Steven Colley

Ranch Hand
+ Follow
since Feb 18, 2005
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
In last 30 days
0
Forums and Threads

Recent posts by Steven Colley


Hello,


Can an infected image run (as a result of IMG src call) on the browser and crash the user's browser?

E.g, The Ad-serving has been hacked and the image replaced by another image.jpg (that contains malicius code) or the file has been replaced by another "fake" image.jpg (which is not a real image).

??

tks in advance,

Felipe

Hello all....

I have a question.....

Given the two tags (pixel image call / web bug) bellow (which perform HTTP calls to other domains than the ones of the page that they are running).....

For what concerns CSS and CSRF......



- What is the REAL possibility of having logic embedded into the image GIF which is supposed to be delivered as part of the HTTP response?
- Could the browser end up running malicious code and crash the user's browser?
- any other threat here?



- What is the possibility of having logic embedded into the response?
- Could the browser end up running malicious code here?
- any other threat here?

Thank you in advance,

12 years ago
JSP

Hello,

I'm currently trying to understand what the best approach to implement a solution is when I have a Java page that has to invoke a Java service and render content on the page.

(The solution has a limited scope so please do not mention here alternative solutions with other frameworks such as JSF, Spring, etc....).

Scenario....: PAGE, Server-side logic reading a XML config file (no database).

> The number of requests my server-side logic that has to receive the HTTP request and reads the configuration file is : 35 millions yearly.

So:

1- I could do it with javascript/ajax, requesting a Servlet/WS that would have to read a XML configuration file and would then return another *XML data to be parsed by the browser.
*The XML data would be a javascript function to run on the browser.
XML data (payload) to be parsed by the browser would not be larger than 20-50KB

2- Instead, I could have a Java custom that communicates with a SimpleTag Handler implementation that reads the XML Configuration file and generates as response the expected javascript function to run on the browser.

> This solution seems to be much clearer by delivering loose-coupling without overloading the browser with client-side processing.
> However it seems that I can only run the Java custom tags on Java pages, it's not my situation

I'm now working on the advantages and disadvantages of both solutions...have here different pros and cons...could you please give me your insight regarding the ones you think that are the most important to be taken into account here ? (I will not post them here because I don't want to influence your answers) I need to hear from you

IMPORTANT: The page that contain the Custom tag (or javascript function) does not run on the same server as the Tag Handler or Servlet/WS implementation.

Questions:

1 - With the JS solution, one of the main advantages here is that I can benefit from the Asynchronous calls without impacting the page loading as well as the response time. Is it true?

2 - In the end, would the javascript solution run faster than the Custom tag? When we think of java specially with XML (tld) we think about something that might bot be 'performant'

3- If my page is not a Java page, would there be any way to run the Custom tag? (IFRAME?)

4- What approach do you use with Custom Tags/Tag Handler implementations to see whether it's performing well ?

5- Considering the situation where I mentioned that my page that executes the Custom that might be in another server/domain than my Tag Handler, I need to understand:
- What is the protocol of communication between my custom tag and the Tag handler?


Thank you so much in advance,

Let me know if you have any questions,
12 years ago
JSP
I meant....Oracle SOA certification...could not find imnformation on it...

tkkkksss

Question: is this certification exam still active ? could not find further information on the Oracle's web site.

thank you in advance,
Amitav Anand, guys..
what is the difference between exam 1.4 and 5?

tks!!
15 years ago

HI guys...how are you doing??

I'm wondering what is the main difference between SCWCD 1.4 and SCWCD 5..can you please explain it to me ? I took a look at the exams requirements and could not see anything different.

I'm SCWCD 1.4 certified...Does it worth to update it ?

Tks in advance fellows!!

Colley!

HI guys, firstly Tks so much for replying back!!

It seems that "Spring in Action" is such a good book and that "Spring recipes" could also help.

