web application

213 results back to index

pages: 136 words: 20,501

Introduction to Tornado by Michael Dory, Adam Parrish, Brendan Berg

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

don't repeat yourself, Firefox, social web, web application, WebSocket

Forms and Templates In Chapter 1, we looked at the basics of setting up a web application with Tornado. We covered handlers, HTTP methods, and the overall structure of the Tornado framework. In this chapter, we’re going to take a look at some of the more powerful features that you’re likely to use when building web applications. As with most web frameworks, one of the primary goals of Tornado is to help you write your applications faster, reusing as much of your code as cleanly as possible. While Tornado is flexible enough to allow you to use nearly any template language supported by Python, it contains a lightweight, fast, and flexible templating language within the tornado.template module. Simple Example: Poem Maker Pro Let’s get started with a simple example called Poem Maker Pro. Poem Maker Pro is a web application that presents an HTML form for the user to fill out, and then processes the results of that form.

Asynchronous Web Services Thus far, we’ve taken a look at many of the features that make Tornado such a powerful framework for web applications. Its simplicity, ease of use, and handy helpers are enough reason to make it a great choice for many web projects. However, one of the most talked about features of Tornado is its ability to fetch and serve content asynchronously, and with good reason: it makes it easy to handle nonblocking requests, ultimately resulting in more efficient processes and greater scaling possibilities. In this chapter, we’ll take a look at the basics of asynchronous requests in Tornado, as well as some long polling techniques that will allow you to write simpler web applications that can serve more requests with fewer resources. Asynchronous Web Requests Most web applications (including the examples we’ve looked at thus far) are blocking in nature, meaning that while a request is being handled, the process hangs until the request is completed.

Thanks especially to Tom Roney and Bob McGrail, who inspired a deep understanding of computation, software, and systems. Chapter 1. Introduction Over the last half decade, the tools available to web developers have grown by leaps and bounds. As technologists continue to push the limits of what web applications can do for users everywhere, we’ve had to upgrade our toolkit and create frameworks that let us build better applications. We would like to be able to use new toolkits that make it easier for us to write clean and maintainable code that scales efficiently when deployed to users all across the globe. This brings us to talking about Tornado, a fantastic choice for writing powerful web applications that are simple to create, extend, and deploy. The three of us had all fallen in love with Tornado for its speed, simplicity, and scalability, and after trying it out on a few personal projects, we’ve put it to work in our day jobs.

pages: 91 words: 18,831

Getting Started With OAuth 2.0 by Ryan Boyd

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

social graph, web application

token=ya29.AHES6ZSzF" The extension also defines a JSONP “callback” query parameter that OAuth providers can optionally support. Both Salesforce and Google support this parameter. A 200 response code indicates successful revocation. Chapter 3. Client-Side Web Applications Flow The Implicit Grant flow for browser-based client-side web applications is very simple. In this flow, an access token is immediately returned to the application after a user grants the requested authorization. An intermediate authorization code is not required as it is in the server-side Web Application flow (see Chapter 2). Figure 3-1 shows a step-by-step flow diagram, based on a diagram from the specification. Figure 3-1. Client-Side Web Applications flow: Step-by-step When Should the Implicit Grant Flow Be Used? The Implicit Grant flow should be used when Only temporary access to data is required.

OpenID Connect Authentication Nearly every web application prompts users to create an account and log in. In order to create an account, users are asked to provide their name, their email address, a password, and password confirmation. Not only does this take a lot of effort for the user (50+ keystrokes), but it also creates security concerns, as users often create the same password on multiple sites and some sites do not properly secure these credentials. OpenID exists to enable federated identity, where users are able to authenticate with the same identity across multiple web applications. Both users and web applications trust identity providers, such as Google, Yahoo!, and Facebook, to store user profile information and authenticate users on behalf of the application. This eliminates the need for each web application to build its own custom authentication system, and it makes it much easier and faster for users to sign up and sign into sites around the Web.

It is recommended that all developers use the Check ID Endpoint or decode the JSON Web Token to verify the asserted identity, though this is not strictly necessary in some cases when the application uses the server-side Web Application flow and the UserInfo Endpoint provides all required information. The server-side Web Application flow, when implemented as per the specification, only issues an authorization code through the user’s web browser. The web application should not ever accept an access token or identity token directly from the browser. The access token and identity token are retrieved by exchanging the authorization code in a server-to-server request. Since this exchange requires the server-to-server call to be authenticated with the client ID and client secret of the app which the authorization code was issued for, the OAuth token service will naturally prevent an app from accidentally using an authorization code issued to another app. Alternatively, the client-side Web Application flow issues an access token and identity token directly to the app through the browser using a hash fragment.

pages: 570 words: 115,722

The Tangled Web: A Guide to Securing Modern Web Applications by Michal Zalewski

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

barriers to entry, business process, defense in depth, easy for humans, difficult for computers, fault tolerance, finite state, Firefox, Google Chrome, information retrieval, RFC: Request For Comment, semantic web, Steve Jobs, telemarketer, Turing test, Vannevar Bush, web application, WebRTC, WebSocket

See Uniform Resource Locators (URLs), Properties of ActionScript user, The Evolution of a Threat, Resolution of Relative URLs, Header Character Set and Encoding Schemes, Referer Header Behavior, Privacy-Related Side Channels as security flaw, The Evolution of a Threat browsing habits, Referer header and, Header Character Set and Encoding Schemes collecting information about interaction, Privacy-Related Side Channels URL construction based on input, Resolution of Relative URLs user content, markup filter for, A Note on Cross-Site Request Forgery user data in HTTP cookies, Error-Handling Rules user interfaces, Pseudo-URLs, Pseudo-URLs, Window-Positioning and Appearance Problems, I/O Interfaces browser extensions and, Pseudo-URLs notifications, I/O Interfaces timing attacks on, Window-Positioning and Appearance Problems User-Agent request header, Basic Syntax of HTTP Traffic user-controlled filenames in Content-Disposition headers, Error-Handling Rules username, in credentials portion of URLs, Indicator of a Hierarchical URL UTF-16 charset, Entity Encoding, Downloaded Files and Other Non-HTTP Content UTF-32 charset, Entity Encoding UTF-7 charset, Entity Encoding UTF-8 charset, Handling of Non-US-ASCII Text, Header Character Set and Encoding Schemes, Downloaded Files and Other Non-HTTP Content in HTTP headers, Header Character Set and Encoding Schemes V valid scheme names, current list, It Starts with a URL variables, declaration in JavaScript, Function Resolution VBScript, Browser-Side Scripts vbscript: scheme, Protocols Claimed by Third-Party Applications and Plug-ins, Inheritance for data: URLs vertical tab, in HTML tag, Understanding HTML Parser Behavior View > Encoding menu, Character Set Inheritance and Override view-cache: scheme, Protocols Claimed by Third-Party Applications and Plug-ins view-source: scheme, Protocols Claimed by Third-Party Applications and Plug-ins Visual Basic, Tales of the Stone Age: 1945 to 1994, Code Inclusion Modes and Nesting Risks, The Perils of Plug-in Content-Type Handling VoiceXML, Cross-Domain Requests W W3C (World Wide Web Consortium), The Boring Period: 2000 to 2003, Hypertext Markup Language w3m, Tales of the Stone Age: 1945 to 1994 WAP (Wireless Application Protocol suite), XML User Interface Language WBXML, Wireless Markup Language WDP file format, Type-Specific Content Inclusion web 2.0, The Boring Period: 2000 to 2003 web applications, Vulnerabilities Specific to Web Applications, Vulnerabilities Specific to Web Applications, Problems to Keep in Mind in Web Application Design design issues, Vulnerabilities Specific to Web Applications vulnerabilities specific to, Vulnerabilities Specific to Web Applications Web Hypertext Application Technology Working Group (WHATWG), Web 2.0 and the Second Browser Wars: 2004 and Beyond web page, prerendering, Content-Level Features web storage, same-origin policy mechanism for, Same-Origin Policy for XMLHttpRequest Web, the.

Problems to Keep in Mind in Web Application Design The problems outlined in this section are an unavoidable circumstance of doing business on the Internet and must be properly accounted for when designing or implementing new web apps. Cache poisoning The possibility of long-term pollution of the browser cache (or any interim proxies) with a fabricated, malicious version of the targeted web application. Encrypted web applications may be targeted due to response-splitting vulnerabilities. For nonencrypted traffic, active network attackers may be able to modify the responses received by the requestor, too. See Chapter 3 for an overview of HTTP-caching behaviors. Clickjacking The possibility of framing or otherwise decorating or obscuring a portion of another web application so that the victim, when interacting with the attacker’s site, is not aware that individual clicks or keystrokes are delivered to the other site, resulting in undesirable actions being taken on behalf of the user.

XML, Document Parsing Modes certificate authorities, Protocol-Level Encryption and Client Certificates certificates, Extended Validation Certificates, Extended Validation Certificates, Error-Handling Rules extended validation, Extended Validation Certificates warning dialog example, Error-Handling Rules cf: scheme, Common URL Schemes and Their Function character sets, Handling of Non-US-ASCII Text, Semicolon-Delimited Header Values, Downloaded Files and Other Non-HTTP Content, Character Set Handling, Character Set Handling, Character Set Inheritance and Override, Character Set Inheritance and Override, Markup-Controlled Charset on Subresources, Problems to Keep in Mind in Web Application Design byte order marks and detection, Character Set Handling detection for non-HTTP files, Markup-Controlled Charset on Subresources for headers, Semicolon-Delimited Header Values handling, Downloaded Files and Other Non-HTTP Content in URLs, Handling of Non-US-ASCII Text inheritance and override, Character Set Inheritance and Override markup-controlled, on subresources, Character Set Inheritance and Override sniffing, Problems to Keep in Mind in Web Application Design characters, Fragment ID, Putting It All Together Again, Putting It All Together Again, Reserved Characters and Percent Encoding, Reserved Characters and Percent Encoding, Reserved Characters and Percent Encoding, Semicolon-Delimited Header Values, Explicit and Implicit Conditionals, Parser Resynchronization Risks, Access to Other Documents delimiting, in URLs, Fragment ID encoding in CSS, Parser Resynchronization Risks encoding in filenames, Semicolon-Delimited Header Values encoding in HTML, Explicit and Implicit Conditionals encoding in JavaScript, Access to Other Documents encoding in URLs, Putting It All Together Again printable, browser treatment of, Reserved Characters and Percent Encoding reserved, Reserved Characters and Percent Encoding unreserved, Reserved Characters and Percent Encoding children objects in JavaScript, Standard Object Hierarchy Chrome, Scheme Name, Reserved Characters and Percent Encoding, Encapsulating Pseudo-Protocols, Header Character Set and Encoding Schemes, HTTP Authentication, Hypertext Markup Language, Overriding Built-Ins, The Perils of Plug-in Content-Type Handling, XML Browser Applications (XBAP), Local Files, Pseudo-URLs, Document Type Detection Logic, Downloaded Files and Other Non-HTTP Content, Downloaded Files and Other Non-HTTP Content, Denial-of-Service Attacks, Pop-Up Filtering, Dialog Use Restrictions, Form-Based Password Managers, Content-Level Features, Content-Level Features and file extensions in URLs, The Perils of Plug-in Content-Type Handling and realm string, HTTP Authentication and RFC 2047 encoding, Header Character Set and Encoding Schemes autodetection of passive document types, Downloaded Files and Other Non-HTTP Content cached pages in, Encapsulating Pseudo-Protocols characters in URL scheme name ignored by, Scheme Name deleting JavaScript function, Overriding Built-Ins local file access, Local Files modal dialogs for prompts, Dialog Use Restrictions navigation timing, Content-Level Features prerendering page, Content-Level Features printable characters in, Reserved Characters and Percent Encoding privileged JavaScript in, Pseudo-URLs stored password retrieval, Form-Based Password Managers SWF file handling without Content-Type, Document Type Detection Logic time limits on continuously executing scripts, Denial-of-Service Attacks WebKit parsing engine, Hypertext Markup Language window.open() function and, Pop-Up Filtering Windows Presentation Foundation plug-ins, XML Browser Applications (XBAP) chunked data transfers, Keepalive Sessions click() method, Pop-Up Filtering clickjacking, Unsolicited Framing, Beyond the Threat of a Single Click, Problems to Keep in Mind in Web Application Design client certificates, Protocol-Level Encryption and Client Certificates client-server architecture, The Breakdown of the Client-Server Divide client-side data, Origin Inheritance client-side databases, Content-Level Features client-side errors (400–499), 300-399: Redirection and Other Status Messages client-side scripts, restricting privileges of HTML generated by, Other Developments cloud, The User as a Security Flaw Clover, Andrew, Privacy-Related Side Channels command injection, Problems to Keep in Mind in Web Application Design comments, Document Parsing Modes, Basic CSS Syntax, Basic CSS Syntax in CSS syntax, Basic CSS Syntax in XHTML and HTML, Document Parsing Modes Common UNIX Printing System (CUPS), Problems with Domain Restrictions Common Vulnerability Scoring System (CVSS), Enlightenment Through Taxonomy Common Weakness Enumeration (CWE), Enlightenment Through Taxonomy complex selectors, in CSS, Cascading Style Sheets computer proficiency of user, The Evolution of a Threat conditionals, explicit and implicit, in HTML, Interactions Between Multiple Tags conflicting headers, resolution of, Proxy Requests CONNECT requests, Proxy Requests, CONNECT Connolly, Dan, Tales of the Stone Age: 1945 to 1994 content directives, on subresources, Defensive Uses of Content-Disposition content inclusion in HTML, HTTP/HTML Integration Semantics, HTTP/HTML Integration Semantics, Forms and Form-Triggered Requests hyperlinking and, HTTP/HTML Integration Semantics type-specific, Forms and Form-Triggered Requests content recognition, Content Recognition Mechanisms content rendering, plug-ins for, Content Rendering with Browser Plug-ins Content Security Policy (CSP), Content Security Policy, Primary CSP Directives, Policy Violations, Other Developments, XSS Filtering criticisms of, Primary CSP Directives violations, Policy Violations content sniffing, Content Recognition Mechanisms, Downloaded Files and Other Non-HTTP Content, Problems to Keep in Mind in Web Application Design Content-Disposition directive, Resolution of Duplicate or Conflicting Headers, Header Character Set and Encoding Schemes, Error-Handling Rules, Type-Specific Content Inclusion, Scalable Vector Graphics, Unrecognized Content Type, Defensive Uses of Content-Disposition defensive uses, Unrecognized Content Type NUL character and, Header Character Set and Encoding Schemes plug-in-executed code and, Defensive Uses of Content-Disposition user-controlled filenames in, Error-Handling Rules Content-Length header, Basic Syntax of HTTP Traffic, Referer Header Behavior, 400-499: Client-Side Error, Same-Origin Policy for XMLHttpRequest in keepalive sessions, 400-499: Client-Side Error Content-Type directive, Semicolon-Delimited Header Values, Basic Concepts Behind HTML Documents, Type-Specific Content Inclusion, Plaintext Files, Plaintext Files, Plaintext Files, Plaintext Files, Bitmap Images, Audio and Video, XML-Based Documents, RSS and Atom Feeds, RSS and Atom Feeds, Content Rendering with Browser Plug-ins, Policy File Spoofing Risks, Content Recognition Mechanisms, Document Type Detection Logic, Special Content-Type Values, Special Content-Type Values, Special Content-Type Values, Unrecognized Content Type, Unrecognized Content Type, Unrecognized Content Type, Defensive Uses of Content-Disposition, Content Directives on Subresources, Downloaded Files and Other Non-HTTP Content, Downloaded Files and Other Non-HTTP Content, Character Set Handling, Detection for Non-HTTP Files, Detection for Non-HTTP Files, Detection for Non-HTTP Files and XML document parsing, XML-Based Documents application/binary, Detection for Non-HTTP Files application/JavaScript, Plaintext Files application/json, Plaintext Files, Unrecognized Content Type application/mathml+xml, Audio and Video application/octet-stream, Special Content-Type Values, Detection for Non-HTTP Files charset parameter, Downloaded Files and Other Non-HTTP Content, Character Set Handling image/jpeg, Bitmap Images, Unrecognized Content Type, Downloaded Files and Other Non-HTTP Content image/svg+xml, RSS and Atom Feeds logic to handle absence, Content Recognition Mechanisms plug-ins and, Content Rendering with Browser Plug-ins, Defensive Uses of Content-Disposition slash-delmited alphanumeric tokens in, Document Type Detection Logic special values, Special Content-Type Values text/css, Plaintext Files text/html, RSS and Atom Feeds text/plain, Plaintext Files, Policy File Spoofing Risks, Special Content-Type Values, Content Directives on Subresources, Detection for Non-HTTP Files unrecognized, Unrecognized Content Type control characters, JavaScript shorthand notation, Access to Other Documents Cookie header. See cookies, Problems to Keep in Mind in Web Application Design cookie injection, Problems to Keep in Mind in Web Application Design cookie-authenticated text, reading, Beyond the Threat of a Single Click cookies, The First Browser Wars: 1995 to 1999, Caching Behavior, HTTP Cookie Semantics, Error-Handling Rules, Security Policy for Cookies, Security Policy for Cookies, The Unusual Danger of “localhost”, Prohibited Ports, URL- and Protocol-Level Proposals, Problems to Keep in Mind in Web Application Design and DNS hijacking, The Unusual Danger of “localhost” and same-origin policy, Security Policy for Cookies deleting, HTTP Cookie Semantics forcing, Problems to Keep in Mind in Web Application Design limitations on third-party, Prohibited Ports security policy for, Security Policy for Cookies semantics, Caching Behavior user data in, Error-Handling Rules CORS.

Learning Node.js: A Hands-On Guide to Building Web Applications in JavaScript by Marc Wandschneider

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

database schema, en.wikipedia.org, Firefox, Google Chrome, node package manager, telemarketer, web application

It is thus that you are not going to develop the photo album much further in its current form, but continue to look at some modules that will clean up your code significantly and allow you to add features quickly and with little code. You will do so using the Express Application Framework for Node. 133 This page intentionally left blank Part III Writing Web Applications 7 Building Web Applications with Express 137 8 Databases I: NoSQL (MongoDB) 161 9 Databases II: SQL (MySQL) 189 This page intentionally left blank 7 Building Web Applications with Express T hus far, you have been learning the fundamentals and core concepts of Node.js; armed with these ideas, you have built some simple applications, although you’ve had to write a lot of code to do some reasonably basic things. It’s time to change gears a bit and start building more interesting web applications, using one of the biggest strengths of Node: the huge collection of libraries and modules available to you through npm. Now that you understand the core workings of Node and modules, it’s time to start finding ways to make your life significantly easier and your development much faster.

He authored PHP and MySQL LiveLessons and Core Web Application Development with PHP and MySQL. Introduction Welcome to Learning Node.js. Node.js is an exciting new platform for writing network and web applications that has created a lot of buzz over the past couple of years and rapidly gathered a sizeable following in the developer community. In this book, I teach you more about it, why it is special, and get you up and writing Node.js programs in short order. You’ll soon find that people are rather flexible with the name of Node.js and will refer to it frequently as just Node or even “node.” I certainly do a lot of that in this book as well. Why Node.js? Node.js has arisen for a couple of primary reasons, which I explain next. The Web In the past, writing web applications was a pretty standard process.

As part of this, all these companies are investing heavily in the JavaScript portion of these systems as modern web applications continue to grow ever-more dynamic and script-based. In particular, Google Chrome’s V8 JavaScript runtime is particularly fast and also open-sourced for use by anybody. With all these things in place, the opportunity arose for somebody to come along with a new approach to network (web) application development. Thus, the birth of Node.js. What Exactly Is Node.js? In 2009, a fellow named Ryan Dahl was working for a company called Joyent, a cloud and virtualization services company in California. He was looking to develop push capabilities for What Exactly Is Node.js? web applications, similar to how Gmail does it, and found most of what he looked at not quite appropriate. He eventually settled on JavaScript because it lacked a robust input/output (I/O) model (meaning he could write his own new one) and had the fast and fully programmable V8 runtime readily available.

pages: 157 words: 35,874

Building Web Applications With Flask by Italo Maia

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

continuous integration, create, read, update, delete, Debian, en.wikipedia.org, Firefox, full stack developer, minimum viable product, MVC pattern, premature optimization, web application

Knowing your way around Jinja2 will save you a lot of headaches. Next chapter, we will be studying forms with Flask. Expect a lot of examples and complementary code, as forms are the doors you open from your Web application to the Web. Most problems arise from the Web, as well as most of your data. Chapter 4. Please Fill in This Form, Madam Have you ever imagined what happens when you fill in a form on a website and click on that fancy Send button at the end of it? Well, all the data you wrote—comment, name, checkbox, or whatever—is encoded and sent through a protocol to the server, which then routes that information to the Web application. The Web application will validate the data origin, read the form, validate the data syntactically then semantically, and then decide what to do with it. Do you see that long chain of events where every link might be the cause of a problem?

Importing the test dependencies from within the test and cleaning the database are common ways to do that. The preceding case is common when writing scripts or desktop applications. A web application has different needs regarding the tests. A web application code usually runs in response to user interaction through a browser request and returns a response as the output. To test in this kind of environment, we have to simulate requests and properly test the response content, which is usually not as straightforward as the output of our sum_fnc. A response may be any kind of document and it may have different sizes and content, and you even have to worry about the response HTTP code, which holds a lot of contextual meaning. To help you test your views and simulate user interaction with your web application, Flask gives you a test client tool through which you can send requests in any valid HTTP method to your application.

Extensions, How I Love Thee How to configure extensions Flask-Principal and Flask-Login (aka Batman and Robin) Admin like a boss Custom pages Summary 10. What Now? You deploy better than my ex Placing your code in a server Setting up your database Setting up the web server StackOverflow Structuring your projects Summary Postscript Index Building Web Applications with Flask * * * Building Web Applications with Flask Copyright © 2015 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented.

pages: 190 words: 52,865

Full Stack Web Development With Backbone.js by Patrick Mulder

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Airbnb, create, read, update, delete, Debian, MVC pattern, node package manager, Ruby on Rails, side project, single page application, web application

. • You are a frontend developer with interests in single-page web applications or in‐ teractive widgets in web browsers. You maybe found jQuery not meeting your goals anymore and are looking to learn what Backbone.js is about. • You are a product manager or team lead that is responsible for making technology choices. If you want to understand where Backbone.js and JavaScript fit in your technolgoy stack, this book is for you. Building single-page web applications involves more than just questions around inter‐ faces, so this book also discusses basics of JavaScript modules, build approaches, and API backends. When scanning the table of contents this book, you might discover that JavaScript offers a number of interesting options. viii | Preface Hopefully this book can show paths to structure web applications in a new way, toward friendlier and more scalable web applications.

However, the user interface is just a layer in a larger application stack, and the design of interactions takes more than just patching existing web applications. JavaScript is a good choice to drive an application stack for web interactions, but it also brings new demands on concepts and data schemas. The goal of this book is to show how clientside applications can evolve from basic interaction ideas, and how more modular and maintainable web applications can be built. Other Resources To understand the perspectives in this book, you need a sound knowledge of JavaScript, browsers, and DOM manipulation, as well as a basic knowledge of web applications. Also, there are a number of resources available to go deeper into single-page application development. The JavaScript Language To learn JavaScript, there are a number of good resources available: JavaScript Garden This is an open source resource on programming in JavaScript.

Conclusion In this chapter, you learned about advanced approaches to DOM manipulation with JST and ECO templates. You also learned to browserify templates with a transform. You then met build automation wiht Grunt.js and a very basic Gruntfile.js to support you with application development. Now that we’ve applied better templating to it, our web application is almost ready for deployment. You still need to learn more about APIs, and how to connect those to your Backbone models and collections to build a fully working web application. As build processes are an important part of JavaScript web applications, you will also learn more about workflow automation in Chapter 10. In addition, you will be introduced to more Backbone plug-ins for special types of interactions in the following chapters. 82 | Chapter 6: Advanced View Templates CHAPTER 7 Synchronizing State The previous chapters offered a preliminary glance of state in the browser.

pages: 210 words: 42,271

Programming HTML5 Applications by Zachary Kessin

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

barriers to entry, continuous integration, fault tolerance, Firefox, Google Chrome, mandelbrot fractal, QWERTY keyboard, web application, WebSocket

URL query string separator, Debugging Manifest Files A Abelson, Harold, Functional Programming acceptance tests, Testing JavaScript Applications accessibility, Accessibility Through WAI-ARIA Accessible Rich Internet Applications, Accessibility Through WAI-ARIA actions, Selenium, Selenium Commands ActiveX controls, IndexedDB add() method (IndexedDB), Adding and Updating Records airplane mode, Adding Power to Web Applications Ajax, Developing Web Applications, Nonblocking I/O and Callbacks, Nonblocking I/O and Callbacks, Functional Programming, Functional Programming, A Simple Example, Offline Loading with a Data Store, Storing Changes for a Later Server Sync, Uploading Files, Structure of the Manifest File calls, Nonblocking I/O and Callbacks, Functional Programming, A Simple Example, Offline Loading with a Data Store, Storing Changes for a Later Server Sync, Structure of the Manifest File DataStore object, Nonblocking I/O and Callbacks uploading files with, Uploading Files versus XHR terminology, Functional Programming alert() method, Nonblocking I/O and Callbacks alt attribute, Accessibility Through WAI-ARIA Android, Selenium RC and a Test Farm, New Form Types _AndWait commands (Selenium), Selenium Commands anonymous functions, Lambda Functions Are Powerful Apache web server, Introduction to the Manifest File append() method, Uploading Files appending an image example, Working with Files Apple Safari, JavaScript’s Triumph, A Pattern for Reuse of Multithread Processing, Libraries for Web Workers, Web Sockets Aptana, JavaScript Tools You Should Know archive files, Drag-and-Drop array, Functional Programming, Array Iteration Operations, You Can Extend Objects, Too iteration operations, Array Iteration Operations, You Can Extend Objects, Too map function, Functional Programming assertElementPresent command (Selenium), Selenium Commands assertions, Selenium, Selenium Commands <audio> tag, Audio and Video automatic updates, Developing Web Applications B base types, extending, Prototypes and How to Expand Objects beforeload event handler, Offline Loading with a Data Store Benedetti, Ryan, JavaScript’s Triumph binary data, The Web Sockets Interface binding variables, Closures blob data type, Blobs BlobBuilder, Blobs Booleans as objects, Prototypes and How to Expand Objects bottlenecks, Splitting Up Work Through Web Workers, JavaScript Tools You Should Know Breadcrumbs specs, Microdata browsers, The Web As Application Platform, Developing Web Applications, Lambda Functions Are Powerful, Testing JavaScript Applications, Selenium RC and a Test Farm, Local Storage, jStore, Updates to the Manifest File, Updates to the Manifest File, Debugging Manifest Files (see also Chrome, Firefox, Internet Explorer, Safari) cache control header issues, Updates to the Manifest File, Debugging Manifest Files data storage and, Local Storage, jStore differences among, Testing JavaScript Applications function inside an if, Lambda Functions Are Powerful interactivity, The Web As Application Platform, Developing Web Applications testing on multiple, Selenium RC and a Test Farm buildMaster() method, Web Worker Fractal Example built-in objects, Prototypes and How to Expand Objects buttons, Lambda Functions Are Powerful, Closures, A Simple Example, Testing with QUnit, Selenium, Selenium Commands, Selenese Command Programming Interface click callbacks, Lambda Functions Are Powerful, A Simple Example, Testing with QUnit closures, Closures testing, Selenium, Selenese Command Programming Interface with XPath, Selenium Commands C C-type languages, Lambda Functions Are Powerful cache control headers, Updates to the Manifest File, Debugging Manifest Files cache() method, Expanding Functions with Prototypes Cagle, Kurt, Canvas and SVG callbacks, Nonblocking I/O and Callbacks, Lambda Functions Are Powerful, Closures, Array Iteration Operations, Testing JavaScript Applications, A Simple Example, Adding and Updating Records, Retrieving Data, Uploading Files, A Pattern for Reuse of Multithread Processing, Web Socket Example alternatives to for loops, Array Iteration Operations button, A Simple Example closures to construct, Closures cursor, Adding and Updating Records on DOM elements, Testing JavaScript Applications from ports, Web Socket Example and Web Workers, A Pattern for Reuse of Multithread Processing write, Retrieving Data XHMLHttpRequest, Uploading Files Canvas, Graphics, Web Worker Fractal Example <canvas> tag, Graphics changes, storing, Storing Changes for a Later Server Sync chat applications, Web Sockets checksum, manifest, Updates to the Manifest File Chrome, Google, JavaScript’s Triumph, Closures, Closures, The localStorage and sessionStorage Objects, The localStorage and sessionStorage Objects, IndexedDB, Blobs, Filesystem, Events, Events, Testing and Debugging Web Workers, Testing and Debugging Web Workers, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing, Web Sockets, Tags for Applications, JavaScript Tools You Should Know BlobBuilder support, Blobs debugging web workers in, Testing and Debugging Web Workers Dev tools, Closures, The localStorage and sessionStorage Objects, Testing and Debugging Web Workers filesystem access, Filesystem IndexedDB in, IndexedDB list of closed variables, Closures manifest list, Events postMessage() in, A Pattern for Reuse of Multithread Processing <progress> tag support, Tags for Applications Speed Tracer, JavaScript Tools You Should Know storage viewer, The localStorage and sessionStorage Objects, Events web socket support, Web Sockets web worker support in, A Pattern for Reuse of Multithread Processing Church, Alonzo, Lambda Functions Are Powerful click command (Selenium), Selenium Commands client-side data storage, Local Storage Clojure, Web Socket Example ClojureScript, JavaScript Tools You Should Know close() method, The Worker Environment, The Web Sockets Interface closures, Nonblocking I/O and Callbacks, Closures, Closures, Array Iteration Operations, IndexedDB cloud test farms, Automatically Running Tests CoffeeScript, JavaScript Tools You Should Know color form input, New Form Types composite functions, Functional Programming config files, web server, Introduction to the Manifest File confirm() method, Nonblocking I/O and Callbacks content delivery network, Taking It Offline controls attribute, Audio and Video cookies, The localStorage and sessionStorage Objects, Using localStorage in ExtJS, Web Sockets CouchDB, IndexedDB Cranley, Ronan, JavaScript’s Triumph createObjectURL() method, Blobs Crockford, Douglas, JavaScript’s Triumph, The Power of JavaScript, JavaScript Tools You Should Know cross-platform web development, Developing Web Applications CruiseControl, Selenese Command Programming Interface currying, Currying and Object Parameters D data record example, IndexedDB data storage, Adding Power to Web Applications, Local Storage, jStore data trees, You Can Extend Objects, Too databases, Adding Power to Web Applications, Local Storage, IndexedDB, Deleting Data, IndexedDB, Adding and Updating Records, Retrieving Data, Deleting Data adding and updating records, Adding and Updating Records deleting data from, Deleting Data IndexedDB, Adding Power to Web Applications, IndexedDB, Deleting Data retrieving data from, Retrieving Data SQLite, Local Storage DataStore object (Ajax), Nonblocking I/O and Callbacks date form input, New Form Types dblclick command (Selenium), Selenium Commands debugging, JavaScript’s Triumph, Lambda Functions Are Powerful, Debugging Manifest Files, Splitting Up Work Through Web Workers, Testing and Debugging Web Workers, JavaScript Tools You Should Know Firebug, JavaScript’s Triumph, Lambda Functions Are Powerful and JSMin, JavaScript Tools You Should Know manifest files, Debugging Manifest Files and Web Workers, Splitting Up Work Through Web Workers, Testing and Debugging Web Workers $.decode() method (Hive API), Libraries for Web Workers decoratedFib(), Expanding Functions with Prototypes deepEqual() method, Testing with QUnit defer() method, Offline Loading with a Data Store degradation, handling, Testing JavaScript Applications deleteEach() method, Deleting Data doConditionalLoad() method, Offline Loading with a Data Store DOM (Document Object Model), The Web As Application Platform, Developing Web Applications, Testing JavaScript Applications downloading events, Events Drag and Drop widget, JavaScript Tools You Should Know drag-and-drop, Selenium Commands, Files, Drag-and-Drop Dragonfly, Opera, JavaScript’s Triumph, A Pattern for Reuse of Multithread Processing drop event (DOM), Drag-and-Drop drop handler example, Working with Files drop zone example, Putting It All Together DSt library, DSt E Eclipse, JavaScript Tools You Should Know ECMAScript objects, The Worker Environment Emacs JS2 mode, JavaScript Tools You Should Know email form input, New Form Types enclosing scope, Lambda Functions Are Powerful $.encode() method (Hive API), Libraries for Web Workers engines available in JQuery, jStore equal() method, A Simple Example, Testing with QUnit Erlang Yaws, Web Socket Example, Erlang Yaws errors, Retrieving Data, Events, Testing and Debugging Web Workers, Geolocation ETags, Offline Loading with a Data Store event loops, Splitting Up Work Through Web Workers, JavaScript Tools You Should Know Event Machine, Ruby, Ruby Event Machine Events specs, Microdata every() method, Array Iteration Operations expanding functions with prototypes, Expanding Functions with Prototypes, Expanding Functions with Prototypes extending base types, Prototypes and How to Expand Objects ExtJS, JavaScript’s Triumph, Lambda Functions Are Powerful, Currying and Object Parameters, Selenium Commands, Using localStorage in ExtJS button with function as handler, Lambda Functions Are Powerful click event problems, Selenium Commands currying parameters in, Currying and Object Parameters library, JavaScript’s Triumph localStorage object in, Using localStorage in ExtJS F FALLBACK section, manifest, Structure of the Manifest File feature detection, A Pattern for Reuse of Multithread Processing Fibonacci sequences, calculating, Expanding Functions with Prototypes FileReader API, Working with Files files, Adding Power to Web Applications, Files, Filesystem, Debugging Manifest Files FileSystem API, Filesystem filter() method, Array Iteration Operations, You Can Extend Objects, Too Firebug, JavaScript’s Triumph, Lambda Functions Are Powerful, Closures, The localStorage and sessionStorage Objects, Working with Files, Splitting Up Work Through Web Workers, Testing and Debugging Web Workers, Testing and Debugging Web Workers, JavaScript Tools You Should Know anonymous functions, Lambda Functions Are Powerful colorizing in script tag, JavaScript Tools You Should Know debugging web workers in, Testing and Debugging Web Workers developer tools, Testing and Debugging Web Workers editing storage object, The localStorage and sessionStorage Objects full path file names, Working with Files scope chain, Closures and Web Workers, Splitting Up Work Through Web Workers Firefox, Mozilla, Prototypes and How to Expand Objects, Array Iteration Operations, Array Iteration Operations, Selenium, Constructing Tests with the Selenium IDE, The localStorage and sessionStorage Objects, IndexedDB, Blobs, Debugging Manifest Files, Debugging Manifest Files, Worker Communication, Testing and Debugging Web Workers, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing, Web Sockets, Tags for Applications developers’ site, Prototypes and How to Expand Objects, Array Iteration Operations IndexedDB in, IndexedDB iteration methods in, Array Iteration Operations manifest file opt-in issue, Debugging Manifest Files MozBlobBuilder, Blobs MozWebSockets, Web Sockets passing complex JavaScript objects, Worker Communication postMessage() in, A Pattern for Reuse of Multithread Processing <progress> tag support, Tags for Applications Selenium IDE for, Selenium, Constructing Tests with the Selenium IDE, Debugging Manifest Files storage objects in, The localStorage and sessionStorage Objects web workers in, Testing and Debugging Web Workers, A Pattern for Reuse of Multithread Processing FireRainbow, JavaScript Tools You Should Know first class citizens, Lambda Functions Are Powerful, Functional Programming :first-child() CSS selector, New CSS Flanagan, David, The Power of JavaScript flow control, Selenium Commands for loops, alternatives to, Array Iteration Operations forks, Adding Power to Web Applications FormData interface, Uploading Files fractal computation examples, Web Worker Fractal Example, Web Worker Fractal Example Fulton, Jeff, Graphics, Canvas and SVG Fulton, Steve, Graphics, Canvas and SVG function expressions, Lambda Functions Are Powerful function generators, Closures function interceptor example, Expanding Functions with Prototypes Function prototype, Expanding Functions with Prototypes function statements, Lambda Functions Are Powerful functional programming, Functional Programming, Functional Programming, JavaScript Tools You Should Know functions, Lambda Functions Are Powerful, Lambda Functions Are Powerful, Closures, Functional Programming, Functional Programming anonymous, Lambda Functions Are Powerful as first class citizens, Lambda Functions Are Powerful, Functional Programming higher order, Functional Programming inner and outer, Closures functions, expanding with prototypes, Expanding Functions with Prototypes, Expanding Functions with Prototypes G Garret, Jesse James, Functional Programming Gears, Google, Developing Web Applications, Local Storage, Introduction to the Manifest File, Splitting Up Work Through Web Workers offline file access, Introduction to the Manifest File SQLite database, Local Storage worker pool, Splitting Up Work Through Web Workers geolocation, Maps, Geolocation $.get() method (Hive API), Libraries for Web Workers getBlob() method (BlobBuilder), Blobs getCurrentPosition() method, Geolocation getEval() method (Selenese API), Selenese Command Programming Interface getText() method (Selenese API), Selenese Command Programming Interface getXpathCount() method (Selenese API), Selenese Command Programming Interface Gmail, Google’s, Files, Web Sockets Goerzen, John, Functional Programming Google Chrome, Tags for Applications (see Chrome, Google) Google Gears, Developing Web Applications (see Gears, Google) Google search predefined vocabularies, Microdata Google Web Toolkit, JavaScript’s Triumph grid object (ExtJS), Using localStorage in ExtJS H handleButtonClick() function, A Simple Example Haskell, Currying and Object Parameters Head First jQuery (Benedetti & Cranley), JavaScript’s Triumph Hello World testing example, Selenese Command Programming Interface Hickey, Rich, JavaScript Tools You Should Know High Performance JavaScript (Zakas), The Power of JavaScript High Performance Web Sites (Souders), JavaScript Tools You Should Know higher order functions, Functional Programming hoisting, Lambda Functions Are Powerful <hr> tag, Accessibility Through WAI-ARIA, Accessibility Through WAI-ARIA, Accessibility Through WAI-ARIA HTML 5, Putting It All Together, Introduction to the Manifest File, Graphics, Web Worker Fractal Example, New Tags, New CSS, New Form Types, Canvas and SVG, New CSS Canvas, Graphics, Web Worker Fractal Example, Canvas and SVG manifest declaration example, Introduction to the Manifest File new CSS features, New CSS new form types, New Form Types new tags, New Tags, New CSS progress bar, Putting It All Together HTML5 Canvas (Fulton & Fulton), Graphics, Canvas and SVG HTML5 Graphics with SVG & CSS3 (Cagle), Canvas and SVG HTML5 Media (Powers), Audio and Video HTML5 Rocks tutorial, Canvas and SVG HTTP (Hypertext Transfer Protocol), Adding Power to Web Applications, Web Sockets, Erlang Yaws I I/O, Nonblocking I/O and Callbacks IDs, importance of assigning, Selenium if statement, Lambda Functions Are Powerful images, Functional Programming, Blobs, Working with Files, Drag-and-Drop, Filesystem, Filesystem, Debugging Manifest Files, Graphics, Graphics, Graphics, Web Worker Fractal Example, Canvas and SVG appending to documents, Working with Files and Canvas, Graphics editing, Filesystem, Graphics missing, Debugging Manifest Files progressive drawing, Web Worker Fractal Example scaling example, Functional Programming streaming video, Filesystem SVG, Canvas and SVG use of src attribute, Blobs, Graphics user access to, Drag-and-Drop <img> tag, Graphics, Accessibility Through WAI-ARIA importScripts() method, The Worker Environment independent event loops, Splitting Up Work Through Web Workers index() method, Adding Indexes IndexedDB, Adding Power to Web Applications, IndexedDB, Deleting Data indexes, adding/removing, Adding Indexes indexOf() method, Prototypes and How to Expand Objects info() method, Web Worker Fractal Example inner functions, Closures integration testing, Testing JavaScript Applications, Selenium interceptor methods, Expanding Functions with Prototypes Internet Explorer (IE), Microsoft, Array Iteration Operations, IndexedDB, A Pattern for Reuse of Multithread Processing iOS Selenium, testing applications for, Selenium RC and a Test Farm iPad/iPod/iPhone platform, Selenium RC and a Test Farm, A Pattern for Reuse of Multithread Processing isDuplicate() method, Deleting Data isElementPresent() method (Selenese API), Selenese Command Programming Interface isTextPresent() method (Selenese API), Selenese Command Programming Interface itemprop attribute, Microdata itemscope attribute, Microdata itemtype attribute, Microdata J JavaScript, JavaScript’s Triumph, JavaScript’s Triumph, Nonblocking I/O and Callbacks, Lambda Functions Are Powerful, Lambda Functions Are Powerful, Closures, Functional Programming, Functional Programming, Prototypes and How to Expand Objects, Prototypes and How to Expand Objects, Prototypes and How to Expand Objects, Expanding Functions with Prototypes, Prototypes and How to Expand Objects, Expanding Functions with Prototypes, Expanding Functions with Prototypes, Currying and Object Parameters, Array Iteration Operations, You Can Extend Objects, Too, You Can Extend Objects, Too, Testing JavaScript Applications, Splitting Up Work Through Web Workers, Worker Communication, JavaScript Tools You Should Know, JavaScript Tools You Should Know, JavaScript Tools You Should Know array iteration operations, Array Iteration Operations, You Can Extend Objects, Too closures, Closures currying and object parameters, Currying and Object Parameters expanding functions, Expanding Functions with Prototypes, Expanding Functions with Prototypes expanding objects, Prototypes and How to Expand Objects, Prototypes and How to Expand Objects extending objects, You Can Extend Objects, Too function statement and function expression, Lambda Functions Are Powerful functional programming in, Functional Programming, Functional Programming functions act as data in, Lambda Functions Are Powerful helpful tools for, JavaScript Tools You Should Know, JavaScript Tools You Should Know libraries, JavaScript’s Triumph nonblocking I/O and callbacks, Nonblocking I/O and Callbacks passing objects in Firefox, Worker Communication primitives in, Prototypes and How to Expand Objects prototypes, Prototypes and How to Expand Objects, Expanding Functions with Prototypes recent improvements in, JavaScript’s Triumph runtime event loop, Splitting Up Work Through Web Workers runtime model, Testing JavaScript Applications syntax checker, JavaScript Tools You Should Know JavaScript Patterns (Stefanov), The Power of JavaScript JavaScript: The Definitive Guide (Flanagan), The Power of JavaScript JavaScript: The Good Parts (Crockford), JavaScript’s Triumph, The Power of JavaScript, JavaScript Tools You Should Know jQuery, JavaScript’s Triumph, Functional Programming, DSt, jStore, IndexedDB, IndexedDB, Libraries for Web Workers DSt plug-in, DSt Hive extension, Libraries for Web Workers IndexedDB plug-in, IndexedDB, IndexedDB jStore plug-in, jStore library, JavaScript’s Triumph, Functional Programming jQuery Cookbook (Lindley), JavaScript’s Triumph JS2 mode, Emacs, JavaScript Tools You Should Know JSBeautifier, JavaScript Tools You Should Know JSLint, The Power of JavaScript, JavaScript Tools You Should Know JSMin, JavaScript Tools You Should Know JSON manifest file, Introduction to the Manifest File JsonStore object, Offline Loading with a Data Store jStore plug-in, jStore L Lambda Calculus, Lambda Functions Are Powerful lambda functions, Lambda Functions Are Powerful lastIndexOf(), Prototypes and How to Expand Objects libraries, JavaScript’s Triumph, Libraries for Web Workers Lindley, Cody, JavaScript’s Triumph Lisp lambdas, Lambda Functions Are Powerful list recursion, Functional Programming list test examples, Testing JavaScript Applications load() method (JSON), Offline Loading with a Data Store local data storage, Adding Power to Web Applications, Local Storage, jStore local state provider, ExtJS, Using localStorage in ExtJS localStorage object, The localStorage and sessionStorage Objects, Using localStorage in ExtJS, Storing Changes for a Later Server Sync location object, The Worker Environment loops, Array Iteration Operations, Selenium Commands, Splitting Up Work Through Web Workers, Splitting Up Work Through Web Workers, A Pattern for Reuse of Multithread Processing for, Array Iteration Operations independent event, Splitting Up Work Through Web Workers runtime event, Splitting Up Work Through Web Workers and Selenium, Selenium Commands while, A Pattern for Reuse of Multithread Processing M macros, recording web, Selenium Mandelbrot computation examples, Web Worker Fractal Example, Web Worker Fractal Example manifest file, Adding Power to Web Applications, Introduction to the Manifest File, Debugging Manifest Files map() method, Array Iteration Operations, You Can Extend Objects, Too match() method, Prototypes and How to Expand Objects McCarthy, John, Lambda Functions Are Powerful MD5 checksum, Updates to the Manifest File memory leaks, Selenium Commands <meter> tag, Tags for Applications microdata, Microdata Microsoft Internet Explorer, Array Iteration Operations, IndexedDB, A Pattern for Reuse of Multithread Processing minification, JavaScript Tools You Should Know MongoDB, IndexedDB mouseDown command (Selenium), Selenium Commands mouseOver command (Selenium), Selenium Commands mouseUp command (Selenium), Selenium Commands MozBlobBuilder, Blobs Mozilla Firefox, Prototypes and How to Expand Objects (see Firefox, Mozilla) mozSlice() method (Firefox), Blobs MozWebSockets, Web Sockets N name/value pairs, Currying and Object Parameters navigator object, The Worker Environment .NET/CLR, Web Socket Example NETWORK section, manifest, Structure of the Manifest File node trees, You Can Extend Objects, Too Node.js, Web Sockets, Web Socket Example, JavaScript Tools You Should Know nonblocking I/O, Nonblocking I/O and Callbacks :not() CSS selector, New CSS notDeepEqual() method, Testing with QUnit notEqual() method, Testing with QUnit notStrictEqual() method, Testing with QUnit noupdate events, Events :nth-child() CSS selector, New CSS number form input, New Form Types numbers, Lambda Functions Are Powerful, Prototypes and How to Expand Objects, Prototypes and How to Expand Objects, Expanding Functions with Prototypes, Expanding Functions with Prototypes, Expanding Functions with Prototypes, Array Iteration Operations cubing example, Expanding Functions with Prototypes Fibonacci calculation examples, Expanding Functions with Prototypes, Expanding Functions with Prototypes as objects, Prototypes and How to Expand Objects squaring examples, Lambda Functions Are Powerful, Prototypes and How to Expand Objects, Array Iteration Operations O object parameters, Currying and Object Parameters object stores, IndexedDB, IndexedDB, Retrieving Data objects, extending, You Can Extend Objects, Too Offer-Aggregates specs, Microdata Offers specs, Microdata offline use, Local Storage, Offline Loading with a Data Store, Offline Loading with a Data Store, Storing Changes for a Later Server Sync, Introduction to the Manifest File, Debugging Manifest Files data access, Local Storage loading with data store, Offline Loading with a Data Store, Offline Loading with a Data Store manifest file, Introduction to the Manifest File, Debugging Manifest Files storing changes, Storing Changes for a Later Server Sync ok() method, Testing with QUnit onclose() method, The Web Sockets Interface onmessage() method, Using Web Workers, Web Worker Fractal Example, A Pattern for Reuse of Multithread Processing onopen() method, The Web Sockets Interface open command (Selenium), Selenium Commands Opera Dragonfly, JavaScript’s Triumph, A Pattern for Reuse of Multithread Processing Organizations specs, Microdata outer functions, Closures O’Reilly Answers website, The Power of JavaScript O’Sullivan, Bryan, Functional Programming P parameter blocks, Currying and Object Parameters path() method, You Can Extend Objects, Too pattern for reuse of multithread processing, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing Payne, Alex, Functional Programming People specs, Microdata persistent local storage, Local Storage PhoneGap, Developing Web Applications PHP, Lambda Functions Are Powerful phpUnderControl, Selenese Command Programming Interface PHPUnit testing framework, Automatically Running Tests, Selenese Command Programming Interface pixel, drawing a, Web Worker Fractal Example PollenJS library, Libraries for Web Workers populate_form() method (DSt), DSt populating (example), Prototypes and How to Expand Objects port 443 (wss), Setting Up a Web Socket port 80 (ws), Setting Up a Web Socket port 8080, Web Socket Example $.post() method (Hive API), Libraries for Web Workers postMessage() method, Using Web Workers, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing Powers, Shelley, Audio and Video PreloadStore object (JSON), Offline Loading with a Data Store pretty printer example, JavaScript Tools You Should Know primitives in JavaScript, Prototypes and How to Expand Objects Products specs, Microdata Programming Scala (Wampler & Payne), Functional Programming progress events, Events progress indicator examples, Putting It All Together, Tags for Applications <progress> tag, Tags for Applications prompt() method, Nonblocking I/O and Callbacks prototype object, Prototypes and How to Expand Objects prototypes, expanding functions with, Expanding Functions with Prototypes, Expanding Functions with Prototypes Q query access, IndexedDB QUnit, Testing JavaScript Applications, QUnit, Testing with QUnit, Running QUnit from Selenium R race conditions, IndexedDB, Splitting Up Work Through Web Workers raises() method, Testing with QUnit rar files, Drag-and-Drop RC server, Selenium, Selenium readAsArrayBuffer() method (FileReader), Working with Files readAsBinaryString() method (FileReader), Working with Files readAsText() method (FileReader), Working with Files readDataAsURL() method (FileReader), Working with Files Real World Haskell (Goerzen & Stewart), Functional Programming recall() method (DSt), DSt reduce(), reduceRight() methods, Array Iteration Operations refresh command (Selenium), Selenium Commands remove() method, Deleting Data replace() method, Prototypes and How to Expand Objects required attribute (forms), New Form Types Resig, John, JavaScript’s Triumph reuse of multithread processing, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing Review-Aggregates specs, Microdata Reviews specs, Microdata revokeBlobURL() method, Blobs Rhino, JavaScript Tools You Should Know role attribute, Accessibility Through WAI-ARIA route finder, Maps Ruby, Web Socket Example Ruby Event Machine, Ruby Event Machine run function example, A Pattern for Reuse of Multithread Processing run() method, Web Worker Fractal Example running average example, Array Iteration Operations runtime model, JavaScript, Testing JavaScript Applications S Safari Nightly builds, Blobs Safari, Apple’s, JavaScript’s Triumph, A Pattern for Reuse of Multithread Processing, Libraries for Web Workers, Web Sockets same origin policy, The localStorage and sessionStorage Objects, IndexedDB sandboxed environment, Developing Web Applications, Filesystem save queue examples, Storing Changes for a Later Server Sync Scala, Web Socket Example Scalable Vector Graphics, Canvas and SVG scaling images, Functional Programming scope, Lambda Functions Are Powerful, Closures <script> tag, The Worker Environment search form input, New Form Types Selenese, Selenium Commands, Selenese Command Programming Interface, Selenese Command Programming Interface Selenium, Testing JavaScript Applications, Selenium, Selenium, Selenium, Selenium Commands, Selenium Commands, Selenium Commands, Constructing Tests with the Selenium IDE, Constructing Tests with the Selenium IDE, Automatically Running Tests, Automatically Running Tests, Selenese Command Programming Interface, Selenese Command Programming Interface, Running QUnit from Selenium, Drag-and-Drop automatically running tests, Automatically Running Tests, Automatically Running Tests commands, Selenium Commands, Selenium Commands constructing tests, Constructing Tests with the Selenium IDE example tests, Selenium IDE, Selenium, Constructing Tests with the Selenium IDE location options, Selenium Commands no drag-and-drop, Drag-and-Drop running QUnit from, Running QUnit from Selenium Selenese, Selenese Command Programming Interface, Selenese Command Programming Interface test table, Selenium Selenium Grid, Automatically Running Tests Selenium RC server, Selenium, Selenium RC and a Test Farm self object, The Worker Environment Sencha ExtJS library, JavaScript’s Triumph send(“data”) method, The Web Sockets Interface server delay, Developing Web Applications, Web Sockets server polling, Web Sockets server-side testing, Testing JavaScript Applications, Testing JavaScript Applications, Selenese Command Programming Interface sessionStorage object, The localStorage and sessionStorage Objects, Using localStorage in ExtJS setInterval() method, Expanding Functions with Prototypes, The Worker Environment setTimeout() method, Expanding Functions with Prototypes, Testing with QUnit, The Worker Environment, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing setVersion transaction, Adding Indexes side effects, Functional Programming single-step mode, Selenium sleep() method, Selenese Command Programming Interface slice() method, Prototypes and How to Expand Objects, Blobs slider, form, New Form Types smartphones, Developing Web Applications some() method, Array Iteration Operations Souders, Steve, JavaScript Tools You Should Know speech input type, New Form Types Speed Tracer, JavaScript Tools You Should Know speed, data storage and, Local Storage split() method, Prototypes and How to Expand Objects SQL Injection attacks, IndexedDB SQLite versus IndexedDB, IndexedDB squaring numbers example, Prototypes and How to Expand Objects src attribute, Audio and Video StackOverflow website, The Power of JavaScript startWorker() method, Web Worker Fractal Example static data storage, Local Storage Stefanov, Stoyan, The Power of JavaScript step through, Selenium, Testing and Debugging Web Workers Stewart, Donald Bruce, Functional Programming stock price examples, Web Socket Example, Ruby Event Machine stop() method, A Pattern for Reuse of Multithread Processing storage events, The localStorage and sessionStorage Objects storage viewer widget, The localStorage and sessionStorage Objects $.storage() method (Hive API), Libraries for Web Workers store() method (DSt), DSt store_form() method (DSt), DSt strictEqual() method, Testing with QUnit string token replacement, Prototypes and How to Expand Objects strings, methods for, Prototypes and How to Expand Objects Structure and Interpretation of Computer Programs (Abelson & Sussman), Functional Programming structured data, query access to, IndexedDB subclassing, Currying and Object Parameters Sussman, Gerald Jay, Functional Programming SVG, Canvas and SVG <svg> tag, Graphics Symfony Yaml Library, Updates to the Manifest File T tar files, Drag-and-Drop TCP socket, Web Socket Protocol TCP/IP sockets, Web Sockets tel form input, New Form Types test machines, Automatically Running Tests test suites, Testing JavaScript Applications, QUnit, Testing with QUnit, Selenium, Selenium RC and a Test Farm, Selenium, Selenium, Running QUnit from Selenium programming language based, Selenium QUnit, QUnit, Testing with QUnit, Selenium, Running QUnit from Selenium Selenium, Selenium, Selenium RC and a Test Farm server-side, Testing JavaScript Applications Test-driven development, Testing JavaScript Applications, Testing JavaScript Applications thread safety, Splitting Up Work Through Web Workers threads, Adding Power to Web Applications time form input, New Form Types title attribute, Accessibility Through WAI-ARIA transaction object, database, IndexedDB transaction.abort() method (jQuery), IndexedDB transaction.done() method (jQuery), IndexedDB True Type font files, New CSS type command (Selenium), Selenium Commands U undefined value, Functional Programming unit testing, Testing JavaScript Applications update() method (IndexedDB), Adding and Updating Records updateEach() method (IndexedDB), Adding and Updating Records uploading files, Uploading Files URLs, QUnit, Blobs, Working with Files, Structure of the Manifest File, Events, Events, Debugging Manifest Files, The Web Sockets Interface adding ?

On the surface, many of HTML5’s changes add support for features (especially multimedia and graphics) that had previously required plug-ins, but underneath, it gives JavaScript programmers the tools they need to create standalone (or at least more loosely tethered) applications using HTML for structure, CSS for presentation, and JavaScript for logic and behavior. Adding Power to Web Applications HTML5 raises the bar for web applications. While it still has to work under security constraints, it finally provides tools that desktop developers have expected for years: Local data storage It can store up to 5 MB of data, referenced with a key-value system. Databases Originally a SQLite-based API, the tide seems to have shifted to IndexedDB, a NoSQL system that is natively JavaScript. Files While applications still can’t freely access the filesystem (for obvious security reasons), they can now work with files the user specifies and are starting to be able to create files as well. Taking it offline When a laptop or phone is in airplane mode, web applications are not able to communicate with the server. Manifest files help developers work around that by caching files for later use.

Web sockets Hypertext Transfer Protocol (HTTP) has been the foundation of the Web, despite a few updates over time. Web sockets transform the request-response approach to create much more flexible communication systems. There’s much more, of course—from geolocation to audio and video to Canvas graphics to a wide variety of minor new tags—but these provide the foundations for building industrial-strength applications in HTML5. Developing Web Applications In the old days, a complex web application might be a catalog, which would be static pages derived from a database, or a JavaScript loan calculator. But no one would have dreamed of doing complex applications in JavaScript. Those required Java or maybe a dedicated client/server application written in C or C++. Indeed, in the days before the DOM and Ajax, developing complex applications in JavaScript would have been pretty much impossible.

pages: 375 words: 66,268

High Performance JavaScript by Nicholas C. Zakas

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

en.wikipedia.org, Firefox, Google Chrome, sorting algorithm, web application

In reality, IE 6 hadn’t gotten any slower; it was just being asked to do more than it had previously. The types of early web applications being created when IE 6 was introduced in 2001 were much lighter and used much less JavaScript than those created in 2005. The difference in the amount of JavaScript code became clear as the IE 6 JavaScript engine struggled to keep up due to its static garbage-collection routine. The engine looked for a fixed number of objects in memory to determine when to collect garbage. Earlier web application developers had run into this threshold infrequently, but with more JavaScript code comes more objects, and complex web applications began to hit this threshold quite often. The problem became clear: JavaScript developers and web applications had evolved while the JavaScript engines had not. Although other browsers had more logical garbage collection routines, and somewhat better runtime performance, most still used a JavaScript interpreter to execute code.

With all browsers supporting the DOM and (more or less) the same version of JavaScript, a web application platform was born. Despite this huge leap forward, with a common API against which to write JavaScript, the JavaScript engines in charge of executing that code remained mostly unchanged. Why Optimization Is Necessary The JavaScript engines that supported web pages with a few dozen lines of JavaScript in 1996 are the same ones running web applications with thousands of lines of JavaScript today. In many ways, the browsers fell behind in their management of the language and in doing the groundwork so that JavaScript could succeed at a large scale. This became evident with Internet Explorer 6, which was heralded for its stability and speed when it was first released but later reviled as a horrible web application platform because of its bugs and slowness.

• Generally speaking, you can improve the performance of JavaScript code by storing frequently used object members, array items, and out-of-scope variables in local variables. You can then access the local variables faster than the originals. By using these strategies, you can greatly improve the perceived performance of a web application that requires a large amount of JavaScript code. Summary | 33 CHAPTER 3 DOM Scripting Stoyan Stefanov DOM scripting is expensive, and it’s a common performance bottleneck in rich web applications. This chapter discusses the areas of DOM scripting that can have a negative effect on an application’s responsiveness and gives recommendations on how to improve response time. The three categories of problems discussed in the chapter include: • Accessing and modifying DOM elements • Modifying the styles of DOM elements and causing repaints and reflows • Handling user interaction through DOM events But first—what is DOM and why is it slow?

Catalyst 5.8: The Perl MVC Framework by Antano Solar John, Jonathan Rockway, Solar John Antano

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

c2.com, create, read, update, delete, database schema, Debian, en.wikipedia.org, Firefox, MVC pattern, Ruby on Rails, web application

Summary Chapter 2: Creating a Catalyst Application Creating the application skeleton Latest helper scripts Files in the MyApp directory Files in the lib directory Files in the root directory Files in the script directory Files in the t directory Handling URL requests Adding a View More on Controller methods Some technical details Adding a database Installing SQLite Creating a database schema 1 7 8 9 10 10 11 11 12 13 13 14 17 17 23 23 24 24 25 25 26 28 32 35 35 36 36 Table of Contents Creating a database model for Catalyst Using the Model Summary 37 37 39 Chapter 3: Building a Real Application 41 Chapter 4: Expanding the Application 67 Environment setup Database design Understanding the interface to the database TTSite Creating the index page Creating a "Not Found" page Viewing people Basic CRUD Forms Finishing up Summary Configuration files Configuring the address book Sessions Adding sessions to the address book Sessions in the database Using components from outside Catalyst Searching and paging Authentication and authorization Authentication Authorization Adding authentication and authorization to the address book Summary Chapter 5: Building a More Advanced Application The application Background Creating the database Populating the database Extracting the data Chained resultsets Custom resultsets Putting the data on the Web Summary [ ii ] 41 42 44 48 50 51 52 55 56 60 65 67 69 70 71 73 75 79 87 87 89 91 101 103 103 106 106 110 114 118 120 120 139 Table of Contents Chapter 6: Building Your Own Model 141 Chapter 7: Hot Web Topics 155 Creating a database model from scratch Extending a DBIx::Class model Custom methods without raw SQL Calling database functions Implementing a Filesystem model Tweaking the model Request context inside the model Maintainable models Other components Summary REST Getting some REST 141 143 145 145 146 150 151 152 154 154 155 157 REST Controller REST authentication Adding an entity REST easy 157 158 159 165 AJAX Getting started 165 166 Implementing AJAX RSS Summary 168 173 175 Jemplate 166 Chapter 8: Moose 177 Moose introduction OO in Perl OO in Moose 177 177 178 Properties Class method Instantiating objects 179 179 180 Inheritance Moose in Catalyst Controller CatalystX declare CatalystX Roles Types Model Immutable Summary 180 181 182 182 185 185 186 187 188 188 [ iii ] Table of Contents Chapter 9: Deployment 189 Basics PAR deployment Configuration management Configuring a web server Apache 189 191 192 192 193 FastCGI Static content mod_perl Performance considerations 193 194 195 196 Development server and perlbal Database Versioning code Summary 196 198 198 199 Chapter 10: Testing 201 Index 221 Mechanics Testing ChatStat Testing a database Testing the web interface Testing the AddressBook Logging in Testing forms Testing JavaScript Summary 202 204 205 208 211 211 213 215 219 [ iv ] Preface Have you ever created a web application that is almost done but is hard to complete? It is a well known fact that 20 percent of the work takes 80 percent of the time in software development (80-20 rule Frednic Brooks). One of the reasons contributing to this is that it is easy to build web applications, but it's not so easy to build clean, scalable, and extendable web applications. MVC architecture aims at reducing most of the overheads involved in making this transition easy. Catalyst provides a mechanism to implement MVC and more complex design patterns for web application development. This books aims at taking you step- by-step from showing how MVC simplifies creating quality applications to how Catayst allows you to tap this power instantly.

