web application

311 results back to index


pages: 1,302 words: 289,469

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws by Dafydd Stuttard, Marcus Pinto

business logic, call centre, cloud computing, commoditize, database schema, defense in depth, easy for humans, difficult for computers, Firefox, information retrieval, information security, lateral thinking, machine readable, MITM: man-in-the-middle, MVC pattern, optical character recognition, Ruby on Rails, SQL injection, Turing test, Wayback Machine, web application

Marcus would like to thank his parents for everything they have done and continue to do, including getting me into computers. I've been getting into computers ever since. vii Contents at a Glance viii Contents Introduction xxiii Chapter 1 Web Application (In)security 1 The Evolution of Web Applications 2 Common Web Application Functions 4 Benefits of Web Applications 5 Web Application Security 6 "This Site Is Secure" 7 The Core Security Problem: Users Can Submit Arbitrary Input 9 Key Problem Factors 10 The New Security Perimeter 12 The Future of Web Application Security 14 Summary 15 Chapter 2 Core Defense Mechanisms 17 Handling User Access 18 Authentication 18 Session Management 19 Access Control 20 Handling User Input 21 Varieties of Input 21 Approaches to Input Handling 23 Boundary Validation 25 Multistep Validation and Canonicalization 28 Handling Attackers 30 Handling Errors 30 Maintaining Audit Logs 31 Alerting Administrators 33 Reacting to Attacks 34 X Contents Chapter 3 Chapter 4 Contents xi Chapter 5 Bypassing Client-Side Controls 117 Transmitting Data Via the Client 118 Hidden Form Fields 118 HTTP Cookies 121 URL Parameters 121 The Referer Header 122 Opaque Data 123 The ASP.NET ViewState 124 Capturing User Data: HTML Forms 127 Length Limits 128 Script-Based Validation 129 Disabled Elements 131 Capturing User Data: Browser Extensions 133 Common Browser Extension Technologies 134 Approaches to Browser Extensions 135 Intercepting Traffic from Browser Extensions 135 Decompiling Browser Extensions 139 Attaching a Debugger 151 Native Client Components 153 Handling Client-Side Data Securely 154 Transmitting Data Via the Client 154 Validating Client-Generated Data 155 Logging and Alerting 156 Summary 156 Questions 157 Chapter 6 Attacking Authentication 159 Authentication Technologies 160 Design Flaws in Authentication Mechanisms 161 Bad Passwords 161 Brute-Forcible Login 162 Verbose Failure Messages 166 Vulnerable Transmission of Credentials 169 Password Change Functionality 171 Forgotten Password Functionality 173 "Remember Me" Functionality 176 User Impersonation Functionality 178 Incomplete Validation of Credentials 180 Nonunique Usernames 181 Predictable Usernames 182 Predictable Initial Passwords 183 Insecure Distribution of Credentials 184 Implementation Flaws in Authentication 185 Fail-Open Login Mechanisms 185 Defects in Multistage Login Mechanisms 186 Insecure Storage of Credentials 190 xii Contents Securing Authentication 191 Use Strong Credentials 192 Handle Credentials Secretively 192 Validate Credentials Properly 193 Prevent Information Leakage 195 Prevent Brute-Force Attacks 196 Prevent Misuse of the Password Change Function 199 Prevent Misuse of the Account Recovery Function 199 Log, Monitor, and Notify 201 Summary 201 Questions 202 Chapter 7 Attacking Session Management 205 The Need for State 206 Alternatives to Sessions 208 Weaknesses in Token Generation 210 Meaningful Tokens 210 Predictable Tokens 213 Encrypted Tokens 223 Weaknesses in Session Token Handling 233 Disclosure of Tokens on the Network 234 Disclosure of Tokens in Logs 237 Vulnerable Mapping of Tokens to Sessions 240 Vulnerable Session Termination 241 Client Exposure to Token Hijacking 243 Liberal Cookie Scope 244 Securing Session Management 248 Generate Strong Tokens 248 Protect Tokens Throughout Their Life Cycle 250 Log, Monitor, and Alert 253 Summary 254 Questions 255 Chapter 8 Attacking Access Controls 257 Common Vulnerabilities 258 Completely Unprotected Functionality 259 Identifier-Based Functions 261 Multistage Functions 262 Static Files 263 Platform Misconfiguration 264 Insecure Access Control Methods 265 Attacking Access Controls 266 Testing with Different User Accounts 267 Testing Multistage Processes 271 Testing with Limited Access 273 Testing Direct Access to Methods 276 Testing Controls Over Static Resources 277 Contents xiii Testing Restrictions on HTTP Methods 278 Securing Access Controls 278 A Multilayered Privilege Model 280 Summary 284 Questions 284 Chapter 9 Attacking Data Stores 287 Injecting into Interpreted Contexts 288 Bypassing a Login 288 Injecting into SQL 291 Exploiting a Basic Vulnerability 292 Injecting into Different Statement Types 294 Finding SQL Injection Bugs 298 Fingerprinting the Database 303 The UNION Operator 304 Extracting Useful Data 308 Extracting Data with UNION 308 Bypassing Filters 311 Second-Order SQL Injection 313 Advanced Exploitation 314 Beyond SQL Injection: Escalating the Database Attack 325 Using SQL Exploitation Tools 328 SQL Syntax and Error Reference 332 Preventing SQL Injection 338 Injecting into NoSQL 342 Injecting into MongoDB 343 Injecting into XPath 344 Subverting Application Logic 345 Informed XPath Injection 346 Blind XPath Injection 347 Finding XPath Injection Flaws 348 Preventing XPath Injection 349 Injecting into LDAP 349 Exploiting LDAP Injection 351 Finding LDAP Injection Flaws 353 Preventing LDAP Injection 354 Summary 354 Questions 354 Chapter 10 Attacking Back-End Components 357 Injecting OS Commands 358 Example 1: Injecting Via Perl 358 Example 2: Injecting Via ASP 360 Injecting Through Dynamic Execution 362 Finding OS Command Injection Flaws 363 Finding Dynamic Execution Vulnerabilities 366 xiv Contents Preventing OS Command Injection 367 Preventing Script Injection Vulnerabilities 368 Manipulating File Paths 368 Path Traversal Vulnerabilities 368 File Inclusion Vulnerabilities 381 Injecting into XML Interpreters 383 Injecting XML External Entities 384 Injecting into SOAP Services 386 Finding and Exploiting SOAP Injection 389 Preventing SOAP Injection 390 Injecting into Back-end HTTP Requests 390 Server-side HTTP Redirection 390 HTTP Parameter Injection 393 Injecting into Mail Services 397 E-mail Header Manipulation 398 SMTP Command Injection 399 Finding SMTP Injection Flaws 400 Preventing SMTP Injection 402 Summary 402 Questions 403 Chapter 11 Attacking Application Logic 405 The Nature of Logic Flaws 406 Real-World Logic Flaws 406 Example 1: Asking the Oracle 407 Example 2: Fooling a Password Change Function 409 Example 3: Proceeding to Checkout 410 Example 4: Rolling Your Own Insurance 412 Example 5: Breaking the Bank 414 Example 6: Beating a Business Limit 416 Example 7: Cheating on Bulk Discounts 418 Example 8: Escaping from Escaping 419 Example 9: Invalidating Input Validation 420 Example 10: Abusing a Search Function 422 Example 11: Snarfing Debug Messages 424 Example 12: Racing Against the Login 426 Avoiding Logic Flaws 428 Summary 429 Questions 430 Chapter 12 Attacking Users: Cross-Site Scripting 431 Varieties of XSS 433 Reflected XSS Vulnerabilities 434 Stored XSS Vulnerabilities 438 DOM-Based XSS Vulnerabilities 440 XSS Attacks in Action 442 Real-World XSS Attacks 442 Contents xv Payloads for XSS Attacks 443 Delivery Mechanisms for XSS Attacks 447 Finding and Exploiting XSS Vulnerabilities 451 Finding and Exploiting Reflected XSS Vulnerabilities 452 Finding and Exploiting Stored XSS Vulnerabilities 481 Finding and Exploiting DOM-Based XSS Vulnerabilities 487 Preventing XSS Attacks 492 Preventing Reflected and Stored XSS 492 Preventing DOM-Based XSS 496 Summary 498 Questions 498 Chapter 13 Attacking Users: Other Techniques 501 Inducing User Actions 501 Request Forgery 502 UI Redress 511 Capturing Data Cross-Domain 515 Capturing Data by Injecting HTML 516 Capturing Data by Injecting CSS 517 JavaScript Hijacking 519 The Same-Origin Policy Revisited 524 The Same-Origin Policy and Browser Extensions 525 The Same-Origin Policy and HTML5 528 Crossing Domains with Proxy Service Applications 529 Other Client-Side Injection Attacks 531 HTTP Header Injection 531 Cookie Injection 536 Open Redirection Vulnerabilities 540 Client-Side SQL Injection 547 Client-Side HTTP Parameter Pollution 548 Local Privacy Attacks 550 Persistent Cookies 550 Cached Web Content 551 Browsing History 552 Autocomplete 552 Flash Local Shared Objects 553 Silverlight Isolated Storage 553 Internet Explorer userData 554 HTML5 Local Storage Mechanisms 554 Preventing Local Privacy Attacks 554 Attacking ActiveX Controls 555 Finding ActiveX Vulnerabilities 556 Preventing ActiveX Vulnerabilities 558 Attacking the Browser 559 Logging Keystrokes 560 Stealing Browser History and Search Queries 560 xvi Contents Enumerating Currently Used Applications 560 Port Scanning 561 Attacking Other Network Hosts 561 Exploiting Non-HTTP Services 562 Exploiting Browser Bugs 563 DNS Rebinding 563 Browser Exploitation Frameworks 564 Man-in-the-Middle Attacks 566 Summary 568 Questions 568 Chapter 14 Automating Customized Attacks 571 Uses for Customized Automation 572 Enumerating Valid Identifiers 573 The Basic Approach 574 Detecting Hits 574 Scripting the Attack 576 JAttack 577 Harvesting Useful Data 583 Fuzzing for Common Vulnerabilities 586 Putting It All Together: Burp Intruder 590 Barriers to Automation 602 Session-Handling Mechanisms 602 CAPTCHA Controls 610 Summary 613 Questions 613 Chapter 15 Exploiting Information Disclosure 615 Exploiting Error Messages 615 Script Error Messages 616 Stack Traces 617 Informative Debug Messages 618 Server and Database Messages 619 Using Public Information 623 Engineering Informative Error Messages 624 Gathering Published Information 625 Using Inference 626 Preventing Information Leakage 627 Use Generic Error Messages 628 Protect Sensitive Information 628 Minimize Client-Side Information Leakage 629 Summary 629 Questions 630 Chapter 16 Attacking Native Compiled Applications 633 Buffer Overflow Vulnerabilities 634 Stack Overflows 634 Heap Overflows 635 Contents xvii "Off-by-One" Vulnerabilities 636 Detecting Buffer Overflow Vulnerabilities 639 Integer Vulnerabilities 640 Integer Overflows 640 Signedness Errors 641 Detecting Integer Vulnerabilities 642 Format String Vulnerabilities 643 Detecting Format String Vulnerabilities 644 Summary 645 Questions 645 Chapter 17 Attacking Application Architecture 647 Tiered Architectures 647 Attacking Tiered Architectures 648 Securing Tiered Architectures 654 Shared Flosting and Application Service Providers 656 Virtual Hosting 657 Shared Application Services 657 Attacking Shared Environments 658 Securing Shared Environments 665 Summary 667 Questions 667 Chapter 18 Attacking the Application Server 669 Vulnerable Server Configuration 670 Default Credentials 670 Default Content 671 Directory Listings 677 WebDAV Methods 679 The Application Server as a Proxy 682 Misconfigured Virtual Hosting 683 Securing Web Server Configuration 684 Vulnerable Server Software 684 Application Framework Flaws 685 Memory Management Vulnerabilities 687 Encoding and Canonicalization 689 Finding Web Server Flaws 694 Securing Web Server Software 695 Web Application Firewalls 697 Summary 699 Questions 699 Chapter 19 Finding Vulnerabilities in Source Code 701 Approaches to Code Review 702 Black-Box Versus White-Box Testing 702 Code Review Methodology 703 Signatures of Common Vulnerabilities 704 Cross-Site Scripting 704 xviii Contents Chapter 20 Contents xix Technical Challenges Faced by Scanners 778 Current Products 781 Using a Vulnerability Scanner 783 Other Tools 785 Wikto/Nikto 785 Firebug 785 Hydra 785 Custom Scripts 786 Summary 789 Chapter 21 A Web Application Hacker's Methodology 791 General Guidelines 793 1 Map the Application's Content 795 1.1 Explore Visible Content 795 1.2 Consult Public Resources 796 1.3 Discover Hidden Content 796 1.4 Discover Default Content 797 1.5 Enumerate Identifier-Specified Functions 797 1.6 Test for Debug Parameters 798 2 Analyze the Application 798 2.1 Identify Functionality 798 2.2 Identify Data Entry Points 799 2.3 Identify the Technologies Used 799 2.4 Map the Attack Surface 800 3 Test Client-Side Controls 800 3.1 Test Transmission of Data Via the Client 801 3.2 Test Client-Side Controls Over User Input 801 3.3 Test Browser Extension Components 802 4 Test the Authentication Mechanism 805 4.1 Understand the Mechanism 805 4.2 Test Password Quality 806 4.3 Test for Username Enumeration 806 4.4 Test Resilience to Password Guessing 807 4.5 Test Any Account Recovery Function 807 4.6 Test Any Remember Me Function 808 4.7 Test Any Impersonation Function 808 4.8 Test Username Uniqueness 809 4.9 Test Predictability of Autogenerated Credentials 809 4.10 Check for Unsafe Transmission of Credentials 810 4.11 Check for Unsafe Distribution of Credentials 810 4.12 Test for Insecure Storage 811 4.13 Test for Logic Flaws 811 4.14 Exploit Any Vulnerabilities to Gain Unauthorized Access 813 5 Test the Session Management Mechanism 814 5.1 Understand the Mechanism 814 5.2 Test Tokens for Meaning 815 5.3 Test Tokens for Predictability 816 xx Contents 5.4 Check for Insecure Transmission of Tokens 817 5.5 Check for Disclosure of Tokens in Logs 817 5.6 Check Mapping of Tokens to Sessions 818 5.7 Test Session Termination 818 5.8 Check for Session Fixation 819 5.9 Check for CSRF 820 5.10 Check Cookie Scope 820 6 Test Access Controls 821 6.1 Understand the Access Control Requirements 821 6.2 Test with Multiple Accounts 822 6.3 Test with Limited Access 822 6.4 Test for Insecure Access Control Methods 823 7 Test for Input-Based Vulnerabilities 824 7.1 Fuzz All Request Parameters 824 7.2 Test for SQL Injection 827 7.3 Test for XSS and Other Response Injection 829 7.4 Test for OS Command Injection 832 7.5 Test for Path Traversal 833 7.6 Test for Script Injection 835 7.7 Test for File Inclusion 835 8 Test for Function-Specific Input Vulnerabilities 836 8.1 Test for SMTP Injection 836 8.2 Test for Native Software Vulnerabilities 837 8.3 Test for SOAP Injection 839 8.4 Test for LDAP Injection 839 8.5 Test for XPath Injection 840 8.6 Test for Back-End Request Injection 841 8.7 Test for XXE Injection 841 9 Test for Logic Flaws 842 9.1 Identify the Key Attack Surface 842 9.2 Test Multistage Processes 842 9.3 Test Handling of Incomplete Input 843 9.4 Test Trust Boundaries 844 9.5 Test Transaction Logic 844 10 Test for Shared Hosting Vulnerabilities 845 10.1 Test Segregation in Shared Infrastructures 845 10.2 Test Segregation Between ASP-Hosted Applications 845 11 Test for Application Server Vulnerabilities 846 11.1 Test for Default Credentials 846 11.2 Test for Default Content 847 11.3 Test for Dangerous HTTP Methods 847 11.4 Test for Proxy Functionality 847 11.5 Test for Virtual Hosting Misconfiguration 847 11.6 Test for Web Server Software Bugs 848 11.7 Test for Web Application Firewalling 848 Contents xxi 12 Miscellaneous Checks 849 12.1 Check for DOM-Based Attacks 849 12.2 Check for Local Privacy Vulnerabilities 850 12.3 Check for Weak SSL Ciphers 851 12.4 Check Same-Origin Policy Configuration 851 13 Follow Up Any Information Leakage 852 Index 853 Introduction This book is a practical guide to discovering and exploiting security flaws in web applications.

We present some metrics about vulnerabilities in current web applications, drawn from the authors' direct experience, demonstrating that the majority of applications are far from secure. We describe the core security problem facing web applications — that users can supply arbitrary input — and the various factors that contribute to their weak security posture. Finally, we describe the latest trends in web application security and how these may be expected to develop in the near future. 2 Chapter 1 i Web Application (In)security The Evolution of Web Applications In the early days of the Internet, the World Wide Web consisted only of web sites.

This allows an attacker who compromises a user's web mail account to easily escalate the attack and compromise the victim's accounts on most of the web applications for which the victim is registered. The Future of Web Application Security Over a decade after their widespread adoption, web applications on the Internet today are still rife with vulnerabilities. Understanding of the security threats facing web applications, and effective ways of addressing these, are still underdeveloped within the industry. There is currently little indication that the problem factors described in this chapter will disappear in the near future. That said, the details of the web application security landscape are not static.


pages: 136 words: 20,501

Introduction to Tornado by Michael Dory, Adam Parrish, Brendan Berg

don't repeat yourself, Firefox, social web, web application, WebSocket

In the upcoming chapters, we’ll show features and techniques that will help you use Tornado to build full-blown web services and web applications. First up: Tornado’s template system. Chapter 2. Forms and Templates In Chapter 1, we looked at the basics of setting up a web application with Tornado. We covered handlers, HTTP methods, and the overall structure of the Tornado framework. In this chapter, we’re going to take a look at some of the more powerful features that you’re likely to use when building web applications. As with most web frameworks, one of the primary goals of Tornado is to help you write your applications faster, reusing as much of your code as cleanly as possible.

Introduction Over the last half decade, the tools available to web developers have grown by leaps and bounds. As technologists continue to push the limits of what web applications can do for users everywhere, we’ve had to upgrade our toolkit and create frameworks that let us build better applications. We would like to be able to use new toolkits that make it easier for us to write clean and maintainable code that scales efficiently when deployed to users all across the globe. This brings us to talking about Tornado, a fantastic choice for writing powerful web applications that are simple to create, extend, and deploy. The three of us had all fallen in love with Tornado for its speed, simplicity, and scalability, and after trying it out on a few personal projects, we’ve put it to work in our day jobs.

Serving Static Files When writing web applications, you’ll often want to serve “static content” like stylesheets, JavaScript files, and images without writing individual handlers for every file. Tornado provides several helpful shortcuts to make serving static content easy. Setting the static_path You can tell Tornado to serve static files from a particular location on the filesystem by passing a static_path parameter to the constructor of the Application class. The relevant snippet from the Alpha Munger source code follows: app = tornado.web.Application( handlers=[(r'/', IndexHandler), (r'/poem', MungedPageHandler)], template_path=os.path.join(os.path.dirname(__file__), "templates"), static_path=os.path.join(os.path.dirname(__file__), "static"), debug=True ) Here, we set the static_path parameter to a subdirectory named static, found in the directory of the current application.


pages: 628 words: 107,927

Node.js in Action by Mike Cantelon, Marc Harter, Tj Holowaychuk, Nathan Rajlich

Amazon Web Services, business logic, Chris Wanstrath, create, read, update, delete, Debian, en.wikipedia.org, Firefox, Google Chrome, machine readable, MITM: man-in-the-middle, MVC pattern, node package manager, p-value, pull request, Ruby on Rails, SQL injection, web application, WebSocket

In this section, we’ll talk about how you can use Tobi to test any running web application, including non-Node applications, over the network. We’ll also show you how to use Tobi to test a web application created with Express, even if the Express-based web application isn’t running. Testing web applications with Tobi If you’d like to create tests using Tobi, first create a directory for them (or use an existing application directory), and then change to the directory in the command line and enter the following to install Tobi: $ npm install tobi Listing 10.17 is an example of using Tobi to test web application functionality of a website—in this case running the to-do application we tested in chapter 5.

images[]=foo.png&images[]=bar.png produce the following object: { images: [ 'foo.png', 'bar.png' ] } When no query-string parameters are given in the HTTP request, like /songSearch, then req.query will default to an empty object: {} That’s all there is to it. Next we’ll look at the built-in middleware that covers core web application needs, such as logging and sessions. 7.2. Middleware that implements core web application functions Connect aims to implement and provide built-in middleware for the most common web application needs, so that they don’t need to be re-implemented over and over by every developer. Core web application functions like logging, sessions, and virtual hosting are all provided by Connect out of the box. In this section, you’ll learn about five very useful middleware components that you’ll likely use in your applications: logger()—Provides flexible request logging favicon()—Takes care of the /favicon.ico request without you having to think about it methodOverride()—Enables incapable clients to transparently overwrite req.method vhost()—Sets up multiple websites on a single server (virtual hosting) session()—Manages session data Up until now you’ve created your own custom logging middleware, but Connect provides a very flexible solution named logger(), so let’s explore that first. 7.2.1. logger(): logging requests logger() is a flexible request-logging middleware component with customizable log formats.

Node fundamentals Chapter 1. Welcome to Node.js Chapter 2. Building a multiroom chat application Chapter 3. Node programming fundamentals 2. Web application development with Node Chapter 4. Building Node web applications Chapter 5. Storing Node application data Chapter 6. Connect Chapter 7. Connect’s built-in middleware Chapter 8. Express Chapter 9. Advanced Express Chapter 10. Testing Node applications Chapter 11. Web application templating 3. Going further with Node Chapter 12. Deploying Node applications and maintaining uptime Chapter 13. Beyond web servers Chapter 14.


pages: 982 words: 221,145

Ajax: The Definitive Guide by Anthony T. Holdener

AltaVista, Amazon Web Services, business logic, business process, centre right, Citizen Lab, Colossal Cave Adventure, create, read, update, delete, database schema, David Heinemeier Hansson, en.wikipedia.org, Firefox, full text search, game design, general-purpose programming language, Guido van Rossum, information retrieval, loose coupling, machine readable, MVC pattern, Necker cube, p-value, Ruby on Rails, SimCity, slashdot, social bookmarking, sorting algorithm, SQL injection, Wayback Machine, web application

And what makes Ajax special is that it is not a new technology—it is the combination of many technologies that have been around for a while and that are production-tested. User interaction, fast response time, desktop-like features: web applications are no longer something that you can only dream of for the future. Web applications are in the here and now. Welcome to Web 2.0 with Ajax. Welcome to Web 2.0 | 21 Chapter 2 2 CHAPTER From Web Sites to Web Applications 2 Ajax web applications are here, and they are the future of the Web. The big question at this point is, how do we get there? How do we get from simple web sites to web applications? This seems easy on the surface, right? Unfortunately, it’s not easy. Developing an application, whether it is on the desktop or on the Web, takes more forethought than the old model of web design did.

This way of thinking has many merits: • Ajax web applications require no installation, updating, or distribution, as everything is served up by a web server. • Ajax web applications are less prone to virus attacks (generally). • Ajax web applications can be accessed anywhere, and if they are built properly, you can run them on any operating system. These merits are saving companies millions of dollars. But even if you aren’t a corporate mogul looking to save tons of cash, Ajax web applications are just plain cool to develop! Application Environments You can implement Ajax web applications in many environments. Each of them has special design considerations.

Census, 651, 908 string indexing, 569 structure, abstracting to wrappers or containers, 330 structure.css file, 369 structured applications, 142 Structured Query Language (see SQL) structures (design), 25, 148 Struts framework, 60 style properties (CSS), 796–800 styles, 117–129 CSS rule types, 117 importNode( ) function that registers styles, 327–329 information about, 126 Internet Explorer and, 127 modifying and removing style, 118 stylesheet manipulation methods, 118 (see also CSS) stylesheets changing page style in browsers, 364–366 user-defined stylesheets, 364 switching, 368–385 alternate stylesheets, 371 creating the stylesheets, 368–371 multiple customizations, 381–385 rembering user selection, 375–381 simple style-switching object, 372–375 XSLT, 855 (see also CSS) StyleSwitcher class (example), 381–385 modifying for color theme switches, 393–397 Submit button (form), 520 onclick event attached, 520 success/failure response, 531 Sunlight Labs, 656, 908 Suraski, Zeev, 41 SVG (Scalable Vector Graphics), 467 support by browser engines, 18 symbols used for web application icons, 167 syndication, 14, 613 Atom, 16 RSS, 15 support by browser engines, 18 using syndicated web feed to create web services, 613–617 SyntaxError object, 409 T tabindex attribute (<input>), 488 table of contents, 292–297 CSS rules for numbering system, 296 JavaScript function dynamically creating list used as, 293–295 table pagination, 283–291 Ajax, 287–289 sorting paginated tables, 289–291 using JavaScript, 285–287 tables, 135–138, 247–283 accessible, 252–258 Ajax and, 263 components of, 135 DOM table methods, 137 interacting with, 258–263 dynamically creating tables, 258–262 updating content in a row, 262 layout using CSS instead of, 250–252 problems with, 248 sorting, 264–279 JavaScript versus Ajax sorting, 279 JavaScript, using, 264–275 keeping style with sorts, 280–283 using Ajax, 275–279 use for page layout, 247–250 old layouts, 248 tabs, 212–221 content of, 218–221 JavaScript code for dynamic content, 219–221 CSS tabs using XHTML lists, 213–215 creating illusion of depth, 215 image tabs, 216–217 XHTML structure, 216 tags, XML, 845 Tapestry framework, 61 target attribute (HTML), 694 target audience geared toward a specific technology, 33 web application design and, 25 <tbody> elements, 261 sorting in a table, 270 TCP/IP packet size, 808 Technorati web service, 621, 909 telephone numbers, lookup service, 650 testing (software development), 23 testing and release phase, Ajax web application development, 26 Index | 951 text color contrast with background, 166 commanding attention to, 166 fonts in web applications, 162–167 spacing of, 166 text boxes (form controls), 493 text editors, 156 text element or text node, 104 Text node, creating, 107 <textarea> elements focus( ), blur( ), and select( ) methods, 493 images, 487 three-tier (basic) design pattern, 29 throw statement, 415 title attribute, alternative stylesheet links, 372 tolerance of user mistakes and abuse, 142 tool tips, 355–360 code for customizable tool-tip object, 355–359 modifications for Ajax functionality, 359 toolkits, 453 tools common web application tools, 153–155 desktop applications, 156 determining tools needed for web application, 157 porting desktop application tools to web applications, 158 Total Annihilation (strategy game), 724 Transact-SQL (T-SQL), 45 transforming or formatting XML documents (see XSLT) transparency alpha transparency, 438 GIF images, 437 transport type for mashup backend, 670 traversal methods (DOM), 116 traversal properties (DOM), 116 trees of lists used in navigation boxes, 231–235 vertical lists, 235 Zapatec DHTML Tree, 234 web application design pattern, 149 Trident browser engine, 18 true color images in GIF file format, 438 support by PNG format, 440 try...catch...finally block, 414 turn-based games, 725 turnDataPage( ) function, 285 revised for Ajax, 287 952 | Index turnPage( ) function, 229, 240 altering to call XMLHttpRequest, 230 TypeError object, 409 TypePad (blog service), 620, 909 types element (WSDL), 601 U U.


pages: 570 words: 115,722

The Tangled Web: A Guide to Securing Modern Web Applications by Michal Zalewski

barriers to entry, business process, defense in depth, easy for humans, difficult for computers, fault tolerance, finite state, Firefox, Google Chrome, information retrieval, information security, machine readable, Multics, RFC: Request For Comment, semantic web, Steve Jobs, telemarketer, Tragedy of the Commons, Turing test, Vannevar Bush, web application, WebRTC, WebSocket

See Uniform Resource Locators (URLs), Properties of ActionScript user, The Evolution of a Threat, Resolution of Relative URLs, Header Character Set and Encoding Schemes, Referer Header Behavior, Privacy-Related Side Channels as security flaw, The Evolution of a Threat browsing habits, Referer header and, Header Character Set and Encoding Schemes collecting information about interaction, Privacy-Related Side Channels URL construction based on input, Resolution of Relative URLs user content, markup filter for, A Note on Cross-Site Request Forgery user data in HTTP cookies, Error-Handling Rules user interfaces, Pseudo-URLs, Pseudo-URLs, Window-Positioning and Appearance Problems, I/O Interfaces browser extensions and, Pseudo-URLs notifications, I/O Interfaces timing attacks on, Window-Positioning and Appearance Problems User-Agent request header, Basic Syntax of HTTP Traffic user-controlled filenames in Content-Disposition headers, Error-Handling Rules username, in credentials portion of URLs, Indicator of a Hierarchical URL UTF-16 charset, Entity Encoding, Downloaded Files and Other Non-HTTP Content UTF-32 charset, Entity Encoding UTF-7 charset, Entity Encoding UTF-8 charset, Handling of Non-US-ASCII Text, Header Character Set and Encoding Schemes, Downloaded Files and Other Non-HTTP Content in HTTP headers, Header Character Set and Encoding Schemes V valid scheme names, current list, It Starts with a URL variables, declaration in JavaScript, Function Resolution VBScript, Browser-Side Scripts vbscript: scheme, Protocols Claimed by Third-Party Applications and Plug-ins, Inheritance for data: URLs vertical tab, in HTML tag, Understanding HTML Parser Behavior View > Encoding menu, Character Set Inheritance and Override view-cache: scheme, Protocols Claimed by Third-Party Applications and Plug-ins view-source: scheme, Protocols Claimed by Third-Party Applications and Plug-ins Visual Basic, Tales of the Stone Age: 1945 to 1994, Code Inclusion Modes and Nesting Risks, The Perils of Plug-in Content-Type Handling VoiceXML, Cross-Domain Requests W W3C (World Wide Web Consortium), The Boring Period: 2000 to 2003, Hypertext Markup Language w3m, Tales of the Stone Age: 1945 to 1994 WAP (Wireless Application Protocol suite), XML User Interface Language WBXML, Wireless Markup Language WDP file format, Type-Specific Content Inclusion web 2.0, The Boring Period: 2000 to 2003 web applications, Vulnerabilities Specific to Web Applications, Vulnerabilities Specific to Web Applications, Problems to Keep in Mind in Web Application Design design issues, Vulnerabilities Specific to Web Applications vulnerabilities specific to, Vulnerabilities Specific to Web Applications Web Hypertext Application Technology Working Group (WHATWG), Web 2.0 and the Second Browser Wars: 2004 and Beyond web page, prerendering, Content-Level Features web storage, same-origin policy mechanism for, Same-Origin Policy for XMLHttpRequest Web, the.

Other Developments The security features discussed previously in this chapter aim to shift the boundaries between web applications and change the way sites interact with each other. Another group of proposed mechanisms escapes this simple classification yet is important or mature enough to briefly mention here. We’ll review some of them now. In-Browser HTML Sanitizers XSS vulnerabilities are by far the most common security issue encountered in modern web applications. It must be surprising, then, that so few of the proposed security frameworks aim to address the problem in a comprehensive way. True, CSP is a strong contender, but it requires a radical change in how web applications are written, and it can’t be deployed particularly gradually or selectively.

Any security- or privacy-relevant data encoded in the URL of the parent document will be leaked in the Referer header, with the exception of the fragment identifier. See Chapter 3 for an overview of the Referer logic. Problems to Keep in Mind in Web Application Design The problems outlined in this section are an unavoidable circumstance of doing business on the Internet and must be properly accounted for when designing or implementing new web apps. Cache poisoning The possibility of long-term pollution of the browser cache (or any interim proxies) with a fabricated, malicious version of the targeted web application. Encrypted web applications may be targeted due to response-splitting vulnerabilities. For nonencrypted traffic, active network attackers may be able to modify the responses received by the requestor, too.


pages: 91 words: 18,831

Getting Started With OAuth 2.0 by Ryan Boyd

MITM: man-in-the-middle, Salesforce, social graph, web application

A 200 response code indicates successful revocation. Chapter 3. Client-Side Web Applications Flow The Implicit Grant flow for browser-based client-side web applications is very simple. In this flow, an access token is immediately returned to the application after a user grants the requested authorization. An intermediate authorization code is not required as it is in the server-side Web Application flow (see Chapter 2). Figure 3-1 shows a step-by-step flow diagram, based on a diagram from the specification. Figure 3-1. Client-Side Web Applications flow: Step-by-step When Should the Implicit Grant Flow Be Used?

This is useful in enterprise environments that already have SAML authorization servers set up to control application and data access. Chapter 2. Server-Side Web Application Flow In the Web Application flow (also known as the Authorization Code flow), the resource owner is first redirected by the application to the OAuth authorization server at the API provider. The authorization server checks to see if the user has an active session. If she does, the authorization server prompts her for access to the requested data. After she grants access, she is redirected back to the web application and an authorization code is included in the URL as the code query parameter: http://www.example.com/oauth_callback?

