Über…
Das ist das Blog von Sven Hasselbach über Themen aus der Entwicklung und alles, was ihm sonst so durch den Kopf geht.
Seit 2003 als freiberuflicher Entwickler deutschlandweit im Einsatz, mit dem Schwerpunkten Lotus Notes & XPages, Spring, Java & OSGi
IBM ICS Champion 2013
Um Kontakt mit mir aufzunehmen, einfach eine eMail an contact<at>hasselba.ch schicken oder mich bei XING finden:
Projektanfragen sind immer willkommen!
Archiv der Kategorie: Web
Testing XPages
When testing XPages with Selenium, you can easily pre-generate the JUnit test code with the browser plugin. But when you then change the structure of the XPage (f.e. by moving the components from an XPage to a custom control), all the IDs … Weiterlesen
xsp.application.context.proxy
Just a reminder for myself: To use a CDN for XPage resources, you can add a leading slash to the xsp.application.context.proxy property. xsp.application.context.proxy=/cdn.hasselba.ch
Veröffentlicht unter Performance, Web, XPages
Verschlagwortet mit 9.0, Domino, Performance, Web, XPages
4 Kommentare
REST & Security: Why HTTP GET is insecure (and the other methods too)
Yesterday René commented that submitting username and password with HTTP GET is insecure, because they are submitted in clear text over the wire as part of the URI. At the first moment, I did not give some thought about it, because it is known … Weiterlesen
REST & Security: More about the DominoStatelessTokenServlet
During the last days I have refined the DominoStatelessTokenServlet a little bit. It is now a pre-beta release, and I think it is time to explain some details about it. While it is still a proof-of-concept, it demonstrates how a … Weiterlesen
REST & Security: A Stateless Token Servlet
I have uploaded some of my projects to GitHub, including an alpha version of a stateless token servlet. The servlet has it’s own authentication mechanism (the password is currently not validated), and for developing purposes it uses HTTP GET. In … Weiterlesen
REST & Security: Same-Origin Policy / CORS
The „Same-orginin policy„ is an important concept for protecting web applications. In short, only resources from the same domain are allowed, everything else is permitted denied. To allow access other domains in your application, you have to enable „CORS„, a … Weiterlesen
Veröffentlicht unter Java Script, REST, Security, Web
Verschlagwortet mit REST, Security, ServerSide JavaScript, Web
2 Kommentare
Raspberry Pi vs. IBM Bluemix – 1:0
I had some time last night (the whole family had gone to bed early), so I spent some to look at the XPages integration into Bluemix. I found the Greenwell Travel Expenses Demo: But after clicking a link, the page … Weiterlesen
REST & Security: CSRF Attacks
In this post I will demonstrate how a do a CSRF attack against a XPages REST service. Let’s assume that we have a custom REST service on a XPage. To keep the example as simple as possible, this service returns … Weiterlesen
XPages: WebContent Files (3) – Create a Minimizer Servlet
Because of Stefano Fois comment I decided to write an example about how to create a minimizer servlet for Domino which compresses JavaScript resources on the fly. This is, again, a simple Proof-Of-Concept, nothing more and nothing less. First, I downloaded the YUICompressor, … Weiterlesen
Veröffentlicht unter Java, Java Script, Web, XPages
Verschlagwortet mit Domino, Java, Java Script, JSF, XPages, XSP
6 Kommentare
Tschüß RFC 2616! War nett mit Dir!
Wie auf Heise berichtet, ist das RFC 2616 zu seinem 15ten Geburtstag in Rente geschickt worden, und sollte keine Verwendung mehr finden. Bei Fragen rund um die HTTP/1.1 Spezifikation gelten von nun an folgende RFCs: RFC7230 – HTTP/1.1: Message Syntax and … Weiterlesen