Remember that the best practice is to always have the definition and behavior of the data in the model, which allows for the Controller to become a glue and as thin. The View can then be independent to render the data. [ 154 ] Hot Web Topics Traditionally, web applications were lonely and isolated. Each of them had their own set of users and data, and never acknowledged the existence of other applications. Today, things are changing. Web applications provide public APIs so that other applications can programmatically interact with their data and users. Users can visit sites and later request that the site notifies them when it has been updated. Another new development is the widespread adoption of dynamic JavaScriptenabled web applications. Gone are the days of slow waits between pages while things get loaded; AJAX allows web applications to be almost as responsive as native desktop applications. In this chapter, we'll take a look at how to get your Catalyst application in on the fun!

Finally, the main project website, http://www.catalystframework.org/, provides links to useful community tools including the Catalyst wiki, Planet Catalyst (a collection of Catalyst-related blog postings), and the Catalyst Advent Calendar (a mini cookbook published every December). As always, before posting to the mailing list or asking on IRC, do a quick Google search to see if you're experiencing a common problem. Summary Many web applications are implemented in a way that makes developing them painful and repetitive. Catalyst, an MVC framework for Perl, lets you design and implement a web application in a natural, maintainable, and testable manner. Everything that your web application needs to do is written only once. You connect to the database in one place, have configuration in one place, and so on. Then, you just write actions for each URL that your application needs, without worrying about the database connections or HTML to produce. Catalyst will handle the details for you.

pages: 134 words: 29,488

Python Requests Essentials by Rakesh Vidya Chandra, Bala Subrahmanyam Varanasi

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

create, read, update, delete, en.wikipedia.org, MVC pattern, natural language processing, RFC: Request For Comment, RFID, supply-chain management, web application

In the next chapter, you will learn about the Flask microframework and we will build an application using it by following the best practices. [ 86 ] Implementing a Web Application with Python Using Flask To ensure prosperity in the process of learning about the Requests module, there seems to be nothing more important than an application of all the skills and knowledge that you attained until now. So, here we pave the way to apply the expertise you have gained till date, by creating a web application with the Flask framework. This will give you an in-depth knowledge of developing a practical web application and writing test cases for it. We do incline ourselves towards following the best practices and a hands-on approach in this process. Let us dive in to learn the stuff. What is Flask? Flask is a small yet powerful framework for creating web applications with Python. It can be called a micro framework.

His love for programming first sparked when he was introduced to LOGO in his school. After obtaining his bachelor's degree in Information Technology, he worked with Agiliq Info Solutions and built several web applications using Python. Rakesh is passionate about writing technical blogs on various open source technologies. When not coding, he loves to dance to hip-hop and listens to EDM. Bala Subrahmanyam Varanasi loves hacking and building web applications. He has a bachelor's degree in Information Technology. He has been in the software industry for the last three and a half years, where he worked with Agiliq Info Solutions and Crypsis Technologies. Bala has also built different web applications using Python, Ruby, and JavaScript. Apart from coding, he is interested in entrepreneurship and is the founder of Firebolt Labs. Currently, he is working as a software engineer at TinyOwl Technology.

You will also be introduced to using the BeautifulSoup library, its installation, and procedures to scrape the web using Python Requests and BeautifulSoup. We would like to thank www.majortests.com for allowing us to base the examples in this chapter around their website. Chapter 7, Implementing a Web Application with Python Using Flask, gives an introduction to the Flask framework and moves on to discuss how to develop a simple Survey application which deals with creating, listing and voting various questions. In this chapter you will acquire all the knowledge required to build a web application using Flask. What you need for this book You need the following software for this book: • Python 2.7 or above • Python Requests • BeautifulSoup • HTTPretty • Flask Who this book is for This book is for all Python developers, web developers, and even administrators who want to use Requests to make HTTP Requests to web servers and perform HTML scraping

pages: 249 words: 45,639

Learn Python the Hard Way by Zed Shaw

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

complexity theory, finite state, index card, web application

Then, just get back to learning to code and ignore their goal of indoctrination over education. Make A Simple "Hello World" Project Now you're going to make an initial very simple "Hello World" web application and project directory using lpthw.web. First, make your project directory: $ cd projects $ mkdir gothonweb $ cd gothonweb $ mkdir bin gothonweb tests docs templates $ touch gothonweb/__init__.py $ touch tests/__init__.py You'll be taking the game from Exercise 42 and making it into a web application, so that's why you're calling it gothonweb. Before you do that, we need to create the most basic lpthw.web application possible. Put the following code into bin/app.py: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 import web urls = ( '/', 'index' ) app = web.application(urls, globals()) class index: def GET(self): greeting = "Hello World" return greeting if __name__ == "__main__": app.run() Then run the application like this: $ python bin/app.py Finally, use your web browser and go to the URL http://localhost:8080/ and you should see two things.

It should work well enough for you to understand this exercise, but if not, read about it as much as you can until you get it. A really good way to do that is to take the diagram, and break different parts of the web application you did in Exercise 50. If you can break your web application in predictable ways using the diagram, you'll start to understand how it works. How Forms Work The best way to play with forms is to write some code that accepts form data, and then see what you can do. Take your bin/app.py file and make it look like this: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import web urls = ( '/hello', 'Index' ) app = web.application(urls, globals()) render = web.template.render('templates/') class Index(object): def GET(self): form = web.input(name="Nobody") greeting = "Hello, %s" % form.name return render.index(greeting = greeting) if __name__ == "__main__": app.run() Restart it (hit CTRL-c and then run it again) to make sure it loads again, then with your browser go to http://localhost:8080/hello which should display, "I just wanted to say Hello, Nobody."

Writing Automated Tests For Forms It's easy to test a web application with your browser by just hitting refresh, but come on, we're programmers here. Why do some repetitive task when we can write some code to test our application? What you're going to do next is write a little test for your web application form based on what you learned in Exercise 47. If you don't remember Exercise 47, read it again. You need to do a bit of setup to make Python let you load your bin/app.py file for testing. When we get to Exercise 52 you'll change this, but for now create an empty bin/__init__.py file so Python thinks bin/ is a directory. I've also created a simple little function for lpthw.web that lets you assert things about your web application's response, aptly named assert_response. Create the file tests/tools.py with these contents: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 from nose.tools import * import re def assert_response(resp, contains=None, matches=None, headers=None, status="200"): assert status in resp.status, "Expected response %r not in %r" % (status, resp.status) if status == "200": assert resp.data, "Response data is empty." if contains: assert contains in resp.data, "Response does not contain %r" % contains if matches: reg = re.compile(matches) assert reg.matches(contains), "Response does not match %r" % matches if headers: assert_equal(resp.headers, headers) Once that's in place you can write your automated test for the last version of the bin/app.py file you created.

pages: 999 words: 194,942

Clojure Programming by Chas Emerick, Brian Carper, Christophe Grand

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, Benoit Mandelbrot, cloud computing, continuous integration, database schema, domain-specific language, don't repeat yourself, en.wikipedia.org, failed state, finite state, Firefox, game design, general-purpose programming language, Guido van Rossum, Larry Wall, mandelbrot fractal, Paul Graham, platform as a service, premature optimization, random walk, Ruby on Rails, Schrödinger's Cat, semantic web, software as a service, sorting algorithm, Turing complete, type inference, web application

, Vectors vectors, Destructuring (let, Part 2), Sequential destructuring, Associative, Indexed, Vectors, Vectors, Visualizing persistence: maps (and vectors and sets), Transients, Common Macro Idioms and Patterns, Type Hinting for Performance, Growing an HTML DSL argument vectors, Type Hinting for Performance bindings, Common Macro Idioms and Patterns data structure type, Vectors defined, Vectors HTML example, Growing an HTML DSL indices, Destructuring (let, Part 2), Associative nested, Sequential destructuring nth, Indexed structural sharing, Visualizing persistence: maps (and vectors and sets) transient variants, Transients versioning, Tangible benefits, Artifacts and coordinates, Dependencies, Deploying Clojure Apps to Amazon’s Elastic Beanstalk about, Tangible benefits applications, Deploying Clojure Apps to Amazon’s Elastic Beanstalk snapshots and release versions, Dependencies version string, Artifacts and coordinates views, Views, Views in Clojure, A Simple (JavaScript) View, A Simple (JavaScript) View, Views in Clojure, Views in Clojure Clojure, Views in Clojure, Views in Clojure JavaScript, A Simple (JavaScript) View, A Simple (JavaScript) View W *warn-on-reflection*, Type errors and warnings, Automating type hinting of multidimensional array operations warnings, primitives, Type errors and warnings warnOnReflection, AOT compilation configuration watches, notifications and constraints, Watches, Watches web, Clojure and the Web, Final Thoughts, The “Clojure Stack”, The Foundation: Ring, Middleware, Requests and Responses, Adapters, Handlers, Middleware, Routing Requests with Compojure, Routing Requests with Compojure, Templating, Putting everything together, Enlive: Selector-Based HTML Transformation, Putting everything together, Deploying Clojure Web Applications, Going Beyond Simple Web Application Deployment, Java and Clojure Web Architecture, Building .war files with Leiningen, Web Application Packaging, Building .war files with Leiningen, Running Web Apps Locally, Web Application Deployment, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Going Beyond Simple Web Application Deployment beyond simple web application deployment, Going Beyond Simple Web Application Deployment Clojure stack, The “Clojure Stack” Java, Java and Clojure Web Architecture, Building .war files with Leiningen, Web Application Packaging, Building .war files with Leiningen web application packaging, Web Application Packaging, Building .war files with Leiningen Ring, The Foundation: Ring, Middleware, Requests and Responses, Adapters, Handlers, Middleware adapters, Adapters handlers, Handlers middleware, Middleware requests and responses, Requests and Responses routing requests, Routing Requests with Compojure, Routing Requests with Compojure templating, Templating, Putting everything together, Enlive: Selector-Based HTML Transformation, Putting everything together Enlive, Enlive: Selector-Based HTML Transformation, Putting everything together web application deployment, Web Application Deployment, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk EB, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk web apps, Running Web Apps Locally web app, Java and Clojure Web Architecture web crawlers, Using agents to parallelize workloads when-let, Conditionals: if where, Queries white space, Whitespace and Commas why Clojure, Why Clojure?

Deploying Clojure Web Applications Once you’re past a certain point of competence with Clojure and are on your way toward having a working application completed, you’ll inevitably need to deliver its functionality to your users and customers. The modern era has tilted distribution norms toward server-side deployments (often “in the cloud”) that clients interact with via web services and interfaces. In this chapter, we’ll explore the various ways one can package and then deploy Clojure web applications, taking full advantage of the mature facilities that the JVM and Java ecosystem provide for doing so.[416] Java and Clojure Web Architecture Almost without exception, Clojure web applications are packaged and deployed as servlets, the same fundamental architecture used by web applications written in Java.

We already demonstrated how applications can be run from the REPL in the embedded Jetty runtime in Chapter 16; let’s now tackle .war packaging, which will allow us to flexibly deploy to production-ready app servers and hosted platforms. Web Application Packaging A Java web application is packaged into a .war file, an extension of the .jar file packaging discussed in Artifacts and coordinates.[422] The typical .war file layout includes: Resources like HTML files and images that are statically served out of the “top level” of the .war file A variety of data rooted in a WEB-INF directory entry, under which you can find: A web.xml file that describes how the .war file should be deployed into a web application server. A lib directory entry, which can contain any number of nested .jar files. This is usually where all of the transitive dependencies of a web application are housed, and is what makes .war files self-contained deployable units (in contrast to other server application architectures that require extensive server configuration to ensure that the dependencies of deployed applications are available).

pages: 174 words: 34,672

Nginx Essentials by Valery Kholodkov

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Debian, en.wikipedia.org, web application

This can be done using the proxy_redirect directive: location @proxy { proxy_pass http://localhost:8080; proxy_redirect http://localhost:8080/app http://www.example.com; } Consider a web application that is running at http://localhost:8080/app, while the original server has the address http://www.example.com. Assume the web application issues a temporary redirect (HTTP 302) to http://localhost:8080/app/login. With the preceding configuration, Nginx will rewrite the URI in the location header to http://www.example.com/login. If the redirect URI was not rewritten, the client would be redirected to http://localhost:8080/app/login, which is valid only within a local domain, so the web application would not be able to work properly. With the proxy_redirect directive, the redirect URI will be properly rewritten by Nginx, and the web application will be able to perform the redirect properly. The host name in the second argument of the proxy_redirect directive can be omitted: location @proxy { proxy_pass http://localhost:8080; proxy_redirect http://localhost:8080/app /; } The preceding code can be further reduced to the following configuration using variables: location @proxy { proxy_pass http://localhost:8080; proxy_redirect http://$proxy_host/app /; } The same transparency option can be applied to cookies.

By abstracting away complexities of HTTP and handling them in a scalable and efficient manner, Nginx allows web applications to focus on solving the problem they are designed to solve without stumbling upon low-level details. In this chapter, you will learn: How to set up Nginx as a reverse proxy How to make proxying transparent for the upstream server and the end user How to handle upstream errors How to use Nginx cache You will find out how to use all features of Nginx reverse proxy and turn it into a powerful tool for accelerating and scaling your web service. Nginx as a reverse proxy HTTP is a complex protocol that deals with data of different modality and has numerous optimizations that—if implemented properly—can lead to a significant increase in web service performance. At the same time, web application developers have less time to deal with low-level issues and optimizations.

At the same time, web application developers have less time to deal with low-level issues and optimizations. The mere idea of decoupling a web application server from a frontend server shifts the focus on managing incoming traffic to the frontend, while shifting the focus on functionality, application logic, and features to the web application server. This is where Nginx comes into play as a decoupling point. An example of a decoupling point is SSL termination: Nginx receives and processes inbound SSL connections, it forwards the request over plain HTTP to an application server, and wraps the received response back into SSL. The application server no longer needs to take care of storing certificates, SSL sessions, handling encrypted and unencrypted transmission, and so on. Other examples of decoupling are as follows: Efficient handling of static files and delegating the dynamic part to the upstream Rate, request, and connection limiting Compressing responses from the upstream Caching responses from the upstream Accelerating uploads and downloads By shifting these functions to a Nginx-powered frontend, you are essentially investing in the reliability of your website.

pages: 315 words: 70,044

Learning SPARQL by Bob DuCharme

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

database schema, Donald Knuth, en.wikipedia.org, G4S, linked data, semantic web, SPARQL, web application

., Grouping Data and Finding Aggregate Values within Groups CSS, SPARQL and Web Application Development curl utility, SPARQL and Web Application Development D D2RQ, Querying a Remote SPARQL Service, Middleware SPARQL Support data cleanup, FILTERing Data Based on Conditions data typing, Data Typing, Data Typing datatype(), Defining Rules with SPARQL, Node Type and Datatype Checking Functions datatypes, Datatypes and Queries, Datatype Conversion, Datatype Conversion converting, Datatype Conversion, Datatype Conversion custom, Datatypes and Queries date datatype, Datatypes and Queries date ranges in queries, Comparing Values and Doing Arithmetic dateTime datatype, Datatypes and Queries day(), Date and Time Functions DBpedia, Querying a Public Data Source, Using the Labels Provided by DBpedia, SPARQL and Web Application Development querying, Querying a Public Data Source decimal datatype, Datatypes and Queries default graph, Querying Named Graphs, Glossary DELETE, Deleting Data DELETE DATA, Deleting Data, Deleting Data DELETE vs., Deleting Data DESC(), Sorting Data DESCRIBE, Query Forms: SELECT, DESCRIBE, ASK, and CONSTRUCT, Asking for a Description of a Resource DISTINCT, Eliminating Redundant Output, Eliminating Redundant Output, Querying Named Graphs division, Comparing Values and Doing Arithmetic double precision datatype, Datatypes and Queries DROP, Dropping Graphs Dublin Core, URLs, URIs, IRIs, and Namespaces, Changing Existing Data, Glossary E ENCODE_FOR_URI(), String Functions entailment, The SPARQL Specifications, Glossary F FILTER, Searching for Strings, FILTERing Data Based on Conditions, FILTERing Data Based on Conditions float datatype, Datatypes and Queries floor(), Numeric Functions FOAF (Friend of a Friend), URLs, URIs, IRIs, and Namespaces, Storing RDF in Files, Converting Data, Hash Functions, Glossary hash functions in, Hash Functions Freebase, SPARQL and Web Application Development FROM, Querying the Data, Querying Named Graphs, Copying Data in CONSTRUCT queries, Copying Data FROM NAMED, Querying Named Graphs Fuseki, Getting Started with Fuseki, Getting Started with Fuseki, Adding Data to a Dataset loading data into, Adding Data to a Dataset shutting down, Getting Started with Fuseki starting up, Getting Started with Fuseki G GRAPH, Querying Named Graphs, Querying Named Graphs, Querying Named Graphs, Copying Data, Named Graphs in CONSTRUCT queries, Copying Data in update queries, Named Graphs referencing graphs not named in FROM NAMED clause, Querying Named Graphs variables with, Querying Named Graphs graph pattern, More Realistic Data and Matching on Multiple Triples, Glossary graphs (RDF), More Realistic Data and Matching on Multiple Triples, Glossary GROUP BY, Grouping Data and Finding Aggregate Values within Groups GROUP_CONCAT(), Finding the Smallest, the Biggest, the Count, the Average...

, Reusing and Creating Vocabularies: RDF Schema and OWL, Reusing and Creating Vocabularies: RDF Schema and OWL, Reusing and Creating Vocabularies: RDF Schema and OWL, Reusing and Creating Vocabularies: RDF Schema and OWL, Linked Data, Glossary OWL 2, Reusing and Creating Vocabularies: RDF Schema and OWL OWL-aware SPARQL engines, Reusing and Creating Vocabularies: RDF Schema and OWL owl:sameAs, Converting Data P parentheses, Comparing Values and Doing Arithmetic periods in SPARQL, Querying the Data Perl, SPARQL and Web Application Development Potrzebie System of Weights and Measures, Datatypes and Queries predicate (of triple), The Data to Query, The Resource Description Format (RDF), Glossary prefixed name, URLs, URIs, IRIs, and Namespaces, Glossary prefixes, namespace, The Data to Query, Querying the Data, URLs, URIs, IRIs, and Namespaces Project Gutenberg, Federated Queries: Searching Multiple Datasets with One Query properties, The Data to Query, The Resource Description Format (RDF), Reusing and Creating Vocabularies: RDF Schema and OWL declaring, Reusing and Creating Vocabularies: RDF Schema and OWL property paths, Searching Further in the Data, Searching Further in the Data Python, Hash Functions, SPARQL and Web Application Development, SPARQL and Web Application Development Q qname, URLs, URIs, IRIs, and Namespaces qualified name, URLs, URIs, IRIs, and Namespaces (see qname) query, Querying the Data, Querying the Data, Query Forms: SELECT, DESCRIBE, ASK, and CONSTRUCT, Query Forms: SELECT, DESCRIBE, ASK, and CONSTRUCT formatting, Querying the Data forms, Query Forms: SELECT, DESCRIBE, ASK, and CONSTRUCT, Query Forms: SELECT, DESCRIBE, ASK, and CONSTRUCT running, Querying the Data R rand(), Numeric Functions RDF, The Data to Query, The Resource Description Format (RDF), Named Graphs RDF Schema, What Exactly Is the “Semantic Web”?

If the same D2RQ server has this kind of access to multiple databases, a single SPARQL query can ask for data from multiple databases at once, which is not possible with a standard SQL query. The Free University of Berlin team that developed D2RQ came up with their own ontology for mapping between relational schemas and RDF vocabularies. As of this writing, the W3C is developing a standardized mapping to improve consistency between the use of different relational systems in different semantic web application environments. Note The Oracle Corporation’s most well-known products are relational database managers, and plenty of semantic web applications have middleware like D2RQ serving up triples created from the relational data in these products. The separate Oracle Database Semantic Technologies product, however, lets you use Oracle Database 11g as a native triplestore, complete with SPARQL support. (Using it requires use of the Oracle Spatial add-on, which optimizes handling of large amounts of location data.)

Scala in Action by Nilanjan Raychaudhuri

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

continuous integration, create, read, update, delete, database schema, domain-specific language, don't repeat yourself, en.wikipedia.org, failed state, fault tolerance, general-purpose programming language, index card, MVC pattern, type inference, web application

(The source code for Scalaz is hosted at http://github.com/scalaz/scalaz.) This simple library will allow you to focus on building a web application in functional style without worrying about the complexity of a full-stack web framework. There are quite a few similarities between web applications and functional programming. Think of a web application as a collection of functions that takes an HTTP request and produces an HTTP response. Each URL endpoint is mapped to a function that knows how to handle the request. Because you’re building in functional programming style, the web application state (like user sessions) is explicitly specified in each request. The benefit of thinking in this style is that you can build web applications by composing functions or using higher-order combinators. Frameworks built using this strategy usually are stateless and scalable.

Your first steps will be getting started with practices like test-driven development (TDD) and continuous integration for your Scala project. Chapter 6. Building web applications in functional style This chapter covers Building Scala projects with SBT (Simple Build Tool) Introduction to the Scalaz HTTP module Creating a web application in Scala called weKanban This second part of the book switches focus to more real-world applications of the Scala programming language, and what could be more practical than building a web application in Scala? There are already web frameworks like Lift (http://liftweb.net) and Playframework (www.playframework.org) that Scala developers can use to build web applications. But this chapter introduces you to an interesting library called Scalaz (http://code.google.com/p/scalaz/). (The source code for Scalaz is hosted at http://github.com/scalaz/scalaz.)

The following listing shows the complete web.xml. Listing 11.7. web.xml of the topArtists web application Most of the content of this file should be familiar to you if you’ve built a web application for the JVM. All the Java web containers read the web.xml to initialize Java-based web applications. The listener attribute allows applications to listen to events generated by containers, such as when an application is loaded or unloaded. In this case, the listener configured is ContextLoaderListener, and this class knows how to configure Spring by reading context-param . To run the application, you can use the already configured Jetty web server using the following command: mvn -Dapi.key=<your-last.fm-pai-key> jetty:run As you can see, setting up and creating web applications using Scala and Java frameworks is easy. Some of the boilerplate configuration is unavoidable when working with Java frameworks, but you can still have fun writing Scala code. 11.4.

pages: 420 words: 61,808

Flask Web Development: Developing Web Applications With Python by Miguel Grinberg

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

database schema, Firefox, full text search, Minecraft, platform as a service, web application

Still fine. With Flask you can choose the components of your application or even write your own if that is what you want. No questions asked! The key to this freedom is that Flask was designed from the start to be extended. It comes with a robust core that includes the basic functionality that all web applications need and expects the rest to be provided by some of the many third-party extensions in the ecosystem and, of course, by you. In this book I present my workflow for developing web applications with Flask. I don’t claim to have the only true way to build applications with this framework. You should take my choices as recommendations and not as gospel. Most software development books provide small and focused code examples that demonstrate the different features of the target technology in isolation, leaving the “glue” code that is necessary to transform these different features into a fully working applications to be figured out by the reader.

To install Flask into the virtual environment, use the following command: (venv) $ pip install flask With this command, Flask and its dependencies are installed in the virtual environment. You can verify that Flask was installed correctly by starting the Python interpreter and trying to import it: (venv) $ python >>> import flask >>> If no errors appear, you can congratulate yourself: you are ready for the next chapter, where you will write your first web application. Chapter 2. Basic Application Structure In this chapter, you will learn about the different parts of a Flask application. You will also write and run your first Flask web application. Initialization All Flask applications must create an application instance. The web server passes all requests it receives from clients to this object for handling, using a protocol called Web Server Gateway Interface (WSGI). The application instance is an object of class Flask, usually created as follows: from flask import Flask app = Flask(__name__) The only required argument to the Flask class constructor is the name of the main module or package of the application.

If you run the application now, you will notice that it is much more responsive, but keep in mind that for applications that send a large volume of email, having a job dedicated to sending email is more appropriate than starting a new thread for every email. For example, the execution of the send_async_email() function can be sent to a Celery task queue. This chapter completes the overview of the features that are a must-have for most web applications. The problem now is that the hello.py script is starting to get large and that makes it harder to work with. In the next chapter, you will learn how to structure a larger application. Chapter 7. Large Application Structure Although having small web applications stored in a single script can be very convenient, this approach does not scale well. As the application grows in complexity, working with a single large source file becomes problematic. Unlike most other web frameworks, Flask does not impose a specific organization for large projects; the way to structure the application is left entirely to the developer.

pages: 290 words: 119,172

Beginning Backbone.js by James Sugrue

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Airbnb, continuous integration, don't repeat yourself, Firefox, Google Chrome, loose coupling, MVC pattern, node package manager, single page application, web application, Y Combinator

jQuery Another key milestone in JavaScript’s maturity was the release of John Resig’s jQuery in 2006, a framework that acknowledged the need for a more controlled approach to writing JavaScript for web applications. The framework provides the ability to search and manipulate the Document Object Model (DOM), deal with events, create animations, and create Ajax applications with a straightforward syntax. jQuery also abstracted away many of the cross-browser incompatibilities that plagued front-end engineers. With its modular architecture, developers could write their own plug-ins that would run on top of JQuery. Suddenly, JavaScript developers were taken seriously, and more elegant user interfaces were possible. Single-Page Web Applications A single-page web application is one that requires just one page load and where all required elements can be loaded dynamically onto the page without needing to leave.

The number of unread messages is also highlighted in the left menu. The more you look at the Gmail web application, the more you appreciate the complexity of the data model behind it. Figure 1-1.  Gmail, a classic web application example (Image from http://cdn.theatlantic.com/static/mt/assets/science/threadlist-large.png) Trying to implement such a data model without some supporting framework would be pretty chaotic. Unless you are a team of one developer (and even then it’s debatable), there is a measure of consistency required so that everyone understands how the data model is defined and represented. This is exactly where Backbone comes in, making development more comfortable for developers to deal with data models, build module views, and send events across the application. Design Patterns for Web Applications Design patterns are credited with bringing maturity to software development.

Yeoman web site at http://yeoman.io Yeoman, created by the Google Chrome Developer Relations team, is a tool stack that brings together three tools to improve your productivity when creating web applications. It includes Grunt, which we discussed in depth in Chapter 9, as well as two other tools: Bower and Yo. Bower is a package manager for libraries and frameworks that are used within web applications. In a similar fashion to NPM, Bower allows you to download the libraries you need through the command line and brings all the dependent libraries along with it. This is a huge improvement in the process of downloading a library and finding its dependencies. Yo is at the core of Yeoman, providing a scaffolding tool to build web applications from scratch from the command line. A number of generators are already available, including a Backbone generator, which we will focus on in the subsequent section.

pages: 324 words: 87,064

Learning Ext Js by Shea Frederick

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

call centre, Firefox, framing effect, side project, web application

286 286 287 287 288 288 289 289 289 289 290 290 290 290 290 291 291 Index 293 [x] This material is copyright and is licensed for the sole use by Roman Heinrich on 25th December 2008 Am Hilligenbusch 47, , Paderborn, NRW, 33098 Preface Ext JS was developed by a unified team of programmers working toward a single goal—to provide a consistent core user interface and interaction library. Because of this, the code used for different functionalities and widgets is more coherent than in some other JavaScript libraries. Ext JS really shines in making web applications easyto-use and intuitive. If you are a web application developer, it's a great library to have in your arsenal. We start by outlining how to download and configure the Ext JS library. Covering everything from the simplest alerts to complex grids, layouts, and forms, this book will enable you to start creating rich, interactive web applications. We will use plenty of real-world examples that can be applied immediately to your ongoing projects. Sample code is broken down to its simplest form, allowing us to concentrate on learning the usage of the library. By the end of this book, we will end up with a sample application that uses the full spectrum of Ext JS components.

Thorat Technical Editor Gagandeep Singh Cover Work Rajni R. Thorat Copy Editor Sumathi Sridhar Editorial Team Leader Akshara Aware This material is copyright and is licensed for the sole use by Roman Heinrich on 25th December 2008 Am Hilligenbusch 47, , Paderborn, NRW, 33098 About the Authors Shea Frederick began his career in web development before the term 'Web Application' became commonplace. By the late 1990s, he was developing web applications for Tower Records that combined a call center interface with inventory and fulfillment. Since then, Shea has worked as a developer for several companies, building and implementing various commerce solutions, content management systems, and lead tracking programs. Integrating new technologies to make a better application has been a driving point for Shea's work.

What it does is allows you to monitor and interact with the web page in real time. When you start working with singlepage web applications and AJAX, you quickly lose the ability to look at the requests and responses for communications such as form submission. One of the things that Firebug provides you with is a way to watch and inspect this communication. The other main thing that it does is allow you to modify the HTML and JavaScript in your web page and watch these changes take effect in real time. The built-in script debugger lets us pause code execution and inspect or even modify code and variables. Once you are set up with a local (or remote) development web server, your favorite editor and debugger, and Firefox with Firebug, you are ready to start Learning Ext JS. Who is this book for This book is written for Web Application Developers who are familiar with HTML, but may have little to no experience with JavaScript application development.

pages: 504 words: 67,845

Designing Web Interfaces: Principles and Patterns for Rich Interactions by Bill Scott, Theresa Neil

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

A Pattern Language, anti-pattern, en.wikipedia.org, Firefox, recommendation engine, Ruby on Rails, Silicon Valley, web application

But instead of a page refresh, the messages are seamlessly brought into the message-list pane, giving the illusion of a larger virtual space. Desktop-style applications In testing Virtual Scrolling, Yahoo! found that users naturally understood the scrolling paradigm, most likely because they were already accustomed to this feature on desktop mail clients. Since the Yahoo! Mail Web application looks very similar to desktop web applications, the expectation for scrolling already exists in the user's mind. * * * Tip The more the web application looks and behaves like a desktop application, the more intuitive desktop idioms (like Virtual Scrolling) are to the user. * * * Loading status There are a few downsides to the Yahoo! Mail version of Virtual Scrolling. First, if the loading is slow, it spoils the illusion that the data is continuous.

This combination of design principles at the top and design considerations at the bottom is what allows architects to fill in the middle with meaningful buildings that enable people and organizations to interact, communicate, and get things done. Those of us whose parti is bringing rich web applications to life can also benefit from a framework of design principles and considerations to guide us. In these pages, Bill Scott and Theresa Neil give us just that. Through 30 years of designing and developing software, Bill and Theresa have been the consummate taxonomists—naming, documenting, and sharing in loving detail what makes rich interactions succeed and fail. The breadth of solutions they have encountered has given them a unique perspective on the design principles behind the most successful rich interactions on the Web. From Part I to Part VI, the principles he outlines in this book are your yardstick for measuring the value that rich interactions bring to your web application. Through in-depth descriptions of context and trade-offs, Bill and Theresa support each principle with the design considerations and best practices you need to make informed decisions.

The Ajax-enabled Google Maps now interacted more like a desktop application with real-time pan-and-zoom—all with no page refresh. Mapquest, on the other hand, behaved like most other web applications at the time, refreshing the page each time the map was repositioned or zoomed. The contrast was clear between the old world of the Web and the new world as enabled by Ajax. Why We Wrote This Book While I got the chance to live through the first interface revolution for the desktop (even writing one of the first games for the Macintosh[2]), my coauthor Theresa Neil lived through the second revolution on the Web. A few years ago our paths crossed at Sabre (parent company of Travelocity). Together we founded a user experience design team and worked to improve dozens of products, performing heuristic evaluations and participating in full web application redesigns. From that work, we distilled a number of user interface design patterns as well as anti-patterns (common mistakes to avoid).

Python Web Development With Django by Jeff Forcier

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

create, read, update, delete, database schema, Debian, don't repeat yourself, en.wikipedia.org, Firefox, full text search, Guido van Rossum, loose coupling, MVC pattern, revision control, Ruby on Rails, Silicon Valley, slashdot, web application

Regardless of what you brought to this chapter, we hope you’ve gained something from the overview. At this point in the book, you should now have a decent background in both the basics of developing Web applications as well as the underlying theory and organization of a typical Web framework. In Part II,“Django in Depth,” we dive into the details of how to use Django, exploring the various classes, functions, and data structures it uses and showing you more code snippets to help it all make sense. II Django in Depth 4 Defining and Using Models 5 URLs, HTTP Mechanisms, and Views 6 Templates and Form Processing This page intentionally left blank 4 Defining and Using Models A s explained in Chapter 3,“Starting Out,” the data model of a Web application is usually its foundation, and at any rate is an excellent place to begin exploring the details of Django development.Although this chapter has two main sections—defining models, and then using them—the two halves are more intertwined than separate.We need to consider how we plan to use our models, while we’re defining them, to generate the most effective arrangement of classes and relationships.And, of course, you can’t make the best use of a model without understanding the how and the why of its definition.

In addition, we hope you’re convinced of the power and flexibility of the QuerySet class as a means of pulling information out of your models and understand how to work with your Django application’s data outside the ORM itself. In the next two chapters, Chapters 5,“URLs, HTTP Mechanisms, and Views” and 6, you learn how to make use of your model in the context of a Web application by setting up queries in your controller logic (views) and then displaying them in your templates. 5 URLs, HTTP Mechanisms, and Views Iunderpinnings n the previous chapter, you learned how to define the data models which form the of most Web applications; in the chapter following this one, we show you how to display those models with Django’s template language and forms. However, by themselves those two aspects of a Web framework don’t do much; you need controller logic deciding what data to render which template with and URL dispatching to determine what logic is performed for a given URL.

One of the most common uses of response middleware is to inject extra headers into the response, either across the board—such as enabling caching-related HTTP features— or conditionally, such as a built-in middleware that sets Content-Language equal to the current translation. Following is a trivial example that does a simple search and replace of “foo” with “bar” on all text output by the Web application: class TextFilterMiddleware(object): def process_response(self, request, response): response.content = response.content.replace(‘foo’, ‘bar’) We could have made this a more realistic example that filters out naughty words (which can be useful for a community Web site, for example), but this is a family book! Views/Logic Views (née controllers) form the core of any Django Web application in that they provide nearly all the actual programming logic.When defining and using the models, we’re database administrators; when writing the templates, we’re interface designers; but when writing views, we’re truly software engineers.

pages: 224 words: 45,431

Python Web Penetration Testing Cookbook by Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

en.wikipedia.org, Minecraft, web application

Fully searchable across every book published by Packt Copy and paste, print, and bookmark content On demand and accessible via a web browser Free access for Packt account holders If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access. Disclamer This book contains details on how to perform attacks against web applications using Python scripts. In many circumstances, these attacks are likely to be illegal in your jurisdiction and can be considered terms of service violation and/or professional misconduct. The instructions in this book are provided for usage in the context of formal penetration tests to protect a system against attacks, which are conducted with the permission of a site owner. Preface Welcome to our book on Python and web application testing. Penetration testing is a massive field and the realms of Python are even bigger. We hope that our little book can help you make these enormous fields a little more manageable.

Chapter 2, Enumeration, guides you through creating scripts to retrieve the target information from websites and validating potential credentials. Chapter 3, Vulnerability Identification, covers recipes based on identifying potential vulnerabilities on websites, such as Cross-site scripting, SQL Injection, and outdated plugins. Chapter 4, SQL Injection, covers how to create scripts that target everyone's favorite web application vulnerability. Chapter 5, Web Header Manipulation, covers scripts that focus specifically on the collection, control, and alteration of headers on web applications. Chapter 6, Image Analysis and Manipulation, covers recipes designed to identify, reverse, and replicate steganography in images. Chapter 7, Encryption and Encoding, covers scripts that dip their toes into the massive lake that is encryption. Chapter 8, Payloads and Shells, covers a small set of proof of concept C2 channels, basic post-exploitation scripts, and on server enumeration tools.

Checking username validity When performing your reconnaissance, you may come across parts of web applications that will allow you to determine whether or not certain usernames are valid. A prime example of this will be a page that allows you to request a password reset when you have forgotten your password. For instance, if the page asks that you enter your username in order to have a password reset, it may give different responses depending on whether or not a user with that username exists. So, if a username doesn't exist, the page may respond with Username not found, or something similar. However, if the username does exist, it may redirect you to the login page and inform you that Password reset instructions have been sent to your registered email address. Getting ready Each web application may be different. So, before you go ahead and create your username checking tool, you will want to perform a reconnaissance.

pages: 180 words: 37,187

AngularJS Essentials by Rodrigo Branas

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, MVC pattern, node package manager, single page application, web application

48 Animating ngRepeat 49 Animating ngHide 50 Animating ngClass 50 Summary 51 Chapter 3: Data Handling 53 Expressions 53 Filters 55 Basic usage with expressions 55 currency 55 date 56 filter 56 json 57 limitTo 58 lowercase 58 number 58 orderBy 59 uppercase 60 Using filters in other places 60 Creating filters 61 Form validation 62 Creating our first form 62 Basic validation 63 Understanding the $pristine and $dirty properties 65 The $error object 65 Summary 66 [ ii ] Table of Contents Chapter 4: Dependency Injection and Services Dependency injection Creating services Creating services with the factory Creating services with the service Creating services with the provider Using AngularJS built-in services Communicating with the backend 67 68 69 70 74 75 76 76 HTTP, REST, and JSON 76 Creating an HTTP facade 82 Headers 84 Caching 85 Interceptors 85 Creating a single-page application 87 Installing the module Configuring the routes Rendering the content of each view Passing parameters Changing the location Resolving promises 87 87 88 91 92 93 Logging 96 Timeout 96 Asynchronous with a promise-deferred pattern 98 The deferred API The promise API 100 101 Summary 101 Chapter 5: Scope 103 Chapter 6: Modules 115 Two-way data binding 103 $apply and $watch 104 Best practices using the scope 106 The $rootScope object 110 Scope Broadcasting 110 Summary 113 Creating modules 115 The UI module 116 The search module 118 The parking application module 119 Recommended modules 120 Summary 120 [ iii ] Table of Contents Chapter 7: Unit Testing 121 The Jasmine testing framework 122 Testing AngularJS components 124 Services 125 Controllers 126 Filters 128 Directives 129 Creating the element with the directive Compiling the directive Calling the link function with the scope Invoking the digest cycle 130 130 130 130 Mocking with $httpBackend Running tests with Karma 132 140 Installation Configuration Running tests 140 141 142 Summary 143 Chapter 8: Automating the Workflow 145 Automating the workflow with Grunt 145 Installation 146 Configuration 146 Creating a distribution package 147 Executing the workflow 155 Managing packages with Bower 156 Installation 156 Finding packages 156 Installing packages 157 Using packages 157 Cache 158 Summary 158 Index 159 [ iv ] Preface For more than 12 years, I have been developing all kinds of web applications, and along the way, I have had the opportunity to experience the vast majority of frameworks on the Java platform. In 2008, I moved from an architecture highly based on backend web frameworks such as Struts and JSF to experience new challenges at the frontend. I think the main goal was to stop creating those old-school and hard-to-use web applications, investing on interactivity and usability. At that time, I adopted the Google Web Toolkit, also known as GWT, building some web applications for almost 2 years. The results were pretty amazing in terms of user experience; however, I felt very upset about low productivity and also the amount of code that I had to write every day.

Isolate units of code during testing JavaScript using Jasmine. 3. Create reusable components in AngularJS. AngularJS Directives ISBN: 978-1-78328-033-9 Paperback: 110 pages Learn how to craft dynamic directives to fuel your single-page web applications using AngularJS 1. Learn how to build an AngularJS directive. 2. Create extendable modules for plug-and-play usability. 3. Build apps that react in real time to changes in your data model. Please check www.PacktPub.com for information on our titles Mastering Web Application Development with AngularJS ISBN: 978-1-78216-182-0 Paperback: 372 pages Build single-page web applications using the power of AngularJS 1. Make the most out of AngularJS by understanding the AngularJS philosophy and applying it to real-life development tasks. 2. Effectively structure, write, test, and finally deploy your application. 3.

Also, I was missing things such as a strong dependency injection mechanism that would allow me to create reusable and testable components. While looking for a solution, a very experienced JavaScript developer and also a great friend of mine, Rafael Nami, introduced me to AngularJS. In the following weeks, I started to read everything about it and also writing some code. After a few weeks, I was thrilled because it had never been so easy to create amazing web applications with so little code! Preface Only 2 months later, I launched my first web application based entirely on AngularJS, and honestly, I cannot imagine writing this same application using another kind of technology in this short period of time. I was so excited about it that I wrote an article on using AngularJS with Spring MVC and Hibernate for a magazine called Java Magazine. After that, I created an AngularJS training program that already has more than 200 developers who enrolled last year.

pages: 260 words: 40,943

Hacking Exposed: Network Security Secrets and Solutions by Stuart McClure, Joel Scambray, George Kurtz

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

AltaVista, bash_history, Larry Wall, peer-to-peer, remote working, web application

In our example, you can see we traversed back up the file system into the system directory to obtain a file called “secret.txt,” which probably wasn’t an intended behavior for this site. IIS 2.0 was vulnerable to this type of exploit, and was corrected early on. However, many third-party Web applications, or “quick and dirty” Web servers integrated into P:\010Comp\Hacking\262-3\ch10.vp Thursday, August 09, 2001 12:37:34 PM HackingGeneric / Hacking Windows Color profile: CMYK Exposed printer profile Composite Default screen 2000: Network Security Secrets & Solutions / Scambray & McClure / 9262-3 / Chapter 10 Chapter 10: Hacking IIS 5 and Web Applications various appliances are still vulnerable to this attack. One prominent example of such an integrated Web server is the Compaq Insight Manager (CIM) Web server that ships with most Compaq server hardware to enable remote, HTTP-based management.

C:\WINNT\system32> C:\WINNT\system32>whoami whoami [carriage return] NT AUTHORITY\SYSTEM P:\010Comp\Hacking\262-3\ch10.vp Thursday, August 09, 2001 12:37:36 PM HackingGeneric / Hacking Windows Color profile: CMYK Exposed printer profile Composite Default screen 2000: Network Security Secrets & Solutions / Scambray & McClure / 9262-3 / Chapter 10 Chapter 10: Hacking IIS 5 and Web Applications We used the whoami utility from the Windows 2000 Resource Kit to show this shell is running in the context of the all-powerful LocalSystem account from the remote machine. Because the initial attack occurs via the Web application channel (port 80, typically) and because the shell is shoveled outbound from the victim Web server on a port defined by the attacker, this attack is difficult to stop using router or firewall filtering. A native Win32 version of jill called jill-win32 was released soon after the UNIX/ Linux version.

In essence, RevertToSelf asks the current thread to “revert” from IUSR context to the context under which inetinfo itself runs—SYSTEM. P:\010Comp\Hacking\262-3\ch10.vp Thursday, August 09, 2001 1:39:14 PM HackingGeneric / Hacking Windows Color profile: CMYK Exposed printer profile Composite Default screen 2000: Network Security Secrets & Solutions / Scambray & McClure / 9262-3 / Chapter 10 Chapter 10: Hacking IIS 5 and Web Applications Actually, it’s a little more complicated than that. ISAPI extensions are wrapped in the Web Application Manager (WAM) object, which can run within the IIS process or not. Running “out-of-process” extracts a slight performance hit, but prevents unruly ISAPI applications from crashing IIS process and is, therefore, regarded as a more robust way to run ISAPI applications. Although contrived to boost performance, interesting implications for security arise from this: ▼ If run in-process, WAM runs within IIS process (inetinfo.exe) and RevertToSelf gets SYSTEM

Backbone.js Cookbook by Vadim Mirgorod

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Airbnb, create, read, update, delete, en.wikipedia.org, Firefox, Google Chrome, MVC pattern, QR code, rolodex, Ruby on Rails, web application

Instant AngularJS Starter ISBN: 978-1-782166-76-4 Paperback: 66 pages A concise guide to start building dynamic web applications with AngularJS, one of the Web's most innovative JavaScript frameworks 1. Learn something new in an Instant! A short, fast, focused guide delivering immediate results. 2. Take a broad look at the capabilities of AngularJS, with in-depth analysis of its key features 3. See how to build a structured MVC-style application that will scale gracefully in real-world applications Getting Started with Meteor.js JavaScript Framework ISBN: 978-1-782160-82-3 Paperback: 130 pages Develop modern web applications in Meteor, one of the hottest new JavaScript platforms 1. Create dynamic, multi-user web applications completely in JavaScript 2. Use best practice design patterns including MVC, templates, and data synchronization 3.

Faedo ISTI - CNR, Pisa, Italy) ff School of Innovation, Design, and Engineering (Mälardalen University, Västerås, Sweden) His main professional activities are listed as follows: ff (from December 2011) Freelance: Design and development of mobile and web applications. ff (May–February 2010) Software Architect & Project Manager, Tribe ICT business sector: Geographic Information Systems. His main responsibilities were design, management, and technological support for the development of a distributed, extensible, and customizable GIS framework. The system is based on the uDig platform (http://www.udig.org) and exploits the following technologies: Java, Eclipse (RCP, EMF, JFace), JTS, Geoserver, and Geonetwork. ff (October–February 2008) Developer, Medea ICT business sector: Information Technologies, document management systems. His main responsibilities were development of a document management system in accordance with Italian security laws for the Regione Abruzzo. The system has been implemented as a J2EE web application using the following technologies: Java, JSF, IBM DB2, Eclipse, Jboss, Hibernate, Acegi Security, and Ja-sig CAS single sign-on system.

Questions You can contact us at questions@packtpub.com if you are having a problem with any aspect of the book, and we will do our best to address it. 4 1 Understanding Backbone In this chapter, we will cover the following points: ff Designing an application with the MVC pattern ff Defining business logic with models and collections ff Modeling an application's behavior with views and a router ff Creating an application structure from scratch ff Writing your first Backbone application ff Implementing URL routing in your application ff Extending an application with plugins ff Contributing to the Backbone project Introduction Backbone.js is a lightweight JavaScript framework that is based on the Model-View-Controller (MVC) pattern and allows developers to create single-page web applications. With Backbone, it is possible to update a web page quickly using the REST approach with a minimal amount of data transferred between a client and a server. Understanding Backbone Backbone.js is becoming more popular day by day and is being used on a large scale for web applications and IT startups; some of them are as follows: ff Groupon Now!: The team decided that their first product would be AJAX-heavy but should still be linkable and shareable. Though they were completely new to Backbone, they found that its learning curve was incredibly quick, so they were able to deliver the working product in just two weeks.

pages: 511 words: 111,423

Learning SPARQL by Bob Ducharme

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Donald Knuth, en.wikipedia.org, G4S, hypertext link, linked data, place-making, semantic web, SPARQL, web application

ex160.rq, Grouping Data and Finding Aggregate Values within Groups ex162.rq, Grouping Data and Finding Aggregate Values within Groups ex164.rq, Grouping Data and Finding Aggregate Values within Groups ex166.rq, Querying a Remote SPARQL Service ex167.rq, Querying a Remote SPARQL Service ex170.rq, Querying a Remote SPARQL Service ex172.rq, Federated Queries: Searching Multiple Datasets with One Query ex174.rq, Copying Data ex176.rq, Copying Data ex178.rq, Copying Data ex180.rq, Copying Data ex182.rq, Copying Data ex184.rq, Creating New Data ex185.rq, Creating New Data ex187.ttl, Creating New Data ex188.rq, Creating New Data ex190.rq, Creating New Data ex192.rq, Creating New Data ex193.ttl, Creating New Data ex194.rq, Converting Data ex196.rq, Converting Data ex198.ttl, Defining Rules with SPARQL ex199.rq, Defining Rules with SPARQL ex201.rq, Defining Rules with SPARQL, Datatypes and Queries ex202.rq, Defining Rules with SPARQL ex203.rq, Generating Data About Broken Rules ex205.rq, Generating Data About Broken Rules ex207.rq, Generating Data About Broken Rules ex209.rq, Generating Data About Broken Rules ex211.rq, Using Existing SPARQL Rules Vocabularies ex212.rq, Using Existing SPARQL Rules Vocabularies ex213.rq, Asking for a Description of a Resource ex215.rq, Asking for a Description of a Resource ex216.rq, Asking for a Description of a Resource ex217.ttl, Datatypes and Queries ex218.rq, Datatypes and Queries ex220.rq, Datatypes and Queries ex221.rq, Datatypes and Queries ex222.rq, Datatypes and Queries ex223.rq, Datatypes and Queries ex224.ttl, Representing Strings ex225.rq, Representing Strings ex227.ttl, Comparing Values and Doing Arithmetic ex228.rq, Comparing Values and Doing Arithmetic ex230.rq, Comparing Values and Doing Arithmetic ex232.rq, Comparing Values and Doing Arithmetic ex233.rq, Comparing Values and Doing Arithmetic ex235.rq, Program Logic Functions ex237.rq, Program Logic Functions ex239.rq, Program Logic Functions ex241.ttl, Node Type and Datatype Checking Functions ex242.rq, Node Type and Datatype Checking Functions ex244.rq, Node Type and Datatype Checking Functions ex246.rq, Node Type Conversion Functions ex248.rq, Node Type Conversion Functions ex249.ttl, Node Type Conversion Functions ex251.rq, Node Type Conversion Functions ex253.rq, Node Type Conversion Functions ex255.rq, Node Type Conversion Functions ex257.rq, Datatype Conversion ex259.ttl, Datatype Conversion ex260.rq, Datatype Conversion ex262.rq, Datatype Conversion ex264.rq, Datatype Conversion ex266.ttl, Datatype Conversion ex267.rq, Datatype Conversion ex268.txt, Datatype Conversion ex269.rq, Checking, Adding, and Removing Spoken Language Tags ex270.rq, Checking, Adding, and Removing Spoken Language Tags ex271.rq, Checking, Adding, and Removing Spoken Language Tags ex273.rq, Checking, Adding, and Removing Spoken Language Tags ex276.rq, Checking, Adding, and Removing Spoken Language Tags ex278.ttl, Checking, Adding, and Removing Spoken Language Tags ex279.rq, Checking, Adding, and Removing Spoken Language Tags ex281.ttl, Checking, Adding, and Removing Spoken Language Tags ex282.rq, Checking, Adding, and Removing Spoken Language Tags ex284.ttl, String Functions ex285.rq, String Functions ex287.rq, String Functions ex289.ttl, String Functions ex290.rq, String Functions ex292.ttl, Numeric Functions ex293.rq, Numeric Functions ex295.rq, Numeric Functions ex298.ttl, Date and Time Functions ex299.rq, Date and Time Functions ex301.rq, Date and Time Functions ex303.rq, Date and Time Functions ex305.rq, Hash Functions ex307.py, Hash Functions ex308.rq, Extension Functions ex311.rq, Adding Data to a Dataset ex312.ru, Adding Data to a Dataset ex313.ru, Adding Data to a Dataset ex314.rq, Adding Data to a Dataset ex316.ru, Adding Data to a Dataset ex324.ru, Deleting Data ex325.ru, Changing Existing Data ex326.rq, Changing Existing Data ex327.ttl, Changing Existing Data ex328.ttl, Changing Existing Data ex329.ru, Changing Existing Data ex330.ru, Named Graphs ex331.ru, Named Graphs ex332.rq, Named Graphs, SPARQL and HTTP ex333.ru, Named Graphs ex334.ru, Dropping Graphs ex336.ru, Dropping Graphs ex337.ru, Dropping Graphs, Solution ex338.ru, Dropping Graphs, SPARQL and HTTP ex339.ru, Dropping Graphs ex340.ru, Dropping Graphs ex341.rq, Dropping Graphs ex342.ru, Named Graph Syntax Shortcuts: WITH and USING ex343.ru, Named Graph Syntax Shortcuts: WITH and USING ex344.ru, Named Graph Syntax Shortcuts: WITH and USING ex345.ru, Named Graph Syntax Shortcuts: WITH and USING ex346.ru, Deleting and Replacing Triples in Named Graphs ex347.ru, Deleting and Replacing Triples in Named Graphs ex348.ru, Deleting and Replacing Triples in Named Graphs ex349.ru, Deleting and Replacing Triples in Named Graphs ex350.ru, Deleting and Replacing Triples in Named Graphs ex351.ru, Deleting and Replacing Triples in Named Graphs ex352.ru, Deleting and Replacing Triples in Named Graphs ex353.ru, Deleting and Replacing Triples in Named Graphs ex354.rq, Deleting and Replacing Triples in Named Graphs ex355.rq, SPARQL and Web Application Development ex358.py, SPARQL and Web Application Development ex360.pl, SPARQL and Web Application Development ex361.py, SPARQL and Web Application Development ex363.py, SPARQL and Web Application Development ex401.xml, SPARQL Query Results XML Format ex402.xsl, Processing XML Query Results ex403.xml, SPARQL Query Results XML Format ex404.js, SPARQL Query Results JSON Format ex405.js, SPARQL Query Results JSON Format ex406.rq, Working with SPARQL Query Result Formats ex407.js, Processing JSON Query Results ex408.rq, Working with SPARQL Query Result Formats ex409.ttl, Working with SPARQL Query Result Formats ex410.xml, SPARQL Query Results XML Format ex411.js, SPARQL Query Results JSON Format ex412.csv, SPARQL Query Results CSV and TSV Formats ex413.tsv, TSV Query Results ex414.txt, Working with SPARQL Query Result Formats ex415.rq, What Is Inferencing?

., Adding Data to a Dataset integer datatype, Datatypes and Queries IRI, Glossary IRI(), Node Type Conversion Functions, Solution isBlank(), Node Type and Datatype Checking Functions isIRI(), Node Type and Datatype Checking Functions isLiteral(), Node Type and Datatype Checking Functions isNumeric(), Node Type and Datatype Checking Functions isURI(), FILTERing Data Based on Conditions, Node Type and Datatype Checking Functions J Java, SPARQL and Web Application Development JavaScript, SPARQL Query Results JSON Format, SPARQL and Web Application Development Jena, Defining Rules with SPARQL, Getting Started with Fuseki, Getting Started with Fuseki, Standalone Processors join (SPARQL equivalent), Searching Further in the Data JSON, The SPARQL Specifications, SPARQL and Web Application Development ARQ and, Working with SPARQL Query Result Formats, Standalone Processors defined, SPARQL Query Results JSON Format query results, SPARQL Query Results JSON Format results from a SPARQL engine, SPARQL Query Results JSON Format K Knuth, Donald, Datatypes and Queries L lang(), Checking, Adding, and Removing Spoken Language Tags langMatches() vs., Checking, Adding, and Removing Spoken Language Tags langMatches(), Checking, Adding, and Removing Spoken Language Tags language codes, Making RDF More Readable with Language Tags and Labels, Checking, Adding, and Removing Spoken Language Tags–Checking, Adding, and Removing Spoken Language Tags adding, Checking, Adding, and Removing Spoken Language Tags checking, Checking, Adding, and Removing Spoken Language Tags filtering on, Using the Labels Provided by DBpedia removing, Checking, Adding, and Removing Spoken Language Tags LCASE(), String Functions, Discussion LIMIT, Retrieving a Specific Number of Results, Federated Queries: Searching Multiple Datasets with One Query Linked Data, What Exactly Is the “Semantic Web”?

Note This idea of model-driven development and deployment is not limited to the use of the RDF family of specifications, but the fact that these specifications are standards with a range of commercial and open source implementations makes it an attractive choice for many developers using this methodology. SPARQL and Web Application Development In Applications and Triples, we learned about SPARQL engines and related RDF processors that perform special instructions based on the subjects, predicates, and objects (mostly, predicates) that they find in a set of triples. While these can be valuable components of an application, in this section we’ll look at the bigger picture of application development using SPARQL: tying together such components with the other parts you need to create a complete application. “Web application development” typically means two things: using web-based technologies to create an interface and taking advantage of web-based data sources. Later in this section, we’ll see an example of how web forms and dynamically generated HTML can build an interface around data retrieved using SPARQL; first, though, lets look more closely at how such an application can use SPARQL to retrieve that data.

pages: 183 words: 49,460

Start Small, Stay Small: A Developer's Guide to Launching a Startup by Rob Walling

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

8-hour work day, en.wikipedia.org, inventory management, Lean Startup, Marc Andreessen, Network effects, Paul Graham, rolodex, side project, Silicon Valley, software as a service, SpamAssassin, Superbowl ad, web application

You’re targeting enterprise clients who will want their data to live inside their own walls Your user interface has complex needs that an AJAX/DHTML interface cannot support Your application needs direct hard drive access or peripheral access that require a desktop application Type #2 – Downloadable Web Applications Downloadable web applications serve a single purpose: to allow customers to use your web application but never lose control of their data. Given the need for some companies to keep data inside their walls, or the need for them to guarantee 24/7/365 uptime means there is a market for downloadable web applications. Downloadable web applications need to be installed only by someone with a moderate level of technical competence. This restriction eliminates 99.9% of the people in the world. Pricing Structure One-time fee, but can include an annual support fee, typically around 20% of the purchase price Though rare, I’ve seen application leasing and rentals to eliminate the large up-front fee.

If you receive emails from existing customers, offer to refund the difference for them. Product Types Six major product types are described below, including the typical pricing structure, benefits, downsides and when to use each. Type #1 – Hosted Web Applications These days hosted web applications are called Software as a Service applications (SaaS), but you may know them by their previous name, ASP Applications (for Application Service Provider), or the new name the media seems to be misusing more and more, “Cloud-based Applications.” Most new business or productivity applications are hosted web applications. Examples abound, but here are some of the more popular options: FreshBooks 39 (hosted invoicing) Basecamp 40 (hosted project management software) FogBugz on Demand 41 (hosted bug tracking / project management) Pricing Structure Typically a monthly or annual recurring fee Benefits for the Entrepreneur Steady, recurring revenue Support is much easier than software installed on a user’s machine since you are in control of every aspect of the deployment and are only maintaining a single version of the application Documentation can be updated as you add features Customer feedback can be incorporated immediately into the product, thus providing incremental improvements on a shorter release schedule Benefits for the Customer Customers do not make a large, up-front capital investment to pay for software licenses Customers do not have to maintain their own servers, install or upgrade software, or open a shared hosting account Upgrades are free, seamless, and require no effort on the part of the customer Customers can try your product with little effort The Downside Developing for the web can be challenging and you have to learn a number of technologies to build an application (HTML/CSS/AJAX/JS/Server Side Code) Browser compatibility issues can be cumbersome, especially with browser market share becoming more and more splintered Some customers, typically enterprise clients, will not allow their data to live outside of company walls and thus will not use hosted web applications It requires you to maintain a 24/7 uptime hosting solution, plus security and backups When to Use When thinking about a new application aimed at businesses, start with the position of a hosted web application.

Examples abound, but here are some of the more popular options: FreshBooks 39 (hosted invoicing) Basecamp 40 (hosted project management software) FogBugz on Demand 41 (hosted bug tracking / project management) Pricing Structure Typically a monthly or annual recurring fee Benefits for the Entrepreneur Steady, recurring revenue Support is much easier than software installed on a user’s machine since you are in control of every aspect of the deployment and are only maintaining a single version of the application Documentation can be updated as you add features Customer feedback can be incorporated immediately into the product, thus providing incremental improvements on a shorter release schedule Benefits for the Customer Customers do not make a large, up-front capital investment to pay for software licenses Customers do not have to maintain their own servers, install or upgrade software, or open a shared hosting account Upgrades are free, seamless, and require no effort on the part of the customer Customers can try your product with little effort The Downside Developing for the web can be challenging and you have to learn a number of technologies to build an application (HTML/CSS/AJAX/JS/Server Side Code) Browser compatibility issues can be cumbersome, especially with browser market share becoming more and more splintered Some customers, typically enterprise clients, will not allow their data to live outside of company walls and thus will not use hosted web applications It requires you to maintain a 24/7 uptime hosting solution, plus security and backups When to Use When thinking about a new application aimed at businesses, start with the position of a hosted web application. The ease of support, ease of adoption, and recurring revenue model are major advantages. Joel Spolsky, CEO of Fog Creek Software 42, said in an interview on Venture Voice 43 that if he were starting his company today he would not build a downloadable version of their flagship product, FogBugz. For hosted applications the question is not “when to use” it’s “when not to use.” Don’t use a hosted web application if: You are targeting a specific community of people such as iPhone or Facebook users.

pages: 485 words: 74,211

Developing Web Applications with Haskell and Yesod by Michael Snoyman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

create, read, update, delete, database schema, Debian, domain-specific language, don't repeat yourself, full text search, MVC pattern, web application

Developing Web Applications with Haskell and Yesod Michael Snoyman Editor Simon St. Laurent Copyright © 2012 Michael Snoyman O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://my.safaribooksonline.com). For more information, contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. Developing Web Applications with Haskell and Yesod, the rhinoceros beetle, the mountain apollo butterfly, and related trade dress are trademarks of O’Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks.

