M Richardson

Ranch Hand
+ Follow
since Dec 28, 2016
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by M Richardson

Called myself a "Java Developer" until I got to the first problem in this book and looked at the "efficient/optimized" solution:

1.1 Is Unique  - Write a method which determines if a given String is unique or not.

I got through the naive solution. I got through the solution in which I wasn't allowed to use any Java data-structures.
Then Ms. McDowell threw a magic voodoo curveball at me.

What in tarnation is this??
What does the `- 'a' ` doing?
who is `checker??`
and I can't even begin to wrap my head around what the "Bitwise OR assignment" does.

Can someone please break it down for me? Thank you!
4 months ago

Tim Holloway wrote:You should be able to add a validatorMessage attribute to the h:inputSecret tag.

You are using a lot of attributes that aren't defined for h:inputSecret. Note that JSF, like HTML, will silently ignore elements and attributes that it does not understand. Nor will JSF pass them down to the generated HTML.

I'm looking at this and inputSecret does not have a validatorMessage attribute. It only seems to exist for inputText.
7 months ago
I have the following code, which is throwing a "Regex Pattern not matched" message.
I need for it to show a custom message. How do I accomplish this?

7 months ago
Is there a fix on the server side which can be applied to WebLogic 12c which will take care of a Static Session ID vulnerability?

Ron McLeod wrote:

M Richardson wrote:Eclipse immediately highlights a large number of errors within the project.

It doesn't necessarily mean that there is anything wrong with the code.  That could be due to you not having the proper development environment setup, or you are missing some dependent projects, or Eclipse not being configured properly for the project, etc..

I've had this happen to me on more than one occasion.. Where the "Official / Documented" instructions tell the developer to painstakingly resolve errors... add such and such files to the path... put in import statements... ,etc. etc.
Which really confuses the hell out of me because .... Can't all of this be done in *one* instance and put on the repository .. so that time doesn't have to be wasted each and every time someone needs to set it up?
8 months ago
You're a brand new developer who's landed his first Java gig. Big codebase, and possibly a Federal project... Maybe a legacy project... You are instructed to fetch the repository.
Eclipse immediately highlights a large number of errors within the project. You are instructed that you will have to manually resolve these errors to get the project in a running state.

Question for seasoned Java developers: Is this situation almost always because of:

(a) laziness on part of the developers who put this monstrosity together over the years?


(b) this is simply how it is, and it's not anyone's fault. It's not "bad design" - There are good reasons as to why a Java project will simply not run "out of the box."

Which one is it?
8 months ago
I have a number of projects which interact with one another. A scenario which we often see in the wild is a "common" or "shared" project, which supports other projects.
I used the UCDetector plugin for Eclipse to detect unnecessary/dead code which found a couple of instances of "dead code," but upon further investigation we find that this code is actually being used outside the project, by another project.

Is there any decent static code analysis tool which will account for these multiple project scenarios?
9 months ago

Stephan van Hulst wrote:You don't need an external library.

You can just use the keytool command to generate a key store file, and you use KeyStore from within your application to retrieve the secret you generated.

I see. But this is an enterprise application where no such ability will be provided to the user - or the user may not be that savvy to be able to do that.
How is the vulnerability mitigated in that case? (and when I say mitigated, I mean to make the static code analyzer happy)
9 months ago

Stephan van Hulst wrote:No.

You're supposed to generate a secret key and store it in a key file using a separate tool, then load it in your application using KeyStore.

If you google Java KeyStore you can probably easily find more info on how to do this.

I see. I understand that I will pass the keystore file, and the password to obtain a KeyStore object.
Can you please explain as to what specifically in the code needs to get processed by my external library?
I'm a little unclear as to how this integrates with my existing code.

9 months ago
I'm seeing the following vulnerability (https://cwe.mitre.org/data/definitions/321.html) being detected on the following code:

I'm unable to ascertain as to how I am to mitigate this issue... Are those hexadecimal "byte" values supposed to be dynamically generated? and how so?
9 months ago
I am using Chrome Version 89.0.4389.114 (Official Build) (64-bit)

When clicking on the profile photo and selecting the "change picture" button, it simply redirects to the "Registration Information" page.
Is this due to browser support, or is the functionality broken?
9 months ago

Paul Clapham wrote:I'm no JavaScript guru but still, that's what I would expect of a method named "parseInt".

Aha! Apparently, there's a parseFloat! Thank you :)

I assumed that parseInt was just a catch-all for all numbers.. since Javascript just has one datatype for Numbers...
I created a code-pen here: https://codepen.io/ebonymaw/pen/jOrJWMy

It's pretty simple, but I'm proud of it

But wait a second! There's a bug in here!

In Property Tax Rate, no matter what I put after a decimal point, it is ignored! 1.2916 simply becomes 1.
"2.5353" becomes 2. What am I doing wrong here?

line # 49, of my Javascript:

looks fine to me....

Can someone please point out what might be happening here?

Thank you!
A piece of code within a lambda function on AWS which never made sense to me:

The last line (line #8) where it says: `RequestItems=request_items`
What kind of variable is "RequestItems?"
And why does it show up as "red" (as if it's an error something) within an IDE, such as IntelliJ?
1 year ago