security, Web | Verschlagwortet mit , , , | 2 Kommentare

Raspberry Pi vs. IBM Bluemix – 1:0

I had some time last night (the whole family had gone to bed early), so I spent some to look at the XPages integration into Bluemix. I found the Greenwell Travel Expenses Demo: But after clicking a link, the page … Weiterlesen

Veröffentlicht unter Security, Web, XPages | Verschlagwortet mit , , , , | 6 Kommentare

Tschüß RFC 2616! War nett mit Dir!

Wie auf Heise berichtet, ist das RFC 2616 zu seinem 15ten Geburtstag in Rente geschickt worden, und sollte keine Verwendung mehr finden. Bei Fragen rund um die HTTP/1.1 Spezifikation gelten von nun an folgende RFCs: RFC7230 – HTTP/1.1: Message Syntax and … Weiterlesen

Veröffentlicht unter Web | Verschlagwortet mit | Hinterlasse einen Kommentar