One of the features of Yesod is that you aren’t tied down to a single deployment strategy. Yesod is built on top of the Web Application Interface (WAI), allowing it to run on FastCGI, SCGI, Warp, or even as a desktop application using the Webkit library. We’ll discuss some of these options in the deployment chapter. And at the end of this chapter, we will explain the development server. Warp is the premiere deployment option for Yesod. It is a lightweight, highly efficient web server developed specifically for hosting Yesod. It is also used outside of Yesod for other Haskell development (both framework and non-framework applications), as well as a standard file server in a number of production environments. Resources and Type-Safe URLs In our hello world, we defined just a single resource (HomeR). A web application is usually much more exciting with more than one page on it.

While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. O'Reilly Media * * * Preface It’s fair to say that dynamic languages currently dominate the web development scene. Ruby, Python, and PHP are common choices for quickly creating a powerful web application. They give a much faster and more comfortable development setting than standard static languages in the C family, like Java. But some of us are looking for something more in our development toolbox. We want a language that gives us guarantees that our code is doing what it should. Instead of writing up a unit test to cover every bit of functionality in our application, wouldn’t it be wonderful if the compiler could automatically ensure that our code is correct?

pages: 603 words: 141,814

Python for Unix and Linux System Administration by Noah Gift, Jeremy M. Jones

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, bash_history, Bram Moolenaar, cloud computing, create, read, update, delete, database schema, Debian, distributed revision control, Firefox, Guido van Rossum, industrial robot, inventory management, job automation, Mark Shuttleworth, MVC pattern, skunkworks, web application

There are some cross-browser compatibility issues, but for the most part, if you are not using special plug-ins, a web application that works in one browser on one operating system will mostly work in another browser on another operating system. This point is appealing to both parties as well. Just a little more work on the development side will get the application working in multiple browser environments. And the user enjoys using the application where he chooses. So how is this relevant for you as a system administrator? All the reasons that we have posited regarding building GUIs in general apply to building web applications. One benefit of web applications for system administrators is that the web application can have access to the filesystem and process table of the machine on which it runs. This particular property of web applications makes a web application an excellent solution for system, application, and user monitoring and reporting mechanisms.

This should also be a moderately simple change to make, but we’ll leave it as an exercise for the reader as well. Web Applications To say that the Web is huge is an understatement. The Web is teeming with applications that people rely on daily. Why are there so many applications available on the Web? First, a web application is potentially universally accessible. This means that when a web application is deployed, anyone with access to it can just point their browser at a URL and use it. Users don’t have to download and install anything except for the browser (which they likely already have installed) unless you are using browser plug-ins like Flash. The primary appeal of this point is for the user. Second, web applications are potentially unilaterally upgradeable for the whole user base. This means that one party (the owner of the application) can upgrade the entire user base without the other party (the user) having to do anything.

And that class of problems is in the domain of the system administrator. Hopefully, you can see the benefit, though it may be useful for you only occasionally, of building a web application for yourself or your users. But what can you use to build a web application? Since this is a book on Python, we will, of course, recommend a Python solution. But which one? One of the criticisms of Python is that it has as many different web application frameworks as a year has days. At the moment, the four dominant choices are TurboGears, Django, Pylons, and Zope. Each of these four has its own benefits, but we felt that Django fit the subject of this book particularly well. Django Django is a full-stack web application framework. It contains a templating system, database connectivity by way of an object-relational mapper, and, of course, Python itself for writing the logic pieces of the application.

Django Book by Matt Behrens

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Benevolent Dictator For Life (BDFL), create, read, update, delete, database schema, distributed revision control, don't repeat yourself, en.wikipedia.org, Firefox, full text search, loose coupling, MVC pattern, revision control, Ruby on Rails, school choice, slashdot, web application

Using Django, you can build and maintain high-quality Web applications with minimal fuss. At its best, Web development is an exciting, creative act; at its worst, it can be a repetitive, frustrating nuisance. Django lets you focus on the fun stuff – the crux of your Web application – while easing the pain of the repetitive bits. In doing so, it provides high-level abstractions of common Web development patterns, shortcuts for frequent programming tasks, and clear conventions for how to solve problems. At the same time, Django tries to stay out of your way, letting you work outside the scope of the framework as needed. The goal of this book is to make you a Django expert. The focus is twofold. First, we explain, in depth, what Django does and how to build Web applications with it. Second, we discuss higher-level concepts where appropriate, answering the question “How can I apply these tools effectively in my own projects?”

We noted above that we’ll be showing you how to do things without shortcuts so that you more fully understand the shortcuts. Similarly, it’s useful to understand why Django was created, because knowledge of the history will put into context why Django works the way it does. If you’ve been building Web applications for a while, you’re probably familiar with the problems in the CGI example we presented earlier. The classic Web developer’s path goes something like this: Write a Web application from scratch. Write another Web application from scratch. Realize the application from step 1 shares much in common with the application from step 2. Refactor the code so that application 1 shares code with application 2. Repeat steps 2-4 several times. Realize you’ve invented a framework. This is precisely how Django itself was created!

index next | previous | Django Book 0.1 documentation » Chapter 15: Caching A fundamental trade-off in dynamic Web sites is, well, they’re dynamic. Each time a user requests a page, the Web server makes all sorts of calculations – from database queries to template rendering to business logic – to create the page that your site’s visitor sees. This is a lot more expensive, from a processing-overhead perspective, than your standard read-a-file-off-the-filesystem server arrangement. For most Web applications, this overhead isn’t a big deal. Most Web applications aren’t washingtonpost.com or slashdot.org; they’re simply small- to medium-sized sites with so-so traffic. But for medium- to high-traffic sites, it’s essential to cut as much overhead as possible. That’s where caching comes in. To cache something is to save the result of an expensive calculation so that you don’t have to perform the calculation next time. Here’s some pseudocode explaining how this would work for a dynamically generated Web page: given a URL, try finding that page in the cache if the page is in the cache: return the cached page else: generate the page save the generated page in the cache (for next time) return the generated page Django comes with a robust cache system that lets you save dynamic pages so they don’t have to be calculated for each request.

pages: 372 words: 67,140

Jenkins Continuous Integration Cookbook by Alan Berg

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

anti-pattern, continuous integration, Debian, don't repeat yourself, en.wikipedia.org, Firefox, job automation, performance metric, revision control, web application, x509 certificate

You can remove the second append attribute as the default value is set to true. See also Running Groovy scripts through Maven Failing Jenkins Jobs based on JSP syntax errors Java Server Pages (http://www.oracle.com/technetwork/java/overview-138580.html) is a standard that makes the creation of simple web applications straightforward. You write HTML, such as pages, with extra tags interspersed with Java coding into a text file. If you do this in a running web application, then the code recompiles on the next page call. This process supports Rapid Application Development (RAD), but the risk is that developers make messy and hard-to-read JSP code that is difficult to maintain. It would be nice if Jenkins could display metrics about the code to defend the quality. JSP pages are compiled on the fly for the first time when a user request for the page is received.

There are a number of fixtures available, including ones for database testing, running tools from the command line, and functional testing of web applications. JMeter: It is a popular open source tool for stress testing. It can also be used to functionally test through the use of assertions. JMeter has a GUI that allows you to build test plans. The test plans are then stored in an XML format. JMeter is runnable through Maven or Ant scripts. JMeter is very efficient, and one instance is normally enough to hit your infrastructure hard. However, for super high load scenarios, JMeter can trigger an array of JMeter instances. Selenium: It is the de facto industrial standard for functional testing of web applications. With Selenium IDE, you can record your actions within Firefox, saving them in an HTML format to replay later.

Security advisories There is an e-mail list and RSS feed for Jenkins-related security advisories. You can find the link to the advisory feeds at https://wiki.jenkins-ci.org/display/JENKINS/Security+Advisories. Testing for OWASP's top ten security issues This recipe details the automatic testing of Jenkins for well-known security issues with w3af, a penetration testing tool from the Open Web Application Security Project (OWASP, http://w3af.sourceforge.net). The purpose of OWASP is to make application security visible. The OWASP top ten list of insecurities includes: A2-Cross Site Scripting (XSS): An XSS attack can occur when an application returns an unescaped input to a client's browser. The Jenkins administrator can do this by default, through the Job description. A6-Security Misconfiguration: A Jenkins plugin gives you the power to write custom authentication scripts.

pages: 351 words: 123,876

Beautiful Testing: Leading Professionals Reveal How They Improve Software (Theory in Practice) by Adam Goucher, Tim Riley

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Albert Einstein, barriers to entry, Black Swan, call centre, continuous integration, Debian, Donald Knuth, en.wikipedia.org, Firefox, Grace Hopper, index card, Isaac Newton, natural language processing, p-value, performance metric, revision control, six sigma, software as a service, software patent, the scientific method, Therac-25, Valgrind, web application

Send email to index@oreilly.com. 323 central limit theorem, 135 change-centric testing, 143 caller and callee function dependencies, 147 code coverage and gap analysis, 151 complex code development models, 146–152 document-driven change-centric testing frameworks, 145 mapping of source files to test cases, 147 summary, 152–154 character palette, 237 Charmap, 237 chi-square test, 138 ClamAV (Clam Anti-Virus), 269–283 compatibility testing, 279 fuzz testing, 276 performance testing, 279 testing methods, 270–283 Autoconf, 278 black box and white box testing, 270 Buildbot, 278 collecting problem files, 278 false alerts, 281 memory checkers, 273–275 static analysis, 271–273 test scripts, 276 unit testing, 275 usability and acceptance testing, 282 clamd, 270 clamscan, 270 Clang Static Analyzer, 271 code coverage, 151, 247 code examples, xvii collaboration, 38, 190–193 command line, 108 communication, 27 compatibility testing of ClamAV, 279 compiler warnings, 125 condition coverage, 248 configuration of automated tests, planning, 108 conflict, 19 continuous integration, 106, 198, 288 Windmill testing framework, development for, 285 coordination, 29 Cosmo Web User Interface, 289 coverage metrics, 247 Coverity, 120 critical incident analysis, 51 cross-site scripting (XSS), 236 CruiseControl, 200 Cunningham, Ward, 177 D Dashboard (Socialtext product), 230 data, good versus bad, 11 324 INDEX DBA (dynamic binary analysis), 149 debriefings, 161 defects, 69 categories and examples, 215 defect reports, 70–77 structure, 71 defining, 70 development defects, 72 early development versus deployed product bugs, 71 location, finding, 72 measuring severity, 78 seeding for testing purposes, 247 tagged defect sets, 77 tagging, 76 test escapes, 78 Diderot Effect, 181 doc testing (Python), 123 DUMA, 274 dynamic analysis, 124 E eBox, 303–315 AJAX usage, 311 ANSTE, 304–307 modules, 303 new modules, difficulties of testing, 304 testing in new Linux releases, 304 efficient testing, 235 developer notes, accessing, 240 foreign languages, accommodating, 237, 240 measurement, 238 mindmaps, 242 mutation testing, 251 oracles, 241 regression testing, 239 requirements, 238 scripting, 239 security, 236 SLIME, 235 test data generation, 241 Electric Fence, 274 elegance, 18 EnableModules script, 310 engaging volunteers, 32 equivalent mutants, 253 events, 32 location and scheduling, 33 publicity, 33 exploratory testing, 161–163 eXtensible Messaging and Presence Protocol (see XMPP) Extreme Programming (see XP) F failure analysis, 114 false negatives, 281 false positives, 281 Firebug Lite, 291 Firefox, testing with Sisyphus, 297 Fit, 177 FitNesse, 201 FIXME developer notes, 240 foreign languages, 237 Fusil tool, 125, 277 fuzzing (fuzz testing), 57 ClamAV, 276 custom fuzzers, 63 Fusil tool, 125 general fuzzers, 61 interoperability, improving, 57 limitations, 65 ongoing testing, considerations, 65 preparation, 60 process, 60–65 purpose, 57 random fuzzing, 64 security flaws, detecting, 59 user satisfaction, improving, 58 using corrupted input, 61 working with known bugs, 60 G Gaussian distribution, 132 GCC, 271 Gecko rendering engine, 258 goal-question-metric approach, 23 H Huggins, Jason, 177 I incremental automation, 201 info/query stanzas, 86 information leakage, 237 initiator, 89 instrumented builds, 151 interoperability, 57 invalid input, testing with, 61 invalidation testing, 265 IRC (Internet relay chat), 27 J Jabber, 85 Javalanche, 255 JavaScript, 287 testing scripts, 297 JID (Jabber ID), 86 jsfunfuzz (JavaScript fuzzer), 63 JUnit, 200 K Kaner, Cem, 161 KCachegrind, 149, 150 Klocwork, 120 Knuth, Donald, 211 Komogorov-Smirnov test, 139 L large-scale automated testing, 104–106 choosing which tests to automate, 104 failure analysis, 114 reasonable goals, 115 reporting, 114 test automation systems, 105 test case management, 107 test collateral, 107 test distribution, 112 test infrastructure, 107 test labs, 111 test writing, 106 leadership (see coordination) libclamav, 270 Lightning, Thunderbird add-on, 27 Lint tool, 125 Lipton, Richard, 250 Lithium tool, 301 load testing, 238 lookupNode, 292 LOUD, 240 M manifest files, 259 Marick, Brian, 174, 195 Mark II computer, first bug, 68 mean test, 135 measurement, 238 medical software testing, 156 ad-hoc testing, 162 adding perspectives, 159 communication, 158 exploratory testing, 159, 161 multiuser testing, 160, 163–165 science labs, 165 scripted testing, 162, 165 simulation of real use, 166 teamwork, 157 testing according to regulations, 168–169 memory checkers, 273–275 Electric Fence and DUMA, 274 INDEX 325 limitations of, 275 Mudflap, 274 Valgrind, 273 memory leaks, 124 Mersenne Twister algorithm, 131 message stanzas, 86 Microsoft Office customer improvement program, 56 mindmaps, 242 Mothra, 250 Mozilla Calendar Project, 27 publicity, 33 quality assurance events, 34 Mozilla Project, 266 evolution of testing strategies, 257 Sisyphus and the Spider tool, 295–301 Mudflap pointer debugging tool, 274 µJava, 250 multi-code-base defect tracking, 74 multiuser testing, 163–165 mutation testing, 250–256 AspectJ example, 252 equivalent mutants, 253 evaluating mutation impacts, 254 growth in use, 255 Javalanche framework, 255 selecting mutation operators, 251 mutations, 250 MySQL, testing with ANSTE, 315 P network services testing, 303 (see also eBox; ANSTE) nonuniform random number generators, 132 normal distribution, 132 Pareto effect, 248 People (Socialtext product), 230 performance test cases, 41 performance testing, 37, 238 ClamAV, 279 collaboration, 38 examples, 42, 43, 45 value of different viewpoints, 46 defining a test model, 38–40 defining testing requirements, 38–45 documentation and problem solving, 48 UAT, 49 user interface and system load, 46 Pettichord, Bret, 176, 177 pipe functions, 150, 154 presence stanzas, 86 printing tests, 263 programming languages, 119 stability, 120 proportion, 181 proxy.xml, 308 pseudorandom number generators (see RNGs) publicity, 33 Python programming language, 120, 287 bug list, 128 testing, 121–127 bug fix releases, 124 Buildbot, 121 documentation testing, 123 dynamic analysis, 124 refleak testing, 122 release testing, 123 static analysis, 125 testing philosophy, 120 O Q N Occam’s Razor, 67 Office 2007, fuzz testing of, 59 office software, 55 user expectations, 55 open source communities communication, 27 coordination, 29 engaging, 32 events, 32 goals and rewards, 35 quality assurance using, 27 recruiting, 31 volunteers, 28 OpenSolaris Desktop case study, 79–83 opinion polling, 282 oracles, 241 326 INDEX QA (quality assurance), 178 open source communities, using, 27 queuing theory, 132 R random fuzzing, 64 random number generators (see RNGs) range tests, 134 recruiting, 31 reference testing, 257–266 manifest files, 259 test extensibility, 261–266 asynchronous tests, 262 invalidation tests, 265 printing tests, 263 test structure, 258–261 refleak testing, 122 reftest-print tests, 263 reftest-wait tests, 262 regression testing, 239 automated regression testing (see reference testing) manual versus automated, 23 release candidates, 282 release testing, 123 reporting test results, 114 responder, 89 RNGs (random number generators), 130 difficulty of testing, 130 nonuniform RNGs, 132 test progression, 134–140 bucket test, 138 Komogorov-Smirnov test, 139 mean test, 135 range tests, 134 variance test, 136 uniform RNGs, 131 Rogers, Paul, 177 Ruderman, Jesse, 63 S scalability testing, 239 scenario testing, 97 scripted testing, 162, 165 scripting, 239 security, 59, 236 Selenium, 177, 293, 306 Selenium IDE, 311 session initialization, 97 Sisyphus, 297 extension testing with, 298 Firefox, operation on, 299 Slideshow, 229 SocialCalc, 230 Socialtext, 215 business purpose, 216 software process, 218 software development, 171–176 aesthetics and, 176 agile teams, 172 checking versus investigating, 210 complexity, 175 as a creative process, 174 intensity, 175 joy, 175 multiple character sets, handling, 237 musical performance and, 172 practice, rehearsal, performance, 173 requirements that demand testing, 238 security, coding for, 236 test-driven development (see TDD) software test suites, evaluating, 247 simulating defects, 249 software testing antivirus software (see ClamAV) measurement of behavior, 238 regression testing, 239 seeding with defects, 247 web applications (see Windmill testing framework) software testing movements, 176 source functions, 150, 153 Spider tool, 296, 301 database, 298 spidering, 295 Splint tool, 272 Spolsky, Joel, 212 SQL injection, 236 stanzas, 86 payloads, 88 static analysis, 125 static analyzers, 271–273 Clang Static Analyzer, 271 GCC, 271 Splint, 272 stories, 218 illustrative example, 219–223 stress testing, 238 Sunbird calendar application, 27 Swift IM client, 85 sync functions, 150, 153 T tag clouds, 77 tags, 109 TCE (Test-Case Effectiveness) metric, 78 TDD (test-driven development), 182–194, 202– 206 author, 191 beauty, 193 delivering value, 206–208 incremental testing and coding, 207 planning, 207 team ownership of problems, 206 driving code with examples, 204 examples, 184 as permanent requirement artifacts, 186 automated examples, 189 readable examples, 185 executors, 191 experimentation, 203 facing problems, 205 full TDD process, 190 planning, 203 reader, 191 red-green-refactor cycle, 182 INDEX 327 report consumer, 192 requirements, 184 result consumer, 191 TDD triangle, 184 team collaboration, 192 testable designs, 187 tests, 185 tool support, 189–192 unit test development, 221 test automation pyramid, 200 test automation systems, 105 test bed preparation, 112 test binary or script, 108 test case ID, 108 test case management, 107–111 test collateral, 107 test data generation, 241 test days, 34 test distribution, 112 test escapes, 78 analyzing, 79 test ID numbers, 107 test infrastructure, 107 test results, reporting, 114 test scripts for ClamAV, 276 test stakeholders, 16 objectives and expectations, 18 test writing, 106 a common approach, 109 test-driven development (see TDD) testers, 3 experience and training, 8 qualities of testers, 5 roles and purpose, 8 testing agile testing, 177 balanced breakfast approach, 227 beauty, importance of, 210 continuous improvement, rules for, 198 delivering value, 198 reasonable goals, 115 as risk management, 210 teamwork, 195 testability, 199 TestRunner suite, 229 TODO developer notes, 240 TraceMonkey (Mozilla), 298 transparency, 57 Twill tool, 293 U UAT (user acceptance testing), 49 uniform random number generators, 131 unit testing, 89 ClamAV, 275 328 INDEX XMPP multistage protocols, 94–97 XMPP request-response protocols, 89–93 upstream bug tracking, 72 User Community Modeling Language (UCML), 45 user expectations, 55 user satisfaction, 58 V Valgrind, 120, 124, 149, 273 variance test, 136 VersionResponder test, 90 logic test, 92 with structured XML, 91 volunteers, 28 keeping engaged, 32 recruiting, 31 W Watir (Web Application Testing in Ruby), 177 web application testing (see Windmill testing framework) web page testing, 295 evolution of tools for, 296–299 JavaScript automated testing, 296 Spider tool, 296 white box testing, 270 Whittaker, James, 213 wikitests, 223–227 Windmill testing framework, 285–292 debugging tests, 291 Firebug Lite, 291 lookupNode, 292 other web application testing utilities, compared to, 293 running tests, 289–290 Windmill recorder, 286 Windmill website, 292 writing tests in Windmill’s IDE, 286–289 X XML schemas, 101 XMPP (eXtensible Messaging and Presence Protocol), 85–88 automated interoperability testing, 99–101 client-to-client versus client-to-server testing, 99 session initialization testing, 97–99 testing of protocols, 88 unit testing, 85 multistage protocols, 94–97 request-response protocols, 89–93 XML validation, 101 XMPP Extension Protocols (XEPs), 88 XMPP network, 86 XP (Extreme Programming), 182, 218 team collaboration, 192 XSS (cross-site scripting), 236 XUL markup language, 258 Z zzuf fuzzer, 61 INDEX 329 COLOPHON The cover image is from Getty Images.

I’d like to especially thank Török Edwin and Alberto Wu for proofreading this text and for taking ClamAV testing to the next level, and to Luca Gibelli for keeping our infrastructure running perfectly. They’re some of the most brilliant nerds I’ve ever met! Finally, I’d like to thank my beautiful wife for her patience with my duties and hobbies. CLAM ANTI-VIRUS: TESTING OPEN SOURCE WITH OPEN TOOLS 283 CHAPTER TWENTY-ONE Web Application Testing with Windmill Adam Christian Introduction T HE UNSTOPPABLE FORCE OF DYNAMIC WEB APPLICATIONS has changed the technology industry forever, and as rapidly as they are built, they need to be tested. Testing applications rich with dynamic JavaScript and interactive AJAX (Asynchronous JavaScript and XML) require a much more advanced set of tools producing tests that can easily be considered beautiful. In many ways it takes a well-versed web developer to understand and appreciate the complexities of automated testing on the Web, but essentially anyone can see the vast array of benefits.

Firebug Lite Firebug Lite is integrated into the Windmill IDE. It provides much of the same functionality found in the Firebug Firefox plug-in and is available on all of the browsers, in both your testing window and the Windmill IDE. The main goal of Firebug is to allow you to interact with any part of the web application at any time. This includes a DOM inspector, a JavaScript console, and the following views: HTML, CSS, Script, DOM, XML HTTP Request (XHR). See Figure 21-6. WEB APPLICATION TESTING WITH WINDMILL 291 FIGURE 21-6. Firebug Lite user interface LookupNode Using the Firebug Lite console, you can use built-in Windmill functionality for searching through the DOM for nodes. One of the most useful methods is lookupNode, because it will do a cross-window, frame, and iframe lookup of a locator to find a node (Example 21-8).

pages: 420 words: 79,867

Developing Backbone.js Applications by Addy Osmani

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Airbnb, anti-pattern, create, read, update, delete, database schema, don't repeat yourself, Firefox, full text search, Google Chrome, Khan Academy, loose coupling, MVC pattern, node package manager, pull request, Ruby on Rails, side project, single page application, web application

Stubs and mocks Stubs Mocks Exercise Models Collections Views App Further Reading & Resources Resources Books & Courses Extensions/Libraries Conclusions Appendix A Simple JavaScript MVC Implementation Event System Models Views Controllers Practical Usage MVP Models, Views & Presenters MVP or MVC? MVC, MVP and Backbone.js Namespacing Backbone Dependency Details DOM Manipulation Utilities RESTful persistence Routing Backbone Vs. Other Libraries And Frameworks Prelude Not so long ago, “data-rich web application” was an oxymoron. Today, these applications are everywhere and you need to know how to build them. Traditionally, web applications left the heavy-lifting of data to servers that pushed HTML to the browser in complete page loads. The use of client-side JavaScript was limited to improving the user experience. Now this relationship has been inverted - client applications pull raw data from the server and render it into the browser when and where it is needed.

The typical SPA consists of smaller pieces of interface representing logical entities, all of which have their own UI, business logic and data. A good example is a basket in a shopping web application which can have items added to it. This basket might be presented to the user in a box in the top right corner of the page (see the picture below): The basket and its data are presented in HTML. The data and its associated View in HTML changes over time. There was a time when we used jQuery (or a similar DOM manipulation library) and a bunch of Ajax calls and callbacks to keep the two in sync. That often produced code that was not well-structured or easy to maintain. Bugs were frequent and perhaps even unavoidable. The need for fast, complex, and responsive Ajax-powered web applications demands replication of a lot of this logic on the client side, dramatically increasing the size and complexity of the code residing there.

In addition to helping provide sane structure to your applications, Backbone is highly extensible supporting more custom architecture should you require more than what is prescribed out of the box. This is evident by the number of extensions and plugins which have been released for it over the past year, including those which we have touched upon such as MarionetteJS and Thorax. These days Backbone.js powers many complex web applications, ranging from the LinkedIn mobile app to popular RSS readers such as NewsBlur through to social commentary widgets such as Disqus. This small library of simple, but sane abstractions has helped to create a new generation of rich web applications, and I and my collaborators hope that in time it can help you too. If you’re wondering whether it is worth using Backbone on a project, ask yourself whether what you are building is complex enough to merit using it. Are you hitting the limits of your ability to organize your code?

Python Geospatial Development - Second Edition by Erik Westra

capital controls, database schema, Firefox, Golden Gate Park, Google Earth, Mercator projection, natural language processing, openstreetmap, Silicon Valley, web application

Now that we have the coordinates for the two desired locations, we can calculate the distance between them using the Proj Python library: import pyproj lat1,long1 = (37.82,-122.42) lat2,long2 = (37.80,-122.44) geod = pyproj.Geod(ellps="WGS84") angle1,angle2,distance = geod.inv(long1, lat1, long2, lat2) print "Distance is %0.2f meters" % distance This prints the distance between the two points: Distance is 2833.64 meters Note Don't worry about the "WGS84" reference at this stage; we'll look at what this means in Chapter 2, GIS. Of course, you wouldn't normally do this sort of analysis on a one-off basis like this—it's much more common to create a Python program that will answer these sorts of questions for any desired set of data. You might, for example, create a web application that displays a menu of available calculations. One of the options in this menu might be to calculate the distance between two points; when this option is selected, the web application would prompt the user to enter the two locations, attempt to geocode them by calling an appropriate web service (and display an error message if a location couldn't be geocoded), then calculate the distance between the two points using Proj, and finally display the results to the user. Alternatively, if you have a database containing useful geospatial data, you could let the user select the two locations from the database rather than typing in arbitrary location names or street addresses.

Note that, because there are over two million features we want to add to the database, it can take a while for this program to complete. Implementing the DISTAL application Now that we have the data, we can start to implement the DISTAL application itself. To keep things simple, we will use CGI scripts to implement the user interface. Note CGI scripts aren't the only way we could implement the DISTAL application. Other possible approaches include using web application frameworks such as TurboGears or Django, using AJAX to write your own dynamic web application, using CherryPy (http://cherrypy.org) or even using tools such as Pyjamas (http://pyjs.org) to compile Python code into JavaScript. All of these approaches, however, are more complicated than CGI, and we will be making use of CGI scripts in this chapter to keep the code as straightforward as possible. Let's take a look at how our CGI scripts will implement the DISTAL application's workflow: As you can see, there are three separate CGI scripts, selectCountry.py, selectArea.py, and showResults.py, each implementing a distinct part of the DISTAL application.

We learned the following: Mapnik is a powerful and flexible toolkit for generating a variety of maps Mapnik uses the painter's algorithm to draw the various parts of a map in the correct order A map is made up of multiple layers Map rendering is controlled using styles Styles are defined within the map and are referred to by the layers, allowing styles to be shared between map layers Each style consists of one or more rules Each rule has a list of symbolizers, telling Mapnik how to draw the layer's features onto the map, and an optional filter which selects the features the rule applies to You can use a map definition file as a simpler way of creating maps without having to define all the symbolizers, filters, rules, styles, and layers in Python You can use a map definition file as a stylesheet, separating the logic of building a map from the way it is formatted, in the same way that an HTML templating engine separates form and content in a web application In the next chapter, we will start to build a complete mapping application using PostGIS, Mapnik, and GeoDjango. Chapter 9. Putting It All Together – a Complete Mapping System In the final three chapters of this book, we will bring together all the topics discussed in previous chapters to implement a sophisticated web-based mapping application called ShapeEditor. In this chapter, we will cover the following: Designing a geospatial system, and then translating that design into code Structuring of Django-based web applications Setting up a new Django project and its applications Learn how Django represents data structures as objects Using GeoDjango's built-in "admin" application to view and edit geospatial data About ShapeEditor As we have seen, shapefiles are commonly used to store, make available, and transfer geospatial data.

pages: 73 words: 17,793

HTML5 for Web Designers by Jeremy Keith

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, web application

HTML5 will document these APIs once and for all, which should ensure better compatibility. It might sound strange to have JavaScript documentation in a markup specification, but remember that HTML5 started life as Web Apps 1.0. JavaScript is an indispensable part of making web applications. Entire sections of the HTML5 specification are dedicated to new APIs for creating web applications. There’s an UndoManager that allows the browser to keep track of changes to a document. There’s a section on creating Offline Web Applications using a cache manifest. Drag and drop is described in detail. As always, if there is an existing implementation, the specification will build upon it rather than reinvent the wheel. Microsoft’s Internet Explorer has had a drag and drop API for years, so that’s the basis for drag and drop in HTML5.

A rebellion formed within the W3C. The consortium seemed to be formulating theoretically pure standards unrelated to the needs of web designers. Representatives from Opera, Apple, and Mozilla were unhappy with this direction. They wanted to see more emphasis placed on formats that allowed the creation of web applications. Things came to a head in a workshop meeting in 2004. Ian Hickson, who was working for Opera Software at the time, proposed the idea of extending HTML to allow the creation of web applications. The proposal was rejected. The disaffected rebels formed their own group: the Web Hypertext Application Technology Working Group, or WHATWG for short. From Web Apps 1.0 to HTML5 From the start, the WHATWG operated quite differently than the W3C. The W3C uses a consensus-based approach: issues are raised, discussed, and voted on.

If a browser vendor refuses to support a particular proposal, there’s no point in adding that proposal to the specification because then the specification would be fiction. According to the priority of constituencies, we web designers have an even stronger voice. If we refuse to use part of the specification, then the specification is equally fictitious. Keeping It Real The creation of HTML5 has been driven by an ongoing internal tension. On the one hand, the specification needs to be powerful enough to support the creation of web applications. On the other hand, HTML5 needs to support existing content, even if most existing content is a complete mess. If the specification strays too far in one direction, it will suffer the same fate as XHTML 2. But if it goes too far in the other direction, the specification will enshrine <font> tags and tables for layout because, after all, that’s what a huge number of web pages are built with.

pages: 325 words: 85,599

Professional Node.js: Building Javascript Based Scalable Software by Pedro Teixeira

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

en.wikipedia.org, Firefox, Google Chrome, node package manager, platform as a service, web application, WebSocket

CONTENTS Introduction Part I: Introduction and Setup Chapter 1: Installing Node Installing Node on Windows Installing on Mac OS X Installing Node Using the Source Code Setting Up and Using Node Package Manager Summary Chapter 2: Introducing Node Introducing the Event-Driven Programming Style How Node and JavaScript Make Writing Asynchronous Applications Easier Summary Part II: Node Core API Basics Chapter 3: Loading Modules Understanding How Node Loads Modules Exporting a Module Summary Chapter 4: Using Buffers to Manipulate, Encode, and Decode Binary Data Creating a Buffer Getting and Setting Bytes in a Buffer Slicing a Buffer Copying a Buffer Decoding a Buffer Summary Chapter 5: Using the Event Emitter Pattern to Simplify Event Binding Understanding the Standard Callback Pattern Understanding the Event Emitter Pattern Understanding Event Types Using the Event Emitter API Creating an Event Emitter Summary Chapter 6: Scheduling the Execution of Functions Using Timers Using setTimeout to Defer the Execution of a Function Using clearTimeout to Cancel the Execution of a Function Scheduling and Canceling the Repetitive Execution of a Function Using process.nextTick to Defer the Execution of a Function Until the Next Event Loop Iteration Blocking the Event Loop Escaping the Event Loop Using setTimeout Instead of setInterval to Force Serialization Summary Part III: Files, Processes, Streams, and Networking Chapter 7: Querying, Reading From, and Writing to Files Manipulating File Paths Introducing the fs Module Opening a File Reading from a File Summary Chapter 8: Creating and Controlling External Processes Executing External Commands Spawning Child Processes Signaling and Killing Processes Summary Chapter 9: Reading and Writing Streams of Data Using a Readable Stream Using Writable Streams Considering Some Stream Examples Avoiding the Slow Client Problem and Saving Your Server Summary Chapter 10: Building TCP Servers Creating a TCP Server Building a Simple TCP Chat Server Summary Chapter 11: Building HTTP Servers Understanding the http.ServerRequest Object Understanding the http.ServerResponse Object Streaming HTTP Chunked Responses Shutting Down the Server Example 1: Building a Server that Serves Static Files Example 2: Making Use of HTTP Chunked Responses and Timers Summary Chapter 12: Building a TCP Client Connecting to a Server Sending and Receiving Data Ending the Connection Handling Errors Building an Example Command-Line TCP Client Summary Chapter 13: Making HTTP Requests Making GET Requests Using Other HTTP Verbs Pooling Sockets Using http.Agent Using a Third-Party Request Module to Simplify HTTP Requests Summary Chapter 14: Using Datagrams (UDP) Understanding UDP Understanding the Uses of UDP Building a Datagram Server Creating a Simple Datagram Echo Server Building a Datagram Client Creating a Simple Datagram Command-Line Client Understanding and Using Datagram Multicast Summary Chapter 15: Securing Your TCP Server With TLS/SSL Understanding Private and Public Keys Building a TLS Server Building a TLS Client Building Some Examples Summary Chapter 16: Securing Your HTTP Server With HTTPS Building a Secure HTTP Server Creating an HTTPS Client Summary Part IV: Building and Debugging Modules and Applications Chapter 17: Testing Modules and Applications Using a Test Runner Using an Assertion Testing Module Testing Your Asynchronous Module Summary Chapter 18: Debugging Modules and Applications Using console.log Using Node’s Built-in Debugger Using Node Inspector Summary Chapter 19: Controlling the Callback Flow Understanding the Boomerang Effect Avoiding the Boomerang Effect by Declaring Functions Using the async Flow Control Library Summary Part V: Building Web Applications Chapter 20: Building and Using HTTP Middleware Understanding the Connect HTTP Middleware Framework Building Your Own HTTP Middleware Using the HTTP Middleware Bundled in Connect Summary Chapter 21: Making a Web Application Using Express.js Initializing Your Express.js Application Setting Up Middleware in Your Application Routing Requests Summary Chapter 22: Making Universal Real-Time Web Applications Using Socket.io Understanding How WebSockets Work Using Socket.IO to Build WebSocket Applications Summary Part VI: Connecting to Databases Chapter 23: Connecting to MYSQL Using node-mysql Using a Library to Connect to and Communicate with a MySQL Database Adding Data to the Database with Security Concerns in Mind Reading Data Efficiently Summary Chapter 24: Connecting to CouchDB Using Nano Installing Nano Connecting and Creating a Database Storing Documents Creating and Using CouchDB Views Attaching Files to a CouchDB Document Summary Chapter 25: Connecting to MongoDB Using MongooSE Installing Mongoose Understanding How Mongoose Uses Models to Encapsulate Database Access Connecting to MongoDB Defining a Schema Defining a Model Summary Introduction Advertisements Part I Introduction and Setup CHAPTER 1: Installing Node CHAPTER 2: Introducing Node Chapter 1 Installing Node WHAT’S IN THIS CHAPTER?

Using them, you can perform function calls in series or in parallel, or you can iterate over a collection in an asynchronous fashion. This chapter covered some of the most commonly used functions, but async provides more than these. If you’re interested, check out the official async documentation at https://github.com/caolan/async#readme Part V Building Web Applications CHAPTER 20: Building and Using HTTP Middleware CHAPTER 21: Making a Web Application Using Express.js CHAPTER 22: Making Universal Real-Time Web Applications Using Socket.IO Chapter 20 Building and Using HTTP Middleware WHAT’S IN THIS CHAPTER? Understanding how Connect works Making Connect-compatible middleware Making a middleware component that handles errors Using some of the built-in middleware components bundled in Connect Serving static files using Connect middleware Parsing query string, request body, and cookies Maintaining a session Node is particularly fit to be an HTTP server.

You can also use the middleware components provided by Connect. These include modules for parsing the query string, parsing the request body, parsing cookies, serving static files, handling errors, and maintaining sessions. Also, many third-party modules allow you to easily extend the functions provided by your Node HTTP server. Chapter 21 Making a Web Application Using Express.js WHAT’S IN THIS CHAPTER? Installing Express Starting a web application using Express Defining Express middleware Rendering Jade templates Defining URL route listeners Creating route middleware For some languages and platforms there are frameworks that simplify the job of crafting an HTTP-based application. Perhaps the best known is Rails (for the Ruby language), but countless others include Django, Sinatra, and Cake.

PostGIS in Action, 2nd Edition by Regina O. Obe, Leo S. Hsu

call centre, crowdsourcing, database schema, Debian, domain-specific language, en.wikipedia.org, Firefox, Google Earth, job automation, McMansion, megacity, Mercator projection, Network effects, openstreetmap, planetary scale, profit maximization, Ruby on Rails, Skype, South of Market, San Francisco, traveling salesman, web application

Then you rasterize that geometry C into a 400 × 400 pixel E raster composed of three 8BUI bands F and set the band value of the multilinestrings to a reddish color during output G. You then initialize nongeometry pixels to 0,0,0 H and finally convert the PostGIS raster to a PNG raster B. The output of listing 4.14 is the bytes that make up the PNG image as a PostgreSQL bytea (byte array) data type. You can then use a standard query connection like JDBC, PHP pgsql, ODBC, ADO.NET, or Python psychopg to retrieve the image for rendering in a web application. We have a demonstration of rendering for web applications at www.bostongis.com/blog/index.php?/archives/175-Minimalist-Web-based-PHP-PostGIS2.0-Spatial-GeometryRaster-Viewer.html. OpenOffice can also read images stored in a field. With it you can easily incorporate your image in spreadsheets and presentations. We demonstrate the use of OpenOffice and LibreOffice at www.postgresonline.com/journal/archives/244-Raster-LibreOfficeBase-Reports.html. 4.6 Summary In this chapter, we demonstrated the use of various tools for importing and exporting vector and raster data:  Shp2pgsql  Shp2pgsql-gui Licensed to tracy moore <nordick.an@gmail.com> www.it-ebooks.info 112 CHAPTER 4 Working with real data  Pgsql2shp for Esri shapefiles  Ogr2ogr for other vector files  Osm2pgsql for OpenStreetMap  Raster2pgsql for importing rasters  Gdal_translate and gdalwarp for exporting raster data We advised you to take advantage of useful GDAL tools such as ogrinfo and gdalinfo to inspect the data prior to importing.

Licensed to tracy moore <nordick.an@gmail.com> www.it-ebooks.info 448 CHAPTER 17 Table 17.3 Using PostGIS in web applications Data source formats supported Service MapServer GeoServer QGIS Server Oracle Spatial/Locator Yes* Yes* Yes* SQL Server 2008/2012 Yes* Yes* Yes PostGIS geography Yes Yes Yes PostGIS raster Yes Yes* Yes Basic raster Yes Yes Yes MrSID Yes* Yes* Yes* SpatiaLite Yes* Yes Yes MySQL Yes* Yes* Yes * Support is available via an extra downloadable plug-in or library. 17.3 Mapping clients Once the web-mapping services have been set up, you need client applications to consume them. Client applications come in two flavors: desktop and web. Web applications are often implemented using Ajax and a mix of web-scripting languages. Many desktop mapping toolkits are also capable of consuming standard OGC webmapping services.

The most important piece is the click event handler H, which binds the onMapClick event function you created with the click event of the map. The output of clicking on an open-space feature is shown in figure 17.9. Figure 17.9 Output of Leaflet with onclick event: postgis_in_action_leaflet_3.htm Licensed to tracy moore <nordick.an@gmail.com> www.it-ebooks.info 478 CHAPTER 17 Using PostGIS in web applications 17.8 Summary In this chapter, we explored the various ways you can consume PostGIS data in web applications. We demonstrated the commonly available WMS/WFS mapping servers and how you could utilize these in OpenLayers and Leaflet. We also demonstrated how to query PostGIS raster data with SQL and display the rendered output on OpenLayers and Leaflet. In addition, we looked at how you can leverage the power of PostgreSQL and PostGIS to output fully formed GeoJSON feature collections or raster images, and how to consume this in concert with PHP, jQuery, and Leaflet.

pages: 161 words: 44,488

The Business Blockchain: Promise, Practice, and Application of the Next Internet Technology by William Mougayar

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Airbnb, airport security, Albert Einstein, altcoin, Amazon Web Services, bitcoin, Black Swan, blockchain, business process, centralized clearinghouse, Clayton Christensen, cloud computing, cryptocurrency, disintermediation, distributed ledger, Edward Snowden, en.wikipedia.org, ethereum blockchain, fault tolerance, fiat currency, fixed income, global value chain, Innovator's Dilemma, Internet of things, Kevin Kelly, Kickstarter, market clearing, Network effects, new economy, peer-to-peer, peer-to-peer lending, prediction markets, pull request, QR code, ride hailing / ride sharing, Satoshi Nakamoto, sharing economy, smart contracts, social web, software as a service, too big to fail, Turing complete, web application

It took a long time before we were able to see ambitious and innovative Web applications, and many of the early ones were not that innovative, because they tried to replicate what was being done already in the real world. Nonetheless, replication is a good first step, because it allows one to gain experience when expectations are lower. Taken as an extreme case, just about any software application could be rewritten with some blockchain and decentralization flavor into it, but that does not mean it’s a good idea to do so. Perhaps 2016 for blockchain is equivalent to 1995 in terms of where we were at that stage with the proliferation of Web applications. At that time, the Java Virtual Machine was not yet available, but when it was, it opened an avalanche of opportunities, and made it easier to create large scale Web applications. The advent of the Java computer programming language meant that Java applications could run on any Java Virtual Machine (JVM) regardless of computer architecture.

Software development tools facilitate the overall software development projects. Up until 1998, writing Web applications was not that easy, and required the manual assembly of several pieces of software together. During that time, several shortcomings plagued the deployment of Web applications, including the lack of robust transaction management and state related capabilities, scalability, deployment, applications manageability, and certainly security. Then, Netscape introduced the famous all-in-one “Netscape Application Server,” an integrated suite of software capabilities that included the various requirement components and tools, out-of-the-box. That simplification was a boon for programmers who took to it like ducks to water, and started focusing on writing Web applications, instead of worrying about assembling the required pieces together and about incompatibilities.

I was determined to make it less dreadful for the rest of us to understand this technology and its ramifications. The blockchain is part of the history of the Internet. It is at the same level as the World Wide Web in terms of importance, and arguably might give us back the Internet, in the way it was supposed to be: more decentralized, more open, more secure, more private, more equitable, and more accessible. Ironically, many blockchain applications also have a shot at replacing legacy Web applications, at the same time as they will replace legacy businesses that cannot loosen their grips on heavy-handed centrally enforced trust functions. No matter how it unfolds, the blockchain's history will continue to be written well after you finish reading this book, just as the history of the Web continued to be written well after its initial invention. But here's what will make the blockchain's future even more interesting: you are part of it.

pages: 255 words: 55,018

Architecting For Scale by Lee Atchison

Amazon Web Services, business process, cloud computing, continuous integration, DevOps, Internet of things, platform as a service, risk tolerance, software as a service, web application

Security and security monitoring has always been a part of building systems, even before large-scale web applications came about. However, web applications have become larger and more complicated, storing larger quantities of data and handling larger quantities of traffic. Combined with a higher usefulness to the data available within these applications, this has led to a huge increase in the number of bad actors attempting to compromise our applications. Compromises by bad actors can be directed at acquiring highly sensitive private data, or they can be directed at bringing down large applications and making them unavailable. Some bad actors do this for monetary gain, while others are simply in it for the thrill. Whatever the motivation, whatever the result, bad actors are becoming a bigger problem. Web application security is well beyond the purview of this book.1 However, implementing high-quality security is imperative to both high availability and mitigating risk of highly scaled applications.

What’s a reasonable availability number in order to consider your system as high availability? It is impossible to give a single answer to this question because it depends dramatically on your website, your customer expectations, your business needs, and your business expectations. You need to determine for yourself what number is required for your business. Often, for basic web applications, 3 nines is considered acceptable availability. Using Table 3-1, this amounts to 43 minutes of downtime every month. For a web application to be considered highly available, often an indication of 5 nines is used. This amounts to only 26 seconds of downtime every month. Don’t Be Fooled Don’t be fooled into thinking your site is highly available when it isn’t. Planned and regular maintenance that involves your application being unavailable still count against availability.

Graceful degradation is when a service reduces the amount of work it can accomplish as little as possible when it lacks needed results from a failed service. Example 13-1. Reduced functionality Imagine that you have a web application that generates an ecommerce website that sells T-shirts. Let’s also assume that there is an “image service” that provides URLs for images to be displayed on this website. If the application makes a call to this image service and the service fails, what should the application do? One option would be for the application to continue displaying the requested product to the customer, but without the images of the product (or show a “no image available” message). The web application can continue to operate as an ecommerce store, just with the reduced capability of not being able to display product images. This is far superior to the ecommerce website simply failing and returning an error to the user simply because the images are not available.

pages: 153 words: 27,424

REST API Design Rulebook by Mark Masse

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

anti-pattern, conceptual framework, create, read, update, delete, data acquisition, database schema, hypertext link, information retrieval, web application

Final Thoughts State of the Art Today, implementing our REST API designs is harder than it ought to be. The tools and frameworks that aim to support REST API developers have room for improvement. Many of the programming language-centric REST API development frameworks were originally created to help build web applications. These frameworks seem to suggest that REST APIs are similar enough to web applications that they should be cast from the same mold. By repurposing the web application’s controller paradigm, many of today’s frameworks provide support for using URI templates to route inbound client requests to handler-style methods or functions. In recognition of the fact that developers don’t want to code web page templates to format their REST API’s data, most of the frameworks offer built-in XML and JSON-based serialization and deserialization of the server’s objects to and from an HTTP message’s body.

Without this consistency, there would be no singular and open Web as we know it today. On today’s server-side, in the realm of REST APIs, its a bit like the pioneering days of America’s Wild West: not completely lawless, but nearly so. The inconsistency of REST API designs hinders the transition of web applications to their next logical architecture, where web servers provide structured data and leave the presentation responsibilities to their enriched clients. In this architecture, web applications use JavaScript to render screens in the browser and interact with REST APIs that provide consistently formed representations. This approach reduces a server’s workload by shifting some of the processing duty to its users’ client devices, which have fast and powerful CPUs. In short, this architecture requires less server-side computational capacity, which reduces the total cost of operation.

The example interaction below shows a user (with ID 1234) of a client program using a fictional Soccer REST API to insert a document resource named alonso in his or her store of favorites: PUT /users/1234/favorites/alonso Controller A controller resource models a procedural concept. Controller resources are like executable functions, with parameters and return values; inputs and outputs. Like a traditional web application’s use of HTML forms, a REST API relies on controller resources to perform application-specific actions that cannot be logically mapped to one of the standard methods (create, retrieve, update, and delete, also known as CRUD). Controller names typically appear as the last segment in a URI path, with no child resources to follow them in the hierarchy. The example below shows a controller resource that allows a client to resend an alert to a user: POST /alerts/245743/resend URI Path Design Each URI path segment, separated by forward slashes (/), represents a design opportunity.

pages: 435 words: 62,013

HTML5 Cookbook by Christopher Schmitt, Kyle Simpson

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, Internet Archive, security theater, web application, WebSocket

A demonstration of how ARIA roles are used in an HTML5 document Roles for web apps Some ARIA landmark roles, such as application and main, are unique and do not map directly to specific HTML5 elements. Add the application role to an HTML element that contains a web application instead of normal web content. Ensure that the HTML element associated with this role encompasses the entire web application. This role may instruct assistive technology to enter a mode that is more appropriate for interacting with web application functionality. You may add the document role to the page after the application to indicate where nonapplication web content resumes: <div role="application"> ... </div> Add the main role to an HTML element that contains the primary content of the document, such as articles, divs, etc.: <div role="main"> In the future, this solution might provide an alternative to “skip to main content” or “skip navigation” links.

History Problem For your web application, you want fine-grained control to manage the forward/backward button history queue, as well as the displayed URL in the address bar of the browser. Solution HTML5 brings us several important enhancements to the browser’s window.history object, commonly referred to as the History API. To test if the browser supports the enhanced History API, use the following feature-detect: var history_support = !!(window.history && window.history.pushState); Normally, when you change the URL in the address bar, the browser initiates a new request to the server for that new page. But today’s complex web applications more commonly use Ajax to load only new information, without full-page refreshes. This leads to a disconnect, where web applications can’t update the address bar URL because they don’t want a browser page refresh.

ARIA roles Add the banner role to the page header (which typically contains the logo/name and other site-specific information). Use this role only once per document or web application: <header role="banner"> Add the complementary role to the aside element. Both are designed to mark up content that is somewhat related to the main content. Do not use this role or element for content that is completely separate and unrelated: <aside role="complementary"> Add the navigation role to each nav element: <nav role="navigation"> Add the form role to any form element, unless the form contains search functionality: <form role="form"> Add the search role to a site’s search form: <form role="search"> The contentinfo role identifies information about the page content, such as copyright and privacy terms. Use this role only once per document or web application. If your footer contains only this type of information, associate the role with the footer element: <footer role="contentinfo"> <p>Copyright 2011</p> </footer> If you have a “fat footer” with lots of other content or links, enclose the contentinfo material in a container element (like a div or a p) and assign the contentinfo role to the container: <footer> ...

pages: 224 words: 48,804

The Productive Programmer by Neal Ford

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

anti-pattern, business process, c2.com, continuous integration, database schema, domain-specific language, don't repeat yourself, Firefox, general-purpose programming language, knowledge worker, Larry Wall, Ruby on Rails, side project, type inference, web application, William of Occam

Subvert Selenium to Walk Web Pages Selenium‡ is an open source user acceptance testing tool for web applications. It allows you to simulate user actions by automating the browser via JavaScript. Selenium is written entirely in browser technology, so it runs in all mainstream browsers. It is an incredibly useful tool for testing web applications, regardless of the technology used to create the web application. But I’m not here to talk about using Selenium as a testing tool. One of the ancillary projects to Selenium is a Firefox browser plug-in called Selenium IDE. Selenium IDE allows you to record your interaction with a web application as a Selenium script, which you can play back through Selenium’s TestRunner or through Selenium IDE itself. While this is useful when creating tests, it is invaluable if you need to automate your interaction with a web application. ‡ Download at 58 http://www.openqa.org.

Even those of us who thought we knew what we were doing were mortified to read Brian Goetz’s Java Concurrency in Practice (Addison-Wesley). In his book, Brian effectively demonstrates that writing robust thread-safe code in Java (and, by extension, in any imperative language) is very difficult indeed. About five years ago, our users were perfectly content with the ugly, graphical-version-of-aterminal-window web applications we were cranking out. Then the annoying coders at Google released Google Maps and Gmail and showed our users that web applications didn’t have to suck. We had to up our game and start building better web applications. The same will happen with concurrency. We developers can afford to be blissfully ignorant about serious threading concerns now, but someone will come along and show that it’s possible to utilize the Where Are We Going? And How Do We Get There? 171 capabilities of new machinery in innovative ways, and we’ll all have to follow along.

‡ Download at 58 http://www.openqa.org. CHAPTER 4: AUTOMATION FIGURE 4-2. Selenium IDE with a script ready to run Here is a common scenario. You are building the fourth page of a wizard-style web application. The first three pages are complete, meaning that all their interaction works correctly (including things like validations). To debug the behavior of the fourth page, you must walk through the first three pages over and over. And over. And over. You always think, “OK, this will be the last time I have to walk through these pages because I’m sure I’ve fixed the bug this time.” But it’s never the last time! This is why your test database has lots of entries for Fred Flintstone, Homer Simpson, and that ASDF guy. Use Selenium IDE to do the walking for you. The first time you need to walk through the application to get to the fourth page, record it using Selenium IDE, which will look a lot like Figure 4-2.

pages: 671 words: 228,348

Pro AngularJS by Adam Freeman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

business process, create, read, update, delete, en.wikipedia.org, Google Chrome, information retrieval, inventory management, MVC pattern, place-making, premature optimization, revision control, Ruby on Rails, single page application, web application

JSON is a language-independent way of expressing data that emerged from JavaScript but that has since taken on a life of its own and is supported by every major programming language—so much so that it has displaced other data formats, especially in web applications. XML used to be the data exchange format of choice (the X in Ajax stands for XML), but JSON has largely replaced it because it is more concise and easier for developers to read. As a bonus for web applications, JSON is easy to generate and parse with JavaScript, and AngularJS takes care of formatting and parsing automatically. Making Ajax Requests The $http service is used to make and process Ajax requests, which are standard HTTP requests that are performed asynchronously. Ajax is at the heart of modern web applications, and the ability to request content and data in the background while the user interacts with the rest of the application is an important way of creating a rich user experience.

Failing the basic tests Summary In this chapter, I outlined the content and structure of this book and as well as the software that is required for AngularJS web development. As I said earlier, the best way to learn AngularJS development is by example, so in Chapter 2 I jump right in and show you how to create your first AngularJS application. 14 Chapter 2 Your First AngularJS App The best way to get started with AngularJS is to dive in and create a web application. In this chapter, I take you through a simple development process, starting with a static mock-up of the target application and applying AngularJS features to move to a dynamic web application, albeit a simple one. In Chapters 6–8, I show you how to create a more complex and realistic AngularJS application, but for now a simple example will suffice to demonstrate the major components of an AngularJS app and set the scene for the other chapters in this part of the book. Preparing the Project In Chapter 1, I showed you how to create and test the development environment that I use in this book.

You won’t notice any delay when using the latest browsers on a capable desktop machine, but old browsers on underpowered smartphones can really slow down the initial setup of an AngularJS app. The goal, therefore, is to perform this setup as infrequently as possible and deliver as much of the app as possible to the user when it is performed. This means giving careful thought to the kind of web application you build. In broad terms, there are two kinds of web application: round-trip and single-page. Understanding Round-Trip and Single-Page Applications For a long time, web apps were developed to follow a round-trip model. The browser requests an initial HTML document from the server. User interactions—such as clicking a link or submitting a form—led the browser to request and receive a completely new HTML document. In this kind of application, the browser is essentially a rending engine for HTML content, and all of the application logic and data resides on the server.

pages: 66 words: 9,247

MongoDB and Python by Niall O’Higgins

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

cloud computing, Debian, fault tolerance, semantic web, web application

Additionally, MongoDB can support skipping to a specific offset in a result set through the Cursor.skip() method provided by PyMongo. When used with limit() this enables result pagination which is frequently used by clients when allowing end-users to browse very large result sets. skip() is analogous to the SQL OFFSET statement. For example, imagine a Web application which displays 20 users per page, sorted alphabetically by surname , and needs to fetch the data to build the second page of results for a user. The query used by the Web application might look like this: # Return at most 20 users sorted by name, # skipping the first 20 results in the set users = dbh.users.find().sort( ("surname", pymongo.ASCENDING)).limit(20).skip(20) Finally, when traversing very large result sets, where the underlying documents may be modified by other programs at the same time, you may wish to use MongoDB’s Snapshot Mode.

. # Perfectly legal insert - MongoDB will not complain dbh.users.insert({"username":"janedoe"}) # Also perfectly legal - MongoDB will not complain dbh.users.insert({"username":l337}) When you couple this with Python’s willingness to let you forgo explicitly typing your variables, you can soon run into trouble. Perhaps the most common scenario is when writing inputs from Web applications to the database. Most WSGI-based Python frameworks will send you all HTTP POST and GET parameter values as strings— regardless of whether or not they are in fact strings. Thus it is easy to insert or update a numeric property with a value that is a string. The best way, of course, to avoid errors of this nature is to prevent the wrong type of data 38 | Chapter 3: Common MongoDB and Python Patterns ever being written to the database in the first place. Thus, in the context of a Web application, validating and/or coercing the types of any inputs to write queries before issuing them is strongly advised. You may consider using the FormEncode or Colander Python libraries to help with such validation.

If more detailed logs are still needed—such as when each action took place—feel free to maintain those in a separate collection. This summary data is most useful for extremely fast reads and writes. 44 | Chapter 3: Common MongoDB and Python Patterns CHAPTER 4 MongoDB with Web Frameworks While MongoDB can be used in all sorts of applications, its most obvious role is as the database backend for a web application. These days, a great many mobile and tablet applications are functioning as “fat clients” to the same HTTP-based API’s as browserbased web applications; hence mobile and tablet apps need the same sort of backend database infrastructure as more traditional web apps. Many organizations and engineers are finding the advantages of MongoDB’s document-oriented architecture compelling enough to migrate parts or even entire applications from traditional RDBMS such as MySQL to MongoDB.

pages: 313 words: 75,583

Ansible for DevOps: Server and Configuration Management for Humans by Jeff Geerling

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, Any sufficiently advanced technology is indistinguishable from magic, cloud computing, continuous integration, database schema, Debian, defense in depth, DevOps, fault tolerance, Firefox, full text search, Google Chrome, inventory management, loose coupling, Minecraft, Ruby on Rails, web application

If you want to run an ad-hoc command against all the myapp servers in the inventory, you can run a command like so: # Use ansible to check memory usage on all the myapp servers. $ ansible myapp -a "free -m" A real-world web application server inventory The example above might be adequate for single-server services and tiny apps or websites, but most real-world applications require many more servers, and usually separate servers per application concern (database, caching, application, queuing, etc.). Let’s take a look at a real-world inventory file for a small web application that monitors server uptime, Server Check.in. 1 # Individual Server Check.in servers. 2 [servercheck-web] 3 www1.servercheck.in 4 www2.servercheck.in 5 6 [servercheck-web:vars] 7 ansible_ssh_user=servercheck_svc 8 9 [servercheck-db] 10 db1.servercheck.in 11 12 [servercheck-log] 13 log.servercheck.in 14 15 [servercheck-backup] 16 backup.servercheck.in 17 18 [servercheck-nodejs] 19 atl1.servercheck.in 20 atl2.servercheck.in 21 nyc1.servercheck.in 22 nyc2.servercheck.in 23 nyc3.servercheck.in 24 ned1.servercheck.in 25 ned2.servercheck.in 26 27 [servercheck-nodejs:vars] 28 ansible_ssh_user=servercheck_svc 29 foo=bar 30 31 # Server Check.in distribution-based groups. 32 [centos:children] 33 servercheck-web 34 servercheck-db 35 servercheck-nodejs 36 servercheck-backup 37 38 [ubuntu:children] 39 servercheck-log This inventory may look a little overwhelming at first, but if you break it apart into simple groupings (web app servers, database servers, logging server, and node.js app servers), it describes a straightforward architecture.

Ansible Examples Other resources Chapter 1 - Getting Started with Ansible Ansible and Infrastructure Management On snowflakes and shell scripts Configuration management Installing Ansible Creating a basic inventory file Running your first Ad-Hoc Ansible command Summary Chapter 2 - Local Infrastructure Development: Ansible and Vagrant Prototyping and testing with local virtual machines Your first local server: Setting up Vagrant Using Ansible with Vagrant Your first Ansible playbook Summary Chapter 3 - Ad-Hoc Commands Conducting an orchestra Build infrastructure with Vagrant for testing Inventory file for multiple servers Your first ad-hoc commands Discover Ansible’s parallel nature Learning about your environment Make changes using Ansible modules Configure groups of servers, or individual servers Configure the Application servers Configure the Database servers Make changes to just one server Manage users and groups Manage files and directories Get information about a file Copy a file to the servers Retrieve a file from the servers Create directories and files Delete directories and files Run operations in the background Update servers asynchronously, monitoring progress Fire-and-forget tasks Check log files Manage cron jobs Deploy a version-controlled application Ansible’s SSH connection history Paramiko OpenSSH (default) Accelerated Mode Faster OpenSSH in Ansible 1.5+ Summary Chapter 4 - Ansible Playbooks Power plays Running Playbooks with ansible-playbook Limiting playbooks to particular hosts and groups Setting user and sudo options with ansible-playbook Other options for ansible-playbook Real-world playbook: CentOS Node.js app server Add extra repositories Deploy a Node.js app Launch a Node.js app Node.js app server summary Real-world playbook: Ubuntu LAMP server with Drupal Include a variables file, and discover pre_tasks and handlers Basic LAMP server setup Configure Apache Configure PHP with lineinfile Configure MySQL Install Composer and Drush Install Drupal with Git and Drush Drupal LAMP server summary Real-world playbook: Ubuntu Apache Tomcat server with Solr Include a variables file, and discover pre_tasks and handlers Install Apache Tomcat 7 Install Apache Solr Apache Solr server summary Summary Chapter 5 - Ansible Playbooks - Beyond the Basics Handlers Environment variables Per-play environment variables Variables Playbook Variables Inventory variables Registered Variables Accessing Variables Host and Group variables group_vars and host_vars Magic variables with host and group variables and information Facts (Variables derived from system information) Local Facts (Facts.d) Variable Precedence If/then/when - Conditionals Jinja2 Expressions, Python built-ins, and Logic register when changed_when and failed_when ignore_errors Delegation, Local Actions, and Pauses Pausing playbook execution with wait_for Running an entire playbook locally Prompts Tags Summary Chapter 6 - Playbook Organization - Roles and Includes Includes Handler includes Playbook includes Complete includes example Roles Role scaffolding Building your first role More flexibility with role vars and defaults Other role parts: handlers, files, and templates Handlers Files and Templates Organizing more complex and cross-platform roles Ansible Galaxy Getting roles from Galaxy Using role requirements files to manage dependencies A LAMP server in six lines of YAML A Solr server in six lines of YAML Helpful Galaxy commands Contributing to Ansible Galaxy Summary Chapter 7 - Inventories A real-world web application server inventory Non-prod environments, separate inventory files Inventory variables host_vars group_vars Ephemeral infrastructure: Dynamic inventory Dynamic inventory with DigitalOcean DigitalOcean account prerequisites Connecting to your DigitalOcean account Creating a droplet with Ansible DigitalOcean dynamic inventory with digital_ocean.py Dynamic inventory with AWS Inventory on-the-fly: add_host and group_by Multiple inventory sources - mixing static and dynamic inventories Creating custom dynamic inventories Summary Chapter 8 - Ansible Cookbooks Highly-Available Infrastructure with Ansible Directory Structure Individual Server Playbooks Main Playbook for Configuring All Servers Getting the required roles Vagrantfile for Local Infrastructure via VirtualBox Provisioner Configuration: DigitalOcean Provisioner Configuration: Amazon Web Services (EC2) Summary ELK Logging with Ansible ELK Playbook Forwarding Logs from Other Servers Summary GlusterFS Distributed File System Configuration with Ansible Configuring Gluster - Basic Overview Configuring Gluster with Ansible Summary Mac Provisioning with Ansible and Homebrew Running Ansible playbooks locally Automating Homebrew package and app management Configuring Mac OS X through dotfiles Summary Docker-based Infrastructure with Ansible A brief introduction to Docker containers Using Ansible to build and manage containers Building a Flask app with Ansible and Docker Data storage container Flask container MySQL container Ship it!

