sorted by: recent | see :
popular
Content Tagged with article + Development
robubu : Safe JSON
We have been investigating the security implications of having a JSON api in Connections. It turns out that it is very easy to leave pretty big security exposures in an application if it isn’t done right. The security exposure in this case is rogue sites being able to get at data made available via a JSON api. The truly frightening part of this is that applications installed on a corporate intranet can actually leak data to internet sites should a user visit a rogue site. BTW, these exposures apply equally to both formally published api’s such as Yahoo’s and also any internal JSON api’s often used for AJAX tricks.
JSON is not as safe as people think it is - Joe Walker
There are 2 problems. CSRF (Cross Site Request Fogery) allows attackers to bypass cookie based authentication. I blogged about it a while ago. Wikipedia talks about it. CSRF allows you to invoke cookie protected actions on a remote server. It allows Mr. Evil to trick Mrs. Innocent into transferring money from her bank account into his. Far less known perhaps, is the JSON/Array hack that allows a user to steal JSON data on Mozilla and any other platform with a modern JavaScript interpreter.
InfoQ: Software Testing With Spring Framework
InfoQ: Software Testing With Spring Framework
Evening Tip: Use jQuery To Retrieve Data From An XML File - NETTUTS
In this quick tip, I'll show you how to load data from an XML file onto a blank page. We'll work with the $.get function and will also implement a loading gif while the information is being retrieved. We'll be displaying a simple list of recommended web development books. Let's go ahead and get started.
Why Microsoft and Intel tried to kill the XO $100 laptop - Times Online
"Nicholas Negroponte had a vision: to build a $100 laptop and give away millions to educate the world’s poorest children. And then the fat-cat multinationals got scared and broke it..."
open-source: del.icio.us tag/open-source
Development
education
article
technology
open-source
open_source
olpc
ONJava.com -- An Introduction to Hibernate 3 Annotations
A quick and dirty tutorial which shows how to get up and running with Hibernate 3 annotations
ONJava.com -- An Introduction to Hibernate 3 Annotations
A quick and dirty tutorial which shows how to get up and running with Hibernate 3 annotations
Easy Ruby development, the Eclipse way
Almost three years ago, developerWorks published "Using the Ruby Development Tools plug-in for Eclipse," which introduced some of the features found in the Ruby Development Tools (RDT) plug-in for Eclipse. Current at the time was V0.5. We revisit that tool in this article. Today, RDT is called Aptana RadRails and is available as a plug-in for Aptana Studio or Eclipse. This article introduces some of the plug-in's new features
Java XPath API
Демонстрация XPath от Эллиотта Хэролда.
Page 1 | Next >>