I'm wondering if this one : "Expert Spring MVC and Web Flow (Paperback)" wouldn't be such a good one too : (according to the customer's review it's not) would be a good one - so just asking whether someone has owns it or not.

http://www.amazon.com/Expert-Spring-MVC-Web-Flow/dp/159059584X/ref=sr_1_8?ie=UTF8&s=books&qid=1257728449&sr=1-8

Colley!
15 years ago
HI guys...I'm new for Spring framework and would like to buy a good book to start learning it. can you please help me to choose it ?

are these ones considered good books ? (I don't want a basic book, I wanna buy some that covers the most important features of it)

1) Expert Spring MVC and Web Flow:
http://www.amazon.com/Expert-Spring-MVC-Web-Flow/dp/159059584X/ref=sr_1_8?ie=UTF8&s=books&qid=1257728449&sr=1-8

2) Beginning Spring Framework 2 (Paperback)
http://www.amazon.com/Beginning-Spring-Framework-Thomas-Velde/dp/047010161X/ref=sr_1_12?ie=UTF8&s=books&qid=1257728449&sr=1-12

and what about these ones ?

3) Spring in Action:
http://www.amazon.com/Spring-Action-Craig-Walls/dp/1933988134/ref=sr_1_6?ie=UTF8&s=books&qid=1257728449&sr=1-6

or

4) Professional Java Development with the Spring Framework (ins't it an old version of spring framework ?)
http://www.amazon.com/Professional-Java-Development-Spring-Framework/dp/0764574833/ref=sr_1_1?ie=UTF8&s=books&qid=1257728449&sr=1-1

5) Spring recipes:
http://www.amazon.com/Spring-Recipes-Problem-Solut...s=books&qid=1257729242&sr=1-17

So..1, 2 , 3 , 4 or 5?

Tks so much in advance!!!
15 years ago


HI guys...I'm new for JSF and would like to buy a good book to start learning it. can you please help me to choose it ?

are these ones considered good books ? (I don't want a basic book, I wanna buy some that covers the most important features of it)

1) JavaServer Faces: The Complete Reference:
http://www.amazon.com/JavaServer-Faces-Complete-Reference/dp/0072262400/ref=pd_sim_b_1

and what about this one ?

2) Core-JavaServer:
http://www.amazon.com/Core-JavaServer-TM-Faces-2nd/dp/0131738860/ref=sr_1_3?ie=UTF8&s=books&qid=1257726304&sr=1-3

any other suggestion here ?

3)Mastering JSF:
http://www.amazon.com/Mastering-JavaServer-Faces-Java-Dudney/dp/0471462071/ref=sr_1_13?ie=UTF8&s=books&qid=1257729242&sr=1-13

4) Spring recipes:
http://www.amazon.com/Spring-Recipes-Problem-Solution-Approach-Professionals/dp/1590599799/ref=sr_1_17?ie=UTF8&s=books&qid=1257729242&sr=1-17

So..1, 2 , 3 or 4 ?

Tks so much in advance!!!
15 years ago
JSF

Hi..I have a question..

Does the statement bellow make sense ?

RPC X document
These terms imply that the RPC style should be used for RPC programming models and that the document style should be used for document or messaging programming models. That's not the case at all. THE STYLE HAS NOTHING TO DO WITH A PROGRAMMING MODEL. It merely dictates how to translate a WSDL binding to a SOAP message. Nothing more. YOU CAN USE EITHER STYLE WITH ANY PROGRAMMING MODEL.



Please..let me know! Tks in advance!
Hi ...I just passed in SCEA 1 and I'm looking forward to taking part 2 soon...

I didn't ordered my project year...Just would like to hear from you according to your experience....how long it's supposed to take approximately...I mean..the average which I'll need to prepare myself to delivery this project by working ..let's say..2/3hours daily ...

What do you think ?

Tks in advance!!
Hi Team..just would like you to know I passed in SCEA 5....

I got 69%...Very tough test...confused questions...!

Lots questions about JSF, WS, Security concepts and JEE applicability....!

Resources:

- Used Epractice from Sun...

Recommended books:

Core Security Patters
Core Patters
EJB 3 specification / Tutorial
WS specification / Tutorial
JSF articles


Tks a looooooot for all help You helped me a lot for sure!! ;-)

16 years ago