Build infrastructure with Vagrant for testing For the rest of this chapter, since we want to do a bunch of experimentation without damaging any production servers, we’re going to use Vagrant’s powerful multi-machine capabilities to configure a few servers which we’ll manage with Ansible. Earlier, we used Vagrant to boot up one virtual machine running CentOS 7. In that example, we used all of Vagrant’s default configuration defined in the Vagrantfile. In this example, we’ll use Vagrant’s powerful multi-machine management features. Three servers: two application, one database. We’re going to manage three VMs: two app servers and a database server. Many simple web applications and websites have a similar architecture, and even though this may not reflect the vast realm of infrastructure combinations that exist, it will be enough to highlight Ansible’s server management abilities. To begin, create a new folder somewhere on your local drive (I like using ~/VMs/[dir]), and create a new blank file named Vagrantfile (this is how we describe our virtual machines to Vagrant).

pages: 1,085 words: 219,144

Solr in Action by Trey Grainger, Timothy Potter

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

business intelligence, cloud computing, commoditize, conceptual framework, crowdsourcing, data acquisition, en.wikipedia.org, failed state, fault tolerance, finite state, full text search, glass ceiling, information retrieval, natural language processing, performance metric, premature optimization, recommendation engine, web application

Recall that we set the jetty.port system property using -Djetty.port=8984 when starting the second instance on our local workstation in section 13.1.1. In general, we recommend that you always pass the jetty.port system property when starting a Solr instance with Jetty in a production cluster. Solr host context Solr is a Java web application that runs under the solr context in Jetty. If you change the Solr web application or deploy the solr.war file under the root context (/ in Jetty), you must set the hostContext parameter. If you deployed the Solr web application under the search context in Jetty, you would need to set -DhostContext=search when starting Solr. It should be noted that changing the Solr web application context, and consequently the hostContext parameter, is not common for most Solr installations. ZooKeeper client timeout We discussed the concepts behind the ZooKeeper client timeout in section 13.2.2.

At this point, we know that Lucene provides a powerful library for indexing documents, executing queries, and ranking results. And, with schema.xml, you have a flexible way to define the index structure using an XML-configuration document instead of having to program to the Lucene API. Now you need a way to access these services from the web. In the next section, we learn how Solr runs as a Java web application and integrates with other technologies, using proven standards such as XML, JSON, and HTTP. 1.2.3. Java web application Solr is a Java web application that runs in any modern Java Servlet engine, such as Jetty or Tomcat, or a full J2EE application server like JBoss or Oracle AS. Figure 1.3 depicts the major software components of a Solr server. Figure 1.3. Diagram of the main components of Solr 4 Admittedly, figure 1.3 is a little overwhelming at first glance.

This will help you understand what specific features Solr provides and the motivation for their existence. But before we get into the specifics of what Solr is, let’s make sure you know what Solr isn’t. Solr isn’t a web search engine like Google or Bing. Solr has nothing to do with search engine optimization (SEO) for a website. Now imagine we need to design a real estate search web application for potential homebuyers. The central use case for this application will be searching for homes for sale using a web browser. Figure 1.1 depicts a screenshot from this fictitious web application. Don’t focus too much on the layout or design of the UI; it’s only a mock-up to give visual context. What’s important is the type of experience that Solr can support. Figure 1.1. Mock-up screenshot of a fictitious search application to depict Solr features Let’s tour the screenshot in figure 1.1 to illustrate some of Solr’s key features.

Learning Flask Framework by Matt Copperwaite, Charles Leifer

create, read, update, delete, database schema, Debian, DevOps, don't repeat yourself, full text search, place-making, Skype, web application

Flask Framework Cookbook ISBN: 978-1-78398-340-7 Paperback: 258 pages Over 80 hands-on recipes to help you create small-to-large web applications using Flask 1. Get the most out of the powerful Flask framework while remaining flexible with your design choices. 2. Build end-to-end web applications, right from their installation to the post-deployment stages. 3. Packed with recipes containing lots of sample applications to help you understand the intricacies of the code. Instant Flask Web Development ISBN: 978-1-78216-962-8 Paperback: 78 pages Tap into Flask to build a complete application in a style that you control 1. Learn something new in an Instant! A short, fast, focused guide delivering immediate results. 2. Build a small but complete web application with Python and Flask. 3. Explore the basics of web page layout using Twitter Bootstrap and jQuery. 4.

Please check www.PacktPub.com for information on our titles Play Framework Essentials ISBN: 978-1-78398-240-0 Paperback: 200 pages An intuitive guide to creating easy-to-build scalable web applications using the Play framework 1. Master the complexity of designing a modern and scalable Web application by leveraging the Play framework stack. 2. The key concepts of the framework are illustrated with both Scala and Java code examples. 3. A step-by-step guide with code examples based on a sample application built from the ground up, providing the practical skills required to develop Scala- or Java-based applications. Mastering Flask ISBN: 978-1-78439-365-6 Paperback: 288 pages Gain expertise in Flask to create dynamic and powerful web applications 1. Work with scalable Flask application structures to create complex web apps. 2. Discover the most powerful Flask extensions and learn how to create one. 3.

[1] www.allitebooks.com Learning Flask Framework Build dynamic, data-driven websites and modern web applications with Flask Matt Copperwaite Charles Leifer BIRMINGHAM - MUMBAI www.allitebooks.com Learning Flask Framework Copyright © 2015 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

pages: 370 words: 105,085

Joel on Software by Joel Spolsky

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

barriers to entry, c2.com, commoditize, George Gilder, index card, Jeff Bezos, knowledge worker, Metcalfe's law, Network effects, new economy, PageRank, Paul Graham, profit motive, Robert X Cringely, shareholder value, Silicon Valley, Silicon Valley startup, six sigma, slashdot, Steve Ballmer, Steve Jobs, the scientific method, thinkpad, VA Linux, web application

Enter the Web I'm not sure how I managed to get this far without mentioning the Web. Every developer has a choice to make when they plan a new software application: they can build it for the Web, or they can build a "rich client" application that runs on PCs. The basic pros and cons are simple: Web applications are easier to deploy, while rich clients offer faster response time enabling much more interesting user interfaces. Web applications are easier to deploy because there's no installation involved. Installing a web application means typing a URL in the address bar. Today I installed Google's new email application by typing Alt+D, gmail, Ctrl+Enter. There are far fewer version compatibility problems and problems coexisting with other software. Every user of your product is using the same version, so you never have to support a mix of old versions.

But there's a price to pay in the smoothness of the user interface. Here are a few examples of things you can't really do well in a web application: Create a fast drawing program. Build a real-time spell checker with wavy red underlines. Warn users that they are going to lose their work if they hit the close box of the browser. Update a small part of the display based on a change that the user makes without a full roundtrip to the server. Create a fast keyboard-driven interface that doesn't require the mouse. Let people continue working when they are not connected to the Internet. These are not all big issues. Some of them will be solved very soon by witty JavaScript developers. Two new web applications, Gmail12 and Oddpost,13 both email apps, do a really decent job of working around or completely solving some of these issues.

Almost all the normal people I know are perfectly happy with web-based email, for some reason, no matter how much I try to convince them that the rich client is, uh, richer. So the Web user interface is about 80 percent there, and even without new web browsers, we can probably get 95 percent there. This is Good Enough for most people, and it's certainly good enough for developers, who have voted to develop almost every significant new application as a web application. __________ 12. See gmail.google.com/. 13. See www.oddpost.com/. Which means, suddenly, Microsoft's API doesn't matter so much. Web applications don't require Windows. It's not that Microsoft didn't notice this was happening. Of course they did, and when the implications became clear, they slammed on the brakes. Promising new technologies like HTAs14 and DHTML were stopped in their tracks. The Internet Explorer team seems to have disappeared; they have been completely missing in action for several years.

pages: 761 words: 80,914

Ansible: Up and Running: Automating Configuration Management and Deployment the Easy Way by Lorin Hochstein

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, cloud computing, continuous integration, Debian, DevOps, domain-specific language, don't repeat yourself, general-purpose programming language, Infrastructure as a Service, job automation, pull request, side project, smart transportation, web application

I’m also immensely thankful for everyone who has been a part of this project to date, and everyone who will be in the future. Enjoy the book, and enjoy managing your computer fleet! And remember to install cowsay! — Michael DeHaan Creator of Ansible (software), former CTO of Ansible, Inc. (company) April 2015 Preface Why I Wrote This Book When I was writing my first web application, using Django, the popular Python-based framework, I remember the sense of accomplishment when the app was finally working on my desktop. I would run django manage.py runserver, point my browser to http://localhost:8000, and there was my web application in all its glory. Then I discovered there were all of these…things I had to do, just to get the darned app to run on the Linux server. In addition to installing Django and my app onto the server, I had to install Apache and the mod_python module so that Apache could run Django apps.

For example, we could define a variable named color and set it to a value for each server: newhampshire.example.com color=red maryland.example.com color=green ontario.example.com color=blue quebec.example.com color=purple This variable can then be used in a playbook, just like any other variable. Personally, I don’t often attach variables to specific hosts. On the other hand, I often associate variables with groups. Circling back to our Django example, the web application and task queue service need to communicate with RabbitMQ and Postgres. We’ll assume that access to the Postgres database is secured both at the network layer (so only the web application and the task queue can reach the database) as well as by username and password, where RabbitMQ is secured only by the network layer. To set everything up, we need to do the following: Configure the web servers with the hostname, port, username, password of the primary postgres server, and name of the database.

For the first Vagrant machine that you start, that’s port 2222, and each subsequent Vagrant machine that you bring up will forward a different port. As a consequence, the only way to access your Vagrant machine in the default configuration is to SSH to localhost on port 2222. Vagrant forwards this to port 22 on the Vagrant machine. This default configuration isn’t very useful for testing web-based applications, since the web application will be listening on some port that we can’t access. There are two ways around this. One way is to tell Vagrant to set up another forwarded port. For example, if your web application listens on port 80 inside of your Vagrant machine, you can configure Vagrant to forward port 8000 on your local machine to port 80 on the Vagrant machine. Example 11-1 shows how you’d configure port forwarding by editing the Vagrantfile. Example 11-1. Forwarding local port 8000 to Vagrant machine port 80 # Vagrantfile VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # Other config options not shown config.vm.network :forwarded_port, host: 8000, guest: 80 end Port forwarding works, but I find it more useful to assign the Vagrant machine its own IP address.

pages: 302 words: 82,233

Beautiful security by Andy Oram, John Viega

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Albert Einstein, Amazon Web Services, business intelligence, business process, call centre, cloud computing, corporate governance, credit crunch, crowdsourcing, defense in depth, Donald Davies, en.wikipedia.org, fault tolerance, Firefox, loose coupling, Marc Andreessen, market design, Monroe Doctrine, new economy, Nicholas Carr, Nick Leeson, Norbert Wiener, optical character recognition, packet switching, peer-to-peer, performance metric, pirate software, Robert Bork, Search for Extraterrestrial Intelligence, security theater, SETI@home, Silicon Valley, Skype, software as a service, statistical model, Steven Levy, The Wisdom of Crowds, Upton Sinclair, web application, web of trust, x509 certificate, zero day, Zimmermann PGP

., sensitive customer 68 CHAPTER FOUR information), a successful SQL injection attack that fools the web server into passing arbitrary SQL commands to the database can fetch whatever data it chooses. A well-known women’s clothing store was recently informed by their web application firewall vendor that an SQL injection error in their web application could lead to the compromise of their entire customer database, including credit card numbers, PINs, and addresses. It is almost routine now for security vendors who engage in web application scanning to discover not one, not two, but many SQL injection attack vulnerabilities in existing web applications. With the advent of Web 2.0 and its still-esoteric secure code development practices, we should not be surprised that many web applications are vulnerable to data theft attacks. Organized crime groups have long realized that digital data theft represents a gold mine for them.

That leads them to web-based exploits. On the one hand, web applications and the software platforms on which they are based tend to sprout bugs that intruders can exploit to gain entry to web servers and ultimately end-user machines. Correspondingly, the widespread use of web applications by millions of untrained computer users offers enormous paybacks for intruders interested in data theft. Unsurprisingly, recent trends in security threat data clearly show the migration of hacker exploits away from network perimeters (routers, switches, firewalls, etc.) to the web 186 CHAPTER ELEVEN application layer. Web applications are targeted because this area is the most economical approach to data compromise. For more information on favorite hacking techniques for web applications, go to http://www .owasp.org, which shows the top 10 web-based exploits.

When the security process really took hold An interesting event occurred on the third day of the security class. One of the most influential web developers, who developed a web application architecture used by multiple Acme web applications that were already in production, abruptly got up out of his chair and bolted for the door. He mumbled something about a burning need to test something. The instructor, coordinator, and I were concerned that one of the best developers had walked out on the class and began plans for damage control. The next day, the developer returned to class and quietly sat down. The instructor felt compelled to ask the developer if everything was OK. The developer then stood up to address the instructor and the entire class: “I realized yesterday that the web application architecture I developed for several production applications had a significant security vulnerability that could be easily compromised by an external hacker using cross-site scripting.

pages: 648 words: 108,814

Solr 1.4 Enterprise Search Server by David Smiley, Eric Pugh

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, bioinformatics, cloud computing, continuous integration, database schema, domain-specific language, en.wikipedia.org, fault tolerance, Firefox, information retrieval, Internet Archive, Ruby on Rails, web application, Y Combinator

Upgrading from legacy Lucene Probably a more common use case is when you have an existing Java-based web application that was architected prior to Solr becoming the well known and stable product that it is today. Many web applications leverage Lucene as the search engine with a custom layer to make it work with a specific Java web framework such as Struts. As these applications become older, and Solr has progressed, revamping them to keep up with the features that Solr offers has become more difficult. However, these applications have many ties into their homemade Lucene based search engines. Performing the incremental step of migrating from directly interfacing with Lucene to directly interfacing with Solr through Embedded Solr can reduce risk. Risk is minimized by limiting the impact of the change to the rest of the web application by isolating change to the specific set of Java classes that previously interfaced directly with Lucene.

Understanding the URL's structure is very important for grasping how search works: http://localhost:8983/solr/select?indent=on&version=2.2&q=*%3A*&start =0&rows=10&fl=*%2Cscore&qt=standard&wt=standard&explainOther=&hl.fl= • The /solr/ is the web application context where Solr is installed on the Java servlet engine. If you have a dedicated server for Solr, then you might opt to install it at the root. This would make it just /. How to do this is out of scope of this book, but letting it remain at /solr/ is fine. • After the web application context is a reference to the Solr core (we don't have one for this configuration). We'll configure Solr Multicore in Chapter 7, at which point the URL to search Solr would look something like /solr/corename/select?... • The /select in combination with the qt=standard parameter is a reference to the Solr request handler.

Solr is built like this because it is designed to fit into any environment, and if it is shipped with significant security functionality built-in, then it wouldn't be as wonderfully flexible as it is. Having said this, it isn't difficult to lock down Solr to use in any kind of environment. We can do this by making use of the standard practices, which you would apply to any kind of web application. Limiting server access The single biggest thing you can do to secure Solr is to lock down who has access to the server. Using standard firewall techniques, you can control what IP addresses are allowed to connect to the Solr through the 8983 port. Unless you have very unusual needs, you won't expose Solr to the Internet directly; instead users will access Solr through some sort of web application, that in turn forwards requests to Solr, collects the results, and displays them to your users. By limiting the IP addresses that can connect to Solr to just those belonging to your web farm, you've ensured that random Internet users and internal users don't mess with Solr.

pages: 48 words: 10,481

Instant Ember.JS Application Development: How-To by Marc Bodmer

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

don't repeat yourself, Firefox, Google Chrome, MVC pattern, web application

www.it-ebooks.info Instant Ember. js Application Development How-to Your first step in creating amazing web applications Marc Bodmer BIRMINGHAM - MUMBAI www.it-ebooks.info Instant Ember.js Application Development How-to Copyright © 2013 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

www.it-ebooks.info Table of Contents Preface 1 Instant Ember.js Application Development How-to 7 Setting up Ember.js (Simple) Creating an Ember model/object (Simple) Enhancing an Ember object (Simple) Creating an Ember controller (Simple) Handlebar HTML templates (Simple) Creating an Ember view (Simple) Routing for your application (Medium) Common parts of an application (Medium) Handling external data (Advanced) www.it-ebooks.info 7 10 12 16 18 21 25 30 33 www.it-ebooks.info Preface Ember.js is a frontend MVC JavaScript framework that runs in the browser. It is for developers who are looking to build ambitious and large web applications that rival native applications. Ember.js was created from concepts introduced by native application frameworks, such as Cocoa. Ember.js helps you to create great experiences for the user. It will help you to organize all the direct interactions a user may perform on your website. A common use case for Ember.js is when you believe your JavaScript code will become complex; when the code base becomes complex, problems about maintaining and refactoring the code base will arise.

Routing for your application (Medium) will explain how the state of your application will change when using the Ember.js router. It will show how user actions impact the state and how you can incorporate different state changing methods into your application. Transitions and outlets are the main topics explained here. Common parts of an application (Medium) will show you how to create common parts of a web application now that you have a solid foundation with Ember.js. Action helpers for your views and special keys within controllers will be shown. These parts can also be expanded on once you are finished with the tutorials in this book. Handling external data (Advanced) will show you how you can incorporate external data from an API into your application. An Ajax method will be used for this recipe. It will also touch upon Ember Data, which is a library the Ember.js is working on to simplify data in more complex applications.

pages: 95 words: 23,041

Mobile First by Luke Wroblewski

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

augmented reality, en.wikipedia.org, RFID, Steve Jobs, web application

These are primarily active buyers on location or scoping out neighborhoods; they represent a new kind of audience for the company created by the growth of mobile. What about the natives? Of course we can’t talk about mobile internet growth without mentioning the ongoing debate between native mobile applications and mobile web solutions. While many people try to argue for one side or the other, the truth is there are great reasons for doing both. Because native mobile applications run, well—natively—they have access to system resources that web applications do not. This means user interface transitions and interactions are generally smoother in native applications. Trying to replicate these effects in the browser can lead to noticeable hiccups and lags in the user experience. Native mobile applications give you robust access to hardware capabilities that you currently can’t get through mobile web browsers. Core features like access to the address book, SMS, camera, audio inputs, and other built-in sensors are mostly unavailable.

Each time a web link is shared or referenced in a native application it opens in a web browser window. So more native application use quickly turns into more web use. Mobile web experiences also don’t require users to download updates (a fix on the server is a fix on the site), and they enable you to do frequent A/B (or bucket) testing of multiple design options. If either of those considerations is of vital importance to you, a mobile web application can make more sense. But perhaps the best reason to start with a mobile web solution is that it builds on web design and development skills you already have. You don’t have to wait to get started. In fact, I think you should start right away. The time is now Fueled by capable devices and faster networks, mobile internet usage is exploding. Building mobile first not only positions you to take advantage of this growth, it also opens up new opportunities for engaging your customers.

Fig 2.8: Super-imposing when people read saved articles on their computer with when they read them on their iPhone (http://bkaprt.com/mf/33). This chart does a nice job of illustrating that people often use their mobile devices in shorter bursts (that’s why the peaks are sharper) throughout the day. Rachel Hinman at Nokia has a great analogy that contrasts mobile behavior with desktop behavior; she says the desktop is “diving” while mobile is “snorkeling” (http://bkaprt.com/mf/34). Web applications that align well with shorter, burst-like behavior by providing their customers with quick, up-to-date, and highly relevant updates throughout the day are growing like weeds on mobile. Access to Facebook through mobile browsers grew 112% in one year. Access to Twitter through mobile browsers experienced a 347% jump in just one year (http://bkaprt.com/mf/18). Both of these services are perfect for snorkeling in a sea of your friends’ status updates.

pages: 470 words: 109,589

Apache Solr 3 Enterprise Search Server by Unknown

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

bioinformatics, continuous integration, database schema, en.wikipedia.org, fault tolerance, Firefox, full text search, information retrieval, Internet Archive, natural language processing, performance metric, platform as a service, Ruby on Rails, web application

After starting his career in the field of bioinformatics where he worked as a Biological Data Management and Analysis Consultant, he's now a Senior Application Developer with interests ranging from architecture to delivering a great user experience online. He's passionate about open source technologies, search engines, and web application architecture. He now works for WCN Plc, a leading provider of recruitment software solutions. He has worked on Packt's Enterprise Solr published in 2009. Mauricio Scheffer is a software developer currently living in Buenos Aires, Argentina. He's worked in dot-coms on almost everything related to web application development, from architecture to user experience. He's very active in the open source community, having contributed to several projects and started many projects of his own. In 2007 he wrote SolrNet, a popular open source Solr interface for the .NET platform.

Take a good look at the URL in the browser page showing the XML response. Understanding the URL's structure is very important for grasping how searching Solr works: http://localhost:8983/solr/mbartists/select?indent=on&version=2.2&q=*%3A*&fq=&start=0&rows=10&fl=*%2Cscore&qt=&wt=&explainOther=&hl.fl= The /solr/ is the web application context where Solr is installed on the Java servlet engine. If you have a dedicated server for Solr, then you might opt to install it at the root. This would make it just /. How to do this is out of scope of this book, but letting it remain at /solr/ is fine. After the web application context is a reference to the Solr core named mbartists. If you are experimenting with Solr's example setup then you won't see a core name because it has a default one. We'll learn more about configuring Solr cores in Chapter 8, The /select in combination with the qt= parameter is a reference to the Solr request handler.

Anyone can make search requests, anyone can upload documents, anyone can access the administration interface, and anyone can delete data. However, it isn't difficult to lock down Solr to use in any kind of environment. We can do this by making use of the standard practices, which you would apply to any kind of web application or server software. Limiting server access The single biggest thing you can do to secure Solr is to lock down who has access to the server. Using standard firewall techniques, you can control what IP addresses are allowed to connect to the Solr through the 8983 port. Unless you have very unusual needs, you won't expose Solr to the Internet directly; instead users will access Solr through some sort of web application, that in turn forwards requests to Solr, collects the results, and displays them to your users. By limiting the IP addresses that can connect to Solr to just those belonging to your web farm, you've ensured that random Internet users and internal users don't mess with Solr.

pages: 234 words: 57,267

Python Network Programming Cookbook by M. Omar Faruque Sarker

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

business intelligence, cloud computing, Debian, DevOps, Firefox, inflight wifi, RFID, web application

As compared to the previously described recipes, this method of running a remote command using Fabric is easier and more efficient. Running a MySQL command remotely If you ever need to administer a MySQL server remotely, this recipe is for you. It will show you how to send database commands to a remote MySQL server from a Python script. If you need to set up a web application that relies on a backend database, this recipe can be used as a part of your web application setup process. Getting ready This recipe also needs Fabric to be installed first. You can install Fabric using the Python packing tools, pip or easy_install, as shown in the following command. Fabric relies on the paramiko module, which will be installed automatically. $ pip install fabric Here, we will connect the remote host using the SSH protocol.

Faruque Sarker is a software architect, and DevOps engineer who's currently working at University College London (UCL), United Kingdom. In recent years, he has been leading a number of Python software development projects, including the implementation of an interactive web-based scientific computing framework using the IPython Notebook service at UCL. He is a specialist and an expert in open source technologies, for example, e-learning and web application platforms, agile software development, and IT service management methodologies such as DSDM Atern and ITIL Service management frameworks. Dr. Sarker received his PhD in multirobot systems from University of South Wales where he adopted various Python open source projects for integrating the complex software infrastructure of one of the biggest multirobot experiment testbeds in UK. To drive his multirobot fleet, he designed and implemented a decoupled software architecture called hybrid event-driven architecture on D-Bus.

I am glad that this book is now published, and I would like to thank everyone behind the publication of this book. This book is an exploratory guide to network programming in Python. It has touched a wide range of networking protocols such as TCP/UDP, HTTP/HTTPS, FTP, SMTP, POP3, IMAP, CGI, and so forth. With the power and interactivity of Python, it brings joy and fun to develop various scripts for performing real-world tasks on network and system administration, web application development, interacting with your local and remote network, low-level network packet capture and analysis, and so on. The primary focus of this book is to give you a hands-on experience on the topics covered. So, this book covers less theory, but it's packed with practical materials. This book is written with a "devops" mindset where a developer is also more or less in charge of operation, that is, deploying the application and managing various aspects of it, such as remote server administration, monitoring, scaling-up, and optimizing for better performance.

pages: 141 words: 9,896

Pragmatic Guide to JavaScript by Christophe Porteneuve

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

barriers to entry, commoditize, domain-specific language, en.wikipedia.org, Firefox, web application, WebSocket

Thomas Fuchs Creator of the script.aculo.us framework An impressive collection of very practical tips and tricks for getting the most out of JavaScript in today’s browsers, with topics ranging from fundamentals such as form validation and JSON handling to application examples such as mashups and geolocation. I highly recommend this book for anyone wanting to be more productive with JavaScript in their web applications. Dylan Schiemann CEO at SitePen, cofounder of the Dojo Toolkit There are a number of JavaScript books on the market today, but most of them tend to focus on the new or inexperienced JavaScript programmer. Porteneuve does no such thing, and this Pragmatic Guide is a better book for it. If you’re a novice, go elsewhere first, and then when you have some scripting under your belt, come back; if you’ve worked with JavaScript before, then Pragmatic Guide to JavaScript takes a set of techniques that you may have heard about or seen and makes them useful to you.

You should also check out Appendix C, on page 116, when reading this part so you get a good picture of the framework landscape and make informed decisions. • Part 3 is all about the user interface, especially visual effects and neat UI ideas: good-looking tooltips, lightboxes, image preloading, infinite scrolling, and the like. • Part 4 is complementary to Part 3, because it focuses on forms, a critical part of most web applications. Among other things, a number of tools are there to assist, simplify, and validate input. • Part 5 is all about the client-server relationship, with topics such as cookies, JSON, and Ajax (same- and cross-domain). 4. 5. 6. Full disclosure: I’m a member of Prototype Core. http://github.com/tdd/pragmatic-javascript http://pragprog.com/titles/pg_js Report erratum Download from Wow! eBook <www.wowebook.com>this copy is (P1.0 printing, November 2010) 14 H OW TO R EAD T HIS B OOK • Part 6, the final part, pushes this idea further by talking with thirdparty services, in the best mashup spirit.

. • How to listen on events, looking at the basics in Task 8, Listening for Events (and Stopping), then aiming for efficiency with Task 9, Leveraging Event Delegation, and finally gaining power with Task 10, Decoupling Behaviors with Custom Events. • How to play with timers (for instance to simulate background processing), in Task 11, Simulating Background Processing. And because they are such critical building blocks of any significant web application, I’m going to show you code for them in all the major frameworks I selected for this book; at this level, they’re all functionally equivalent anyway. Compared anatomy was all the rage a couple centuries ago; it still remains a good way to get a wider perspective on things. Report erratum Download from Wow! eBook <www.wowebook.com>this copy is (P1.0 printing, November 2010) 25 O BTAINING R EFERENCES TO DOM E LEMENTS 4 Obtaining References to DOM Elements Grabbing elements on a page and “traversing” the DOM (moving around from one element to another) are two cornerstones of any web page scripting.

pages: 247 words: 71,698

Avogadro Corp by William Hertling

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Any sufficiently advanced technology is indistinguishable from magic, cloud computing, crowdsourcing, Hacker Ethic, hive mind, invisible hand, natural language processing, Netflix Prize, private military company, Ray Kurzweil, recommendation engine, Richard Stallman, Ruby on Rails, technological singularity, Turing test, web application

Ristretto was one of the best micro-roasters in town. Pete’s wife, who was a tea drinker, couldn’t understand the Portland obsession with coffee. While he ate, Pete looked over his inbox. A new email caught his eye, and he opened it. To: Pete Wong (Internal Tools) From: John Anderson (Procurement) Subject: Email Procurement Forms Hi Pete, This is John Anderson. I work over in Procurement. Even though we’ve got a procurement web application that I know you guys created, we still get hundreds of email requests into the procurement department. Part of the problem is that we’ve got sales people in the field who can send emails from their smartphone, but have a hard time getting a secure VPN connection to the internal web sites. Is it possible to create an email-to-web bridge that would allow people to email us, and get a return form by email that they could submit to make requests?

He eagerly put his fingers on the keyboard and starting searching. When his first Avogadro search for ‘email to web service’ within seconds turned up an existing design posted by some IBM guys, his excitement grew. After reading through the design, he realized he could implement it all in a couple of hours. His other work forgotten, Pete started in on the project. He used the existing Internal Tools servers, and created a new Ruby on Rails web application that converted web pages to emails, and emails into web page form submissions. It was easier than expected, and by lunch he had a simple prototype running. He tried the prototype on the Internal Tools Request tool, and discovered some bugs. Puzzling over the details in his head, he mindlessly rushed down the hall to the coffee station for a refill. * * * Mike left his office, nodded to a few teammates he passed, and headed downstairs for the nearest outside door.

In less than a day he had successfully implemented a working email to web bridge. Well, maybe implemented was a strong word. He had cut and pasted code from a dozen different websites, and wrapped it all up with some virtual duct tape. It was a real kludge that he wouldn’t want to show off in a coding style contest. On the other hand, it worked, by golly! He tested it against the Internal Tools web service, the Procurement web application, and have a dozen other web sites. It seemed to work for everything. He drummed his thumbs excitedly against the desk. Using off the shelf libraries that other people had written for Ruby on Rails, his favorite programming environment, he had been able to glue together the relevant pieces quickly. The ability to do in hours what would have once taken weeks in an old language like Java was the magic of modern programming environments like Ruby.

jQuery UI 1.8: The User Interface Library for jQuery by Dan Wellman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, web application

These components of the library differ from those that we've already looked at, in that they are not physical objects or widgets that exist on the page. These are low-level interaction components as opposed to the high-level widgets that we looked at in the first part of this book. They help the elements used on your pages to be more engaging and interactive for your visitors, which adds value to your site and can help make your web applications appear more professional. They also help to blur the distinction between the browser and the desktop, and provide greater usability to make web applications more efficient, effective, and natural. In this chapter, we'll be covering two very closely related components—draggables and droppables. The draggables API transforms any specified element into something that your visitors can pick up with the mouse pointer and drag around the page. Methods that are exposed allow you to restrict the draggables movement, make it return to its starting point after being dropped, and much more.

We're not just looking for published authors; if you have strong technical skills but no writing experience, our experienced editors can help you develop a writing career, or simply get some additional reward for your expertise. jQuery UI 1.7: The User Interface Library for jQuery ISBN: 978-1-847199-72-0 Paperback: 392 pages Build highly interactive web applications with readyto-use widgets from the jQuery User Interface library 1. Organize your interfaces with reusable widgets: accordions, date pickers, dialogs, sliders, tabs, and more 2. Enhance the interactivity of your pages by making elements drag-and-droppable, sortable, selectable, and resizable 3. Packed with examples and clear explanations of how to easily design elegant and powerful front-end interfaces for your web applications jQuery 1.4 Animation Techniques: Beginners Guide ISBN: 978-1-84951-330-2 Paperback: 344 pages Quickly master all of jQuery's animation methods and build a toolkit of ready-to-use animations using jQuery 1.4 1.

jQuery UI 1.8 The User Interface Library for jQuery Build highly interactive web applications with ready-to-use widgets from the jQuery User Interface Library Dan Wellman BIRMINGHAM - MUMBAI jQuery UI 1.8 The User Interface Library for jQuery Copyright © 2011 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

pages: 266 words: 38,397

Mastering Ember.js by Mitchel Kelonye

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, MVC pattern, Ruby on Rails, single page application, web application, WebRTC, WebSocket

Therefore, a better understanding of the following will be gained at the end of the chapter: Ember.js's origin Downloading Ember.js and its dependencies Creating a basic Ember.js application Ember.js application concepts The origin of Ember.js Ember.js is a fun and productive open source JavaScript framework used for creating ambitious web applications. It powers complex client-side applications and guarantees development productivity through use of common web conventions over trivial configurations. Its official website is http://emberjs.com. It was forked from SproutCore by Yehuda Katz and Tom Dale. SproutCore is an MVC framework that strives to provide a robust JavaScript widget toolkit similar to Apple's Cocoa API for Max OS X. The additional user interface widget feature was found to be unnecessary to most developers, hence the fork. The result was a more lightweight, easy-to-use library that still lived up to the promise of: Reducing development time Creating robust applications through use of common client-side web application development best practices Friendly API that makes client-side programming fun Ember.js has a wide range of applications.

During this time, he has architected and developed several large JavaScript applications using a variety of frontend technologies such as Backbone, Angular, and Ember. Chad is currently employed at LinkedIn where he works on frontend infrastructure and other cross-functional projects. James A Rosen is a senior user happiness engineer at Zendesk. He writes Ruby and JavaScript and is currently working on improving performance, scalability, and developer happiness on large-scale distributed web applications. He holds a BS degree in Computer Science and Music from Washington University in St. Louis and an MS degree in Information Security Policy and Management from Carnegie Mellon University. He has written for the Zendesk Developers blog and contributed to technical books, including editing Understanding the Four Rules of Simple Design, Corey Haines. www.PacktPub.com Support files, eBooks, discount offers, and more For support files and downloads related to your book, please visit www.PacktPub.com.

Fully searchable across every book published by Packt Copy and paste, print, and bookmark content On demand and accessible via a web browser Free access for Packt account holders If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access. Preface Mastering Ember.js is a must-read for any web developer who wishes to start writing ambitious web applications that rival native web apps. It's packed with practical samples that show how easy it is to architect these applications. This book was inspired by the need for an Ember.js resource that explained Ember.js better using real-world examples. What this book covers Chapter 1, Introduction to Ember.js, introduces the key concepts of Ember.js. Chapter 2, Understanding Ember.js Objects and Mixins, discusses Ember.js primitive objects that are the foundation of the other higher-level concepts.

pages: 602 words: 207,965

Practical Ext JS Projects With Gears by Frank Zammetti

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

a long time ago in a galaxy far, far away, Albert Einstein, corporate raider, create, read, update, delete, database schema, en.wikipedia.org, Firefox, full text search, Gordon Gekko, Larry Wall, loose coupling, Ronald Reagan, web application

That is, until the modern JavaScript libraries hit the scene. There are lots of great libraries out there today, from jQuery to Dojo, from YUI to script.aculo.us. All of them help you achieve the goal of wicked-cool web applications. One of them, though, in my opinion, stands above the rest, and that’s what we’re here to look at: Ext JS. Ext JS allows you to create applications with a richness that historically has only been seen in native applications. From a top-notch windowing system to a data subsystem, various effects, and drag-and-drop, everything you need to create modern web applications is here. Ext JS isn’t limited to the user interface, though; it also contains tons of utility functions that make the core of your application easier and cleaner. What’s more, it does all of this in a highly logical, coherent manner that is, in my opinion, unrivaled on the current RIA landscape.

—Isaac Asimov In ancient times they had no statistics so they had to fall back on lies. —Stephen Leacock If you love your job, you haven’t worked a day in your life. —Tommy Lasorda Oh, so they have internet on computers now! —Homer Simpson ChaP ter 1 Introducing Web Development with ext JS In this chapter, we’ll begin our journey into the world of Ext JS by taking a step back and looking at the evolution of web application development. In fact, we’ll take a step even further back than that and look at what the term “web application” means in the first place (hint: it may not be quite as obvious as it first seems!). We’ll deal with what the term “rich Internet application” (RIA) is all about, and we’ll talk briefly about Ajax (what it used to mean and what it means now) and why it’s such an important development. We’ll even look at some options for developing RIAs other than Ext JS, but before long we’ll dive right into the real red meat,1 as the political pundits say: Ext JS itself!

We’ll see what it has to offer and how it’s structured, learn a bit about its history and philosophy, and then get started with the basics of using it. Strap yourself in because it’s going to be a wild (but exciting) ride! the Evolution of the Web: Web Sites vs. Web Applications If you’ve been doing web development for more than a few minutes—or so it seems sometimes given the rapid rate of technological development in this area—then you are well aware of the fantastic evolution of the Web. It’s like a child growing up right before your eyes in many ways, and we’ve had our share of teething pains to be sure! Today we have all sorts of web sites. More than that, we have web applications. What’s the difference, you ask? A web site’s primary purpose is to disseminate information. There tends to be little user interaction beyond some simple forms, and little opportunity for the user to perform an actual function (other than researching the data available on the site).

pages: 1,038 words: 137,468

JavaScript Cookbook by Shelley Powers

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, Google Chrome, hypertext link, p-value, semantic web, web application, WebSocket

There’s ongoing work to create a new DOM Level 3 event handling, which builds on the work of the DOM Level 2 event handling and is included as part of the Web Applications work at the W3C. However, implementation of the newer material is sparse, at best. New Events, New Uses There are newer events to go with the newer models, and to go with a nonbrowser- specific DOM. As examples of DOM events, the DOMNodeInserted and DOMNodeRe moved events are triggered when a node is added or removed from the page’s document tree. However, I don’t recommend using the W3C event for general web pages, as these events are not supported in the current versions of IE, and only partially supported in most other browsers. Most web application authors wouldn’t need these events, anyway. There are also events associated with the increasingly popular mobile and other hand- held computing environments.

Opera has placed some restrictions on what can be supported in JSON: strings must be double quoted, and there are no hexadecimal values and no tabs in strings. See Also See Recipe 19.5 for a demonstration of JSON.stringify. 19.5 Convert an Object to a Filtered/Transformed String with JSON Problem You need to convert a JavaScript object to a JSON formatted string for posting to a web application. However, the web application has data requirements that differ from your client application. Solution Use the JSON.stringify method, passing in the object as first parameter and providing a transforming function as the second parameter: function convertBoolToNums(key, value) { if (typeof value == 'boolean') { if (value) value = 1; else value = 0; } return value; }; window.onload=function() { var obj = {"test" : "value1", "test2" : 3.44, "test3" : false}; var jsonobj = JSON.stringify(obj, convertBoolToNums, 3); alert(jsonobj); // test3 should be 0 } 19 5 Convert an Object to a Filtered/Transformed String with JSON | 445 Discussion The JSON.stringify method takes three parameters: the object to be transformed into JSON, an optional function or array used either to transform or filter one or more object values, and an optional third parameter that defines how much and what kind of whitespace is used in the generated result.

Along the way, I’ll demonstrate how to: • Work with the JavaScript objects, such as String, Array, Number, and Math • Create reusable objects • Query and create new elements in the Document Object Model (DOM) • Use the new Selectors API for efficient and targeted querying • Use JavaScript with new HTML5 technologies, such as the new media elements, video and audio • Create interactive applications • Manage your web page space • Store data in various ways, from the simple to the complex • Use JavaScript with Scalable Vector Graphics (SVG) and the canvas element • Work with some of the interesting data structures, like Microformats and RDFa • Package your library for others to use, as well as use other libraries in your applications • Ensure your JavaScript applications are accessible through the use of Accessible Rich Internet Applications (ARIA) • Work in environments other than the typical desktop browser, such as creating mobile phone web applications, or extending Photoshop with new behaviors • Use and create jQuery plug-ins • Develop Ajax applications xiii • Debug your applications using your browser’s debugger • Work with the new HTML5 drag-and-drop • Communicate using the new HTML5 cross-documentation techniques • Implement concurrent programming with Web Workers • Use the File API to access a desktop file directly in client-side JavaScript It’s not a complete encyclopedia of JavaScript use today—no one book can cover all there is to cover.

pages: 135 words: 31,098

ClojureScript: Up and Running by Stuart Sierra, Luke Vanderhart

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

domain-specific language, Firefox, MVC pattern, Paul Graham, web application

This book aims to get you up and running with ClojureScript, a dialect of the Clojure programming language that compiles to JavaScript. To begin, this chapter will provide some motivation for why ClojureScript exists. The Rise of Browser Applications Web applications have come a long way from simple CGI scripts, but they have always been constrained by the stateless request-response model of HTTP. As the “pages” in a web application become more elaborate, the cost in time and bandwidth of reloading an entire page just to update a single piece of information becomes prohibitively high. One of the first major uses of JavaScript on the web was to ameliorate the cost of small updates, but “web applications” remained primarily server applications for a long time, and for good reason. Deploying an application to a web server is much easier than distributing it to diverse client machines: the server is a controlled environment, with many more options for programming languages and frameworks.

Instead, you must serve the client page from an actual HTTP server running on localhost. The most straightforward way to do this is to set up your Leiningen project to include a Ring application running on an embedded Jetty web server, and use Compojure to configure it to serve HTML files from the resources/public directory. Ring is a low-level HTTP web application library with wide adoption in the Clojure community. It is used as the foundation for most Clojure web applications. You can learn about it on its GitHub page. Compojure is a popular web routing library for Ring that makes it easy to configure web routes. Its page is here. Although any technique for serving resources from a localhost address will work, we will use Ring and Compojure since they are relatively easy to set up, and are by far the most popular ways to set up a Clojure web app.

pages: 89 words: 24,277

Designing for Emotion by Aarron Walter

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

big-box store, en.wikipedia.org, game design, John Gruber, Kickstarter, Skype, software as a service, Steve Jobs, Superbowl ad, Wall-E, web application

Of course, a little moderation is sometimes in order (I’m looking at you, Rainn Wilson, http://bkaprt.com/de/1; fig 1.1). FIG 1.1: Dear Rainn Wilson, TMI. The curtain has been drawn back, exposing our humor, grumpiness, concern, stress, and all the other emotions that season our days. As we’ll see in Chapter 3, this honesty is creeping into the personalities we craft for our businesses, and our users are beginning to expect the websites and web applications they visit to reflect a personality that they can relate to. This book is chock-full of examples of a design sensibility that is distinctly human, individual, reflective of a real personality, and honest—all while keeping business goals in mind. You might have some trepidation about how to implement emotional design techniques without boiling your boss’s blood. We’ll see practical, real-world examples designed to inspire and support your case for employing emotional design in your next project.

That would be an experience you’d recommend to a friend; that would be an idea worth spreading. We need a new yardstick to measure the success of our designs. We can transcend usability to create truly extraordinary experiences. Usable = Edible If you’re working on the web, chances are you’ve used 37Signals’ handy project management app Basecamp (http://basecamphq.com) (fig 1.4). FIG 1.4: Basecamp, a project management web application. In building Basecamp, 37Signals’ design ethos centered around simplicity and usability. Their design ideas, summed up in Getting Real (http://bkaprt.com/de/2) inspired a generation of web pros to keep designs simple and make sure tasks are easy to complete. 37Signals helped us tackle the bottom of the needs pyramid. With a zeal for simplicity and spartan design, they create eminently functional, reliable, and usable web apps.

Remember Wufoo from Chapter 1, who helped introduce us to the idea of emotional design? Let’s look at how they leave surprises for customers not in the interface, but in their real, physical mailboxes. Wufoo: a surprisingly personal message Surprise needn’t be limited to the online experience. As we discovered in Chapter 1, Wufoo is skilled at creating emotionally engaging interactions inside their web application, but they also deliver surprises to their users’ mailboxes (the old school kind of mailbox). Though hundreds of thousands of people use their app, the guys that run Wufoo pen personal letters by hand to each of their customers thanking them for their loyalty. In the age of automation and electronic communication, a personal letter from a real person at a company serving thousands of customers is as rare as finding a prancing miniature unicorn in your mailbox.

pages: 170 words: 42,196

Don't Make Me Think!: A Common Sense Approach to Web Usability by Steve Krug

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

collective bargaining, iterative process, pets.com, Silicon Valley, web application, Whole Earth Catalog

> HOMEPAGE USABILITY: 50 WEBSITES DECONSTRUCTED Jakob Nielsen, Marie Tahir, New Riders, 2001 The bad news about this book is that after you’ve seen the problems of twenty-five Home pages, you’ve seen them all. The good news, though, is that the excellent set of 113 Home page design guidelines crammed into the first 28 pages is worth the price of the entire book. > WEB APPLICATION DESIGN HANDBOOK: BEST PRACTICES FOR WEB-BASED SOFTWARE Susan Fowler and Victor Stanwick, Morgan Kaufmann, 2004 Susan and Victor have written the Junior Woodchucks Guidebook of Web applications: Everything you need to know is in there, including tons of best practice examples, insights from years of experience, and assorted fascinating arcana. If you’re designing or building Web applications, you’d be foolish not to have a copy. > DEFENSIVE DESIGN FOR THE WEB 37 Signals, New Riders, 2004 The subtitle (How to Improve Error Messages, Help, Forms, and Other Crisis Points) says it all.

If you want to visit any of the URLs mentioned in the book, you’ll find up-to-date links on my site, too. (Just in case any of the sites, well, you know…disappear.) > Still not present at time of photo. The one thing people have asked me about that you still won’t find in here is any discussion of Web applications. While a lot of the principles are the same as for Web sites, it’s really a topic for a whole other book, and I’m not the person to write it.2 2 If that’s your area, you might want to take a look at Web Application Design Handbook: Best Practices for Web-Based Software by Susan Fowler and Victor Stanwick. Anyway, thanks for all the fish. I hope you find the new bits useful. See you in five years. STEVE KRUG JULY 2005 Foreword > DON’T MAKE ME THINK AGAIN CONSIDERING HOW MUCH HAS CHANGED SINCE 2000, WHEN THE first edition of this book was printed, it’s amazing that the basic design of the Web has stayed so much the same.

In general, I think it’s safe to say that users don’t mind a lot of clicks as long as each click is painless and they have continued confidence that they’re on the right track—following what Jared Spool calls “the scent of information.” I think the rule of thumb might be something like “three mindless, unambiguous clicks equal one click that requires thought.”2 2 Of course, there are exceptions. If I’m going to have to drill down through the same parts of a site repeatedly, for instance or repeat a sequence of clicks in a Web application, or if the pages are going to take a long time to load, then the value of fewer clicks increases. The classic first question in the word game Twenty Questions—“Animal, vegetable, or mineral?”—is a wonderful example of a mindless choice. As long as you accept the premise that anything that’s not a plant or an animal—including things as diverse as pianos, limericks, and encyclopedias, for instance—falls under “mineral,” it requires no thought at all to answer the question correctly.3 3 In case you’ve forgotten the game, there’s an excellent version that you can play against on the Web at http://www.20q.net Created by Robin Burgener, it uses a neural net algorithm and plays a mean game.

pages: 196 words: 58,122

AngularJS by Brad Green, Shyam Seshadri

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

combinatorial explosion, continuous integration, Firefox, Google Chrome, MVC pattern, node package manager, single page application, web application, WebSocket

For more information about our books, courses, conferences, and news, see our website at http://www.oreilly.com. Find us on Facebook: http://facebook.com/oreilly Follow us on Twitter: http://twitter.com/oreillymedia Watch us on YouTube: http://www.youtube.com/oreillymedia Acknowledgments We’d like to give special thanks to Misko Hevery, father of Angular, for having the courage to think very differently about how we write web applications and to drive it into reality; to Igor Minar for bringing stability and structure to the Angular project and for building the roots of today’s awesome open source community; to Vojta Jina for creating many parts of Angular, and for giving us the fastest test runner the world has ever seen; to Naomi Black, John Lindquist, and Mathias Matias Niemelä for their expert editing assistance. And finally, thank you to the Angular community for their contributions, and for teaching us about making Angular great through feedback from building real applications.

And finally, thank you to the Angular community for their contributions, and for teaching us about making Angular great through feedback from building real applications. Chapter 1. Introduction to AngularJS Our ability to create amazing web-based apps is incredible, but the complexity involved in making these apps is similarly incredible. We on the Angular team wanted to relieve the pain involved with developing AJAX applications. At Google, we’d worked through the hard lessons of building large web applications like Gmail, Maps, Calendar, and several others. We thought we might be able to use these experiences to benefit everyone. We wanted writing web apps to feel more like the first time we wrote a few lines of code and stood back in amazement at what we’d made happen. We wanted the coding process to feel more like creating and less like trying to satisfy the strange inner workings of web browsers.

Some of the larger and more involved examples and code snippets are available on a GitHub repository for you to look at, fork, and play with at our GitHub page. Concepts There are a few core ideas that you’ll use throughout an Angular app. As it turns out, we didn’t invent any of these. Instead, we’ve borrowed heavily from successful idioms in other development environments and implemented them in a way that embraces HTML, browsers, and many other familiar web standards. Client-Side Templates Multi-page web applications create their HTML by assembling and joining it with data on the server, and then shipping the finished pages up to the browser. Most single-page applications—also known as AJAX apps—do this as well, to some extent. Angular is different in that the template and data get shipped to the browser to be assembled there. The role of the server then becomes only to serve as static resources for the templates and to properly serve the data required by those templates.

pages: 319 words: 72,969

Nginx HTTP Server Second Edition by Clement Nedelcu

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Debian, fault tolerance, Firefox, Google Chrome, Ruby on Rails, web application

Syntax: on or off Default value: off [ 130 ] www.it-ebooks.info Chapter 4 Random index This module enables a simple directive, random_index, which can be used within a location block in order for Nginx to return an index page selected randomly among the files of the specified directory. This module is not included in the default Nginx build. Syntax: on or off Log This module controls the behavior of Nginx regarding access logs. It is a key module for system administrators as it allows analyzing the runtime behavior of web applications. It is composed of three essential directives: Directive Description access_log This parameter defines the access log file path, the format of entries in the access log by selecting a template name, or disables access logging. Context: http, server, location Syntax: access_log path [format [buffer=size]] | off; Some remarks concerning the directive syntax: • Use access_log off to disable access logging at the current level • The format argument corresponds to a template declared with the log_format directive, described below • If the format argument is not specified, the default format is employed (combined) • You may use variables in the file path [ 131 ] www.it-ebooks.info Module Configuration Directive Description log_format Defines a template to be utilized by the access_log directive, describing the contents that should be included in an entry of the access log.

As explained before, since Apache, or more generally the backend server uses the IP address of the socket it communicates with, the IP that will appear in our design will always be the IP of the server hosting Nginx. We discussed a solution already — inserting the proxy_set_header X-Real-IP $remote_addr; directive in the configuration in order to forward the client IP address in the X-Real-IP header. Unfortunately, that is not enough as some web applications are not configured to make use of the X-Real-IP header. The client remote address needs to be replaced somehow by that value. When it comes to Apache, a module was written to do just that: mod_rpaf. Details on how to install and configure it are not discussed here; you may find more documentation over at the official website: http://stderr.net/ apache/rpaf/. SSL issues and solutions If your website is going to serve secure web pages, you need to somehow allow visitors to connect to your infrastructure via SSL (Secure Sockets Layer) on port 443.

Whether you have decided that Nginx could be more efficient as a unique server rather than working as a reverse proxy, or simply because you want to get rid of Apache once and for all, this chapter will guide you through the complete process of replacing the latter by the former. This chapter covers: • An in-depth comparison between Apache and Nginx • A full guide to porting your Apache configuration • How to port your Apache rewrite rules to Nginx • Rewrite rule walkthroughs for a few popular web applications Nginx versus Apache This section will provide answers to the main questions that one would ask about Nginx — how does it stand apart from the other servers? How does it compare to Apache? Whether you were using Apache before or considered it as a replacement for your current web server, why would you decide to adopt Nginx at the expense of the web server that empowers nearly half of the Internet websites worldwide?

pages: 58 words: 12,386

Big Data Glossary by Pete Warden

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

business intelligence, crowdsourcing, fault tolerance, information retrieval, linked data, natural language processing, recommendation engine, web application

Getting started with App Engine Elastic Beanstalk Elastic Beanstalk is a layer on top of the EC2 service that takes care of setting up an automatically scaling cluster of web servers behind a load balancer, allowing developers to deploy Java-based applications without worrying about a lot of the housekeeping details. This high-level approach makes it similar to App Engine and Heroku, but because it’s just a wrapper for EC2, you can also log directly into the machines that the code is running on, to debug problems or tweak the environment. It’s still fundamentally designed around the needs of frontend web applications, though, so most data processing problems aren’t a good fit for its approach. Getting started with Elastic Beanstalk Heroku Heroku hosts Ruby web applications, offering a simple deployment process, a lot of free and paid plug-ins, and easy scalability. To ensure that your code can be quickly deployed across a large number of machines, there are some restrictions on things like access to the underlying filesystem, but in general the environment is more flexible than App Engine.

It offers a simplified programming environment for its operators to specify the kind of analysis they want, and then handles converting that into MapReduce jobs behind the scenes. It also has some user-friendly data importing tools, as well as visualization options. It’s a sign of where data processing solutions are headed, as we get better at building interfaces and moving to higher and more powerful abstraction levels. BigSheets IBM’s BigSheets is a web application that lets nontechnical users gather unstructured data from online and internal sources and analyze it to create reports and visualizations. Like Datameer, it uses Hadoop behind the scenes to handle very large amounts of data, along with services like OpenCalais to cope with extracting useful structured information from a soup of unstructured text. It’s aimed at users who are comfortable with a spreadsheet interface rather than traditional developers, so it’s not possible to use it as part of a custom solution, but does offer ideas on how to make your data processing application accessible to those sort of ordinary users.

pages: 448 words: 84,462

Testing Extreme Programming by Lisa Crispin, Tip House

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

c2.com, continuous integration, data acquisition, database schema, Donner party, Drosophila, hypertext link, index card, job automation, web application

Experimenting with Tools XP's short iterations and frequent releases give you the opportunity to experiment with different solutions for one or more iterations, evaluate the results, and try something new. Just as projects can "fail fast" with XP, so can tools. A team for which Lisa was the tester used the short and frequent releases in XP as an opportunity to try different tools for acceptance-test automation. Here's Lisa's story: When I joined the team, they'd never automated any acceptance tests for the Web applications they were developing. I had been successfully using a vendor tool, WebART, to automate acceptance-test scripts for Web applications in other XP projects. We used this tool for the first release of this new project. We had a dedicated team of testers who learned the tool. We were fairly successful with automation; tests for central functionality were automated. However, the separate-test-team approach had caused a lot of other problems. For the second release, we applied the XP principle of making the whole development team responsible for acceptance-test automation.

Expect to ask lots of questions, but be disciplined. There's a limit. Ask tangential but targeted questions that allow the respondent to make connections and think of the details. OK, now it's your turn to try these ideas out with an exercise. Exercise 2 Introducing the XTrack Application This and subsequent exercises will be based on a simple but useful XP tracking application named XTrack. XTrack is a Web application that allows our XP team to maintain information about projects, such as their iterations, stories, tasks, and tests, in a central online repository available to all project stakeholders. This application serves several objectives: The project's tracker has a simple way to maintain information about a project, such as estimated and actual time to complete stories, who owns which tasks, and which stories are assigned to each iteration.

Next, you need to get off this happy path and dig into the requirements for handling errors, unexpected paths through the system, and unusual or unexpected data. We call this the sad path. If a report has an input of a date range, ask yourself what should happen if the "end" date is earlier than the "from" date. Ask what the customer wants to see if the user types special characters into text fields in a GUI form and clicks the Submit button. Ask what should happen if it's a Web application and the user clicks the browser Back and Forward buttons. This is likely to raise cases where you can identify several alternatives, one of which is superior, and you can ask for confirmation. Then think about serious failures and worst-case scenarios, the bad path. What should or will happen when the log fills up? When you run out of database sessions? What happens if someone reboots the system during a critical transaction?

pages: 211 words: 37,094

JQuery Pocket Reference by David Flanagan

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, web application

For full digital access to this book and others on similar topics from O’Reilly and other publishers, sign up at http://my.safaribooksonline.com. Chapter 1. Introduction to jQuery JavaScript has an intentionally simple core API and an overly complicated client-side API that is marred by major incompatibilities between browsers. The arrival of IE9 eliminates the worst of those incompatibilities, but many programmers find it easier to write web applications using a JavaScript framework or utility library to simplify common tasks and hide the differences between browsers. At the time of this writing, jQuery is one of the most popular and widely used of these libraries. Because it has become so widely used, web developers should be familiar with the jQuery library: even if you don’t use it in your own code, you are likely to encounter it in code written by others.

Once you have the code, you can include it in your web pages with a <script> tag: <script src="jquery-1.4.4.min.js"></script> At the time of this writing, the current version of jQuery is 1.4.4. The “min” in the filename above indicates that this is the minimized version of the library, with unnecessary comments and whitespace removed, and internal identifiers replaced with shorter ones. Another way to use jQuery in your web applications is to allow a content distribution network to serve it using a URL like one of these: http://code.jquery.com/jquery-1.4.4.min.js http://ajax.microsoft.com/ajax/jquery/jquery-1.4.4.min.js http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js Replace the “1.4.4” version number in the URLs above as necessary. If you use the Google CDN, you can use “1.4” to get the latest release in the 1.4.x series, or just “1” to get the most current release less than 2.0.

$("#logoff").click(function() { $.event.trigger("logoff"); // Broadcast an event window.location = "logoff.php"; // Go to a new page }); We’ll see in Ajax Events that jQuery’s Ajax methods broadcast custom events like this to notify interested listeners. Live Events The bind() method binds event handlers to specific document elements, just as addEventListener() and attachEvent() do. But web applications that use jQuery often dynamically create new elements. If we’ve used bind() to bind an event handler to all <a> elements in the document, and then we create new document content with new <a> elements, those new elements will not have the same event handlers as the old ones, so they will behave differently. jQuery addresses this issue with “live events”. To use live events, use the delegate() and undelegate() methods instead of bind() and unbind(). delegate() is usually invoked on $(document) and is passed a jQuery selector string, a jQuery event type string, and a jQuery event handler function.

pages: 408 words: 63,990

Build Awesome Command-Line Applications in Ruby: Control Your Computer, Simplify Your Life by David B. Copeland

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Chris Wanstrath, database schema, en.wikipedia.org, full stack developer, Ruby on Rails, web application

How to Implement an Interactive Input Implementing an interactive input, with history browsing and tab completion, is fairly difficult using the various terminal control characters that would be required. Fortunately, the readline C library is widely available on most systems, and the Ruby standard library contains bindings for it so we can access its power from our app. To learn how to use it, we’re going to implement a JSON browser. JSON is a widely used format in web application APIs, something that command-line applications often need to consume. Sophisticated web applications yield heavily nested JSON objects that can be hard to understand by simply viewing them in the terminal. We’ll make an interactive application that reads a JSON file from disk and allows the user to move around inside it, inspecting bits of it at time. We’ll allow the user to navigate the structure of the JSON data in much the same way a user might navigate a file structure.

As a means of demonstrating more clearly what we mean by having a “clear and concise purpose,” each problem-solving app will get an iteration in this chapter. The first version of each app will be naive and then quickly revised to be more single-purpose, so we can see firsthand the level of function we want our apps to have. 1.1 Problem 1: Backing Up Data Suppose our small development team is starting work on our company’s flagship web application. This application is heavily data-driven and highly complex, with many features and edge cases. To build it, we’re going to use an Agile methodology, where we work in two-week “sprints.” In each sprint, we’ll have a list of “user stories” representing the work we’re doing. To officially complete a user story, we’ll need to demonstrate that story functioning properly in a shared development environment.