OpenID Connect Authentication Nearly every web application prompts users to create an account and log in. In order to create an account, users are asked to provide their name, their email address, a password, and password confirmation. Not only does this take a lot of effort for the user (50+ keystrokes), but it also creates security concerns, as users often create the same password on multiple sites and some sites do not properly secure these credentials. OpenID exists to enable federated identity, where users are able to authenticate with the same identity across multiple web applications. Both users and web applications trust identity providers, such as Google, Yahoo!


pages: 210 words: 42,271

Programming HTML5 Applications by Zachary Kessin

barriers to entry, continuous integration, fault tolerance, Firefox, functional programming, Google Chrome, higher-order functions, machine readable, mandelbrot fractal, QWERTY keyboard, SQL injection, web application, WebSocket

URL query string separator, Debugging Manifest Files A Abelson, Harold, Functional Programming acceptance tests, Testing JavaScript Applications accessibility, Accessibility Through WAI-ARIA Accessible Rich Internet Applications, Accessibility Through WAI-ARIA actions, Selenium, Selenium Commands ActiveX controls, IndexedDB add() method (IndexedDB), Adding and Updating Records airplane mode, Adding Power to Web Applications Ajax, Developing Web Applications, Nonblocking I/O and Callbacks, Nonblocking I/O and Callbacks, Functional Programming, Functional Programming, A Simple Example, Offline Loading with a Data Store, Storing Changes for a Later Server Sync, Uploading Files, Structure of the Manifest File calls, Nonblocking I/O and Callbacks, Functional Programming, A Simple Example, Offline Loading with a Data Store, Storing Changes for a Later Server Sync, Structure of the Manifest File DataStore object, Nonblocking I/O and Callbacks uploading files with, Uploading Files versus XHR terminology, Functional Programming alert() method, Nonblocking I/O and Callbacks alt attribute, Accessibility Through WAI-ARIA Android, Selenium RC and a Test Farm, New Form Types _AndWait commands (Selenium), Selenium Commands anonymous functions, Lambda Functions Are Powerful Apache web server, Introduction to the Manifest File append() method, Uploading Files appending an image example, Working with Files Apple Safari, JavaScript’s Triumph, A Pattern for Reuse of Multithread Processing, Libraries for Web Workers, Web Sockets Aptana, JavaScript Tools You Should Know archive files, Drag-and-Drop array, Functional Programming, Array Iteration Operations, You Can Extend Objects, Too iteration operations, Array Iteration Operations, You Can Extend Objects, Too map function, Functional Programming assertElementPresent command (Selenium), Selenium Commands assertions, Selenium, Selenium Commands <audio> tag, Audio and Video automatic updates, Developing Web Applications B base types, extending, Prototypes and How to Expand Objects beforeload event handler, Offline Loading with a Data Store Benedetti, Ryan, JavaScript’s Triumph binary data, The Web Sockets Interface binding variables, Closures blob data type, Blobs BlobBuilder, Blobs Booleans as objects, Prototypes and How to Expand Objects bottlenecks, Splitting Up Work Through Web Workers, JavaScript Tools You Should Know Breadcrumbs specs, Microdata browsers, The Web As Application Platform, Developing Web Applications, Lambda Functions Are Powerful, Testing JavaScript Applications, Selenium RC and a Test Farm, Local Storage, jStore, Updates to the Manifest File, Updates to the Manifest File, Debugging Manifest Files (see also Chrome, Firefox, Internet Explorer, Safari) cache control header issues, Updates to the Manifest File, Debugging Manifest Files data storage and, Local Storage, jStore differences among, Testing JavaScript Applications function inside an if, Lambda Functions Are Powerful interactivity, The Web As Application Platform, Developing Web Applications testing on multiple, Selenium RC and a Test Farm buildMaster() method, Web Worker Fractal Example built-in objects, Prototypes and How to Expand Objects buttons, Lambda Functions Are Powerful, Closures, A Simple Example, Testing with QUnit, Selenium, Selenium Commands, Selenese Command Programming Interface click callbacks, Lambda Functions Are Powerful, A Simple Example, Testing with QUnit closures, Closures testing, Selenium, Selenese Command Programming Interface with XPath, Selenium Commands C C-type languages, Lambda Functions Are Powerful cache control headers, Updates to the Manifest File, Debugging Manifest Files cache() method, Expanding Functions with Prototypes Cagle, Kurt, Canvas and SVG callbacks, Nonblocking I/O and Callbacks, Lambda Functions Are Powerful, Closures, Array Iteration Operations, Testing JavaScript Applications, A Simple Example, Adding and Updating Records, Retrieving Data, Uploading Files, A Pattern for Reuse of Multithread Processing, Web Socket Example alternatives to for loops, Array Iteration Operations button, A Simple Example closures to construct, Closures cursor, Adding and Updating Records on DOM elements, Testing JavaScript Applications from ports, Web Socket Example and Web Workers, A Pattern for Reuse of Multithread Processing write, Retrieving Data XHMLHttpRequest, Uploading Files Canvas, Graphics, Web Worker Fractal Example <canvas> tag, Graphics changes, storing, Storing Changes for a Later Server Sync chat applications, Web Sockets checksum, manifest, Updates to the Manifest File Chrome, Google, JavaScript’s Triumph, Closures, Closures, The localStorage and sessionStorage Objects, The localStorage and sessionStorage Objects, IndexedDB, Blobs, Filesystem, Events, Events, Testing and Debugging Web Workers, Testing and Debugging Web Workers, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing, Web Sockets, Tags for Applications, JavaScript Tools You Should Know BlobBuilder support, Blobs debugging web workers in, Testing and Debugging Web Workers Dev tools, Closures, The localStorage and sessionStorage Objects, Testing and Debugging Web Workers filesystem access, Filesystem IndexedDB in, IndexedDB list of closed variables, Closures manifest list, Events postMessage() in, A Pattern for Reuse of Multithread Processing <progress> tag support, Tags for Applications Speed Tracer, JavaScript Tools You Should Know storage viewer, The localStorage and sessionStorage Objects, Events web socket support, Web Sockets web worker support in, A Pattern for Reuse of Multithread Processing Church, Alonzo, Lambda Functions Are Powerful click command (Selenium), Selenium Commands client-side data storage, Local Storage Clojure, Web Socket Example ClojureScript, JavaScript Tools You Should Know close() method, The Worker Environment, The Web Sockets Interface closures, Nonblocking I/O and Callbacks, Closures, Closures, Array Iteration Operations, IndexedDB cloud test farms, Automatically Running Tests CoffeeScript, JavaScript Tools You Should Know color form input, New Form Types composite functions, Functional Programming config files, web server, Introduction to the Manifest File confirm() method, Nonblocking I/O and Callbacks content delivery network, Taking It Offline controls attribute, Audio and Video cookies, The localStorage and sessionStorage Objects, Using localStorage in ExtJS, Web Sockets CouchDB, IndexedDB Cranley, Ronan, JavaScript’s Triumph createObjectURL() method, Blobs Crockford, Douglas, JavaScript’s Triumph, The Power of JavaScript, JavaScript Tools You Should Know cross-platform web development, Developing Web Applications CruiseControl, Selenese Command Programming Interface currying, Currying and Object Parameters D data record example, IndexedDB data storage, Adding Power to Web Applications, Local Storage, jStore data trees, You Can Extend Objects, Too databases, Adding Power to Web Applications, Local Storage, IndexedDB, Deleting Data, IndexedDB, Adding and Updating Records, Retrieving Data, Deleting Data adding and updating records, Adding and Updating Records deleting data from, Deleting Data IndexedDB, Adding Power to Web Applications, IndexedDB, Deleting Data retrieving data from, Retrieving Data SQLite, Local Storage DataStore object (Ajax), Nonblocking I/O and Callbacks date form input, New Form Types dblclick command (Selenium), Selenium Commands debugging, JavaScript’s Triumph, Lambda Functions Are Powerful, Debugging Manifest Files, Splitting Up Work Through Web Workers, Testing and Debugging Web Workers, JavaScript Tools You Should Know Firebug, JavaScript’s Triumph, Lambda Functions Are Powerful and JSMin, JavaScript Tools You Should Know manifest files, Debugging Manifest Files and Web Workers, Splitting Up Work Through Web Workers, Testing and Debugging Web Workers $.decode() method (Hive API), Libraries for Web Workers decoratedFib(), Expanding Functions with Prototypes deepEqual() method, Testing with QUnit defer() method, Offline Loading with a Data Store degradation, handling, Testing JavaScript Applications deleteEach() method, Deleting Data doConditionalLoad() method, Offline Loading with a Data Store DOM (Document Object Model), The Web As Application Platform, Developing Web Applications, Testing JavaScript Applications downloading events, Events Drag and Drop widget, JavaScript Tools You Should Know drag-and-drop, Selenium Commands, Files, Drag-and-Drop Dragonfly, Opera, JavaScript’s Triumph, A Pattern for Reuse of Multithread Processing drop event (DOM), Drag-and-Drop drop handler example, Working with Files drop zone example, Putting It All Together DSt library, DSt E Eclipse, JavaScript Tools You Should Know ECMAScript objects, The Worker Environment Emacs JS2 mode, JavaScript Tools You Should Know email form input, New Form Types enclosing scope, Lambda Functions Are Powerful $.encode() method (Hive API), Libraries for Web Workers engines available in JQuery, jStore equal() method, A Simple Example, Testing with QUnit Erlang Yaws, Web Socket Example, Erlang Yaws errors, Retrieving Data, Events, Testing and Debugging Web Workers, Geolocation ETags, Offline Loading with a Data Store event loops, Splitting Up Work Through Web Workers, JavaScript Tools You Should Know Event Machine, Ruby, Ruby Event Machine Events specs, Microdata every() method, Array Iteration Operations expanding functions with prototypes, Expanding Functions with Prototypes, Expanding Functions with Prototypes extending base types, Prototypes and How to Expand Objects ExtJS, JavaScript’s Triumph, Lambda Functions Are Powerful, Currying and Object Parameters, Selenium Commands, Using localStorage in ExtJS button with function as handler, Lambda Functions Are Powerful click event problems, Selenium Commands currying parameters in, Currying and Object Parameters library, JavaScript’s Triumph localStorage object in, Using localStorage in ExtJS F FALLBACK section, manifest, Structure of the Manifest File feature detection, A Pattern for Reuse of Multithread Processing Fibonacci sequences, calculating, Expanding Functions with Prototypes FileReader API, Working with Files files, Adding Power to Web Applications, Files, Filesystem, Debugging Manifest Files FileSystem API, Filesystem filter() method, Array Iteration Operations, You Can Extend Objects, Too Firebug, JavaScript’s Triumph, Lambda Functions Are Powerful, Closures, The localStorage and sessionStorage Objects, Working with Files, Splitting Up Work Through Web Workers, Testing and Debugging Web Workers, Testing and Debugging Web Workers, JavaScript Tools You Should Know anonymous functions, Lambda Functions Are Powerful colorizing in script tag, JavaScript Tools You Should Know debugging web workers in, Testing and Debugging Web Workers developer tools, Testing and Debugging Web Workers editing storage object, The localStorage and sessionStorage Objects full path file names, Working with Files scope chain, Closures and Web Workers, Splitting Up Work Through Web Workers Firefox, Mozilla, Prototypes and How to Expand Objects, Array Iteration Operations, Array Iteration Operations, Selenium, Constructing Tests with the Selenium IDE, The localStorage and sessionStorage Objects, IndexedDB, Blobs, Debugging Manifest Files, Debugging Manifest Files, Worker Communication, Testing and Debugging Web Workers, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing, Web Sockets, Tags for Applications developers’ site, Prototypes and How to Expand Objects, Array Iteration Operations IndexedDB in, IndexedDB iteration methods in, Array Iteration Operations manifest file opt-in issue, Debugging Manifest Files MozBlobBuilder, Blobs MozWebSockets, Web Sockets passing complex JavaScript objects, Worker Communication postMessage() in, A Pattern for Reuse of Multithread Processing <progress> tag support, Tags for Applications Selenium IDE for, Selenium, Constructing Tests with the Selenium IDE, Debugging Manifest Files storage objects in, The localStorage and sessionStorage Objects web workers in, Testing and Debugging Web Workers, A Pattern for Reuse of Multithread Processing FireRainbow, JavaScript Tools You Should Know first class citizens, Lambda Functions Are Powerful, Functional Programming :first-child() CSS selector, New CSS Flanagan, David, The Power of JavaScript flow control, Selenium Commands for loops, alternatives to, Array Iteration Operations forks, Adding Power to Web Applications FormData interface, Uploading Files fractal computation examples, Web Worker Fractal Example, Web Worker Fractal Example Fulton, Jeff, Graphics, Canvas and SVG Fulton, Steve, Graphics, Canvas and SVG function expressions, Lambda Functions Are Powerful function generators, Closures function interceptor example, Expanding Functions with Prototypes Function prototype, Expanding Functions with Prototypes function statements, Lambda Functions Are Powerful functional programming, Functional Programming, Functional Programming, JavaScript Tools You Should Know functions, Lambda Functions Are Powerful, Lambda Functions Are Powerful, Closures, Functional Programming, Functional Programming anonymous, Lambda Functions Are Powerful as first class citizens, Lambda Functions Are Powerful, Functional Programming higher order, Functional Programming inner and outer, Closures functions, expanding with prototypes, Expanding Functions with Prototypes, Expanding Functions with Prototypes G Garret, Jesse James, Functional Programming Gears, Google, Developing Web Applications, Local Storage, Introduction to the Manifest File, Splitting Up Work Through Web Workers offline file access, Introduction to the Manifest File SQLite database, Local Storage worker pool, Splitting Up Work Through Web Workers geolocation, Maps, Geolocation $.get() method (Hive API), Libraries for Web Workers getBlob() method (BlobBuilder), Blobs getCurrentPosition() method, Geolocation getEval() method (Selenese API), Selenese Command Programming Interface getText() method (Selenese API), Selenese Command Programming Interface getXpathCount() method (Selenese API), Selenese Command Programming Interface Gmail, Google’s, Files, Web Sockets Goerzen, John, Functional Programming Google Chrome, Tags for Applications (see Chrome, Google) Google Gears, Developing Web Applications (see Gears, Google) Google search predefined vocabularies, Microdata Google Web Toolkit, JavaScript’s Triumph grid object (ExtJS), Using localStorage in ExtJS H handleButtonClick() function, A Simple Example Haskell, Currying and Object Parameters Head First jQuery (Benedetti & Cranley), JavaScript’s Triumph Hello World testing example, Selenese Command Programming Interface Hickey, Rich, JavaScript Tools You Should Know High Performance JavaScript (Zakas), The Power of JavaScript High Performance Web Sites (Souders), JavaScript Tools You Should Know higher order functions, Functional Programming hoisting, Lambda Functions Are Powerful <hr> tag, Accessibility Through WAI-ARIA, Accessibility Through WAI-ARIA, Accessibility Through WAI-ARIA HTML 5, Putting It All Together, Introduction to the Manifest File, Graphics, Web Worker Fractal Example, New Tags, New CSS, New Form Types, Canvas and SVG, New CSS Canvas, Graphics, Web Worker Fractal Example, Canvas and SVG manifest declaration example, Introduction to the Manifest File new CSS features, New CSS new form types, New Form Types new tags, New Tags, New CSS progress bar, Putting It All Together HTML5 Canvas (Fulton & Fulton), Graphics, Canvas and SVG HTML5 Graphics with SVG & CSS3 (Cagle), Canvas and SVG HTML5 Media (Powers), Audio and Video HTML5 Rocks tutorial, Canvas and SVG HTTP (Hypertext Transfer Protocol), Adding Power to Web Applications, Web Sockets, Erlang Yaws I I/O, Nonblocking I/O and Callbacks IDs, importance of assigning, Selenium if statement, Lambda Functions Are Powerful images, Functional Programming, Blobs, Working with Files, Drag-and-Drop, Filesystem, Filesystem, Debugging Manifest Files, Graphics, Graphics, Graphics, Web Worker Fractal Example, Canvas and SVG appending to documents, Working with Files and Canvas, Graphics editing, Filesystem, Graphics missing, Debugging Manifest Files progressive drawing, Web Worker Fractal Example scaling example, Functional Programming streaming video, Filesystem SVG, Canvas and SVG use of src attribute, Blobs, Graphics user access to, Drag-and-Drop <img> tag, Graphics, Accessibility Through WAI-ARIA importScripts() method, The Worker Environment independent event loops, Splitting Up Work Through Web Workers index() method, Adding Indexes IndexedDB, Adding Power to Web Applications, IndexedDB, Deleting Data indexes, adding/removing, Adding Indexes indexOf() method, Prototypes and How to Expand Objects info() method, Web Worker Fractal Example inner functions, Closures integration testing, Testing JavaScript Applications, Selenium interceptor methods, Expanding Functions with Prototypes Internet Explorer (IE), Microsoft, Array Iteration Operations, IndexedDB, A Pattern for Reuse of Multithread Processing iOS Selenium, testing applications for, Selenium RC and a Test Farm iPad/iPod/iPhone platform, Selenium RC and a Test Farm, A Pattern for Reuse of Multithread Processing isDuplicate() method, Deleting Data isElementPresent() method (Selenese API), Selenese Command Programming Interface isTextPresent() method (Selenese API), Selenese Command Programming Interface itemprop attribute, Microdata itemscope attribute, Microdata itemtype attribute, Microdata J JavaScript, JavaScript’s Triumph, JavaScript’s Triumph, Nonblocking I/O and Callbacks, Lambda Functions Are Powerful, Lambda Functions Are Powerful, Closures, Functional Programming, Functional Programming, Prototypes and How to Expand Objects, Prototypes and How to Expand Objects, Prototypes and How to Expand Objects, Expanding Functions with Prototypes, Prototypes and How to Expand Objects, Expanding Functions with Prototypes, Expanding Functions with Prototypes, Currying and Object Parameters, Array Iteration Operations, You Can Extend Objects, Too, You Can Extend Objects, Too, Testing JavaScript Applications, Splitting Up Work Through Web Workers, Worker Communication, JavaScript Tools You Should Know, JavaScript Tools You Should Know, JavaScript Tools You Should Know array iteration operations, Array Iteration Operations, You Can Extend Objects, Too closures, Closures currying and object parameters, Currying and Object Parameters expanding functions, Expanding Functions with Prototypes, Expanding Functions with Prototypes expanding objects, Prototypes and How to Expand Objects, Prototypes and How to Expand Objects extending objects, You Can Extend Objects, Too function statement and function expression, Lambda Functions Are Powerful functional programming in, Functional Programming, Functional Programming functions act as data in, Lambda Functions Are Powerful helpful tools for, JavaScript Tools You Should Know, JavaScript Tools You Should Know libraries, JavaScript’s Triumph nonblocking I/O and callbacks, Nonblocking I/O and Callbacks passing objects in Firefox, Worker Communication primitives in, Prototypes and How to Expand Objects prototypes, Prototypes and How to Expand Objects, Expanding Functions with Prototypes recent improvements in, JavaScript’s Triumph runtime event loop, Splitting Up Work Through Web Workers runtime model, Testing JavaScript Applications syntax checker, JavaScript Tools You Should Know JavaScript Patterns (Stefanov), The Power of JavaScript JavaScript: The Definitive Guide (Flanagan), The Power of JavaScript JavaScript: The Good Parts (Crockford), JavaScript’s Triumph, The Power of JavaScript, JavaScript Tools You Should Know jQuery, JavaScript’s Triumph, Functional Programming, DSt, jStore, IndexedDB, IndexedDB, Libraries for Web Workers DSt plug-in, DSt Hive extension, Libraries for Web Workers IndexedDB plug-in, IndexedDB, IndexedDB jStore plug-in, jStore library, JavaScript’s Triumph, Functional Programming jQuery Cookbook (Lindley), JavaScript’s Triumph JS2 mode, Emacs, JavaScript Tools You Should Know JSBeautifier, JavaScript Tools You Should Know JSLint, The Power of JavaScript, JavaScript Tools You Should Know JSMin, JavaScript Tools You Should Know JSON manifest file, Introduction to the Manifest File JsonStore object, Offline Loading with a Data Store jStore plug-in, jStore L Lambda Calculus, Lambda Functions Are Powerful lambda functions, Lambda Functions Are Powerful lastIndexOf(), Prototypes and How to Expand Objects libraries, JavaScript’s Triumph, Libraries for Web Workers Lindley, Cody, JavaScript’s Triumph Lisp lambdas, Lambda Functions Are Powerful list recursion, Functional Programming list test examples, Testing JavaScript Applications load() method (JSON), Offline Loading with a Data Store local data storage, Adding Power to Web Applications, Local Storage, jStore local state provider, ExtJS, Using localStorage in ExtJS localStorage object, The localStorage and sessionStorage Objects, Using localStorage in ExtJS, Storing Changes for a Later Server Sync location object, The Worker Environment loops, Array Iteration Operations, Selenium Commands, Splitting Up Work Through Web Workers, Splitting Up Work Through Web Workers, A Pattern for Reuse of Multithread Processing for, Array Iteration Operations independent event, Splitting Up Work Through Web Workers runtime event, Splitting Up Work Through Web Workers and Selenium, Selenium Commands while, A Pattern for Reuse of Multithread Processing M macros, recording web, Selenium Mandelbrot computation examples, Web Worker Fractal Example, Web Worker Fractal Example manifest file, Adding Power to Web Applications, Introduction to the Manifest File, Debugging Manifest Files map() method, Array Iteration Operations, You Can Extend Objects, Too match() method, Prototypes and How to Expand Objects McCarthy, John, Lambda Functions Are Powerful MD5 checksum, Updates to the Manifest File memory leaks, Selenium Commands <meter> tag, Tags for Applications microdata, Microdata Microsoft Internet Explorer, Array Iteration Operations, IndexedDB, A Pattern for Reuse of Multithread Processing minification, JavaScript Tools You Should Know MongoDB, IndexedDB mouseDown command (Selenium), Selenium Commands mouseOver command (Selenium), Selenium Commands mouseUp command (Selenium), Selenium Commands MozBlobBuilder, Blobs Mozilla Firefox, Prototypes and How to Expand Objects (see Firefox, Mozilla) mozSlice() method (Firefox), Blobs MozWebSockets, Web Sockets N name/value pairs, Currying and Object Parameters navigator object, The Worker Environment .NET/CLR, Web Socket Example NETWORK section, manifest, Structure of the Manifest File node trees, You Can Extend Objects, Too Node.js, Web Sockets, Web Socket Example, JavaScript Tools You Should Know nonblocking I/O, Nonblocking I/O and Callbacks :not() CSS selector, New CSS notDeepEqual() method, Testing with QUnit notEqual() method, Testing with QUnit notStrictEqual() method, Testing with QUnit noupdate events, Events :nth-child() CSS selector, New CSS number form input, New Form Types numbers, Lambda Functions Are Powerful, Prototypes and How to Expand Objects, Prototypes and How to Expand Objects, Expanding Functions with Prototypes, Expanding Functions with Prototypes, Expanding Functions with Prototypes, Array Iteration Operations cubing example, Expanding Functions with Prototypes Fibonacci calculation examples, Expanding Functions with Prototypes, Expanding Functions with Prototypes as objects, Prototypes and How to Expand Objects squaring examples, Lambda Functions Are Powerful, Prototypes and How to Expand Objects, Array Iteration Operations O object parameters, Currying and Object Parameters object stores, IndexedDB, IndexedDB, Retrieving Data objects, extending, You Can Extend Objects, Too Offer-Aggregates specs, Microdata Offers specs, Microdata offline use, Local Storage, Offline Loading with a Data Store, Offline Loading with a Data Store, Storing Changes for a Later Server Sync, Introduction to the Manifest File, Debugging Manifest Files data access, Local Storage loading with data store, Offline Loading with a Data Store, Offline Loading with a Data Store manifest file, Introduction to the Manifest File, Debugging Manifest Files storing changes, Storing Changes for a Later Server Sync ok() method, Testing with QUnit onclose() method, The Web Sockets Interface onmessage() method, Using Web Workers, Web Worker Fractal Example, A Pattern for Reuse of Multithread Processing onopen() method, The Web Sockets Interface open command (Selenium), Selenium Commands Opera Dragonfly, JavaScript’s Triumph, A Pattern for Reuse of Multithread Processing Organizations specs, Microdata outer functions, Closures O’Reilly Answers website, The Power of JavaScript O’Sullivan, Bryan, Functional Programming P parameter blocks, Currying and Object Parameters path() method, You Can Extend Objects, Too pattern for reuse of multithread processing, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing Payne, Alex, Functional Programming People specs, Microdata persistent local storage, Local Storage PhoneGap, Developing Web Applications PHP, Lambda Functions Are Powerful phpUnderControl, Selenese Command Programming Interface PHPUnit testing framework, Automatically Running Tests, Selenese Command Programming Interface pixel, drawing a, Web Worker Fractal Example PollenJS library, Libraries for Web Workers populate_form() method (DSt), DSt populating (example), Prototypes and How to Expand Objects port 443 (wss), Setting Up a Web Socket port 80 (ws), Setting Up a Web Socket port 8080, Web Socket Example $.post() method (Hive API), Libraries for Web Workers postMessage() method, Using Web Workers, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing Powers, Shelley, Audio and Video PreloadStore object (JSON), Offline Loading with a Data Store pretty printer example, JavaScript Tools You Should Know primitives in JavaScript, Prototypes and How to Expand Objects Products specs, Microdata Programming Scala (Wampler & Payne), Functional Programming progress events, Events progress indicator examples, Putting It All Together, Tags for Applications <progress> tag, Tags for Applications prompt() method, Nonblocking I/O and Callbacks prototype object, Prototypes and How to Expand Objects prototypes, expanding functions with, Expanding Functions with Prototypes, Expanding Functions with Prototypes Q query access, IndexedDB QUnit, Testing JavaScript Applications, QUnit, Testing with QUnit, Running QUnit from Selenium R race conditions, IndexedDB, Splitting Up Work Through Web Workers raises() method, Testing with QUnit rar files, Drag-and-Drop RC server, Selenium, Selenium readAsArrayBuffer() method (FileReader), Working with Files readAsBinaryString() method (FileReader), Working with Files readAsText() method (FileReader), Working with Files readDataAsURL() method (FileReader), Working with Files Real World Haskell (Goerzen & Stewart), Functional Programming recall() method (DSt), DSt reduce(), reduceRight() methods, Array Iteration Operations refresh command (Selenium), Selenium Commands remove() method, Deleting Data replace() method, Prototypes and How to Expand Objects required attribute (forms), New Form Types Resig, John, JavaScript’s Triumph reuse of multithread processing, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing Review-Aggregates specs, Microdata Reviews specs, Microdata revokeBlobURL() method, Blobs Rhino, JavaScript Tools You Should Know role attribute, Accessibility Through WAI-ARIA route finder, Maps Ruby, Web Socket Example Ruby Event Machine, Ruby Event Machine run function example, A Pattern for Reuse of Multithread Processing run() method, Web Worker Fractal Example running average example, Array Iteration Operations runtime model, JavaScript, Testing JavaScript Applications S Safari Nightly builds, Blobs Safari, Apple’s, JavaScript’s Triumph, A Pattern for Reuse of Multithread Processing, Libraries for Web Workers, Web Sockets same origin policy, The localStorage and sessionStorage Objects, IndexedDB sandboxed environment, Developing Web Applications, Filesystem save queue examples, Storing Changes for a Later Server Sync Scala, Web Socket Example Scalable Vector Graphics, Canvas and SVG scaling images, Functional Programming scope, Lambda Functions Are Powerful, Closures <script> tag, The Worker Environment search form input, New Form Types Selenese, Selenium Commands, Selenese Command Programming Interface, Selenese Command Programming Interface Selenium, Testing JavaScript Applications, Selenium, Selenium, Selenium, Selenium Commands, Selenium Commands, Selenium Commands, Constructing Tests with the Selenium IDE, Constructing Tests with the Selenium IDE, Automatically Running Tests, Automatically Running Tests, Selenese Command Programming Interface, Selenese Command Programming Interface, Running QUnit from Selenium, Drag-and-Drop automatically running tests, Automatically Running Tests, Automatically Running Tests commands, Selenium Commands, Selenium Commands constructing tests, Constructing Tests with the Selenium IDE example tests, Selenium IDE, Selenium, Constructing Tests with the Selenium IDE location options, Selenium Commands no drag-and-drop, Drag-and-Drop running QUnit from, Running QUnit from Selenium Selenese, Selenese Command Programming Interface, Selenese Command Programming Interface test table, Selenium Selenium Grid, Automatically Running Tests Selenium RC server, Selenium, Selenium RC and a Test Farm self object, The Worker Environment Sencha ExtJS library, JavaScript’s Triumph send(“data”) method, The Web Sockets Interface server delay, Developing Web Applications, Web Sockets server polling, Web Sockets server-side testing, Testing JavaScript Applications, Testing JavaScript Applications, Selenese Command Programming Interface sessionStorage object, The localStorage and sessionStorage Objects, Using localStorage in ExtJS setInterval() method, Expanding Functions with Prototypes, The Worker Environment setTimeout() method, Expanding Functions with Prototypes, Testing with QUnit, The Worker Environment, A Pattern for Reuse of Multithread Processing, A Pattern for Reuse of Multithread Processing setVersion transaction, Adding Indexes side effects, Functional Programming single-step mode, Selenium sleep() method, Selenese Command Programming Interface slice() method, Prototypes and How to Expand Objects, Blobs slider, form, New Form Types smartphones, Developing Web Applications some() method, Array Iteration Operations Souders, Steve, JavaScript Tools You Should Know speech input type, New Form Types Speed Tracer, JavaScript Tools You Should Know speed, data storage and, Local Storage split() method, Prototypes and How to Expand Objects SQL Injection attacks, IndexedDB SQLite versus IndexedDB, IndexedDB squaring numbers example, Prototypes and How to Expand Objects src attribute, Audio and Video StackOverflow website, The Power of JavaScript startWorker() method, Web Worker Fractal Example static data storage, Local Storage Stefanov, Stoyan, The Power of JavaScript step through, Selenium, Testing and Debugging Web Workers Stewart, Donald Bruce, Functional Programming stock price examples, Web Socket Example, Ruby Event Machine stop() method, A Pattern for Reuse of Multithread Processing storage events, The localStorage and sessionStorage Objects storage viewer widget, The localStorage and sessionStorage Objects $.storage() method (Hive API), Libraries for Web Workers store() method (DSt), DSt store_form() method (DSt), DSt strictEqual() method, Testing with QUnit string token replacement, Prototypes and How to Expand Objects strings, methods for, Prototypes and How to Expand Objects Structure and Interpretation of Computer Programs (Abelson & Sussman), Functional Programming structured data, query access to, IndexedDB subclassing, Currying and Object Parameters Sussman, Gerald Jay, Functional Programming SVG, Canvas and SVG <svg> tag, Graphics Symfony Yaml Library, Updates to the Manifest File T tar files, Drag-and-Drop TCP socket, Web Socket Protocol TCP/IP sockets, Web Sockets tel form input, New Form Types test machines, Automatically Running Tests test suites, Testing JavaScript Applications, QUnit, Testing with QUnit, Selenium, Selenium RC and a Test Farm, Selenium, Selenium, Running QUnit from Selenium programming language based, Selenium QUnit, QUnit, Testing with QUnit, Selenium, Running QUnit from Selenium Selenium, Selenium, Selenium RC and a Test Farm server-side, Testing JavaScript Applications Test-driven development, Testing JavaScript Applications, Testing JavaScript Applications thread safety, Splitting Up Work Through Web Workers threads, Adding Power to Web Applications time form input, New Form Types title attribute, Accessibility Through WAI-ARIA transaction object, database, IndexedDB transaction.abort() method (jQuery), IndexedDB transaction.done() method (jQuery), IndexedDB True Type font files, New CSS type command (Selenium), Selenium Commands U undefined value, Functional Programming unit testing, Testing JavaScript Applications update() method (IndexedDB), Adding and Updating Records updateEach() method (IndexedDB), Adding and Updating Records uploading files, Uploading Files URLs, QUnit, Blobs, Working with Files, Structure of the Manifest File, Events, Events, Debugging Manifest Files, The Web Sockets Interface adding ?

On the surface, many of HTML5’s changes add support for features (especially multimedia and graphics) that had previously required plug-ins, but underneath, it gives JavaScript programmers the tools they need to create standalone (or at least more loosely tethered) applications using HTML for structure, CSS for presentation, and JavaScript for logic and behavior. Adding Power to Web Applications HTML5 raises the bar for web applications. While it still has to work under security constraints, it finally provides tools that desktop developers have expected for years: Local data storage It can store up to 5 MB of data, referenced with a key-value system. Databases Originally a SQLite-based API, the tide seems to have shifted to IndexedDB, a NoSQL system that is natively JavaScript.

Web sockets transform the request-response approach to create much more flexible communication systems. There’s much more, of course—from geolocation to audio and video to Canvas graphics to a wide variety of minor new tags—but these provide the foundations for building industrial-strength applications in HTML5. Developing Web Applications In the old days, a complex web application might be a catalog, which would be static pages derived from a database, or a JavaScript loan calculator. But no one would have dreamed of doing complex applications in JavaScript. Those required Java or maybe a dedicated client/server application written in C or C++.


pages: 201 words: 21,180

Designing for the Social Web by Joshua Porter

barriers to entry, classic study, en.wikipedia.org, endowment effect, fail fast, Howard Rheingold, late fees, Marc Andreessen, Mark Zuckerberg, Milgram experiment, Paradox of Choice, Paul Buchheit, Ralph Waldo Emerson, recommendation engine, social bookmarking, social software, social web, Steve Jobs, the Cathedral and the Bazaar, web application, Yochai Benkler, zero-sum game

One-way communication Early / static web sites Characterized by static content that people cannot interact with. Early web applications Two-way communication Characterized by dynamic private content that changes based on a person’s input. Communication is solely between application and person. Social web applications Many-way communication Characterized by dynamic public content that changes based on many people’s input. Communication is not only between application and person, but among people using the app. Social web applications Early web applications Early/static web sites 1990 1995 2000 2005 2008 Figure 1.2 The evolution of communication from one-way to many-way on the web. 15 16 DESIGNING FOR THE SOCIAL WEB As the power and reach of the web became evident in the last part of the 1990s, designers started to refashion bulletin board systems for the web, taking advantage of the knowledge gained from those earlier attempts.

Group interaction is what separates a web application from a social web application. Another recent step that has brought this change into clearer focus is egocentric software. The rise of social network sites like Friendster, MySpace, and Facebook has put the person at the center of the software. While there has always been talk about community on the web, web software makes a much deeper set of social interactions available to us. You can friend people. You can follow them. You can even send people a kiss. The biggest web properties are social Social web applications are now everywhere. Consider the following list of names you know and love, all of which are in the top 30 mosttrafficked web properties in the U.S.:13 .

See feedback User Interface Engineering sharing form, 154 user manuals, 50 usernames, 99 V verbs, finding your, 34–35 verification emails, 169 video-sharing site. See YouTube W Wall Street Journal, 93–94 Watts, Duncan, 137 Wealth of Networks, 5 web. See also Internet; web applications; web sites estimated number of sites on, 14 history of, 13–16 invention of, 13 many-to-many conversations on, 15–16 one-way conversations on, 14 187 188 DESIGNING FOR THE SOCIAL WEB as social vs. technical creation, 1 two-way conversations on, 14 ultimate goal of, 1 web applications. See also social web applications building your own, 54–55 as complex social systems, 142 and customer alienation, 44 describing, 70–71 evolution of, 14–16 experimenting with, 56 explaining benefits/features of, 78–79 getting ongoing participation in, 96–97 giving examples of who is using, 79–89 motivating people to sign up for, 65–69 offering free version of, 89–90 reducing sign-up friction for, 92–94 releasing, 56–57 requiring users to create accounts for, 92 showing end result for, 77 showing how they work, 72–77 showing where people can use, 91 spreading goodwill about, 55 targeting to specific audiences, 84–85 why people participate in, 97–98 web-based mail systems, 162 web forms, 154 web site activities.


pages: 190 words: 52,865

Full Stack Web Development With Backbone.js by Patrick Mulder

Airbnb, business logic, create, read, update, delete, Debian, functional programming, Kickstarter, MVC pattern, node package manager, Ruby on Rails, side project, single page application, web application, WebSocket

However, the user interface is just a layer in a larger application stack, and the design of interactions takes more than just patching existing web applications. JavaScript is a good choice to drive an application stack for web interactions, but it also brings new demands on concepts and data schemas. The goal of this book is to show how clientside applications can evolve from basic interaction ideas, and how more modular and maintainable web applications can be built. Other Resources To understand the perspectives in this book, you need a sound knowledge of JavaScript, browsers, and DOM manipulation, as well as a basic knowledge of web applications. Also, there are a number of resources available to go deeper into single-page application development.

To understand where we are heading and why there are a number of approaches to bundling assets, let’s take a look at the distributed application design in Figure 1-3. 6 | Chapter 1: The Bigger Picture Figure 1-3. For web application development with Backbone.js, we want to manage both frontend assets as well as data coming from an API; Backbone.js is just one layer in a larger application stack and influences how we set up environments for develop‐ ment and production Your application stack might change, depending on the requirements that evolve from users. If your primary goal is to deliver a mobile web application, we might want to tune every line of JavaScript that we send to the client. An example stack for mobile web applications is given by Walmart’s mobile shopping cart, and we will discuss this stack based on RequireJS and Thorax in later chapters.

You then met build automation wiht Grunt.js and a very basic Gruntfile.js to support you with application development. Now that we’ve applied better templating to it, our web application is almost ready for deployment. You still need to learn more about APIs, and how to connect those to your Backbone models and collections to build a fully working web application. As build processes are an important part of JavaScript web applications, you will also learn more about workflow automation in Chapter 10. In addition, you will be introduced to more Backbone plug-ins for special types of interactions in the following chapters. 82 | Chapter 6: Advanced View Templates CHAPTER 7 Synchronizing State The previous chapters offered a preliminary glance of state in the browser.


pages: 2,054 words: 359,149

The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities by Justin Schuh

address space layout randomization, Albert Einstein, Any sufficiently advanced technology is indistinguishable from magic, bash_history, business logic, business process, database schema, Debian, defense in depth, en.wikipedia.org, Firefox, information retrieval, information security, iterative process, Ken Thompson, loose coupling, MITM: man-in-the-middle, Multics, MVC pattern, off-by-one error, operational security, OSI model, RFC: Request For Comment, slashdot, SQL injection, web application

The following list describes some configuration and data files that would be of interest to an attacker: • Web-related files—Web applications typically have static configuration files with database credentials inline. Any authentication mechanism that’s local to the Web server might use static files with password information, such as Apache’s .htpasswd file. Furthermore, because Web applications are often written in scripting languages, the source code might be valuable to attackers. Because the source gives them a detailed understanding of how the Web application works, they could use it to attempt to find a vulnerability in a Web service. Web applications are discussed in Chapters 17, “Web Applications,” and 18, “Web Technologies

Harsh Realities of the Web Web applications generally aren’t in an advantageous security position, and securing these systems can be an uphill battle. This statement might seem unduly harsh, but as Web security audits consistently show, things just aren’t pretty on the Web. The bottom line is that the security of the whole system determines whether a Web application can be compromised. In other words, the security of the Web application depends not only on the Web application code, but also on the security and configuration of the Web server, the servlet engine, application servers, Web application frameworks, other third-party components and middleware, the database security, the server’s OS, and the firewall configuration.

* * * Note Sessions are an important component of Web applications. You learn how to review them from a security perspective in “Problem Areas” later in this chapter. * * * Architecture Now that you understand the fundamentals of HTTP and the basic techniques for addressing the problems of state and authentication, you can examine the problem domain of enterprise Web applications. There are several technology constraints as well as some high-level design concepts that drive modern Web application design. Enterprise Web applications can be quite complex, and it’s worthwhile to explore some reasons these systems tend toward complicated designs.


pages: 157 words: 35,874

Building Web Applications With Flask by Italo Maia

continuous integration, create, read, update, delete, Debian, en.wikipedia.org, Firefox, full stack developer, minimum viable product, MVC pattern, premature optimization, SQL injection, web application

Expect a lot of examples and complementary code, as forms are the doors you open from your Web application to the Web. Most problems arise from the Web, as well as most of your data. Chapter 4. Please Fill in This Form, Madam Have you ever imagined what happens when you fill in a form on a website and click on that fancy Send button at the end of it? Well, all the data you wrote—comment, name, checkbox, or whatever—is encoded and sent through a protocol to the server, which then routes that information to the Web application. The Web application will validate the data origin, read the form, validate the data syntactically then semantically, and then decide what to do with it.

Extensions, How I Love Thee How to configure extensions Flask-Principal and Flask-Login (aka Batman and Robin) Admin like a boss Custom pages Summary 10. What Now? You deploy better than my ex Placing your code in a server Setting up your database Setting up the web server StackOverflow Structuring your projects Summary Postscript Index Building Web Applications with Flask * * * Building Web Applications with Flask Copyright © 2015 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

You will have to turn off the CSRF protection for the form if you wish to unprotect it, like this: form = Form(csrf_enabled=False) You may need to unprotect a form in the case of search fields that use the get method but are also validated with a Form. Challenges Create a Web application that receives a name and then answers: "Hello <NAME>". If the form is sent empty, an error message should be displayed. If the name given is "Chuck Norris", the answer should be "Roundhouse KICK!". Create a Web application that shows an image and asks the user what he sees. The application should then validate if the answer is correct. If it is not, show the user an error message. Otherwise, congratulate the user and show a new image.


