Tag Archives: architecture

First looks at OpenSocial: part 1 (URLs)

In a year or two, we’ll know whether the Google-lead OpenSocial initiative was a turning point in the social web or just a weak shot fired across Facebook’s bow. In the meantime, I think it’s worth taking some time to … Continue reading

| Tagged , , | 4 Comments

[not] Protecting web sites and services from DNS rebinding attacks

Update: Nope, my solution won’t work. As Christian Matthies points out in the comments, it is possible to spoof the HTTP Host header as well (his link in the comment is broken because of an extra comma, but this one … Continue reading

| Tagged , , , | 8 Comments

Three simple tips for LAMP web site developers

You’ve learned to write some basic HTML, CSS, PHP/Python/Perl and SQL, found a hosting service, and are ready to create your first LAMP web application. You’ve already read a bit about security (you know always to escape user-supplied parameters, etc.). … Continue reading

| Tagged , , , | 3 Comments

My biggest problem with Wikipedia

Summary: You can’t partition a web site’s users into discrete groups by language. I don’t worry much about Wikipedia’s objectivity or reliability — no sources (especially not newspapers or Britannica) are objective or reliable, and at least Wikipedia preserves its … Continue reading

| Tagged , ,

REST, the Lost Update Problem, and the Sneakernet Test

Dare Obasanjo is giving a bit of pushback on the Atom Publishing Protocol, but the part that caught my attention was the section on the Lost Update Problem. This doesn’t have to do with REST per se as much as … Continue reading

| Tagged , , | 11 Comments

Open Data matters more than Open Source

Dare Obasanjo just put up a posting with the title Open Source is Dead. Dare does happen to be a Microsoft employee, but his posting is none of the standard anti-Linux/OpenOffice/Apache/Firefox FUD. Instead, he voices a question that’s been floating … Continue reading

Posted in Uncategorized | Tagged , , , , | 5 Comments

REST: the quick pitch

Now that the Java world is noticing REST, the low-pain alternative to RPC standards like WS-*, people are starting to blog about it again. Gossip with other IT folks also tells me that people’s customers are actually asking for REST … Continue reading

Posted in REST | Tagged , , | 19 Comments