Given that, it’s nice to be able to manage our work without leaving the command line. 1.2 Problem 2: Managing Tasks Most software development organizations use some sort of task management or trouble-ticket system. Tools like JIRA, Bugzilla, and Pivotal Tracker provide a wealth of features for managing the most complex workflows and tasks, all from your web browser. A common technique when programming is to take a large task and break it down into smaller tasks, possibly even breaking those tasks down. Suppose we’re working on a new feature for our company’s flagship web application. We’re going to add a Terms of Service page and need to modify the account sign-up page to require that the user accept the new terms of service. In our company-wide task management tool, we might see a task like “Add Terms of Service Checkbox to Signup Page.” That’s the perfect level of granularity to track the work by our bosses and other interested stakeholders, but it’s too coarse to drive our work.

pages: 257 words: 64,973

Intrusion Detection With Snort, Apache, Mysql, Php, and Acid by Rafeeq Ur Rehman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Chuck Templeton: OpenTable, database schema, stealth mode startup, web application, x509 certificate

. # # # config classification:shortname,short description,priority # config classification: not-suspicious,Not Suspicious Traffic,3 config classification: unknown,Unknown Traffic,3 config classification: bad-unknown,Potentially Bad Traffic, 2 config classification: attempted-recon,Attempted Information Leak,2 config classification: successful-recon-limited,Information Leak,2 config classification: successful-recon-largescale,Large Scale Information Leak,2 config classification: attempted-dos,Attempted Denial of Service,2 config classification: successful-dos,Denial of Service,2 config classification: attempted-user,Attempted User Privilege Gain,1 config classification: unsuccessful-user,Unsuccessful User Privilege Gain,1 config classification: successful-user,Successful User Privilege Gain,1 config classification: attempted-admin,Attempted Administrator Privilege Gain,1 config classification: successful-admin,Successful Administrator Privilege Gain,1 # NEW CLASSIFICATIONS config classification: rpc-portmap-decode,Decode of an RPC Query,2 config classification: shellcode-detect,Executable code was detected,1 config classification: string-detect,A suspicious string was detected,3 config classification: suspicious-filename-detect,A suspicious filename was detected,2 config classification: suspicious-login,An attempted login using a suspicious username was detected,2 config classification: system-call-detect,A system call was detected,2 config classification: tcp-connection,A TCP connection was detected,4 config classification: trojan-activity,A Network Trojan was detected, 1 config classification: unusual-client-port-connection,A client was using an unusual port,2 config classification: network-scan,Detection of a Network Scan,3 config classification: denial-of-service,Detection of a Denial of Service Attack,2 config classification: non-standard-protocol,Detection of a non-standard protocol or event,2 config classification: protocol-command-decode,Generic Protocol Command Decode,3 config classification: web-application-activity,access to a potentially vulnerable web application,2 config classification: web-application-attack,Web Application Attack,1 config classification: misc-activity,Misc activity,3 config classification: misc-attack,Misc Attack,2 config classification: icmp-event,Generic ICMP event,3 config classification: kickass-porn,SCORE! Get the lotion!,1 config classification: policy-violation,Potential Corporate Privacy Violation,1 config classification: default-login-attempt,Attempt to login by a default username and password,2 3.6.3 The content Keyword One important feature of Snort is its ability to find a data pattern inside a packet.

Port Defines the port number on the remote host where data will be logged. Default port numbers for HTTP, HTTPS, and TCP are 80, 443, and 9000 respectively. Cert This is the certificate to be used with HTTPS protocol. It is X.509 client certificate. Key The client private key. Ca The server certificate used for authentication. Server The Common Name or CN for X.509 certificate. Note that XML output is important for much web application development and for integrating Snort into such systems. Some Snort XML parsers exist, including ACID-XML at http://www.maximumunix.org, although these are still in their infancy. Examples Logging to a file "xmlout" on the local host: output xml: log, file=xmlout The date and time will be appended to the name of the file so that data can be saved for multiple Snort sessions.

Creation of this table may take a few seconds on the database server when you run the snortdb-extra script. Sample Entries in Snort Database Tables To give you an idea of what type of entries are present in different tables in the Snort database, let us select some items from the database and display them. Following are some entries from table sig_class. mysql> select * from sig_class; +--------------+--------------------------+ | sig_class_id | sig_class_name | +--------------+--------------------------+ | 9 | attempted-recon | | 8 | misc-attack | | 7 | bad-unknown | | 6 | web-application-activity | +--------------+--------------------------+ 4 rows in set (0.00 sec) mysql> The select command pulls out data from a database and displays it on the screen. You can use the select command after connecting to database using the mysql client. For more information on MySQL commands, refer to Appendix B. The following are some records in reference_system table. mysql> select * from reference_system; +---------------+-----------------+ | ref_system_id | ref_system_name | +---------------+-----------------+ | 8 | nessus | | 7 | cve | | 6 | arachnids | | 5 | bugtraq | +---------------+-----------------+ 4 rows in set (0.02 sec) mysql> The following output of the select command shows records in encoding table.

pages: 199 words: 47,154

Gnuplot Cookbook by Lee Phillips

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

bioinformatics, computer vision, general-purpose programming language, pattern recognition, statistical model, web application

The people behind this project have generously donated a unique and extremely valuable resource to the community. One hopes that it is used responsibly, for exploration, sharing, and a reasonable amount of plot generation, and not abused. Writing a web GUI for gnuplot This final recipe will teach you how to make your own interactive web application that uses gnuplot to draw a graph in response to user input. It is not a general-purpose GUI for gnuplot as was the subject of the previous recipe, but rather shows one way to use gnuplot as part of a special-purpose web application. Because gnuplot can be controlled through text commands and can create PNG files, which are size-efficient and well supported by current web browsers, it is very well suited to this type of project. We are going to create a simple game that asks the user to hit a target with a cannonball.

Chapter 7, Programming gnuplot and dealing with data, covers how to use gnuplot's built-in programming constructs as well as its ability to be used from any programming language, and how to use the new volatile data features. Chapter 8, The Third Dimension, shows how to plot surfaces, vectors, heat maps, and lines in a 3D space. Chapter 9, Using and Making Graphical User Interfaces, introduces several GUIs for gnuplot and includes writing a web application with gnuplot on the backend. Chapter 10, Surveying Special Topics, covers several special techniques and applications: mapping; labeled contours; colored and broken axes; pictures; and more. Appendix A, Finding help and information, provides a brief list of sources of gnuplot information and education. What you need for this book The prerequisites for this book are that you have an installation of gnuplot available for your use and that you are familiar with elementary gnuplot operation (starting gnuplot on the command line and entering a plot command).

The game can be used to illustrate the elementary principles of ballistics; there are an infinite number of correct solutions that can be calculated with simple physics (there are no advanced complications such as air resistance). The previous figure shows what the game looks like; this is a screenshot taken directly from the browser window. Getting ready We need a few things in place in order to run a web application. Our example will use the Python scripting language for the back end, so we'll need to have a Python interpreter installed. Fortunately, this is very widespread and comes built-in on Macintosh OS X and many other systems; it's also free, open source, and easy to install. In order for Python code to run in response to requests from a web browser, we also need to install a Python web framework.

pages: 201 words: 63,192

Graph Databases by Ian Robinson, Jim Webber, Emil Eifrem

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, anti-pattern, bioinformatics, commoditize, corporate governance, create, read, update, delete, data acquisition, en.wikipedia.org, fault tolerance, linked data, loose coupling, Network effects, recommendation engine, semantic web, sentiment analysis, social graph, software as a service, SPARQL, web application

One of the big advantages of conducting performance testing over the course of an application’s development lifecycle, rather than at the end, is that failures and regressions can very often be tied back to a recent piece of development; this allows you to diagnose, pinpoint and remedy issues rapidly and succinctly. For generating load, you’ll need a load-generating agent. For Web applications, there are several open source stress and load testing tools available, including Grinder, JMeter and Gatling.11 When testing load balanced Web applications, you should ensure your test clients are distributed across different IP addresses so that requests are balanced across the cluster. 11. See http://grinder.sourceforge.net/, http://jmeter.apache.org/ and http://gatling-tool.org/. Max De Marzi de‐ scribes using Gatling to test Neo4j here: http://maxdemarzi.com/2013/02/14/neo4j-and-gatling-sitting-in-atree-performance-t-e-s-t-ing/ 84 | Chapter 4: Building a Graph Database Application Testing with representative data For both query performance testing and application performance testing you will need a dataset that is representative of the data you will encounter in production.

Here we summarize some of the more important modeling guidelines, and discuss how imple‐ menting a graph data model fits with iterative and incremental software development techniques. Describe the Model in Terms of Your Application’s Needs The questions you need to ask of the data help identify entities and relationships. Agile user stories provide a concise means for expressing an outside-in, user-centred view of 57 an application’s needs, and the questions that arise in the course of satisfying this need. Here’s an example of a user story for a book review Web application: 1 AS A reader who likes a book, I WANT to know which books other readers who like the same book have liked, SO THAT I can find other books to read This story expresses a user need, which motivates the shape and content of our data model. From a data modeling point of view, the AS A clause establishes a context com‐ prising two entities—a reader and a book—plus the LIKES relationship that connects them.

Why Organizations Choose Graph Databases Throughout this book, we’ve sung the praises of the graph data model, its power and flexibility, and its innate expressiveness. When it comes to applying a graph database to a real-world problem, with real-world technical and business constraints, organisations choose graph databases for the following reasons: 1. “Minutes to milliseconds” performance. Query performance and responsiveness are top of many organisations’ concerns with regard to their data platforms. Online transactional systems, large Web applications in particular, must respond to endusers in milliseconds if they are to be successful. In the relational world, as an application’s dataset size grows, join pains begin to manifest themselves, and per‐ formance deteriorates. Using index-free adjacency, a graph database turns complex joins into fast graph traversals, thereby maintaining millisecond performance ir‐ respective of the overall size of the dataset. 2.

pages: 25 words: 5,789

Data for the Public Good by Alex Howard

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

23andMe, Atul Gawande, Cass Sunstein, cloud computing, crowdsourcing, Hernando de Soto, Internet of things, lifelogging, Network effects, openstreetmap, Silicon Valley, slashdot, social software, social web, web application

That’s not entirely by choice, given that news of disasters has consistently broken first on Twitter. The challenge is for the men and women entrusted with coordinating response to identify signals in the noise. First responders and crisis managers are using a growing suite of tools for gathering information and sharing crucial messages internally and with the public. Structured social data and geospatial mapping suggest one direction where these tools are evolving in the field. A web application from ESRI deployed during historic floods in Australia demonstrated how crowdsourced social intelligence provided by Ushahidi can enable emergency social data to be integrated into crisis response in a meaningful way. The Australian flooding web app includes the ability to toggle layers from OpenStreetMap, satellite imagery, and topography, and then filter by time or report type. By adding structured social data, the web app provides geospatial information system (GIS) operators with valuable situational awareness that goes beyond standard reporting, including the locations of property damage, roads affected, hazards, evacuations and power outages.

For instance, the quarterly financial statements of the top public companies in the world are now available online through the Securities and Exchange Commission. Why does it matter? The interactions of citizens with companies or government entities generate a huge amount of economically valuable data. If consumers and regulators had access to that data, they could tap it to make better choices about everything from finance to healthcare to real estate, much in the same way that web applications like Hipmunk and Zillow let consumers make more informed decisions. Personal Data Assets When a trend makes it to the World Economic Forum (WEF) in Davos, it’s generally evidence that the trend is gathering steam. A report titled “Personal Data Ownership: The Emergence of a New Asset Class” suggests that 2012 will be the year when citizens start thinking more about data ownership, whether that data is generated by private companies or the public sector.

pages: 255 words: 78,207

Web Scraping With Python: Collecting Data From the Modern Web by Ryan Mitchell

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

AltaVista, Amazon Web Services, cloud computing, en.wikipedia.org, Firefox, Guido van Rossum, meta analysis, meta-analysis, natural language processing, optical character recognition, random walk, self-driving car, Turing test, web application

His router stamps its own IP address on the packet as the “from” IP address, and sends it off across the Internet. 3. Bob’s packet traverses several intermediary servers, which direct his packet toward the correct physical/wired path, on to Alice’s server. 4. Alice’s server receives the packet, at her IP address. 5. Alice’s server reads the packet port destination (almost always port 80 for web applications, this can be thought of as something like an “apartment number” for packet data, where the IP address is the “street address”), in the header, and passes it off to the appropriate application – the web server application. 6. The web server application receives a stream of data from the server processor. This data says something like: - This is a GET request - The following file is requested: index.html 7.

It doesn’t matter if the applications are written by different programmers, with different architectures, or even in different languages—APIs are designed to serve as a lingua franca between different pieces of software that need to share information with each other. Although various APIs exist for a variety of different software applications, in recent times “API” has been commonly understood as meaning “web application API.” Typi‐ cally, a programmer will make a request to an API via HTTP for some type of data, and the API will return this data in the form of XML or JSON. Although most APIs still support XML, JSON is quickly becoming the encoding protocol of choice. If taking advantage of a ready-to-use program to get information prepackaged in a useful format seems like a bit of a departure from the rest of this book, well, it is and it isn’t.

The following gives a quick demonstration of how Python’s JSON library handles the different values that might be encountered in a JSON string: import json jsonString = '{"arrayOfNums":[{"number":0},{"number":1},{"number":2}], "arrayOfFruits":[{"fruit":"apple"},{"fruit":"banana"}, {"fruit":"pear"}]}' jsonObj = json.loads(jsonString) print(jsonObj.get("arrayOfNums")) print(jsonObj.get("arrayOfNums")[1]) print(jsonObj.get("arrayOfNums")[1].get("number")+ jsonObj.get("arrayOfNums")[2].get("number")) print(jsonObj.get("arrayOfFruits")[2].get("fruit")) The output of which is: [{'number': 0}, {'number': 1}, {'number': 2}] {'number': 1} 3 pear Line 1 is a list of dictionary objects, line 2 is a dictionary object, line 3 is an integer (the sum of the integers accessed in the dictionaries), and line 4 is a string. Bringing It All Back Home Although the raison d'être of many modern web applications is to take existing data and format it in a more appealing way, I would argue that this isn’t very interesting thing to do in most instances. If you’re using an API as your only data source, the best you can do is merely copy someone else’s database that already exists, and which is, essentially, already published. What can be far more interesting is to take two or more data sources and combine them in a novel way, or use an API as a tool to look at scra‐ ped data from a new perspective.

pages: 655 words: 141,257

Programming Android: Java Programming for the New Generation of Mobile Devices by Zigurd Mednieks, Laird Dornin, G. Blake Meike, Masumi Nakamura

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

anti-pattern, business process, conceptual framework, create, read, update, delete, database schema, Debian, domain-specific language, en.wikipedia.org, fault tolerance, Google Earth, interchangeable parts, iterative process, loose coupling, MVC pattern, revision control, RFID, web application, yellow journalism

When an application dispatches an intent, it’s possible that several different activities might be registered to provide the desired operation. At one layer of abstraction, Android applications look a lot like a web applications. Activities are very much analogous to the servlets in web applications. A well designed activity is responsible for a managing a single UI page and each has its own, unique, "name": the URL that invokes it. Users move from page to page in a web application by following the links exactly as, in Android applications, they follow Intents. New pages can leverage old pages, simply by linking to them. Just as in the world of web applications, some servlets provide UIs and others provide APIs for services, so, in the Android world, Activities provide UIs and the Service and ContentProvider classes, introduced in a moment, provide programmatic access to services.

Content providers operate both as a persistence mechanism and as a form of interprocess communication. Instead of just enabling interprocess method calls, content providers allow developers to efficiently share entire SQL databases across processes: instead of sharing just objects, content providers manage entire SQL tables. Using a content provider When building a server-based web application, a developer typically has access to two different kinds of APIs: first the code, libraries and data model that comprise his own program. Second, though he is likely to make calls to other web applications, using their well defined APIs to obtain the data and services they provide. Similarly, Android provides two levels of API: the libraries and services that your code accesses directly and — and at least as important — the variety of services available through content providers. Due to its importance in Android, we provide a brief introduction here to writing a client that uses a content provider.

In Chapter 5 we will look in detail at how to manage a project using one of the most common tools for Android development, the Eclipse IDE. For the moment, though, let's look at the basic organization of a project. To reiterate, a project is a workspace devoted to producing a single deployable artifact. In the wider world of Java, that artifact might be a library (a .jar file that cannot be run by itself but that implements some specific functionality). It might, on the other hand, be a deployable web application or a double-clickable desktop application. In the Android space, the artifact is most likely to be a single runnable service: a ContentProvider, a Service, or an Activity. A content provider that is used by a single activity certainly might start its life as a part of the activity project. As soon as an external activity needs to use it, though, it is time to consider refactoring it into its own project.

pages: 352 words: 64,282

MongoDB: The Definitive Guide by Kristina Chodorow, Michael Dirolf

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

create, read, update, delete, Debian, pattern recognition, Ruby on Rails, web application

Keeping with tradition, the Open Source community has created a plethora of “better ways” in response to the ballooning data needs of modern web applications. They span the spectrum from simple in-memory key/value stores to complicated SQL-speaking MySQL/InnoDB derivatives. But the sheer number of choices has made finding the right solution more difficult. I’ve looked at many of them. I was drawn to MongoDB by its pragmatic approach. MongoDB doesn’t try to be everything to everyone. Instead it strikes the right balance between features and complexity, with a clear bias toward making previously difficult tasks far easier. In other words, it has the features that really matter to the vast majority of today’s web applications: indexes, replication, sharding, a rich query syntax, and a very flexible data model. All of this comes without sacrificing speed.

As the amount of data that developers need to store grows, developers face a difficult decision: how should they scale their databases? Scaling a database comes down to the choice between scaling up (getting a bigger machine) or scaling out (partitioning data across more machines). Scaling up is often the path of least resistance, but it has draw-backs: large machines are often very expensive, and eventually a physical limit is reached where a more powerful machine cannot be purchased at any cost. For the type of large web application that most people aspire to build, it is either impossible or not cost-effective to run off of one machine. Alternatively, it is both extensible and eco-nomical to scale out: to add storage space or increase performance, you can buy another commodity server and add it to your cluster. MongoDB was designed from the beginning to scale out. Its document-oriented data model allows it to automatically split up data across multiple servers.

MongoDB also works nicely with Ruby on Rails, especially when working with one of the previously mentioned mappers. There are up-to-date instructions on integrating MongoDB with Rails on the MongoDB site. Custom Submission Forms: Ruby | 167 Real-Time Analytics: Python The Python driver for MongoDB is called PyMongo. In this section, we’ll use PyMongo to implement some real-time tracking of metrics for a web application. The most upto-date documentation on PyMongo is available at http://api.mongodb.org/python. Installing PyMongo PyMongo is available in the Python Package Index and can be installed using easy_install (http://pypi.python.org/pypi/setuptools): $ easy_install pymongo Searching for pymongo Reading http://pypi.python.org/simple/pymongo/ Reading http://github.com/mongodb/mongo-python-driver Best match: pymongo 1.6 Downloading ...

pages: 234 words: 63,522

Puppet Essentials by Felix Frank

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

cloud computing, Debian, DevOps, domain-specific language, Infrastructure as a Service, platform as a service, web application

Switching to Phusion Passenger When launched via puppet master (or the system service), Puppet implements its HTTP interactions through the WEBrick library. This built-in server provides a reliable interface and little overhead for the application but really has no way of scaling, as Puppet is not multithreaded. As such, the WEBrick-based master is hardly fit for production and should usually be used for testing purposes only. For scalable low-latency operations, Puppet can rely on the industry standard for Ruby-based web applications—Passenger. The Puppet Labs documentation contains portable instructions for installing Passenger from the Ruby gem. Many users might prefer the stability of packages from the software-distribution maintainers. The following instructions rely on Debian packages. Make sure that the standalone master process is stopped before setting up Apache with mod_passenger. This is not the only way to use Passenger, but it's one of the most popular ways: 1.

Instead of filling a class with lots of aspects that work together to achieve a complex goal, you can also limit the class to a very specific purpose. Some classes will contain but one resource. The class wraps the resource, so to speak. This is useful for resources that are needed in different contexts. By wrapping them away in a class, you can make sure that those contexts do not create multiple declarations of the same resource. For example, the netcat package can be useful to firewall servers, but also to web application servers. There is probably a firewall class and an appserver class. Both declare the netcat package: package { 'netcat': ensure => 'installed'; } If any server ever has both roles (this might happen for budget reasons or in other unforeseen circumstances), this is a problem: when both the firewall and appserver classes are included, then the resulting manifest declares the netcat package twice.

They are merely static files that have been prepared and are ready for carbon copying. These static files suffice in many situations, but sometimes, you will want the master to manage very specific configuration values for each agent. These values can be quite individual. For example, an Apache server usually requires a MaxClients setting. Appropriate values depend on many aspects, including hardware specifications and characteristics of the web application that is being run. It would be impractical to prepare all possible choices as distinct files in the module. Learning the template syntax Templates make short work of such scenarios. If you are familiar with ERB templates already, you can safely skip to the next section. If you know your way around PHP or JSP, you will quickly get the hang of ERB—it's basically the same but with Ruby inside the code tags.

pages: 197 words: 35,256

NumPy Cookbook by Ivan Idris

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

business intelligence, cloud computing, computer vision, Debian, en.wikipedia.org, Eratosthenes, mandelbrot fractal, p-value, sorting algorithm, statistical model, transaction costs, web application

As we saw in this example, we can pass Python lists to be transformed to Java arrays by the JArray wrapper. JPype uses the Java Native Interface (JNI), which is a bridge between native C code and Java. Unfortunately, using JNI hurts performance, so you have to be mindful of that fact. See also Installing JPype in this chapter Installing Google App Engine Google App Engine (GAE) enables you to build web applications in the Google cloud. Since 2012, there is official support for NumPy; you need to have a Google account to use GAE. How to do it... The first step is to download GAE. Download GAE.Download GAE for your operating system from https://developers.google.com/appengine/downloads. From this page, you can download documentation and the GAE Eclipse plugin as well. If you are developing with Eclipse, you should definitely install it.

For NumPy an extra configuration step is required, but that will take only minutes. How to do it... Let's create a new application. Create a new application.Create a new application with the launcher (File | New Application). Name it numpycloud. This will create a folder with the same name containing the following files: app.yaml: YAML application configuration file favicon.ico: Icon image index.yaml: Auto generated file main.py: Main entry point for the web application Add NumPy to the libraries.First, we need to let GAE know that we want to use NumPy. Add the following lines to the app.yaml configuration file in the libraries section: - name: NumPy version: "1.6.1" The configuration file should have the following contents: application: numpycloud version: 1 runtime: python27 api_version: 1 threadsafe: yes handlers: - url: /favicon\.ico static_files: favicon.ico upload: favicon\.ico - url: .* script: main.app libraries: - name: webapp2 version: "2.5.1" - name: numpy version: "1.6.1" Write NumPy code.To demonstrate that we can use NumPy code, let's modify the main.py file.

<br/>') self.response.out.write('NumPy sum = ' + str(numpy.arange(7).sum())) app = webapp2.WSGIApplication([('/', MainHandler)], debug=True) If you click on the Browse button in the GAE launcher, you should see a web page in your default browser, with the following text: Hello world!NumPy sum = 21 How it works... GAE is free depending on how much of the resources are used. You can create up to ten web applications. GAE takes the sandboxing approach, which means that NumPy was not available for a while, but now it is, as demonstrated in this recipe. You should also be aware that GAE currently does not support relational databases. There are other features too, which might make portability a concern. Running NumPy code in a Python Anywhere web console In Chapter 1, we already saw a Python Anywhere console in action, without having an account.

pages: 132 words: 31,976

Getting Real by Jason Fried, David Heinemeier Hansson, Matthew Linderman, 37 Signals

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

call centre, collaborative editing, David Heinemeier Hansson, iterative process, John Gruber, knowledge worker, Merlin Mann, Metcalfe's law, performance metric, premature optimization, Ruby on Rails, slashdot, Steve Jobs, web application

Our apps never put you on the rack. Our modus operandi We believe software is too complex. Too many features, too many buttons, too much to learn. Our products do less than the competition — intentionally. We build products that work smarter, feel better, allow you to do things your way, and are easier to use. Our products As of the publishing date of this book, we have five commercial products and one open source web application framework. Basecamp turns project management on its head. Instead of Gantt charts, fancy graphs, and stats-heavy spreadsheets, Basecamp offers message boards, to-do lists, simple scheduling, collaborative writing, and file sharing. So far, hundreds of thousands agree it's a better way. Farhad Manjoo of Salon.com said "Basecamp represents the future of software on the Web." Campfire brings simple group chat to the business setting.

Thomas Weber of the Wall Street Journal said it's the best product in its class and David Pogue of the New York Times called it a "very cool" organization tool. Writeboard lets you write, share, revise, and compare text solo or with others. It's the refreshing alternative to bloated word processors that are overkill for 95% of what you write. John Gruber of Daring Fireball said, "Writeboard might be the clearest, simplest web application I've ever seen." Web-guru Jeffrey Zeldman said, "The brilliant minds at 37signals have done it again." Ta-da List keeps all your to-do lists together and organized online. Keep the lists to yourself or share them with others for easy collaboration. There's no easier way to get things done. Over 100,000 lists with nearly 1,000,000 items have been created so far. Ruby on Rails, for developers, is a full-stack, open-source web framework in Ruby for writing real-world applications quickly and easily.

Thanks for reading and good luck! Table of contents | Essay list for this chapter | Next essay 37signals Resources 37signals site Signal vs. Noise weblog Basecamp — Web-based project collaboration Campfire — Web-based group chat for business Backpack — Web-based information organizer Writeboard — Web-based collaborative writing Ta-da List — Web-based dead-simple to-do lists Ruby on Rails — Open-source web application framework Table of contents | Essay list for this chapter Table of Contents Introduction chapter 1 The Starting Line chapter 2 Stay Lean chapter 3 Priorities chapter 4 Feature Selection chapter 5 Process chapter 6 The Organization chapter 7 Staffing chapter 8 Interface Design chapter 9 Code chapter 10 Words chapter 11 Pricing and Signup chapter 12 Promotion chapter 13 Support chapter 14 Post-Launch chapter 15 Conclusion chapter 16 In this book we'll show you...

pages: 59 words: 12,801

The Little Book on CoffeeScript by Alex MacCaw

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, MVC pattern, node package manager, web application, Y2K

The book is little, only six chapters, but that’s rather apt as CoffeeScript is a little language too. This book is completely open source, and was written by Alex MacCaw (@maccman) with great contributions from David Griffiths, Satoshi Murakami, Chris Smith, Katsuya Noguchi, and Jeremy Ashkenas. If you have any errata or suggestions, please don’t hesitate to open a ticket on the book’s GitHub page. Readers may also be interested in JavaScript Web Applications (O’Reilly), a book I authored that explores rich JavaScript applications and moving state to the client side. So let’s dive right into it: why is CoffeeScript better than writing pure JavaScript? Well, for a start, there’s less code to write; CoffeeScript is very succinct, and takes white space into account. In my experience, this reduces code by a third to a half of the original pure JavaScript.

The secret to building maintainable large applications is not to build large applications. In other words, build a series of modular de-coupled components. Keep application logic as generic as possible, abstracting it out as appropriate. Lastly, separate out your logic into views, models, and controllers (MVC). Implementing MVC is beyond the scope of this chapter; for that, I recommend you check out my book on JavaScript Web Applications and use a framework like Backbone or Spine. Rather than that, here we’re going to cover structuring applications using CommonJS modules. Structure and CommonJS So what exactly are CommonJS modules? Well, If you’ve used NodeJS before, you’ve used CommonJS modules, probably without realizing it. CommonJS modules were initially developed for writing server-side JavaScript libraries, in an attempt to deal with loading, namespacing, and scoping issues.

pages: 99 words: 19,884

Getting Started with RStudio by John Verzani

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Debian, RFID, web application

Each project may have different working directories, workspaces, and collection of files in the Source component. The current project name is listed on the far right of the main application toolbar in a combobox that allows one to switch between open projects, open an existing project, or create a new project. A new project requires just a name and a working directory. This feature is a natural fit for RStudio, because when it runs as a web application, there is a need to serialize and restore sessions due to the nature of web connections. Switching between projects is as easy as selecting an open project. RStudio just serializes the old one and restores the newly selected one. Note As of writing, the “project” feature is not available in the stable release (0.94.102) but is in the “daily build” version. Which R? RStudio does not require a special version of R to run, as long as it is a fairly modern one.

The widely used Rcmdr package, which provides a set of graphical interfaces to numerous R functions, can be run in this manner. One can also use the interfaces provided by RGtk2 and qtbase. In addition, the desktop user can take advantage of R’s internal help server. The googleVis package uses this to take advantage of Google’s visualization tools, and the Rack package provides an API for R users to write web applications that take advantage of this same server. Chapter 4. Case Study: Creating a Package Before describing more systematically the components that RStudio provides for development work in R (most importantly the source-code editor), we will pick up where we left off on our case study of analyzing the group behavior and individual movements of a colony of naked mole rats. Here, our goal is to illustrate one way to do package development with RStudio.

pages: 398 words: 86,855

Bad Data Handbook by Q. Ethan McCallum

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Mechanical Turk, asset allocation, barriers to entry, Benoit Mandelbrot, business intelligence, cellular automata, chief data officer, Chuck Templeton: OpenTable, cloud computing, cognitive dissonance, combinatorial explosion, commoditize, conceptual framework, database schema, en.wikipedia.org, Firefox, Flash crash, Gini coefficient, illegal immigration, iterative process, labor-force participation, loose coupling, natural language processing, Netflix Prize, quantitative trading / quantitative finance, recommendation engine, selection bias, sentiment analysis, statistical model, supply-chain management, survivorship bias, text mining, too big to fail, web application

When a browser encounters the encoded string &lt;script&gt;//Do Some &#201;v&#238;l&lt;/script&gt; it will display <script>//Do Some Évîl</script>, but it will not actually execute the evil script. It is a reasonable decision to have a web application store HTML encoded strings in its database. That decision ensures that raw text submitted by the users won’t appear in our other pages, and it may speed up the server-side rendering time for those pages. However, if we decide to text mine the user-submitted content, we’ll need to understand how the content is formatted in database dumps, and we’ll want to decode the HTML entity references before processing it. I’ve actually seen redundantly HTML-encoded strings such as &amp;amp;lt; in what was supposed to be a plain text dump. That data presumably passed through multiple web applications and databases before I got my hands on it. Example 4-10 expands on code from Example 4-9 to decode repeatedly HTML-encoded strings inside a while loop.

The ASCII code for % is 0x25, so the encoding %25 is used. The blank space is ASCII code 0x20, but it is typically encoded as + rather than %20. The server application must decode the URL encoding to recover exactly what the user has entered. In general, URL encoding artifacts leaking into plain text is not a serious problem. URL encoding and decoding of form submissions happens behind the scenes in most web application frameworks. Even if URL encoded text did leak into other parts of an application, it would be easily detectable by the lack of spaces and abundance of + and %XX codes. One notable exception is when analyzing a list of URLs or URL fragments. In that case, it may be worthwhile to ensure that all of the URLs have been decoded consistently. Example 4-8 uses Python’s urllib.urlencode function to URL encode text, and then urllib.unquote functions to decode the URL encoded text.

'xmlcharrefreplace') >>> print(ss) &amp;amp;lt;script&amp;amp;gt;//Do Some &amp;amp; ↪ #201;v&amp;amp;#238;l&amp;amp;lt;/script ↪ &amp;amp;gt; >>> # now decode until length becomes constant >>> while len(ss) != len(parser.unescape(ss)): ss = parser.unescape(ss) print(ss) &amp;lt;script&amp;gt;//Do Some &amp;#201;v&amp; ↪ #238;l&amp;lt;/script&amp;gt; &lt;script&gt;//Do Some &#201;v&#238;l&lt;/script ↪ &gt; <script>//Do Some Évîl</script> HTML encoding all user-submitted text is a step towards preventing malicious users from launching attacks when our pages are rendered. A well-engineered web application will also take precautions to protect itself from attacks that exploit its form submission handlers. A common example of such an attack is the SQL injection attack, where the attacker tries to trick a form handler into running user-supplied SQL statements. There is a brilliant example of a SQL injection attack in the famous XKCD comic about “Little Bobby Tables” (http://xkcd.com/327/). The characters ', ;, --, and /* are often exploited in SQL injection attacks.

pages: 713 words: 93,944

Seven Databases in Seven Weeks: A Guide to Modern Databases and the NoSQL Movement by Eric Redmond, Jim Wilson, Jim R. Wilson

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, create, read, update, delete, data is the new oil, database schema, Debian, domain-specific language, en.wikipedia.org, fault tolerance, full text search, general-purpose programming language, linked data, MVC pattern, natural language processing, node package manager, random walk, recommendation engine, Ruby on Rails, Skype, social graph, web application

We can change the values reported by connected_nodes by stopping a node… ​​$ dev/dev2/bin/riak stop​​ …and reloading the /stats. Notice that dev2@ is now gone from the connected_nodes list. Start dev2, and it will rejoin itself to the Riak ring (we’ll discuss the ring on Day 2). REST Is Best (or Doing cURLs) REST stands for REpresentational State Transfer. It sounds like a mouthful of jargon, but it has become the de facto architecture of web applications, so it’s worth knowing. REST is a guideline for mapping resources to URLs and interacting with them using CRUD verbs: POST (Create), GET (Read), PUT (Update), and DELETE (Delete). If you don’t already have it installed, install the HTTP client program cURL. We use it as our REST interface, because it’s easy to specify verbs (like GET and PUT) and HTTP header information (like Content-Type).

You can find other URL parameters in the following table: Param Description Default q The given query string q.op Query terms are either and or or or sort Field name to sort by none start The first object in the matching list to return 0 rows The max number of results to return 20 wt Output either xml or json xml index Specifies the index to use There is plenty more to learn about the Riak search extension, far more than we can reasonably cover here. Ideally you’ve gotten a feel for its power. It’s a clear choice if you plan to provide search functionality for a large web application, but it also deserves a second look if you need a lot of simple ad hoc querying. Indexing Riak As of version 1.0, Riak supports secondary indexes. These are similar to the indexes we saw in PostgreSQL but with a slight twist. Rather than indexing on a specific column or columns of data, Riak allows you to index on metadata attached to the header of the object. Once again, we must make a change to the app.config file.

The path should be something like this: ​​${HBASE_HOME}/src/main/resources/org/apache/hadoop/hbase/thrift/Hbase.thrift​​ With the path identified, generate the model files with the following command, replacing your path as indicated: ​​$ thrift --gen rb <path_to_Hbase.thrift>​​ This will create a new folder called gen-rb, which contains the following model files: hbase_constants.rb hbase.rb hbase_types.rb We’ll be using these files next as we build a simple client application. Building a Client Application Our program will connect to HBase over Thrift and then list any tables it finds along with their column families. These would be the first steps toward building an administrative interface for HBase. Unlike our previous examples, this script is meant to be run by good old normal Ruby, not JRuby. It could be suitable for inclusion in a Ruby-based web application, for example. Key this into a new text file (we called ours thrift_example.rb): hbase/thrift_example.rb ​​$:.push('./gen-rb')​​ ​​require 'thrift'​​ ​​require 'hbase'​​ ​​​​ ​​socket = Thrift::Socket.new( 'localhost', 9090 )​​ ​​transport = Thrift::BufferedTransport.new( socket )​​ ​​protocol = Thrift::BinaryProtocol.new( transport )​​ ​​client = Apache::Hadoop::Hbase::Thrift::Hbase::Client.new( protocol )​​ ​​​​ ​​transport.open()​​ ​​​​ ​​client.getTableNames().sort.each do |table|​​ ​​ puts "#{table}"​​ ​​ client.getColumnDescriptors( table ).each do |col, desc|​​ ​​ puts " #{desc.name}"​​ ​​ puts " maxVersions: #{desc.maxVersions}"​​ ​​ puts " compression: #{desc.compression}"​​ ​​ puts " bloomFilterType: #{desc.bloomFilterType}"​​ ​​ end​​ ​​end​​ ​​​​ ​​transport.close()​​ In the previous code, the first thing we do is make sure Ruby can find the model files by adding gen-rb to the path and including thrift and hbase.

pages: 540 words: 103,101

Building Microservices by Sam Newman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

airport security, Amazon Web Services, anti-pattern, business process, call centre, continuous integration, create, read, update, delete, defense in depth, don't repeat yourself, Edward Snowden, fault tolerance, index card, information retrieval, Infrastructure as a Service, inventory management, job automation, load shedding, loose coupling, platform as a service, premature optimization, pull request, recommendation engine, social graph, software as a service, source of truth, the built environment, web application, WebSocket, x509 certificate

By combining the capabilities our services expose in different ways, we can curate different experiences for our customers on their desktop application, mobile device, wearable device, or even in physical form if they visit our brick-and-mortar store. So think of user interfaces as compositional layers — places where we weave together the various strands of the capabilities we offer. So with that in mind, how do we pull all these strands together? Constraints Constraints are the different forms in which our users interact with our system. On a desktop web application, for example, we consider constraints such as what browser visitors are using, or their resolution. But mobile has brought a whole host of new constraints. The way our mobile applications communicate with the server can have an impact. It isn’t just about pure bandwidth concerns, where the limitations of mobile networks can play a part. Different sorts of interactions can drain battery life, leading to some cross customers.

Once you understand the threat levels of different parts of your system, you should start to get a sense of when to consider security during transit, at rest, or not at all. Finally, understand the importance of defense in depth, make sure you patch your operating systems, and even if you consider yourself a rock star, don’t try to implement your own cryptography! If you want a general overview of security for browser-based applications, a great place to start is the excellent Open Web Application Security Project (OWASP) nonprofit, whose regularly updated Top 10 Security Risk document should be considered essential reading for any developer. Finally, if you want a more general discussion of cryptography, check out the book Cryptography Engineering by Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno (Wiley). Getting to grips with security is often about understanding people and how they work with our systems.

Caching Caching is a commonly used performance optimization whereby the previous result of some operation is stored, so that subsequent requests can use this stored value rather than spending time and resources recalculating the value. More often than not, caching is about eliminating needless round-trips to databases or other services to serve results faster. Used well, it can yield huge performance benefits. The reason that HTTP scales so well in handling large numbers of requests is that the concept of caching is built in. Even with a simple monolithic web application, there are quite a few choices as to where and how to cache. With a microservice architecture, where each service is its own source of data and behavior, we have many more choices to make about where and how to cache. With a distributed system, we typically think of caching either on the client side or on the server side. But which is best? Client-Side, Proxy, and Server-Side Caching In client-side caching, the client stores the cached result.

pages: 315 words: 85,791

Technical Blogging: Turn Your Expertise Into a Remarkable Online Presence by Antonio Cangiano

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Albert Einstein, anti-pattern, bitcoin, bounce rate, cloud computing, en.wikipedia.org, John Gruber, Lean Startup, Network effects, revision control, Ruby on Rails, search engine result page, slashdot, software as a service, web application

If that’s not the case, however, the explanation of your fancy continuous deployment setup for your SaaS (software as a service) won’t mean a thing to your customers. Likewise, taking an all-business approach in which you either share the details of how you run your startup or go into business topics at great length will tend to attract fellow entrepreneurs. Again, if they are your potential customers (e.g., your product is B2B), this approach can pay off. The aforementioned 37signals produces web applications that are aimed at helping companies better handle communication and collaboration. Their unique and opinionated take on the way a business should be run, broadcast through their blog and books, has attracted many of their customers. In most other cases, you’ll find that your customers won’t be particularly interested in learning how your Facebook ad campaign generated a 300 percent ROI (return on investment).

Instead of listing articles, come up with a main theme for your blog, then list ten relevant topics that you are passionate about and have some degree of expertise in. For example, if you’re dealing with a blog about web development as your main theme, you might write down the following topics: Ruby on Rails HTML5/CSS3 JavaScript/CoffeeScript Ajax Deployment Scaling web applications Security issues NoSQL databases UI/UX/Usability Using and creating RESTful APIs As you can see, these are very broad topics, each of which would roughly correspond to different categories for your blog. This task is not just meant to help you figure out what kind of topics you’ll be covering in your blog. The real point of this exercise is to determine if you can cover enough topics to warrant creating a general blog on your main subject.

It could be something that grinds your gears or simply a topic you believe more readers should know about. Interview popular people in your field (more on this in the next chapter). Review books, services, gadgets, or products that are relevant to your niche. Collect, organize, and present links to relevant resources all in a single post (e.g., “White Papers on the Scalability of Web Applications”). Create cheatsheets (e.g., HTML5 Cheatsheet). If possible, include both an HTML version and a PDF version for printing. Collect interesting data about your industry and compile it into a useful infographic. If you are not a designer, you can usually commission it to designers who specialize in creating infographics that go viral online. Check out Visual.ly for inspiration and to find good designers who specialize in infographics.[55] If you run a business, consider writing about your social media campaigns, A/B testing experiments, and sales and earnings figures.

pages: 696 words: 111,976

SQL Hacks by Andrew Cumming, Gordon Russell

bioinformatics, business intelligence, business process, database schema, en.wikipedia.org, Erdős number, Firefox, full text search, Hacker Ethic, Paul Erdős, Stewart Brand, web application

Calculate the Median Hack 35. Tally Results into a Chart Hack 36. Calculate the Distance Between GPS Locations Hack 37. Reconcile Invoices and Remittances Hack 38. Find Transposition Errors Hack 39. Apply a Progressive Tax Hack 40. Calculate Rank Chapter 6. Online Applications Hack 41. Copy Web Pages into a Table Hack 42. Present Data Graphically Using SVG Hack 43. Add Navigation Features to Web Applications Hack 44. Tunnel into MySQL from Microsoft Access Hack 45. Process Web Server Logs Hack 46. Store Images in a Database Hack 47. Exploit an SQL Injection Vulnerability Hack 48. Prevent an SQL Injection Attack Chapter 7. Organizing Data Hack 49. Keep Track of Infrequently Changing Values Hack 50. Combine Tables Containing Different Data Hack 51. Display Rows As Columns Hack 52. Display Columns As Rows Hack 53.

> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="-120 -120 240 240" text-anchor="middle" stroke="black"> <xsl:apply-templates/> </svg> </xsl:template> <xsl:template match="row[field[@name='tag']='text']"> <text x='{field[@name="att1"]}' y='{field[@name="att2"]}'> <xsl:value-of select='field[@name="content"]'/> </text> </xsl:template> <xsl:template match="row[field[@name='tag']='path']"> <path d='{field[@name="att1"]}' fill='{field[@name="att2"]}'/> </xsl:template> </xsl:stylesheet> You can run that using xsltproc as follows: $ mysql -u scott -ptiger dbname --xml -e 'SELECT * FROM pie7 ORDER BY s'\ > | xsltproc pie.xsl - <?xml version="1.0"?> <svg xmlns="http://www.w3.org/2000/svg" viewBox="-120 -120 240 240" text-anchor="middle" stroke="black"> <path xmlns="" d="M0 0 l 100 0 A100,100 0 0, 1 -80.897342382161,58.78452173407 z" fill="blue"/> Hack 43. Add Navigation Features to Web Applications Sometimes you want to present users with a list of values, but the list is too large to fit comfortably on a single web page. You could let users search for the item, but sometimes it is better to let them browse for it. One of the worst crimes against interface design is the search box that almost always says "no," which you can see in Figure 6-3. Figure 6-3. The search box that almost always says "no" If the user does not get the spelling exactly right, no useful feedback is given.

However, MySQL does permit you to update a JOIN, so you can exploit this by performing the tests in a derived table: UPDATE bank w CROSS JOIN (SELECT COUNT(*) AS c FROM bank WHERE name='Archie' OR (name='Ritchie' AND balance>=3)) t SET w.balance = CASE WHEN w.name='Archie' THEN w.balance+3 WHEN w.name='Ritchie' THEN w.balance-3 END WHERE w.name IN ('Archie','Ritchie') AND t.c=2; Hack 68. Cope with Unexpected Redo When a user initiates an operation you can ensure that your code copes well with repeated attempts. Suppose you are writing user account creation routines for a web application. A user can create an account on your system, where the username is his preferred email address. As part of the process, the user will be given a random password if he was successful, or will be shown an error message if appropriate. The form uses USER for username and PASS for password. The username column is the primary key of usertable: CREATE TABLE usertable ( username varchar(20) primary key, password varchar(20) ); Here is the PHP to provide a user creation form: <?

pages: 536 words: 73,482

Programming Clojure by Stuart Halloway, Aaron Bedra

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

continuous integration, en.wikipedia.org, general-purpose programming language, Gödel, Escher, Bach, Paul Graham, Ruby on Rails, type inference, web application

.​ ​​ ​-----> Discovering process types​ ​ Procfile declares types -> web​ ​-----> Compiled slug size is 12.8MB​ ​-----> Launching... done, v4​ ​ http://stormy-water-3888.herokuapp.com deployed to Heroku​ You can visit your application using the heroku command as well: ​heroku open​ This will open a browser and send you right to your deployed application. It might take some time to load on the first visit, but subsequent requests will get faster. You can find an additional Heroku/Clojure tutorial on Heroku’s dev center at http://devcenter.heroku.com/articles/clojure-web-application. Have fun with your new Clojure web application. Make it better, give it some personality, and share it with the world! 10.6 Farewell Congratulations. You have come a long way in a short time. You have learned the many ideas that combine to make Clojure great: Lisp, Java, functional programming, and explicit concurrency. And in this chapter, you saw one (of a great many) possible workflows for developing a full application in Clojure.

You will see how to take Clojure straight to the metal and get Java-level performance. Finally, Chapter 10, ​Building an Application​ provides a view into a complete Clojure workflow. You will build an application from scratch, working through solving the various parts to a problem and thinking about simplicity and quality. You will use a set of helpful Clojure libraries to produce and deploy a web application. Appendix 1, ​Editor Support​ lists editor support options for Clojure, with links to setup instructions for each. How to Read This Book All readers should begin by reading the first two chapters in order. Pay particular attention to Section 1.1, ​Why Clojure?​, which provides an overview of Clojure’s advantages. Experiment continuously. Clojure provides an interactive environment where you can get immediate feedback; see ​Using the REPL​ for more information.

If you find test.generative interesting, you should definitely check out QuickCheck, which has a long development history and many capabilities not yet found in test.generative. Now that we have some confidence in our scoring function, let’s see about running a game of Clojurebreaker on the Web. 10.4 Creating an Interface With a solid foundation, introducing an interface and a playable version of the game should be a breeze. Let’s start with a basic web application. The noir web framework will serve as a nice base for us to build our application. Creating a new noir project is easy. First, you will need to install the lein-noir plug-in to leiningen: ​$ lein plugin install lein-noir 1.2.0​ Now we can generate our application and launch it: ​$ lein noir new clojurebreaker​ ​$ cd clojurebreaker​ ​$ lein run​ Point your browser to http://localhost:8080.

pages: 678 words: 159,840

The Debian Administrator's Handbook, Debian Wheezy From Discovery to Mastery by Raphaal Hertzog, Roland Mas

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

bash_history, Debian, distributed generation, en.wikipedia.org, failed state, Firefox, GnuPG, Google Chrome, Jono Bacon, NP-complete, QWERTY keyboard, RFC: Request For Comment, Richard Stallman, Skype, SpamAssassin, Valgrind, web application, x509 certificate, zero day, Zimmermann PGP

Other Security-Related Considerations Security is not just a technical problem; more than anything, it's about good practices and understanding the risks. This section reviews some of the more common risks, as well as a few best practices which should, depending on the case, increase security or lessen the impact of a successful attack. 14.5.1. Inherent Risks of Web Applications The universal character of web applications led to their proliferation. Several are often run in parallel: a webmail, a wiki, some groupware system, forums, a photo gallery, a blog, and so on. Many of those applications rely on the “LAMP” (Linux, Apache, MySQL, PHP) stack. Unfortunately, many of those applications were also written without much consideration for security problems. Data coming from outside is, too often, used with little or no validation.

VOCABULARY SQL injection When a program inserts data into SQL queries in an insecure manner, it becomes vulnerable to SQL injections; this name covers the act of changing a parameter in such a way that the actual query executed by the program is different from the intended one, either to damage the database or to access data that should normally not be accessible. → http://en.wikipedia.org/wiki/SQL_Injection Updating web applications regularly is therefore a must, lest any cracker (whether a professional attacker or a script kiddy) can exploit a known vulnerability. The actual risk depends on the case, and ranges from data destruction to arbitrary code execution, including web site defacement. 14.5.2. Knowing What To Expect A vulnerability in a web application is often used as a starting point for cracking attempts. What follows is a short review of possible consequences. QUICK LOOK Filtering HTTP queries Apache 2 includes modules allowing filtering incoming HTTP queries.

QUICK LOOK Filtering HTTP queries Apache 2 includes modules allowing filtering incoming HTTP queries. This allows blocking some attack vectors. For instance, limiting the length of parameters can prevent buffer overflows. More generally, one can validate parameters before they are even passed to the web application and restrict access along many criteria. This can even be combined with dynamic firewall updates, so that a client infringing one of the rules is banned from accessing the web server for a given period of time. Setting up these checks can be a long and cumbersome task, but it can pay off when the web application to be deployed has a dubious track record where security is concerned. mod-security (in the libapache-mod-security package) is the main such module. The consequences of an intrusion will have various levels of obviousness depending on the motivations of the attacker.

Martin Kleppmann-Designing Data-Intensive Applications. The Big Ideas Behind Reliable, Scalable and Maintainable Systems-O’Reilly (2017) by Unknown

active measures, Amazon Web Services, bitcoin, blockchain, business intelligence, business process, c2.com, cloud computing, collaborative editing, commoditize, conceptual framework, cryptocurrency, database schema, DevOps, distributed ledger, Donald Knuth, Edward Snowden, ethereum blockchain, fault tolerance, finite state, Flash crash, full text search, general-purpose programming language, informal economy, information retrieval, Internet of things, iterative process, John von Neumann, loose coupling, Marc Andreessen, natural language processing, Network effects, packet switching, peer-to-peer, performance metric, place-making, premature optimization, recommendation engine, Richard Feynman, Richard Feynman, self-driving car, semantic web, Shoshana Zuboff, social graph, social web, software as a service, software is eating the world, sorting algorithm, source of truth, SPARQL, speech recognition, statistical model, web application, WebSocket, wikimedia commons

., people you may know, products you may be interested in, or related searches [29]). The output of those batch jobs is often some kind of database: for example, a data‐ base that can be queried by user ID to obtain suggested friends for that user, or a database that can be queried by product ID to get a list of related products [45]. These databases need to be queried from the web application that handles user requests, which is usually separate from the Hadoop infrastructure. So how does the output from the batch process get back into a database where the web application can query it? The most obvious choice might be to use the client library for your favorite database directly within a mapper or reducer, and to write from the batch job directly to the database server, one record at a time. This will work (assuming your firewall rules allow direct access from your Hadoop environment to your production databases), but it is a bad idea for several reasons: • As discussed previously in the context of joins, making a network request for every single record is orders of magnitude slower than the normal throughput of a batch task.

The two can interact while still remaining independent. Most web applications today are deployed as stateless services, in which any user request can be routed to any application server, and the server forgets everything about the request once it has sent the response. This style of deployment is conve‐ nient, as servers can be added or removed at will, but the state has to go somewhere: typically, a database. The trend has been to keep stateless application logic separate from state management (databases): not putting application logic in the database and not putting persistent state in the application [36]. As people in the functional pro‐ gramming community like to joke, “We believe in the separation of Church and state” [37].i In this typical web application model, the database acts as a kind of mutable shared variable that can be accessed synchronously over the network.

You won’t be ready to build your own database storage engine from scratch, but fortunately that is rarely necessary. You will, however, develop a good intuition for what your systems are doing under the hood so that you can reason about their behavior, make good design decisions, and track down any problems that may arise. Who Should Read This Book? If you develop applications that have some kind of server/backend for storing or pro‐ cessing data, and your applications use the internet (e.g., web applications, mobile apps, or internet-connected sensors), then this book is for you. This book is for software engineers, software architects, and technical managers who love to code. It is especially relevant if you need to make decisions about the architec‐ ture of the systems you work on—for example, if you need to choose tools for solving a given problem and figure out how best to apply them. But even if you have no choice over your tools, this book will help you better understand their strengths and weaknesses.

pages: 757 words: 193,541

The Practice of Cloud System Administration: DevOps and SRE Practices for Web Services, Volume 2 by Thomas A. Limoncelli, Strata R. Chalup, Christina J. Hogan

active measures, Amazon Web Services, anti-pattern, barriers to entry, business process, cloud computing, commoditize, continuous integration, correlation coefficient, database schema, Debian, defense in depth, delayed gratification, DevOps, domain-specific language, en.wikipedia.org, fault tolerance, finite state, Firefox, Google Glasses, information asymmetry, Infrastructure as a Service, intermodal, Internet of things, job automation, job satisfaction, load shedding, loose coupling, Malcom McLean invented shipping containers, Marc Andreessen, place-making, platform as a service, premature optimization, recommendation engine, revision control, risk tolerance, side project, Silicon Valley, software as a service, sorting algorithm, statistical model, Steven Levy, supply-chain management, Toyota Production System, web application, Yogi Berra

Even if that weren’t the case, the IP address of a particular machine changes from time to time: when a laptop moves from one WiFi network to another, when a mobile device moves from WiFi to cellular and back, or if any machine is turned off and turned on again on a different (or sometimes even the same) network. Using the IP address as an identity wouldn’t even work for one user running two web browsers on the same machine. Instead, when a user logs into a web application, the web application generates a secret and includes it with the reply. The secret is something generated randomly and given to only that user on that web browser. In the future, whenever that web browser sends an HTTP request to that same web app, it also sends the secret. Because this secret was not sent to any other user, and because the secret is difficult to guess, the web app can trust that this is the same user.

The previous chapter discussed cloud platform options. Now we move up one layer to the application architecture. We start with an examination of common web service architectures beginning with a single web server, to multi-machine designs, growing larger and larger until we have a design that is appropriate for a large global service. Then we examine architectures that are common behind the scenes of web applications: message buses and service-oriented architectures. Most examples in this chapter will assume that the service is a web-based application using the Hyper-Text Transfer Protocol (HTTP). The user runs a web browser such as Firefox, Chrome, or Internet Explorer. In HTTP terminology, this is called the client. Each request for a web page involves speaking the HTTP protocol to a web server, usually running on a machine elsewhere on the internet.

The reply is an HTML page or other file that is sent to the client. The client then displays the web page or file to the user. Generally each HTTP request, or query, is a separate TCP/IP connection, although there are extensions to the protocol that let one session process many HTTP requests. Some applications use protocols other than HTTP. For example, they may implement their own protocol. Some non-web applications use HTTP. For example, mobile phone apps may use HTTP to talk to APIs to make requests or gather information. While most of our examples will assume web browsers speaking the HTTP protocol, the principles apply to any client/server application and protocol. 4.1 Single-Machine Web Server The first design pattern we examine is a single self-sufficient machine used to provide web service (Figure 4.1).

Practical OCaml by Joshua B. Smith

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

cellular automata, Debian, domain-specific language, general-purpose programming language, Grace Hopper, hiring and firing, John Conway, Paul Graham, slashdot, text mining, Turing complete, type inference, web application, Y2K

They then go into an event loop in which each call to the URL passes the data to an already running script. This eliminates the fork/exec and provides a way to maintain state information. FastCGI is really a different way of writing web applications than CGI or integrated methods. In FastCGI, your application is running the whole time. FastCGI uses more traditional IPC (Unix domain sockets or IP sockets) to handle the interprocess communication. This IPC mechanism also enables FastCGI programs to be located on more than one machine, which can be important for performance—especially in a language such as OCaml that does not support SMP. Because FastCGI is not a very popular way of writing web applications, it will not be covered in any more detail in this chapter. Integrated Approaches Integrated approaches seek to pull the logic of web-based applications closer into the web server to provide better application performance.

There is also a library (confusingly) called mod_ocaml. Although both libraries were created to solve the same set of problems, the mod_caml library is more mature. Other Frameworks There are other frameworks, too. Typesafe programming and secure-by-design programming have become new in web design. Frameworks such as Ex-nunc and Ocsigen are two frameworks that provide typesafe environments for building web applications. Ex-nunc can be downloaded from http://ex-nunc.sourceforge.net. (At the time of this writing, you can also find sample code and a limited amount of documentation.) Ocsigen (found at http://www.ocsigen.org) is also under active development. Ex-nunc supports CGI and FastCGI, whereas Ocsigen uses its own http server. Chapter Focus Now that you know what can be, you can learn about what is. It is possible to fill a set of books on all the fine nuances of web programming with OCaml, but all that reading is probably not the best use of your time.

action=main\">Home</a> <hr> <br> ::table(entries):: ::entry:: Entry Written: ::timestamp:: ::end:: </body> </html>";; let get_timestamp x = let st = Unix.stat x in let utm = Unix.localtime (st.Unix.st_mtime) in Printf.sprintf "%i/%i/%i %i:%i:%i" utm.Unix.tm_mon utm.Unix.tm_mday (utm.Unix.tm_year + 1900) utm.Unix.tm_hour utm.Unix.tm_min utm.Unix.tm_sec;; let display_all_entries dir = let dirs = Sys.readdir dir in let sorted = Array.map (fun x -> let fn = Filename.concat dir x in ➥ (fn,Unix.stat fn)) dirs in Array.sort compr sorted; Array.map (fun entry -> ["entry", Template.VarString (read_file (fst entry)); "timestamp",Template.VarString ➥ (get_timestamp (fst entry))]) sorted;; let run req = let request = new cgi req in let entrytable = Array.to_list (display_all_entries "/var/tmp/blog") in let disp_template = Template.template_from_string viewing_template in disp_template#table "entries" entrytable; request#template disp_template let () = register_script run 620Xch21final.qxd 9/22/06 12:27 AM Page 291 CHAPTER 21 ■ PRACTICAL: WEB PROGRAMMING Cocanwiki If you are interested in a large web application that uses OCaml, look at Cocanwiki. You can download the source from http://www.merjis.com (the same site that hosts the mod_caml pages). Cocanwiki is an excellent wiki. It currently is part of how development on mod_caml and Cocanwiki get paid for. If You Are Not Using Apache If you are not using Apache, you are probably stuck with using CGI. Luckily, OCaml supports being compiled to native code, which will mostly eliminate the slow startup times that are often a problem with CGI-based applications.

pages: 203 words: 14,242

Ship It!: A Practical Guide to Successful Software Projects by Jared R. Richardson, William A. Gwaltney

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

continuous integration, David Heinemeier Hansson, Donald Knuth, index card, MVC pattern, place-making, Ruby on Rails, web application

The Facets of Ruby series includes the definitive guide to Ruby, widely known as the PickAxe book. Upcoming titles in this series feature the Ruby on Rails web application framework and other exciting new technologies. • The definitive guide for Ruby programmers. • Up-to-date and expanded for Ruby version 1.8. • Complete documentation of all built-in classes, modules, and methods. • Complete descriptions of all ninety-eight standard libraries. • 200+ pages of new content in this edition. • Learn more about Ruby’s web tools, unit testing, and programming philosophy. Programming Ruby: The Pragmatic Programmer’s Guide, 2nd Edition Dave Thomas with Chad Fowler and Andy Hunt (864 pages) ISBN : 0-9745140-5-5. $44.95 • Learn all about this new open-source, full-stack web framework. • Develop sophisticated web applications quickly and easily. • Use incremental and iterative development to create the web apps that users want. • Get to go home on time.

Built on top of NUnit, MbUnit brings several higher-level testing techniques to the table. Integrated combinatorial testing, reporting, row testing, data-driven testing, and other concepts are all part of the package. A PPENDIX F. T ESTING F RAMEWORKS HTMLUnit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Used inside another test harness (such as JUnit), HTMLUnit simulates a web browser to test web applications. HTTPUnit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . HTTPUnit is a lot like HTMLUnit, but it uses HTTP requests and responses to do its testing. JWebUnit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . JWebUnit sits on top of HTTPUnit to give you a high-level API for navigating a web app. What’s Available (Testing Tools): Cobertura. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

pages: 274 words: 58,675

Puppet 3 Cookbook by John Arundel

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, cloud computing, continuous integration, Debian, defense in depth, don't repeat yourself, GnuPG, Larry Wall, place-making, Ruby on Rails, web application

A module is simply a way of grouping related things: for example, a webserver module might include everything necessary for a machine to be a web server: Apache configuration files, virtual host templates, and the Puppet code necessary to deploy these. Separating things into modules makes it easier to re-use and share code; it's also the most logical way to organize your manifests. In this example we'll create a module to manage memcached, a memory caching system commonly used with web applications. How to do it… Here are the steps to create an example module. 1. Create the following new directories in your Puppet repo: ubuntu@cookbook:~/puppet$ mkdir modules/memcached 38 Chapter 2 ubuntu@cookbook:~/puppet$ mkdir modules/memcached/manifests ubuntu@cookbook:~/puppet$ mkdir modules/memcached/files 2. Create the file modules/memcached/manifests/init.pp with the following contents: # Manage memcached class memcached { package { 'memcached': ensure => installed, } file { '/etc/memcached.conf': source => 'puppet:///modules/memcached/memcached.conf', owner => 'root', group => 'root', mode => '0644', require => Package['memcached'], } service { ensure enable require 'memcached': => running, => true, => [Package['memcached'], File['/etc/memcached.conf']], } } 3.

Whereas a regular resource can only be declared once per node (so two classes can't declare the same resource, for example), a virtual resource can be realized as many times as you like. This comes in handy when you need to move applications and services around between machines. If two applications that use the same resource end up sharing a machine, they would cause a conflict unless you make the resource virtual. To clarify this, let's look at a typical situation where virtual resources might come in useful. You are responsible for two popular web applications, FaceSquare and Flipr. Both are web apps running on Apache, so they both require the Apache package to be installed. The definition for FaceSquare might look something like the following: class app::facesquare { package { 'apache2-mpm-worker': ensure => installed } ... } 112 Chapter 5 The definition for Flipr might look like this: class app::flipr { package { 'apache2-mpm-worker': ensure => installed } ... } All is well until you need to consolidate both apps onto a single server: node 'bigbox' { include app::facesquare include app::flipr } Now Puppet will complain because you tried to define two resources with the same name: apache2-mpm-worker.