Learning Node.js: A Hands-On Guide to Building Web Applications in JavaScript by Marc Wandschneider

business logic, database schema, en.wikipedia.org, Firefox, functional programming, Google Chrome, node package manager, telemarketer, web application

You will do so using the Express Application Framework for Node. Part III: Writing Web Applications 7 Building Web Applications with Express 8 Databases I: NoSQL (MongoDB) 9 Databases II: SQL (MySQL) 7. Building Web Applications with Express Thus far, you have been learning the fundamentals and core concepts of Node.js; armed with these ideas, you have built some simple applications, although you’ve had to write a lot of code to do some reasonably basic things. It’s time to change gears a bit and start building more interesting web applications, using one of the biggest strengths of Node: the huge collection of libraries and modules available to you through npm.

As part of this, all these companies are investing heavily in the JavaScript portion of these systems as modern web applications continue to grow ever-more dynamic and script-based. In particular, Google Chrome’s V8 JavaScript runtime is particularly fast and also open-sourced for use by anybody. With all these things in place, the opportunity arose for somebody to come along with a new approach to network (web) application development. Thus, the birth of Node.js. What Exactly Is Node.js? In 2009, a fellow named Ryan Dahl was working for a company called Joyent, a cloud and virtualization services company in California. He was looking to develop push capabilities for web applications, similar to how Gmail does it, and found most of what he looked at not quite appropriate.

Maintaining a Sense of Identity Being Polite—Learning to Give Up Control Synchronous Function Calls Summary Part II: Learning to Run 4 Writing Simple Applications Your First JSON Server Returning Some Data Node Pattern: Asynchronous Loops Learning to Juggle: Handling More Requests More on the Request and Response Objects Increased Flexibility: GET Params Modifying Things: POST Data Receiving JSON POST Data Receiving Form POST Data Summary 5 Modules Writing Simple Modules Modules and Objects npm: The Node Package Manager Consuming Modules Searching for Modules Module Caching Cycles Writing Modules Creating Your Module Developing with Your Module Publishing Your Modules A Module So Common It Should Be Built In The Problem The Solution Summary 6 Expanding Your Web Server Serving Static Content with Streams Reading a File Serving Static Files in a Web Server with Buffers Serving Up More Than Just HTML Assembling Content on the Client: Templates The HTML Skeleton Page Serving Static Content Modifying Your URL Scheme The JavaScript Loader/Bootstrapper Templating with Mustache Your Home Page Mustache Template Putting It All Together Summary Part III: Writing Web Applications 7 Building Web Applications with Express Installing Express Hello World in Express Routing and Layers in Express Routing Basics Updating Your Photo Album App for Routing REST API Design and Modules API Design Modules Additional Middleware Functionality Usage Configurations Ordering of Middleware Static File Handling POST Data, Cookies, and Sessions Better Browser Support for PUT and DELETE Compressing Output HTTP Basic Authentication Error Handling Summary 8 Databases I: NoSQL (MongoDB) Setting Up MongoDB Installing MongoDB Using MongoDB in Node.js Structuring Your Data for MongoDB It’s All JavaScript Data Types Understanding the Basic Operations Connecting and Creating a Database Creating Collections Inserting Documents into Collections Updating Document Values Deleting Documents from Collections Querying Collections Updating Your Photo Albums App Writing the Low-Level Operations Modifying the API for the JSON Server Updating Your Handlers Adding Some New Pages to the Application Recapping the App Structure Summary 9 Databases II: SQL (MySQL) Getting Ready Installing MySQL Adding the mysql Module from npm Creating a Schema for the Database Basic Database Operations Connecting Adding Queries Adding Authentication to the Application Updating the API to Support Users Examining the Core User Data Operations Updating the Express Application Creating the User Handler Creating the Login and Register Pages Resource Pooling Getting Started Working with Connections Authenticating the API Summary Part IV: Getting the Most Out of Node.js 10 Deployment and Development Deployment Level: Basic Level: Ninja Multiprocessor Deployment: Using a Proxy Multiple Servers and Sessions Virtual Hosting Built-in Support Proxy Server Support Securing Your Projects with HTTPS/SSL Generating Test Certificates Built-in Support Proxy Server Support Multiplatform Development Locations and Configuration Files Handling Path Differences Summary 11 Command-Line Programming Running Command-Line Scripts UNIX and Mac Windows Scripts and Parameters Working with Files Synchronously Basic File APIs Files and Stats Listing Contents of Directories Interacting with the User: stdin/stdout Basic Buffered Input-Output Unbuffered Input The Readline Module Working with Processes Simple Process Creation Advanced Process Creation with Spawn Summary 12 Testing Choosing a Framework Installing Nodeunit Writing Tests Simple Functional Tests Testing Asynchronous Functionality RESTful API Testing Testing Secured Resources Summary Index Acknowledgments I’d like to thank all the Marks at PHPTR (it’s a common name, it seems) who have helped me make this book and other projects a reality.


pages: 375 words: 66,268

High Performance JavaScript by Nicholas C. Zakas

en.wikipedia.org, Firefox, Google Chrome, sorting algorithm, web application

The difference in the amount of JavaScript code became clear as the IE 6 JavaScript engine struggled to keep up due to its static garbage-collection routine. The engine looked for a fixed number of objects in memory to determine when to collect garbage. Earlier web application developers had run into this threshold infrequently, but with more JavaScript code comes more objects, and complex web applications began to hit this threshold quite often. The problem became clear: JavaScript developers and web applications had evolved while the JavaScript engines had not. Although other browsers had more logical garbage collection routines, and somewhat better runtime performance, most still used a JavaScript interpreter to execute code.

This was closely followed by the xi standardization of JavaScript into ECMA-262, third edition. With all browsers supporting the DOM and (more or less) the same version of JavaScript, a web application platform was born. Despite this huge leap forward, with a common API against which to write JavaScript, the JavaScript engines in charge of executing that code remained mostly unchanged. Why Optimization Is Necessary The JavaScript engines that supported web pages with a few dozen lines of JavaScript in 1996 are the same ones running web applications with thousands of lines of JavaScript today. In many ways, the browsers fell behind in their management of the language and in doing the groundwork so that JavaScript could succeed at a large scale.

In many ways, the browsers fell behind in their management of the language and in doing the groundwork so that JavaScript could succeed at a large scale. This became evident with Internet Explorer 6, which was heralded for its stability and speed when it was first released but later reviled as a horrible web application platform because of its bugs and slowness. In reality, IE 6 hadn’t gotten any slower; it was just being asked to do more than it had previously. The types of early web applications being created when IE 6 was introduced in 2001 were much lighter and used much less JavaScript than those created in 2005. The difference in the amount of JavaScript code became clear as the IE 6 JavaScript engine struggled to keep up due to its static garbage-collection routine.


pages: 999 words: 194,942

Clojure Programming by Chas Emerick, Brian Carper, Christophe Grand

Amazon Web Services, Benoit Mandelbrot, cloud computing, cognitive load, continuous integration, database schema, domain-specific language, don't repeat yourself, drop ship, duck typing, en.wikipedia.org, failed state, finite state, Firefox, functional programming, game design, general-purpose programming language, Guido van Rossum, higher-order functions, Larry Wall, mandelbrot fractal, no silver bullet, Paul Graham, platform as a service, premature optimization, random walk, Ruby on Rails, Schrödinger's Cat, semantic web, software as a service, sorting algorithm, SQL injection, Turing complete, type inference, web application

, Vectors vectors, Destructuring (let, Part 2), Sequential destructuring, Associative, Indexed, Vectors, Vectors, Visualizing persistence: maps (and vectors and sets), Transients, Common Macro Idioms and Patterns, Type Hinting for Performance, Growing an HTML DSL argument vectors, Type Hinting for Performance bindings, Common Macro Idioms and Patterns data structure type, Vectors defined, Vectors HTML example, Growing an HTML DSL indices, Destructuring (let, Part 2), Associative nested, Sequential destructuring nth, Indexed structural sharing, Visualizing persistence: maps (and vectors and sets) transient variants, Transients versioning, Tangible benefits, Artifacts and coordinates, Dependencies, Deploying Clojure Apps to Amazon’s Elastic Beanstalk about, Tangible benefits applications, Deploying Clojure Apps to Amazon’s Elastic Beanstalk snapshots and release versions, Dependencies version string, Artifacts and coordinates views, Views, Views in Clojure, A Simple (JavaScript) View, A Simple (JavaScript) View, Views in Clojure, Views in Clojure Clojure, Views in Clojure, Views in Clojure JavaScript, A Simple (JavaScript) View, A Simple (JavaScript) View W *warn-on-reflection*, Type errors and warnings, Automating type hinting of multidimensional array operations warnings, primitives, Type errors and warnings warnOnReflection, AOT compilation configuration watches, notifications and constraints, Watches, Watches web, Clojure and the Web, Final Thoughts, The “Clojure Stack”, The Foundation: Ring, Middleware, Requests and Responses, Adapters, Handlers, Middleware, Routing Requests with Compojure, Routing Requests with Compojure, Templating, Putting everything together, Enlive: Selector-Based HTML Transformation, Putting everything together, Deploying Clojure Web Applications, Going Beyond Simple Web Application Deployment, Java and Clojure Web Architecture, Building .war files with Leiningen, Web Application Packaging, Building .war files with Leiningen, Running Web Apps Locally, Web Application Deployment, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Going Beyond Simple Web Application Deployment beyond simple web application deployment, Going Beyond Simple Web Application Deployment Clojure stack, The “Clojure Stack” Java, Java and Clojure Web Architecture, Building .war files with Leiningen, Web Application Packaging, Building .war files with Leiningen web application packaging, Web Application Packaging, Building .war files with Leiningen Ring, The Foundation: Ring, Middleware, Requests and Responses, Adapters, Handlers, Middleware adapters, Adapters handlers, Handlers middleware, Middleware requests and responses, Requests and Responses routing requests, Routing Requests with Compojure, Routing Requests with Compojure templating, Templating, Putting everything together, Enlive: Selector-Based HTML Transformation, Putting everything together Enlive, Enlive: Selector-Based HTML Transformation, Putting everything together web application deployment, Web Application Deployment, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk EB, Deploying Clojure Apps to Amazon’s Elastic Beanstalk, Deploying Clojure Apps to Amazon’s Elastic Beanstalk web apps, Running Web Apps Locally web app, Java and Clojure Web Architecture web crawlers, Using agents to parallelize workloads when-let, Conditionals: if where, Queries white space, Whitespace and Commas why Clojure, Why Clojure?

We already demonstrated how applications can be run from the REPL in the embedded Jetty runtime in Chapter 16; let’s now tackle .war packaging, which will allow us to flexibly deploy to production-ready app servers and hosted platforms. Web Application Packaging A Java web application is packaged into a .war file, an extension of the .jar file packaging discussed in Artifacts and coordinates.[422] The typical .war file layout includes: Resources like HTML files and images that are statically served out of the “top level” of the .war file A variety of data rooted in a WEB-INF directory entry, under which you can find: A web.xml file that describes how the .war file should be deployed into a web application server. A lib directory entry, which can contain any number of nested .jar files.

This is a general-purpose approach that is not limited to web applications, and not limited to local deployments; see Chapter 10 for details. Web Application Deployment Being able to package Clojure web applications into standard .war files gives us a lot of deployment flexibility: all of the deployment practices and facilities available for deploying Java web applications are therefore available for use with Clojure web apps. In general, the act of deployment requires the following: Setting up and configuring an app server Copying the .war file your build process is producing to your server Restarting the app server if necessary If necessary, reverting your application’s .war file to a prior version (in case the last deployed version contained a regression, for example) You can certainly do these things manually or in a custom way—programmers and system administrators have been doing “hands-on” application deployments for a long time.


pages: 249 words: 45,639

Learn Python the Hard Way by Zed Shaw

complexity theory, finite state, functional programming, index card, web application

Make A Simple "Hello World" Project Now you're going to make an initial very simple "Hello World" web application and project directory using lpthw.web. First, make your project directory: $ cd projects $ mkdir gothonweb $ cd gothonweb $ mkdir bin gothonweb tests docs templates $ touch gothonweb/__init__.py $ touch tests/__init__.py You'll be taking the game from Exercise 42 and making it into a web application, so that's why you're calling it gothonweb. Before you do that, we need to create the most basic lpthw.web application possible. Put the following code into bin/app.py: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 import web urls = ( '/', 'index' ) app = web.application(urls, globals()) class index: def GET(self): greeting = "Hello World" return greeting if __name__ == "__main__": app.run() Then run the application like this: $ python bin/app.py http://0.0.0.0:8080/ Finally, use your web browser and go to the URL http://localhost:8080/ and you should see two things.

A really good way to do that is to take the diagram, and break different parts of the web application you did in Exercise 50. If you can break your web application in predictable ways using the diagram, you'll start to understand how it works. How Forms Work The best way to play with forms is to write some code that accepts form data, and then see what you can do. Take your bin/app.py file and make it look like this: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 import web urls = ( '/hello', 'Index' ) app = web.application(urls, globals()) render = web.template.render('templates/') class Index(object): def GET(self): form = web.input(name="Nobody") greeting = "Hello, %s" % form.name return render.index(greeting = greeting) if __name__ == "__main__": app.run() Restart it (hit CTRL-c and then run it again) to make sure it loads again, then with your browser go to http://localhost:8080/hello which should display, "I just wanted to say Hello, Nobody."

Before you attempt this exercise you must have completed Exercise 46 successfully and have a working pip installed such that you can install packages and know how to make a skeleton project directory. If you don't remember how to do this, go back to Exercise 46 and do it all over again. Installing lpthw.web Before creating your first web application, you'll first need to install the "web framework" called lpthw.web. The term "framework" generally means "some package that makes it easier for me to do something". In the world of web applications, people create "web frameworks" to compensate for the difficult problems they've encountered when making their own sites. They share these common solutions in the form of a package you can download to bootstrap your own projects.


pages: 134 words: 29,488

Python Requests Essentials by Rakesh Vidya Chandra, Bala Subrahmanyam Varanasi

business logic, create, read, update, delete, en.wikipedia.org, Kickstarter, machine readable, MITM: man-in-the-middle, MVC pattern, natural language processing, RFC: Request For Comment, RFID, supply-chain management, web application

After obtaining his bachelor's degree in Information Technology, he worked with Agiliq Info Solutions and built several web applications using Python. Rakesh is passionate about writing technical blogs on various open source technologies. When not coding, he loves to dance to hip-hop and listens to EDM. Bala Subrahmanyam Varanasi loves hacking and building web applications. He has a bachelor's degree in Information Technology. He has been in the software industry for the last three and a half years, where he worked with Agiliq Info Solutions and Crypsis Technologies. Bala has also built different web applications using Python, Ruby, and JavaScript. Apart from coding, he is interested in entrepreneurship and is the founder of Firebolt Labs.

In the next chapter, you will learn about the Flask microframework and we will build an application using it by following the best practices. [ 86 ] Implementing a Web Application with Python Using Flask To ensure prosperity in the process of learning about the Requests module, there seems to be nothing more important than an application of all the skills and knowledge that you attained until now. So, here we pave the way to apply the expertise you have gained till date, by creating a web application with the Flask framework. This will give you an in-depth knowledge of developing a practical web application and writing test cases for it. We do incline ourselves towards following the best practices and a hands-on approach in this process.

You will also be introduced to using the BeautifulSoup library, its installation, and procedures to scrape the web using Python Requests and BeautifulSoup. We would like to thank www.majortests.com for allowing us to base the examples in this chapter around their website. Chapter 7, Implementing a Web Application with Python Using Flask, gives an introduction to the Flask framework and moves on to discuss how to develop a simple Survey application which deals with creating, listing and voting various questions. In this chapter you will acquire all the knowledge required to build a web application using Flask. What you need for this book You need the following software for this book: • Python 2.7 or above • Python Requests • BeautifulSoup • HTTPretty • Flask Who this book is for This book is for all Python developers, web developers, and even administrators who want to use Requests to make HTTP Requests to web servers and perform HTML scraping


pages: 265 words: 60,880

The Docker Book by James Turnbull

Airbnb, continuous integration, Debian, DevOps, domain-specific language, false flag, fault tolerance, job automation, Kickstarter, Kubernetes, microservices, MVC pattern, platform as a service, pull request, Ruby on Rails, software as a service, standardized shipping container, web application

Using Docker to build and test a web application Now let's look at a more complex example of testing a larger web application. We're going to test a Sinatra-based web application instead of a static website and then develop that application whilst testing in Docker. Sinatra is a Ruby-based web application framework. It contains a web application library and a simple Domain Specific Language or DSL for creating web applications. Unlike more complex web application frameworks, like Ruby on Rails, Sinatra does not follow the model–view–controller pattern but rather allows you to create quick and simple web applications. As such it's perfect for creating a small sample application to test.

The redis gem we're going to use a little later on to provide integration to a Redis database. We've also created a directory to hold our new web application and exposed the default WEBrick port of 4567. Finally, we've specified a CMD of /opt/webapp/bin/webapp, which will be the binary that launches our web application. Let's build this new image now using the docker build command. $ sudo docker build -t jamtur01/sinatra . Creating our Sinatra container We've built our image. Let's now download our Sinatra web application's source code. You can find the code for this Sinatra application here or at The Docker Book site. The application is made up of the bin and lib directories from the webapp directory.

/var/www/ ---> Running in 0e117f6ea4ba ---> a79983575b86 Successfully built a79983575b86 We now have an image with an ONBUILD instruction that uses the ADD instruction to add the contents of the directory we're building from to the /var/www/ directory in our image. This could readily be our generic web application template from which I build web applications. Let's try this now by building a new image called webapp from the following Dockerfile: FROM jamtur01/apache2 MAINTAINER James Turnbull "james@example.com" ENV APPLICATION_NAME webapp ENV ENVIRONMENT development Let's look at what happens when I build this image. $ sudo docker build -t="jamtur01/webapp" . ...


Essential TypeScript 4: From Beginner to Pro by Adam Freeman

en.wikipedia.org, Google Chrome, node package manager, revision control, type inference, web application

Part 3, “Creating Applications with TypeScript”: TypeScript isn’t used on its own, so Part 3 of this book shows you how to use TypeScript to create web applications using three popular frameworks: React, Angular, and Vue.js. These chapters explain the TypeScript features that are useful for each framework and demonstrate how to achieve tasks commonly required during web application development. To provide the foundation for understanding what these frameworks do, I also show you how to create a stand-alone web application that doesn’t rely on a web application framework. Are There Lots of Examples? There are loads of examples. The best way to learn TypeScript is by example, and I have packed as many of them into this book as I can.

In the next part of the book, I build a series of web applications that rely on TypeScript, starting with a stand-alone application and then using the Angular, React, and Vue.js frameworks. Part III Creating Web Applications © The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature 2021 A. FreemanEssential TypeScript 4https://doi.org/10.1007/978-1-4842-7011-0_15 15. Creating a Stand-Alone Web App, Part 1 Adam Freeman1 (1)London, UK In this part of the book, I show you how TypeScript fits into the development process for the three most popular web application frameworks: Angular, React, and Vue.js.

Click the version that is shown, click Select TypeScript Version, and select the version you require. Creating the Project To get started with TypeScript, I am going to build a simple to-do list application. The most common use for TypeScript is web application development, which I demonstrate for the most popular frameworks (Angular, React, and Vue) in Part 3 of this book. But for this chapter, I build a command-line application that will keep the focus on TypeScript and avoid the complexity of a web application framework. The application will display a list of tasks, allow new tasks to be created, and allow existing tasks to be marked as complete. There will also be a filter to include already completed tasks in the list.


Catalyst 5.8: The Perl MVC Framework by Antano Solar John, Jonathan Rockway, Solar John Antano

business logic, c2.com, create, read, update, delete, database schema, Debian, en.wikipedia.org, Firefox, MVC pattern, Ruby on Rails, social intelligence, web application

Summary Chapter 2: Creating a Catalyst Application Creating the application skeleton Latest helper scripts Files in the MyApp directory Files in the lib directory Files in the root directory Files in the script directory Files in the t directory Handling URL requests Adding a View More on Controller methods Some technical details Adding a database Installing SQLite Creating a database schema 1 7 8 9 10 10 11 11 12 13 13 14 17 17 23 23 24 24 25 25 26 28 32 35 35 36 36 Table of Contents Creating a database model for Catalyst Using the Model Summary 37 37 39 Chapter 3: Building a Real Application 41 Chapter 4: Expanding the Application 67 Environment setup Database design Understanding the interface to the database TTSite Creating the index page Creating a "Not Found" page Viewing people Basic CRUD Forms Finishing up Summary Configuration files Configuring the address book Sessions Adding sessions to the address book Sessions in the database Using components from outside Catalyst Searching and paging Authentication and authorization Authentication Authorization Adding authentication and authorization to the address book Summary Chapter 5: Building a More Advanced Application The application Background Creating the database Populating the database Extracting the data Chained resultsets Custom resultsets Putting the data on the Web Summary [ ii ] 41 42 44 48 50 51 52 55 56 60 65 67 69 70 71 73 75 79 87 87 89 91 101 103 103 106 106 110 114 118 120 120 139 Table of Contents Chapter 6: Building Your Own Model 141 Chapter 7: Hot Web Topics 155 Creating a database model from scratch Extending a DBIx::Class model Custom methods without raw SQL Calling database functions Implementing a Filesystem model Tweaking the model Request context inside the model Maintainable models Other components Summary REST Getting some REST 141 143 145 145 146 150 151 152 154 154 155 157 REST Controller REST authentication Adding an entity REST easy 157 158 159 165 AJAX Getting started 165 166 Implementing AJAX RSS Summary 168 173 175 Jemplate 166 Chapter 8: Moose 177 Moose introduction OO in Perl OO in Moose 177 177 178 Properties Class method Instantiating objects 179 179 180 Inheritance Moose in Catalyst Controller CatalystX declare CatalystX Roles Types Model Immutable Summary 180 181 182 182 185 185 186 187 188 188 [ iii ] Table of Contents Chapter 9: Deployment 189 Basics PAR deployment Configuration management Configuring a web server Apache 189 191 192 192 193 FastCGI Static content mod_perl Performance considerations 193 194 195 196 Development server and perlbal Database Versioning code Summary 196 198 198 199 Chapter 10: Testing 201 Index 221 Mechanics Testing ChatStat Testing a database Testing the web interface Testing the AddressBook Logging in Testing forms Testing JavaScript Summary 202 204 205 208 211 211 213 215 219 [ iv ] Preface Have you ever created a web application that is almost done but is hard to complete? It is a well known fact that 20 percent of the work takes 80 percent of the time in software development (80-20 rule Frednic Brooks). One of the reasons contributing to this is that it is easy to build web applications, but it's not so easy to build clean, scalable, and extendable web applications. MVC architecture aims at reducing most of the overheads involved in making this transition easy. Catalyst provides a mechanism to implement MVC and more complex design patterns for web application development. This books aims at taking you step- by-step from showing how MVC simplifies creating quality applications to how Catayst allows you to tap this power instantly.

[ 154 ] Hot Web Topics Traditionally, web applications were lonely and isolated. Each of them had their own set of users and data, and never acknowledged the existence of other applications. Today, things are changing. Web applications provide public APIs so that other applications can programmatically interact with their data and users. Users can visit sites and later request that the site notifies them when it has been updated. Another new development is the widespread adoption of dynamic JavaScriptenabled web applications. Gone are the days of slow waits between pages while things get loaded; AJAX allows web applications to be almost as responsive as native desktop applications.

Finally, the main project website, http://www.catalystframework.org/, provides links to useful community tools including the Catalyst wiki, Planet Catalyst (a collection of Catalyst-related blog postings), and the Catalyst Advent Calendar (a mini cookbook published every December). As always, before posting to the mailing list or asking on IRC, do a quick Google search to see if you're experiencing a common problem. Summary Many web applications are implemented in a way that makes developing them painful and repetitive. Catalyst, an MVC framework for Perl, lets you design and implement a web application in a natural, maintainable, and testable manner. Everything that your web application needs to do is written only once. You connect to the database in one place, have configuration in one place, and so on. Then, you just write actions for each URL that your application needs, without worrying about the database connections or HTML to produce.


Scala in Action by Nilanjan Raychaudhuri

business logic, continuous integration, create, read, update, delete, database schema, domain-specific language, don't repeat yourself, duck typing, en.wikipedia.org, failed state, fault tolerance, functional programming, general-purpose programming language, higher-order functions, index card, Kanban, MVC pattern, type inference, web application

Your first steps will be getting started with practices like test-driven development (TDD) and continuous integration for your Scala project. Chapter 6. Building web applications in functional style This chapter covers Building Scala projects with SBT (Simple Build Tool) Introduction to the Scalaz HTTP module Creating a web application in Scala called weKanban This second part of the book switches focus to more real-world applications of the Scala programming language, and what could be more practical than building a web application in Scala? There are already web frameworks like Lift (http://liftweb.net) and Playframework (www.playframework.org) that Scala developers can use to build web applications. But this chapter introduces you to an interesting library called Scalaz (http://code.google.com/p/scalaz/).

(The source code for Scalaz is hosted at http://github.com/scalaz/scalaz.) This simple library will allow you to focus on building a web application in functional style without worrying about the complexity of a full-stack web framework. There are quite a few similarities between web applications and functional programming. Think of a web application as a collection of functions that takes an HTTP request and produces an HTTP response. Each URL endpoint is mapped to a function that knows how to handle the request. Because you’re building in functional programming style, the web application state (like user sessions) is explicitly specified in each request. The benefit of thinking in this style is that you can build web applications by composing functions or using higher-order combinators.

You also configure suffix with .jsp so that when you return ModelAndView with "artists" from the controller, it can look for the artists.jsp file in the WEB-INF/jsp folder. To load these configuration files when the application starts, add them to the web.xml file. The following listing shows the complete web.xml. Listing 11.7. web.xml of the topArtists web application Most of the content of this file should be familiar to you if you’ve built a web application for the JVM. All the Java web containers read the web.xml to initialize Java-based web applications. The listener attribute allows applications to listen to events generated by containers, such as when an application is loaded or unloaded. In this case, the listener configured is ContextLoaderListener, and this class knows how to configure Spring by reading context-param .


pages: 290 words: 119,172

Beginning Backbone.js by James Sugrue

Airbnb, business logic, continuous integration, don't repeat yourself, Firefox, Google Chrome, loose coupling, MVC pattern, node package manager, single page application, web application, Y Combinator

jQuery Another key milestone in JavaScript’s maturity was the release of John Resig’s jQuery in 2006, a framework that acknowledged the need for a more controlled approach to writing JavaScript for web applications. The framework provides the ability to search and manipulate the Document Object Model (DOM), deal with events, create animations, and create Ajax applications with a straightforward syntax. jQuery also abstracted away many of the cross-browser incompatibilities that plagued front-end engineers. With its modular architecture, developers could write their own plug-ins that would run on top of JQuery. Suddenly, JavaScript developers were taken seriously, and more elegant user interfaces were possible. Single-Page Web Applications A single-page web application is one that requires just one page load and where all required elements can be loaded dynamically onto the page without needing to leave.

Yeoman web site at http://yeoman.io Yeoman, created by the Google Chrome Developer Relations team, is a tool stack that brings together three tools to improve your productivity when creating web applications. It includes Grunt, which we discussed in depth in Chapter 9, as well as two other tools: Bower and Yo. Bower is a package manager for libraries and frameworks that are used within web applications. In a similar fashion to NPM, Bower allows you to download the libraries you need through the command line and brings all the dependent libraries along with it. This is a huge improvement in the process of downloading a library and finding its dependencies. Yo is at the core of Yeoman, providing a scaffolding tool to build web applications from scratch from the command line.

The key thing to remember is that even though JavaScript is a dynamic language and allows you to do almost anything you want, there is always the opportunity to apply real structure to your code to make it future-proof and ready for any application requirements that get added late in the project life cycle. 269 Index „„         A AngularJS, 8 Apache, 19 Asynchronous JavaScript and XML (Ajax), 2 Asynchronous Module Definition (AMD), 249 „„         B Backbone applications error alert, 233 error validation, 232 error events, 233 invalid event, 232 validate function, 232 validate method, 232 memory leaks listenTo function, 234 patterns, 234–236 unbind events, 233–234 network performance, 244 perceived performance Cache objects, 247 document fragment, 245–246 extra data storage, 246–247 optimistic network calls, 244 rendering views registerPartial function, 238–239 render function, 236, 238 template precompilation, 240–241 underscore templates, 239–240 separation of concerns, 231 view management common code sharing, 242 parent view updation, 242–243 Backbone collections adding models, 54 constructors, 54 definition, 53 events, functions and property, 62 exchanging data deleting data, 60 retrieving data, 59 saving data, 60 setup, 59 functions and property, 61 getting list of attributes, 58 iterating function, 57 removing models, 55 reset function, 55 retrieving models, 56 search mechanisms, 58 set function, 56 shuffle function, 58 sorting function, 57 Backbone community code samples, 127 developer tools and utilities, 148 models and collection extensions (see Models and collection extensions) quick reference, 149 user interface components (see User interface components) Backbone.history.start() function, 86 Backbone.js advantages, 14 Ajax, 2 Ashkenas, Jeremy, 1 companies Airbnb, 12 Foursquare, 13 SoundCloud, 12 design patterns (see Design patterns, web applications) development tools Apache, 19 Google Chrome, 20 Sublime Text 2, 20 271 ■ index Backbone.js (cont.) disadvantages, 15 DocumentCloud application, 1 downloading CDNs, 18 development versions, 16 edge version, 17 jQuery.com, 17–18 production version, 17 underscorejs.org, 17 Underscorejs.org, 17 Gmail web application, 3 jQuery, 2 library, 1 Model View Controller pattern, 1 server-side logic, 1 single-page web applications, 2 testing, 18 Backbone models adding functions, 43 attributes changing attribute values, 41 cloning models, 42 deleting attributes, 41 operations, 42 retrieving attribute values, 41 constructors, 40 creation, 40 deleting models, 52 events listening for changes, 43–44 operations relatedto attributes changes, 45 tracking changes, 44 exchanging data, 47 extend mechanism, 52 identifiers, 50 model validation, 45 Node.js server back end, 47 parsing server responses, 52 retrieving models, 51 save function, 50 Backbone view binding View class, 65 changing DOM element, 68 creation, 64 extend() function, 64 finding nested elements, 67 properties and functions, 69 rendering content, 66 self and this objects, 69 viewing events, 68 Behavior-Driven Development (BDD), 170 Booleans, 24 272 „„         C .clone() method, 42 CoffeeScript, 1 CollectionView, Marionette Backbone.View class, 209 callbacks, 215 child views, 216 collection attribute, 210 for empty datasets, 216 ItemView, 216 root element updation, 209 showProfile event, 208 template parameter, 209 TimelineItemView, 208, 210–211 Twitter timeline, 211 CompositeView, Marionette appendHtml function, 212 complete code, 213 HTML page, 212 TimelineItemView declaration, 214 tagName attribute, 213 timeline div, 212 timeline-item-template, 213–214 timeline-template creation, 212 ul declaration, 212 Content delivery network (CDN), 18 „„         D Date objects, 25 Design patterns Facade pattern convert function, 266–267 definition, 265 model objects, 265 twitter, 266 Mediator pattern airport control tower, 267 definition, 267 handling, 268 implementation, 267–268 name.change notification, 268 Model View * AngularJS, 8 Backbone.Collection, 6 Backbone.Model, 6 Backbone.Router, 6 Backbone.View, 6 Ember.js, 9 implementation, 6 Knockout.js, 7 ■ Index Model View Presenter, 5 MVVM, 6 Model View Controller (MVC) code reuse, 5 data representation, 5 key terms, 4 separation of concerns, 5 sequence diagram, 5 structure benefits, 4 DocumentCloud application, 1 Document Object Model (DOM), 2 „„         E ECMAScript, 21 el attribute, 65 Ember.js, 9 Events, backbone application binding, 88–89 collection events, 91 custom event creation, 93 DOM, 94 global, 93 listenTo function, 90 model, 92 router class, 92 stopListening function, 90 triggering, 91 unbinding, 89–90 „„         F Facade pattern convert function, 266 definition, 265 model objects, 265 twitter, 266 fetch() function, 51 findWhere function, 59 forEach function, 57 „„         G Globbing, 187 Google Chrome, 20 Grunt CSSMin, 194 file system array format, 185 compact format, 185 globbing, 187 object format, 185 properties, 186 installation, 180 jasmine task, 197 JavaScript, 180 JavaScript source code compression, 190 externalLibraries, 191–192 installation, 190 minification task, 192 report property, 193 UglifyJS Task configuration, 191 uglify task, 193 plug-ins, 201 projects configuration, 182 dependency, 181 grunt.loadNpmTasks function, 183 grunt.registerTask function, 183–184 index.html file, 181 scaffolding, 199 src and dest property, 183 uglify task, 182–183 QUnit task configuration, 195 installation, 195 output, 196 reporting task, 196 static analysis tools initConfig, 188–189 installation, 188 JSHint checks, 188 JSHint output, 189 lint tool, 188 registerTask function, 189 reporterOutput attribute, 189–190 task configuration, 184 task sets, 198 web site, 180 grunt.loadNpmTasks function, 183 grunt.registerTask function, 183–184 „„         H Handlebars function built-in helpers, 76 conditional statements, 75 creating helpers, 76 displaying variables, 74 each helper, 75 inserting comments, 74 precompiling templates, 77 usage with Backbone, 73 „„         I Inheritance prototype chain, 34 overriding methods, 34 parasitic combination, 34–35 talk method, 33 273 ■ index „„         J Jasmine, 170 BDD, 170 describe function, 172 directory structure, 171 expect function, 172 fake server, 177 it function, 172 jQuery matchers, 175 matchers, 174 output, 172 run tests, PhantomJS, 178 setup and teardown function, 174 view test, 175 website, 170 jQuery, 2 „„         K Knockout.js, 7 ko.observable() function, 7 „„         L log helper, 76 „„         M Marionette application creation, 203, 205 application infrastructure, 204 application structure, 204 developers, 203–204 download options and version, 204 messaging, 205 m.html page, 205 nested regions, 216 object layout, 217–218 region addition, 206 TemplateCache, 205 views, 204 attachView function, 207 callbacks, 214–215 collectionview (see CollectionView, Marionette) CompositeView (see CompositeView, Marionette) currentView attribute, 207 events, 214 ItemView, 206 Region objects manage views, 207 show() or close() functions, 207 TimelineView, 206 274 Math functions, 25 Mediator pattern airport control tower, 267 definition, 267 handling, 268 implementation, 267–268 name.change notification, 268 Models and collection extensions Backbone.dualStorage Chrome Developer Tools, 142 configuration, 141 uses, 141 Backbone.memento Chrome Developer Tools, 140 configuration, 138, 140 plug-in ignore changes, 139 uses, 138–139 Backbone.trackit configuration, 137 individual model objects, 137 uses, 137 Backbone-Validator configuration, 144 uses, 144 Backbone.ViewModel computed attributes, 143 configuration, 143 Handlebars helpers, 144 uses, 142 ModelAttrs configuration, 147 library, 147 uses, 147 Query Engine configuration, 146 standard and live collections, 146 uses, 146 Model View * AngularJS, 8 Backbone.Collection, 6 Backbone.Model, 6 Backbone.Router, 6 Backbone.View, 6 Ember.js, 9 implementation, 6 Knockout.js, 7 Model View Presenter, 5 MVVM, 6 Model View Controller (MVC) code reuse, 5 data representation, 5 key terms, 4 ■ Index separation of concerns, 5 sequence diagram, 5 structure benefits, 4 Model View Presenter (MVP), 5 Model View ViewModel (MVVM), 6 MooTools, 38 Mustache template comment sections, 79 displaying variables, 78 iterating through a list, 78 usage with Backbone, 77 „„         N, O Object oriented-JavaScript basic syntax arrays, 28–29 closures, 29 loops and conditionals, 27 variable declaration, 26 characteristics, 21 constructors, 30 controlling access, 36 core objects date, 24 math, 25 RegExp, 26 creating methods, 30–31 encapsulation, 32 frameworks Backbone.js, 38 MooTools, 38 Prototype.js, 37 namespace, 36 object creation, 30 objects, 22 primitive data types Boolean, 24 number, 24 String, 22, 24 undefined and null, 24 prototype inheritance (see Inheritance prototype) property, 31–32 snippets, 22 versions, 21 „„         P parse() function, 52 PhantomJS, 162 „„         Q QUnit, 154.


pages: 174 words: 34,672

Nginx Essentials by Valery Kholodkov

data science, Debian, en.wikipedia.org, web application

Nginx as a reverse proxy HTTP is a complex protocol that deals with data of different modality and has numerous optimizations that—if implemented properly—can lead to a significant increase in web service performance. At the same time, web application developers have less time to deal with low-level issues and optimizations. The mere idea of decoupling a web application server from a frontend server shifts the focus on managing incoming traffic to the frontend, while shifting the focus on functionality, application logic, and features to the web application server. This is where Nginx comes into play as a decoupling point. An example of a decoupling point is SSL termination: Nginx receives and processes inbound SSL connections, it forwards the request over plain HTTP to an application server, and wraps the received response back into SSL.

This can be done using the proxy_redirect directive: location @proxy { proxy_pass http://localhost:8080; proxy_redirect http://localhost:8080/app http://www.example.com; } Consider a web application that is running at http://localhost:8080/app, while the original server has the address http://www.example.com. Assume the web application issues a temporary redirect (HTTP 302) to http://localhost:8080/app/login. With the preceding configuration, Nginx will rewrite the URI in the location header to http://www.example.com/login. If the redirect URI was not rewritten, the client would be redirected to http://localhost:8080/app/login, which is valid only within a local domain, so the web application would not be able to work properly. With the proxy_redirect directive, the redirect URI will be properly rewritten by Nginx, and the web application will be able to perform the redirect properly.

If cookie path needs to be rewritten as well due to application server being rooted at a different path, you can use the proxy_cookie_path directive as shown in the following code: location @proxy { proxy_pass http://localhost:8080; proxy_cookie_path /my_webapp/ /; } In this example, whenever Nginx detects a cookie with a prefix specified in the first argument of the proxy_cookie_path directive (/my_webapp/), it replaces this prefix with the value in the second argument of the proxy_cookie_path directive (/). Putting everything together for the www.example.com domain and the web application running at localhost:8080, we get the following configuration: location @proxy { proxy_pass http://localhost:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect http://$proxy_host/app /; proxy_cookie_domain $proxy_host www.example.com; proxy_cookie_path /my_webapp/ /; } The preceding configuration ensures transparency for a web application server so that it doesn't even need to know which virtual host it is running on.


pages: 324 words: 87,064

Learning Ext Js by Shea Frederick

call centre, Firefox, framing effect, side project, SQL injection, web application

Because of this, the code used for different functionalities and widgets is more coherent than in some other JavaScript libraries. Ext JS really shines in making web applications easyto-use and intuitive. If you are a web application developer, it's a great library to have in your arsenal. We start by outlining how to download and configure the Ext JS library. Covering everything from the simplest alerts to complex grids, layouts, and forms, this book will enable you to start creating rich, interactive web applications. We will use plenty of real-world examples that can be applied immediately to your ongoing projects. Sample code is broken down to its simplest form, allowing us to concentrate on learning the usage of the library.

Once you are set up with a local (or remote) development web server, your favorite editor and debugger, and Firefox with Firebug, you are ready to start Learning Ext JS. Who is this book for This book is written for Web Application Developers who are familiar with HTML, but may have little to no experience with JavaScript application development. If you are starting to build a new web application, or you are revamping an existing web application, then this book is for you. Conventions In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.

Thorat Copy Editor Sumathi Sridhar Editorial Team Leader Akshara Aware This material is copyright and is licensed for the sole use by Roman Heinrich on 25th December 2008 Am Hilligenbusch 47, , Paderborn, NRW, 33098 About the Authors Shea Frederick began his career in web development before the term 'Web Application' became commonplace. By the late 1990s, he was developing web applications for Tower Records that combined a call center interface with inventory and fulfillment. Since then, Shea has worked as a developer for several companies, building and implementing various commerce solutions, content management systems, and lead tracking programs.


pages: 420 words: 61,808

Flask Web Development: Developing Web Applications With Python by Miguel Grinberg

business logic, database schema, Firefox, full text search, information security, Minecraft, platform as a service, web application

With Flask you can choose the components of your application or even write your own if that is what you want. No questions asked! The key to this freedom is that Flask was designed from the start to be extended. It comes with a robust core that includes the basic functionality that all web applications need and expects the rest to be provided by some of the many third-party extensions in the ecosystem and, of course, by you. In this book I present my workflow for developing web applications with Flask. I don’t claim to have the only true way to build applications with this framework. You should take my choices as recommendations and not as gospel. Most software development books provide small and focused code examples that demonstrate the different features of the target technology in isolation, leaving the “glue” code that is necessary to transform these different features into a fully working applications to be figured out by the reader.

You can verify that Flask was installed correctly by starting the Python interpreter and trying to import it: (venv) $ python >>> import flask >>> If no errors appear, you can congratulate yourself: you are ready for the next chapter, where you will write your first web application. Chapter 2. Basic Application Structure In this chapter, you will learn about the different parts of a Flask application. You will also write and run your first Flask web application. Initialization All Flask applications must create an application instance. The web server passes all requests it receives from clients to this object for handling, using a protocol called Web Server Gateway Interface (WSGI).

For example, the execution of the send_async_email() function can be sent to a Celery task queue. This chapter completes the overview of the features that are a must-have for most web applications. The problem now is that the hello.py script is starting to get large and that makes it harder to work with. In the next chapter, you will learn how to structure a larger application. Chapter 7. Large Application Structure Although having small web applications stored in a single script can be very convenient, this approach does not scale well. As the application grows in complexity, working with a single large source file becomes problematic.


pages: 315 words: 70,044

Learning SPARQL by Bob Ducharme

database schema, Donald Knuth, en.wikipedia.org, G4S, linked data, machine readable, semantic web, SPARQL, web application

The Free University of Berlin team that developed D2RQ came up with their own ontology for mapping between relational schemas and RDF vocabularies. As of this writing, the W3C is developing a standardized mapping to improve consistency between the use of different relational systems in different semantic web application environments. Note The Oracle Corporation’s most well-known products are relational database managers, and plenty of semantic web applications have middleware like D2RQ serving up triples created from the relational data in these products. The separate Oracle Database Semantic Technologies product, however, lets you use Oracle Database 11g as a native triplestore, complete with SPARQL support.

BIND, Combining Values and Assigning Values to Variables, Creating New Data, Comparing Values and Doing Arithmetic in CONSTRUCT queries, Creating New Data binding, More Realistic Data and Matching on Multiple Triples, Glossary, Glossary blank nodes, Blank Nodes and Why They’re Useful, Blank Nodes and Why They’re Useful, Blank Nodes and Why They’re Useful, Searching with Blank Nodes, Using Existing SPARQL Rules Vocabularies, Node Type Conversion Functions, Glossary searching with, Searching with Blank Nodes square braces to represent, Using Existing SPARQL Rules Vocabularies bnode, Blank Nodes and Why They’re Useful (see blank nodes) boolean datatype, Datatypes and Queries bound(), Finding Data That Doesn’t Meet Certain Conditions, Node Type and Datatype Checking Functions C cast, Glossary casting, Functions ceil(), Numeric Functions CGI scripts, SPARQL and Web Application Development classes, Reusing and Creating Vocabularies: RDF Schema and OWL, Reusing and Creating Vocabularies: RDF Schema and OWL, Creating New Data subclasses and, Reusing and Creating Vocabularies: RDF Schema and OWL CLEAR, Deleting Data COALESCE(), Program Logic Functions comma, Storing RDF in Files, Converting Data CONSTRUCT queries and, Converting Data in N3 and Turtle, Storing RDF in Files comma separated values, Standalone Processors comments (in Turtle and SPARQL), The Data to Query CONCAT(), Program Logic Functions CONSTRUCT, Query Forms: SELECT, DESCRIBE, ASK, and CONSTRUCT, Copying Data, Converting Data, Changing Existing Data prototyping update commands with, Changing Existing Data CONTAINS(), String Functions, String Functions, Extension Functions converting data, Converting Data, Converting Data copying data, Copying Data, Copying Data COUNT(), Finding the Smallest, the Biggest, the Count, the Average..., Grouping Data and Finding Aggregate Values within Groups CSS, SPARQL and Web Application Development curl utility, SPARQL and Web Application Development D D2RQ, Querying a Remote SPARQL Service, Middleware SPARQL Support data cleanup, FILTERing Data Based on Conditions data typing, Data Typing, Data Typing datatype(), Defining Rules with SPARQL, Node Type and Datatype Checking Functions datatypes, Datatypes and Queries, Datatype Conversion, Datatype Conversion converting, Datatype Conversion, Datatype Conversion custom, Datatypes and Queries date datatype, Datatypes and Queries date ranges in queries, Comparing Values and Doing Arithmetic dateTime datatype, Datatypes and Queries day(), Date and Time Functions DBpedia, Querying a Public Data Source, Using the Labels Provided by DBpedia, SPARQL and Web Application Development querying, Querying a Public Data Source decimal datatype, Datatypes and Queries default graph, Querying Named Graphs, Glossary DELETE, Deleting Data DELETE DATA, Deleting Data, Deleting Data DELETE vs., Deleting Data DESC(), Sorting Data DESCRIBE, Query Forms: SELECT, DESCRIBE, ASK, and CONSTRUCT, Asking for a Description of a Resource DISTINCT, Eliminating Redundant Output, Eliminating Redundant Output, Querying Named Graphs division, Comparing Values and Doing Arithmetic double precision datatype, Datatypes and Queries DROP, Dropping Graphs Dublin Core, URLs, URIs, IRIs, and Namespaces, Changing Existing Data, Glossary E ENCODE_FOR_URI(), String Functions entailment, The SPARQL Specifications, Glossary F FILTER, Searching for Strings, FILTERing Data Based on Conditions, FILTERing Data Based on Conditions float datatype, Datatypes and Queries floor(), Numeric Functions FOAF (Friend of a Friend), URLs, URIs, IRIs, and Namespaces, Storing RDF in Files, Converting Data, Hash Functions, Glossary hash functions in, Hash Functions Freebase, SPARQL and Web Application Development FROM, Querying the Data, Querying Named Graphs, Copying Data in CONSTRUCT queries, Copying Data FROM NAMED, Querying Named Graphs Fuseki, Getting Started with Fuseki, Getting Started with Fuseki, Adding Data to a Dataset loading data into, Adding Data to a Dataset shutting down, Getting Started with Fuseki starting up, Getting Started with Fuseki G GRAPH, Querying Named Graphs, Querying Named Graphs, Querying Named Graphs, Copying Data, Named Graphs in CONSTRUCT queries, Copying Data in update queries, Named Graphs referencing graphs not named in FROM NAMED clause, Querying Named Graphs variables with, Querying Named Graphs graph pattern, More Realistic Data and Matching on Multiple Triples, Glossary graphs (RDF), More Realistic Data and Matching on Multiple Triples, Glossary GROUP BY, Grouping Data and Finding Aggregate Values within Groups GROUP_CONCAT(), Finding the Smallest, the Biggest, the Count, the Average...

., Deleting Data DESC(), Sorting Data DESCRIBE, Query Forms: SELECT, DESCRIBE, ASK, and CONSTRUCT, Asking for a Description of a Resource DISTINCT, Eliminating Redundant Output, Eliminating Redundant Output, Querying Named Graphs division, Comparing Values and Doing Arithmetic double precision datatype, Datatypes and Queries DROP, Dropping Graphs Dublin Core, URLs, URIs, IRIs, and Namespaces, Changing Existing Data, Glossary E ENCODE_FOR_URI(), String Functions entailment, The SPARQL Specifications, Glossary F FILTER, Searching for Strings, FILTERing Data Based on Conditions, FILTERing Data Based on Conditions float datatype, Datatypes and Queries floor(), Numeric Functions FOAF (Friend of a Friend), URLs, URIs, IRIs, and Namespaces, Storing RDF in Files, Converting Data, Hash Functions, Glossary hash functions in, Hash Functions Freebase, SPARQL and Web Application Development FROM, Querying the Data, Querying Named Graphs, Copying Data in CONSTRUCT queries, Copying Data FROM NAMED, Querying Named Graphs Fuseki, Getting Started with Fuseki, Getting Started with Fuseki, Adding Data to a Dataset loading data into, Adding Data to a Dataset shutting down, Getting Started with Fuseki starting up, Getting Started with Fuseki G GRAPH, Querying Named Graphs, Querying Named Graphs, Querying Named Graphs, Copying Data, Named Graphs in CONSTRUCT queries, Copying Data in update queries, Named Graphs referencing graphs not named in FROM NAMED clause, Querying Named Graphs variables with, Querying Named Graphs graph pattern, More Realistic Data and Matching on Multiple Triples, Glossary graphs (RDF), More Realistic Data and Matching on Multiple Triples, Glossary GROUP BY, Grouping Data and Finding Aggregate Values within Groups GROUP_CONCAT(), Finding the Smallest, the Biggest, the Count, the Average... H hash functions, Hash Functions hash symbol, The Data to Query HAVING, Grouping Data and Finding Aggregate Values within Groups Hendler, Jim, Linked Data hours(), Date and Time Functions HTML, SPARQL and Web Application Development, SPARQL and Web Application Development HTTP, URLs, URIs, IRIs, and Namespaces I IF(), Program Logic Functions IN, FILTERing Data Based on Conditions inferencing, Creating New Data, Glossary with CONSTRUCT queries, Creating New Data INSERT, Adding Data to a Dataset INSERT DATA, Adding Data to a Dataset, Adding Data to a Dataset INSERT vs., Adding Data to a Dataset integer datatype, Datatypes and Queries IRI, Glossary IRI(), Node Type Conversion Functions isBlank(), Node Type and Datatype Checking Functions isIRI(), Node Type and Datatype Checking Functions isLiteral(), Node Type and Datatype Checking Functions isNumeric(), Node Type and Datatype Checking Functions isURI(), FILTERing Data Based on Conditions, Node Type and Datatype Checking Functions J JavaScript, SPARQL and Web Application Development, SPARQL Query Results XML Format Jena, Defining Rules with SPARQL, Getting Started with Fuseki, Getting Started with Fuseki, Standalone Processors join (SPARQL equivalent), Searching Further in the Data JSON, The SPARQL Specifications, SPARQL and Web Application Development, SPARQL Query Results XML Format, Standalone Processors as ARQ output, Standalone Processors query results, SPARQL Query Results XML Format K Knuth, Donald, Datatypes and Queries L lang(), Checking, Adding, and Removing Spoken Language Tags, Checking, Adding, and Removing Spoken Language Tags langMatches() vs., Checking, Adding, and Removing Spoken Language Tags langMatches(), Checking, Adding, and Removing Spoken Language Tags language codes, Making RDF More Readable with Language Tags and Labels, Using the Labels Provided by DBpedia, Checking, Adding, and Removing Spoken Language Tags, Checking, Adding, and Removing Spoken Language Tags checking, adding, and removing, Checking, Adding, and Removing Spoken Language Tags, Checking, Adding, and Removing Spoken Language Tags filtering on, Using the Labels Provided by DBpedia LCASE(), String Functions LIMIT, Retrieving a Specific Number of Results, Federated Queries: Searching Multiple Datasets with One Query Linked Data, What Exactly Is the “Semantic Web”?


Python Web Development With Django by Jeff Forcier

business logic, create, read, update, delete, database schema, Debian, don't repeat yourself, duck typing, en.wikipedia.org, Firefox, full text search, functional programming, Guido van Rossum, loose coupling, MVC pattern, revision control, Ruby on Rails, Silicon Valley, slashdot, SQL injection, web application

At this point in the book, you should now have a decent background in both the basics of developing Web applications as well as the underlying theory and organization of a typical Web framework. In Part II,“Django in Depth,” we dive into the details of how to use Django, exploring the various classes, functions, and data structures it uses and showing you more code snippets to help it all make sense. II Django in Depth 4 Defining and Using Models 5 URLs, HTTP Mechanisms, and Views 6 Templates and Form Processing This page intentionally left blank 4 Defining and Using Models A s explained in Chapter 3,“Starting Out,” the data model of a Web application is usually its foundation, and at any rate is an excellent place to begin exploring the details of Django development.Although this chapter has two main sections—defining models, and then using them—the two halves are more intertwined than separate.We need to consider how we plan to use our models, while we’re defining them, to generate the most effective arrangement of classes and relationships.And, of course, you can’t make the best use of a model without understanding the how and the why of its definition.

In addition, we hope you’re convinced of the power and flexibility of the QuerySet class as a means of pulling information out of your models and understand how to work with your Django application’s data outside the ORM itself. In the next two chapters, Chapters 5,“URLs, HTTP Mechanisms, and Views” and 6, you learn how to make use of your model in the context of a Web application by setting up queries in your controller logic (views) and then displaying them in your templates. 5 URLs, HTTP Mechanisms, and Views Iunderpinnings n the previous chapter, you learned how to define the data models which form the of most Web applications; in the chapter following this one, we show you how to display those models with Django’s template language and forms. However, by themselves those two aspects of a Web framework don’t do much; you need controller logic deciding what data to render which template with and URL dispatching to determine what logic is performed for a given URL.

Following is a trivial example that does a simple search and replace of “foo” with “bar” on all text output by the Web application: class TextFilterMiddleware(object): def process_response(self, request, response): response.content = response.content.replace(‘foo’, ‘bar’) We could have made this a more realistic example that filters out naughty words (which can be useful for a community Web site, for example), but this is a family book! Views/Logic Views (née controllers) form the core of any Django Web application in that they provide nearly all the actual programming logic.When defining and using the models, we’re database administrators; when writing the templates, we’re interface designers; but when writing views, we’re truly software engineers.


pages: 504 words: 67,845

Designing Web Interfaces: Principles and Patterns for Rich Interactions by Bill Scott, Theresa Neil

A Pattern Language, anti-pattern, en.wikipedia.org, Firefox, recommendation engine, Ruby on Rails, Silicon Valley, web application

Desktop-style applications In testing Virtual Scrolling, Yahoo! found that users naturally understood the scrolling paradigm, most likely because they were already accustomed to this feature on desktop mail clients. Since the Yahoo! Mail Web application looks very similar to desktop web applications, the expectation for scrolling already exists in the user's mind. * * * Tip The more the web application looks and behaves like a desktop application, the more intuitive desktop idioms (like Virtual Scrolling) are to the user. * * * Loading status There are a few downsides to the Yahoo! Mail version of Virtual Scrolling.

* * * * * * [10] In the past, separate browser windows were used for secondary windows. Lightweight overlays simply map the secondary content into a floating layer on the page. The resulting overlay feels more lightweight. See Chapter 5. Table Edit Editing tables of data is less common in consumer web applications. In enterprise web applications, however, tables reign supreme. The most common request is for the table editing to work like Microsoft Excel, which long ago set the standard for editing data in a grid. A good example of Table Edit is a Google Docs Spreadsheet (Figure 1-12). Figure 1-12. Editing a spreadsheet in Google Docs is very similar to editing a spreadsheet in Microsoft Excel Considerations Presentation is the primary consideration when displaying a table of data.

Activation A single mouse click is required to start editing a cell instead of a mouse hover. This is consistent with keeping the display of the grid uncluttered. Imagine how irritating it would be if every mouse motion revealed an edit box. * * * Tip You should generally avoid double-click in web applications. However, when web applications look and behave like desktop applications, double-click can be appropriate. * * * Rendering versus editing. Google Spreadsheet displays the edit box slightly larger than the cell. This clearly indicates editability and lets the user know that input is not limited to the size of the cell (the edit box actually dynamically resizes as the user types into it).


Mastering Structured Data on the Semantic Web: From HTML5 Microdata to Linked Open Data by Leslie Sikos

AGPL, Amazon Web Services, bioinformatics, business process, cloud computing, create, read, update, delete, Debian, en.wikipedia.org, fault tolerance, Firefox, Google Chrome, Google Earth, information retrieval, Infrastructure as a Service, Internet of things, linked data, machine readable, machine translation, natural language processing, openstreetmap, optical character recognition, platform as a service, search engine result page, semantic web, Silicon Valley, social graph, software as a service, SPARQL, text mining, Watson beat the top human players on Jeopardy!, web application, Wikidata, wikimedia commons, Wikivoyage

On the Baskets panel, you can load contents from, and save contents to, a text file; add selected resources; add matching properties; add subclasses, subproperties, instances, individuals, and unreferences resources; and perform batch operations. 90 Chapter 4 ■ Semantic Web Development Tools Apache Stanbol Apache Stanbol is a semantic data modeler and comprehensive ontology manager [13]. It includes a content-management system that supports Semantic Web services and web application functions such as tag extraction, text completion in search fields, and e-mail routing, based on extracted entities. The functionalities of the Stanbol components are available through a RESTful web service API. The RESTful services return results in RDF, JSON, and JSON-LD. Apache Stanbol can be run as a stand-alone application (packaged as a runnable JAR) or as a web application (packaged as .war) deployable in servlet containers such as Apache Tomcat. It is compatible with Apache frameworks such as Solr (for semantic search), Tika (for metadata extraction), and Jena (for storage).

Marmotta provides a collection of Linked Data libraries for common LD tasks such as access to LD resources and query Linked Data (through LDPath, a simple LD query language). The triplestore is segregated from the server, so it can be used independently. The Apache Marmotta platform is implemented as a Java web application and deployed as a .war file. It is a service-oriented architecture using Contexts and Dependency Injection (CDI), a set of services of Java web application development. The Marmotta Core, a fundamental component of Apache Marmotta, provides Linked Data access, RDF import and export functionality, and an admin interface. Marmotta Core unites the service and dependency injection, the triplestore, the system configuration, and logging.

Oracle (2014) Oracle Spatial and Graph: Benchmarking a Trillion Edges RDF Graph. http://download.oracle.com/otndocs/tech/semantic_web/pdf/ OracleSpatialGraph_RDFgraph_1_trillion_Benchmark.pdf. Accessed 3 February 2015. Chapter 9 Use Cases By reading the book, you learned how to write HTML5 Microdata and JSON-LD annotations in the markup, develop Semantic Web applications, describe web services in standardized languages, run powerful queries on Linked Open Data (LOD) datasets, and develop Semantic Web applications. Now that you have become familiar with Semantic Web technologies, let’s analyze four complex examples, to get ready for real-life implementations! RDB to RDF Direct Mapping Using the R2RML language for expressing customized mappings from relational database (RDB) to Resource Description Framework (RDF) datasets, you refer to logical tables to retrieve data from an input database.


pages: 224 words: 45,431

Python Web Penetration Testing Cookbook by Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound

en.wikipedia.org, information security, Kickstarter, Minecraft, MITM: man-in-the-middle, SQL injection, web application

Disclamer This book contains details on how to perform attacks against web applications using Python scripts. In many circumstances, these attacks are likely to be illegal in your jurisdiction and can be considered terms of service violation and/or professional misconduct. The instructions in this book are provided for usage in the context of formal penetration tests to protect a system against attacks, which are conducted with the permission of a site owner. Preface Welcome to our book on Python and web application testing. Penetration testing is a massive field and the realms of Python are even bigger.

Chapter 3, Vulnerability Identification, covers recipes based on identifying potential vulnerabilities on websites, such as Cross-site scripting, SQL Injection, and outdated plugins. Chapter 4, SQL Injection, covers how to create scripts that target everyone's favorite web application vulnerability. Chapter 5, Web Header Manipulation, covers scripts that focus specifically on the collection, control, and alteration of headers on web applications. Chapter 6, Image Analysis and Manipulation, covers recipes designed to identify, reverse, and replicate steganography in images. Chapter 7, Encryption and Encoding, covers scripts that dip their toes into the massive lake that is encryption.

See also Refer to the recipe Generating e-mail addresses from names for more information. Finding comments in source code A common security issue is caused by good programming practices. During the development phase of web applications, developers will comment their code. This is very useful during this phase, as it helps with understanding the code and will serve as useful reminders for various reasons. However, when the web application is ready to be deployed in a production environment, it is best practice to remove all these comments as they may prove useful to an attacker. This recipe will use a combination of Requests and BeautifulSoup in order to search a URL for comments, as well as searching for links on the page and searching those subsequent URLs for comments as well.


pages: 511 words: 111,423

Learning SPARQL by Bob Ducharme

business logic, Donald Knuth, en.wikipedia.org, G4S, hypertext link, linked data, machine readable, place-making, semantic web, SPARQL, web application

ex160.rq, Grouping Data and Finding Aggregate Values within Groups ex162.rq, Grouping Data and Finding Aggregate Values within Groups ex164.rq, Grouping Data and Finding Aggregate Values within Groups ex166.rq, Querying a Remote SPARQL Service ex167.rq, Querying a Remote SPARQL Service ex170.rq, Querying a Remote SPARQL Service ex172.rq, Federated Queries: Searching Multiple Datasets with One Query ex174.rq, Copying Data ex176.rq, Copying Data ex178.rq, Copying Data ex180.rq, Copying Data ex182.rq, Copying Data ex184.rq, Creating New Data ex185.rq, Creating New Data ex187.ttl, Creating New Data ex188.rq, Creating New Data ex190.rq, Creating New Data ex192.rq, Creating New Data ex193.ttl, Creating New Data ex194.rq, Converting Data ex196.rq, Converting Data ex198.ttl, Defining Rules with SPARQL ex199.rq, Defining Rules with SPARQL ex201.rq, Defining Rules with SPARQL, Datatypes and Queries ex202.rq, Defining Rules with SPARQL ex203.rq, Generating Data About Broken Rules ex205.rq, Generating Data About Broken Rules ex207.rq, Generating Data About Broken Rules ex209.rq, Generating Data About Broken Rules ex211.rq, Using Existing SPARQL Rules Vocabularies ex212.rq, Using Existing SPARQL Rules Vocabularies ex213.rq, Asking for a Description of a Resource ex215.rq, Asking for a Description of a Resource ex216.rq, Asking for a Description of a Resource ex217.ttl, Datatypes and Queries ex218.rq, Datatypes and Queries ex220.rq, Datatypes and Queries ex221.rq, Datatypes and Queries ex222.rq, Datatypes and Queries ex223.rq, Datatypes and Queries ex224.ttl, Representing Strings ex225.rq, Representing Strings ex227.ttl, Comparing Values and Doing Arithmetic ex228.rq, Comparing Values and Doing Arithmetic ex230.rq, Comparing Values and Doing Arithmetic ex232.rq, Comparing Values and Doing Arithmetic ex233.rq, Comparing Values and Doing Arithmetic ex235.rq, Program Logic Functions ex237.rq, Program Logic Functions ex239.rq, Program Logic Functions ex241.ttl, Node Type and Datatype Checking Functions ex242.rq, Node Type and Datatype Checking Functions ex244.rq, Node Type and Datatype Checking Functions ex246.rq, Node Type Conversion Functions ex248.rq, Node Type Conversion Functions ex249.ttl, Node Type Conversion Functions ex251.rq, Node Type Conversion Functions ex253.rq, Node Type Conversion Functions ex255.rq, Node Type Conversion Functions ex257.rq, Datatype Conversion ex259.ttl, Datatype Conversion ex260.rq, Datatype Conversion ex262.rq, Datatype Conversion ex264.rq, Datatype Conversion ex266.ttl, Datatype Conversion ex267.rq, Datatype Conversion ex268.txt, Datatype Conversion ex269.rq, Checking, Adding, and Removing Spoken Language Tags ex270.rq, Checking, Adding, and Removing Spoken Language Tags ex271.rq, Checking, Adding, and Removing Spoken Language Tags ex273.rq, Checking, Adding, and Removing Spoken Language Tags ex276.rq, Checking, Adding, and Removing Spoken Language Tags ex278.ttl, Checking, Adding, and Removing Spoken Language Tags ex279.rq, Checking, Adding, and Removing Spoken Language Tags ex281.ttl, Checking, Adding, and Removing Spoken Language Tags ex282.rq, Checking, Adding, and Removing Spoken Language Tags ex284.ttl, String Functions ex285.rq, String Functions ex287.rq, String Functions ex289.ttl, String Functions ex290.rq, String Functions ex292.ttl, Numeric Functions ex293.rq, Numeric Functions ex295.rq, Numeric Functions ex298.ttl, Date and Time Functions ex299.rq, Date and Time Functions ex301.rq, Date and Time Functions ex303.rq, Date and Time Functions ex305.rq, Hash Functions ex307.py, Hash Functions ex308.rq, Extension Functions ex311.rq, Adding Data to a Dataset ex312.ru, Adding Data to a Dataset ex313.ru, Adding Data to a Dataset ex314.rq, Adding Data to a Dataset ex316.ru, Adding Data to a Dataset ex324.ru, Deleting Data ex325.ru, Changing Existing Data ex326.rq, Changing Existing Data ex327.ttl, Changing Existing Data ex328.ttl, Changing Existing Data ex329.ru, Changing Existing Data ex330.ru, Named Graphs ex331.ru, Named Graphs ex332.rq, Named Graphs, SPARQL and HTTP ex333.ru, Named Graphs ex334.ru, Dropping Graphs ex336.ru, Dropping Graphs ex337.ru, Dropping Graphs, Solution ex338.ru, Dropping Graphs, SPARQL and HTTP ex339.ru, Dropping Graphs ex340.ru, Dropping Graphs ex341.rq, Dropping Graphs ex342.ru, Named Graph Syntax Shortcuts: WITH and USING ex343.ru, Named Graph Syntax Shortcuts: WITH and USING ex344.ru, Named Graph Syntax Shortcuts: WITH and USING ex345.ru, Named Graph Syntax Shortcuts: WITH and USING ex346.ru, Deleting and Replacing Triples in Named Graphs ex347.ru, Deleting and Replacing Triples in Named Graphs ex348.ru, Deleting and Replacing Triples in Named Graphs ex349.ru, Deleting and Replacing Triples in Named Graphs ex350.ru, Deleting and Replacing Triples in Named Graphs ex351.ru, Deleting and Replacing Triples in Named Graphs ex352.ru, Deleting and Replacing Triples in Named Graphs ex353.ru, Deleting and Replacing Triples in Named Graphs ex354.rq, Deleting and Replacing Triples in Named Graphs ex355.rq, SPARQL and Web Application Development ex358.py, SPARQL and Web Application Development ex360.pl, SPARQL and Web Application Development ex361.py, SPARQL and Web Application Development ex363.py, SPARQL and Web Application Development ex401.xml, SPARQL Query Results XML Format ex402.xsl, Processing XML Query Results ex403.xml, SPARQL Query Results XML Format ex404.js, SPARQL Query Results JSON Format ex405.js, SPARQL Query Results JSON Format ex406.rq, Working with SPARQL Query Result Formats ex407.js, Processing JSON Query Results ex408.rq, Working with SPARQL Query Result Formats ex409.ttl, Working with SPARQL Query Result Formats ex410.xml, SPARQL Query Results XML Format ex411.js, SPARQL Query Results JSON Format ex412.csv, SPARQL Query Results CSV and TSV Formats ex413.tsv, TSV Query Results ex414.txt, Working with SPARQL Query Result Formats ex415.rq, What Is Inferencing?

., Adding Data to a Dataset integer datatype, Datatypes and Queries IRI, Glossary IRI(), Node Type Conversion Functions, Solution isBlank(), Node Type and Datatype Checking Functions isIRI(), Node Type and Datatype Checking Functions isLiteral(), Node Type and Datatype Checking Functions isNumeric(), Node Type and Datatype Checking Functions isURI(), FILTERing Data Based on Conditions, Node Type and Datatype Checking Functions J Java, SPARQL and Web Application Development JavaScript, SPARQL Query Results JSON Format, SPARQL and Web Application Development Jena, Defining Rules with SPARQL, Getting Started with Fuseki, Getting Started with Fuseki, Standalone Processors join (SPARQL equivalent), Searching Further in the Data JSON, The SPARQL Specifications, SPARQL and Web Application Development ARQ and, Working with SPARQL Query Result Formats, Standalone Processors defined, SPARQL Query Results JSON Format query results, SPARQL Query Results JSON Format results from a SPARQL engine, SPARQL Query Results JSON Format K Knuth, Donald, Datatypes and Queries L lang(), Checking, Adding, and Removing Spoken Language Tags langMatches() vs., Checking, Adding, and Removing Spoken Language Tags langMatches(), Checking, Adding, and Removing Spoken Language Tags language codes, Making RDF More Readable with Language Tags and Labels, Checking, Adding, and Removing Spoken Language Tags–Checking, Adding, and Removing Spoken Language Tags adding, Checking, Adding, and Removing Spoken Language Tags checking, Checking, Adding, and Removing Spoken Language Tags filtering on, Using the Labels Provided by DBpedia removing, Checking, Adding, and Removing Spoken Language Tags LCASE(), String Functions, Discussion LIMIT, Retrieving a Specific Number of Results, Federated Queries: Searching Multiple Datasets with One Query Linked Data, What Exactly Is the “Semantic Web”?

Note This idea of model-driven development and deployment is not limited to the use of the RDF family of specifications, but the fact that these specifications are standards with a range of commercial and open source implementations makes it an attractive choice for many developers using this methodology. SPARQL and Web Application Development In Applications and Triples, we learned about SPARQL engines and related RDF processors that perform special instructions based on the subjects, predicates, and objects (mostly, predicates) that they find in a set of triples. While these can be valuable components of an application, in this section we’ll look at the bigger picture of application development using SPARQL: tying together such components with the other parts you need to create a complete application. “Web application development” typically means two things: using web-based technologies to create an interface and taking advantage of web-based data sources.


pages: 180 words: 37,187

AngularJS Essentials by Rodrigo Branas

business logic, Firefox, MVC pattern, node package manager, single page application, web application

Animating ngRepeat Animating ngHide Animating ngClass Summary Chapter 3: Data Handling Expressions Filters Basic usage with expressions 31 31 32 34 35 36 36 37 38 42 43 44 46 47 48 48 49 50 50 51 53 53 55 55 currency date filter json limitTo lowercase number orderBy uppercase Using filters in other places Creating filters Form validation Creating our first form Basic validation Understanding the $pristine and $dirty properties The $error object Summary [ ii ] 55 56 56 57 58 58 58 59 60 60 61 62 62 63 65 65 66 Table of Contents Chapter 4: Dependency Injection and Services Dependency injection Creating services Creating services with the factory Creating services with the service Creating services with the provider Using AngularJS built-in services Communicating with the backend HTTP, REST, and JSON Creating an HTTP facade Headers Caching Interceptors 67 68 69 70 74 75 76 76 76 82 84 85 85 Creating a single-page application 87 Logging Timeout Asynchronous with a promise-deferred pattern 96 96 98 Installing the module Configuring the routes Rendering the content of each view Passing parameters Changing the location Resolving promises The deferred API The promise API Summary 87 87 88 91 92 93 100 101 101 Chapter 5: Scope 103 Chapter 6: Modules 115 Two-way data binding $apply and $watch Best practices using the scope The $rootScope object Scope Broadcasting Summary 103 104 106 110 110 113 Creating modules The UI module The search module The parking application module Recommended modules Summary 115 116 118 119 120 120 [ iii ] Table of Contents Chapter 7: Unit Testing 121 The Jasmine testing framework Testing AngularJS components Services Controllers Filters Directives 122 124 125 126 128 129 Creating the element with the directive Compiling the directive Calling the link function with the scope Invoking the digest cycle 130 130 130 130 Mocking with $httpBackend Running tests with Karma 132 140 Installation Configuration Running tests 140 141 142 Summary 143 Chapter 8: Automating the Workflow 145 Index 159 Automating the workflow with Grunt Installation Configuration Creating a distribution package Executing the workflow Managing packages with Bower Installation Finding packages Installing packages Using packages Cache Summary [ iv ] 145 146 146 147 155 156 156 156 157 157 158 158 Preface For more than 12 years, I have been developing all kinds of web applications, and along the way, I have had the opportunity to experience the vast majority of frameworks on the Java platform. In 2008, I moved from an architecture highly based on backend web frameworks such as Struts and JSF to experience new challenges at the frontend. I think the main goal was to stop creating those old-school and hard-to-use web applications, investing on interactivity and usability. At that time, I adopted the Google Web Toolkit, also known as GWT, building some web applications for almost 2 years. The results were pretty amazing in terms of user experience; however, I felt very upset about low productivity and also the amount of code that I had to write every day.

AngularJS Directives ISBN: 978-1-78328-033-9 Paperback: 110 pages Learn how to craft dynamic directives to fuel your single-page web applications using AngularJS 1. Learn how to build an AngularJS directive. 2. Create extendable modules for plug-and-play usability. 3. Build apps that react in real time to changes in your data model. Please check www.PacktPub.com for information on our titles Mastering Web Application Development with AngularJS ISBN: 978-1-78216-182-0 Paperback: 372 pages Build single-page web applications using the power of AngularJS 1. Make the most out of AngularJS by understanding the AngularJS philosophy and applying it to real-life development tasks. 2.