Create the file modules/firewall/files/common.role with the following contents: # Allow all traffic on loopback interface iptables -I INPUT 1 -i lo -j ACCEPT iptables -I OUTPUT 1 -o lo -j ACCEPT # Allow established and related connections iptables -I INPUT 2 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -I OUTPUT 2 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow SSH and ping iptables -A INPUT -p tcp -m tcp --dport ${SSH} -j ACCEPT iptables -A INPUT -p ICMP --icmp-type echo-request -j ACCEPT # Allow common outbound ports iptables -A OUTPUT -p tcp --dport iptables -A OUTPUT -p udp --dport iptables -A OUTPUT -p tcp --dport iptables -A OUTPUT -p udp --dport iptables -A OUTPUT -p tcp --dport iptables -A OUTPUT -p tcp --dport iptables -A OUTPUT -p tcp --dport # Drop some iptables -A iptables -A iptables -A iptables -A iptables -A iptables -A iptables -A iptables -A iptables -A commonly INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p ${SMTP} -j ACCEPT ${NTP} -j ACCEPT ${NTP} -j ACCEPT ${DNS} -j ACCEPT ${WEB} -j ACCEPT ${WEB_SSL} -j ACCEPT ${MYSQL} -j ACCEPT probed ports tcp --dport 23 -j DROP # telnet tcp --dport 135 -j DROP # epmap tcp --dport 139 -j DROP # netbios tcp --dport 445 -j DROP # Microsoft DS udp --dport 1433 -j DROP # SQL server tcp --dport 1433 -j DROP # SQL server udp --dport 1434 -j DROP # SQL server tcp --dport 1434 -j DROP # SQL server tcp --dport 2967 -j DROP # SSC-agent 6. Create the file modules/firewall/files/webserver.role with the following contents: # Access to web ports iptables -A INPUT -p tcp --dport ${WEB} -j ACCEPT iptables -A INPUT -p tcp --dport ${WEB_SSL} -j ACCEPT # Send mail from web applications iptables -A OUTPUT -p tcp --dport ${SMTP} -j ACCEPT 181 Servers and Cloud Infrastructure 7. Create the file modules/firewall/manifests/role.pp with the following contents: # Manage a specific firewall role define firewall::role() { include firewall file { "/etc/firewall/roles/${name}": source => "puppet:///modules/firewall/${name}.role", require => File['/etc/firewall/roles'], notify => Exec['run-iptables'], } append_if_no_such_line { "${name} role": file => "/etc/firewall/hosts/${::hostname}", line => ".

pages: 168 words: 50,647

The End of Jobs: Money, Meaning and Freedom Without the 9-To-5 by Taylor Pearson

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Airbnb, barriers to entry, Black Swan, call centre, cloud computing, commoditize, creative destruction, David Heinemeier Hansson, Elon Musk, en.wikipedia.org, Frederick Winslow Taylor, future of work, Google Hangouts, Kevin Kelly, Kickstarter, knowledge economy, knowledge worker, loss aversion, low skilled workers, Lyft, Marc Andreessen, Mark Zuckerberg, market fragmentation, means of production, Oculus Rift, passive income, passive investing, Peter Thiel, remote working, Ronald Reagan: Tear down this wall, sharing economy, side project, Silicon Valley, Skype, software as a service, software is eating the world, Startup school, Steve Jobs, Steve Wozniak, Stewart Brand, telemarketer, Thomas Malthus, Uber and Lyft, unpaid internship, Watson beat the top human players on Jeopardy!, web application, Whole Earth Catalog

Companies like Udemy and Team TreeHouse, which host online courses, have given people access to more valuable resources than universities at a fraction of the cost. The same phenomenon that Scott Young created for himself is now being created by companies making it even more accessible. Online forums and communities in your industry let you learn from other people in the trenches day-to-day. No one is going to sell enough copies of a book about User Onboarding for web applications or marketing iPhone Apps to stock it in a bookstore or offer it in a university, but those work on the internet. The Long Tail has let businesses emerge that are hyper specific and couldn’t have existed in a retail world, a concept we’ll come back to in the next chapter. It’s Cheaper to Make Widgets! (And Useful Stuff Too) The advantages of the Sharing Economy extend not just to the infrastructure required to run a business and digital products, but to the democratized production of physical products as well.

He expanded that expertise and those relationships into starting a similar dropshipping business selling trolling motors, and now runs eCommerceFuel.com where he helps other eCommerce Entreprenurs grow their eCommerce businesses.37 Nathan Barry, a designer and author, stair stepped his way from his job as a designer into running his own business by writing two books on design, The App Design Handbook and Designing Web Applications. After he saw that many people were interested in his strategy for publishing high priced eBooks (the book started at $39), he wrote another book on that, Authority, his most successful ever. Now he is growing ConvertKit, a software product designed to help authors with email marketing.38 John McIntyre was working as an intern at a resort in the Philippines when someone asked him to write an email autoresponder, a series of five emails designed to help new prospects convert into customers.

While you can certainly tap out an industry and exhaust demand there, you will have acquired resources that you can use to invest in another industry, exactly what Rob Walling and other entrepreneurs did by stair stepping their way into better and better businesses. Many entrepreneurs now release income reports showing their businesses growth. Dan Norris and Alex McClafferty founded WPCurve in 2012, and are on pace to do $768,000 in 2015. John Lee Dumas has gone from never having run a business in 2010 to over $100,000 in monthly revenue in October 2013 and $433,000 in monthly revenue in February 2015. Buffer, a web application has grown from less than $130,000 in monthly revenue in September 2013 to over $300,000 in August 2014. Groove HQ, another software application, has grown from $35,000 in monthly revenue to over $75,000 in less than a year. Am I cherry-picking the best examples here? Definitely. The guys with slower growth aren’t broadcasting their slow growth for us to look at. The point is that it’s possible to grow at these rates.

pages: 496 words: 174,084

Masterminds of Programming: Conversations With the Creators of Major Programming Languages by Federico Biancuzzi, Shane Warden

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Benevolent Dictator For Life (BDFL), business intelligence, business process, cellular automata, cloud computing, commoditize, complexity theory, conceptual framework, continuous integration, data acquisition, domain-specific language, Douglas Hofstadter, Fellow of the Royal Society, finite state, Firefox, follow your passion, Frank Gehry, general-purpose programming language, Guido van Rossum, HyperCard, information retrieval, iterative process, John von Neumann, Larry Wall, linear programming, loose coupling, Mars Rover, millennium bug, NP-complete, Paul Graham, performance metric, Perl 6, QWERTY keyboard, RAND corporation, randomized controlled trial, Renaissance Technologies, Ruby on Rails, Sapir-Whorf hypothesis, Silicon Valley, slashdot, software as a service, software patent, sorting algorithm, Steve Jobs, traveling salesman, Turing complete, type inference, Valgrind, Von Neumann architecture, web application

., probably built with function objects as tasks. Also, there will be facilities for communicating between geographically remote processes through sockets, iostreams, and so on, rather like boost::networking. In my opinion, much of what is interesting about concurrency will appear as multiple libraries supporting logically distinct concurrency models. Many modern systems are componentized and spread out over a network; the age of web applications and mashups may accentuate that trend. Should a language reflect those aspects of the network? Bjarne: There are many forms of concurrency. Some are aimed at improving the throughput or response time of a program on a single computer or cluster, some are aimed at dealing with geographical distribution, and some are below the level usually considered by programmers (pipelining, caching, etc.).

Over that long period of time, I have had the opportunity to ponder which operations are faster and which are slower—for example, I may be aware more than most users that locals are faster than globals (though others have gone overboard using this, not me!), or that functions and method calls are expensive (more so than in C or Java), or that the fastest data type is a tuple. When it comes to using the standard library and beyond, I often feel that others have an advantage. For example, I write about one web application every few years, and the technology available changes each time, so I end up writing a “first” web app using a new framework or approach each time. And I still haven’t had the opportunity to do serious XML mangling in Python. It seems that one of the features of Python is its conciseness. How does this affect the maintainability of the code? Guido: I’ve heard of research as well as anecdotal evidence indicating that the error rate per number of lines of code is pretty consistent, regardless of the programming language used.

Guido: I think Python programmers shouldn’t worry much about security, certainly not without having a specific attack model in mind. The most important thing to look for is the same as in all languages: be suspicious of data provided by someone you don’t trust (for a web server, this is every byte of the incoming web request, even the headers). One specific thing to watch out for is regular expressions—it is easy to write a regular expression that runs in exponential time, so web applications that implement searches where the end user types in a regular expression should have some mechanism to limit the running time. Is there any fundamental concept (general rule, point of view, mindset, principle) that you would suggest to be proficient in developing with Python? Guido: I would say pragmatism. If you get too hung up about theoretical concepts like data hiding, access control, abstractions, or specifications, you aren’t a real Python programmer, and you end up wasting time fighting the language, instead of using (and enjoying) it; you’re also likely to use it inefficiently.

pages: 666 words: 181,495

In the Plex: How Google Thinks, Works, and Shapes Our Lives by Steven Levy

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

23andMe, AltaVista, Anne Wojcicki, Apple's 1984 Super Bowl advert, autonomous vehicles, book scanning, Brewster Kahle, Burning Man, business process, clean water, cloud computing, crowdsourcing, Dean Kamen, discounted cash flows, don't be evil, Donald Knuth, Douglas Engelbart, Douglas Engelbart, El Camino Real, fault tolerance, Firefox, Gerard Salton, Gerard Salton, Google bus, Google Chrome, Google Earth, Googley, HyperCard, hypertext link, IBM and the Holocaust, informal economy, information retrieval, Internet Archive, Jeff Bezos, John Markoff, Kevin Kelly, Mark Zuckerberg, Menlo Park, one-China policy, optical character recognition, PageRank, Paul Buchheit, Potemkin village, prediction markets, recommendation engine, risk tolerance, Rubik’s Cube, Sand Hill Road, Saturday Night Live, search inside the book, second-price auction, selection bias, Silicon Valley, skunkworks, Skype, slashdot, social graph, social software, social web, spectrum auction, speech recognition, statistical model, Steve Ballmer, Steve Jobs, Steven Levy, Ted Nelson, telemarketer, trade route, traveling salesman, turn-by-turn navigation, Vannevar Bush, web application, WikiLeaks, Y Combinator

An unofficial motto became “Content not chrome,” a bit bizarre considering the product’s name. “We’ve learned to live with the irony,” said engineer Mark Larson during the development process. Page and Brin wanted Chrome optimized to run web applications—fast. When you run a program faster by an order of magnitude, you haven’t made something better—you’ve made something new. The crucial element in speeding up a browser was a component called a JavaScript engine, a “virtual machine” that ran web application code. In previous browsers, JavaScript didn’t run quickly enough to make web applications seem as nimble as desktop apps; Google felt that if it changed that, people would use the web more and thus use Google’s services and ads more. Google hoped to kick-start a new generation of web-based applications that would make Microsoft’s worst nightmare a reality: the browser would become the equivalent of an operating system.

Otherwise, the automated auctioneer would raise the prices for the next “time slot,” and remaining competitors for those resources had to decide whether to bid higher. And so on, until the engineers not willing to stake their budgets on the most contested resources dropped out. “Hence,” write the paper’s authors, “the auction allows users to ‘discover’ prices in which all users pay/receive payment in proportion to uniform resource prices.” To round out its suite of web applications, Google began developing a cloud-based alternative to Microsoft’s PowerPoint. In early 2007, it heard about an innovative start-up that was working on a web-based presentation program that had some even niftier features than the one Google was developing internally. Wayne Crosby and Robby Walker had begun a company called Zenter. Funded by $15,000 from a start-up incubator called Y Combinator, they set out to create their web-based program in four months.

The surest sign that Schillace was right? In 2010, Microsoft rolled out an online version of its Office product—for free. Even if only a small percentage of the marketplace used Google’s own productivity apps, the company had achieved its larger goal—moving work onto the web. Google’s next step would put it even more squarely into Microsoft’s sights: it was going to build its own version of the web application that had been at the center of Microsoft’s government antitrust case, a browser. The idea long predated Google’s plans for web-based applications. In 2001, Page and Brin had told Schmidt they wanted Google to build its own browser. Right away. Schmidt understood the impulse: browsers were important. They were the vehicles by which people navigated the web, and it made sense for Google to have an alternative to the Microsoft Internet Explorer browser in case Bill Gates and company built in features that would favor Microsoft.

pages: 597 words: 119,204

Website Optimization by Andrew B. King

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

AltaVista, bounce rate, don't be evil, en.wikipedia.org, Firefox, In Cold Blood by Truman Capote, information retrieval, iterative process, medical malpractice, Network effects, performance metric, search engine result page, second-price auction, second-price sealed-bid, semantic web, Silicon Valley, slashdot, social graph, Steve Jobs, web application

Hopefully, we'll see improvements in the way the browsers handle caching with XHRs in the future so that caching can be more consistent. Addressing Network Robustness While we're on the subject of networking with Ajax, one important concern is network robustness: something few developers may want to acknowledge as a potential problem. Traditional web applications employ a useful form of human-based error correction that we might dub "layer eight" error correction in reference to the seven-layer network model. [127] Users are accustomed to failures with traditional web applications. If a site takes too long to load, they simply click Stop and reload the page. They may even retry this process a few times before timing out and giving up—clicking the Back button or finding another site of interest. Users are accustomed to doing this because the web browser informs them of the status of a connection with a pulsing logo, flipping cursor, loading status bar, and page painting progress.

We have encountered the following issues when analyzing and optimizing Ajax for clients: Mandatory JavaScript-style architecture effects — Accessibility problems — Search engine optimization (SEO) problems caused by lack of indexing by non-JavaScript-aware spiders coupled with one-page architecture issues Perception of browser and code errors by users Network effects — Lags in response time when the user expects immediacy — Timeouts and retries because of intermittent network issues — Lack of appropriate network and server error handling — Dependency and data ordering problems One-page architecture effects — Breaking the Back button and bookmarking — Difficulty with standard web analytics systems — Indexability of deep content by search robots * * * [120] Garrett, J. February 18, 2005. "Ajax: A New Approach to Web Applications." Adaptive Path, http://www.adaptivepath.com/publications/essays/archives/000385.php (accessed April 15, 2008). [121] Ajax was a mythological Greek hero who played an important role in Homer's Iliad. He is described as the strongest of all the Achaeans. Although not the origin of this technology's name, it is certainly a suitable lineage for the power the technology provides. Ajax: New and Improved JavaScript Communications What Garrett described was a modified web communication pattern that was gaining great popularity.

var g_abort = false; var g_retries = 0; function sendAjaxRequest( ) { var xhr = createXHR( ); if (xhr) { xhr.open("GET","sayhello.php",true); var timeout = setTimeout(function ( ){responseTimeout(xhr);},5000); xhr.onreadystatechange = function( ){responseCallback(xhr,timeout);}; xhr.send( ); } } function responseTimeout(xhr) { g_abort = true; xhr.abort( ); if (g_retries < 3) { send AjaxRequest( ); g_retries++; } } Out-of-order responses Finally, you need to acknowledge that your HTTP requests can come back out of order. In traditional web application design, the whole page is the unit of execution, so we tend not to worry about having one image come down before another. If you are using Ajax to issue to a server multiple requests that depend on one another, however, it is quite possible that in some situations you may receive responses out of order. This could cause errors if unaccounted for. It is interesting that, so far, most Ajax developers are unaware of this because they generally do not issue multiple requests at the same time, especially dependent requests.

pages: 1,076 words: 67,364

Haskell Programming from first principles by Christopher Allen, Julie Moronuki

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

c2.com, en.wikipedia.org, natural language processing, spaced repetition, Turing complete, Turing machine, type inference, web application, Y Combinator

The Text package used is named…text: import Data.Text (Text) import qualified Data.Text as T import qualified Data.UUID as UUID import qualified Data.UUID.V4 as UUIDv4 textUuid :: IO Text textUuid = fmap (T.pack . UUID.toString) UUIDv4.nextRandom 1. nextRandom :: IO UUID 2. toString :: UUID -> String 3. pack :: String -> Text 4. fmap :: (UUID -> Text) -> IO UUID -> IO Text Lifting over web app monads Frequently when you write web applications, you’ll have a custom datatype to describe the web application which is also a Monad. It’s a Monad because your “app context” will have a type parameter to describe what result was produced in the course of a running web CHAPTER 19. APPLYING STRUCTURE 745 application. Often these types will abstract out the availability of a request or other configuration data with a Reader (explained in a later chapter), as well as the performance of effects via IO.

In the following example, we’re lifting over AppHandler and Maybe: userAgent :: AppHandler (Maybe UserAgent) userAgent = (fmap . fmap) userAgent' getRequest userAgent' :: Request -> Maybe UserAgent userAgent' req = getHeader "User-Agent" req We need the Functor here because while we can just pattern match on the Maybe value, an AppHandler isn’t something we can pattern match on. It’s a Snap convention to make a type alias for your web application type. It usually looks like this: type AppHandler = Handler App App The underlying infrastructure for Snap is more complicated than we can cover to any depth here, but suffice to say there are a few things floating around: 1. HTTP request which triggered the processing currently occurring. 2. The current (possibly empty or default) response that will be returned to the client when the handlers and middleware are done. 3. A function for updating the request timeout. 4. A helper function for logging. 5. And a fair bit more than this. The issue here is that your AppHandler is meant to be slotted into a web application which requires the reading in of configuration, initialization of a web server, and the sending of a request to get everything in motion.

If you could write software to solve a problem, you could probably use Haskell. Haskell’s ecosystem has an array of well-developed libraries and tools. Hoogle is a search tool that allows you to search for the function you want by type signature. It has a sophisticated structural understanding of types and can match on more than just syntax. Libraries such as Yesod and Scotty allow you to build web applications quickly, each addressing a different niche of web development. Aeson is popular and in wide use in the Haskell community for processing JSON data which is currently the lingua franca for data serialization and transmission on the web. Gloss is popular for rendering 2d vector graphics. Xmonad is a tiled window manager for Linux/X11, written in Haskell and popular with Haskell users and non-Haskellers.

pages: 834 words: 180,700

The Architecture of Open Source Applications by Amy Brown, Greg Wilson

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

8-hour work day, anti-pattern, bioinformatics, c2.com, cloud computing, collaborative editing, combinatorial explosion, computer vision, continuous integration, create, read, update, delete, David Heinemeier Hansson, Debian, domain-specific language, Donald Knuth, en.wikipedia.org, fault tolerance, finite state, Firefox, friendly fire, Guido van Rossum, linked data, load shedding, locality of reference, loose coupling, Mars Rover, MVC pattern, peer-to-peer, Perl 6, premature optimization, recommendation engine, revision control, Ruby on Rails, side project, Skype, slashdot, social web, speech recognition, the scientific method, The Wisdom of Crowds, web application, WebSocket

It was designed to address the weaknesses of existing tools while maintaining their strengths. In addition to a build system, over the years CMake has evolved into a family of development tools: CMake, CTest, CPack, and CDash. CMake is the build tool responsible for building software. CTest is a test driver tool, used to run regression tests. CPack is a packaging tool used to create platform-specific installers for software built with CMake. CDash is a web application for displaying testing results and performing continuous integration testing. 5.1. CMake History and Requirements When CMake was being developed, the normal practice for a project was to have a configure script and Makefiles for Unix platforms, and Visual Studio project files for Windows. This duality of build systems made cross-platform development very tedious for many projects: the simple act of adding a new source file to a project was painful.

-- ===================================================================== --> <extension point="org.eclipse.help.toc"> <toc file="topics_Guide.xml"> </toc> <toc file="topics_Reference.xml"> </toc> <toc file="topics_Porting.xml"> </toc> <toc file="topics_Questions.xml"> </toc> <toc file="topics_Samples.xml"> </toc> </extension> Apache Lucene is used to index and search the online help content. In early versions of Eclipse, online help was served as a Tomcat web application. Additionally, by providing help within Eclipse itself, you can also use the subset of help plugins to provide a standalone help server.3 Eclipse also provides team support to interact with a source code repository, create patches and other common tasks. The workspace provided collection of files and metadata that stored your work on the filesystem. There was also a debugger to trace problems in the Java code, as well as a framework for building language specific debuggers.

Does your business logic require these guarantees, which often come with performance tradeoffs? Single-server performance: If you want to safely store data on disk, what on-disk data structures are best-geared toward read-heavy or write-heavy workloads? Is writing to disk your bottleneck? Analytical workloads: We're going to pay a lot of attention to lookup-heavy workloads of the kind you need to run a responsive user-focused web application. In many cases, you will want to build dataset-sized reports, aggregating statistics across multiple users for example. Does your use-case and toolchain require such functionality? While we will touch on all of these consideration, the last three, while equally important, see the least attention in this chapter. 13.2. NoSQL Data and Query Models The data model of a database specifies how data is logically organized.

pages: 394 words: 118,929

Dreaming in Code: Two Dozen Programmers, Three Years, 4,732 Bugs, and One Quest for Transcendent Software by Scott Rosenberg

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

A Pattern Language, Benevolent Dictator For Life (BDFL), Berlin Wall, c2.com, call centre, collaborative editing, conceptual framework, continuous integration, Donald Knuth, Douglas Engelbart, Douglas Engelbart, Douglas Hofstadter, Dynabook, en.wikipedia.org, Firefox, Ford paid five dollars a day, Francis Fukuyama: the end of history, George Santayana, Grace Hopper, Guido van Rossum, Gödel, Escher, Bach, Howard Rheingold, index card, Internet Archive, inventory management, Jaron Lanier, John Markoff, John von Neumann, knowledge worker, Larry Wall, life extension, Loma Prieta earthquake, Menlo Park, Merlin Mann, new economy, Nicholas Carr, Norbert Wiener, pattern recognition, Paul Graham, Potemkin village, RAND corporation, Ray Kurzweil, Richard Stallman, Ronald Reagan, Ruby on Rails, semantic web, side project, Silicon Valley, Singularitarianism, slashdot, software studies, source of truth, South of Market, San Francisco, speech recognition, stealth mode startup, stem cell, Stephen Hawking, Steve Jobs, Stewart Brand, Ted Nelson, Therac-25, thinkpad, Turing test, VA Linux, Vannevar Bush, Vernor Vinge, web application, Whole Earth Catalog, Y2K

Fried said it’s not uncommon for his team to spend hours debating each word and button and box displayed on them. 37 Signals set out to create some small programs, not to build an ambitious new platform or application framework. But in the course of building Basecamp, Hansson had written some useful and innovative code that streamlined and simplified the basic chores that all Web applications had to perform in the course of storing and retrieving data. After Basecamp’s launch, he and 37 Signals decided to take that work and release it as an open source platform called Ruby on Rails. Rails, as it came to be called, made writing Web applications easier, in part by limiting the programmer’s options. “Flexibility is overrated. Constraints are liberating,” Hansson says. And Rails was ready-made for the AJAX-style interface enhancements that were making those Web-based programs credible competition to their desktop equivalents.

It might be a stretch for a Web-oriented platform like Mozilla, which was designed to display data in static screenfuls delivered from a server. A Mozilla-based Chandler would need to base such a feature on Javascript, a programming language meant specifically for embedding program code inside Web pages. (HTML, the basic language for publishing Web pages, isn’t really a programming language at all; it just tells a browser what to show on screen.) “You never see this in a Web application because the client can only make a few round trips to the server in a second,” Kapor says. “I want a sense of confidence that we’ll have a first-class way to do this. To me this is at the heart of the whole PC-versus-Web thing. You can have only so many round trips to the server per second or your performance gets clobbered.” The pizza is cold. The discussion has consumed the afternoon. Kapor says he wants to set up a meeting for the group with Brendan Eich, Mozilla’s lead architect (at Netscape he’d created Javascript).

Gmail cut out the need for the browser to trade messages with the server for every single action you chose to perform. (That problem had figured prominently in Mitch Kapor’s rationale for not building Chandler as a Web-based application.) It made the Web browser work a little more like the kind of “rich client” application Chandler was going to be. It was whittling down the difference between desktop applications and Web applications. Gmail wasn’t the only product to show off such wizardry, which later became known by the acronym AJAX (for asynchronous Javascript and XML); smaller outfits were performing similar cool tricks. Flickr, the product of a small company based in Vancouver, British Columbia, achieved the same kind of speed and delight in a new Web-based service that allowed people to share digital photos. And Basecamp, developed by a little Chicago design firm called 37 Signals, offered similar features in a Web-based tool for small-group project management.

Exploring ES6 - Upgrade to the next version of JavaScript by Axel Rauschmayer

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

anti-pattern, domain-specific language, en.wikipedia.org, Firefox, Google Chrome, MVC pattern, web application, WebSocket

This is great news – no more 'use strict'. Similar to normal <script> elements, <script type="module"> can also be used to load external modules. For example, the following tag starts a web application via a main module (the attribute name import is my invention, it isn’t yet clear what name will be used). <script type="module" import="impl/main"></script> The advantage of supporting modules in HTML via a custom <script> type is that it is easy to bring that support to older engines via a polyfill (a library). There may or may not eventually be a dedicated element for modules (e.g. <module>). 17.6.2 Bundling Modern web applications consist of many, often small, modules. Loading those modules over HTTP impacts performance negatively, because a separate request is needed for each. Therefore, bundling multiple modules as a single file has a long tradition in the web development world.

Since ECMAScript’s inception, the name of the organization changed from the acronym “ECMA” to the proper name “Ecma”. Versions of JavaScript are defined by specifications that carry the official name of the language. Hence, the first standard version of JavaScript is ECMAScript 1 which is short for “ECMAScript Language Specification, Edition 1”. ECMAScript x is often abbreviated ESx. 1.4 Upgrading to ES6 The stake holders on the web are: • Implementors of JavaScript engines • Developers of web applications • Users ⁷http://tc39wiki.calculist.org/about/harmony/ ⁸https://github.com/tc39/ecma262 ⁹https://tc39.github.io/process-document/ About ECMAScript 6 (ES6) 4 These groups have remarkably little control over each other. That’s why upgrading a web language is so challenging. On one hand, upgrading engines is challenging, because they are confronted with all kinds of code on the web, sometimes very old one.

They based ES4 on ES3, the interim ES4 report and experiences with ActionScript and JScript.NET. There were now two groups working on future ECMAScript versions: ¹³Source: Introduction of ES6 spec. […] regular expressions, better string handling, new control statements, try/catch exception handling, tighter definition of errors, formatting for numeric output and other enhancements. [1] ¹⁴http://www.adaptivepath.com/ideas/ajax-new-approach-web-applications/ About ECMAScript 6 (ES6) 7 • ECMAScript 4 was designed by Adobe, Mozilla, Opera, and Google and was a massive upgrade. Its planned feature sets included: – Programming in the large (classes, interfaces, namespaces, packages, program units, optional type annotations, and optional static type checking and verification) – Evolutionary programming and scripting (structural types, duck typing, type definitions, and multimethods) – Data structure construction (parameterized types, getters and setters, and meta-level methods) – Control abstractions (proper tail calls, iterators, and generators) – Introspection (type meta-objects and stack marks) • ECMAScript 3.1 was designed by Microsoft and Yahoo.

pages: 314 words: 94,600

Business Metadata: Capturing Enterprise Knowledge by William H. Inmon, Bonnie K. O'Neil, Lowell Fryman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

affirmative action, bioinformatics, business intelligence, business process, call centre, carbon-based life, continuous integration, corporate governance, create, read, update, delete, database schema, en.wikipedia.org, informal economy, knowledge economy, knowledge worker, semantic web, The Wisdom of Crowds, web application

. ✦ The expert may not even know that he or she is an expert; knowing something and knowing what you know may be two different skills. 98 Chapter 6 Business Metadata Capture It seems that we need the security of consulting an expert, even when he or she may have dubious credentials. Surowiecki uses the term seer sucker to capture our inherent need for an expert: Even though no expert seems to exist, a sucker will still be found to serve as one. The credibility of experts is a topic worth consideration. Deborah McGuinness, in her talk entitled “Making Web Applications More Trustable” at SemTech in 2006, presented some ideas about how some sources of knowledge are more credible than others. One way you can measure credibility is to assign weights to people’s opinions. Some Web sites already do a version of expert weighting, based on users voting on whether a book review was helpful, or whether a person’s list is useful. Amazon and eBay have weighting systems for reviewers and merchants based on the feedback users provide.

Getting Things Done. New York: Penguin Group, 2001. ✦ Amazon.com. Review of The Wisdom of Crowds. http://www.amazon.com/ Wisdom-Crowds-James-Surowiecki/dp/0385721706/sr=1-1/qid=1162589559/ ref=pd_bbs_sr_1/103-0890407-7574238?ie=UTF8&s=books 120 Chapter 6 Business Metadata Capture ✦ Dixon, Nancy M. Common Knowledge. Cambridge, MA: Harvard Business School Press, March 2000. ✦ McGuinness, Deborah. “Making Web Applications Trustable.” Semantic Technology Conference, March 2006. ✦ McQuade, James. “Combining Business Metadata Delivery with Knowledge Management.” DAMA International, 2005. ✦ Segal, Jonathan A. “Time Is on Their Side.” HR Magazine, February 2006. http://findarticles.com/p/articles/mi_m3495/is_2_51/ai_n16101872 ✦ Surowiecki, James. The Wisdom of Crowds. New York: Random House, 2004. ✦ Terdiman, Daniel.

Consultants like Jordan Rose, mentioned in Chapter 8, who have expert knowledge in a specific tool can jump start your project and get it up and running faster, because you don’t need to factor in the learning curve. Companies like PPC specialize in development of the visual analytic application and also mentoring your personnel, so when new views of the data are required, your staff can create them. 9.4.4 New Web 2.0 Technology: Mashups! A very exciting method is now available that can capture and deliver business metadata at the same time: mashups. Mashups are integrated Web applications that usually consist of a collection of different types of components and data, all displayed together on the same Web page. The really cool feature of these new tools that have recently been released is their ability to allow ordinary users—not just programmers—to create their own mashup, with no programming. For example, BEA has released AquaLogic Pages, a product that provides all the infrastructure, toolkit, and plumbing needed to allow users to design and create their own conglomeration of components—from fetching rows directly from a database to calling a Web service, accessing an RSS feed, or even creating their own data table or publishing a preexisting Excel spreadsheet.

pages: 377 words: 110,427

The Boy Who Could Change the World: The Writings of Aaron Swartz by Aaron Swartz, Lawrence Lessig

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

affirmative action, Alfred Russel Wallace, American Legislative Exchange Council, Benjamin Mako Hill, bitcoin, Bonfire of the Vanities, Brewster Kahle, Cass Sunstein, deliberate practice, Donald Knuth, Donald Trump, failed state, fear of failure, Firefox, full employment, Howard Zinn, index card, invisible hand, John Gruber, Lean Startup, More Guns, Less Crime, peer-to-peer, post scarcity, Richard Feynman, Richard Feynman, Richard Stallman, Ronald Reagan, school vouchers, semantic web, single-payer health, SpamAssassin, SPARQL, telemarketer, The Bell Curve by Richard Herrnstein and Charles Murray, the scientific method, Toyota Production System, unbiased observer, wage slave, Washington Consensus, web application, WikiLeaks, working poor, zero-sum game

For one thing, Sean, like just about everyone else I cite in the book, is a friend. We met through working on these things together but since have kept in touch and share emails about what we’re working on and are just generally nice to each other. And the same goes for almost all the other people I cite and criticize. Moreover, the reason we were working together is that I too did my time in the Semantic Web salt mines. My first web application was a collaboratively written encyclopedia, but my second, aggregated news headlines from sites around the Web, led me into a downward spiral that ended with many years spent on RDF Core Working Groups and an ultimate decision to get out of the world of computers altogether. Obviously, that didn’t work out quite as planned. Jim Hendler, another friend and one of the AI transplants I’ve just spend so much time taking a swing at, asked me if I’d write a bit on the subject to kick off a new series of electronic books he’s putting together.

We will learn how it allows both users and search engines to co-exist peacefully while supporting everything from photo-sharing to financial transactions. We will continue by considering what it means to build a program on top of the Web—how to write software that both fairly serves its immediate users as well as the developers who want to build on top of it. Too often, an API is bolted on top of an existing application, as an afterthought or a completely separate piece. But, as we’ll see, when a web application is designed properly, APIs naturally grow out of it and require little effort to maintain. Then we’ll look into what it means for your application to be not just another tool for people and software to use, but part of the ecology—a section of the programmable web. This means exposing your data to be queried and copied and integrated, even without explicit permission, into the larger software ecosystem, while protecting users’ freedom.

If you wanted more data or new data, you had to grab another web page. The JavaScript inside web pages couldn’t talk to the outside world. XMLHttpRequest changed that, allowing web pages to get more data from the server whenever they pleased. Google was apparently the first to realize what a sea change this was. With Gmail and Google Maps, they built applications that took advantage of this to provide a user interface that was much more like a web application. (The start-up Oddpost, bought by Yahoo, actually predated this, but their software was for-pay and so they didn’t receive as much attention.) With Gmail, for example, the application is continually asking the server if there’s new email. If there is, then it live updates the page; it doesn’t make you download a new one. And Google Maps lets you drag a map around and, as you do so, automatically downloads the parts of it you want to look at inline, without making you wait for a whole new page to download.

pages: 212 words: 49,544

WikiLeaks and the Age of Transparency by Micah L. Sifry

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

1960s counterculture, Amazon Web Services, banking crisis, barriers to entry, Bernie Sanders, Buckminster Fuller, Chelsea Manning, citizen journalism, Climategate, crowdsourcing, Google Earth, Howard Rheingold, Internet Archive, Jacob Appelbaum, John Markoff, Julian Assange, Network effects, RAND corporation, school vouchers, Skype, social web, source of truth, Stewart Brand, web application, WikiLeaks

The city’s CapStat online service also allows anyone to track the performance of individual agencies, monitor neighborhood issues, and make suggestions for improvement. Vivek Kundra, who was then D.C.’s innovative Chief Technology Officer (before becoming the Obama administration’s first Chief Information Officer), called this “building the digital public square.” In mid-October 2008, he announced an “Apps for Democracy” contest that offered $20,000 in cash prizes for outside developers and designers for web applications and tools that made useful visualizations from the city’s data catalog. In just a few weeks, Kundra received nearly fift y applications. The winners included: y iLive.at, a site that shows with one click all the local information around one address, including the closest places to go shopping, buy gas, or mail a letter; the locations of recently reported crimes; and the demographic makeup of the local neighborhood; y Where’s My Money DC, a tool that meshes with Facebook and enables users to look up and discuss all city expenditures above $2,500; and y Stumble Safely, an online guide to the best bars and safe paths to stumble home after a night out. 128 MICAH L.

Its team 209 WIKILEAKS AND THE AGE OF TRANSPARENCY of paid and volunteer developers are based primarily in Africa, but also Europe, South America and the U.S. –– Vota Intelligente (VotaInteligente.cl). A project of the Fundación Ciudadano Inteligente (“Smart Citizen Foundation”), a Chileanbased non-governmental organization that promotes transparency and accountability in Latin American politics by collecting data and delivering it to citizens through the web and the use of web applications. See also Brazil’s Congresso Aberto (CongressoAberto.com.br), and Colombia’s Congreso Visible (CongresoVisible.org) –– The Philippine Public Transparency Reporting Project (TransparencyReporting.net). A collaboration of four media development organizations––the Institute for War and Peace Reporting (IWPR), the Center for Community Journalism and Development (CCJD), the Mindanao News and Information Cooperative Center (MindaNews) and the National Union of Journalists of the Philippines (NUJP)––that work alongside and through existing and new media to monitor, mobilize and demand greater public transparency and accountability. –– Visible Government (VisibleGovernment.ca).

The Art of Readable Code by Dustin Boswell, Trevor Foucher

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Albert Einstein, don't repeat yourself, Donald Knuth, web application

Basically, you want to “think ahead” and anticipate the problems that people might run into when using your code. For example, suppose you wrote a function that sends an email to a given user: void SendEmail(string to, string subject, string body); The implementation of this function involves connecting to an external email service, which might take up to a whole second, or possibly longer. Someone who is writing a web application might not realize this and mistakenly call this function while handling an HTTP request. (Doing this would cause their web application to “hang” if the email service is down.) To prevent this likely mishap, you should comment on this “implementation detail”: // Calls an external service to deliver email. (Times out after 1 minute.) void SendEmail(string to, string subject, string body); Here is another example: suppose you have a FixBrokenHtml() function that attempts to rewrite broken HTML by inserting missing closing tags and the like: def FixBrokenHtml(html): ...

pages: 205 words: 47,169

PostgreSQL: Up and Running by Regina Obe, Leo Hsu

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

cloud computing, database schema, Debian, en.wikipedia.org, full text search, web application

To have it interact with other applications, you’re going to need database drivers. PostgreSQL enjoys a generous number of freely available database drivers that can be used in many programming languages. In addition, there are various commercial organizations that provide drivers with extra bells and whistles at modest prices. Below, we’ve listed a few popular, open source ones: PHP is a common language used to develop web applications, and most PHP distributions come packaged with at least one PostgreSQL driver. There is the older pgsql and the newer pdo_pgsql. You may need to enable them in your php.ini or do a yum install, but they are usually already there. Java. If you are doing Java development, there are always updated versions of JDBC that support the latest PostgreSQL, which you can download from http://jdbc.postgresql.org.

You rarely get personalized emails. This is not to say the service is poor, since most issues involve systemwide issues that it promptly addresses. If you feel uncomftable with this arrangement or are a non-techie with lots of basic OS hand-holding needs, Amazon is probably not the best host for you. RackSpace is not specifically designed for PostgreSQL, but we know several PostgreSQL users using it for PostgreSQL and web application, and are happy with the performance and Rackspace support team. It offers both Linux and Windows. SoftLayer is not specifically designed for PostgreSQL but similar to GoGrid, it provides both dedicated as well as cloud hosting offerings and Private network setups. It provides hosting for both Linux and Windows. Pricing is similar to the others with hourly and monthly options. PostgreSQL Database as a Service Fairly recently, there have been database cloud offerings that focus on giving you optimized PostgreSQL installs.

pages: 188 words: 9,226

Collaborative Futures by Mike Linksvayer, Michael Mandiberg, Mushon Zer-Aviv

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

4chan, Benjamin Mako Hill, British Empire, citizen journalism, cloud computing, collaborative economy, corporate governance, crowdsourcing, Debian, en.wikipedia.org, Firefox, informal economy, jimmy wales, Kickstarter, late capitalism, loose coupling, Marshall McLuhan, means of production, Naomi Klein, Network effects, optical character recognition, packet switching, postnationalism / post nation state, prediction markets, Richard Stallman, semantic web, Silicon Valley, slashdot, Slavoj Žižek, stealth mode startup, technoutopianism, the medium is the message, The Wisdom of Crowds, web application

It is worth noting that the more recent and widely used, if not ubiquitous, instant messaging protocol XMPP as well as the brand new and li le used Wave protocol have an architecture similar to email, though use of nonprovider domains seems even less common, and in the case of Wave, Google is currently the only service provider. It may be valuable to assess so ware services from the respect of community autonomy as well as user autonomy. The former may explicitly note requirements for the product of collaboration—non-private data, roughly—as well as service governance: In cases where one accepts a centralized web application, should one demand that application be somehow constitutionally open? Some possible criteria: All source code for the running service should be published under an open source license and developer source control available for public viewing. All private data available for on-demand export in standard formats. All collaboratively created data available under an open license (e.g., one from Creative Commons), again in standard formats.

However, some of the most potent means of encouraging autonomy may be relatively boring—for example, making it easier to maintain one’s own computer and deploy slightly customized so ware in a secure and foolproof fashion. Any such development helps traditional users of free so ware as well as makes doing computing on one’s own computer (which may be a “personal server” or virtual machine that one controls) more a ractive. 112 Perhaps one of the most hopeful trends is relatively widespread deployment by end users of free so ware web applications like WordPress and MediaWiki. StatusNet, free so ware for microblogging, is a empting to replicate this adoption success. StatusNet also includes technical support for a form of decentralization (remote subscription) and a legal requirement for service providers to release modifications as free so ware via the AGPL. This section barely scratches the surface of the technical and social issues raised by the convergence of so much of our computing, in particular computing that facilitates collaboration, to servers controlled by “other people”, especially when these “other people” are a small number of large service corporations.

pages: 49 words: 12,968

Industrial Internet by Jon Bruner

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

autonomous vehicles, barriers to entry, commoditize, computer vision, data acquisition, demand response, en.wikipedia.org, factory automation, Google X / Alphabet X, industrial robot, Internet of things, job automation, loose coupling, natural language processing, performance metric, Silicon Valley, slashdot, smart grid, smart meter, statistical model, web application

Need to convert an address to latitude and longitude? Google’s geocoder API[2] will make the conversion almost instantaneously, masking the complexity of the underlying process (text parsing, looking up possible matches in a database, choosing the best one). Geolocation thus becomes accessible to anyone building a Web site — no expertise in cartography needed. These services become modules in Web applications, which are designed with minimal assumptions about the services they use so that a change or failure in one module won’t break the entire application. In the same way, the industrial internet presents machines as services, accessible to any authorized application that’s on the network. The scope of knowledge needed to contribute to a physical-world solution becomes smaller in the process.

pages: 933 words: 205,691

Hadoop: The Definitive Guide by Tom White

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, bioinformatics, business intelligence, combinatorial explosion, database schema, Debian, domain-specific language, en.wikipedia.org, fault tolerance, full text search, Grace Hopper, information retrieval, Internet Archive, linked data, loose coupling, openstreetmap, recommendation engine, RFID, SETI@home, social graph, web application

This is conveniently achieved using Ant, using a task such as this (you can find the complete build file in the example code): <jar destfile="hadoop-examples.jar" basedir="${classes.dir}"/> If you have a single job per JAR, then you can specify the main class to run in the JAR file’s manifest. If the main class is not in the manifest, then it must be specified on the command line (as you will see shortly). Also, any dependent JAR files should be packaged in a lib subdirectory in the JAR file. (This is analogous to a Java Web application archive, or WAR file, except in that case the JAR files go in a WEB-INF/lib subdirectory in the WAR file.) Launching a Job To launch the job, we need to run the driver, specifying the cluster that we want to run the job on with the -conf option (we could equally have used the -fs and -jt options): % hadoop jar hadoop-examples.jar v3.MaxTemperatureDriver -conf conf/hadoop-cluster.xml \ input/ncdc/all max-temp The waitForCompletion() method on Job launches the job and polls for progress, writing a line summarizing the map and reduce’s progress whenever either changes.

In this example, we will build a simple web interface that allows a user to navigate the different stations and page through their historical temperature observations in time order. For the sake of this example, let us allow that the dataset is massive, that the observations run to the billions, and that the rate at which temperature updates arrive is significant—say hundreds to thousands of updates a second from around the world across the whole range of weather stations. Also, let us allow that it is a requirement that the web application must display the most up-to-date observation within a second or so of receipt. The first size requirement should preclude our use of a simple RDBMS instance and make HBase a candidate store. The second latency requirement rules out plain HDFS. A MapReduce job could build initial indices that allowed random-access over all of the observation data, but keeping up this index as the updates arrived is not what HDFS and MapReduce are good at.

You could do this in an override of the mapper’s close() method. HBase includes TableInputFormat and TableOutputFormat to help with MapReduce jobs that source and sink HBase (see Example 13-2). One way to write the previous example would have been to use MaxTemperatureMapper from Chapter 5 as is but add a reducer task that takes the output of the MaxTemperatureMapper and feeds it to HBase via TableOutputFormat. Web Queries To implement the web application, we will use the HBase Java API directly. Here it becomes clear how important your choice of schema and storage format is. The simplest query will be to get the static station information. This type of query is simple in a traditional database, but HBase gives you additional control and flexibility. Using the info family as a key/value dictionary (column names as keys, column values as values), the code would look like this: public Map<String, String> getStationInfo(HTable table, String stationId) throws IOException { Get get = new Get(Bytes.toBytes(stationId)); get.addColumn(INFO_COLUMNFAMILY); Result res = table.get(get); if (res == null) { return null; } Map<String, String> resultMap = new HashMap<String, String>(); resultMap.put("name", getValue(res, INFO_COLUMNFAMILY, NAME_QUALIFIER)); resultMap.put("location", getValue(res, INFO_COLUMNFAMILY, LOCATION_QUALIFIER)); resultMap.put("description", getValue(res, INFO_COLUMNFAMILY, DESCRIPTION_QUALIFIER)); return resultMap; } private static String getValue(Result res, byte [] cf, byte [] qualifier) { byte [] value = res.getValue(cf, qualifier); return value == null?

The Art of Scalability: Scalable Web Architecture, Processes, and Organizations for the Modern Enterprise by Martin L. Abbott, Michael T. Fisher

always be closing, anti-pattern, barriers to entry, Bernie Madoff, business climate, business continuity plan, business intelligence, business process, call centre, cloud computing, combinatorial explosion, commoditize, Computer Numeric Control, conceptual framework, database schema, discounted cash flows, en.wikipedia.org, fault tolerance, finite state, friendly fire, hiring and firing, Infrastructure as a Service, inventory management, new economy, packet switching, performance metric, platform as a service, Ponzi scheme, RFC: Request For Comment, risk tolerance, Rubik’s Cube, Search for Extraterrestrial Intelligence, SETI@home, shareholder value, Silicon Valley, six sigma, software as a service, the scientific method, transaction costs, Vilfredo Pareto, web application, Y2K

Depending on the particular cache that is chosen, many programming languages already have builtin support for the most popular caches. Memcached is one of the most popular caches in use today. It is a “high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.”2 This particular cache is very fast-using nonblocking network input/output (I/O) and its own slab allocator to prevent memory fragmentation guaranteeing allocations to be O(1) or able to be computed in constant time and thus not bound by the size of the data. As indicated in the description of memcached, it is primarily designed to speed up Web applications by alleviating requests to the database. This makes sense because the database is almost always the slowest retrieval device in the application tiers. The overhead of implementing ACID (Atomicity, Consistency, Isolation, and Durability) properties in a relational database management system is larger, especially when data has to be written and read from disk.

Nov 13, 2006. http://www.businessweek.com/magazine/content/ 06_46/b4009001.htm. 427 428 C HAPTER 28 C LOUDS AND G RIDS • Software as a Service (SaaS). This was the original Blah as a Service term and started with software such as customer relationship management (CRM) software as some of the earliest offerings. Almost any form of software can be offered in this manner and it can be done either over the Web or via download. • Platform as a Service (PaaS). This model provides all the required components for developing and deploying Web applications and services. These components include workflow management, integrated development environments, testing, deployment, and hosting. • Infrastructure as a Service (IaaS). This is the concept of offering computing infrastructure such as servers, storage, network, and bandwidth for use as necessary by clients. Amazon’s EC2 was one of the earliest offerings of this service. • Everything as a Service (XaaS or *aaS).

. • Developing alongside the idea of cloud computing was the concept of Software as a Service, Infrastructure as a Service, and many more “as a Service” concepts. • Software as a Service refers to almost any form of software that is offered in a pay as you use model. • Infrastructure as a Service is the idea of offering infrastructure such as storage, servers, network, and bandwidth in a pay as you use model. • Platform as a Service provides all the required components for developing and deploying Web applications and services. • Everything as a Service is the idea of being able to have small components that can be pieced together to provide a new service. • Grid computing as a concept has been around for almost two decades. It is used to describe the use of two or more computers processing individual parts of an overall task. • There are three types of cloud vendors: service providers, backbones, and virtualization software providers. 437 This page intentionally left blank Chapter 29 Soaring in the Clouds This is called, using the conquered foe to augment one’s own strength.

pages: 71 words: 14,237

21 Recipes for Mining Twitter by Matthew A. Russell

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

en.wikipedia.org, Google Earth, natural language processing, NP-complete, social web, web application

ISBN: 978-1-449-30316-7 [LSI] 1296485191 Table of Contents Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii The Recipes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 1.10 1.11 1.12 1.13 1.14 1.15 1.16 1.17 1.18 1.19 1.20 1.21 Using OAuth to Access Twitter APIs Looking Up the Trending Topics Extracting Tweet Entities Searching for Tweets Extracting a Retweet’s Origins Creating a Graph of Retweet Relationships Visualizing a Graph of Retweet Relationships Capturing Tweets in Real-time with the Streaming API Making Robust Twitter Requests Harvesting Tweets Creating a Tag Cloud from Tweet Entities Summarizing Link Targets Harvesting Friends and Followers Performing Setwise Operations on Friendship Data Resolving User Profile Information Crawling Followers to Approximate Potential Influence Analyzing Friendship Relationships such as Friends of Friends Analyzing Friendship Cliques Analyzing the Authors of Tweets that Appear in Search Results Visualizing Geodata with a Dorling Cartogram Geocoding Locations from Profiles (or Elsewhere) 1 3 5 7 10 13 15 20 22 25 29 34 37 39 43 45 48 50 52 54 58 v Preface Introduction This intentionally terse recipe collection provides you with 21 easily adaptable Twitter mining recipes and is a spin-off of Mining the Social Web (O'Reilly), a more comprehensive work that covers a much larger cross-section of the social web and related analysis. Think of this ebook as the jetpack that you can strap onto that great Twitter mining idea you've been noodling on—whether it’s as simple as running some disposible scripts to crunch some numbers, or as extensive as creating a full-blown interactive web application. All of the recipes in this book are written in Python, and if you are reasonably confident with any other programming language, you’ll be able to quickly get up to speed and become productive with virtually no trouble at all. Beyond the Python language itself, you’ll also want to be familiar with easy_install (http://pypi.python.org/pypi/setup tools) so that you can get third-party packages that we'll be using along the way.

pages: 90 words: 17,297

Deploying OpenStack by Ken Pepple

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, cloud computing, database schema, Infrastructure as a Service, Ruby on Rails, web application, x509 certificate

This should be an address in the form of http://xxx.xxx.xxx.xxx:8888/, where xxx.xxx.xxx.xxx is your server’s IP address. Once you connect to that address, you will be redirected to Smart Installer login screen. Note Your browser will need to have access to the Internet. It acts as a middleman between the two, gathering config data from your server and transferring to the configuration web application. Your server does not need access to the Internet. The first screen of the Smart Installer will ask you to create an account and then login. While creating an account is not a necessity, it will allow you to save, edit, and redeploy your configurations later. Figure 7-3 shows the login screen. Figure 7-3. StackOps Smart Installer Login Once registered and logged in, the Smart Installer will step you through a number of screens to configure your Nova deployment.

pages: 122 words: 19,807

Tmux: Productive Mouse-Free Development by Brian P. Hogan

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

en.wikipedia.org, Ruby on Rails, Skype, web application

script_id=1349 [7] http://www.iterm2.com [8] http://superuser.com/questions/285381/how-does-the-tmux-color-palette-work [9] See http://www.foragoodstrftime.com/ for a handy tool to help you find the perfect time format. Copyright © 2012, The Pragmatic Bookshelf. Chapter 3 Scripting Customized tmux Environments You probably run a wide collection of tools and programs as you work on your projects. If you’re working on a web application, you most likely need to have a command shell, a text editor, a database console, and another window dedicated to running your automated test suite for your application. That’s a lot of windows to manage, and a lot of commands to type to get it all fired up. Imagine being able to come to your workstation, ready to tackle that new feature, and being able to bring every one of those programs up, each in its own pane or window in a single tmux session, using a single command.

pages: 62 words: 15,274

Sass for Web Designers by Dan Cederholm

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

c2.com, don't repeat yourself, Firefox, Ruby on Rails, web application

Yet we’ve had to bend that property to lay out entire interfaces. Our stylesheets are also immensely repetitive. Colors, fonts, oft-used groupings of properties, etc. The typical CSS file is an extremely linear document—the kind of thing that makes an object-oriented programmer want to tear their hair out. (I’m not an object-oriented programmer, but I have very little hair left. Read into that as you may). As interfaces and web applications become more robust and complex, we’re bending the original design of CSS to do things it never dreamed of doing. We’re crafty like that. Fortunately, browser makers adopt new CSS features far more rapidly these days, with more efficient and powerful properties and selectors that solve the problems today’s web poses. Features like new layout options in CSS3, border-radius, box-shadow, advanced selectors, transitions, transforms, animation, and so on.

pages: 294 words: 82,438

Simple Rules: How to Thrive in a Complex World by Donald Sull, Kathleen M. Eisenhardt

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Affordable Care Act / Obamacare, Airbnb, asset allocation, Atul Gawande, barriers to entry, Basel III, Berlin Wall, carbon footprint, Checklist Manifesto, complexity theory, Craig Reynolds: boids flock, Credit Default Swap, Daniel Kahneman / Amos Tversky, diversification, drone strike, en.wikipedia.org, European colonialism, Exxon Valdez, facts on the ground, Fall of the Berlin Wall, haute cuisine, invention of the printing press, Isaac Newton, Kickstarter, late fees, Lean Startup, Louis Pasteur, Lyft, Moneyball by Michael Lewis explains big data, Nate Silver, Network effects, obamacare, Paul Graham, performance metric, price anchoring, RAND corporation, risk/return, Saturday Night Live, sharing economy, Silicon Valley, Startup school, statistical model, Steve Jobs, TaskRabbit, The Signal and the Noise by Nate Silver, transportation-network company, two-sided market, Wall-E, web application, Y Combinator, Zipcar

We were particularly interested in the remarkable story of one of Kathy’s graduate students at Stanford, Raghu Shukla, who went from diligent scholar to professional-level poker player in the space of two years. Raghu grew up in Chennai, and attended the University of Delhi before finishing his degree in math at the University of Southern California. He followed several cousins, and became a computer science graduate student at Stanford. After finishing an especially rough web-application assignment, he played his first poker game with other students one Saturday night. Yet unlike many of his equally smart friends, Raghu dramatically improved his poker-playing rules over time. The poker-playing grad students favored Texas Hold’em. In this version of the game, each player gets two face-down cards at the start of the hand (the hole). Next, the table is dealt five cards in groups of three (the flop), one (the turn), and one more (the river).

.” [>] Raghu grew up: Raghu’s story is based on interviews with him on March 17, 2014, and June 6, 2014, emails, and other conversations. At his request, we have used a pseudonym for him, and changed some identifying details. Raghu would like readers to know that he spent his college summers working as an intern with a consulting firm in Dubai, at a tech startup, and with a winemaker in Clovis, California, and that the web-application assignment was for CS 142. [>] The poker-playing grad students: Kathy thanks Bob Eberhart for significantly improving her strategic knowledge of poker. [>] He also learned: Keeping opponents off-balance by switching these strategies is also recommended by poker coach Corwin Cole. Corwin Cole, “Unpredictability Keeps Opponents Off Balance,” San Jose Mercury News, April 18, 2014. [>] Professor Melissa Schilling: Melissa A.

pages: 323 words: 65,306

Programming in CoffeeScript by Mark Bates

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

don't repeat yourself, en.wikipedia.org, MVC pattern, node package manager, Ruby on Rails, single page application, web application

I hope that by the time you close the cover, you will have gained a better understanding of CoffeeScript and how it can impact your development. Good luck. xiii about the author Mark Bates is the founder and chief architect of the Boston-based consulting company Meta42 Labs. Mark spends his days focusing on new application development and consulting for his clients. At night he writes books, raises kids, and occasionally he forms a band and “tries to make it.” Mark has been writing web applications, in one form or another, since 1996. His career started as a UI developer writing HTML and JavaScript applications before moving toward the middle(ware) with Java and Ruby. Nowadays, Mark spends his days cheating on Ruby with his new mistress, CoffeeScript. Always wanting to share his wisdom, or more correctly just wanting to hear the sound of his own voice, Mark has spoken at several high-profile conferences, including RubyConf, RailsConf, and jQueryConf.

The REPL is a powerful and quick way to try out a few ideas, but as we’ve seen it can get a bit hard to use when dealing with more complex code. Later in this chapter, in the section “Executing CoffeeScript Files,” we’ll discuss how to execute files containing CoffeeScript, which is a more appropriate way of running complex code. 5 6 Chapter 1 Getting Started In-Browser Compilation When developing web applications, a time will come when you want to write some CoffeeScript directly inline in your HTML2 file. CoffeeScript does allow you to do this, and I will show you how. However, I want to caution you against doing such a thing. First, there is a very good reason why practices such as Unobtrusive JavaScript3 have become so popular recently. Although being able to execute CoffeeScript in the browser is nifty, it really is not the best compilation option available to us.

pages: 270 words: 64,235

Effective Programming: More Than Writing Code by Jeff Atwood

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

AltaVista, Amazon Web Services, barriers to entry, cloud computing, endowment effect, Firefox, future of work, game design, Google Chrome, gravity well, job satisfaction, Khan Academy, Kickstarter, loss aversion, Marc Andreessen, Mark Zuckerberg, Merlin Mann, Minecraft, Paul Buchheit, Paul Graham, price anchoring, race to the bottom, recommendation engine, science of happiness, Skype, social software, Steve Jobs, web application, Y Combinator, zero-sum game

Or use the tools that do this for you: Yahoo YSlow Google Page Speed Pingdom Tools We’ve long since implemented most of the 13 items on Yahoo’s list, except for one. But it’s a big one: Using a Content Delivery Network. The user’s proximity to your web server has an impact on response times. Deploying your content across multiple, geographically dispersed servers will make your pages load faster from the user’s perspective. But where should you start? As a first step to implementing geographically dispersed content, don’t attempt to redesign your web application to work in a distributed architecture. Depending on the application, changing the architecture could include daunting tasks such as synchronizing session state and replicating database transactions across server locations. Attempts to reduce the distance between users and your content could be delayed by, or never pass, this application architecture step. Remember that 80 to 90 percent of the end-user response time is spent downloading all the components in the page: images, stylesheets, scripts, Flash, etc.

It’s certainly true that there are limitations on how the UI can be built based on the technology you’re using. Just because some pixels can be arranged a certain way in Photoshop doesn’t mean that can magically be turned into a compiling, shippable product in any sane timeframe. To ameliorate that problem, take advantage of visual design patterns. If you’re building a GUI application, use a palette of widgets common to your GUI. If you’re building a web application, use a palette of HTML, CSS and DOM elements from all over the web. Let the palette enforce your technology constraints. It shouldn’t be difficult to sit down with a few basic tools and slap together a rough mockup of how the user interface will look. However, it is extremely important at this point to stay out of technical development environments when mocking your user interface, or the temptation to turn the model into the product may be too strong for your team to resist.

pages: 541 words: 109,698

Mining the Social Web: Finding Needles in the Social Haystack by Matthew A. Russell

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Climategate, cloud computing, crowdsourcing, en.wikipedia.org, fault tolerance, Firefox, full text search, Georg Cantor, Google Earth, information retrieval, Mark Zuckerberg, natural language processing, NP-complete, profit motive, Saturday Night Live, semantic web, Silicon Valley, slashdot, social graph, social web, statistical model, Steve Jobs, supply-chain management, text mining, traveling salesman, Turing test, web application

Sample results from Example 9-5 Graffiti Art Programming 492 C++ Programming 495 Basic Programming 495 Programming 215 C Programming 493 C programming language 492 Programming 490 ACM Programming Competitors 496 programming 494 COMPUTER PROGRAMMING 494 Programming with Python 494 Game Programming 494 ASLMU Programming 494 Programming 352 Programming 450 Programmation - Programming 480 A sample web application that encapsulates most of the example code from this chapter and uses the same basic pattern is hosted on GAE, if you’d like to take it for a spin before laying down some code of your own. Figure 9-4 illustrates the results of our sample query for “programming” groups. Recall that you can install and fully customize the GAE-powered Facebook app yourself if that’s a better option for you than running scripts from a local console.

The notion of a cyberworld of documents, platforms, and applications that we can interact with via modern-day browsers (including ones on mobile or tablet devices) over HTTP is admittedly fuzzy, but it’s probably pretty close to what most people think of when they hear the term “the Web.” To a degree, the motivation behind the Web 2.0 thought process that emerged back in 2004 was to more precisely define the increasingly blurry notion of exactly what the Web was and what it was becoming. Along those lines, some folks think of the Web as it existed from its inception until the present era of highly interactive web applications and user collaboration as being Web 1.0, the current era of Rich Internet Applications (RIAs) and collaboration as the Web 2.x era, and the era of semantic karma that’s yet to come as Web 3.0 (see Table 10-1). At present, there’s no real consensus about what Web 3.0 really means, but most discussions of the subject generally include the phrase “semantic web” and the notion of information being consumed and acted upon by machines in ways that are not yet possible at web scale.