While looking for a solution, a very experienced JavaScript developer and also a great friend of mine, Rafael Nami, introduced me to AngularJS. In the following weeks, I started to read everything about it and also writing some code. After a few weeks, I was thrilled because it had never been so easy to create amazing web applications with so little code! Preface Only 2 months later, I launched my first web application based entirely on AngularJS, and honestly, I cannot imagine writing this same application using another kind of technology in this short period of time. I was so excited about it that I wrote an article on using AngularJS with Spring MVC and Hibernate for a magazine called Java Magazine.


pages: 260 words: 40,943

Hacking Exposed: Network Security Secrets and Solutions by Stuart McClure, Joel Scambray, George Kurtz

AltaVista, bash_history, Dennis Ritchie, end-to-end encryption, information security, Ken Thompson, Larry Wall, MITM: man-in-the-middle, Morris worm, Multics, peer-to-peer, remote working, systems thinking, web application

In our example, you can see we traversed back up the file system into the system directory to obtain a file called “secret.txt,” which probably wasn’t an intended behavior for this site. IIS 2.0 was vulnerable to this type of exploit, and was corrected early on. However, many third-party Web applications, or “quick and dirty” Web servers integrated into P:\010Comp\Hacking\262-3\ch10.vp Thursday, August 09, 2001 12:37:34 PM HackingGeneric / Hacking Windows Color profile: CMYK Exposed printer profile Composite Default screen 2000: Network Security Secrets & Solutions / Scambray & McClure / 9262-3 / Chapter 10 Chapter 10: Hacking IIS 5 and Web Applications various appliances are still vulnerable to this attack. One prominent example of such an integrated Web server is the Compaq Insight Manager (CIM) Web server that ships with most Compaq server hardware to enable remote, HTTP-based management.

C:\WINNT\system32> C:\WINNT\system32>whoami whoami [carriage return] NT AUTHORITY\SYSTEM P:\010Comp\Hacking\262-3\ch10.vp Thursday, August 09, 2001 12:37:36 PM HackingGeneric / Hacking Windows Color profile: CMYK Exposed printer profile Composite Default screen 2000: Network Security Secrets & Solutions / Scambray & McClure / 9262-3 / Chapter 10 Chapter 10: Hacking IIS 5 and Web Applications We used the whoami utility from the Windows 2000 Resource Kit to show this shell is running in the context of the all-powerful LocalSystem account from the remote machine. Because the initial attack occurs via the Web application channel (port 80, typically) and because the shell is shoveled outbound from the victim Web server on a port defined by the attacker, this attack is difficult to stop using router or firewall filtering.

P:\010Comp\Hacking\262-3\ch10.vp Thursday, August 09, 2001 1:39:14 PM HackingGeneric / Hacking Windows Color profile: CMYK Exposed printer profile Composite Default screen 2000: Network Security Secrets & Solutions / Scambray & McClure / 9262-3 / Chapter 10 Chapter 10: Hacking IIS 5 and Web Applications Actually, it’s a little more complicated than that. ISAPI extensions are wrapped in the Web Application Manager (WAM) object, which can run within the IIS process or not. Running “out-of-process” extracts a slight performance hit, but prevents unruly ISAPI applications from crashing IIS process and is, therefore, regarded as a more robust way to run ISAPI applications.


Backbone.js Cookbook by Vadim Mirgorod

Airbnb, business logic, create, read, update, delete, en.wikipedia.org, Firefox, Google Chrome, MVC pattern, QR code, rolodex, Ruby on Rails, web application

Questions You can contact us at questions@packtpub.com if you are having a problem with any aspect of the book, and we will do our best to address it. 4 1 Understanding Backbone In this chapter, we will cover the following points: ff Designing an application with the MVC pattern ff Defining business logic with models and collections ff Modeling an application's behavior with views and a router ff Creating an application structure from scratch ff Writing your first Backbone application ff Implementing URL routing in your application ff Extending an application with plugins ff Contributing to the Backbone project Introduction Backbone.js is a lightweight JavaScript framework that is based on the Model-View-Controller (MVC) pattern and allows developers to create single-page web applications. With Backbone, it is possible to update a web page quickly using the REST approach with a minimal amount of data transferred between a client and a server. Understanding Backbone Backbone.js is becoming more popular day by day and is being used on a large scale for web applications and IT startups; some of them are as follows: ff Groupon Now!: The team decided that their first product would be AJAX-heavy but should still be linkable and shareable.

See also ff Check out the official Require.js documentation at http://www.requirejs.org/ Ensuring compatibility with search engines When a search engine finds an AJAX-powered web application, it can't index such an app, because the search engine does not execute the complex JavaScript code. What the search engine wants is a static HTML. In this recipe, we are going to learn how to make the search engine index the AJAX web application. We are going to deal mostly with Google, but we will also consider how to work with others. The idea behind this recipe is that we can render the AJAX app into a static HTML page on the server and deliver it to a search engine spider via a proxy redirect.

Instant AngularJS Starter ISBN: 978-1-782166-76-4 Paperback: 66 pages A concise guide to start building dynamic web applications with AngularJS, one of the Web's most innovative JavaScript frameworks 1. Learn something new in an Instant! A short, fast, focused guide delivering immediate results. 2. Take a broad look at the capabilities of AngularJS, with in-depth analysis of its key features 3. See how to build a structured MVC-style application that will scale gracefully in real-world applications Getting Started with Meteor.js JavaScript Framework ISBN: 978-1-782160-82-3 Paperback: 130 pages Develop modern web applications in Meteor, one of the hottest new JavaScript platforms 1.


pages: 422 words: 86,414

Hands-On RESTful API Design Patterns and Best Practices by Harihara Subramanian

blockchain, business logic, business process, cloud computing, continuous integration, create, read, update, delete, cyber-physical system, data science, database schema, DevOps, disruptive innovation, domain-specific language, fault tolerance, information security, Infrastructure as a Service, Internet of things, inventory management, job automation, Kickstarter, knowledge worker, Kubernetes, loose coupling, Lyft, machine readable, microservices, MITM: man-in-the-middle, MVC pattern, Salesforce, self-driving car, semantic web, single page application, smart cities, smart contracts, software as a service, SQL injection, supply-chain management, web application, WebSocket

The following diagram depicts the combination of HTTP Methods and the Resource Names for Uniform Interfaces: There are four guiding principles suggested by Fielding that constitute the necessary constraints to satisfy the uniform interface, and they are as follows: Identification of resources Manipulation of resources Self-descriptive messages Hypermedia as the engine of application state We will see each constraint in detail in the following sections. Identification of resources As we have seen in earlier sections, a resource represents a named entity in a web application, and it is usually a Uniform Resource Locator (URL). So, an entity can be identified and assigned as a resource by an explicit reference to it. A URL in a web application is usually a link, and it is in fact a URI. For example, a home page URI, https://developer.twitter.com, uniquely identifies the concept of a specific website's root resource. In REST constraints, the URIs we use are described as follows: The semantics of the mapping of the URI to a resource must not change.

We have a bevy of programming and scripting languages for the client- and server-side applications. Not only desktop and laptop computers, but also handhelds, wearable, portables, nomadic, wireless, and mobile devices are becoming integrated with web applications. The environments become highly complicated and heterogeneous. Also, many devices and services have to collaborate to fulfill business processes. The REST paradigm comes to the rescue here. The REST concept is an abstraction for running web applications on different environments, such as Windows or Linux. RESTful services guarantee the much-needed flexibility to host and run applications coded using different programming languages and platforms.

Connections may be direct or indirect: Clients can talk to servers directly or through intermediaries, which can be a proxy or other brokers. This separation increases system flexibility. The need for scalability is fulfilled easily with this intermediary. Uniform interface: The interactions between the various web application components (clients, servers, and intermediaries) get simplified due to the uniformity of their interfaces. If any of the components deviate from the established standards, there is a possibility that the web applications will break down. The four basic HTTP operations, GET, POST, PUT, and DELETE, provide the much-needed uniformity for all the contributing components to find, interact with, and accomplish tasks with clarity and confidence.


pages: 739 words: 174,990

The TypeScript Workshop: A Practical Guide to Confident, Effective TypeScript Programming by Ben Grynhaus, Jordan Hudgens, Rayon Hunte, Matthew Thomas Morgan, Wekoslav Stefanovski

Ada Lovelace, Albert Einstein, business logic, Charles Babbage, create, read, update, delete, don't repeat yourself, Donald Knuth, fault tolerance, Firefox, full stack developer, functional programming, Google Chrome, Hacker News, higher-order functions, inventory management, Kickstarter, loose coupling, node package manager, performance metric, QR code, Ruby on Rails, SQL injection, type inference, web application, WebSocket

Additionally, he has published over 30 courses, taught 42,000 students globally, and written several programming books. Rayon Hunte has been working with Angular and TypeScript for more than 3 years. He has built complex web applications, such as a vehicle management system and a land management web application for the local government. TypeScript has enabled Rayon to leverage his knowledge of JavaScript and web frameworks to build complex, scalable web applications. Having been a development team lead, Rayon has firsthand knowledge of how large projects can become too complicated and impossible to modify and scale as time passes and more features are added.

But more and more web pages came into existence, and more and more of them needed dynamic content. Suddenly, people needed to use a lot of JavaScript. Web pages started getting more and more complex, and they were now being referred to as web applications. JavaScript got the ability (via AJAX) to access servers and even other sites, and a whole ecosystem of libraries appeared that helped us write better web applications. However, the language itself was still lacking lots of features that are present in most languages – primarily features that are targeted toward professional developers. Note Some of the most talked-about features included a lack of module/namespace support, type-checked expressions, better scoping mechanisms, and better support for asynchronous functionality.

Additionally, the file size of the generated code was usually large, and more often than not, it included a huge base library that needed to load before we would be able to run our transpiled code. Basically, by 2012 there were two options in sight – write a large web application using plain JavaScript, with all the drawbacks that it had, or write large web applications using a transpiler, writing better and more maintainable code, but being removed from the platform where our code actually runs. Then, TypeScript was introduced. Note A video of the introductory lecture is available at https://channel9.msdn.com/Events/Build/2012/3-012.


pages: 183 words: 49,460

Start Small, Stay Small: A Developer's Guide to Launching a Startup by Rob Walling

8-hour work day, en.wikipedia.org, fail fast, inventory management, Jeff Hawkins, Kickstarter, Lean Startup, Marc Andreessen, Network effects, Paul Graham, rolodex, Salesforce, side project, Silicon Valley, social bookmarking, software as a service, Superbowl ad, web application

For hosted applications the question is not “when to use” it’s “when not to use.” Don’t use a hosted web application if: You are targeting a specific community of people such as iPhone or Facebook users. You’re targeting enterprise clients who will want their data to live inside their own walls Your user interface has complex needs that an AJAX/DHTML interface cannot support Your application needs direct hard drive access or peripheral access that require a desktop application Type #2 – Downloadable Web Applications Downloadable web applications serve a single purpose: to allow customers to use your web application but never lose control of their data.

Product Types Six major product types are described below, including the typical pricing structure, benefits, downsides and when to use each. Type #1 – Hosted Web Applications These days hosted web applications are called Software as a Service applications (SaaS), but you may know them by their previous name, ASP Applications (for Application Service Provider), or the new name the media seems to be misusing more and more, “Cloud-based Applications.” Most new business or productivity applications are hosted web applications. Examples abound, but here are some of the more popular options: FreshBooks 39 (hosted invoicing) Basecamp 40 (hosted project management software) FogBugz on Demand 41 (hosted bug tracking / project management) Pricing Structure Typically a monthly or annual recurring fee Benefits for the Entrepreneur Steady, recurring revenue Support is much easier than software installed on a user’s machine since you are in control of every aspect of the deployment and are only maintaining a single version of the application Documentation can be updated as you add features Customer feedback can be incorporated immediately into the product, thus providing incremental improvements on a shorter release schedule Benefits for the Customer Customers do not make a large, up-front capital investment to pay for software licenses Customers do not have to maintain their own servers, install or upgrade software, or open a shared hosting account Upgrades are free, seamless, and require no effort on the part of the customer Customers can try your product with little effort The Downside Developing for the web can be challenging and you have to learn a number of technologies to build an application (HTML/CSS/AJAX/JS/Server Side Code) Browser compatibility issues can be cumbersome, especially with browser market share becoming more and more splintered Some customers, typically enterprise clients, will not allow their data to live outside of company walls and thus will not use hosted web applications It requires you to maintain a 24/7 uptime hosting solution, plus security and backups When to Use When thinking about a new application aimed at businesses, start with the position of a hosted web application.

Examples abound, but here are some of the more popular options: FreshBooks 39 (hosted invoicing) Basecamp 40 (hosted project management software) FogBugz on Demand 41 (hosted bug tracking / project management) Pricing Structure Typically a monthly or annual recurring fee Benefits for the Entrepreneur Steady, recurring revenue Support is much easier than software installed on a user’s machine since you are in control of every aspect of the deployment and are only maintaining a single version of the application Documentation can be updated as you add features Customer feedback can be incorporated immediately into the product, thus providing incremental improvements on a shorter release schedule Benefits for the Customer Customers do not make a large, up-front capital investment to pay for software licenses Customers do not have to maintain their own servers, install or upgrade software, or open a shared hosting account Upgrades are free, seamless, and require no effort on the part of the customer Customers can try your product with little effort The Downside Developing for the web can be challenging and you have to learn a number of technologies to build an application (HTML/CSS/AJAX/JS/Server Side Code) Browser compatibility issues can be cumbersome, especially with browser market share becoming more and more splintered Some customers, typically enterprise clients, will not allow their data to live outside of company walls and thus will not use hosted web applications It requires you to maintain a 24/7 uptime hosting solution, plus security and backups When to Use When thinking about a new application aimed at businesses, start with the position of a hosted web application. The ease of support, ease of adoption, and recurring revenue model are major advantages. Joel Spolsky, CEO of Fog Creek Software 42, said in an interview on Venture Voice 43 that if he were starting his company today he would not build a downloadable version of their flagship product, FogBugz.


pages: 485 words: 74,211

Developing Web Applications with Haskell and Yesod by Michael Snoyman

create, read, update, delete, database schema, Debian, domain-specific language, don't repeat yourself, full text search, functional programming, MVC pattern, web application

Developing Web Applications with Haskell and Yesod Michael Snoyman Editor Simon St. Laurent Copyright © 2012 Michael Snoyman O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://my.safaribooksonline.com). For more information, contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. Developing Web Applications with Haskell and Yesod, the rhinoceros beetle, the mountain apollo butterfly, and related trade dress are trademarks of O’Reilly Media, Inc.

While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. O'Reilly Media * * * Preface It’s fair to say that dynamic languages currently dominate the web development scene. Ruby, Python, and PHP are common choices for quickly creating a powerful web application. They give a much faster and more comfortable development setting than standard static languages in the C family, like Java. But some of us are looking for something more in our development toolbox. We want a language that gives us guarantees that our code is doing what it should. Instead of writing up a unit test to cover every bit of functionality in our application, wouldn’t it be wonderful if the compiler could automatically ensure that our code is correct?

Not only do we avoid basic mistakes such as mixing up integers and strings, it even allows us to statically prevent many cases of security holes like cross-site scripting (XSS) attacks. Who This Book Is For In general, there are two groups of people coming to Yesod. The first group is long time Haskell users—already convinced of the advantages of Haskell—who are looking for a powerful framework for creating web applications. The second is web developers who are either dissatisfied with their existing tools, or are looking to expand their horizons into the functional world. This book assumes a basic familiarity with both web development and Haskell. We don’t use many complicated Haskell concepts, and those we do use are introduced separately.


Realtime Web Apps: HTML5 WebSocket, Pusher, and the Web’s Next Big Thing by Jason Lengstorf, Phil Leggetter

Amazon Web Services, barriers to entry, don't repeat yourself, en.wikipedia.org, Firefox, Google Chrome, MVC pattern, Ruby on Rails, Skype, software as a service, SQL injection, web application, WebSocket

Content also becomes much less text-based, and we start to achieve much more visually appealing and interactive representations of data within a web application. 1 http://en.wikipedia.org/wiki/2011_Egyptian_revolution http://scobleizer.com/2009/02/09/is-the-real-time-web-a-threat-to-google-search/ 3 http://en.wikipedia.org/wiki/Web_content#Content_is_king 2 4 Chapter 1 ■ What Is Realtime? HTTP Hacks As more of us (we developers are the pioneers) started to build web applications, the demands on the web browser increased. Performance became a problem; not just the web browser application but also the machines that the browsers were running on. Those really pushing the boundaries of web technologies and web applications also hit a big stumbling block: HTTP.4 HTTP was designed to be a protocol in which a client makes a request for data and receives a response. However, some web applications began to require that information be sent from the server to the client. So we had to start hacking!

Realtime should belong to the caffeinated masses, so grab your coffee (or tea) and let’s get started. You’ll be up and running with realtime before it gets cold. xix Part I Getting Familiar with the Required Technologies Building a web application isn’t a one-dimensional exercise. Modern web developers will be required to leverage a number of technologies to build apps that meet the needs of their users. In this part of the book, you’ll become familiar with the technologies you’ll use to build your first realtime web application. Since this project is leveraging some of the more common web technologies in use at the time of writing, much of this part of the book should be familiar to you and can be skipped if you feel comfortable without a review.

A few pioneers saw beyond static web sites and started thinking about dynamic web applications. With web apps, the focus shifts away from the server to the client. The client has to do much more work; it retrieves and loads content dynamically, it changes the user interface (UI) based on user feedback, and the UI is presented in a way that we would be traditionally associated with a desktop application. There’s much less focus on pages reloading and the concept of a page in general. Content also becomes much less text-based, and we start to achieve much more visually appealing and interactive representations of data within a web application. 1 http://en.wikipedia.org/wiki/2011_Egyptian_revolution http://scobleizer.com/2009/02/09/is-the-real-time-web-a-threat-to-google-search/ 3 http://en.wikipedia.org/wiki/Web_content#Content_is_king 2 4 Chapter 1 ■ What Is Realtime?


Django Book by Matt Behrens

Benevolent Dictator For Life (BDFL), book value, business logic, create, read, update, delete, database schema, distributed revision control, don't repeat yourself, duck typing, en.wikipedia.org, Firefox, full text search, loose coupling, MITM: man-in-the-middle, MVC pattern, revision control, Ruby on Rails, school choice, slashdot, SQL injection, web application

We noted above that we’ll be showing you how to do things without shortcuts so that you more fully understand the shortcuts. Similarly, it’s useful to understand why Django was created, because knowledge of the history will put into context why Django works the way it does. If you’ve been building Web applications for a while, you’re probably familiar with the problems in the CGI example we presented earlier. The classic Web developer’s path goes something like this: Write a Web application from scratch. Write another Web application from scratch. Realize the application from step 1 shares much in common with the application from step 2. Refactor the code so that application 1 shares code with application 2.

index next | previous | Django Book 0.1 documentation » Chapter 1: Introduction to Django This book is about Django, a Web development framework that saves you time and makes Web development a joy. Using Django, you can build and maintain high-quality Web applications with minimal fuss. At its best, Web development is an exciting, creative act; at its worst, it can be a repetitive, frustrating nuisance. Django lets you focus on the fun stuff – the crux of your Web application – while easing the pain of the repetitive bits. In doing so, it provides high-level abstractions of common Web development patterns, shortcuts for frequent programming tasks, and clear conventions for how to solve problems.

First, we explain, in depth, what Django does and how to build Web applications with it. Second, we discuss higher-level concepts where appropriate, answering the question “How can I apply these tools effectively in my own projects?” By reading this book, you’ll learn the skills needed to develop powerful Web sites quickly, with code that is clean and easy to maintain. What Is A Web Framework? Django is a prominent member of a new generation of Web frameworks – but what does that term mean, precisely? To answer that question, let’s consider the design of a Web application written in Python without a framework. Throughout this book, we’ll take this approach of showing you basic ways of getting work done without shortcuts, in the hope that you’ll recognize why shortcuts are so helpful.


pages: 351 words: 123,876

Beautiful Testing: Leading Professionals Reveal How They Improve Software (Theory in Practice) by Adam Goucher, Tim Riley

Albert Einstein, barriers to entry, Black Swan, business logic, call centre, continuous integration, Debian, Donald Knuth, en.wikipedia.org, Firefox, Grace Hopper, index card, Isaac Newton, natural language processing, off-by-one error, p-value, performance metric, revision control, six sigma, software as a service, software patent, SQL injection, the scientific method, Therac-25, Valgrind, web application

Send email to index@oreilly.com. 323 central limit theorem, 135 change-centric testing, 143 caller and callee function dependencies, 147 code coverage and gap analysis, 151 complex code development models, 146–152 document-driven change-centric testing frameworks, 145 mapping of source files to test cases, 147 summary, 152–154 character palette, 237 Charmap, 237 chi-square test, 138 ClamAV (Clam Anti-Virus), 269–283 compatibility testing, 279 fuzz testing, 276 performance testing, 279 testing methods, 270–283 Autoconf, 278 black box and white box testing, 270 Buildbot, 278 collecting problem files, 278 false alerts, 281 memory checkers, 273–275 static analysis, 271–273 test scripts, 276 unit testing, 275 usability and acceptance testing, 282 clamd, 270 clamscan, 270 Clang Static Analyzer, 271 code coverage, 151, 247 code examples, xvii collaboration, 38, 190–193 command line, 108 communication, 27 compatibility testing of ClamAV, 279 compiler warnings, 125 condition coverage, 248 configuration of automated tests, planning, 108 conflict, 19 continuous integration, 106, 198, 288 Windmill testing framework, development for, 285 coordination, 29 Cosmo Web User Interface, 289 coverage metrics, 247 Coverity, 120 critical incident analysis, 51 cross-site scripting (XSS), 236 CruiseControl, 200 Cunningham, Ward, 177 D Dashboard (Socialtext product), 230 data, good versus bad, 11 324 INDEX DBA (dynamic binary analysis), 149 debriefings, 161 defects, 69 categories and examples, 215 defect reports, 70–77 structure, 71 defining, 70 development defects, 72 early development versus deployed product bugs, 71 location, finding, 72 measuring severity, 78 seeding for testing purposes, 247 tagged defect sets, 77 tagging, 76 test escapes, 78 Diderot Effect, 181 doc testing (Python), 123 DUMA, 274 dynamic analysis, 124 E eBox, 303–315 AJAX usage, 311 ANSTE, 304–307 modules, 303 new modules, difficulties of testing, 304 testing in new Linux releases, 304 efficient testing, 235 developer notes, accessing, 240 foreign languages, accommodating, 237, 240 measurement, 238 mindmaps, 242 mutation testing, 251 oracles, 241 regression testing, 239 requirements, 238 scripting, 239 security, 236 SLIME, 235 test data generation, 241 Electric Fence, 274 elegance, 18 EnableModules script, 310 engaging volunteers, 32 equivalent mutants, 253 events, 32 location and scheduling, 33 publicity, 33 exploratory testing, 161–163 eXtensible Messaging and Presence Protocol (see XMPP) Extreme Programming (see XP) F failure analysis, 114 false negatives, 281 false positives, 281 Firebug Lite, 291 Firefox, testing with Sisyphus, 297 Fit, 177 FitNesse, 201 FIXME developer notes, 240 foreign languages, 237 Fusil tool, 125, 277 fuzzing (fuzz testing), 57 ClamAV, 276 custom fuzzers, 63 Fusil tool, 125 general fuzzers, 61 interoperability, improving, 57 limitations, 65 ongoing testing, considerations, 65 preparation, 60 process, 60–65 purpose, 57 random fuzzing, 64 security flaws, detecting, 59 user satisfaction, improving, 58 using corrupted input, 61 working with known bugs, 60 G Gaussian distribution, 132 GCC, 271 Gecko rendering engine, 258 goal-question-metric approach, 23 H Huggins, Jason, 177 I incremental automation, 201 info/query stanzas, 86 information leakage, 237 initiator, 89 instrumented builds, 151 interoperability, 57 invalid input, testing with, 61 invalidation testing, 265 IRC (Internet relay chat), 27 J Jabber, 85 Javalanche, 255 JavaScript, 287 testing scripts, 297 JID (Jabber ID), 86 jsfunfuzz (JavaScript fuzzer), 63 JUnit, 200 K Kaner, Cem, 161 KCachegrind, 149, 150 Klocwork, 120 Knuth, Donald, 211 Komogorov-Smirnov test, 139 L large-scale automated testing, 104–106 choosing which tests to automate, 104 failure analysis, 114 reasonable goals, 115 reporting, 114 test automation systems, 105 test case management, 107 test collateral, 107 test distribution, 112 test infrastructure, 107 test labs, 111 test writing, 106 leadership (see coordination) libclamav, 270 Lightning, Thunderbird add-on, 27 Lint tool, 125 Lipton, Richard, 250 Lithium tool, 301 load testing, 238 lookupNode, 292 LOUD, 240 M manifest files, 259 Marick, Brian, 174, 195 Mark II computer, first bug, 68 mean test, 135 measurement, 238 medical software testing, 156 ad-hoc testing, 162 adding perspectives, 159 communication, 158 exploratory testing, 159, 161 multiuser testing, 160, 163–165 science labs, 165 scripted testing, 162, 165 simulation of real use, 166 teamwork, 157 testing according to regulations, 168–169 memory checkers, 273–275 Electric Fence and DUMA, 274 INDEX 325 limitations of, 275 Mudflap, 274 Valgrind, 273 memory leaks, 124 Mersenne Twister algorithm, 131 message stanzas, 86 Microsoft Office customer improvement program, 56 mindmaps, 242 Mothra, 250 Mozilla Calendar Project, 27 publicity, 33 quality assurance events, 34 Mozilla Project, 266 evolution of testing strategies, 257 Sisyphus and the Spider tool, 295–301 Mudflap pointer debugging tool, 274 µJava, 250 multi-code-base defect tracking, 74 multiuser testing, 163–165 mutation testing, 250–256 AspectJ example, 252 equivalent mutants, 253 evaluating mutation impacts, 254 growth in use, 255 Javalanche framework, 255 selecting mutation operators, 251 mutations, 250 MySQL, testing with ANSTE, 315 P network services testing, 303 (see also eBox; ANSTE) nonuniform random number generators, 132 normal distribution, 132 Pareto effect, 248 People (Socialtext product), 230 performance test cases, 41 performance testing, 37, 238 ClamAV, 279 collaboration, 38 examples, 42, 43, 45 value of different viewpoints, 46 defining a test model, 38–40 defining testing requirements, 38–45 documentation and problem solving, 48 UAT, 49 user interface and system load, 46 Pettichord, Bret, 176, 177 pipe functions, 150, 154 presence stanzas, 86 printing tests, 263 programming languages, 119 stability, 120 proportion, 181 proxy.xml, 308 pseudorandom number generators (see RNGs) publicity, 33 Python programming language, 120, 287 bug list, 128 testing, 121–127 bug fix releases, 124 Buildbot, 121 documentation testing, 123 dynamic analysis, 124 refleak testing, 122 release testing, 123 static analysis, 125 testing philosophy, 120 O Q N Occam’s Razor, 67 Office 2007, fuzz testing of, 59 office software, 55 user expectations, 55 open source communities communication, 27 coordination, 29 engaging, 32 events, 32 goals and rewards, 35 quality assurance using, 27 recruiting, 31 volunteers, 28 OpenSolaris Desktop case study, 79–83 opinion polling, 282 oracles, 241 326 INDEX QA (quality assurance), 178 open source communities, using, 27 queuing theory, 132 R random fuzzing, 64 random number generators (see RNGs) range tests, 134 recruiting, 31 reference testing, 257–266 manifest files, 259 test extensibility, 261–266 asynchronous tests, 262 invalidation tests, 265 printing tests, 263 test structure, 258–261 refleak testing, 122 reftest-print tests, 263 reftest-wait tests, 262 regression testing, 239 automated regression testing (see reference testing) manual versus automated, 23 release candidates, 282 release testing, 123 reporting test results, 114 responder, 89 RNGs (random number generators), 130 difficulty of testing, 130 nonuniform RNGs, 132 test progression, 134–140 bucket test, 138 Komogorov-Smirnov test, 139 mean test, 135 range tests, 134 variance test, 136 uniform RNGs, 131 Rogers, Paul, 177 Ruderman, Jesse, 63 S scalability testing, 239 scenario testing, 97 scripted testing, 162, 165 scripting, 239 security, 59, 236 Selenium, 177, 293, 306 Selenium IDE, 311 session initialization, 97 Sisyphus, 297 extension testing with, 298 Firefox, operation on, 299 Slideshow, 229 SocialCalc, 230 Socialtext, 215 business purpose, 216 software process, 218 software development, 171–176 aesthetics and, 176 agile teams, 172 checking versus investigating, 210 complexity, 175 as a creative process, 174 intensity, 175 joy, 175 multiple character sets, handling, 237 musical performance and, 172 practice, rehearsal, performance, 173 requirements that demand testing, 238 security, coding for, 236 test-driven development (see TDD) software test suites, evaluating, 247 simulating defects, 249 software testing antivirus software (see ClamAV) measurement of behavior, 238 regression testing, 239 seeding with defects, 247 web applications (see Windmill testing framework) software testing movements, 176 source functions, 150, 153 Spider tool, 296, 301 database, 298 spidering, 295 Splint tool, 272 Spolsky, Joel, 212 SQL injection, 236 stanzas, 86 payloads, 88 static analysis, 125 static analyzers, 271–273 Clang Static Analyzer, 271 GCC, 271 Splint, 272 stories, 218 illustrative example, 219–223 stress testing, 238 Sunbird calendar application, 27 Swift IM client, 85 sync functions, 150, 153 T tag clouds, 77 tags, 109 TCE (Test-Case Effectiveness) metric, 78 TDD (test-driven development), 182–194, 202– 206 author, 191 beauty, 193 delivering value, 206–208 incremental testing and coding, 207 planning, 207 team ownership of problems, 206 driving code with examples, 204 examples, 184 as permanent requirement artifacts, 186 automated examples, 189 readable examples, 185 executors, 191 experimentation, 203 facing problems, 205 full TDD process, 190 planning, 203 reader, 191 red-green-refactor cycle, 182 INDEX 327 report consumer, 192 requirements, 184 result consumer, 191 TDD triangle, 184 team collaboration, 192 testable designs, 187 tests, 185 tool support, 189–192 unit test development, 221 test automation pyramid, 200 test automation systems, 105 test bed preparation, 112 test binary or script, 108 test case ID, 108 test case management, 107–111 test collateral, 107 test data generation, 241 test days, 34 test distribution, 112 test escapes, 78 analyzing, 79 test ID numbers, 107 test infrastructure, 107 test results, reporting, 114 test scripts for ClamAV, 276 test stakeholders, 16 objectives and expectations, 18 test writing, 106 a common approach, 109 test-driven development (see TDD) testers, 3 experience and training, 8 qualities of testers, 5 roles and purpose, 8 testing agile testing, 177 balanced breakfast approach, 227 beauty, importance of, 210 continuous improvement, rules for, 198 delivering value, 198 reasonable goals, 115 as risk management, 210 teamwork, 195 testability, 199 TestRunner suite, 229 TODO developer notes, 240 TraceMonkey (Mozilla), 298 transparency, 57 Twill tool, 293 U UAT (user acceptance testing), 49 uniform random number generators, 131 unit testing, 89 ClamAV, 275 328 INDEX XMPP multistage protocols, 94–97 XMPP request-response protocols, 89–93 upstream bug tracking, 72 User Community Modeling Language (UCML), 45 user expectations, 55 user satisfaction, 58 V Valgrind, 120, 124, 149, 273 variance test, 136 VersionResponder test, 90 logic test, 92 with structured XML, 91 volunteers, 28 keeping engaged, 32 recruiting, 31 W Watir (Web Application Testing in Ruby), 177 web application testing (see Windmill testing framework) web page testing, 295 evolution of tools for, 296–299 JavaScript automated testing, 296 Spider tool, 296 white box testing, 270 Whittaker, James, 213 wikitests, 223–227 Windmill testing framework, 285–292 debugging tests, 291 Firebug Lite, 291 lookupNode, 292 other web application testing utilities, compared to, 293 running tests, 289–290 Windmill recorder, 286 Windmill website, 292 writing tests in Windmill’s IDE, 286–289 X XML schemas, 101 XMPP (eXtensible Messaging and Presence Protocol), 85–88 automated interoperability testing, 99–101 client-to-client versus client-to-server testing, 99 session initialization testing, 97–99 testing of protocols, 88 unit testing, 85 multistage protocols, 94–97 request-response protocols, 89–93 XML validation, 101 XMPP Extension Protocols (XEPs), 88 XMPP network, 86 XP (Extreme Programming), 182, 218 team collaboration, 192 XSS (cross-site scripting), 236 XUL markup language, 258 Z zzuf fuzzer, 61 INDEX 329 COLOPHON The cover image is from Getty Images.

I’d like to especially thank Török Edwin and Alberto Wu for proofreading this text and for taking ClamAV testing to the next level, and to Luca Gibelli for keeping our infrastructure running perfectly. They’re some of the most brilliant nerds I’ve ever met! Finally, I’d like to thank my beautiful wife for her patience with my duties and hobbies. CLAM ANTI-VIRUS: TESTING OPEN SOURCE WITH OPEN TOOLS 283 CHAPTER TWENTY-ONE Web Application Testing with Windmill Adam Christian Introduction T HE UNSTOPPABLE FORCE OF DYNAMIC WEB APPLICATIONS has changed the technology industry forever, and as rapidly as they are built, they need to be tested. Testing applications rich with dynamic JavaScript and interactive AJAX (Asynchronous JavaScript and XML) require a much more advanced set of tools producing tests that can easily be considered beautiful.

It provides much of the same functionality found in the Firebug Firefox plug-in and is available on all of the browsers, in both your testing window and the Windmill IDE. The main goal of Firebug is to allow you to interact with any part of the web application at any time. This includes a DOM inspector, a JavaScript console, and the following views: HTML, CSS, Script, DOM, XML HTTP Request (XHR). See Figure 21-6. WEB APPLICATION TESTING WITH WINDMILL 291 FIGURE 21-6. Firebug Lite user interface LookupNode Using the Firebug Lite console, you can use built-in Windmill functionality for searching through the DOM for nodes. One of the most useful methods is lookupNode, because it will do a cross-window, frame, and iframe lookup of a locator to find a node (Example 21-8).


pages: 603 words: 141,814

Python for Unix and Linux System Administration by Noah Gift, Jeremy M. Jones

Amazon Web Services, bash_history, Bram Moolenaar, business logic, cloud computing, create, read, update, delete, database schema, Debian, distributed revision control, Firefox, functional programming, Guido van Rossum, industrial robot, inventory management, job automation, Mark Shuttleworth, MVC pattern, skunkworks, web application

One benefit of web applications for system administrators is that the web application can have access to the filesystem and process table of the machine on which it runs. This particular property of web applications makes a web application an excellent solution for system, application, and user monitoring and reporting mechanisms. And that class of problems is in the domain of the system administrator. Hopefully, you can see the benefit, though it may be useful for you only occasionally, of building a web application for yourself or your users. But what can you use to build a web application? Since this is a book on Python, we will, of course, recommend a Python solution.

Another improvement would be to view the entire contents of a log line as we scroll past it. This should also be a moderately simple change to make, but we’ll leave it as an exercise for the reader as well. Web Applications To say that the Web is huge is an understatement. The Web is teeming with applications that people rely on daily. Why are there so many applications available on the Web? First, a web application is potentially universally accessible. This means that when a web application is deployed, anyone with access to it can just point their browser at a URL and use it. Users don’t have to download and install anything except for the browser (which they likely already have installed) unless you are using browser plug-ins like Flash.

There are some cross-browser compatibility issues, but for the most part, if you are not using special plug-ins, a web application that works in one browser on one operating system will mostly work in another browser on another operating system. This point is appealing to both parties as well. Just a little more work on the development side will get the application working in multiple browser environments. And the user enjoys using the application where he chooses. So how is this relevant for you as a system administrator? All the reasons that we have posited regarding building GUIs in general apply to building web applications. One benefit of web applications for system administrators is that the web application can have access to the filesystem and process table of the machine on which it runs.


pages: 372 words: 67,140

Jenkins Continuous Integration Cookbook by Alan Berg

anti-pattern, continuous integration, Debian, don't repeat yourself, en.wikipedia.org, Firefox, information security, job automation, One Laptop per Child (OLPC), performance metric, revision control, web application

See also Running Groovy scripts through Maven Failing Jenkins Jobs based on JSP syntax errors Java Server Pages (http://www.oracle.com/technetwork/java/overview-138580.html) is a standard that makes the creation of simple web applications straightforward. You write HTML, such as pages, with extra tags interspersed with Java coding into a text file. If you do this in a running web application, then the code recompiles on the next page call. This process supports Rapid Application Development (RAD), but the risk is that developers make messy and hard-to-read JSP code that is difficult to maintain. It would be nice if Jenkins could display metrics about the code to defend the quality.

There are a number of fixtures available, including ones for database testing, running tools from the command line, and functional testing of web applications. JMeter: It is a popular open source tool for stress testing. It can also be used to functionally test through the use of assertions. JMeter has a GUI that allows you to build test plans. The test plans are then stored in an XML format. JMeter is runnable through Maven or Ant scripts. JMeter is very efficient, and one instance is normally enough to hit your infrastructure hard. However, for super high load scenarios, JMeter can trigger an array of JMeter instances. Selenium: It is the de facto industrial standard for functional testing of web applications. With Selenium IDE, you can record your actions within Firefox, saving them in an HTML format to replay later.