(A Data-Driven Game), Visualizing Wall Data As a (Rotating) Tag Cloud geographical clustering of LinkedIn network, Geographically Clustering Your Network, Mapping Your Professional Network with Dorling Cartograms, Mapping Your Professional Network with Google Earth, Mapping Your Professional Network with Google Earth, Mapping Your Professional Network with Dorling Cartograms mapping network with Dorling Cartograms, Mapping Your Professional Network with Dorling Cartograms mapping network with Google Earth, Mapping Your Professional Network with Google Earth, Mapping Your Professional Network with Google Earth Graph Your Inbox Chrome extension, The Graph Your (Gmail) Inbox Chrome Extension large number of tweets, Visualizing Tons of Tweets, Visualizing Tweets with Tricked-Out Tag Clouds, Visualizing Community Structures in Twitter Search Results, Visualizing Community Structures in Twitter Search Results, Closing Remarks community structures in Twitter search results, Visualizing Community Structures in Twitter Search Results, Closing Remarks using tag clouds, Visualizing Tweets with Tricked-Out Tag Clouds, Visualizing Community Structures in Twitter Search Results mail events, using SIMILE Timeline, Visualizing Mail “Events” with SIMILE Timeline, Analyzing Your Own Mail Data similarity, visualizing with graphs, Clustering Posts with Cosine Similarity tweet graphs, Visualizing Tweet Graphs, Synthesis: Visualizing Retweets with Protovis, Synthesis: Visualizing Retweets with Protovis visualizing retweets, using Protovis, Synthesis: Visualizing Retweets with Protovis W wall data (Facebook), visualizing as rotating tag cloud, Visualizing Wall Data As a (Rotating) Tag Cloud, Visualizing Wall Data As a (Rotating) Tag Cloud web page for this book, How to Contact Us weighting tags in tag clouds, Visualizing Tweets with Tricked-Out Tag Clouds WhitespaceTokenizer, Sentence Detection in Blogs with NLTK Wikipedia articles with geo markup, Plotting geo data via microform.at and Google Maps Windows systems, Installing Python Development Tools, Installing Python Development Tools, Visualizing Tweet Graphs, couchdb-lucene: Full-Text Indexing and More, Visualizing Community Structures in Twitter Search Results ActivePython, Installing Python Development Tools couchdb-lucene service wrapper, couchdb-lucene: Full-Text Indexing and More DOT language output for Graphviz, Visualizing Community Structures in Twitter Search Results GVedit application, Visualizing Tweet Graphs installing easy_install, Installing Python Development Tools WolframAlpha, entity analysis with, Entity-Centric Analysis: A Deeper Understanding of the Data word tokenizer, Sentence Detection in Blogs with NLTK WP-Cumulus tag cloud, Visualizing Tweets with Tricked-Out Tag Clouds, Visualizing Tweets with Tricked-Out Tag Clouds, Visualizing Wall Data As a (Rotating) Tag Cloud sample HTML template displaying, Visualizing Tweets with Tricked-Out Tag Clouds X XFN (XHTML Friends Network), XFN and Friends, Exploring Social Connections with XFN, Brief analysis of breadth-first techniques, Exploring Social Connections with XFN, A Breadth-First Crawl of XFN Data, A Breadth-First Crawl of XFN Data, A Breadth-First Crawl of XFN Data example markup, Exploring Social Connections with XFN pseudocode for breadth-first search, A Breadth-First Crawl of XFN Data scraping XFN content from a web page, A Breadth-First Crawl of XFN Data using breadth-first search to crawl XFN links, A Breadth-First Crawl of XFN Data XHTML, Microformats: Semantic Markup and Common Sense Collide, XFN and Friends (see also XFN) semantic markup versus, XFN and Friends Xoauth, Accessing Gmail with OAuth xoauth.py command-line utility, Accessing Gmail with OAuth Z Zipf’s law, Extracting relationships from the tweets, Data Hacking with NLTK frequency distribution of words in a corpus, Data Hacking with NLTK About the Author Matthew Russell, Vice President of Engineering at Digital Reasoning Systems (http://www.digitalreasoning.com/) and Principal at Zaffra (http://zaffra.com), is a computer scientist who is passionate about data mining, open source, and web application technologies. He’s also the author of Dojo: The Definitive Guide (O’Reilly). Colophon The animal on the cover of Mining the Social Web is a groundhog (Marmota monax), also known as a woodchuck (a name derived from the Algonquin name wuchak). Groundhogs are famously associated with the US/Canadian holiday Groundhog Day, held every February 2nd. Folklore holds that if the groundhog emerges from its burrow that day and sees its shadow, winter will continue for six more weeks.

pages: 462 words: 172,671

Clean Code: A Handbook of Agile Software Craftsmanship by Robert C. Martin

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

continuous integration, database schema, domain-specific language, don't repeat yourself, Donald Knuth, en.wikipedia.org, Eratosthenes, finite state, Ignaz Semmelweis: hand washing, iterative process, place-making, Rubik’s Cube, web application, WebSocket

A programmer who debugs such a system can set a breakpoint, or a sequence of breakpoints, and know the state of the system by which breakpoints are hit. Decoupling what from when can dramatically improve both the throughput and structures of an application. From a structural point of view the application looks like many little collaborating computers rather than one big main loop. This can make the system easier to understand and offers some powerful ways to separate concerns. Consider, for example, the standard “Servlet” model of Web applications. These systems run under the umbrella of a Web or EJB container that partially manages concurrency for you. The servlets are executed asynchronously whenever Web requests come in. The servlet programmer does not have to manage all the incoming requests. In principle, each servlet execution lives in its own little world and is decoupled from all the other servlet executions. Of course if it were that easy, this chapter wouldn’t be necessary.

As you can see in Figure A-2, the multithreaded solution allows the process-bound parsing of the pages to overlap with the I/O-bound reading of the pages. In an idealized world this means that the processor is fully utilized. Each one-second page read is overlapped with two parses. Thus, we can process two pages per second, which is three times the throughput of the single-threaded solution. Figure A-2 Three concurrent threads Deadlock Imagine a Web application with two shared resource pools of some finite size: • A pool of database connections for local work in process storage • A pool of MQ connections to a master repository Assume there are two operations in this application, create and update: • Create—Acquire connection to master repository and database. Talk to service master repository and then store work in local work in process database

See POJOs platforms, running threaded code, 188 pleasing code, 7 pluggable thread-based code, 187 POJO system, agility provided by, 168 POJOs (Plain-Old Java Objects) creating, 187 implementing business logic, 162 separating threaded-aware code, 190 in Spring, 163 writing application domain logic, 166 polyadic argument, 40 polymorphic behavior, of functions, 296 polymorphic changes, 96–97 polymorphism, 37, 299 position markers, 67 positives as easier to understand, 258 expressing conditionals as, 302 of decisions, 301precision as the point of all naming, 30 predicates, naming, 25 preemption, breaking, 338 prefixes for member variables, 24 as useless in today’s environments, 312–313 pre-increment operator, ++, 324, 325, 326 “prequel”, this book as, 15 principle of least surprise, 288–289, 295 principles, of design, 15 PrintPrimes program, translation into Java, 141 private behavior, isolating, 148–149 private functions, 292 private method behavior, 147 problem domain names, 27 procedural code, 97 procedural shape example, 95–96 procedures, compared to objects, 101 process function, repartitioning, 319–320 process method, I/O bound, 319 processes, competing for resources, 184 processor bound, code as, 318 producer consumer execution model, 184 producer threads, 184 production environment, 127–130 productivity, decreased by messy code, 4 professional programmer, 25 professional review, of code, 268 programmers as authors, 13–14 conundrum faced by, 6 responsibility for messes, 5–6 unprofessional, 5–6 programming defined, 2 structured, 48–49 programs, getting them to work, 201 pronounceable names, 21–22 protected variables, avoiding, 80 proxies, drawbacks of, 163 public APIs, javadocs in, 59 puns, avoiding, 26–27 PUTFIELD instruction, as atomic, 325 Q queries, separating from commands, 45–46 R random jiggling, tests running, 190 range, including end-point dates in, 276 readability of clean tests, 124 of code, 76 Dave Thomas on, 9 improving using generics, 115 readability perspective, 8 readers of code, 13–14 continuous, 184 readers-writers execution model, 184 reading clean code, 8 code from top to bottom, 37 versus writing, 14 reboots, as a lock up solution, 331 recommendations, in this book, 13 redesign, demanded by the team, 5 redundancy, of noise words, 21 redundant comments, 60–62, 272, 275, 286–287 ReentrantLock class, 183 refactored programs, as longer, 146 refactoring Args, 212 code incrementally, 172 as an iterative process, 265 putting things in to take out, 233 test code, 127 Refactoring (Fowler), 285 renaming, fear of, 30 repeatability, of concurrency bugs, 180 repeatable tests, 132 requirements, specifying, 2 resetId, byte-code generated for, 324–325 resources bound, 183 processes competing for, 184 threads agreeing on a global ordering of, 338 responsibilities counting in classes, 136 definition of, 138 identifying, 139 misplaced, 295–296, 299 splitting a program into main, 146 return codes, using exceptions instead, 103–105 reuse, 174 risk of change, reducing, 147 robust clear code, writing, 112 rough drafts, writing, 200 runnable interface, 326 run-on expressions, 295 run-on journal entries, 63–64 runtime logic, separating startup from, 154 S safety mechanisms, overridden, 289 scaling up, 157–161 scary noise, 66 schema, of a class, 194 schools of thought, about clean code, 12–13 scissors rule, in C++, 81 scope(s) defined by exceptions, 105 dummy, 90 envying, 293 expanding and indenting, 89 hierarchy in a source file, 88 limiting for data, 181 names related to the length of, 22–23, 312 of shared variables, 333 searchable names, 22–23 Second Law, of TDD, 122 sections, within functions, 36 selector arguments, avoiding, 294–295 self validating tests, 132 Semaphore class, 183 semicolon, making visible, 90 “serial number”, SerialDate using, 271 SerialDate class making it right, 270–284 naming of, 270–271 refactoring, 267–284 SerialDateTests class, 268 serialization, 272 server, threads created by, 319–321 server application, 317–318, 343–344 server code, responsibilities of, 319 server-based locking, 329 as preferred, 332–333 with synchronized methods, 185 “Servlet” model, of Web applications, 178 Servlets, synchronization problems, 182 set functions, moving into appropriate derivatives, 232, 233–235 setArgument, changing, 232–233 setBoolean function, 217 setter methods, injecting dependencies, 157 setup strategy, 155 SetupTeardownIncluder.java listing, 50–52 shape classes, 95–96 shared data, limiting access, 181 shared variables method updating, 328 reducing the scope of, 333 shotgun approach, hand-coded instrumentation as, 189 shut-down code, 186 shutdowns, graceful, 186 side effects having none, 44 names describing, 313 Simmons, Robert, 276 simple code, 10, 12 Simple Design, rules of, 171–176 simplicity, of code, 18, 19 single assert rule, 130–131 single concepts, in each test function, 131–132 Single Responsibility Principle (SRP), 15, 138–140 applying, 321 breaking, 155 as a concurrency defense principle, 181 recognizing violations of, 174 server violating, 320 Sql class violating, 147 supporting, 157 in test classes conforming to, 172 violating, 38 single value, ordered components of, 42 single-letter names, 22, 25 single-thread calculation, of throughput, 334 SINGLETON pattern, 274 small classes, 136 Smalltalk Best Practice Patterns, 296 smart programmer, 25 software project, maintenance of, 175 software systems.

pages: 448 words: 71,301

Programming Scala by Unknown

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

domain-specific language, en.wikipedia.org, fault tolerance, general-purpose programming language, loose coupling, type inference, web application

Reductio is less widely used than ScalaCheck, but it offers a “native” Java API as well as a Scala API, so it would be more convenient for “pure” Java teams. Other Notable Scala Libraries and Tools While Scala benefits from the rich legacy of Java and .NET libraries, there is a growing collection of libraries written specifically for Scala. Here we discuss some of the more notable ones. Lift Lift is the leading web application framework written in Scala. It recently reached “1.0” status. Lift has been used for a number of commercial websites. You can also find documentation on the Lift website. Other web frameworks include Sweet, Pinky, and Slinky. Scalaz Scalaz is a library that fills in gaps in the standard library. Among its features are enhancements to several core Scala types, such as Boolean, Unit, String, and Option, plus support for functional control abstractions, such as FoldLeft, FoldRight, and Monad, that expand upon what is available in the standard library.

(exclamation point), under Symbols) base classes, 91 base type, 394 BDD (Behavior-Driven Development), 57 BDD syntax provided by ScalaTest, 361 defined, 394 specification exercising combined Button and Subject types, 80 Specs library, 363–365 BigDecimal class, 221 blogging system (example), 215–216 AtomFeed class, 215 Index | 409 Download at WoweBook.Com boolean literals, 38 bound variables, 394 break method, 63 build tools, 353 Buildr tool, 353 by-name parameters, 189, 263 defined, 394 by-value parameters, 189 defined, 394 C C# abstract methods, 18 override keyword for concrete methods, 18 this keyword, 18 C++ multiple inheritance, 321 templates, 297 C.super type, 273 C.this type, 273 Cake Pattern, 335–340 call site (see declaration site) call-by-name parameters, 277 capture groups, defining in regular expressions, 69 case classes, 136–142 binary operations, 139 copy method in Scala 2.8, 140 defined, 395 defining for pattern matching, 68 enumerations as alternative to, 300 enumerations versus, 304 inheritance, 140, 334 pattern matching on, 67 case clauses, binding nested variables in, 69 case keyword, 394 case class example, 136 case objects, 198 case statements pattern matching versus, 64 cases in pattern matching, 67 unreachable case, 64 character literals, 38 characters operator characters, encoding in Java, 375 used in identifiers, 54 child types, 395 class keyword, 12, 89 classes abstract, 18, 48 adding new methods to, 188 basics of, 89 declaration of classes as singletons, 149 defined, 395 derived, overriding vals declared in parent classes, 25 JDK and .NET, use in Scala, 9 nested, 95 overriding abstract and concrete fields in, 119 overriding abstract and concrete methods, 112 parent, 91 sealed class hierarchies, 151–155 traits versus, 87 Upper class (example), 12 ClassfileAnnotation class, 292 Clickable trait (example), 82 clients, 395 closures, 169 defined, 5, 395 CLR (Common Language Runtime), Scala running on, 5 code examples in this book, xix, 10 code, organizing in files and namespaces, 44 codec for SMTP (example), 206 collections apply and unapplySeq methods, 132 mutable and immutable, 158 command-line tools, 343–353 information on, 10 sbaz, 352 scala, 345–350 scalac, 343 scaladoc, 352 scalap, javap, and jad, 350 comments, 11, 395 companion classes, 126 defined, 395 companion objects, 126–136 apply and unapplySeq methods for collections, 132 apply method, 127–129 conversion methods defined in, 187 creation for case classes, 138 defined, 395 Java static methods and, 134 Map and Set, 146 410 | Index Download at WoweBook.Com methods defined in, visibility to Java code, 373 Pair object for Pair class, 146 unapply method, 129–131 compiled, command-line tool, converting script to, 15 compiler (see scalac compiler) compiling versus interpreting, 12 component model, functional programming and, 192 components defined, 313, 395 fine-grained visibility rules in Scala, 314 implementing as traits, 337 compound types, 276 defined, 395 comprehensions, 59 concrete types, 395 concurrency, 16–21 Actor model of, 393 event-based, 397 Java and, 2 problems of shared, synchronized state, 193 traditional, using threading and events, 203–210 events, 205–210 one-off threads, 203 using java.util.concurrent, 204 using Actors, 194–203 Actors in abstract, 194 Actors in Scala, 194–203 conditional operators, 63 Console.println( ) method, 14 constant identifiers, 54 constants default argument values, 27 defining, 149 constructors, 18, 92–95 case class, 138 constraints on, advantages and disadvantage of, 94 parent class constructors, calling, 94 context-free grammars, 230, 395 contract, 254 defined, 395 contractual constraints in Design by Contract, 340 contravariance or contravariant, 396 contravariant subclassing, 252 covariance or covariant, 396 covariant specialization, 317 covariant subclassing, 252 @cps (continual passing style) annotation, 298 cross-cutting concerns, 396 cross-platform installer (lzPack), 8 curried functions, 184, 278 currying, 396 D data types, 247–288 abstract, 47, 267 parameterized types versus, 270 AnyVal types, conversion to Java primitives, 375 defined, 404 documentation for Scala type system, 288 existential types, 284 importing types and their members, 45 inferring type information, 29–36 infinite data structures and lazy vals, 285 Nothing and Null, 267 parameterized types, 47, 249 path-dependent types, 272 pattern matching on type, 65 reflection, 248 Scala’s sophisticated type system, 6 self-type annotations, 279–283 static versus dynamic typing, 2 structural types, 77, 283 type bounds, 259–267 type hierarchy in Scala, 155 value types, 275–279 variance under inheritance, 251 variance in Scala versus Java, 256–259 variance of mutable types, 255 decimal integer literals, 36 declaration site, 251, 396 declarations annotations in, 289–300 order of declaration, traits and, 86 visibility modifiers in, 97 declarative composition of traits, 86 declarative programming, 396 decompilers (scalap, javap, and jad), 350 deep matching, 67 def keyword, 12, 26 Index | 411 Download at WoweBook.Com default argument value, 396 definitions, method, 26 dependency injection (DI) defined, 396 Spring Framework, 381 using Cake Pattern, 334–340 derived types, 395 access to members of parent types, 97 Design by Contract, 253, 340 BankAccountSpec object (example), 341 defined, 396 design patterns, 325–340, 397 alternative to Visitor Pattern, 326–334 dependency injection (DI) implementation, Cake Pattern, 334–340 diamond of death (problem with multiple inheritance), 321 do-while loops, 62 documentation Scala tools and APIs, 10 Scala type system, 288 DSLs (Domain-Specific Languages), 57, 217– 245 benefits and drawbacks of, 217 defined, 397 external DSLs with parser combinators, 230–244 generating paychecks with external DSL, 239–244 parser combinators, 230 payroll external DSL, 230–233 Scala implementation of external DSL grammar, 233–239 internal DSL for payroll application (example), 218–230 apply methods, 224 implicit conversions and user-defined types, 223 infix operator notation, 223 payroll API, 219–222 payroll internal DSL, 222 payroll rules DSL implementation, 224– 229 internal versus external, 244 duck typing, 283 defined, 397 dynamic typing, 397 versus static typing, 2 dynamically typed languages, 2 E eager matching, 64 EBNF (Extended Backus-Naur Form) grammar notation, 230 external payroll DSL grammar, 231 Eclipse IDE developing Scala applications, 355 installing Scala plugin, 354 Eiffel language, 340 Either object, 158 else clause (if statements), 59 Emacs editor, 360 encapsulation defined, 397 visibility rules and, 96 Ensuring class, 342 enumerated types, 72 Enumeration class, 72 Enumeration.Value class, 302 enumerations, 72, 300–304 advantages and disadvantages of, 304 case classes and pattern matching versus, 304 HttpMethod object (example), 301–304 scala.Enumeration class, 300 eq method (AnyRef), 143 equality of objects, 142 equals method, 143 case class comparisons, 141 equals operator (==), 63 events, 397 using for concurrency, 205–210, 397 exception handling, pattern matching using try, catch, and finally clauses, 70 exceptions @throws annotation and, 298 @unchecked annotation and, 296 and alternatives to, 311 throwing, 71 executing a script, 12 existential types, 266, 284 defined, 397 examples of, 285 expectations, 364 exponentials with floating-point literals, 37 expressions for expression, 59 if statements as, 58 extends keyword, 79, 91 412 | Index Download at WoweBook.Com external DSLs, 218, 230 (see also DSLs) internal DSLs versus, 244 extractors, 397 translating regular expression capture groups to, 69 unapply methods, 129 use in pattern matching case statements, 138 F factory methods, apply method as, 127 family polymorphism, 317 Fibonacci sequence, calculating, 285 fields, 90 comparison to Java class-level, 148 defined, 397 indistinguishable from accessor methods, overriding, 123–126 mutable, 18 order of initialization, using lazy vals, 190 overriding abstract and concrete fields, 114 overriding abstract and concrete fields in classes, 119 overriding abstract and concrete fields in traits, 114–119 referencing object field, 149 visibility and access to, 97 filtering in for expressions, 60 in functional programming, 178 final declarations, attempting to override, 112 final keyword, 397 finishing problem (in DSL design), 229 first class, 397 floating-point literals, 37 fluent interface, 226 folding data structures, 179–181 for comprehensions, 59–61 expanded variable scope, 61 filters in, 60 simple example, 59 using Options with, 308 yielding collections, 60 yielding successive blocks of dynamically formatted XML, 216 foreach method, 79 traversal operations in functional programming, 175 formal parameters, 397 FP (see functional programming) free variables, 397 fsc (fast scala compiler) tool, 353 function literals, 78 closures and, 169 defined, 13, 398 passing to foreach, 16 passing to method for pattern matching, 19 function types, 277 defined, 398 Function.curried method, 185 Functional Java project, 367 functional programming, 165–192, 398 call by name and call by value, 189 component model and, 192 currying, 184 data structures, 172 lists, 173 maps, 173 definition of, 166 filtering operations, 178 folding and reducing operations, 179–181 functions in mathematics, 166 implicit conversions, 186 implicit function parameters, 188 implicits, caution with, 189 lazy vals, 190 mapping operations, 175 mixed paradigm in Scala, 5 Options object, 181 partial functions, 183 pattern matching, 182 recursion, 170 in Scala, 167–170 function literals and closures, 169 tail calls and tail-call optimization, 171 traversal of data structures, 175 variables, immutable values of, 166 FunctionN object, 159 defining traits for, 277 variance under inheritance, 252 functions, 165 (see also functional programming) defined, 398 higher order, 166, 398 overloaded, 401 Scala, using in Java, 371 futures, 202 Index | 413 Download at WoweBook.Com G Gang of Four (GOF) patterns, 325 generator expressions, 62 generators <- (left-arrow) operator, 60 defined, 398 in for comprehensions, 309 generics, 6, 369–371 defined, 398 Java, 47 using from Scala, 369 Scala, using from Java, 370 variance under inheritance, differences between Java and Scala, 251 grammars context-free, 395 EBNF notation for external payroll DSL grammar, 231 parsing expression grammars (PEGs), 401 guards, pattern matching on, 67 H Hadoop library, 384 Haskell, QuickCheck tool, 365 hexadecimal integer literals, 36 higher-order functions, 166, 398 I I/O (input/output) automatic importation of methods by Scala, 15 NIO (non-blocking I/O), 205 identifiers, characters allowed in, 54 IDEs (integrated development environments), 354–360 Eclipse developing Scala applications, 355 installing Scala plugin, 354 IntelliJ developing Scala applications, 357 installing Scala plugins, 356 NetBeans developing Scala applications, 360 installing Scala plugins, 359 text editors, 360 if statements, 58 immutable values, 398 immutable variables, 5 declaring, 24 imperative languages, 20 imperative programming, 398 implicit arguments, 398 implicit conversions caution with, 189 defined, 398 defining custom object and conversion method, 187 in functional programming, 186 in internal DSL payroll implementation, 223 Int into RichInt, 62 Predef.any2ArrowAssoc method, 147 rules for compiler to find and use conversion methods, 187 implicit function parameters, 188 caution with, 189 implicit keyword, 186 defined, 398 implicit typing, 405 import statements, 19 importing Java types and their members, 45 relative path used in, 46 infinite data structures, 398 laziness and, 285 using lazy vals to manage, 191 infix notation, 53 defined, 398 infix operator notation, 223 infix types, 276, 399 inheritance case class, 140 defined, 399 definition, 87 linearization of object hierarchy, 159–163 multiple, problems with, 321 single inheritance plus traits in Scala, 322 variance under, 251–259 instance, 89, 399 instantiate, 399 integer literals, 36 IntelliJ IDEA developing Scala applications, 357 installing Scala plugins, 356 interactive mode, scala command, 10 @interface keyword (Java), 289 internal DSLs, 218, 229 414 | Index Download at WoweBook.Com (see also DSLs) external DSLs versus, 244 interned strings, 39 interpreter, starting, 10 interpreting versus compiling, 12 invariance and invariant, 399 invariant subclassing, 252 invariants, 340 inversion of control (IoC), 334, 399 IOHandlerActorAdapter object, 208 Iterable object, 175 filtering methods, 178 fold and reduce methods, 180 map method, 175 Iterator Pattern, 325 J jad tool, 351 Java, 1 annotations, 289 aspect-oriented programming, AspectJ, 76 DI (dependency injection), 335 importation of data types into Scala, 45 interfacing with type system, using existential types, 284 invoking method name identical to Scala reserved word, 54 JDK (Java Development Kit), 7 JVM (Java Virtual Machine), 2 reflection methods, 248 libraries, interoperability with Scala, 377– 385 AspectJ, 377–381 Hadoop, 384 Spring Framework, 381 Terracotta, 384 package concept for namespaces, 44 regular expressions, 69 Scala interoperability with, 369–377 AnyVal types and Java primitives, 375 Java and Scala generics, 369 JavaBean properties, 374 Scala names in Java code, 375 using Scala functions in Java, 371 static methods, companion objects and, 134–136 static typing, 3 variance, 256–258 java command, 344 java.io.IOException class, 298 java.lang.String class, 186 java.nio package, 205 java.util.concurrent package, 204 JavaBeans conventions for, 374, 381 vetoable events, 84 javac compiler, 7 Javadoc-style @return annotation, 241 javap tool, 350 JavaRebel tool, 368 JavaTokenParsers, 235 JDK (Java Development Kit), 7 join points, 378 JUnit, 81 running specifications, 365 JVM (Java Virtual Machine), 2 JVM version of Scala, 5 installing, 8 L lazy evaluation, infinite data structures and, 285 lazy values, 117, 190 Post class (example), 215 lazy, defined, 399 left-associative method invocations, 57 libraries Java library interoperability, 377–385 AspectJ, 377–381 Hadoop, 384 Spring Framework, 381 Terracotta, 384 miscellaneous smaller Scala libraries, 368 notable Scala libraries, 367 Lift web framework, 367 linearization of object hierarchy, 159–163, 274, 399 algorithm for reference types, 161 hand calculation for C2 (example), 163 LinkedList class that uses Nodes (example), 264 Liskov Substitution Principle, 87 List class apply and unapplySeq methods, 132 declaration, 47 Nil case object, 267 Scala implementation, 261–263 List object Index | 415 Download at WoweBook.Com apply method, parameterized, 251 folding, 179 lists in functional programming, 173 literals, 36–40 boolean, 38 character, 38 defined, 399 floating-point, 37 integer, 36 string, 39 symbol, 39 load-time weaving, 380 loops do-while, 62 for loops or comprehensions, 59–61 generator expressions in, 62 looping through and matching XML, 213 trampoline, 172 while, 61 lower type bounds, 260, 268 M Mac OS X installing Scala, 8 TextMate editor, 360 mailbox for Actors, 196, 399 main method, 15, 399 Manifests, 250 Map companion object, 147 Map values, 146 Map.apply method, 147, 177 MapReduce, 384, 400 maps in functional programming, 173 MatchError object, 151 mathematics, functions in, 166 Maven build tool, 353 members, 90, 400 importing, 45 memoization, 169, 400 support by packrat parsers, 245 messages, 400 metadata, 290 (see also annotations) adding to declarations, 289 default values and, 292 metaprogramming, 8 MetaScala library, 368 method chaining, 223 methods, 90 abstract types as arguments, 270 adding new methods to classes, 188 class-level, 149 declarations, 26–29 default and named arguments, 26 nesting method definitions, 28 defined, 400 defining, 12 Java static methods and companion objects, 134–136, 373 operators as, 53 infix notation, 53 overriding, 112 overriding accessor methods indistinguishable from fields, 123–126 parameterized, 251 without parentheses and dots, 55 operator precedence, 56 referencing object method, 149 Meyer, Bertrand, 340 MINA (Apache), 205 events provided by, 209 mixin composition, 4, 316, 322 using traits, 6 mixins, 75 defined, 400 invasive, 324 traits as, 76–82 modules components and, 313 contract of, 340 multiple inheritance, 400 mutable fields, 18 mutable values, 400 N Naggati library, 205 named arguments, 27, 400 namespaces, 44 relationship to Scala’s nested package syntax, 44 ne method (AnyRef), 143 nested classes, 95 .NET invoking method name identical to Scala reserved word, 54 regular expressions, 69 .NET version of Scala, 5 416 | Index Download at WoweBook.Com NetBeans developing Scala applications, 360 installing Scala plugins, 359 new operator, 14 Nil case object, 267 NIO (non-blocking I/O), 205 NioSocketAcceptor object, 208 NodeSeq class, \ and \\ methods, 55 NodeSeq object, 212 None class, 41 nonterminals, 232, 400 Nothing type, 259, 267 Null object, 267 nulls avoiding using Option, Some, and None classes, 41–43 Options versus, 306 O object system (Scala), 145–164 classes and objects, 148 package objects, 150 linearization of object hierarchy, 159–163 Predef object, 145 sealed class hierarchies, 151–155 type hierarchy, 155 object-oriented programming (OOP), 89 case classes, 136–142 classes and objects, basics of, 89 companion objects, 126–136 constructors, 92–95 defined, 400 equality of objects, 142 mixed paradigm in Scala, 4 nested classes, 95 overriding members of classes and traits, 111–126 parent classes, 91 reusable software components and, 192 visibility rules, 96–110 objects basics of, 89 deep matching on contents, 67 defined, 400 instantiation in Scala, 149 in Scala, 5 versus class-level members, 14 ObservableClicks trait (example), 83 working with VetoableClicks trait (example), 85 Observer Pattern, 77, 326 trait implementing, 77 octal integer literals, 36 Odersky, Martin, 7 Open-Closed Principle (OCP), 153 violation by Visitor Pattern, 328 operator characters, 54 defined, 401 encoding in Java identifiers, 375 in identifiers, 54 operator notation, 398 infix operator notation, 53, 223 operator overloading, 401 operator precedence, 56 operators, 53 conditional, 63 Option class, 41–43 alternatives to exceptions, 312 functional operations on, 181 nulls versus, 306 using with for comprehensions, 308 or operator (||), 63 overloaded functions, 401 overloaded methods, 90 explicit return type requirement, 32 override keyword, 18, 79, 111 overriding class and trait members, 111–126 abstract and concrete fields, 114 in classes, 119 in traits, 114–119 abstract and concrete methods, 112 abstract types, 120–123 accessor methods indistinguishable from fields, 123–126 final declarations, 112 P package objects, 150, 401 packages, 44 defining using nested package syntax in Scala, 44 root package for Scala library classes, 45 packrat parsers, 245, 401 Pair class, 146 apply method, 127 Pair object, 146 parameterized methods, 251 Index | 417 Download at WoweBook.Com parameterized types, 13, 47, 249 abstract types versus, 270 defined, 401 Manifests, 250 parameterized methods, 251 value types created from, 275 parameters constructor, initialization of vals and vars, 25 implicit function parameters, 188 order of, named arguments and, 27 required return type annotations, 30 parent classes, 91, 401 parser combinators, external DSLs with, 230– 244 generating paychecks with PayrollParserCombinators, 239– 244 payroll external DSL, 230–233 Scala implementation of external DSL grammar, 233–239 Parsers object, 235 documentation of composition operators, 233 ~ case class, 238 parsing expression grammars (PEGs), 245, 401 partial application, 401 partial functions, 183, 401 path-dependent types, 272, 401 C.super, 273 C.this, 273 p.Success case class (example), 236 period-delimited path expressions, 274 pattern matching, 19, 64–72 binding nested variables in case clauses, 69 on case classes, 67 defined, 401 on enumerations, 302 extractors in case statements, 138 in functional programming, 182 matching on tuples and guards, 66 polymorphism versus, 20 on regular expressions, 68 on sequences, 65 simple match of boolean values, 64 on type, 65 using on XML structures, 213 using try, catch, and finally clauses, 70 using with case classes, enumerations versus, 304 variables in matches, 64 pattern matching identifiers, 54 payroll external DSL (example), 230–233 payroll internal DSL (example), 222 PEGs (parsing expression grammars), 245, 401 performance, 6 Pimp My Library design pattern, 188, 401 plain identifiers, 54 pointcuts, 378 polymorphism family polymorphism, 317 pattern matching versus, 20, 71, 182 postconditions, 340, 402 postfix notation, 53, 402 @Pre annotation, 290 pre-initialized fields, 117 precedence, operator, 56 preconditions, 340, 401 Predef object, 145 any2ArrowAssoc method, 147 declaring types and exceptions, 146 documentation, 148 implicit conversion methods for value types, 158 items imported or defined by, 145 require and assume methods, using for contract enforcement, 340 stringWrapper method, 186 primary constructor, 92, 402 primitive data types, 402 instances of value types corresponding to, 91 Java, conversion of AnyVal types to, 375 println function, 14, 15 partially applied (example), 183 private keyword, 92, 97 private visibility, 100 scoped, 102–110 production, 402 production rules, 232 projection functions, 212 protected keyword, 97 protected visibility, 99 scoped, 102–110 public visibility, 98 pure (side-effect-free functions), 402 418 | Index Download at WoweBook.Com Q exceptions, 312 method resolution in, 283 QuickCheck (Haskell), 365 S R Range object, 287 Range.Inclusive class, 62 raw strings in regular expression pattern matching, 69 recursion, 28, 402 explicit return type annotation, 30, 31 in functional programming, 170 tail-call, 171 foldLeft and reduceLeft, 181 reducing data structures, 179–181 Reductio tool, 367 reference types, 91, 402 linearization algorithm for, 160, 161 listed, 156 parent of, AnyRef, 155 testing equality, 143 referential transparency, 402 refinement in compound type declarations, 276 defined, 402 reflection, 248 Regex class, 69 regular expressions matching on, 68 use in parsing, 235 reified types, 402 relative imports, 46 REPL (Read, Evaluate, Print, Loop), 402 Request case class, 207 requirements specification, 363 reserved words listing of reserved words in Scala, 49 not allowed in identifiers, 54 @Retention annotation, 290 @return annotation, 241 return keyword, 13, 31 return type for methods, 30–36 required explicit declarations of, 31 using Option, Some, and None types, 41 RichInt class, 62 RichString class, 186 right-associative method invocations, 57 Ruby dynamic typing, 2 sbaz tool, 10, 352 installing ScalaCheck, 365 SBT (simple build tool), 353 Scala benefits of, 7 code examples, 10–16 combining with other languages, 8 installing, 8 introduction to, 4 official website, 8 resources for more information, 10 scala command, 10, 12, 345–350 -cp option, 16, 346 commands available in scala interactive mode, 347 documentation, 348 interactive mode, 10 invoking scripts, 348 limitations of, versus scalac, 348 options, 347 running in interpreted mode, 346 script or object specified for, 346 scala-tool-support package, 360 scala.actors.Actor class, 194 @scala.reflect.BeanProperty annotation, 374, 381 scalability, Scala support for, 6 scalable abstractions (see components) scalable language (Scala), 7 scalac compiler, 10, 343 -X options, 345 -Xscript option, 349 command options, 344 compiling code into JVM .class file, 16 plugin architecture, 345 scala command versus, 348 ScalaCheck, 365 scaladoc tool, 10, 352 Scaladocs, 402 ScalaObject class, 157 $tag method, 351, 393 scalap tool, 350 ScalaTest, 361 Scalax library, 368 Scalaz library, 367 Index | 419 Download at WoweBook.Com scope defined, 402 expanded variable scope in for comprehensions, 61 package objects, 150 of private and protected visibility, 102–110 scripting languages, popularity of, 2 sealed class hierarchies, 151–155 sealed keyword, 402 self types, 6 self-type annotations, 279–283 and abstract type members, 317 defined, 403 TwitterClientComponent (example), 337 Seq class, first and firstOption methods, 312 sequences matching on, 65 Range.Inclusive class, 62 sequential composition, 233 combinator operators, 234 @serialVersionUID annotation, 291 Set companion object, 147 Set values, 146 sets in functional programming, 174 short-circuiting operators (&& and ||), 63 side-effect-free, 403 signature, 90, 403 single inheritance, 403 Single Responsibility Principle, 76 singleton objects, 14, 134 eliminating need for Singleton Pattern, 325 methods defined in companion objects, 373 singleton types, 279, 403 singletons, 403 Scala classes declared as, 149 sleeping barber problem (demonstrating Actors), 197–202 SMTP mail server (example), 205–210 codec for SMTP, 206 conversation with server, 209 setup, 207 SmtpHandler class, 208 Some class, 41 @specialized annotation, 297 Specs library, 57, 363–365 using for BDD specification exercising combined Button and Subject types, 80 Spring Framework, 381 stable types, 403 state, 403 static members, Scala and, 148 static typing, 403 versus dynamic typing, 2 StaticAnnotation class, 291 annotations derived from, 294 Stream class, 286 strict, 403 String class, 186 implicit conversion to RichString, 187 string literals, 39 strong versus weak typing, 3 structural types, 77, 283 defined, 403 subtypes, 395, 403 super keyword, 114 supertype, 403 @switch annotation, 296 symbol literals, 39 symbols, 133 defined, 403 in method names and other identifiers, 53 T $tag method (ScalaObject), 351, 393 tail calls, 171 @tailRec annotation and, 296 foldLeft and reduceLeft operations, 181 trampoline for, 172 tail-call recursion, 403 @tailRec annotation, 296 TDD (Test-Driven Development), 81, 361– 367 defined, 403 Design by Contract and, 342 ScalaCheck tool, 365 ScalaTest tool, 361 Specs library, 363–365 terminals, 232, 403 Terracotta library, 384 test double, 404 text editors, 360 TextMate editor, 360 this keyword, 18, 89 self versus, in self-type annotations, 319 self-type annotations, 279 super versus, 114 420 | Index Download at WoweBook.Com threading in Scala, 203 one-off threads, 203 using java.util.concurrent, 204 @throws annotation, 298 trait keyword, 77 traits, 4, 75–88 aspects versus, 381 constructing, 86 class or trait, 87 initializing values in traits, 87 defined, 404 effective design of, 321–325 functions as instances of, 278 implementing components with, 337 as mixins, 76–82 vetoing click events, 84 overriding accessor methods indistinguishable from fields, 125 overriding members of abstract and concrete fields, 114–119 promotion of mixin composition, 316 stacking, 82 trampolines, 172, 404 try, catch, and finally clauses, 70 tuples, 40 defined, 404 pattern matching on, 66 value type, syntax for, 275 ways to create two-item tuple, 148 Twitter client, component model for (example), 335–340 type alias, 74 type annotations, 12 defined, 404 required explicit type annotations, 30 self-type annotations, 279–283 type bounds, 256, 259–267 defined, 404 List class, Scala implementation, 261–263 lower, 260 upper, 259 using in abstract type declarations, 268 views and view bounds, 263 type constructors, 404 type designators, 275, 404 type erasure, 90 defined, 405 getClass method on JVM, 248 type inference, 29–36, 405 type projections, 279, 405 type system, 2, 247 (see also data types) Scala, 6 type variance, 251, 405 (see also variance under inheritance) type variance annotations, 405 types, 247 (see also data types) defined, 404 typing, 2 U unapply method, 129–131 unapplySeq method for collections, 132 @unchecked annotation, 296 Unicode characters, 38 Uniform Access Principle, 97, 124 universe (sbaz remote repository), 352 upper type bounds, 259, 268 V val keyword, 14 in declaration of read-only variable, 11 using in declaration of immutable variable, 24 vals, lazy (see lazy values) Value class, 302 Value object, 405 value types, 91, 275 defined, 405 function types, 277 implicit conversions by Predef object methods, 158 infix types, 276 listed, 156 parameterized types, 275 singleton types, 279 tuples, 275 type designators, 275 type projections, 279 use in type bounds expressions, 268 Value.toString method, 73 values, 405 var keyword, 18 variable identifiers, 54 variable-length argument lists, 12, 147 variables Index | 421 Download at WoweBook.Com binding nested variables in case clauses, 69 declarations, 24 defined, 405 expanded scope in for expressions, 61 immutable values in functional programming, 166 in matches, 64 mutable and immutable, 5 in static and dynamic typing, 2 variance annotations, 249 summary of, 251 variance under inheritance, 251 abstract versus parameterized types, 270 variance in Scala versus Java, 256–259 variance of mutable types, 255 versions, Scala, 9 VetoableClicks trait (example), 85 view bounds, 264–267, 405 implementing LinkedList class that uses Nodes, 264 views, 187, 263–267, 405 Vim editor, 360 visibility, 96–110, 405 fine-grained visibility rules in Scala, 314 private, 100 protected, 99 public, 98 scoped private and protected visibility, 102– 110 summary of visibility scopes, 97 Visitor Pattern, alternative to, 326–334 exploring using NodeSeq tools, 212 looping and matching, 213 reading, 211 writing, 214 blogging system (example), 215–216 Y yield keyword, 60 W weak versus strong typing, 3 weaving, load-time, 380 web application frameworks, 367 web page for this book, xxi code examples, xix, 10 while loops, 61 implementing using by-name parameters and currying, 189 with keyword, 79 wrapper classes in Scala, 186 Rich wrapper classes defined in scala.runtime package, 187 X XML, 211–216 422 | Index Download at WoweBook.Com About the Authors Dean Wampler is a consultant, trainer, and mentor with Object Mentor, Inc. He specializes in Scala, Java, and Ruby, and works with clients on application design strategies that combine object-oriented programming, functional programming, and aspectoriented programming.

He specializes in Scala, Java, and Ruby, and works with clients on application design strategies that combine object-oriented programming, functional programming, and aspectoriented programming. He also consults on Agile methods, such as Lean and XP. Dean is a frequent speaker at industry and academic conferences on these topics. He has a Ph.D. in physics from the University of Washington. Alex Payne is Platform Lead at Twitter, Inc., where he develops services that enable programmers to build atop the popular social messaging service. Alex has previously built web applications for political campaigns, non-profits, and early-stage startups, and supported information security efforts for military and intelligence customers. In his free time, Alex studies, speaks, and writes about the history, present use, and evolution of programming languages, as well as minimalist art and design. Colophon The animal on the cover of Programming Scala is a Malayan tapir (Tapirus indicus), also called an Asian tapir.

pages: 468 words: 233,091

Founders at Work: Stories of Startups' Early Days by Jessica Livingston

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

8-hour work day, affirmative action, AltaVista, Apple II, Brewster Kahle, business process, Byte Shop, Danny Hillis, David Heinemeier Hansson, don't be evil, fear of failure, financial independence, Firefox, full text search, game design, Googley, HyperCard, illegal immigration, Internet Archive, Jeff Bezos, Justin.tv, Larry Wall, Maui Hawaii, Menlo Park, nuclear winter, Paul Buchheit, Paul Graham, Peter Thiel, Richard Feynman, Richard Feynman, Robert Metcalfe, Ruby on Rails, Sand Hill Road, side project, Silicon Valley, slashdot, social software, software patent, South of Market, San Francisco, Startup school, stealth mode startup, Steve Ballmer, Steve Jobs, Steve Wozniak, web application, Y Combinator

I had visions of raising money and building something cool, but originally the idea for Pyra was around web-based project management, or collaboration, which was an area I had been interested in for a long time. The idea for Pyra was the personal and project information management system: to build projects for clients around their intranets and help them organize their work and personal information. It is a web application where you would put your stuff, things you are thinking about, things you had to do, things you wanted to share with other people. There is not exactly a corollary to it today, but it is along the same lines as Basecamp or Ta-da List (but more complicated). There are a lot of products that are about organizing your work and stuff. That was what I saw as the big idea, and I had specific ideas about how that could be done better than it had ever been done before.

Williams: Well, we kind of tried. We started talking to the few people we knew, but we just didn’t have any inroads for that. We wrote a business plan, I think. Evan Williams 113 The first year was entirely self-funded. It was just doing this work mostly for HP. HP basically funded Pyra for the first year, unbeknownst to them, because at the time you could charge a decent amount of money for doing pretty simple web application development. If one of us was working on that full-time, it would pay for three of us (not that we were paying ourselves much). We started working on things in November ’98. We technically started the company in January. Meg started full-time in February, and we hired our first employee, Paul Bausch, in May. Then we got an office down here in SOMA. Livingston: So is that when you focused on developing Blogger.com?

As we showed it to colleagues in the industry, we quickly realized that others had the same problem; there was not a lot of software available for small companies to manage projects. Microsoft Project and the other heavyweight approaches to this relied on critical path management and things that might work fine for a 200-person project on a construction site, but not well for 3 people trying to deliver a web application. So we started out just thinking, “This is going to help us solve our consultancy needs.” And as we got more feedback, we realized it was a good time to start thinking about how we could make this 37signals’s product. Livingston: Do you remember the moment? Heinemeier Hansson: It was more just a flow of the application coming together and the feedback we started to get from people we respected saying, “I want this too!”

pages: 792 words: 48,468

Tcl/Tk, Second Edition: A Developer's Guide by Clif Flynt

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Donald Knuth, hypertext link, revision control, Silicon Valley, web application

Note that you must specify an ASCII text file for the output and use hard newlines if you use one of the word processor editors. The Tcl interpreter does not read most native word processor formats. There are several Tcl integrated development environments (IDEs) available, ranging from commercial packages such as ActiveState’s Komodo and Neatware’s MyrmocoX, to freeware such as ASED and TclIDE, to tools such as the editor Mike Doyle and Hattie Schroeder developed as an example in their book Interactive Web Applications with Tcl/Tk (www.eolas.com/tcl). IDEs are discussed in more detail in Chapter 14. Several of these packages are found on the companion CD-ROM. 27 28 Chapter 2 The Mechanics of Using the Tcl and Tk Interpreters You can also use the Tk Console to type in Tcl commands and then save them to a file via the File > Save > History menu choice. You will probably need to edit this file after you have saved it, to delete extra lines. 2.3.2 Evaluating Tcl Script Files For the time being, let’s assume you have created a file named foo.tcl containing the following text: label .l -text “The arguments to this script are: $argv” pack .l There are several ways to evaluate this wish script file.

See the companion CD-ROM articles about the “Birthday Robot” and “Stock Robot” for more information about using the http package. The ease with which HTML support is added to the text widget may make you think that it would be easy to write a full browser with Tk. Before you do too much work on that project, take a look at Steve Ball’s plume browser at http://tcltk.anu.edu.au/1.0a1/ and read Mike Doyle and Hattie Schroeder’s book Web Applications in Tcl/Tk. Much of the work you will need to do to create a browser has already been done. Using a text widget to implement a browser display has the following problems. ■ Performance: Displaying HTML in a text widget requires a great deal of parsing HTML and calculating layout parameters. This can be compute intensive, and becomes slow when done in an interpreted language like Tcl. ■ Layout limitations: The text widget is optimized for pure text displays.

Example 14.9 Script Example load /usr/local/lib/libmysqltcl.so # Connect to database set handle [mysqlconnect -db clif1] # Create two new tables set createCmds { {CREATE TABLE books ( first CHAR(20), last CHAR(20), title CHAR(50), publisher INTEGER, ID INTEGER);} {CREATE TABLE publishers ( name CHAR(50), id INTEGER);} } foreach createCmd $createCmds { set result [mysqlexec $handle $createCmd] puts “Create Table result: $result” } # Define data for tables set bookData { {’Brent’, ’Welch’, \ ’Practical Programming in Tcl/Tk’, 2, 1} {’Dave’, ’Zeltserman’, \ ’Building Network Management Tools with Tcl/Tk’, 2, 2} {’Mike’, ’Doyle’, \ ’Interactive Web Applications with Tcl/Tk’, 1, 3} {’Clif’, ’Flynt’, \ 589 590 Chapter 14 Extensions and Packages ’Tcl/Tk: A Developer\’s Guide’, 1, 4} } set publisherData { {’Morgan Kaufmann’, 1} {’Prentice Hall’, 2} } # Insert data into the tables. foreach book $bookData { set result [mysqlexec $handle “INSERT INTO books VALUES ($book)”] puts “Insert result: $result” } foreach pub $publisherData { mysqlexec $handle “INSERT INTO publishers VALUES ($pub)” } # And now extract data and generate a simple report. set fail [catch \ {mysqlsel $handle “SELECT * FROM books” -list } bookList] if {$fail} { error “SQL error number $mysqlstatus(code) message: $bookList” “” } foreach book $bookList { foreach {first last title pubId id} $book {} foreach {pubName pubID} [mysqlsel $handle \ “Select * from publishers where ID=$pubId” -flatlist] {} puts [format “%-12s %-30s \n %-30s” \ $last $title $pubName] } Script Output Create Create Insert Insert Insert Insert Welch Table result: 0 Table result: 0 result: 1 result: 1 result: 1 result: 1 Practical Programming in Tcl/Tk Prentice Hall Zeltserman Building Network Management Tools with Tcl/Tk Prentice Hall Doyle Interactive Web Applications with Tcl/Tk 14.6 VSdb Package Flynt Academic Press Professional Tcl/Tk, A Developer’s Guide Morgan Kaufmann 14.6 VSdb Package Language Tcl Primary Site http://sourceforge.net/projects/tclvs/ Original Author Steve Wahle Contact creat@lowcountry.com, Scott Beasley Tcl Revision Supported Tcl: 8.x; Tk: 8.x Supported Platforms UNIX, Windows The VSdb package is a small, pure Tcl database package that can easily be merged into an application that needs to be portable.

HBase: The Definitive Guide by Lars George

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, bioinformatics, create, read, update, delete, Debian, distributed revision control, domain-specific language, en.wikipedia.org, fault tolerance, Firefox, Google Earth, place-making, revision control, smart grid, web application

Column-oriented and row-oriented storage layouts The speed at which data is created today is already greatly increased, compared to only just a few years back. We can take for granted that this is only going to increase further, and with the rapid pace of globalization the problem is only exacerbated. Websites like Google, Amazon, eBay, and Facebook now reach the majority of people on this planet. The term planet-size web application comes to mind, and in this case it is fitting. Facebook, for example, is adding more than 15 TB of data into its Hadoop cluster every day[9] and is subsequently processing it all. One source of this data is click-stream logging, saving every step a user performs on its website, or on sites that use the social plug-ins offered by Facebook. This is an ideal case in which batch processing to build machine learning models for predictions and recommendations is appropriate.

docs This directory contains a copy of the HBase project website, including the documentation for all the tools, the API, and the project itself. Open your web browser of choice and open the docs/index.html file by either dragging it into the browser, double-clicking that file, or using the File→Open (or similarly named) menu. hbase-webapps HBase has web-based user interfaces which are implemented as Java web applications, using the files located in this directory. Most likely you will never have to touch this directory when working with or deploying HBase into production. lib Java-based applications are usually an assembly of many auxiliary libraries plus the JAR file containing the actual program. All of these libraries are located in the lib directory. logs Since the HBase processes are started as daemons (i.e., they are running in the background of the operating system performing their duty), they use logfiles to report their state, progress, and optionally, errors that occur during their life cycle.

This simplifies the implementation and maintenance of these gateway servers. The protocol between the gateways and the clients is then driven by the available choices and requirements of the remote client. An obvious choice is Representational State Transfer (REST),[68] which is based on existing web-based technologies. The actual transport is typically HTTP—which is the standard protocol for web applications. This makes REST ideal for communicating between heterogeneous systems: the protocol layer takes care of transporting the data in an interoperable format. REST defines the semantics so that the protocol can be used in a generic way to address remote resources. By not changing the protocol, REST is compatible with existing technologies, such as web servers, and proxies. Resources are uniquely specified as part of the request URI—which is the opposite of, for example, SOAP-based[69] services, which define a new protocol that conforms to a standard.

pages: 398 words: 107,788

Coding Freedom: The Ethics and Aesthetics of Hacking by E. Gabriella Coleman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Benjamin Mako Hill, commoditize, crowdsourcing, Debian, Donald Knuth, dumpster diving, en.wikipedia.org, financial independence, ghettoisation, Hacker Ethic, informal economy, Jacob Appelbaum, Jaron Lanier, Jason Scott: textfiles.com, Jean Tirole, knowledge economy, laissez-faire capitalism, Larry Wall, Louis Pasteur, means of production, Paul Graham, peer-to-peer, pirate software, popular electronics, RFC: Request For Comment, Richard Stallman, rolodex, Ronald Reagan, Silicon Valley, Silicon Valley startup, slashdot, software patent, software studies, Steve Ballmer, Steven Levy, Ted Nelson, the scientific method, The Structural Transformation of the Public Sphere, web application, web of trust

Alternatives to Capitalism: IMCs Also bearing a three-letter acronym, the IMC once represented the vibrant epicenter of a grassroots, people-based digital media journalism, whose mission and spirit could not be more antithetical to the goals of a corporate mammoth like IBM.11 A worldwide volunteer collective of loosely affiliated grassroots media Web sites and centers, IMC activists make and disseminate locally generated media using various Web applications and tools. Indymedia emerged out of historic struggles against corporate neoliberal globalism policies. In the mid- to late 1990s, opposition against corporate globalization began to take shape among various groups across the globe. Ya Basta!, the Direct Action Network, and the Zapatista National Liberation Army were notable players, while the World Trade Organization protests in the streets of Seattle on November 30, 1999, registered a potent, distilled version of this dissent in an area of the world where spectacular street demonstrations had been in extended hibernation.

For instance, in his enormously influential book Code and Other Laws of Cyberspace, Lessig (1999, 7) justifies his argument that “the lack of ownership, the absence of property, the inability to direct how ideas will be used—in a word, the presence of a commons—is key to limiting, or checking, certain forms of governmental control,” and does so by relying heavily on the example of “open code.” The nonprofit organization he founded, Creative Commons, has developed licenses and Web tools that are used by individuals and organizations to “build an intellectual property conservancy.”15 The model he drew from, unsurprisingly, was the GNU GPL: Taking inspiration in part from the Free Software Foundation’s GNU General Public License (GNU GPL), Creative Commons has developed a Web application that helps people dedicate their creative works to the public domain—or retain their copyright while licensing them as free for certain uses, on certain conditions.16 While Lessig and Creative Commons may represent the most prominent of these liberal translations, there are many others. Bollier’s book Silent Theft (the title plays off Rachel Carson’s Silent Spring, which crystallized much thinking about the movement), for instance, contends that the establishment of a commons can limit the multinational plundering of knowledge and culture.

pages: 353 words: 104,146

European Founders at Work by Pedro Gairifo Santos

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

business intelligence, cloud computing, crowdsourcing, fear of failure, full text search, information retrieval, inventory management, iterative process, Jeff Bezos, Lean Startup, Mark Zuckerberg, natural language processing, pattern recognition, pre–internet, recommendation engine, Richard Stallman, Silicon Valley, Skype, slashdot, Steve Jobs, Steve Wozniak, subscription business, technology bubble, web application, Y Combinator

But anyway, it’s been growing and growing and growing and growing without stop since the beginning. So, I looked at the numbers for our third anniversary, which was last week or ten days ago, and we sold over $6.6 million of Mockups to over fifty thousand customers. And business is still growing. I got lucky. I don’t know what to tell you. It found this underserved niche that is growing, as well. More people are getting into user experience and have web sites and web applications or software that they’re building. So, somehow, I hit a sweet spot with the price and the feature list, and I guess we’re doing a good job. Santos: But when you launched, did you do a media campaign? Did you contact TechCrunch or whoever to get a lot of media attention? Guilizzoni: Yeah, I have a blog post about what I did. I didn’t have TechCrunch because I was bootstrapped from day one.

I decided to suggest to my board that we should focus on that and build applications, and I thought there would have been a huge success or huge successes around Twitter, like there were around Facebook. The future proved me wrong, but that's how we felt at the time. We decided to change Seesmic's direction and started to build Twitter applications on the desktop, web, and mobile. For the last two years, we created iPhone, Android, Windows Phone 7.0 even, and desktop and web applications for Twitter. We reached a very good number of users, still today using it, but Twitter completely changed. It was heaven with Twitter. We were presenting our road map and everything that we were building to the whole Twitter company at lunch. I remember that moment very well. We had most of the Twitter team in front of us, helping us and telling us, “This is awesome. We're just the type who love to offer something on our ecosystem.”

pages: 292 words: 81,699

More Joel on Software by Joel Spolsky

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

a long time ago in a galaxy far, far away, barriers to entry, Black Swan, Build a better mousetrap, business process, call centre, Danny Hillis, David Heinemeier Hansson, failed state, Firefox, fixed income, George Gilder, Larry Wall, low cost carrier, Mars Rover, Network effects, Paul Graham, performance metric, place-making, price discrimination, prisoner's dilemma, Ray Oldenburg, Ruby on Rails, Sand Hill Road, Silicon Valley, slashdot, social software, Steve Ballmer, Steve Jobs, Superbowl ad, The Great Good Place, type inference, unpaid internship, wage slave, web application, Y Combinator

I think the plan will be to lull you almost completely to sleep and then to sneak the Hungarian notation = good, Exceptions = bad thing on you when you’re sleepy and not really putting up much of a fight. An example R ight. On with the example. Let’s pretend that you’re building some kind of a web-based application, since those seem to be all the rage with the kids these days. Now, there’s a security vulnerability called the Cross-Site Scripting Vulnerability, a.k.a. XSS. I won’t go into the details here: all you have to know is that when you build a web application, you have to be careful never to repeat back any strings that the user types into forms. So, for example, if you have a web page that says, “What is your name?” with an edit box and then submitting that page takes you to another page that says, “Hello, Elmer!” (assuming the user’s name is Elmer), well, that’s a security vulnerability, because the user could type in all kinds of weird HTML and JavaScript instead of “Elmer,” and their weird JavaScript could do narsty things, and now those narsty things appear to come from you, so, for example, they can read cookies that you put there and forward them on to Dr.

That works, in the sense that if you follow this convention you’ll never have an XSS bug, but that’s not necessarily the best architecture. For example, maybe you want to store these user strings in a database somewhere, and it doesn’t make sense to have them stored HTML encoded in the database, because they might have to go somewhere that is not an HTML page, like to a credit card processing application that will get confused if they are HTML encoded. Most web applications are developed under the principle that all strings internally are not encoded until the very last moment before they are sent to an HTML page, and that’s probably the right architecture. 188 More from Joel on Software We really need to be able to keep things around in unsafe format for a while. OK. I’ll try again. Possible solution #2 What if we made a coding convention that said that when you write out any string you have to encode it?

Functional Programming in Scala by Paul Chiusano, Rúnar Bjarnason

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

domain-specific language, iterative process, loose coupling, sorting algorithm, type inference, web application

Message processing, state machines, and actors: Large systems are often organized as a system of loosely-coupled components that communicate via message passing. These systems are often expressed in terms of actors, which communicate via explicit message sends and receives. We can express components in these architectures as stream processors, which lets us describe extremely complex state machines and behaviors while retaining a high-level, compositional API. Servers, web applications: A web application can be thought of as converting a stream of HTTP requests to a stream HTTP responses. UI programming: We can view individual UI events such as mouseclicks as streams, and the UI as one large network of stream processors determining how the UI responds to user interaction. Big data, distributed systems: Stream processing libraries can be distributed and parallelized for processing large amounts of data.

pages: 502 words: 82,170

The Book of CSS3 by Peter Gasston

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

centre right, en.wikipedia.org, Firefox, Google Chrome, web application, wikimedia commons

Summary The introduction of transparency to CSS may seem minor, but transparency could potentially cause some significant changes to page designs; overlapping colors have long been a staple of print design, but this style has yet to make serious inroads into web design because of how difficult it is to implement. The appearance property is also a small change with big implications. HTML5 is arriving and bringing with it expanded scope for building web applications and further blurring the boundaries between desktop and Web. More web applications will frequently blend with a user’s operating system in the near future. In the next chapter, I’ll complete the quartet of chapters on backgrounds, borders, and colors with a look at the bleeding edge of CSS3: the gradient background. Color and Opacity: Browser Support WebKit Firefox Opera IE opacity Yes Yes Yes No (expected in IE9) RGBA values Yes Yes Yes No (expected in IE9) HSL values Yes Yes Yes No (expected in IE9) HSLA values Yes Yes Yes No (expected in IE9) currentColor value Yes Yes Yes No (expected in IE9) appearance Yes Yes No No Chapter 11.

Industry 4.0: The Industrial Internet of Things by Alasdair Gilchrist

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

3D printing, additive manufacturing, Amazon Web Services, augmented reality, autonomous vehicles, barriers to entry, business intelligence, business process, chief data officer, cloud computing, connected car, cyber-physical system, deindustrialization, fault tolerance, global value chain, Google Glasses, hiring and firing, industrial robot, inflight wifi, Infrastructure as a Service, Internet of things, inventory management, job automation, low skilled workers, millennium bug, pattern recognition, peer-to-peer, platform as a service, pre–internet, race to the bottom, RFID, Skype, smart cities, smart grid, smart meter, smart transportation, software as a service, stealth mode startup, supply-chain management, trade route, web application, WebRTC, WebSocket, Y2K

These programmable interfaces were complex and issued by the software vendor, typically with limited functionality. This was more to do with the vendor retaining control of development and being able to up-sell functionality and integration with other enterprise applications and databases as an additional service. However, as IT shifted away from SOA to web and mobile applications, APIs have also become a relatively simple template that we use to communicate between our mobile and web applications and with other backend databases and enterprise applications. Let’s break it down by looking at each of its parts. Let’s first look at an API’s component parts. Application If you have a laptop, tablet, or smartphone, you are well acquainted with what applications are, i.e., the tools, games, social networks, and other software that we use every day. Programming This is the coding that software engineers use to create all the software that make up our applications on our devices.

These independent services run a unique process and communicate through a well-defined, lightweight web service or other mechanism in order to deliver a specific result. 151 152 Chapter 9 | Software Design Concepts What makes microservices valuable are that applications can be constructed that decouple the underlying complexities of the host systems from the application’s purpose. If we take a look at a client-server web application, these are built as monolithic applications, where the server portion of the code handles HTTP requests, executes logic, and retrieves or posts data from/to the database. The problem with this style is that any changes will require a new version of the entire application, as each function is intertwined and not readily isolated and updatable. With microservices, we see the introduction of a different approach, one that is ideal for the IoT, and by extension the Industrial Internet.

pages: 407 words: 103,501

The Digital Divide: Arguments for and Against Facebook, Google, Texting, and the Age of Social Netwo Rking by Mark Bauerlein

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Mechanical Turk, Andrew Keen, centre right, citizen journalism, collaborative editing, computer age, computer vision, corporate governance, crowdsourcing, David Brooks, disintermediation, Frederick Winslow Taylor, Howard Rheingold, invention of movable type, invention of the steam engine, invention of the telephone, Jaron Lanier, Jeff Bezos, jimmy wales, Kevin Kelly, knowledge worker, late fees, Mark Zuckerberg, Marshall McLuhan, means of production, meta analysis, meta-analysis, moral panic, Network effects, new economy, Nicholas Carr, PageRank, peer-to-peer, pets.com, Results Only Work Environment, Saturday Night Live, search engine result page, semantic web, Silicon Valley, slashdot, social graph, social web, software as a service, speech recognition, Steve Jobs, Stewart Brand, technology bubble, Ted Nelson, The Wisdom of Crowds, Thorstein Veblen, web application

(The question is particularly urgent because the Web 2.0 meme has become so widespread that companies are now pasting it on as a marketing buzzword, with no real understanding of just what it means. The question is particularly difficult because many of those buzzword-addicted start–ups are definitely not Web 2.0, while some of the applications we identified as Web 2.0, like Napster and BitTorrent, are not even properly Web applications!) We began trying to tease out the principles that are demonstrated in one way or another by the success stories of Web 1.0 and by the most interesting of the new applications. 1 > the web as platform Like many important concepts, Web 2.0 doesn’t have a hard boundary, but rather, a gravitational core. You can visualize Web 2.0 as a set of principles and practices that tie together a veritable solar system of sites that demonstrate some or all of those principles, at a varying distance from that core.