You can find the link to the advisory feeds at https://wiki.jenkins-ci.org/display/JENKINS/Security+Advisories. Testing for OWASP's top ten security issues This recipe details the automatic testing of Jenkins for well-known security issues with w3af, a penetration testing tool from the Open Web Application Security Project (OWASP, http://w3af.sourceforge.net). The purpose of OWASP is to make application security visible. The OWASP top ten list of insecurities includes: A2-Cross Site Scripting (XSS): An XSS attack can occur when an application returns an unescaped input to a client's browser. The Jenkins administrator can do this by default, through the Job description.


pages: 325 words: 85,599

Professional Node.js: Building Javascript Based Scalable Software by Pedro Teixeira

en.wikipedia.org, false flag, Firefox, Google Chrome, node package manager, platform as a service, SQL injection, web application, WebSocket

CONTENTS Introduction Part I: Introduction and Setup Chapter 1: Installing Node Installing Node on Windows Installing on Mac OS X Installing Node Using the Source Code Setting Up and Using Node Package Manager Summary Chapter 2: Introducing Node Introducing the Event-Driven Programming Style How Node and JavaScript Make Writing Asynchronous Applications Easier Summary Part II: Node Core API Basics Chapter 3: Loading Modules Understanding How Node Loads Modules Exporting a Module Summary Chapter 4: Using Buffers to Manipulate, Encode, and Decode Binary Data Creating a Buffer Getting and Setting Bytes in a Buffer Slicing a Buffer Copying a Buffer Decoding a Buffer Summary Chapter 5: Using the Event Emitter Pattern to Simplify Event Binding Understanding the Standard Callback Pattern Understanding the Event Emitter Pattern Understanding Event Types Using the Event Emitter API Creating an Event Emitter Summary Chapter 6: Scheduling the Execution of Functions Using Timers Using setTimeout to Defer the Execution of a Function Using clearTimeout to Cancel the Execution of a Function Scheduling and Canceling the Repetitive Execution of a Function Using process.nextTick to Defer the Execution of a Function Until the Next Event Loop Iteration Blocking the Event Loop Escaping the Event Loop Using setTimeout Instead of setInterval to Force Serialization Summary Part III: Files, Processes, Streams, and Networking Chapter 7: Querying, Reading From, and Writing to Files Manipulating File Paths Introducing the fs Module Opening a File Reading from a File Summary Chapter 8: Creating and Controlling External Processes Executing External Commands Spawning Child Processes Signaling and Killing Processes Summary Chapter 9: Reading and Writing Streams of Data Using a Readable Stream Using Writable Streams Considering Some Stream Examples Avoiding the Slow Client Problem and Saving Your Server Summary Chapter 10: Building TCP Servers Creating a TCP Server Building a Simple TCP Chat Server Summary Chapter 11: Building HTTP Servers Understanding the http.ServerRequest Object Understanding the http.ServerResponse Object Streaming HTTP Chunked Responses Shutting Down the Server Example 1: Building a Server that Serves Static Files Example 2: Making Use of HTTP Chunked Responses and Timers Summary Chapter 12: Building a TCP Client Connecting to a Server Sending and Receiving Data Ending the Connection Handling Errors Building an Example Command-Line TCP Client Summary Chapter 13: Making HTTP Requests Making GET Requests Using Other HTTP Verbs Pooling Sockets Using http.Agent Using a Third-Party Request Module to Simplify HTTP Requests Summary Chapter 14: Using Datagrams (UDP) Understanding UDP Understanding the Uses of UDP Building a Datagram Server Creating a Simple Datagram Echo Server Building a Datagram Client Creating a Simple Datagram Command-Line Client Understanding and Using Datagram Multicast Summary Chapter 15: Securing Your TCP Server With TLS/SSL Understanding Private and Public Keys Building a TLS Server Building a TLS Client Building Some Examples Summary Chapter 16: Securing Your HTTP Server With HTTPS Building a Secure HTTP Server Creating an HTTPS Client Summary Part IV: Building and Debugging Modules and Applications Chapter 17: Testing Modules and Applications Using a Test Runner Using an Assertion Testing Module Testing Your Asynchronous Module Summary Chapter 18: Debugging Modules and Applications Using console.log Using Node’s Built-in Debugger Using Node Inspector Summary Chapter 19: Controlling the Callback Flow Understanding the Boomerang Effect Avoiding the Boomerang Effect by Declaring Functions Using the async Flow Control Library Summary Part V: Building Web Applications Chapter 20: Building and Using HTTP Middleware Understanding the Connect HTTP Middleware Framework Building Your Own HTTP Middleware Using the HTTP Middleware Bundled in Connect Summary Chapter 21: Making a Web Application Using Express.js Initializing Your Express.js Application Setting Up Middleware in Your Application Routing Requests Summary Chapter 22: Making Universal Real-Time Web Applications Using Socket.io Understanding How WebSockets Work Using Socket.IO to Build WebSocket Applications Summary Part VI: Connecting to Databases Chapter 23: Connecting to MYSQL Using node-mysql Using a Library to Connect to and Communicate with a MySQL Database Adding Data to the Database with Security Concerns in Mind Reading Data Efficiently Summary Chapter 24: Connecting to CouchDB Using Nano Installing Nano Connecting and Creating a Database Storing Documents Creating and Using CouchDB Views Attaching Files to a CouchDB Document Summary Chapter 25: Connecting to MongoDB Using MongooSE Installing Mongoose Understanding How Mongoose Uses Models to Encapsulate Database Access Connecting to MongoDB Defining a Schema Defining a Model Summary Introduction Advertisements Part I Introduction and Setup CHAPTER 1: Installing Node CHAPTER 2: Introducing Node Chapter 1 Installing Node WHAT’S IN THIS CHAPTER?

This chapter covered some of the most commonly used functions, but async provides more than these. If you’re interested, check out the official async documentation at https://github.com/caolan/async#readme Part V Building Web Applications CHAPTER 20: Building and Using HTTP Middleware CHAPTER 21: Making a Web Application Using Express.js CHAPTER 22: Making Universal Real-Time Web Applications Using Socket.IO Chapter 20 Building and Using HTTP Middleware WHAT’S IN THIS CHAPTER? Understanding how Connect works Making Connect-compatible middleware Making a middleware component that handles errors Using some of the built-in middleware components bundled in Connect Serving static files using Connect middleware Parsing query string, request body, and cookies Maintaining a session Node is particularly fit to be an HTTP server.

These include modules for parsing the query string, parsing the request body, parsing cookies, serving static files, handling errors, and maintaining sessions. Also, many third-party modules allow you to easily extend the functions provided by your Node HTTP server. Chapter 21 Making a Web Application Using Express.js WHAT’S IN THIS CHAPTER? Installing Express Starting a web application using Express Defining Express middleware Rendering Jade templates Defining URL route listeners Creating route middleware For some languages and platforms there are frameworks that simplify the job of crafting an HTTP-based application. Perhaps the best known is Rails (for the Ruby language), but countless others include Django, Sinatra, and Cake.


pages: 671 words: 228,348

Pro AngularJS by Adam Freeman

business logic, business process, create, read, update, delete, en.wikipedia.org, Google Chrome, information retrieval, inventory management, MVC pattern, place-making, premature optimization, revision control, Ruby on Rails, single page application, web application

JSON is a language-independent way of expressing data that emerged from JavaScript but that has since taken on a life of its own and is supported by every major programming language—so much so that it has displaced other data formats, especially in web applications. XML used to be the data exchange format of choice (the X in Ajax stands for XML), but JSON has largely replaced it because it is more concise and easier for developers to read. As a bonus for web applications, JSON is easy to generate and parse with JavaScript, and AngularJS takes care of formatting and parsing automatically. Making Ajax Requests The $http service is used to make and process Ajax requests, which are standard HTTP requests that are performed asynchronously. Ajax is at the heart of modern web applications, and the ability to request content and data in the background while the user interacts with the rest of the application is an important way of creating a rich user experience.

As I said earlier, the best way to learn AngularJS development is by example, so in Chapter 2 I jump right in and show you how to create your first AngularJS application. 14 Chapter 2 Your First AngularJS App The best way to get started with AngularJS is to dive in and create a web application. In this chapter, I take you through a simple development process, starting with a static mock-up of the target application and applying AngularJS features to move to a dynamic web application, albeit a simple one. In Chapters 6–8, I show you how to create a more complex and realistic AngularJS application, but for now a simple example will suffice to demonstrate the major components of an AngularJS app and set the scene for the other chapters in this part of the book.

You won’t notice any delay when using the latest browsers on a capable desktop machine, but old browsers on underpowered smartphones can really slow down the initial setup of an AngularJS app. The goal, therefore, is to perform this setup as infrequently as possible and deliver as much of the app as possible to the user when it is performed. This means giving careful thought to the kind of web application you build. In broad terms, there are two kinds of web application: round-trip and single-page. Understanding Round-Trip and Single-Page Applications For a long time, web apps were developed to follow a round-trip model. The browser requests an initial HTML document from the server. User interactions—such as clicking a link or submitting a form—led the browser to request and receive a completely new HTML document.


pages: 420 words: 79,867

Developing Backbone.js Applications by Addy Osmani

Airbnb, anti-pattern, business logic, create, read, update, delete, don't repeat yourself, Firefox, full text search, Google Chrome, Khan Academy, Kickstarter, loose coupling, MVC pattern, node package manager, pull request, Ruby on Rails, side project, single page application, web application

Stubs and mocks Stubs Mocks Exercise Models Collections Views App Further Reading & Resources Resources Books & Courses Extensions/Libraries Conclusions Appendix A Simple JavaScript MVC Implementation Event System Models Views Controllers Practical Usage MVP Models, Views & Presenters MVP or MVC? MVC, MVP and Backbone.js Namespacing Backbone Dependency Details DOM Manipulation Utilities RESTful persistence Routing Backbone Vs. Other Libraries And Frameworks Prelude Not so long ago, “data-rich web application” was an oxymoron. Today, these applications are everywhere and you need to know how to build them. Traditionally, web applications left the heavy-lifting of data to servers that pushed HTML to the browser in complete page loads. The use of client-side JavaScript was limited to improving the user experience. Now this relationship has been inverted - client applications pull raw data from the server and render it into the browser when and where it is needed.

This is evident by the number of extensions and plugins which have been released for it over the past year, including those which we have touched upon such as MarionetteJS and Thorax. These days Backbone.js powers many complex web applications, ranging from the LinkedIn mobile app to popular RSS readers such as NewsBlur through to social commentary widgets such as Disqus. This small library of simple, but sane abstractions has helped to create a new generation of rich web applications, and I and my collaborators hope that in time it can help you too. If you’re wondering whether it is worth using Backbone on a project, ask yourself whether what you are building is complex enough to merit using it.

If you need to learn more about the language, I am happy to suggest: Eloquent JavaScript JavaScript: The Definitive Guide by David Flanagan (O’Reilly) Effective JavaScript by David Herman (Pearson) JavaScript: The Good Parts by Douglas Crockford (O’Reilly) Object-Oriented JavaScript by Stoyan Stefanov (Packt Publishing) Introduction Frank Lloyd Wright once said “You can’t make an architect. You can however open the doors and windows toward the light as you see it.” In this book, I hope to shed some light on how to improve the structure of your web applications, opening doors to what will hopefully be more maintainable, readable applications in your future. The goal of all architecture is to build something well; in our case, to craft code that is enduring and delights both ourselves and the developers who will maintain our code long after we are gone.


pages: 161 words: 44,488

The Business Blockchain: Promise, Practice, and Application of the Next Internet Technology by William Mougayar

Airbnb, airport security, Albert Einstein, altcoin, Amazon Web Services, bitcoin, Black Swan, blockchain, business logic, business process, centralized clearinghouse, Clayton Christensen, cloud computing, cryptocurrency, decentralized internet, disintermediation, distributed ledger, Edward Snowden, en.wikipedia.org, Ethereum, ethereum blockchain, fault tolerance, fiat currency, fixed income, Ford Model T, global value chain, Innovator's Dilemma, Internet of things, Kevin Kelly, Kickstarter, market clearing, Network effects, new economy, peer-to-peer, peer-to-peer lending, prediction markets, pull request, QR code, ride hailing / ride sharing, Satoshi Nakamoto, sharing economy, smart contracts, social web, software as a service, too big to fail, Turing complete, Vitalik Buterin, web application, Yochai Benkler

It took a long time before we were able to see ambitious and innovative Web applications, and many of the early ones were not that innovative, because they tried to replicate what was being done already in the real world. Nonetheless, replication is a good first step, because it allows one to gain experience when expectations are lower. Taken as an extreme case, just about any software application could be rewritten with some blockchain and decentralization flavor into it, but that does not mean it’s a good idea to do so. Perhaps 2016 for blockchain is equivalent to 1995 in terms of where we were at that stage with the proliferation of Web applications. At that time, the Java Virtual Machine was not yet available, but when it was, it opened an avalanche of opportunities, and made it easier to create large scale Web applications.

Immature Middleware and Tools Blockchain middleware and software tools are really important. The middleware is like the glue between blockchain infrastructure and the building of applications. Software development tools facilitate the overall software development projects. Up until 1998, writing Web applications was not that easy, and required the manual assembly of several pieces of software together. During that time, several shortcomings plagued the deployment of Web applications, including the lack of robust transaction management and state related capabilities, scalability, deployment, applications manageability, and certainly security. Then, Netscape introduced the famous all-in-one “Netscape Application Server,” an integrated suite of software capabilities that included the various requirement components and tools, out-of-the-box.

Then, Netscape introduced the famous all-in-one “Netscape Application Server,” an integrated suite of software capabilities that included the various requirement components and tools, out-of-the-box. That simplification was a boon for programmers who took to it like ducks to water, and started focusing on writing Web applications, instead of worrying about assembling the required pieces together and about incompatibilities. Those early Netscape days denoted the beginning of the modern Web applications architecture era, which continues up to this point. As soon we start to see complete, out-of-the-box products that promise to simplify how to start, develop, and deploy blockchain applications, we will know that a new phase has started.


Python Geospatial Development - Second Edition by Erik Westra

business logic, capital controls, database schema, Firefox, functional programming, Golden Gate Park, Google Earth, Mercator projection, natural language processing, openstreetmap, Silicon Valley, systems thinking, web application

Of course, you wouldn't normally do this sort of analysis on a one-off basis like this—it's much more common to create a Python program that will answer these sorts of questions for any desired set of data. You might, for example, create a web application that displays a menu of available calculations. One of the options in this menu might be to calculate the distance between two points; when this option is selected, the web application would prompt the user to enter the two locations, attempt to geocode them by calling an appropriate web service (and display an error message if a location couldn't be geocoded), then calculate the distance between the two points using Proj, and finally display the results to the user.

Implementing the DISTAL application Now that we have the data, we can start to implement the DISTAL application itself. To keep things simple, we will use CGI scripts to implement the user interface. Note CGI scripts aren't the only way we could implement the DISTAL application. Other possible approaches include using web application frameworks such as TurboGears or Django, using AJAX to write your own dynamic web application, using CherryPy (http://cherrypy.org) or even using tools such as Pyjamas (http://pyjs.org) to compile Python code into JavaScript. All of these approaches, however, are more complicated than CGI, and we will be making use of CGI scripts in this chapter to keep the code as straightforward as possible.

We learned the following: Mapnik is a powerful and flexible toolkit for generating a variety of maps Mapnik uses the painter's algorithm to draw the various parts of a map in the correct order A map is made up of multiple layers Map rendering is controlled using styles Styles are defined within the map and are referred to by the layers, allowing styles to be shared between map layers Each style consists of one or more rules Each rule has a list of symbolizers, telling Mapnik how to draw the layer's features onto the map, and an optional filter which selects the features the rule applies to You can use a map definition file as a simpler way of creating maps without having to define all the symbolizers, filters, rules, styles, and layers in Python You can use a map definition file as a stylesheet, separating the logic of building a map from the way it is formatted, in the same way that an HTML templating engine separates form and content in a web application In the next chapter, we will start to build a complete mapping application using PostGIS, Mapnik, and GeoDjango. Chapter 9. Putting It All Together – a Complete Mapping System In the final three chapters of this book, we will bring together all the topics discussed in previous chapters to implement a sophisticated web-based mapping application called ShapeEditor. In this chapter, we will cover the following: Designing a geospatial system, and then translating that design into code Structuring of Django-based web applications Setting up a new Django project and its applications Learn how Django represents data structures as objects Using GeoDjango's built-in "admin" application to view and edit geospatial data About ShapeEditor As we have seen, shapefiles are commonly used to store, make available, and transfer geospatial data.


pages: 153 words: 27,424

REST API Design Rulebook by Mark Masse

anti-pattern, business logic, conceptual framework, create, read, update, delete, data acquisition, database schema, hypertext link, information retrieval, off-the-grid, web application

Final Thoughts State of the Art Today, implementing our REST API designs is harder than it ought to be. The tools and frameworks that aim to support REST API developers have room for improvement. Many of the programming language-centric REST API development frameworks were originally created to help build web applications. These frameworks seem to suggest that REST APIs are similar enough to web applications that they should be cast from the same mold. By repurposing the web application’s controller paradigm, many of today’s frameworks provide support for using URI templates to route inbound client requests to handler-style methods or functions. In recognition of the fact that developers don’t want to code web page templates to format their REST API’s data, most of the frameworks offer built-in XML and JSON-based serialization and deserialization of the server’s objects to and from an HTTP message’s body.

On today’s server-side, in the realm of REST APIs, its a bit like the pioneering days of America’s Wild West: not completely lawless, but nearly so. The inconsistency of REST API designs hinders the transition of web applications to their next logical architecture, where web servers provide structured data and leave the presentation responsibilities to their enriched clients. In this architecture, web applications use JavaScript to render screens in the browser and interact with REST APIs that provide consistently formed representations. This approach reduces a server’s workload by shifting some of the processing duty to its users’ client devices, which have fast and powerful CPUs.

The example interaction below shows a user (with ID 1234) of a client program using a fictional Soccer REST API to insert a document resource named alonso in his or her store of favorites: PUT /users/1234/favorites/alonso Controller A controller resource models a procedural concept. Controller resources are like executable functions, with parameters and return values; inputs and outputs. Like a traditional web application’s use of HTML forms, a REST API relies on controller resources to perform application-specific actions that cannot be logically mapped to one of the standard methods (create, retrieve, update, and delete, also known as CRUD). Controller names typically appear as the last segment in a URI path, with no child resources to follow them in the hierarchy.


pages: 1,380 words: 190,710

Building Secure and Reliable Systems: Best Practices for Designing, Implementing, and Maintaining Systems by Heather Adkins, Betsy Beyer, Paul Blankinship, Ana Oprea, Piotr Lewandowski, Adam Stubblefield

air gap, anti-pattern, barriers to entry, bash_history, behavioural economics, business continuity plan, business logic, business process, Cass Sunstein, cloud computing, cognitive load, continuous integration, correlation does not imply causation, create, read, update, delete, cryptocurrency, cyber-physical system, database schema, Debian, defense in depth, DevOps, Edward Snowden, end-to-end encryption, exponential backoff, fault tolerance, fear of failure, general-purpose programming language, Google Chrome, if you see hoof prints, think horses—not zebras, information security, Internet of things, Kubernetes, load shedding, margin call, microservices, MITM: man-in-the-middle, NSO Group, nudge theory, operational security, performance metric, pull request, ransomware, reproducible builds, revision control, Richard Thaler, risk tolerance, self-driving car, single source of truth, Skype, slashdot, software as a service, source of truth, SQL injection, Stuxnet, the long tail, Turing test, undersea cable, uranium enrichment, Valgrind, web application, Y2K, zero day

-Mental Models breaking down complexity, Breaking Down Complexity centralized responsibility for security/reliability requirements, Centralized Responsibility for Security and Reliability Requirements complex data flows, Understanding Complex Data Flows-Understanding Complex Data Flows complexity versus, Complexity Versus Understandability designing understandable systems, Designing Understandable Systems-Conclusion Google CA implementation, Complexity Versus Understandability identities, Identities-Example: Identity model for the Google production system interface specifications, Understandable Interface Specifications-Pay attention to idempotent operations mental models and, Mental Models security boundaries, Security Boundaries-TCBs and understandability software design, Software Design-Example: Secure cryptographic APIs and the Tink crypto framework system architecture, System Architecture-TCBs and understandability system invariants and, System Invariants-Analyzing Invariants unit testing, Unit Testing-How Unit Testing Affects Codeeffect on code, How Unit Testing Affects Code-How Unit Testing Affects Code when to write unit tests, When to Write Unit Tests writing effective unit tests, Writing Effective Unit Tests universal two-factor (U2F) hardware security tokens, Example: Strong second-factor authentication using FIDO security keys Unix, small functional APIs and, Small Functional APIs-Small Functional APIs unmanaged complexity, understandability versus, Complexity Versus Understandability unzipping, Deny lists Upvote, Increase Productivity and Usability URLs, Understanding Complex Data Flows usabilityfocus on, Increase Productivity and Usability increasing, Increase Productivity and Usability-Increase Productivity and Usability user experience, failures' effect on, User experience user productivity, least privilege and, Impact on User Productivity V Valgrind, Evolution, C++: Valgrind or Google Sanitizers validation, continuous (see continuous validation) velocity, initial versus sustained, Initial Velocity Versus Sustained Velocity-Initial Velocity Versus Sustained Velocity verifiable builds, Verifiable Builds-Unauthenticated inputsarchitectures, Verifiable build architectures implementation, Implementing verifiable builds-Unauthenticated inputs unauthenticated inputs, Unauthenticated inputs untrusted inputs, Untrusted inputs Verizon, Invisibility version advancement, Limit Your Dependencies on External Notions of Time virtual LANs (VLANs), Controlling the Blast Radius vulnerability researchers, as attackers, Vulnerability Researchers Vulnerability Reward Programs (bug bounties), Vulnerability Researchers, Background and Team Evolution, External Researchers-External Researchers vulnerability scanning teams, Special Teams: Blue and Red Teams W wall-clock time, limiting dependencies on, Limit Your Dependencies on External Notions of Time-Limit Your Dependencies on External Notions of Time WannaCry Ransomware, Attacker Motivations, Compromise web application firewall (WAF), Conclusion web applications, Google-internal framework, Example: Microservices and the Google Web Application Framework web origin, defined, Security boundaries and threat models WebKit, Background and Team Evolution "Wheel of Misfortune", Collaborative Debugging: A Way to Teach Wilkes, Maurice, From Debugging to Investigation writing code, Writing Code-Conclusionavoiding multilevel nesting, Avoid Multilevel Nesting choice of tools for, Choose the Right Tools-Use strong typing and static type checking common security vulnerabilities, Common Security Vulnerabilities-Preventing XSS: SafeHtml eliminating YAGNI smells, Eliminate YAGNI Smells frameworks to enforce security and reliability, Frameworks to Enforce Security and Reliability-Example code snippets lessons for framework evaluation/construction, Lessons for Evaluating and Building Frameworks-Legacy conversions memory-safe languages for, Use memory-safe languages refactoring, Refactoring repaying technical debt, Repay Technical Debt rollout strategy, Rollout Strategy sanitizing code, Sanitize Your Code security and reliability by default, Security and Reliability by Default-Go: Race Detector simple, safe, reliable libraries for common tasks, Simple, Safe, Reliable Libraries for Common Tasks simplicity's importance to, Simplicity Leads to Secure and Reliable Code-Refactoring static type checking for, Use strong typing and static type checking strong typing for, Use strong typing and static type checking, Use Strong Types-Use Strong Types understandability, Software Design-Example: Secure cryptographic APIs and the Tink crypto framework Wycheproof, How Unit Testing Affects Code X XSS (cross-site scripting), Preventing XSS: SafeHtml Y YAGNI ("You Aren't Gonna Need It"), Eliminate YAGNI Smells Yahoo!

When stepping back to consider security and reliability in the context of the entire system and development and operations workflow, it often becomes apparent that these goals are very much aligned with general software quality attributes. Example: Microservices and the Google Web Application Framework Consider the evolution of a Google-internal framework for microservices and web applications. The primary goal of the team creating the framework was to streamline the development and operation of applications and services for large organizations. In designing this framework, the team incorporated the key idea of applying static and dynamic conformance checks to ensure that application code adheres to various coding guidelines and best practices.

The framework takes responsibility for handling many common security and reliability concerns. Similarly, it automatically sets up monitoring for operational metrics and incorporates reliability features like health checking and SLA compliance. For example, the framework’s web application support handles most common types of web application vulnerabilities.7 Through a combination of API design and code conformance checks, it effectively prevents developers from accidentally introducing many common types of vulnerabilities in application code.8 With respect to these types of vulnerabilities, the framework goes beyond “security by default”—rather, it takes full responsibility for security, and actively ensures that any application based on it is not affected by these risks.


pages: 435 words: 62,013

HTML5 Cookbook by Christopher Schmitt, Kyle Simpson

Firefox, Internet Archive, machine readable, security theater, web application, WebSocket

A demonstration of how ARIA roles are used in an HTML5 document Roles for web apps Some ARIA landmark roles, such as application and main, are unique and do not map directly to specific HTML5 elements. Add the application role to an HTML element that contains a web application instead of normal web content. Ensure that the HTML element associated with this role encompasses the entire web application. This role may instruct assistive technology to enter a mode that is more appropriate for interacting with web application functionality. You may add the document role to the page after the application to indicate where nonapplication web content resumes: <div role="application"> ... </div> Add the main role to an HTML element that contains the primary content of the document, such as articles, divs, etc.: <div role="main"> In the future, this solution might provide an alternative to “skip to main content” or “skip navigation” links.

To test if the browser supports the enhanced History API, use the following feature-detect: var history_support = !!(window.history && window.history.pushState); Normally, when you change the URL in the address bar, the browser initiates a new request to the server for that new page. But today’s complex web applications more commonly use Ajax to load only new information, without full-page refreshes. This leads to a disconnect, where web applications can’t update the address bar URL because they don’t want a browser page refresh. To change the URL in the address bar without forcing a new page load, use the history.pushState(...) method. This method updates the URL in the address bar and creates a special state-oriented entry in the browser’s history.

This is a far more reliable method if you want fine-tuned control over the user’s experience of your website. Note Modernizr now supports a “production” version (see http://www.modernizr.com/download/). This version generates a custom build of Modernizr with only the HTML5 tests needed for your sites or web applications. See Also The documentation on the official Modernizr website at http://www.modernizr.com/docs/. 2.6. Using HTML5 Boilerplate Problem You want to get up and running with HTML5 with a robust working template. Solution Use Paul Irish’s HTML5 Boilerplate (as shown in Figure 2-7) as a jumping-off point for your website.


pages: 224 words: 48,804

The Productive Programmer by Neal Ford

anti-pattern, business process, c2.com, continuous integration, database schema, domain-specific language, don't repeat yourself, Firefox, general-purpose programming language, knowledge worker, Larry Wall, Paradox of Choice, Ruby on Rails, side project, type inference, web application, William of Occam

Subvert Selenium to Walk Web Pages Selenium‡ is an open source user acceptance testing tool for web applications. It allows you to simulate user actions by automating the browser via JavaScript. Selenium is written entirely in browser technology, so it runs in all mainstream browsers. It is an incredibly useful tool for testing web applications, regardless of the technology used to create the web application. But I’m not here to talk about using Selenium as a testing tool. One of the ancillary projects to Selenium is a Firefox browser plug-in called Selenium IDE. Selenium IDE allows you to record your interaction with a web application as a Selenium script, which you can play back through Selenium’s TestRunner or through Selenium IDE itself.

In his book, Brian effectively demonstrates that writing robust thread-safe code in Java (and, by extension, in any imperative language) is very difficult indeed. About five years ago, our users were perfectly content with the ugly, graphical-version-of-aterminal-window web applications we were cranking out. Then the annoying coders at Google released Google Maps and Gmail and showed our users that web applications didn’t have to suck. We had to up our game and start building better web applications. The same will happen with concurrency. We developers can afford to be blissfully ignorant about serious threading concerns now, but someone will come along and show that it’s possible to utilize the Where Are We Going?

Selenium IDE allows you to record your interaction with a web application as a Selenium script, which you can play back through Selenium’s TestRunner or through Selenium IDE itself. While this is useful when creating tests, it is invaluable if you need to automate your interaction with a web application. ‡ Download at 58 http://www.openqa.org. CHAPTER 4: AUTOMATION FIGURE 4-2. Selenium IDE with a script ready to run Here is a common scenario. You are building the fourth page of a wizard-style web application. The first three pages are complete, meaning that all their interaction works correctly (including things like validations). To debug the behavior of the fourth page, you must walk through the first three pages over and over.


PostGIS in Action, 2nd Edition by Regina O. Obe, Leo S. Hsu

business logic, call centre, crowdsourcing, database schema, Debian, domain-specific language, en.wikipedia.org, Firefox, functional programming, Google Earth, job automation, McMansion, megacity, Mercator projection, Network effects, null island, openstreetmap, planetary scale, profit maximization, Ruby on Rails, Skype, South of Market, San Francisco, SQL injection, traveling salesman, web application

You then initialize nongeometry pixels to 0,0,0 H and finally convert the PostGIS raster to a PNG raster B. The output of listing 4.14 is the bytes that make up the PNG image as a PostgreSQL bytea (byte array) data type. You can then use a standard query connection like JDBC, PHP pgsql, ODBC, ADO.NET, or Python psychopg to retrieve the image for rendering in a web application. We have a demonstration of rendering for web applications at www.bostongis.com/blog/index.php?/archives/175-Minimalist-Web-based-PHP-PostGIS2.0-Spatial-GeometryRaster-Viewer.html. OpenOffice can also read images stored in a field. With it you can easily incorporate your image in spreadsheets and presentations. We demonstrate the use of OpenOffice and LibreOffice at www.postgresonline.com/journal/archives/244-Raster-LibreOfficeBase-Reports.html. 4.6 Summary In this chapter, we demonstrated the use of various tools for importing and exporting vector and raster data:  Shp2pgsql  Shp2pgsql-gui Licensed to tracy moore <nordick.an@gmail.com> www.it-ebooks.info 112 CHAPTER 4 Working with real data  Pgsql2shp for Esri shapefiles  Ogr2ogr for other vector files  Osm2pgsql for OpenStreetMap  Raster2pgsql for importing rasters  Gdal_translate and gdalwarp for exporting raster data We advised you to take advantage of useful GDAL tools such as ogrinfo and gdalinfo to inspect the data prior to importing.

The output of clicking on an open-space feature is shown in figure 17.9. Figure 17.9 Output of Leaflet with onclick event: postgis_in_action_leaflet_3.htm Licensed to tracy moore <nordick.an@gmail.com> www.it-ebooks.info 478 CHAPTER 17 Using PostGIS in web applications 17.8 Summary In this chapter, we explored the various ways you can consume PostGIS data in web applications. We demonstrated the commonly available WMS/WFS mapping servers and how you could utilize these in OpenLayers and Leaflet. We also demonstrated how to query PostGIS raster data with SQL and display the rendered output on OpenLayers and Leaflet.

See uDig users and groups 527 USING 514 utilities 7-Zip 86 ArcGIS desktop 448 ArcSDE 116 built into PostgreSQL 83–84 Cadcorp SIS 448 DB2 116 desktop tools 114–119 for downloading 84–85 for extracting files 85 for importing/exporting Esri shapefiles 86–92 GDAL/OGR 481 gdalinfo 103–105 gdal_translate 108–110 gdalwarp 108–110 Geofabrik 483 GeoKettle 482 GRASS GIS 481 gvSIG 114–115, 135–139, 481 imposm 100 Manifold 448 MapInfo 448 Mapzen 483 MySQL 116 ogr2ogr 92–99 ogrinfo 93 OpenGeo 89 OpenJUMP 114, 120–125, 481 OpenStreetMap 483 Oracle Spatial 116 osm2pgsql 99–103 pgAdmin 204, 491 pgAdmin III 84, 524 pg_basebackup 532 pg_dump 84, 532–533 pg_dumpall 532 pg_restore 84, 532 pgRouting 410–416 pgsql2shp 91–92 pip 432 Pode_postgis_express 189 Postgis_webviewer 189 psql 83, 189–190, 204, 524, 533 QGIS 114–115, 126–132, 481 raster2pgsql 105–108, 178, 181, 288 shp2pgsql 87–88 shp2pgsql-gui 88–91 SpatiaLite 116 specific to PostgreSQL 522 SQL Server 116 StackBuilder 89 uDig 114–115, 133–135, 481 web services 119 wget 84 569 UTM buffer sizes 73 UTM projection 68 UTM WGS 84 zones 69 utmzone function 546 V vacuum analyze 373 valid geometrycollections 38 valid multipolygons 37 valid polygons 34 ValidateTopology function 335 validity 222–234 functions 156 VALUES 512 varchar data type 538 varchar_pattern_ops 550 variables 148 standard_conforming_strings 148 VARIADIC 519 vector data 92–99 vector formats CSV 118 DWG 117 DXF 117 Esri Personal Geodatabase 117 Esri shapefile 117 Excel 118 GML 117 GPX 117 KML 117 layers 131–132 MIF/MID 117 SpatiaLite 117 support for 117 SVG 118 TAB 118 WKT 117 vector tiles 449 vertices, reducing number of 403 Victoria, BC, Canada 310 views 536 and triggers 359 auto-updatable 357–358 creating 541 Virtual Earth 460 Virtual Reality Modeling Language (VRML) 144 visualization tools 14 VOLATILE 402, 540 voxels 175 Licensed to tracy moore <nordick.an@gmail.com> www.it-ebooks.info INDEX 570 W WAR 457 WCS 447 support for 119 web application archives. See WAR web applications 442–478 and raster data type 468–473 GeoServer 456–459 Leaflet 460 mapping clients 448–450 mapping servers 444–448 MapServer 450–456 OpenLayers 460 web services 444 Web Coverage Service. See WCS Web Feature Service Transactional. See WFS-T Web Feature Service. See WFS Web Map Service Cache.


pages: 255 words: 55,018

Architecting For Scale by Lee Atchison

Amazon Web Services, business logic, business process, cloud computing, continuous integration, DevOps, Internet of things, microservices, platform as a service, risk tolerance, software as a service, web application

It is impossible to give a single answer to this question because it depends dramatically on your website, your customer expectations, your business needs, and your business expectations. You need to determine for yourself what number is required for your business. Often, for basic web applications, 3 nines is considered acceptable availability. Using Table 3-1, this amounts to 43 minutes of downtime every month. For a web application to be considered highly available, often an indication of 5 nines is used. This amounts to only 26 seconds of downtime every month. Don’t Be Fooled Don’t be fooled into thinking your site is highly available when it isn’t.

…aren’t as independent as you think Your “independent servers” might not be as independent as you think. Security Bad actors have always been a problem in software systems. Security and security monitoring has always been a part of building systems, even before large-scale web applications came about. However, web applications have become larger and more complicated, storing larger quantities of data and handling larger quantities of traffic. Combined with a higher usefulness to the data available within these applications, this has led to a huge increase in the number of bad actors attempting to compromise our applications.

Example 13-1. Reduced functionality Imagine that you have a web application that generates an ecommerce website that sells T-shirts. Let’s also assume that there is an “image service” that provides URLs for images to be displayed on this website. If the application makes a call to this image service and the service fails, what should the application do? One option would be for the application to continue displaying the requested product to the customer, but without the images of the product (or show a “no image available” message). The web application can continue to operate as an ecommerce store, just with the reduced capability of not being able to display product images.


pages: 73 words: 17,793

HTML5 for Web Designers by Jeremy Keith

cognitive load, Firefox, machine readable, web application

It might sound strange to have JavaScript documentation in a markup specification, but remember that HTML5 started life as Web Apps 1.0. JavaScript is an indispensable part of making web applications. Entire sections of the HTML5 specification are dedicated to new APIs for creating web applications. There’s an UndoManager that allows the browser to keep track of changes to a document. There’s a section on creating Offline Web Applications using a cache manifest. Drag and drop is described in detail. As always, if there is an existing implementation, the specification will build upon it rather than reinvent the wheel.

The consortium seemed to be formulating theoretically pure standards unrelated to the needs of web designers. Representatives from Opera, Apple, and Mozilla were unhappy with this direction. They wanted to see more emphasis placed on formats that allowed the creation of web applications. Things came to a head in a workshop meeting in 2004. Ian Hickson, who was working for Opera Software at the time, proposed the idea of extending HTML to allow the creation of web applications. The proposal was rejected. The disaffected rebels formed their own group: the Web Hypertext Application Technology Working Group, or WHATWG for short. From Web Apps 1.0 to HTML5 From the start, the WHATWG operated quite differently than the W3C.

According to the priority of constituencies, we web designers have an even stronger voice. If we refuse to use part of the specification, then the specification is equally fictitious. Keeping It Real The creation of HTML5 has been driven by an ongoing internal tension. On the one hand, the specification needs to be powerful enough to support the creation of web applications. On the other hand, HTML5 needs to support existing content, even if most existing content is a complete mess. If the specification strays too far in one direction, it will suffer the same fate as XHTML 2. But if it goes too far in the other direction, the specification will enshrine <font> tags and tables for layout because, after all, that’s what a huge number of web pages are built with.


pages: 648 words: 108,814

Solr 1.4 Enterprise Search Server by David Smiley, Eric Pugh

Amazon Web Services, bioinformatics, cloud computing, continuous integration, database schema, domain-specific language, en.wikipedia.org, fault tolerance, Firefox, information retrieval, Ruby on Rails, SQL injection, Wayback Machine, web application, Y Combinator

Understanding the URL's structure is very important for grasping how search works: http://localhost:8983/solr/select?indent=on&version=2.2&q=*%3A*&start =0&rows=10&fl=*%2Cscore&qt=standard&wt=standard&explainOther=&hl.fl= • The /solr/ is the web application context where Solr is installed on the Java servlet engine. If you have a dedicated server for Solr, then you might opt to install it at the root. This would make it just /. How to do this is out of scope of this book, but letting it remain at /solr/ is fine. • After the web application context is a reference to the Solr core (we don't have one for this configuration). We'll configure Solr Multicore in Chapter 7, at which point the URL to search Solr would look something like /solr/corename/select?...

We can do this by making use of the standard practices, which you would apply to any kind of web application. Limiting server access The single biggest thing you can do to secure Solr is to lock down who has access to the server. Using standard firewall techniques, you can control what IP addresses are allowed to connect to the Solr through the 8983 port. Unless you have very unusual needs, you won't expose Solr to the Internet directly; instead users will access Solr through some sort of web application, that in turn forwards requests to Solr, collects the results, and displays them to your users.

More information is available at http://docs.codehaus.org/display/JETTY/Realms. Securing public searches: Although you can get all access to Solr through a controlled web application, you may want to expose Solr publicly, albeit in a limited way. One scenario for this is exposing a search in an RSS/Atom feed made possible with Solr's XSLT support (see Chapter 4 for more on XSLT). Another is using AJAX from the end user's browser to perform search. Due to AJAX restrictions, that scenario would require the web application and Solr to be on the same server. [ 219 ] Download at Boykma.Com This material is copyright and is licensed for the sole use by William Anderson on 26th August 2009 4310 E Conway Dr.


pages: 761 words: 80,914

Ansible: Up and Running: Automating Configuration Management and Deployment the Easy Way by Lorin Hochstein

Amazon Web Services, cloud computing, continuous integration, Debian, DevOps, domain-specific language, don't repeat yourself, general-purpose programming language, Infrastructure as a Service, job automation, machine readable, MITM: man-in-the-middle, pull request, side project, smart transportation, web application

— Michael DeHaan Creator of Ansible (software), former CTO of Ansible, Inc. (company) April 2015 Preface Why I Wrote This Book When I was writing my first web application, using Django, the popular Python-based framework, I remember the sense of accomplishment when the app was finally working on my desktop. I would run django manage.py runserver, point my browser to http://localhost:8000, and there was my web application in all its glory. Then I discovered there were all of these…things I had to do, just to get the darned app to run on the Linux server. In addition to installing Django and my app onto the server, I had to install Apache and the mod_python module so that Apache could run Django apps.

For example, we could define a variable named color and set it to a value for each server: newhampshire.example.com color=red maryland.example.com color=green ontario.example.com color=blue quebec.example.com color=purple This variable can then be used in a playbook, just like any other variable. Personally, I don’t often attach variables to specific hosts. On the other hand, I often associate variables with groups. Circling back to our Django example, the web application and task queue service need to communicate with RabbitMQ and Postgres. We’ll assume that access to the Postgres database is secured both at the network layer (so only the web application and the task queue can reach the database) as well as by username and password, where RabbitMQ is secured only by the network layer. To set everything up, we need to do the following: Configure the web servers with the hostname, port, username, password of the primary postgres server, and name of the database.

As a consequence, the only way to access your Vagrant machine in the default configuration is to SSH to localhost on port 2222. Vagrant forwards this to port 22 on the Vagrant machine. This default configuration isn’t very useful for testing web-based applications, since the web application will be listening on some port that we can’t access. There are two ways around this. One way is to tell Vagrant to set up another forwarded port. For example, if your web application listens on port 80 inside of your Vagrant machine, you can configure Vagrant to forward port 8000 on your local machine to port 80 on the Vagrant machine. Example 11-1 shows how you’d configure port forwarding by editing the Vagrantfile.


pages: 302 words: 82,233

Beautiful security by Andy Oram, John Viega

Albert Einstein, Amazon Web Services, An Inconvenient Truth, Bletchley Park, business intelligence, business process, call centre, cloud computing, corporate governance, credit crunch, crowdsourcing, defense in depth, do well by doing good, Donald Davies, en.wikipedia.org, fault tolerance, Firefox, information security, loose coupling, Marc Andreessen, market design, MITM: man-in-the-middle, Monroe Doctrine, new economy, Nicholas Carr, Nick Leeson, Norbert Wiener, operational security, optical character recognition, packet switching, peer-to-peer, performance metric, pirate software, Robert Bork, Search for Extraterrestrial Intelligence, security theater, SETI@home, Silicon Valley, Skype, software as a service, SQL injection, statistical model, Steven Levy, the long tail, The Wisdom of Crowds, Upton Sinclair, web application, web of trust, zero day, Zimmermann PGP

A well-known women’s clothing store was recently informed by their web application firewall vendor that an SQL injection error in their web application could lead to the compromise of their entire customer database, including credit card numbers, PINs, and addresses. It is almost routine now for security vendors who engage in web application scanning to discover not one, not two, but many SQL injection attack vulnerabilities in existing web applications. With the advent of Web 2.0 and its still-esoteric secure code development practices, we should not be surprised that many web applications are vulnerable to data theft attacks.

On the one hand, web applications and the software platforms on which they are based tend to sprout bugs that intruders can exploit to gain entry to web servers and ultimately end-user machines. Correspondingly, the widespread use of web applications by millions of untrained computer users offers enormous paybacks for intruders interested in data theft. Unsurprisingly, recent trends in security threat data clearly show the migration of hacker exploits away from network perimeters (routers, switches, firewalls, etc.) to the web 186 CHAPTER ELEVEN application layer. Web applications are targeted because this area is the most economical approach to data compromise.

Several firms, such as Cigital and Aspect Security, specialize in assisting firms that are committed to implementing software security programs. When the security process really took hold An interesting event occurred on the third day of the security class. One of the most influential web developers, who developed a web application architecture used by multiple Acme web applications that were already in production, abruptly got up out of his chair and bolted for the door. He mumbled something about a burning need to test something. The instructor, coordinator, and I were concerned that one of the best developers had walked out on the class and began plans for damage control.


pages: 1,085 words: 219,144

Solr in Action by Trey Grainger, Timothy Potter

business intelligence, cloud computing, commoditize, conceptual framework, crowdsourcing, data acquisition, data science, en.wikipedia.org, failed state, fault tolerance, finite state, full text search, functional programming, glass ceiling, information retrieval, machine readable, natural language processing, openstreetmap, performance metric, premature optimization, recommendation engine, web application

In general, we recommend that you always pass the jetty.port system property when starting a Solr instance with Jetty in a production cluster. Solr host context Solr is a Java web application that runs under the solr context in Jetty. If you change the Solr web application or deploy the solr.war file under the root context (/ in Jetty), you must set the hostContext parameter. If you deployed the Solr web application under the search context in Jetty, you would need to set -DhostContext=search when starting Solr. It should be noted that changing the Solr web application context, and consequently the hostContext parameter, is not common for most Solr installations. ZooKeeper client timeout We discussed the concepts behind the ZooKeeper client timeout in section 13.2.2.

And, with schema.xml, you have a flexible way to define the index structure using an XML-configuration document instead of having to program to the Lucene API. Now you need a way to access these services from the web. In the next section, we learn how Solr runs as a Java web application and integrates with other technologies, using proven standards such as XML, JSON, and HTTP. 1.2.3. Java web application Solr is a Java web application that runs in any modern Java Servlet engine, such as Jetty or Tomcat, or a full J2EE application server like JBoss or Oracle AS. Figure 1.3 depicts the major software components of a Solr server. Figure 1.3. Diagram of the main components of Solr 4 Admittedly, figure 1.3 is a little overwhelming at first glance.

But before we get into the specifics of what Solr is, let’s make sure you know what Solr isn’t. Solr isn’t a web search engine like Google or Bing. Solr has nothing to do with search engine optimization (SEO) for a website. Now imagine we need to design a real estate search web application for potential homebuyers. The central use case for this application will be searching for homes for sale using a web browser. Figure 1.1 depicts a screenshot from this fictitious web application. Don’t focus too much on the layout or design of the UI; it’s only a mock-up to give visual context. What’s important is the type of experience that Solr can support. Figure 1.1. Mock-up screenshot of a fictitious search application to depict Solr features Let’s tour the screenshot in figure 1.1 to illustrate some of Solr’s key features.


pages: 313 words: 75,583

Ansible for DevOps: Server and Configuration Management for Humans by Jeff Geerling

Abraham Maslow, AGPL, Amazon Web Services, cloud computing, continuous integration, database schema, Debian, defense in depth, DevOps, fault tolerance, Firefox, full text search, Google Chrome, inventory management, loose coupling, microservices, Minecraft, MITM: man-in-the-middle, punch-card reader, Ruby on Rails, web application

If you want to run an ad-hoc command against all the myapp servers in the inventory, you can run a command like so: # Use ansible to check memory usage on all the myapp servers. $ ansible myapp -a "free -m" A real-world web application server inventory The example above might be adequate for single-server services and tiny apps or websites, but most real-world applications require many more servers, and usually separate servers per application concern (database, caching, application, queuing, etc.). Let’s take a look at a real-world inventory file for a small web application that monitors server uptime, Server Check.in. 1 # Individual Server Check.in servers. 2 [servercheck-web] 3 www1.servercheck.in 4 www2.servercheck.in 5 6 [servercheck-web:vars] 7 ansible_ssh_user=servercheck_svc 8 9 [servercheck-db] 10 db1.servercheck.in 11 12 [servercheck-log] 13 log.servercheck.in 14 15 [servercheck-backup] 16 backup.servercheck.in 17 18 [servercheck-nodejs] 19 atl1.servercheck.in 20 atl2.servercheck.in 21 nyc1.servercheck.in 22 nyc2.servercheck.in 23 nyc3.servercheck.in 24 ned1.servercheck.in 25 ned2.servercheck.in 26 27 [servercheck-nodejs:vars] 28 ansible_ssh_user=servercheck_svc 29 foo=bar 30 31 # Server Check.in distribution-based groups. 32 [centos:children] 33 servercheck-web 34 servercheck-db 35 servercheck-nodejs 36 servercheck-backup 37 38 [ubuntu:children] 39 servercheck-log This inventory may look a little overwhelming at first, but if you break it apart into simple groupings (web app servers, database servers, logging server, and node.js app servers), it describes a straightforward architecture.

Ansible Examples Other resources Chapter 1 - Getting Started with Ansible Ansible and Infrastructure Management On snowflakes and shell scripts Configuration management Installing Ansible Creating a basic inventory file Running your first Ad-Hoc Ansible command Summary Chapter 2 - Local Infrastructure Development: Ansible and Vagrant Prototyping and testing with local virtual machines Your first local server: Setting up Vagrant Using Ansible with Vagrant Your first Ansible playbook Summary Chapter 3 - Ad-Hoc Commands Conducting an orchestra Build infrastructure with Vagrant for testing Inventory file for multiple servers Your first ad-hoc commands Discover Ansible’s parallel nature Learning about your environment Make changes using Ansible modules Configure groups of servers, or individual servers Configure the Application servers Configure the Database servers Make changes to just one server Manage users and groups Manage files and directories Get information about a file Copy a file to the servers Retrieve a file from the servers Create directories and files Delete directories and files Run operations in the background Update servers asynchronously, monitoring progress Fire-and-forget tasks Check log files Manage cron jobs Deploy a version-controlled application Ansible’s SSH connection history Paramiko OpenSSH (default) Accelerated Mode Faster OpenSSH in Ansible 1.5+ Summary Chapter 4 - Ansible Playbooks Power plays Running Playbooks with ansible-playbook Limiting playbooks to particular hosts and groups Setting user and sudo options with ansible-playbook Other options for ansible-playbook Real-world playbook: CentOS Node.js app server Add extra repositories Deploy a Node.js app Launch a Node.js app Node.js app server summary Real-world playbook: Ubuntu LAMP server with Drupal Include a variables file, and discover pre_tasks and handlers Basic LAMP server setup Configure Apache Configure PHP with lineinfile Configure MySQL Install Composer and Drush Install Drupal with Git and Drush Drupal LAMP server summary Real-world playbook: Ubuntu Apache Tomcat server with Solr Include a variables file, and discover pre_tasks and handlers Install Apache Tomcat 7 Install Apache Solr Apache Solr server summary Summary Chapter 5 - Ansible Playbooks - Beyond the Basics Handlers Environment variables Per-play environment variables Variables Playbook Variables Inventory variables Registered Variables Accessing Variables Host and Group variables group_vars and host_vars Magic variables with host and group variables and information Facts (Variables derived from system information) Local Facts (Facts.d) Variable Precedence If/then/when - Conditionals Jinja2 Expressions, Python built-ins, and Logic register when changed_when and failed_when ignore_errors Delegation, Local Actions, and Pauses Pausing playbook execution with wait_for Running an entire playbook locally Prompts Tags Summary Chapter 6 - Playbook Organization - Roles and Includes Includes Handler includes Playbook includes Complete includes example Roles Role scaffolding Building your first role More flexibility with role vars and defaults Other role parts: handlers, files, and templates Handlers Files and Templates Organizing more complex and cross-platform roles Ansible Galaxy Getting roles from Galaxy Using role requirements files to manage dependencies A LAMP server in six lines of YAML A Solr server in six lines of YAML Helpful Galaxy commands Contributing to Ansible Galaxy Summary Chapter 7 - Inventories A real-world web application server inventory Non-prod environments, separate inventory files Inventory variables host_vars group_vars Ephemeral infrastructure: Dynamic inventory Dynamic inventory with DigitalOcean DigitalOcean account prerequisites Connecting to your DigitalOcean account Creating a droplet with Ansible DigitalOcean dynamic inventory with digital_ocean.py Dynamic inventory with AWS Inventory on-the-fly: add_host and group_by Multiple inventory sources - mixing static and dynamic inventories Creating custom dynamic inventories Summary Chapter 8 - Ansible Cookbooks Highly-Available Infrastructure with Ansible Directory Structure Individual Server Playbooks Main Playbook for Configuring All Servers Getting the required roles Vagrantfile for Local Infrastructure via VirtualBox Provisioner Configuration: DigitalOcean Provisioner Configuration: Amazon Web Services (EC2) Summary ELK Logging with Ansible ELK Playbook Forwarding Logs from Other Servers Summary GlusterFS Distributed File System Configuration with Ansible Configuring Gluster - Basic Overview Configuring Gluster with Ansible Summary Mac Provisioning with Ansible and Homebrew Running Ansible playbooks locally Automating Homebrew package and app management Configuring Mac OS X through dotfiles Summary Docker-based Infrastructure with Ansible A brief introduction to Docker containers Using Ansible to build and manage containers Building a Flask app with Ansible and Docker Data storage container Flask container MySQL container Ship it!

In that example, we used all of Vagrant’s default configuration defined in the Vagrantfile. In this example, we’ll use Vagrant’s powerful multi-machine management features. Three servers: two application, one database. We’re going to manage three VMs: two app servers and a database server. Many simple web applications and websites have a similar architecture, and even though this may not reflect the vast realm of infrastructure combinations that exist, it will be enough to highlight Ansible’s server management abilities. To begin, create a new folder somewhere on your local drive (I like using ~/VMs/[dir]), and create a new blank file named Vagrantfile (this is how we describe our virtual machines to Vagrant).


pages: 66 words: 9,247

MongoDB and Python by Niall O’Higgins

cloud computing, Debian, fault tolerance, semantic web, web application

When used with limit() this enables result pagination which is frequently used by clients when allowing end-users to browse very large result sets. skip() is analogous to the SQL OFFSET statement. For example, imagine a Web application which displays 20 users per page, sorted alphabetically by surname , and needs to fetch the data to build the second page of results for a user. The query used by the Web application might look like this: # Return at most 20 users sorted by name, # skipping the first 20 results in the set users = dbh.users.find().sort( ("surname", pymongo.ASCENDING)).limit(20).skip(20) Finally, when traversing very large result sets, where the underlying documents may be modified by other programs at the same time, you may wish to use MongoDB’s Snapshot Mode.

Perhaps the most common scenario is when writing inputs from Web applications to the database. Most WSGI-based Python frameworks will send you all HTTP POST and GET parameter values as strings— regardless of whether or not they are in fact strings. Thus it is easy to insert or update a numeric property with a value that is a string. The best way, of course, to avoid errors of this nature is to prevent the wrong type of data 38 | Chapter 3: Common MongoDB and Python Patterns ever being written to the database in the first place. Thus, in the context of a Web application, validating and/or coercing the types of any inputs to write queries before issuing them is strongly advised.

This summary data is most useful for extremely fast reads and writes. 44 | Chapter 3: Common MongoDB and Python Patterns CHAPTER 4 MongoDB with Web Frameworks While MongoDB can be used in all sorts of applications, its most obvious role is as the database backend for a web application. These days, a great many mobile and tablet applications are functioning as “fat clients” to the same HTTP-based API’s as browserbased web applications; hence mobile and tablet apps need the same sort of backend database infrastructure as more traditional web apps. Many organizations and engineers are finding the advantages of MongoDB’s document-oriented architecture compelling enough to migrate parts or even entire applications from traditional RDBMS such as MySQL to MongoDB.


pages: 292 words: 66,588

Learning Vue.js 2: Learn How to Build Amazing and Complex Reactive Web Applications Easily With Vue.js by Olga Filipova

Amazon Web Services, business logic, continuous integration, create, read, update, delete, en.wikipedia.org, Firefox, Google Chrome, leftpad, MVC pattern, pull request, side project, single page application, single source of truth, Skype, source of truth, web application

Extending our applications to other devices Both of our applications are web applications. While it might be okay for the Pomodoro application if we work the whole day on the computer and use the Web, it might be a little bit uncomfortable for the shopping list application. You don't bring your laptop when you go shopping. Of course, you can fill the shopping list with items at home and then open the mobile browser in the supermarket, but it might be slow and not so nice to use. Use Weex ( https://github.com/alibaba/weex ) to bring our web applications to the mobile devices. Both the applications can also be extended to be used as a Google Chrome app, just as we learned in Chapter 2, Fundamentals - Installing and Using.

What you need for this book The requirements for this book are the following: Computer with an Internet connection Text editor/IDE Node.js Who this book is for This book is for web developers or for people who want to become web developers. Whether you have just started to work with web technologies or you are already a guru of frameworks and languages in the vast ocean of web technologies, this book might show you something new in the world of reactive web applications. If you are a Vue developer and have used Vue 1.0, this book might be a useful guide for you to migrate to Vue 2.0, since all the examples of the book are based on Vue 2.0. Even if you are already using Vue 2.0, this book might be a nice exercise of building an application from scratch, applying all Vue and software engineering concepts and taking it to the deployment stage.

We appreciate your help in protecting our authors and our ability to bring you valuable content. Questions If you have a problem with any aspect of this book, you can contact us at questions@packtpub.com, and we will do our best to address the problem. Chapter 1. Going Shopping with Vue.js "Vue.js is a JavaScript framework for building astonishing web applications. Vue.js is a JavaScript library for creating web interfaces. Vue.js is a tool that leverages the use of MVVM architecture." Simplified JavaScript Jargon suggests that Vue.js is a JavaScript library for creating user interfaces (Views) based on underlying data models ( http://jargon.js.org/_glossary/VUEJS.md ).


Learning Flask Framework by Matt Copperwaite, Charles Leifer

create, read, update, delete, database schema, Debian, DevOps, don't repeat yourself, duck typing, full text search, place-making, Skype, SQL injection, web application

A short, fast, focused guide delivering immediate results. 2. Build a small but complete web application with Python and Flask. 3. Explore the basics of web page layout using Twitter Bootstrap and jQuery. 4. Get to know how to validate data entry using HTML forms and WTForms. Please check www.PacktPub.com for information on our titles Play Framework Essentials ISBN: 978-1-78398-240-0 Paperback: 200 pages An intuitive guide to creating easy-to-build scalable web applications using the Play framework 1. Master the complexity of designing a modern and scalable Web application by leveraging the Play framework stack. 2. The key concepts of the framework are illustrated with both Scala and Java code examples. 3.

We're not just looking for published authors; if you have strong technical skills but no writing experience, our experienced editors can help you develop a writing career, or simply get some additional reward for your expertise. Flask Framework Cookbook ISBN: 978-1-78398-340-7 Paperback: 258 pages Over 80 hands-on recipes to help you create small-to-large web applications using Flask 1. Get the most out of the powerful Flask framework while remaining flexible with your design choices. 2. Build end-to-end web applications, right from their installation to the post-deployment stages. 3. Packed with recipes containing lots of sample applications to help you understand the intricacies of the code. Instant Flask Web Development ISBN: 978-1-78216-962-8 Paperback: 78 pages Tap into Flask to build a complete application in a style that you control 1.

[1] www.allitebooks.com Learning Flask Framework Build dynamic, data-driven websites and modern web applications with Flask Matt Copperwaite Charles Leifer BIRMINGHAM - MUMBAI www.allitebooks.com Learning Flask Framework Copyright © 2015 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented.


Designing Web APIs: Building APIs That Developers Love by Brenda Jin, Saurabh Sahni, Amir Shevat

active measures, Amazon Web Services, augmented reality, Big Tech, blockchain, business logic, business process, cognitive load, continuous integration, create, read, update, delete, exponential backoff, Google Hangouts, if you build it, they will come, Lyft, machine readable, MITM: man-in-the-middle, premature optimization, pull request, Salesforce, Silicon Valley, Snapchat, software as a service, the market place, uber lyft, web application, WebSocket

This includes input validation, using the Secure Sockets Layer (SSL) protocol everywhere, validating content types, main‐ taining audit logs, and protecting against cross-site request forgery (CSRF) and cross-site scripting (XSS). All of these are important for any web application, and you should be doing them. Beyond these typical web application security practices, there are additional tech‐ niques that apply specifically to web APIs that you expose to devel‐ opers outside your company. In this chapter, we look closely at those best practices and how companies are securing APIs in practice. Authentication and Authorization Authentication and authorization are two foundation elements of security: Authentication The process of verifying who you are. Web applications usually accomplish this by asking you to log in with a username and password.

In Chapter 3, we look into how you can secure your APIs. We cover how API providers are building authentication and authorization schemes. We also look extensively at OAuth, an open protocol used to secure authorization in a simple and standard way. Closing Thoughts | 25 CHAPTER 3 API Security Security is a critical element of any web application, particularly so for APIs. New security issues and vulnerabilities are always being discovered, and it’s important to protect your APIs from attacks. A security breach can be disastrous—poor security implementations can lead to loss of critical data as well as revenue. To ensure an application is secure, there are many things engineers tend to do.

Web applications usually accomplish this by asking you to log in with a username and password. This combination is checked against an existing valid username/password record to ensure the request is authentic. 27 Authorization The process of verifying that you are permitted to do what you are trying to do. For instance, a web application might allow you to view a page; however, it might not allow you to edit that page unless you are an administrator. That’s authorization. As you design an API, you need to think about how app developers will perform both authentication and authorization with your API. Early on, API providers started supporting Basic Authentication.


pages: 214 words: 14,382

Monadic Design Patterns for the Web by L.G. Meredith

barriers to entry, domain-specific language, don't repeat yourself, finite state, functional programming, Georg Cantor, ghettoisation, higher-order functions, John von Neumann, Kickstarter, semantic web, seminal paper, social graph, type inference, web application, WebSocket

Domain Model, Storage, and State 8.1 Practice . . . . . . . . . . . . . . . . . 8.2 Mapping our domain model to storage 8.3 Storage and language-integrated query 8.4 Continuations revisited . . . . . . . . . 8.5 Foundations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Putting it All Together 9.1 Practice . . . . . . . . . . . . . . . . . . . . 9.2 Our web application end-to-end . . . . . . . 9.3 Deploying our application . . . . . . . . . . 9.4 From one web application to web framework 9.5 Foundations . . . . . . . . . . . . . . . . . 10 The Semantic Web 10.1 Practice . . . . . . . . . . . . 10.2 Referential transparency . . . 10.3 Composing monads . . . . . 10.4 Semantic application queries . 10.5 Searching for programs . . . 10.6 Foundations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169 169 170 174 174 174 . . . . . 175 176 176 177 178 178 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 180 180 180 180 180 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 182 182 183 186 192 192 Glossary 194 Bibliography 210 About the Author 213 Cover · Overview · Contents · Discuss · Suggest · Glossary · Index Download from Wow!

Obviously, in the context of the web, this particular use case is of considerable interest. Nearly every web application is of this form: navigating a tree or graph of pages. Usually, that graph of pages is somehow homomorphic, i.e. an image of, the graph of some underlying domain data structure, like the data structures of employee records in a payroll system or the social graph of a social media application Cover · Overview · Contents · Discuss · Suggest · Glossary · Index 126 Section 6.1 Chapter 6 · Zippers and Contexts and URIs, Oh My! Download from Wow! eBook <www.wowebook.com> like Twitter. Many web applications, such as so-called content management systems, also support the mutation of the graph of pages.

eBook <www.wowebook.com> 8.5 Foundations Cover · Overview · Contents · Discuss · Suggest · Glossary · Index 178 Chapter 9 Putting it All Together The application as a whole TBD Chapter 10 query model Chapter 6 Chapter 1 request stream browser Chapter 3 http parser navigation model domain model storage model app request parser Chapter 5 Chapter 8 Chapter 4 User Download from Wow! eBook <www.wowebook.com> Chapter 2 Chapter 7 store Chapter 9 Figure 9.1 · Chapter 9 map Cover · Overview · Contents · Discuss · Suggest · Glossary · Index Section 9.1 Chapter 9 · Putting it All Together 9.1 Practice 9.2 Our web application end-to-end TBD 9.3 Deploying our application Why we are not deploying on GAE 9.4 From one web application to web framework TBD Download from Wow! eBook <www.wowebook.com> 9.5 Foundations Cover · Overview · Contents · Discuss · Suggest · Glossary · Index 180 Chapter 10 The Semantic Web Where are we; how did we get here; and where are we going?


pages: 370 words: 105,085

Joel on Software by Joel Spolsky

AltaVista, AOL-Time Warner, Apple Newton, barriers to entry, Beos Apple "Steve Jobs" next macos , business logic, c2.com, commoditize, Dennis Ritchie, General Magic , George Gilder, index card, Jeff Bezos, knowledge worker, machine readable, Metcalfe's law, Mitch Kapor, Multics, Network effects, new economy, off-by-one error, PageRank, PalmPilot, Paul Graham, pneumatic tube, profit motive, reality distortion field, Robert X Cringely, shareholder value, Silicon Valley, Silicon Valley startup, SimCity, six sigma, slashdot, Steve Ballmer, Steve Jobs, the scientific method, thinkpad, VA Linux, web application

Every developer has a choice to make when they plan a new software application: they can build it for the Web, or they can build a "rich client" application that runs on PCs. The basic pros and cons are simple: Web applications are easier to deploy, while rich clients offer faster response time enabling much more interesting user interfaces. Web applications are easier to deploy because there's no installation involved. Installing a web application means typing a URL in the address bar. Today I installed Google's new email application by typing Alt+D, gmail, Ctrl+Enter. There are far fewer version compatibility problems and problems coexisting with other software.

Here are a few examples of things you can't really do well in a web application: Create a fast drawing program. Build a real-time spell checker with wavy red underlines. Warn users that they are going to lose their work if they hit the close box of the browser. Update a small part of the display based on a change that the user makes without a full roundtrip to the server. Create a fast keyboard-driven interface that doesn't require the mouse. Let people continue working when they are not connected to the Internet. These are not all big issues. Some of them will be solved very soon by witty JavaScript developers. Two new web applications, Gmail12 and Oddpost,13 both email apps, do a really decent job of working around or completely solving some of these issues.

So the Web user interface is about 80 percent there, and even without new web browsers, we can probably get 95 percent there. This is Good Enough for most people, and it's certainly good enough for developers, who have voted to develop almost every significant new application as a web application. __________ 12. See gmail.google.com/. 13. See www.oddpost.com/. Which means, suddenly, Microsoft's API doesn't matter so much. Web applications don't require Windows. It's not that Microsoft didn't notice this was happening. Of course they did, and when the implications became clear, they slammed on the brakes. Promising new technologies like HTAs14 and DHTML were stopped in their tracks.


pages: 470 words: 109,589

Apache Solr 3 Enterprise Search Server by Unknown

bioinformatics, business logic, continuous integration, database schema, en.wikipedia.org, fault tolerance, Firefox, full text search, functional programming, information retrieval, natural language processing, performance metric, platform as a service, Ruby on Rails, SQL injection, Wayback Machine, web application

After starting his career in the field of bioinformatics where he worked as a Biological Data Management and Analysis Consultant, he's now a Senior Application Developer with interests ranging from architecture to delivering a great user experience online. He's passionate about open source technologies, search engines, and web application architecture. He now works for WCN Plc, a leading provider of recruitment software solutions. He has worked on Packt's Enterprise Solr published in 2009. Mauricio Scheffer is a software developer currently living in Buenos Aires, Argentina. He's worked in dot-coms on almost everything related to web application development, from architecture to user experience. He's very active in the open source community, having contributed to several projects and started many projects of his own.

Understanding the URL's structure is very important for grasping how searching Solr works: http://localhost:8983/solr/mbartists/select?indent=on&version=2.2&q=*%3A*&fq=&start=0&rows=10&fl=*%2Cscore&qt=&wt=&explainOther=&hl.fl= The /solr/ is the web application context where Solr is installed on the Java servlet engine. If you have a dedicated server for Solr, then you might opt to install it at the root. This would make it just /. How to do this is out of scope of this book, but letting it remain at /solr/ is fine. After the web application context is a reference to the Solr core named mbartists. If you are experimenting with Solr's example setup then you won't see a core name because it has a default one.

We can do this by making use of the standard practices, which you would apply to any kind of web application or server software. Limiting server access The single biggest thing you can do to secure Solr is to lock down who has access to the server. Using standard firewall techniques, you can control what IP addresses are allowed to connect to the Solr through the 8983 port. Unless you have very unusual needs, you won't expose Solr to the Internet directly; instead users will access Solr through some sort of web application, that in turn forwards requests to Solr, collects the results, and displays them to your users.


pages: 48 words: 10,481

Instant Ember.JS Application Development: How-To by Marc Bodmer

don't repeat yourself, Firefox, Google Chrome, MVC pattern, web application

www.it-ebooks.info Instant Ember. js Application Development How-to Your first step in creating amazing web applications Marc Bodmer BIRMINGHAM - MUMBAI www.it-ebooks.info Instant Ember.js Application Development How-to Copyright © 2013 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented.

www.it-ebooks.info Table of Contents Preface Instant Ember.js Application Development How-to Setting up Ember.js (Simple) Creating an Ember model/object (Simple) Enhancing an Ember object (Simple) Creating an Ember controller (Simple) Handlebar HTML templates (Simple) Creating an Ember view (Simple) Routing for your application (Medium) Common parts of an application (Medium) Handling external data (Advanced) www.it-ebooks.info 1 7 7 10 12 16 18 21 25 30 33 www.it-ebooks.info Preface Ember.js is a frontend MVC JavaScript framework that runs in the browser. It is for developers who are looking to build ambitious and large web applications that rival native applications. Ember.js was created from concepts introduced by native application frameworks, such as Cocoa. Ember.js helps you to create great experiences for the user. It will help you to organize all the direct interactions a user may perform on your website. A common use case for Ember.js is when you believe your JavaScript code will become complex; when the code base becomes complex, problems about maintaining and refactoring the code base will arise.

Routing for your application (Medium) will explain how the state of your application will change when using the Ember.js router. It will show how user actions impact the state and how you can incorporate different state changing methods into your application. Transitions and outlets are the main topics explained here. Common parts of an application (Medium) will show you how to create common parts of a web application now that you have a solid foundation with Ember.js. Action helpers for your views and special keys within controllers will be shown. These parts can also be expanded on once you are finished with the tutorials in this book. Handling external data (Advanced) will show you how you can incorporate external data from an API into your application.


PostGIS in Action by Regina O. Obe, Leo S. Hsu

business logic, call centre, crowdsourcing, database schema, Debian, domain-specific language, en.wikipedia.org, Firefox, functional programming, Google Earth, job automation, McMansion, Mercator projection, Network effects, null island, openstreetmap, planetary scale, profit maximization, Ruby on Rails, Skype, South of Market, San Francisco, SQL injection, traveling salesman, web application

You then initialize non-geometry pixels to 0,0,0 and finally convert the PostGIS raster to a PNG raster . The output of listing 4.14 is the bytes that make up the PNG image as a PostgreSQL bytea (byte array) data type. You can then use a standard query connection like JDBC, PHP pgsql, ODBC, ADO.NET, or Python psychopg to retrieve the image for rendering in a web application. We have a demonstration of rendering for web applications at www.bostongis.com/blog/index.php?/archives/175-Minimalist-Web-based-PHP-PostGIS-2.0-Spatial-GeometryRaster-Viewer.html. OpenOffice can also read images stored in a field. With it you can easily incorporate your image in spreadsheets and presentations. We demonstrate the use of OpenOffice and LibreOffice at www.postgresonline.com/journal/archives/244-Raster-LibreOffice-Base-Reports.html. 4.6.

users and groups USING UTM buffer sizes UTM projection UTM WGS 84 zones utmzone function V vacuum analyze valid geometrycollections valid multipolygons valid polygons ValidateTopology function VALUES varchar data type varchar_pattern_ops variables standard_conforming_strings VARIADIC vector data vector tiles vertices, reducing number of Victoria, BC, Canada Virtual Earth Virtual Reality Modeling Language (VRML) visualization tools VOLATILE, 2nd voxels W WAR web application archives. See WAR. web applications and raster data type GeoServer Leaflet mapping clients mapping servers MapServer OpenLayers web services Web Coverage Service. See WCS. Web Feature Service Transactional. See WFS-T. Web Feature Service. See WFS. Web Map Service Cache. See WMS-C. Web Map Tile Service.

Geometry and geography processing Chapter 12. Raster processing Chapter 13. Building and using topologies Chapter 14. Organizing spatial data Chapter 15. Query performance tuning 3. Using PostGIS with other tools Chapter 16. Extending PostGIS with pgRouting and procedural languages Chapter 17. Using PostGIS in web applications Appendix A. Additional resources Appendix B. Installing, compiling, and upgrading Appendix C. SQL primer Appendix D. PostgreSQL features Index List of Figures List of Tables List of Listings Table of Contents Copyright Brief Table of Contents Table of Contents Praise for the First Edition of PostGIS in Action Foreword Preface Acknowledgments About this Book 1.


pages: 95 words: 23,041

Mobile First by Luke Wroblewski

augmented reality, Benchmark Capital, en.wikipedia.org, Mary Meeker, RFID, Steve Jobs, web application

Of course we can’t talk about mobile internet growth without mentioning the ongoing debate between native mobile applications and mobile web solutions. While many people try to argue for one side or the other, the truth is there are great reasons for doing both. Because native mobile applications run, well—natively—they have access to system resources that web applications do not. This means user interface transitions and interactions are generally smoother in native applications. Trying to replicate these effects in the browser can lead to noticeable hiccups and lags in the user experience. Native mobile applications give you robust access to hardware capabilities that you currently can’t get through mobile web browsers.

So more native application use quickly turns into more web use. Mobile web experiences also don’t require users to download updates (a fix on the server is a fix on the site), and they enable you to do frequent A/B (or bucket) testing of multiple design options. If either of those considerations is of vital importance to you, a mobile web application can make more sense. But perhaps the best reason to start with a mobile web solution is that it builds on web design and development skills you already have. You don’t have to wait to get started. In fact, I think you should start right away. The time is now Fueled by capable devices and faster networks, mobile internet usage is exploding.

This chart does a nice job of illustrating that people often use their mobile devices in shorter bursts (that’s why the peaks are sharper) throughout the day. Rachel Hinman at Nokia has a great analogy that contrasts mobile behavior with desktop behavior; she says the desktop is “diving” while mobile is “snorkeling” (http://bkaprt.com/mf/34). Web applications that align well with shorter, burst-like behavior by providing their customers with quick, up-to-date, and highly relevant updates throughout the day are growing like weeds on mobile. Access to Facebook through mobile browsers grew 112% in one year. Access to Twitter through mobile browsers experienced a 347% jump in just one year (http://bkaprt.com/mf/18).


pages: 192 words: 44,789

Vagrant: Up and Running by Mitchell Hashimoto

Amazon Web Services, barriers to entry, Debian, DevOps, FOSDEM, remote working, software as a service, web application

Prior to Vagrant, the preferred method of working on a web application was to install and configure all the software you needed (e.g., Apache, MySQL, RabbitMQ, etc.) locally on your development machine. I admit that in the days when web applications were almost certainly just PHP and MySQL alone, this made a lot of sense. Once installed, both technologies are generally “set and forget” and they just work. They also work well with multiple projects due to easy virtual hosts in Apache and database isolation with MySQL. But today, modern web applications have a lot more moving parts, a lot more options for underlying technologies, and a lot more overall complexity.