Much like the “horseless carriage” framed the automobile as an extension of the familiar, Netscape promoted a “webtop” to replace the desktop, and planned to populate that webtop with information updates and applets pushed to the webtop by information providers who would purchase Netscape servers. In the end, both Web browsers and Web servers turned out to be commodities, and value moved “up the stack” to services delivered over the Web platform. Google, by contrast, began its life as a native Web application, never sold or packaged, but delivered as a service, with customers paying, directly or indirectly, for the use of that service. None of the trappings of the old software industry are present. No scheduled software releases, just continuous improvement. No licensing or sale, just usage. No porting to different platforms so that customers can run the software on their own equipment, just a massively scalable collection of commodity PCs running open-source operating systems plus homegrown applications and utilities that no one outside the company ever gets to see.

pages: 123 words: 32,382

Grouped: How Small Groups of Friends Are the Key to Influence on the Social Web by Paul Adams

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Airbnb, Cass Sunstein, cognitive dissonance, David Brooks, information retrieval, invention of the telegraph, planetary scale, race to the bottom, Richard Thaler, sentiment analysis, social web, statistical model, The Wisdom of Crowds, web application, white flight

People with higher education tended to have double the number of strong ties as those who didn’t finish high school.23 In their research on friendship, Spencer and Pahl found that some people have bounded relationships where friends are made at a particular life stage and new people remain acquaintances, while others have serial relationships where friends are replaced at each life stage. Others have evolving patterns, where new friends are added at each life stage, but some remain from previous life stages.1 * * * Quick Tips We need to keep lists of people, whether that’s in a social web application, or a customer marketing database, up to date. We need to know whether people still turn to the same people they did in the past, and whether their trusted sources have changed. * * * Summary We have unique relationships with everyone we know and these relationships heavily influence how we behave around others. One of the most useful ways to think about our unique relationships is to look at them in terms of strong ties and weak ties.

pages: 132 words: 28,815

Ansible Configuration Management - Second Edition by Daniel Hall

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

cloud computing, Debian, pull request, web application

We can configure it to wait for a particular period, or we can make it prompt for the user to continue. While effectively useless when used from the Ansible command line, it can be very handy when used inside a playbook. Generally, the pause module is used when we want the user to provide confirmation to continue, or if manual intervention is required at a particular point. For example, if we have just deployed a new version of a web application to a server, and we need to have the user check manually to make sure it looks okay before we configure them to receive production traffic, we can put a pause there. It is also handy to warn the user of a possible problem and give them the option of continuing. This will make Ansible print out the names of the servers and ask the user to press Enter to continue. If used with the serial key in the target section, it will ask once for each group of hosts that Ansible is running on.

pages: 1,758 words: 342,766

Code Complete (Developer Best Practices) by Steve McConnell

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Ada Lovelace, Albert Einstein, Buckminster Fuller, call centre, choice architecture, continuous integration, data acquisition, database schema, don't repeat yourself, Donald Knuth, fault tolerance, Grace Hopper, haute cuisine, if you see hoof prints, think horses—not zebras, index card, inventory management, iterative process, Larry Wall, late fees, loose coupling, Menlo Park, Perl 6, place-making, premature optimization, revision control, Sapir-Whorf hypothesis, slashdot, sorting algorithm, statistical model, Tacoma Narrows Bridge, the scientific method, Thomas Kuhn: the structure of scientific revolutions, Turing machine, web application

Java was designed to run on any platform by converting Java source code to byte code, which is then run in each platform within an environment known as a virtual machine. Java is in widespread use for programming Web applications. JavaScript JavaScript is an interpreted scripting language that is loosely related to Java. It is used primarily for client-side programming such as adding simple functions and online applications to Web pages. Perl Perl is a string-handling language that is based on C and several UNIX utilities. Perl is often used for system administration tasks, such as creating build scripts, as well as for report generation and processing. It's also used to create Web applications such as Slashdot. The acronym "Perl" stands for Practical Extraction and Report Language. PHP PHP is an open-source scripting language with a simple syntax similar to Perl, Bourne Shell, JavaScript, and C.

PHP runs on all major operating systems to execute server-side interactive functions. It can be embedded in Web pages to access and present database information. The acronym "PHP" originally stood for Personal Home Page but now stands for PHP: Hypertext Processor. Python Python is an interpreted, interactive, object-oriented language that runs in numerous environments. It is used most commonly for writing scripts and small Web applications and also contains some support for creating larger programs. SQL SQL is the de facto standard language for querying, updating, and managing relational databases. "SQL" stands for Structured Query Language. Unlike other languages listed in this section, SQL is a "declarative language," meaning that it does not define a sequence of operations, but rather the result of some operations.

Performance Smith, Connie U. and Lloyd G. Williams. Performance Solutions: A Practical Guide to Creating Responsive, Scalable Software. Boston, MA: Addison-Wesley, 2002. This book covers software performance engineering, an approach for building performance into software systems at all stages of development. It makes extensive use of examples and case studies for several kinds of programs. It includes specific recommendations for Web applications and pays special attention to scalability. cc2e.com/2592 Newcomer, Joseph M. "Optimization: Your Worst Enemy." May 2000, http://www.flounder.com/optimization.htm. Newcomer is an experienced systems programmer who describes the various pitfalls of ineffective optimization strategies in graphic detail. Algorithms and Data Types cc2e.com/2599 Knuth, Donald. The Art of Computer Programming, vol. 1, Fundamental Algorithms, 3d ed.

pages: 1,201 words: 233,519

Coders at Work by Peter Seibel

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Ada Lovelace, bioinformatics, cloud computing, Conway's Game of Life, domain-specific language, don't repeat yourself, Donald Knuth, fault tolerance, Fermat's Last Theorem, Firefox, George Gilder, glass ceiling, Guido van Rossum, HyperCard, information retrieval, Larry Wall, loose coupling, Marc Andreessen, Menlo Park, Metcalfe's law, Perl 6, premature optimization, publish or perish, random walk, revision control, Richard Stallman, rolodex, Ruby on Rails, Saturday Night Live, side project, slashdot, speech recognition, the scientific method, Therac-25, Turing complete, Turing machine, Turing test, type inference, Valgrind, web application

Seibel: You talked before about how writing prose has many similar characteristics to programming. While mathematics has always been closely associated with computers and programming, I wonder if once you're talking about developing things like web frameworks or a web application on top of a framework, if it requires skills more related to writing. Bloch: Yes—earlier you mentioned that there were two distinct communities of Java programmers. The need for math is much greater in the community that writes libraries, compilers, and frameworks. If you write web applications on top of frameworks, you have to understand communication, both verbal and visual. I get infuriated at web sites when they drive me to do the wrong thing. It's clear that someone just hasn't thought about how someone approaching this thing will deal with it.

But someone today couldn't take the same path that I took because that path doesn't even exist anymore. Ten years ago I would have said absolutely the first thing you have to do is learn assembly language. You have to learn how the machine actually works. Does that matter any more? I don't even know. Maybe it does. But possibly not. If the way software is going to be ten years from now is all web applications or a piece of distributed code in some rented computing cluster that's moving around between a dozen different Google servers and spawning other copies of itself and then merging back together once it's got results, does anyone need to know assembly language any more? Is that so abstracted away that it doesn't matter? I don't know. I was kind of freaked out when I realized that there are people graduating with CS degrees who'd never written C.

Multitool Linux: Practical Uses for Open Source Software by Michael Schwarz, Jeremy Anderson, Peter Curtis

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

business process, Debian, defense in depth, GnuPG, index card, indoor plumbing, Larry Wall, optical character recognition, publish or perish, RFC: Request For Comment, Richard Stallman, SETI@home, slashdot, web application, x509 certificate

The two techniques we cover in this chapter are quite different, but they are alike in that they are both rather primitive but nonetheless effective means of communication and control. Did you ever as a kid take two soup cans and a length of string and make a telephone? We're going to show how to do that as an adult. But this time, it's digital! I recently bought myself a preloaded Linux laptop. I hadn't owned a laptop before, I had never had need of one. Because I was getting back into consulting following a stint as an employee on the Web applications design team that still employs two of my co-authors, I knew I would often be unable to control my desktop. Given this, I wanted the laptop so I could have Linux with me, whatever level of control was maintained over the client-provided computers. It has served me well. With a 10/100 ethernet card and a basic Linux laptop, I was always able to have my Linux, even when I was not allowed to install it on my desktop.

It features calendaring, messaging, and Usenet support and great usability. It's also very easy to install. Resources PHP PHP is a powerful scripting language, as you can well imagine. It works on Unix and Win32 Web servers and provides massive connectivity features. It's also very well documented. Online manuals: http://www.php.net/docs.php Several books are also out there on PHP, including Web applications: · Development with PHP 4.0, by Tobias Ratschiller and Till Gerken · Professional PHP Programming, by Jesus Castagnetto, Harish Rawat, Sascha Schumann, Chris Scollo, and Deepak Veliath Apache Apache is also, as you can see, a powerful Web server that supports a multitude of options. It can also work on Win32 in addition to Unix-based systems. Online manuals: http://httpd.apache.org/ Several books are also available on Apache: · Apache: The Definitive Guide, by Ben Laurie and Peter Laurie · Administering Apache, by Mark A.

Programming Android by Zigurd Mednieks, Laird Dornin, G. Blake Meike, Masumi Nakamura

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

anti-pattern, business process, conceptual framework, create, read, update, delete, database schema, Debian, domain-specific language, en.wikipedia.org, fault tolerance, Google Earth, interchangeable parts, iterative process, loose coupling, MVC pattern, revision control, RFID, web application

Workspaces are independent. Settings that you set up in one workspace stay in that workspace. You can use multiple workspaces to separate projects that target different platforms, and that may use markedly different environments—for example, Rails projects and Android projects. You can use multiple workspaces to run more than one instance of Eclipse. Suppose you have Eclipse-based tools for some web application framework that are not compatible with the version of Eclipse you are using for Android development. By using a separate workspace for Android development, you can maintain separate state and even run both Eclipse versions at the same time. Java Environments Three distinct Java environments are used in Java software development in Eclipse. Eclipse’s Java Runtime Environment The first environment is that in which Eclipse itself is running.

Let’s move one step closer and look at the organization of code within a project. To reiterate, a project, as introduced in Projects, is a workspace devoted to producing a single deployable artifact. In the wider world of Java, that artifact might be no more than a library (a .jar file that cannot be run by itself but that implements some specific functionality). It might, on the other hand, be a deployable web application or a double-clickable desktop application. In the Android space, the artifact is most likely to be a single runnable service: a ContentProvider, a Service, or an Activity. A content provider that is used by a single activity certainly might start its life as a part of the activity project. As soon as a second activity needs to use it, though, it is time to consider refactoring it into its own project.

pages: 478 words: 149,810

We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency by Parmy Olson

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

4chan, Asperger Syndrome, bitcoin, call centre, Chelsea Manning, corporate governance, crowdsourcing, Firefox, hive mind, Julian Assange, Minecraft, Occupy movement, peer-to-peer, pirate software, side project, Skype, speech recognition, Stephen Hawking, Stuxnet, We are Anonymous. We are Legion, We are the 99%, web application, WikiLeaks, zero day

The detail that XSS is the second most common hacking technique after SQL injection is sourced from the Web Hacking Incident Database (WHID) of 2011, an online database that tracks media-reported security incidents and is led by Ryan Barnett, senior security researcher on Trustwave’s SpiderLabs Research Team. Details about the technical impact of Anonymous DDoS attacks on Scientology’s website come from research by Arbor Networks, along with court documents related to Brian Mettenbrink’s case; these documents provide, among other things, the date when Scientology hired Prolexic Technologies. Details on LOIC come from numerous online articles about the Web application, screenshots of the interface, news reports from tech site Gizmodo, and research from the IT security firm Imperva. Details on Praetox come from the programmer’s own website, http://ptech.50webs.com/, which appears to have been created in 2007 but was abandoned around 2009 or 2010. The emergence of NewEraCracker as another programmer to develop LOIC comes from details on GitHub, a Web-based hosting service for software projects.

IRC allows users to talk to one another within chat rooms, or “channels,” and have existed since the late 1980s. Each IRC network attracts communities who share a common interest, such as the AnonOps IRC, which attracts those interested in Anonymous. Network and channel “operators” moderate the discussions on these networks; such roles are seen as an indicator of high social status. LOIC (low orbit ion cannon): Originally created as a stress-testing tool for servers, this open-source Web application has become popular among supporters of Anonymous as a digital weapon that, if used by enough people, can be used to carry out a DDoS attack on a website. Lulz: An alteration of the abbreviation LOL (laugh out loud), this term is thought to have first appeared on an Internet Relay Chat network in 2003 in reaction to something funny. It now refers to the enjoyment felt after pursuing a prank or online disruption that leads to someone else’s embarrassment.

pages: 458 words: 135,206

CTOs at Work by Scott Donaldson, Stanley Siegel, Gary Donaldson

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, bioinformatics, business intelligence, business process, call centre, centre right, cloud computing, computer vision, connected car, crowdsourcing, data acquisition, distributed generation, domain-specific language, glass ceiling, pattern recognition, Pluto: dwarf planet, QR code, Richard Feynman, Richard Feynman, Ruby on Rails, shareholder value, Silicon Valley, Skype, smart grid, smart meter, software patent, thinkpad, web application, zero day, zero-sum game

[Laughter] Garrison: That's right. I am, as a matter of fact. Cherches, Loveland, Mosca and Natoli Mind Over Machines Dmitry Cherches Cherches is Chief Technology Officer at Mind Over Machines. His 15+ years in IT have been largely focused on the development of high-transaction databases and e-commerce applications, high-availability servers and storage solutions, and multi-lingual Web applications. For more than a decade, he has been responsible for setting the technology vision for Mind Over Machines. Under his direction, the company has increased its depth of expertise and certifications in web programming languages, tools and technology platforms. A native of Belarus, Russia and one-time aspiring professional swimmer on the Junior Olympic team, Dmitry was disassembling mainframe computers and creating DOS-based games as a child.

Differentiating on application development to me is that it is difficult to see the economics. S. Donaldson: What kind of databases are you using? Ballard: Multiple different kinds. I'm really into it. I think of it as eclectic computing. I will routinely use relational databases, mixed platforms. For example, right now we've got SQL server and MySQL in regular use. MongoDB is a personal favorite because it really embraces the reality of web application development, where JavaScript and JSON are data models on the browser, so why not keep that data model end-to-end? I use full text indexes as databases routinely. So, products like Xapien from the open-source community work really well. Plain old tab-delimited text files are a really good database technology when you're doing set processing. Using just plain UNIX, pipes and filters and make files and shell scripts, processing large amounts of text up to hundreds of gigabytes of data volume is actually an extremely cost-effective way to do data mining.

Version Control With Git: Powerful Tools and Techniques for Collaborative Software Development by Jon Loeliger, Matthew McCullough

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

continuous integration, Debian, distributed revision control, GnuPG, Larry Wall, peer-to-peer, peer-to-peer model, pull request, revision control, web application, web of trust

Organization selector GitHub Organizations provide ownership of repositories at a higher level than mere user accounts. In support of that, there is an additional security construct: Teams. Teams are a grouping mechanism for users that associates with a certain permission level and a set of repositories. The three permission levels are pull only, pull+push, and pull+push+administration as shown in Figure 21-36. Figure 21-36. Organization permissions REST API Having a web application is a great starting point, but GitHub has a rich community of developers that are eager to use true services, not just page scraping, to build the next layer of useful features. To facilitate the community construction of supporting tools, GitHub has built a full Application Programming Interface (API). GitHub’s API has evolved in three major eras, and the current v3 of the API, as it is known, offers almost all UI-accessible features in an equivalent API form.

GitHub Enterprise home page Figure 21-43. GitHub Enterprise in VirtualBox GitHub in Sum Git is a developer tool that has shaken the very foundations of CVS, SVN, Perforce, and ClearCase installations by showing that high performance, collaborative, and distributed version control can be found in an open source solution. Offset by only a short delay from Git’s own development, GitHub has equally shown that a sharp web application can reduce tool burden, facilitate quicker fixes, allow a greater number of contributors to further a project, and most importantly, turn the act of coding into a truly social activity. Index A note on the digital index A link in an index entry is displayed as the section title in which that entry appears. Because some sections have multiple index markers, it is not unusual for an entry to have several links to the same section.

pages: 310 words: 34,482

Makers at Work: Folks Reinventing the World One Object or Idea at a Time by Steven Osborn

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

3D printing, A Pattern Language, additive manufacturing, air freight, Airbnb, augmented reality, autonomous vehicles, barriers to entry, Baxter: Rethink Robotics, c2.com, Computer Numeric Control, computer vision, crowdsourcing, Douglas Engelbart, dumpster diving, en.wikipedia.org, Firefox, future of work, Google Chrome, Google Glasses, Google Hangouts, Hacker Ethic, Internet of things, Iridium satellite, Khan Academy, Kickstarter, Mason jar, means of production, Minecraft, minimum viable product, Network effects, Oculus Rift, patent troll, popular electronics, QR code, Rodney Brooks, Shenzhen was a fishing village, side project, Silicon Valley, Skype, slashdot, social software, software as a service, special economic zone, speech recognition, subscription business, telerobotics, urban planning, web application, Y Combinator

Kaplan: Exactly right. CHAPTER 6 Emile Petrone Founder Tindie Emile Petrone is an entrepreneur who has been part of many web start-ups, and most recently is the founder and CEO of Tindie (tindie.com), a marketplace for hobbyist electronics and open-source hardware. Before Tindie, he founded both Housefed and Knowble. He also worked for companies like Yelp and Urban Airship building consumer and B2B web applications. Steven Osborn: So Emile, tell me a little bit about yourself and what inspired you to start Tindie. Emile Petrone: Prior to Tindie, I was a self-taught web engineer. I learned Python I about a year and a half, almost two years, before founding Tindie. But I guess my background starts off more on the sales side, working in sales for various start-ups, like Yelp and Red Beacon. Then I decided to take a gap year and teach myself how to code.

This is where the metaphor of a lightbulb or just a simple design object like a task light comes into play. So, I started to build exactly that. I build interactive projector camera systems that fit into a lightbulb, which are carried by this arm that looks like an Anglepoise lamp. This was an embedded system that has a simple front end that effectively is a web browser. You can write simple web applications for it. The promise of it is turning light into an interface. This has a lot of advantages over existing interfaces. Although it does not negate the need or the use for them, this computer that I’m talking about coexists with other devices that we have. 103 104 Chapter 8 | Natan Linder: Founder, Formlabs Osborn: This sounds a bit like David Merrill’s story. He also went through the MIT Media Lab.

pages: 587 words: 117,894

Cybersecurity: What Everyone Needs to Know by P. W. Singer, Allan Friedman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

4chan, A Declaration of the Independence of Cyberspace, Apple's 1984 Super Bowl advert, barriers to entry, Berlin Wall, bitcoin, blood diamonds, borderless world, Brian Krebs, business continuity plan, Chelsea Manning, cloud computing, crowdsourcing, cuban missile crisis, data acquisition, drone strike, Edward Snowden, energy security, failed state, Fall of the Berlin Wall, fault tolerance, global supply chain, Google Earth, Internet of things, invention of the telegraph, John Markoff, Julian Assange, Khan Academy, M-Pesa, mutually assured destruction, Network effects, packet switching, Peace of Westphalia, pre–internet, profit motive, RAND corporation, ransomware, RFC: Request For Comment, risk tolerance, rolodex, Silicon Valley, Skype, smart grid, Steve Jobs, Stuxnet, uranium enrichment, We are Anonymous. We are Legion, web application, WikiLeaks, zero day, zero-sum game

There are different types of vulnerabilities with different ways of exploiting them, but a common approach is to find some way of tricking the victim’s computer into executing the attacker’s commands rather than the intended program’s. A key is that most computer systems treat data as both information to be processed and commands to be executed. This principle is foundational to the very idea of the modern computer, but also a major source of insecurity. A good illustration is a SQL (pronounced “sequel”) injection, one of the most common ways a website is attacked. Many web applications are built on Structured Query Language (SQL), a type of programming language used to manage data. It’s a highly effective system that dates back to the 1970s. But an attacker, instead of entering a name and address as requested, can enter specifically crafted commands that the database will read and interpret as program code, rather than just data to be stored. These commands can be used to learn about the database, read data, and create new accounts.

One study of hacked websites found that 49 percent of people had reused usernames and passwords between hacked sites. This is also why many organizations require you to change your password regularly. It not only minimizes risk, in case your password was already compromised, but it minimizes the likelihood that an irresponsible user has used his work password to, say, buy shoes, and now that password is compromised. At the very least, your e-mail passwords should be strong and unique, since many web applications allow you to reset many account details by e-mail. You may also want to consider a “password manager.” This application generates random, secure passwords for all the sites you need, and enters them automatically. Modern password manager applications work across platforms and devices, requiring you to only have to remember one password for the tool itself—just make sure that’s a good one! Given how many accounts also allow you to reset a password by answering some personal question, never use any personal information that could be found online to answer these questions.

pages: 153 words: 52,175

Bit Literacy: Productivity in the Age of Information and E-mail Overload by Mark Hurst

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

en.wikipedia.org, Firefox, Google Earth, mail merge, pre–internet, profit motive, social software, software patent, web application

But that’s not enough, since you still need to store the file on the computer so that you can find it again later. There’s no “iLetter” application that organizes personal letters. The file has to live somewhere; there must be some catch-all place to store files that aren’t managed by another application. There is such a catch-all: the file system, the application that stores and organizes all types of files. Every computer has one—Mac, Windows, and Linux—and some Web applications offer “online file systems” that allow users to store and organize files online. Even applications like iPhoto and iTunes use the computer’s file system, behind the scenes, to organize the user’s files; they just show the files in a prettier format than the file system would. It’s like getting laundry done at a luxury hotel. The hotel uses the same washing machines and detergent that you might use at home, but the hotel staff hand-delivers the clothes, nicely folded.

pages: 273 words: 46,214

JavaScript: the good parts by Douglas Crockford

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

web application

Code View: [ { "first": "Jerome", "middle": "Lester", "last": "Howard", "nick-name": "Curly", "born": 1903, "died": 1952, "quote": "nyuk-nyuk-nyuk!" }, { "first": "Harry", "middle": "Moses", "last": "Howard", "nick-name": "Moe", "born": 1897, "died": 1975, "quote": "Why, you!" }, { "first": "Louis", "last": "Feinberg", "nick-name": "Larry", "born": 1902, "died": 1975, "quote": "I'm sorry. Moe, it was an accident!" } ] E.2. Using JSON Securely JSON is particularly easy to use in web applications because JSON is JavaScript. A JSON text can be turned into a useful data structure with the eval function: var myData = eval('(' + myJSONText + ')'); (The concatenation of the parentheses around the JSON text is a workaround for an ambiguity in JavaScript's grammar.) The eval function has horrendous security problems, however. Is it safe to use eval to parse a JSON text? Currently, the best technique for obtaining data from a server in a web browser is through XMLHttpRequest.

pages: 312 words: 52,762

Gray Hat Python: Python Programming for Hackers and Reverse Engineers by Justin Seitz

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, web application

Bug Classes When analyzing a software application for faults, a hacker or reverse engineer is looking for particular bugs that will enable him to take control of code execution within that application. Fuzzers can provide an automated way of finding bugs that assist a hacker in taking control of the host system, escalating privileges, or stealing information that the application has access to, whether the target application operates as an independent process or as a web application that uses a scripting language. We are going to focus on bugs that are typically found in software that runs as an independent process on the host operating system and are most likely to result in a successful host compromise. Buffer Overflows Buffer overflows are the most common type of software vulnerability. All kinds of innocuous memory-management functions, string-manipulation routines, and even intrinsic functionality are part of the programming language itself and cause software to fail because of buffer overflows.

pages: 179 words: 42,006

Startup Weekend: How to Take a Company From Concept to Creation in 54 Hours by Marc Nager, Clint Nelsen, Franck Nouyrigat

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, barriers to entry, business climate, invention of the steam engine, James Watt: steam engine, Mark Zuckerberg, minimum viable product, pattern recognition, Silicon Valley, transaction costs, web application, Y Combinator

Belsky, Making Ideas Happen: Overcoming the Obstacles Between Vision and Reality (New York: Penguin Group, 2010). A. Bhide, The Origin and Evolution of New Businesses (New York: Oxford University Press, 2003). S. Blank, The Four Steps to the Epiphany: Successful Strategies for Products that Win (San Mateo, CA: CafePress.com, 2005). J. Fried, Getting Real: The Smarter, Faster, Easier Way to Build a Successful Web Application (Chicago: 37signals, LLC., 2009). J. Fried, Rework (Chicago: 37signals, LLC., 2010). S. Godin, Linchpin: Are You Indispensable? (New York: Penguin Group, 2010). T. Hsieh, Delivering Happiness: A Path to Profits, Passion, and Purpose (New York: Hachette Book Group, 2010). G. Kawasaki, Art of the Start: The Time-Tested, Battle-Hardened Guide for Anyone Starting Anything (New York: Penguin Group, 2004).

pages: 209 words: 54,638

Team Geek by Brian W. Fitzpatrick, Ben Collins-Sussman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

anti-pattern, barriers to entry, cognitive dissonance, Dean Kamen, en.wikipedia.org, fear of failure, Guido van Rossum, Paul Graham, publish or perish, Richard Stallman, Silicon Valley, Steve Jobs, web application

Of course, there are other ways to destroy the first impression. The first time your software runs, don’t present the user with a giant form to fill out or a giant panel of mandatory preferences to set. Forcing the user to create some sort of new account is pretty off-putting as well; it implies long-term commitment before the user has even done anything. All these things send the user screaming in the other direction. If your product is a web application, make sure it loads quickly! We’ve become spoiled about web page speed. When told to check out a new website, if it doesn’t load within three or four seconds, Fitz usually aborts and loses interest. There’s simply no excuse here. When programmers make users wait in line at the entrance, that’s an irritating barrier to entry. The web browser makes it easy to walk away and redirect our attention to 12 other places.

pages: 244 words: 20,327

Structuring Backbone Code With RequireJS and Marionette Modules by David Sulc

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

en.wikipedia.org, MVC pattern, web application

That way, a user could potentially use the same URL (by bookmarking it, emailing it to a friend, etc.) to “restore” the app’s current confguration (i.e. which views are displayed, etc.). Keeping the URL up to date also enables the browser’s “back” and “forward” buttons to function properly. It’s very important to differentiate triggering routing events from updating the URL. In traditional web frameworks, actions are triggered by hitting their corresponding URLs. This isn’t true for javascript web applications: our ContactManager has been working just fine (even “changing pages”) without ever caring about the current URL. And now that we have a basic app functioning as we want it to, we’ll add in a router to manage the URL-related functionality. Our router will only get triggered by the first URL it recognizes, resulting in our app getting “initialized” to the correct state (i.e. showing the proper data in the proper views).

pages: 458 words: 46,761

Essential Sqlalchemy by Jason Myers, Rick Copeland

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

create, read, update, delete, database schema, Ruby on Rails, side project, web application

Now we can print a list of the ingredient names, as shown here: dcc.ingredient_names And we will get the following output: ['Egg', 'Flour', 'Oil', 'Sugar', 'Dark Chocolate Chips'] This enabled us to quickly handle existing and new ingredients when we added them to our cookie, and the resulting output was just what we desired. Association proxies have lots of other uses, too; you can learn more in the association proxy documentation. Integrating SQLAlchemy with Flask It’s common to see SQLAlchemy used with a Flask web application. The creator of Flask has also created a Flask-SQLalchemy package to make this integration easy. Using Flask-SQLalchemy will provide preconfigured scoped sessions that are tied to the page life cycle of your Flask application. You can install Flask-SQLalchemy with pip as shown here: # pip install flask-sqlalchemy When using Flask-SQLalchemy, I highly recommend you use the app factory pattern, which is not what is shown in the quick start section of the Flask-SQLalchemy documentation.

pages: 133 words: 42,254

Big Data Analytics: Turning Big Data Into Big Money by Frank J. Ohlhorst

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

algorithmic trading, bioinformatics, business intelligence, business process, call centre, cloud computing, create, read, update, delete, data acquisition, DevOps, fault tolerance, linked data, natural language processing, Network effects, pattern recognition, performance metric, personalized medicine, RFID, sentiment analysis, six sigma, smart meter, statistical model, supply-chain management, Watson beat the top human players on Jeopardy!, web application

This means that a Big Data platform should include built-in support for technologies such as MapReduce, integration with external Not only SQL (NoSQL) databases, parallel processing capabilities, and distributed data services. It should also make use of the new integration targets, at least from a development perspective. Consequently, there are specific characteristics and features that a Big Data platform should offer to work effectively with Big Data analytics processes: Support for batch and real-time analytics. Most of the existing platforms for processing data were designed for handling transactional Web applications and have little support for business analytics applications. That situation has driven Hadoop to become the de facto standard for handling batch processing. However, real-time analytics is altogether different, requiring something more than Hadoop can offer. An event-processing framework needs to be in place as well. Fortunately, several technologies and processing alternatives exist on the market that can bring real-time analytics into Big Data platforms, and many major vendors, such as Oracle, HP, and IBM, are offering the hardware and software to bring real-time processing to the forefront.

pages: 271 words: 52,814

Blockchain: Blueprint for a New Economy by Melanie Swan

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

23andMe, Airbnb, altcoin, Amazon Web Services, asset allocation, banking crisis, basic income, bioinformatics, bitcoin, blockchain, capital controls, cellular automata, central bank independence, clean water, cloud computing, collaborative editing, Conway's Game of Life, crowdsourcing, cryptocurrency, disintermediation, Edward Snowden, en.wikipedia.org, ethereum blockchain, fault tolerance, fiat currency, financial innovation, Firefox, friendly AI, Hernando de Soto, intangible asset, Internet Archive, Internet of things, Khan Academy, Kickstarter, lifelogging, litecoin, Lyft, M-Pesa, microbiome, Network effects, new economy, peer-to-peer, peer-to-peer lending, peer-to-peer model, personalized medicine, post scarcity, prediction markets, QR code, ride hailing / ride sharing, Satoshi Nakamoto, Search for Extraterrestrial Intelligence, SETI@home, sharing economy, Skype, smart cities, smart contracts, smart grid, software as a service, technological singularity, Turing complete, unbanked and underbanked, underbanked, web application, WikiLeaks

Bitcoins are created as a reward for computational processing work, known as mining, in which users offer their computing power to verify and record payments into the public ledger. Individuals or companies engage in mining in exchange for transaction fees and newly created Bitcoins. Besides mining, Bitcoins can, like any currency, be obtained in exchange for fiat money, products, and services. Users can send and receive Bitcoins electronically for an optional transaction fee using wallet software on a personal computer, mobile device, or web application. What Is the Blockchain? The blockchain is the public ledger of all Bitcoin transactions that have ever been executed. It is constantly growing as miners add new blocks to it (every 10 minutes) to record the most recent transactions. The blocks are added to the blockchain in a linear, chronological order. Each full node (i.e., every computer connected to the Bitcoin network using a client that performs the task of validating and relaying transactions) has a copy of the blockchain, which is downloaded automatically when the miner joins the Bitcoin network.

pages: 219 words: 63,495

50 Future Ideas You Really Need to Know by Richard Watson

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

23andMe, 3D printing, access to a mobile phone, Albert Einstein, artificial general intelligence, augmented reality, autonomous vehicles, BRICs, Buckminster Fuller, call centre, clean water, cloud computing, collaborative consumption, computer age, computer vision, crowdsourcing, dark matter, dematerialisation, digital Maoism, digital map, Elon Musk, energy security, failed state, future of work, Geoffrey West, Santa Fe Institute, germ theory of disease, happiness index / gross national happiness, hive mind, hydrogen economy, Internet of things, Jaron Lanier, life extension, Mark Shuttleworth, Marshall McLuhan, megacity, natural language processing, Network effects, new economy, oil shale / tar sands, pattern recognition, peak oil, personalized medicine, phenotype, precision agriculture, profit maximization, RAND corporation, Ray Kurzweil, RFID, Richard Florida, Search for Extraterrestrial Intelligence, self-driving car, semantic web, Skype, smart cities, smart meter, smart transportation, statistical model, stem cell, Stephen Hawking, Steve Jobs, Steven Pinker, Stewart Brand, strong AI, Stuxnet, supervolcano, telepresence, The Wisdom of Crowds, Thomas Malthus, Turing test, urban decay, Vernor Vinge, Watson beat the top human players on Jeopardy!, web application, women in the workforce, working-age population, young professional

Virtual currency Digital currency used primarily in computer gaming. Links with digital payments, micropayments, stored value, embedded currency and mobile payments. Virtual duplicate An object’s virtual twin in cyberspace. Used to provide additional information. Links with augmented reality and cybertwins. VR Virtual Reality—a computer-simulated environment. Web 2.0 A term often used to describe Web applications that help individuals to share information online, examples being sites such as Facebook and YouTube. Sometimes referred to as the participatory or conversational Web. Web 3.0 The next stage of Web development, although the term causes much disagreement. Sometimes refers to the ability of search engines to answer complex questions. It can also refer to the personalized Web, semantic Web or the geo-tagging of information.

pages: 138 words: 40,787

The Silent Intelligence: The Internet of Things by Daniel Kellmereit, Daniel Obodovski

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

3D printing, Airbnb, Amazon Web Services, Any sufficiently advanced technology is indistinguishable from magic, autonomous vehicles, barriers to entry, business intelligence, call centre, Clayton Christensen, cloud computing, commoditize, connected car, crowdsourcing, data acquisition, en.wikipedia.org, Erik Brynjolfsson, first square of the chessboard, first square of the chessboard / second half of the chessboard, Freestyle chess, Google X / Alphabet X, Internet of things, lifelogging, Metcalfe’s law, Network effects, Paul Graham, Ray Kurzweil, RFID, Robert Metcalfe, self-driving car, Silicon Valley, smart cities, smart grid, software as a service, Steve Jobs, web application, Y Combinator, yield management

If you could track your blood-sugar level or monitor your sleep patterns over time and see them getting better because of your lifestyle changes, you can start looking at the world a little differently. When BodyMedia started twelve years ago, there weren’t any wearable monitoring products. Most monitoring devices were either for performance athletes or for clinically sick people. There was nothing in the middle for those who just wanted to be fit and healthy. Ivo continues: We built hardware, software, and Web applications accessible from any Internet device. We had to build all these tools ourselves. We worked hard on creating a user interface that was easy to understand without overwhelming people with data. Our device has five body sensors: a three-axis accelerometer to detect movement, activity, and orientation; skin temperature; body heat flux; galvanic skin conductivity response; and near-body ambience.

pages: 197 words: 60,477

So Good They Can't Ignore You: Why Skills Trump Passion in the Quest for Work You Love by Cal Newport

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Apple II, bounce rate, Byte Shop, Cal Newport, capital controls, cleantech, Community Supported Agriculture, deliberate practice, financial independence, follow your passion, Frank Gehry, information asymmetry, job satisfaction, job-hopping, knowledge worker, Mason jar, medical residency, new economy, passive income, Paul Terrell, popular electronics, renewable energy credits, Results Only Work Environment, Richard Bolles, Richard Feynman, Richard Feynman, rolodex, Sand Hill Road, side project, Silicon Valley, Skype, Steve Jobs, Steve Wozniak, web application, winner-take-all economy

“I had a lot of interest from companies in San Francisco and Silicon Valley,” he told me, reflecting on the period that began in 2008. He decided to take a job with ENTP, one of the country’s top Ruby programming firms. They doubled his salary and put him to work on interesting projects. In 2009, Giles was bit by an entrepreneurial bug. He left ENTP and built up a blog and a collection of mini–Web applications that soon brought in enough money to support him. “I had an audience who wanted to know what I thought about a whole ton of different things,” he told me. “In many cases they were happy to pay money just to ask me questions.” Eventually, he decided that he had had his fill with the solo lifestyle (“working from home is kind of lame when you don’t have roommates, a girlfriend, or even a dog”), so he pursued a longstanding interest in filmmaking by going to work for hitRECord: a company started by actor Joseph Gordon-Levitt that provides a Web-based platform for collaborative media projects.

pages: 280 words: 40,881

JQuery UI by Eric Sarrion

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Chuck Templeton: OpenTable, Firefox, Ruby on Rails, web application

"div#books img[isSelected=true]" : "div#books img.ui-selected"; $(selector).each (function (index) { $(this).css ({ position : "relative", top : ui.helper.css ("top"), left : ui.helper.css ("left") }); }); }, stop : function (event) { $("div#books").selectable ("enable"); } }); }, unselected : function (event, ui) { ui.unselected.isSelected = false; $(ui.unselected).draggable ("destroy"); } }); </script> Figure 11-9. Three books are placed in the cart simultaneously Chapter 12. Permutation of Elements in the Page Moving items to insert them elsewhere in the page has become indispensable in current web applications. Users move elements visually by dragging with the mouse, and the system automatically inserts the moved items. Here, everything is handled internally by jQuery UI, which provides us the mechanism that implements this functionality. Here we call this operation a permutation, because the moved element leaves its place, while the destination (the location where the element is deposited) expands to allow the insertion of the new element.

pages: 357 words: 63,071

Essential SQLAlchemy by Rick Copeland

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

database schema, defense in depth, domain-specific language, web application

The complete list of supported databases and drivers follows: PostgreSQL psycopg2 at http://www.initd.org/pub/software/psycopg/ SQLite pysqlite at http://initd.org/pub/software/pysqlite/ or sqlite3 (included with Python versions 2.5 and greater) MySQL MySQLdb athttp://sourceforge.net/projects/mysql-python Oracle cx_Oracle athttp://www.cxtools.net/ SQL Server Support for Microsoft SQL server is provided by multiple drivers as follows: pyodbc at http://pyodbc.sourceforge.net/ (recommended driver) adodbapi at http://adodbapi.sourceforge.net/ pymssql at http://pymssql.sourceforge.net/ Firebird kinterbasdb athttp://kinterbasdb.sourceforge.net/ Informix informixdb athttp://informixdb.sourceforge.net/ SQLAlchemy Tutorial Once you have installed SQLAlchemy and the SQLite driver (either pysqlite or sqlite3), you can start really exploring SQLAlchemy. This tutorial shows off some of the basic features of SQLAlchemy that you can use to become immediately productive. This tutorial is based on a stripped-down version of a user authentication module that might be used in a web application. Connecting to the Database and Creating Some Tables Before doing anything, we need to import the modules we will use. In this case, for simplicity’s sake, we will simply import everything from the sqlalchemy package. We will also import the datetime class from the datetime package for use in defining default values for our tables. from sqlalchemy import * from datetime import datetime To connect to the database, we will create a MetaData object, which is used by SQLAlchemy to keep track of the tables we define: metadata = MetaData('sqlite:///tutorial.sqlite') The MetaData object we create is bound to a particular database Engine, in this case a SQLite engine connected to the database in the file tutorial.sqlite.

pages: 226 words: 17,533

Programming Scala: tackle multicore complexity on the JVM by Venkat Subramaniam

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

augmented reality, continuous integration, domain-specific language, don't repeat yourself, loose coupling, semantic web, type inference, web application

Title Year ISBN Advanced Rails Recipes: 84 New Ways to Build Stunning Rails Apps 2008 9780978739225 Pages 464 Agile Retrospectives: Making Good Teams Great 2006 9780977616640 200 Agile Web Development with Rails, Third Edition 2009 9781934356166 784 Augmented Reality: A Practical Guide 2008 9781934356036 328 Behind Closed Doors: Secrets of Great Management 2005 9780976694021 192 Best of Ruby Quiz 2006 9780976694076 304 Core Animation for Mac OS X and the iPhone: Creating Compelling Dynamic User Interfaces 2008 9781934356104 200 Data Crunching: Solve Everyday Problems using Java, Python, and More 2005 9780974514079 208 Deploying Rails Applications: A Step-by-Step Guide 2008 9780978739201 280 Design Accessible Web Sites: 36 Keys to Creating Content for All Audiences and Platforms 2007 9781934356029 336 Desktop GIS: Mapping the Planet with Open Source Tools 2008 9781934356067 368 Developing Facebook Platform Applications with Rails 2008 9781934356128 200 Enterprise Integration with Ruby 2006 9780976694069 360 Enterprise Recipes with Ruby and Rails 2008 9781934356234 416 Everyday Scripting with Ruby: for Teams, Testers, and You 2007 9780977616619 320 FXRuby: Create Lean and Mean GUIs with Ruby 2008 9781934356074 240 From Java To Ruby: Things Every Manager Should Know 2006 9780976694090 160 GIS for Web Developers: Adding Where to Your Web Applications 2007 9780974514093 275 Google Maps API, V2: Adding Where to Your Applications 2006 PDF-Only Groovy Recipes: Greasing the Wheels of Java 2008 9780978739294 264 Hello, Android: Introducing Google’s Mobile Development Platform 2008 9781934356173 200 Interface Oriented Design 2006 9780976694052 240 Land the Tech Job You Love 2009 9781934356265 280 Learn to Program, 2nd Edition 2009 9781934356364 230 Continued on next Download page at Boykma.Com Prepared exclusively for sam kaplan 83 Title Year ISBN Manage It!

pages: 371 words: 78,103

Webbots, Spiders, and Screen Scrapers by Michael Schrenk

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Amazon Web Services, corporate governance, fault tolerance, Firefox, Marc Andreessen, new economy, pre–internet, SpamAssassin, Turing test, web application

Wireless Carrier Text Message Email Address Alltel 10digitphonenumber@alltelmessage.com Ameritech Paging 10digitpagernumber@paging.acswireless.com BeeLine GSM phonenumber@sms.beemail.ru Bell Mobility (Canada) phonenumber@txt.bell.ca Bell South phonenumber@bellsouth.cl Bell South Mobility phonenumber@blsdcs.net Blue Sky Frog phonenumber@blueskyfrog.com Boost phonenumber@myboostmobile.com Cellular One 10digitphonenumber@mobile.celloneusa.com Cellular One West phonenumber@mycellone.com Cingular Wireless 10digitphonenumber@mobile.mycingular.com Dutchtone/Orange-NL phonenumber@sms.orange.nl Edge Wireless phonenumber@sms.edgewireless.com Fido phonenumber@fido.ca Golden Telecom phonenumber@sms.goldentele.com Idea Cellular phonenumber@ideacellular.net Manitoba Telecom Systems phonenumber@text.mtsmobility.com MetroPCS 10digitphonenumber@mymetropcs.com MobileOne phonenumber@m1.com.sg Mobilfone phonenumber@page.mobilfone.com Mobility Bermuda phonenumber@ml.bm Netcom phonenumber@sms.netcom.no Nextel 10digitphonenumber@messaging.nextel.com NPI Wireless phonenumber@npiwireless.com O2 username@o2.co.uk Orange phonenumber@orange.net Oskar phonenumber@mujoskar.cz Personal Communication sms@pcom.ru (number in subject line) PlusGSM phonenumber@text.plusgsm.pl Qualcomm name@pager.qualcomm.com Qwest 10digitphonenumber@qwestmp.com Southern LINC 10digitphonenumber@page.southernlinc.com Sprint PCS 10digitphonenumber@messaging.sprintpcs.com SunCom number@tms.suncom.com SureWest Communications phonenumber@mobile.surewest.com T-Mobile 10digitphonenumber@tmomail.net T-Mobile Germany phonenumber@t-d1-sms.de T-Mobile UK phonenumber@t-mobile.uk.net Tele2 Latvia phonenumber@sms.tele2.lv Telefonica Movistar phonenumber@movistar.net Telenor phonenumber@mobilpost.no TIM 10digitphonenumber@timnet.com UMC phonenumber@sms.umc.com.ua Unicel phonenumber@utext.com Verizon Pagers 10digitpagernumber@myairmail.com Verizon PCS 10digitphonenumber@vtext.com Virgin Mobile phonenumber@vmobl.com Wyndtell number@wyndtell.com About the Author Michael Schrenk uses webbots and data-driven web applications to create competitive advantages for businesses. He has written for Computerworld and Web Techniques magazines and has taught courses on Web usability and Internet marketing. He has also given presentations on intelligent Web agents and online corporate intelligence at the DEFCON hacker's convention. Colophon Webbots, Spiders, and Screen Scrapers was laid out in Adobe FrameMaker. The font families used are New Baskerville for body text, Futura for headings and tables, and Dogma for titles.

pages: 248 words: 72,174

The $100 Startup: Reinvent the Way You Make a Living, Do What You Love, and Create a New Future by Chris Guillebeau

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

big-box store, clean water, fixed income, follow your passion, if you build it, they will come, index card, informal economy, Kevin Kelly, Kickstarter, knowledge economy, late fees, price anchoring, Ralph Waldo Emerson, side project, Silicon Valley, Skype, Steve Jobs, Tony Hsieh, web application

Sometimes this is indeed the case, but many of the service providers I talked with were surprised that almost no one left after an increase. Several said that when they told their customers or clients about the increase, the response was, “It’s about time! You’re worth more than you’ve been charging.” (When your clients complain about the price being too low, you should listen.) Andy Dunn is a developer in Belfast, Northern Ireland. He left his day job after pitching a Web application to a CEO. Crucially, Andy didn’t just pitch an idea—he had the idea and then acted on it by creating the entire app and sending it over to the CEO, requesting approval. Impressed, the CEO called him up to say thanks, and even agreed to underwrite the expenses for some additional features. Out on his own, Andy had no problem attracting new business, but he did have a big problem with pricing.

pages: 193 words: 31,998

Java: The Good Parts by Jim Waldo

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

en.wikipedia.org, remote working, revision control, web application

There were a small number of libraries that provided basic functionality, all written by the same small group of engineers and all sharing a similar design philosophy. If you knew C or C++, Java was easy to learn. Although some libraries may have been better than others, they were all reasonable. Since then, Java and the associated environment have grown tremendously, both in popularity and in size. Java started out as a language for writing web applications that would run in a browser, and is now a language that is used for core system programming in the enterprise. The language itself has seen a number of major and minor additions, ranging from generic types (major) to autoboxing (minor). The platform has grown from a single entity to multiple editions, from Java Enterprise Edition and Standard Edition to all of the small Java environments for phones and smart cards.

pages: 378 words: 67,804

Learning Android by Marko Gargenta

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

create, read, update, delete, database schema, Firefox, loose coupling, slashdot, web application

Teaching this class, over time I saw what works and what doesn’t. This book is a distilled version of the Android Bootcamp training course that I developed at Marakana and fine-tuned over numerous engagements. My background is in Java from back before it was even called that. From the beginning, I was very interested in embedded development as a way to program various devices that surround us in everyday life. Because Java primarily took off in web application development, most of my experience in the previous decade has been in building large enterprise systems. Then Android arrived, and once again I became very excited about building software for nontraditional computers. My current interests lie in using Android on devices that may not even resemble a typical phone. This book teaches anyone who knows Java (or a similar language) how to develop a reasonably complex Android application.

pages: 264 words: 79,589

Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground by Kevin Poulsen

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Apple II, Brian Krebs, Burning Man, corporate governance, dumpster diving, Exxon Valdez, Hacker Ethic, hive mind, index card, McMansion, Mercator projection, offshore financial centre, packet switching, pirate software, Ponzi scheme, Robert Hanssen: Double agent, Saturday Night Live, Silicon Valley, Steve Jobs, Steve Wozniak, Steven Levy, traffic fines, web application, WikiLeaks, zero day, Zipcar

Anyway I just don’t want this to happen again, so I’m going to let it lie … “The Cracker” With that, Max shut down his five-day attack on the government, with more cracked systems behind him than he could count. He was satisfied that he’d made the Internet safer than it was before; thousands of computers that had been vulnerable to every hacker in the world were now vulnerable to only one: Max Vision. Max immediately jumped into a new, more socially acceptable project: He would write a Web application that would let anyone on the Internet request an automatic real-time scan of their network to assess whether or not they were open to the BIND attack. He also conceived a benign variant of the siege he’d just concluded. Like before, he would scan government and military networks. But instead of cracking the vulnerable computers, he’d automatically send an e-mail warning to the administrators.

pages: 205 words: 20,452

Data Mining in Time Series Databases by Mark Last, Abraham Kandel, Horst Bunke

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

4chan, call centre, computer vision, discrete time, information retrieval, iterative process, NP-complete, p-value, pattern recognition, random walk, sensor fusion, speech recognition, web application

Pal) Vol. 54: Fundamentals of Robotics — Linking Perception to Action (M. Xie) Vol. 55: Web Document Analysis: Challenges and Opportunities (Eds. A. Antonacopoulos and J. Hu) Vol. 56: Artificial Intelligence Methods in Software Testing (Eds. M. Last, A. Kandel and H. Bunke) Vol. 57: Data Mining in Time Series Databases (Eds. M. Last, A. Kandel and H. Bunke) Vol. 58: Computational Web Intelligence: Intelligent Technology for Web Applications (Eds. Y. Zhang, A. Kandel, T. Y. Lin and Y. Yao) Vol. 59: Fuzzy Neural Network Theory and Application (P. Liu and H. Li) *For the complete list of titles in this series, please write to the Publisher. Series in Machine Perception and Artificial Intelligence - Vol, 57 DATA MINING IN TIME SERIES DATABASES Editors Mark Last Ben-Gurion LIniversity of the Negeu, Israel Abraham Kandel Zl-Auiv University, Israel University of South Florida, Tampa, LISA Horst Bunke University of Bern, Switzerland vp World Scientific N E W JERSEY * LONDON * SINGAPORE BElJlNG SHANGHAI HONG KONG TAIPEI CHENNAI Published by World Scientific Publishing Co.

pages: 231 words: 71,248

Shipping Greatness by Chris Vander Mey

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

corporate raider, don't be evil, en.wikipedia.org, fudge factor, Google Chrome, Google Hangouts, Gordon Gekko, Jeff Bezos, Kickstarter, Lean Startup, minimum viable product, performance metric, recommendation engine, Skype, slashdot, sorting algorithm, source of truth, Steve Jobs, Superbowl ad, web application

Leveraging conventions gives you design shorthand that enables users to almost skip ahead in your UI. For example, on Mac interfaces, the OK button is always on the lower-right side of a UI, so users can click the button without having to read the copy above the button or read the name of the button. Sadly, PCs are different, and the OK button appears to the left of the Cancel button on the bottom-right side. If you’re building a web application, this convention doesn’t help. But you’d best make sure that within your application the buttons are in a consistent place, especially if you’re working in iOS or Android. Here are some other conventions you can leverage to make your UI more understandable: Make all primary buttons large and the same color. Have only one primary button in a UI. Use multiple buttons for choices like yes or no.

Exploring Everyday Things with R and Ruby by Sau Sheong Chang

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Alfred Russel Wallace, bioinformatics, business process, butterfly effect, cloud computing, Craig Reynolds: boids flock, Debian, Edward Lorenz: Chaos theory, Gini coefficient, income inequality, invisible hand, p-value, price stability, Ruby on Rails, Skype, statistical model, stem cell, Stephen Hawking, text mining, The Wealth of Nations by Adam Smith, We are the 99%, web application, wikimedia commons

:), in Ruby ternary conditional expression, if and unless R R Development Core Team, Introducing R R language, Packing Your Bags, Introducing R–Introducing R, Introducing R, Introducing R, Using R–Using R, The R Console–The R Console, The R Console, The R Console, Sourcing Files and the Command Line–Sourcing Files and the Command Line, Sourcing Files and the Command Line, Packages–Using packages, Programming R, Variables and Functions, Variables and Functions–Variables and Functions, Variables and Functions–Variables and Functions, Conditionals and Loops, Conditionals and Loops–Conditionals and Loops, Vectors–Vectors, Lists–Lists, Matrices–Matrices, Arrays–Arrays, Factors–Factors, Data frames–Data frames, Importing Data–Importing data from a database, Charting–Adjustments, Basic Graphs, MailMiner–MailMiner arrays, Arrays–Arrays assignment operators, Variables and Functions batch mode, Sourcing Files and the Command Line charting, Charting–Adjustments conditionals, Conditionals and Loops console for, The R Console–The R Console data frames, Data frames–Data frames expressions, Programming R factors, Factors–Factors functions, Variables and Functions–Variables and Functions importing data, Importing Data–Importing data from a database installing, Introducing R lists, Lists–Lists loops, Conditionals and Loops–Conditionals and Loops matrices, Matrices–Matrices output formats, Basic Graphs packages for, Packages–Using packages packages for, creating, MailMiner–MailMiner running, Using R–Using R running code from a file, Sourcing Files and the Command Line–Sourcing Files and the Command Line statistical functions, The R Console variables, Variables and Functions–Variables and Functions vectors, The R Console, Vectors–Vectors version of, Introducing R R-Forge repository, Packages .rb file extension, Running Ruby rbind() function, R, Data frames read() function, R, Importing data from text files read.table() function, R, Interpreting the Data, Number of Messages by Day of the Month repeat loop, R, Conditionals and Loops require statement, Ruby, Requiring External Libraries restrooms example, Offices and Restrooms–The Final Simulation, Offices and Restrooms, The Simple Scenario–The Simple Scenario, The Simple Scenario–The First Simulation, Representing Restrooms and Such, Representing Restrooms and Such, Representing Restrooms and Such, Interpreting the Data–Interpreting the Data, Interpreting the Data–Interpreting the Data, The Second Simulation–The Final Simulation, The Second Simulation, The Second Simulation–The Second Simulation, The Third Simulation–The Third Simulation, The Final Simulation–The Final Simulation charts for, Interpreting the Data–Interpreting the Data, The Second Simulation, The Second Simulation–The Second Simulation, The Third Simulation–The Third Simulation, The Final Simulation–The Final Simulation data results, interpreting, Interpreting the Data–Interpreting the Data Facility class for, Representing Restrooms and Such HSE (Health and Safety Executive) data regarding, Offices and Restrooms modeling, The Simple Scenario–The Simple Scenario Person class for, Representing Restrooms and Such Restroom class for, Representing Restrooms and Such simulations for, The Simple Scenario–The First Simulation, The Second Simulation–The Final Simulation return keyword, R, Variables and Functions return keyword, Ruby, Methods Reynolds, Craig (creator of Boids algorithm), Schooling Fish and Flocking Birds RIFF format, Extracting Data from Sound right angle bracket (>), The R Console, Variables and Functions -> assignment operator, R, Variables and Functions > R console prompt, The R Console RMagick library, Extracting Data from Video, Extracting Data from Video Ruby language, Packing Your Bags, Ruby–Why Ruby, Why Ruby, Installing Ruby–Installing Ruby using your platform’s package management tool, Installing Ruby from source, Running Ruby–Running Ruby, Running Ruby, Running Ruby, Requiring External Libraries–Requiring External Libraries, Strings–Strings, Strings, Arrays and hashes–Arrays and hashes, Arrays and hashes–Arrays and hashes, Arrays and hashes, Symbols, Conditionals and loops–case expression, Loops, Classes and objects–Classes and objects, Classes and objects–Classes and objects, Methods, Class methods and variables, Class methods and variables–Class methods and variables, Inheritance–Inheritance, Inheritance–Inheritance, Inheritance, Inheritance, Code like a duck–Code like a duck, Code like a duck–Code like a duck, Shoes–Shoes doodler, Roids arrays, Arrays and hashes–Arrays and hashes, Arrays and hashes class methods, Class methods and variables class variables, Class methods and variables–Class methods and variables classes, Classes and objects–Classes and objects compiling from source code, Installing Ruby from source conditionals, Conditionals and loops–case expression duck typing, Code like a duck–Code like a duck dynamic typing, Code like a duck–Code like a duck external libraries for, Requiring External Libraries–Requiring External Libraries hashes, Arrays and hashes–Arrays and hashes here-documents, Strings inheritance, Inheritance–Inheritance installing, Installing Ruby–Installing Ruby using your platform’s package management tool interactive tool for, Running Ruby interpreter for, Running Ruby loops, Loops methods, Methods mixin mechanism, Inheritance modules, Inheritance objects, Classes and objects–Classes and objects open classes, Roids running, Running Ruby–Running Ruby Shoes toolkit for, Shoes–Shoes doodler strings, Strings–Strings subclassing, Inheritance–Inheritance symbols, Symbols website for, Why Ruby Ruby Version Manager (RVM), Ruby Version Manager (RVM) RubyGems package manager, Requiring External Libraries RubyInstaller, RubyInstaller RVideo library, Extracting Data from Video RVM (Ruby Version Manager), Ruby Version Manager (RVM) S saccadic masking, Data, Data, Everywhere sample frame, Extracting Data from Sound sample points, Extracting Data from Sound sapply() function, R, Variables and Functions scale_shape_manual() function, Interpreting the Data scale_x_continuous() function, Interpreting the Data scale_y_continuous() function, Interpreting the Data scatterplot, R, The R Console, Sourcing Files and the Command Line scatterplots, Interpreting the Data–Interpreting the Data, The Second Simulation, The Third Simulation–The Third Simulation, The Final Simulation–The Final Simulation, Number of Messages by Day of the Month–Number of Messages by Hour of the Day, Implementation schools of fish, Schooling Fish and Flocking Birds (see flocking example) sd() function, R, The R Console self keyword, Ruby, Class methods and variables seq() function, R, Vectors Shapiro-Wilk test, Money Shoes toolkit, Shoes–Shoes doodler, A Rainbow of Shoes, Installing Shoes–Installing Shoes, Programming Shoes–Shoes doodler, Shoes stopwatch, Shoes stopwatch, Shoes stopwatch, Simulation–Simulation, Roids–Roids flows, Shoes stopwatch installing, Installing Shoes–Installing Shoes programming in, Programming Shoes–Shoes doodler slots, Shoes stopwatch stacks, Shoes stopwatch versions (colors) of, A Rainbow of Shoes simulations, Bringing the World to Us, The Simple Scenario–The First Simulation, The Simple Scenario–The First Simulation, The Second Simulation–The Final Simulation, The Simulation–The Simulation, The Simulation–The Simulation, Simulation–Simulation, The Boid Flocking Rules–Putting in Obstacles economics example, The Simulation–The Simulation, The Simulation–The Simulation flocking example, Simulation–Simulation, The Boid Flocking Rules–Putting in Obstacles Monte Carlo method, The Simple Scenario–The First Simulation restrooms example, The Simple Scenario–The First Simulation, The Second Simulation–The Final Simulation single quotes (' '), enclosing Ruby strings, Strings slots, Shoes, Shoes stopwatch Smith, Adam (author), The Invisible Hand An Inquiry into the Nature and Causes of the Wealth of Nations (University of Chicago Press), The Invisible Hand source() function, R, Sourcing Files and the Command Line square brackets ([ ]), Vectors, Matrices, Data frames accessing subset of R data frame, Data frames enclosing R matrix indexes, Matrices enclosing R vector indexes, Vectors square brackets, double ([[ ]]), enclosing single R vector index, Vectors stacks, Shoes, Shoes stopwatch standard deviation, R, The R Console Standard library, Ruby, Requiring External Libraries Starlings in Flight (STARFLAG) project, A Variation on the Rules statistical functions, R, The R Console, Packages, Interpreting the Data–Interpreting the Data stats package, R, Packages stat_bin() function, R, Statistical transformation, Statistical transformation stethoscope, homemade, Homemade Digital Stethoscope stopwatch example, Shoes stopwatch–Shoes stopwatch String class, Extracting Data from Sound strings, Ruby, Strings–Strings subclassing, Ruby, Inheritance–Inheritance sudo command, Installing Ruby using your platform’s package management tool symbols, Ruby, Symbols T table() function, R, Interpreting the Data, Number of Messages by Day of the Month term-document matrix, Text Mining ternary conditional expression, Ruby, if and unless text document, Text Mining text files, Importing data from text files, Importing data from text files, The Emailing Habits of Enron Executives (see also CSV files) email message data in, The Emailing Habits of Enron Executives importing data from, R, Importing data from text files text mining, Text Mining–Text Mining The Grammar of Graphics (Springer), Introducing ggplot2 tm library, Text Mining U Ubuntu system, installing Ruby on, Installing Ruby using your platform’s package management tool UI toolkits, Shoes toolkit, Shoes–Shoes doodler unless expression, Ruby, if and unless unpack method, String class, Extracting Data from Sound until loop, Ruby, Loops Utopia example, It’s a Good Life, It’s a Good Life, Money–Money, Money–Money, Money–Money, Sex–The Changes, Birth and Death, The Changes–The Changes, Evolution–Implementation, Implementation, Implementation charts for, Money–Money, Implementation data, analyzing, Money–Money, The Changes–The Changes, Implementation evolution added to simulation, Evolution–Implementation flocking roids, as basis for simulation, It’s a Good Life food added to simulation, Money–Money mortality added to simulation, Birth and Death procreation added to simulation, Sex–The Changes research regarding, It’s a Good Life V variables, R, Variables and Functions–Variables and Functions Vector class, Ruby, Roids vectors, R, The R Console, Vectors–Vectors video file, extracting data from, Extracting Data from Video–Extracting Data from Video W WAV files, Homemade Digital Stethoscope, Extracting Data from Sound–Extracting Data from Sound, Extracting Data from Sound extracting to CSV file, Extracting Data from Sound–Extracting Data from Sound format of, Extracting Data from Sound recording audio to, Homemade Digital Stethoscope waveforms, Generating the Heart Sounds Waveform–Generating the Heart Sounds Wavef