Virtualization is the foundational technology behind what is often referred to as the cloud. Amazon Web Services, Microsoft Azure, virtual private server (VPS) providers, and more are based completely around this technology or those similar to it. These sort of cloud services are now the de facto standard for hosting web applications. Virtualization is everywhere. The good news is that virtualization technology is readily available to anyone with a modern computer. The bad news is that we’re only at the tip of the iceberg of what is possible with this technology. Vagrant is here to change this. In early 2010, I worked for a web development consultancy and was frustrated by having to repeatedly set up development environments manually for various projects.

Multiple projects are difficult to impossible, because each project usually requires slightly different configurations of their services, or can require completely different backend systems. The result is either a brittle setup of poorly configured dependencies, or a system that is running a lot of services that each individual web application may not need. It all gets messy very quickly. It’s difficult to keep development environments in sync with other team members, or to bring a new team member on board. Because each developer is responsible for a separate development environment, it is easy for the environments to quickly get out of sync.


pages: 309 words: 65,118

Ruby by example: concepts and code by Kevin C. Baird

Benevolent Dictator For Life (BDFL), David Heinemeier Hansson, Debian, digital map, Donald Knuth, en.wikipedia.org, Firefox, fudge factor, functional programming, general-purpose programming language, Guido van Rossum, Larry Wall, MVC pattern, Paul Graham, Perl 6, premature optimization, union organizing, web application

CGI enables friendly cooperation among multiple files that could even be written in distinct programming languages but all exist together within a larger web application. Using more than one language for a single web application is fairly common. I mentioned that Ruby’s high level of abstraction makes it suitable for web programming. However, sometimes you might really want to use a library someone has already written in another language—like Python, for instance—in a web program. If you use CGI, you could write part of your web application in Python in order to use that library. You might also have a section of your web application that is highly speed critical, so you could write that part in C for execution speed, and the rest in Ruby for development speed.

Perl has weak dynamic typing, and like Ruby, it is interpreted. It has been called the swiss army chainsaw and the Jeep of programming languages, and it can be found at http://perl.com. PHP PHP is another interpreted language using weak dynamic typing that is very popular for web applications. In fact, some people erroneously believe that PHP is only usable for web applications. It is technically a complete, generalpurpose programming language, although it has several features that make it 4 Critics contend that this feature makes Lisp a more appropriate acronym for Lots of Irritating Superfluous Parentheses. Larry Wall, the creator of Perl, suggested that Lisp code has all the aesthetic appeal of “oatmeal with toenail clippings.”

You’ll learn how to: • Use the interactive Ruby shell (irb) to learn key features of the language • Extend Ruby using RubyGems, the Ruby package manager • Create numerical utilities, as well as utilities that process and analyze HTML/XML • Implement purely functional and metaprogramming techniques to save time and effort “ I L AY F L AT .” This book uses RepKover — a durable binding that won’t snap shut. Printed on recycled paper • Create web applications using Rails Ruby is the fastest growing programming language today, and for good reason: Its elegant syntax and readable code make for prolific and happy programmers. But it can be difficult to understand and implement without a little help. Ruby by Example shows you how to take advantage of Ruby as you explore Ruby’s fundamental concepts in action.


pages: 266 words: 38,397

Mastering Ember.js by Mitchel Kelonye

Firefox, information security, MVC pattern, off-the-grid, Ruby on Rails, single page application, web application, WebRTC, WebSocket

Chad is currently employed at LinkedIn where he works on frontend infrastructure and other cross-functional projects. James A Rosen is a senior user happiness engineer at Zendesk. He writes Ruby and JavaScript and is currently working on improving performance, scalability, and developer happiness on large-scale distributed web applications. He holds a BS degree in Computer Science and Music from Washington University in St. Louis and an MS degree in Information Security Policy and Management from Carnegie Mellon University. He has written for the Zendesk Developers blog and contributed to technical books, including editing Understanding the Four Rules of Simple Design, Corey Haines.

Fully searchable across every book published by Packt Copy and paste, print, and bookmark content On demand and accessible via a web browser Free access for Packt account holders If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access. Preface Mastering Ember.js is a must-read for any web developer who wishes to start writing ambitious web applications that rival native web apps. It's packed with practical samples that show how easy it is to architect these applications. This book was inspired by the need for an Ember.js resource that explained Ember.js better using real-world examples. What this book covers Chapter 1, Introduction to Ember.js, introduces the key concepts of Ember.js.

In addition, some sections will require you to install Node.js in order to run the provided server programs. Who this book is for This book targets both beginners and intermediary-level Ember.js users. It's packed with many practical samples that are well suited for any mid-level JavaScript developer who would like to start creating ambitious web applications. Conventions In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning. Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "The app.js file contains all our application code but later on we may separate application concerns into more files when the application grows."


Designing Search: UX Strategies for Ecommerce Success by Greg Nudelman, Pabini Gabriel-Petit

access to a mobile phone, Albert Einstein, AltaVista, augmented reality, barriers to entry, Benchmark Capital, business intelligence, call centre, cognitive load, crowdsourcing, folksonomy, information retrieval, Internet of things, Neal Stephenson, Palm Treo, performance metric, QR code, recommendation engine, RFID, search costs, search engine result page, semantic web, Silicon Valley, social graph, social web, speech recognition, text mining, the long tail, the map is not the territory, The Wisdom of Crowds, web application, zero-sum game, Zipcar

Note—Simply duplicating the functionality of a Web application—while trying to work around the mobile design challenges described—always results in a subpar mobile application. It’s not enough to think: How can I duplicate our Web application’s user experience within the limitations of the mobile platform? Instead, it’s better to start from scratch, focusing on What experience would work best for mobile users? Putting users’ goals first allows a design team to concentrate on the new opportunities a mobile application presents rather than seeing the challenges of mobile devices simply as barriers to implementing a Web application’s existing functionality.

Figure 9-6: KAYAK date picker versus scrolling calendar in the iPhone app Contrast the elegant scrolling calendar design of the KAYAK iPhone app with the Web form calendar picker shown on the left. Note that the KAYAK Web application actually duplicates (and grays out, which adds to the confusion) the flanking and trailing dates for each month. In my opinion, it is features such as this that make KAYAK’s mobile interface much more intuitive than its Web application. Note—Luke Wroblewski explores the topic of mobile search Web forms in more detail in his perspective at the end of this chapter. Regardless of how fancy your calendar picker is, make sure your form is accessible and allows people to simply type in the dates they want by tabbing around the form fields.

For instance, the absence of pogosticking is not the only determinant of successful search results. Your search results may get an excellent, low pogosticking score, but you still might not sell anything because customers don’t find your search results relevant. What’s even more incredible is that some Web applications succeed despite having high pogosticking scores. As long as people become emotionally engaged with your search results and product detail pages load reasonably quickly, they don’t mind picking up and trying on individual items. On the other hand, detailed summary results, such as those from Expedia, seem cumbersome on 800 × 600 screens.


pages: 328 words: 77,877

API Marketplace Engineering: Design, Build, and Run a Platform for External Developers by Rennay Dorasamy

Airbnb, Amazon Web Services, barriers to entry, business logic, business process, butterfly effect, continuous integration, DevOps, digital divide, disintermediation, fault tolerance, if you build it, they will come, information security, Infrastructure as a Service, Internet of things, Jeff Bezos, Kanban, Kubernetes, Lyft, market fragmentation, microservices, minimum viable product, MITM: man-in-the-middle, mobile money, optical character recognition, platform as a service, pull request, ride hailing / ride sharing, speech recognition, the payments system, transaction costs, two-pizza team, Uber and Lyft, uber lyft, underbanked, web application

Observing a master ply their craft is truly something to behold and our platform soon had a working pipeline, and the team was soon issuing commands via instant message to characters from Tolkien’s Middle-Earth to release code elements. One of the most significant developments of this deployment was permission from Network Security to allow internally hosted web applications to be exposed by a Reverse Proxy in the DMZ. This milestone decision allowed the migration of the single web application hosted in the DMZ Container Platform to the internal Kubernetes cluster. This has optimized delivery as internal pipelines and network connectivity can be leveraged and support simplified as the container and associated logs can easily be accessed.

Leveraging the enterprise security infrastructure, by way of physical infrastructure, processes, and services, has bootstrapped our implementation significantly. There has been some customization to allow for Marketplace-specific requirements, such as junctions which allow unauthenticated access to backend web applications and rolling refresh token windows. This decision has also helped us navigate Architecture and Design approval boards. There was a sense of comfort from long-serving Architects that this bleeding-edge API Marketplace, which could be a new channel of attack, was secured using trusted enterprise security standards.

The technical acumen required to achieve this is elementary web development and hosting knowledge and considerably lower than having to understand the TCP/IP stack or DNS. It is important and interesting to note that the potential remedy to this attack is a process update to verify the integrity of third parties before allowing them to participate in your ecosystem. OWASP The Open Web Application Security Project (OWASP) is a non-profit foundation that works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences. Security Top 10 The Top 10 API Security Risks identified by OWASP [https://owasp.org/www-project-api-security] lists the following:Broken Object Level Authorization (API1): APIs tend to expose endpoints that handle object identifiers, creating a wide attack surface Level Access Control issue.


pages: 234 words: 57,267

Python Network Programming Cookbook by M. Omar Faruque Sarker

business intelligence, cloud computing, Debian, DevOps, Firefox, inflight wifi, machine readable, RFID, web application

As compared to the previously described recipes, this method of running a remote command using Fabric is easier and more efficient. Running a MySQL command remotely If you ever need to administer a MySQL server remotely, this recipe is for you. It will show you how to send database commands to a remote MySQL server from a Python script. If you need to set up a web application that relies on a backend database, this recipe can be used as a part of your web application setup process. Getting ready This recipe also needs Fabric to be installed first. You can install Fabric using the Python packing tools, pip or easy_install, as shown in the following command. Fabric relies on the paramiko module, which will be installed automatically

In recent years, he has been leading a number of Python software development projects, including the implementation of an interactive web-based scientific computing framework using the IPython Notebook service at UCL. He is a specialist and an expert in open source technologies, for example, e-learning and web application platforms, agile software development, and IT service management methodologies such as DSDM Atern and ITIL Service management frameworks. Dr. Sarker received his PhD in multirobot systems from University of South Wales where he adopted various Python open source projects for integrating the complex software infrastructure of one of the biggest multirobot experiment testbeds in UK.

This book is an exploratory guide to network programming in Python. It has touched a wide range of networking protocols such as TCP/UDP, HTTP/HTTPS, FTP, SMTP, POP3, IMAP, CGI, and so forth. With the power and interactivity of Python, it brings joy and fun to develop various scripts for performing real-world tasks on network and system administration, web application development, interacting with your local and remote network, low-level network packet capture and analysis, and so on. The primary focus of this book is to give you a hands-on experience on the topics covered. So, this book covers less theory, but it's packed with practical materials. This book is written with a "devops" mindset where a developer is also more or less in charge of operation, that is, deploying the application and managing various aspects of it, such as remote server administration, monitoring, scaling-up, and optimizing for better performance.


pages: 247 words: 71,698

Avogadro Corp by William Hertling

Any sufficiently advanced technology is indistinguishable from magic, cloud computing, crowdsourcing, Hacker Ethic, hive mind, invisible hand, messenger bag, natural language processing, Netflix Prize, off-the-grid, private military company, Ray Kurzweil, Recombinant DNA, recommendation engine, Richard Stallman, Ruby on Rails, standardized shipping container, tech worker, technological singularity, Turing test, web application, WikiLeaks

While he ate, Pete looked over his inbox. A new email caught his eye, and he opened it. To: Pete Wong (Internal Tools) From: John Anderson (Procurement) Subject: Email Procurement Forms Hi Pete, This is John Anderson. I work over in Procurement. Even though we’ve got a procurement web application that I know you guys created, we still get hundreds of email requests into the procurement department. Part of the problem is that we’ve got sales people in the field who can send emails from their smartphone, but have a hard time getting a secure VPN connection to the internal web sites. Is it possible to create an email-to-web bridge that would allow people to email us, and get a return form by email that they could submit to make requests?

When his first Avogadro search for ‘email to web service’ within seconds turned up an existing design posted by some IBM guys, his excitement grew. After reading through the design, he realized he could implement it all in a couple of hours. His other work forgotten, Pete started in on the project. He used the existing Internal Tools servers, and created a new Ruby on Rails web application that converted web pages to emails, and emails into web page form submissions. It was easier than expected, and by lunch he had a simple prototype running. He tried the prototype on the Internal Tools Request tool, and discovered some bugs. Puzzling over the details in his head, he mindlessly rushed down the hall to the coffee station for a refill

He had cut and pasted code from a dozen different websites, and wrapped it all up with some virtual duct tape. It was a real kludge that he wouldn’t want to show off in a coding style contest. On the other hand, it worked, by golly! He tested it against the Internal Tools web service, the Procurement web application, and have a dozen other web sites. It seemed to work for everything. He drummed his thumbs excitedly against the desk. Using off the shelf libraries that other people had written for Ruby on Rails, his favorite programming environment, he had been able to glue together the relevant pieces quickly.


pages: 602 words: 207,965

Practical Ext JS Projects With Gears by Frank Zammetti

a long time ago in a galaxy far, far away, Albert Einstein, corporate raider, create, read, update, delete, database schema, en.wikipedia.org, fake news, Firefox, full text search, Gordon Gekko, Kickstarter, Larry Wall, leftpad, loose coupling, Ronald Reagan, web application

There are lots of great libraries out there today, from jQuery to Dojo, from YUI to script.aculo.us. All of them help you achieve the goal of wicked-cool web applications. One of them, though, in my opinion, stands above the rest, and that’s what we’re here to look at: Ext JS. Ext JS allows you to create applications with a richness that historically has only been seen in native applications. From a top-notch windowing system to a data subsystem, various effects, and drag-and-drop, everything you need to create modern web applications is here. Ext JS isn’t limited to the user interface, though; it also contains tons of utility functions that make the core of your application easier and cleaner.

—Tommy Lasorda Oh, so they have internet on computers now! —Homer Simpson ChaP ter 1 Introducing Web Development with ext JS In this chapter, we’ll begin our journey into the world of Ext JS by taking a step back and looking at the evolution of web application development. In fact, we’ll take a step even further back than that and look at what the term “web application” means in the first place (hint: it may not be quite as obvious as it first seems!). We’ll deal with what the term “rich Internet application” (RIA) is all about, and we’ll talk briefly about Ajax (what it used to mean and what it means now) and why it’s such an important development.

Strap yourself in because it’s going to be a wild (but exciting) ride! the Evolution of the Web: Web Sites vs. Web Applications If you’ve been doing web development for more than a few minutes—or so it seems sometimes given the rapid rate of technological development in this area—then you are well aware of the fantastic evolution of the Web. It’s like a child growing up right before your eyes in many ways, and we’ve had our share of teething pains to be sure! Today we have all sorts of web sites. More than that, we have web applications. What’s the difference, you ask? A web site’s primary purpose is to disseminate information.


jQuery UI 1.8: The User Interface Library for jQuery by Dan Wellman

Firefox, lolcat, web application

These are low-level interaction components as opposed to the high-level widgets that we looked at in the first part of this book. They help the elements used on your pages to be more engaging and interactive for your visitors, which adds value to your site and can help make your web applications appear more professional. They also help to blur the distinction between the browser and the desktop, and provide greater usability to make web applications more efficient, effective, and natural. In this chapter, we'll be covering two very closely related components—draggables and droppables. The draggables API transforms any specified element into something that your visitors can pick up with the mouse pointer and drag around the page.

jQuery UI 1.7: The User Interface Library for jQuery ISBN: 978-1-847199-72-0 Paperback: 392 pages Build highly interactive web applications with readyto-use widgets from the jQuery User Interface library 1. Organize your interfaces with reusable widgets: accordions, date pickers, dialogs, sliders, tabs, and more 2. Enhance the interactivity of your pages by making elements drag-and-droppable, sortable, selectable, and resizable 3. Packed with examples and clear explanations of how to easily design elegant and powerful front-end interfaces for your web applications jQuery 1.4 Animation Techniques: Beginners Guide ISBN: 978-1-84951-330-2 Paperback: 344 pages Quickly master all of jQuery's animation methods and build a toolkit of ready-to-use animations using jQuery 1.4 1.

jQuery UI 1.8 The User Interface Library for jQuery Build highly interactive web applications with ready-to-use widgets from the jQuery User Interface Library Dan Wellman BIRMINGHAM - MUMBAI jQuery UI 1.8 The User Interface Library for jQuery Copyright © 2011 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented.


pages: 141 words: 9,896

Pragmatic Guide to JavaScript by Christophe Porteneuve

barriers to entry, commoditize, domain-specific language, en.wikipedia.org, Firefox, Great Leap Forward, web application, WebSocket

Thomas Fuchs Creator of the script.aculo.us framework An impressive collection of very practical tips and tricks for getting the most out of JavaScript in today’s browsers, with topics ranging from fundamentals such as form validation and JSON handling to application examples such as mashups and geolocation. I highly recommend this book for anyone wanting to be more productive with JavaScript in their web applications. Dylan Schiemann CEO at SitePen, cofounder of the Dojo Toolkit There are a number of JavaScript books on the market today, but most of them tend to focus on the new or inexperienced JavaScript programmer. Porteneuve does no such thing, and this Pragmatic Guide is a better book for it. If you’re a novice, go elsewhere first, and then when you have some scripting under your belt, come back; if you’ve worked with JavaScript before, then Pragmatic Guide to JavaScript takes a set of techniques that you may have heard about or seen and makes them useful to you.

You should also check out Appendix C, on page 116, when reading this part so you get a good picture of the framework landscape and make informed decisions. • Part 3 is all about the user interface, especially visual effects and neat UI ideas: good-looking tooltips, lightboxes, image preloading, infinite scrolling, and the like. • Part 4 is complementary to Part 3, because it focuses on forms, a critical part of most web applications. Among other things, a number of tools are there to assist, simplify, and validate input. • Part 5 is all about the client-server relationship, with topics such as cookies, JSON, and Ajax (same- and cross-domain). 4. 5. 6. Full disclosure: I’m a member of Prototype Core. http://github.com/tdd/pragmatic-javascript http://pragprog.com/titles/pg_js Report erratum Download from Wow!

. • How to listen on events, looking at the basics in Task 8, Listening for Events (and Stopping), then aiming for efficiency with Task 9, Leveraging Event Delegation, and finally gaining power with Task 10, Decoupling Behaviors with Custom Events. • How to play with timers (for instance to simulate background processing), in Task 11, Simulating Background Processing. And because they are such critical building blocks of any significant web application, I’m going to show you code for them in all the major frameworks I selected for this book; at this level, they’re all functionally equivalent anyway. Compared anatomy was all the rage a couple centuries ago; it still remains a good way to get a wider perspective on things. Report erratum Download from Wow!


pages: 444 words: 118,393

The Nature of Software Development: Keep It Simple, Make It Valuable, Build It Piece by Piece by Ron Jeffries

Amazon Web Services, anti-pattern, bitcoin, business cycle, business intelligence, business logic, business process, c2.com, call centre, cloud computing, continuous integration, Conway's law, creative destruction, dark matter, data science, database schema, deep learning, DevOps, disinformation, duck typing, en.wikipedia.org, fail fast, fault tolerance, Firefox, Hacker News, industrial robot, information security, Infrastructure as a Service, Internet of things, Jeff Bezos, Kanban, Kubernetes, load shedding, loose coupling, machine readable, Mars Rover, microservices, Minecraft, minimum viable product, MITM: man-in-the-middle, Morris worm, move fast and break things, OSI model, peer-to-peer lending, platform as a service, power law, ransomware, revision control, Ruby on Rails, Schrödinger's Cat, Silicon Valley, six sigma, software is eating the world, source of truth, SQL injection, systems thinking, text mining, time value of money, transaction costs, Turing machine, two-pizza team, web application, zero day

Jay Wengrow (218 pages) ISBN: 9781680502442 $45.95 HTML5 and CSS3 (2nd edition) HTML5 and CSS3 are more than just buzzwords – they’re the foundation for today’s web applications. This book gets you up to speed on the HTML5 elements and CSS3 features you can use right now in your current projects, with backwards compatible solutions that ensure that you don’t leave users of older browsers behind. This new edition covers even more new features, including CSS animations, IndexedDB, and client-side validations. Brian P. Hogan (314 pages) ISBN: 9781937785598 $38 Secure Your Node.js Web Application Cyber-criminals have your web applications in their crosshairs. They search for and exploit common security mistakes in your web application to steal user data.

These requests had the user’s identifying cookie but not his session cookie. So each request was creating a new session. It strongly resembled a DDoS attack, except that it came from one particular proxy server in one location. Once again, we see that sessions are the Achilles’ heel of web applications. Want to bring down nearly any dynamic web application? Pick a deep link from the site and start requesting it without sending cookies. Don’t even wait for the response; just drop the socket connection as soon as you’ve sent the request. Web servers never tell the application servers that the end user stopped listening for an answer.

In this chapter, we’ll look at the “top ten” list of application vulnerabilities, as identified by the Open Web Application Security Project (OWASP). We’ll also consider data protection and integrity so that nobody loses their valuable nuts. The OWASP Top 10 Since 2001, the OWASP Foundation has catalogued application security incidents and vulnerabilities.[54] Its member organizations contribute data from real attacks, so these are real lessons rather than “what-if-isms.” One way that OWASP promotes application security awareness is through its OWASP Top 10 list. It represents a consensus about the most critical web application security flaws, updated every three or four years.


pages: 1,038 words: 137,468

JavaScript Cookbook by Shelley Powers

business logic, Firefox, Google Chrome, hypertext link, leftpad, semantic web, SQL injection, web application, WebSocket

There’s ongoing work to create a new DOM Level 3 event handling, which builds on the work of the DOM Level 2 event handling and is included as part of the Web Applications work at the W3C. However, implementation of the newer material is sparse, at best. New Events, New Uses There are newer events to go with the newer models, and to go with a nonbrowser- specific DOM. As examples of DOM events, the DOMNodeInserted and DOMNodeRe moved events are triggered when a node is added or removed from the page’s document tree. However, I don’t recommend using the W3C event for general web pages, as these events are not supported in the current versions of IE, and only partially supported in most other browsers. Most web application authors wouldn’t need these events, anyway.

Opera has placed some restrictions on what can be supported in JSON: strings must be double quoted, and there are no hexadecimal values and no tabs in strings. See Also See Recipe 19.5 for a demonstration of JSON.stringify. 19.5 Convert an Object to a Filtered/Transformed String with JSON Problem You need to convert a JavaScript object to a JSON formatted string for posting to a web application. However, the web application has data requirements that differ from your client application. Solution Use the JSON.stringify method, passing in the object as first parameter and providing a transforming function as the second parameter: function convertBoolToNums(key, value) { if (typeof value == 'boolean') { if (value) value = 1; else value = 0; } return value; }; window.onload=function() { var obj = {"test" : "value1", "test2" : 3.44, "test3" : false}; var jsonobj = JSON.stringify(obj, convertBoolToNums, 3); alert(jsonobj); // test3 should be 0 } 19 5 Convert an Object to a Filtered/Transformed String with JSON | 445 Discussion The JSON.stringify method takes three parameters: the object to be transformed into JSON, an optional function or array used either to transform or filter one or more object values, and an optional third parameter that defines how much and what kind of whitespace is used in the generated result.

Along the way, I’ll demonstrate how to: • Work with the JavaScript objects, such as String, Array, Number, and Math • Create reusable objects • Query and create new elements in the Document Object Model (DOM) • Use the new Selectors API for efficient and targeted querying • Use JavaScript with new HTML5 technologies, such as the new media elements, video and audio • Create interactive applications • Manage your web page space • Store data in various ways, from the simple to the complex • Use JavaScript with Scalable Vector Graphics (SVG) and the canvas element • Work with some of the interesting data structures, like Microformats and RDFa • Package your library for others to use, as well as use other libraries in your applications • Ensure your JavaScript applications are accessible through the use of Accessible Rich Internet Applications (ARIA) • Work in environments other than the typical desktop browser, such as creating mobile phone web applications, or extending Photoshop with new behaviors • Use and create jQuery plug-ins • Develop Ajax applications xiii • Debug your applications using your browser’s debugger • Work with the new HTML5 drag-and-drop • Communicate using the new HTML5 cross-documentation techniques • Implement concurrent programming with Web Workers • Use the File API to access a desktop file directly in client-side JavaScript It’s not a complete encyclopedia of JavaScript use today—no one book can cover all there is to cover.


The Data Journalism Handbook by Jonathan Gray, Lucy Chambers, Liliana Bounegru

Amazon Web Services, barriers to entry, bioinformatics, business intelligence, carbon footprint, citizen journalism, correlation does not imply causation, crowdsourcing, data science, David Heinemeier Hansson, eurozone crisis, fail fast, Firefox, Florence Nightingale: pie chart, game design, Google Earth, Hans Rosling, high-speed rail, information asymmetry, Internet Archive, John Snow's cholera map, Julian Assange, linked data, machine readable, moral hazard, MVC pattern, New Journalism, openstreetmap, Ronald Reagan, Ruby on Rails, Silicon Valley, social graph, Solyndra, SPARQL, text mining, Wayback Machine, web application, WikiLeaks

Django, which is built on top of the Python programming language, was developed by Adrian Holovaty and a team working in a newsroom—the Lawrence Journal-World in Lawrence, Kansas. Ruby on Rails was developed in Chicago by by David Heinemeier Hansson and 37Signals, a web application company. Though the two frameworks take different approaches to the “MVC pattern,” they’re both excellent and make it possible to build even very complex web applications very quickly. They take away some of the rudimentary work of building an app. Things like creating and fetching items from the database, and matching URLs to specific code in an app are built into the frameworks, so developers don’t need to write code to do basic things like that.

., you don’t have to type a semi-colon after each line). More importantly, Python has a tremendous user base and therefore has plugins (called packages) for literally everything you need. I would consider Django as something rarely needed by data journalists. It is a Python web application framework—that is, a tool to create big, database-driven web applications. It is definitely too heavyweight for small interactive infographics. I also use QGis, which is an open source toolkit providing a wide range of GIS functionality needed by data journalists who deal with geodata every now and then. If you need to convert geospatial data from one format into another, then QGis is what you need.

(Open Knowledge Foundation) The Where Does My Money Go? project enabled users to explore public data from a wide variety of sources using intuitive open source tools. We won an award to help to develop a prototype of the project, and later received funding from Channel 4’s 4IP to turn this into a fully fledged web application. Information design guru David McCandless (from Information is Beautiful; http://www.informationisbeautiful.net/) created several different views of the data that helped people relate to the big numbers—including the “Country and Regional Analysis,” which shows how money is disbursed in different parts of the country, and “Daily Bread”, which shows citizens a breakdown of their tax contributions per day in pounds and pence.


pages: 232 words: 71,237

Kill It With Fire: Manage Aging Computer Systems by Marianne Bellotti

anti-pattern, barriers to entry, business logic, cloud computing, cognitive bias, computer age, continuous integration, create, read, update, delete, Daniel Kahneman / Amos Tversky, data science, database schema, Dennis Ritchie, DevOps, fault tolerance, fear of failure, Google Chrome, Hans Moravec, iterative process, Ken Thompson, loose coupling, microservices, minimum viable product, Multics, no silver bullet, off-by-one error, platform as a service, pull request, QWERTY keyboard, Richard Stallman, risk tolerance, Schrödinger's Cat, side project, software as a service, Steven Levy, systems thinking, web application, Y Combinator, Y2K

While I don’t believe society is going to crumble at our feet over it, there’s a lot of good, interesting work for people willing to jump in. 1 Time Is a Flat Circle In the summer of 2016, I found myself sitting in front of the weirdest system I had ever encountered as a software engineer. There was a fairly banal web application written in Java that was connecting to what I would eventually figure out was a mainframe. The mainframe itself wasn’t the weird part. When you venture into the world of legacy modernization, you quickly realize that mainframes are still everywhere—in banks, in government, buried deep in the foundation of civil society. Having a web application send requests to a mainframe wasn’t so weird. I had a hard time accepting that a technology designed for bulk transactions would respond quickly enough to meet the demands of a website at a reasonable scale, but despite my concerns, it did appear to be doing okay.

No, what was weird was that the mainframe in question was from the 1960s and storing data on magnetic tape. There was no way that mainframe could respond quickly enough, so when I saw this on the architecture diagrams, I focused on a group of mysterious machines that were sitting in the middle; a modern web application was on one side and an ancient mainframe on the other. The only information I had about this cluster of machines was the acronym the organization used for it. Nobody on the engineering teams I was working with seemed to know what the machines did. It took a lot of digging through several decades of documentation before I figured out what they were: Unisys ClearPath Dorados.

There are command processors like bash or JCL that trigger jobs, templating languages to build interfaces, querying languages to access data, and so on. How well is business logic separated out between these layers? Does logic stay where it is sensible, or is it injected to where it is convenient? Most web development projects, for example, run on Linux machines. Therefore, it is not uncommon for web applications to include shell scripts as part of their code base—particularly as part of the setup/installation routine. Imagine what migrating those applications would feel like 20 years in the future if Linux were supplanted by a different operating system. We would potentially have to rewrite all the shell scripts as well as migrate the actual application.


pages: 629 words: 109,663

Docker in Action by Jeff Nickoloff, Stephen Kuenzli

air gap, Amazon Web Services, cloud computing, computer vision, continuous integration, database schema, Debian, end-to-end encryption, exponential backoff, fail fast, failed state, information security, Kubernetes, microservices, MITM: man-in-the-middle, peer-to-peer, software as a service, web application

Running docker run a second time. Because the image is already installed, Docker can start the new container right away. Congratulations! You’re now an official Docker user. Using Docker is just this easy. But it can test your understanding of the application you are running. Consider running a web application in a container. If you did not know that it was a long-running application that listened for inbound network communication on TCP port 80, you might not know exactly what Docker command should be used to start that container. These are the types of sticking points people encounter as they migrate to containers.

Some applications depend on specific system libraries for common things like sound, networking, graphics, and so on. Others depend on standard libraries for the language they’re written in. Some depend on other applications, such as the way a Java program depends on the Java Virtual Machine, or a web application might depend on a database. It’s common for a running program to require exclusive access to a scarce resource such as a network connection or a file. Today, without Docker, applications are spread all over the filesystem and end up creating a messy web of interactions. Figure 1.5 illustrates how example applications depend on example libraries without Docker.

If you just want to make sure you’re always running the most recent version of Java 11, use the image tagged with 11-stretch. It should always be assigned to the newest release of Java 11. These tags give users great flexibility. It’s also common to see different tags for images with different software configurations. For example, we’ve released two images for an open source program called freegeoip. It’s a web application that can be used to get the rough geographical location associated with a network address. One image is configured to use the default configuration for the software. It’s meant to run by itself with a direct link to the world. The second is configured to run behind a web load balancer. Each image has a distinct tag that allows the user to easily identify the image with the features required.


pages: 170 words: 42,196

Don't Make Me Think!: A Common Sense Approach to Web Usability by Steve Krug

collective bargaining, Garrett Hardin, iterative process, pets.com, Silicon Valley, Tragedy of the Commons, web application, Whole Earth Catalog

The good news, though, is that the excellent set of 113 Home page design guidelines crammed into the first 28 pages is worth the price of the entire book. > WEB APPLICATION DESIGN HANDBOOK: BEST PRACTICES FOR WEB-BASED SOFTWARE Susan Fowler and Victor Stanwick, Morgan Kaufmann, 2004 Susan and Victor have written the Junior Woodchucks Guidebook of Web applications: Everything you need to know is in there, including tons of best practice examples, insights from years of experience, and assorted fascinating arcana. If you’re designing or building Web applications, you’d be foolish not to have a copy. > DEFENSIVE DESIGN FOR THE WEB 37 Signals, New Riders, 2004 The subtitle (How to Improve Error Messages, Help, Forms, and Other Crisis Points) says it all.

(Just in case any of the sites, well, you know…disappear.) > Still not present at time of photo. The one thing people have asked me about that you still won’t find in here is any discussion of Web applications. While a lot of the principles are the same as for Web sites, it’s really a topic for a whole other book, and I’m not the person to write it.2 2 If that’s your area, you might want to take a look at Web Application Design Handbook: Best Practices for Web-Based Software by Susan Fowler and Victor Stanwick. Anyway, thanks for all the fish. I hope you find the new bits useful. See you in five years.

In general, I think it’s safe to say that users don’t mind a lot of clicks as long as each click is painless and they have continued confidence that they’re on the right track—following what Jared Spool calls “the scent of information.” I think the rule of thumb might be something like “three mindless, unambiguous clicks equal one click that requires thought.”2 2 Of course, there are exceptions. If I’m going to have to drill down through the same parts of a site repeatedly, for instance or repeat a sequence of clicks in a Web application, or if the pages are going to take a long time to load, then the value of fewer clicks increases. The classic first question in the word game Twenty Questions—“Animal, vegetable, or mineral?”—is a wonderful example of a mindless choice. As long as you accept the premise that anything that’s not a plant or an animal—including things as diverse as pianos, limericks, and encyclopedias, for instance—falls under “mineral,” it requires no thought at all to answer the question correctly.3 3 In case you’ve forgotten the game, there’s an excellent version that you can play against on the Web at http://www.20q.net Created by Robin Burgener, it uses a neural net algorithm and plays a mean game.


pages: 135 words: 31,098

ClojureScript: Up and Running by Stuart Sierra, Luke Vanderhart

domain-specific language, Firefox, functional programming, higher-order functions, machine readable, MVC pattern, Paul Graham, web application

To begin, this chapter will provide some motivation for why ClojureScript exists. The Rise of Browser Applications Web applications have come a long way from simple CGI scripts, but they have always been constrained by the stateless request-response model of HTTP. As the “pages” in a web application become more elaborate, the cost in time and bandwidth of reloading an entire page just to update a single piece of information becomes prohibitively high. One of the first major uses of JavaScript on the web was to ameliorate the cost of small updates, but “web applications” remained primarily server applications for a long time, and for good reason.

The most straightforward way to do this is to set up your Leiningen project to include a Ring application running on an embedded Jetty web server, and use Compojure to configure it to serve HTML files from the resources/public directory. Ring is a low-level HTTP web application library with wide adoption in the Clojure community. It is used as the foundation for most Clojure web applications. You can learn about it on its GitHub page. Compojure is a popular web routing library for Ring that makes it easy to configure web routes. Its page is here. Although any technique for serving resources from a localhost address will work, we will use Ring and Compojure since they are relatively easy to set up, and are by far the most popular ways to set up a Clojure web app.


pages: 283 words: 78,705

Principles of Web API Design: Delivering Value with APIs and Microservices by James Higginbotham

Amazon Web Services, anti-pattern, business intelligence, business logic, business process, Clayton Christensen, cognitive dissonance, cognitive load, collaborative editing, continuous integration, create, read, update, delete, database schema, DevOps, fallacies of distributed computing, fault tolerance, index card, Internet of things, inventory management, Kubernetes, linked data, loose coupling, machine readable, Metcalfe’s law, microservices, recommendation engine, semantic web, side project, single page application, Snapchat, software as a service, SQL injection, web application, WebSocket

Finally, bear in mind that smaller organizations may not see the need for the added complexity of a service mesh. However, larger organizations managing many developer teams producing a multitude of services across one or more cloud environments may benefit from the use of a service mesh. Web Application Firewalls (WAFs) Web application firewalls (WAFs) protect APIs from network threats, including common scripting and injection attacks. Unlike API gateways, they will monitor OSI layer 3 and layer 4 network activity, allowing for deeper packet inspection than what is possible with API gateways that focus on the HTTP protocol only.

Deep fetches allow nested resources to be retrieved at the same time as the parent, avoiding multiple API calls to recreate a large graph on the client. Shallow fetches prevent this from happening to avoid sending unnecessary data in the response. Response shaping is often used for mobile apps, when a smaller amount of data is required compared to a web application that can render more information in a single screen. Understanding OData Two of the most popular query-based API styles are OData and GraphQL. OData is a query-based API protocol that is standardized and managed by OASIS. It is built upon HTTP and JSON and uses a resource-based approach familiar to those already familiar with REST.

Subscription level support involves defining the API operations to be included or excluded at each level. It also allows for more advanced rate limiting and quota support based on the assigned subscription level for a registered application. APIMs may also offer extended security measures not found in most API gateways. As a result, they may overlap with the duties of web application firewalls (WAFs). Service Meshes Service meshes shift the needs of network reliability, observability, security, routing, and error handling away from each process to separate out-of-process infrastructure. This new infrastructure is portable and independent of any specific programming languages and frameworks selected by each process, making it portable.


Beautiful Data: The Stories Behind Elegant Data Solutions by Toby Segaran, Jeff Hammerbacher

23andMe, airport security, Amazon Mechanical Turk, bioinformatics, Black Swan, business intelligence, card file, cloud computing, computer vision, correlation coefficient, correlation does not imply causation, crowdsourcing, Daniel Kahneman / Amos Tversky, DARPA: Urban Challenge, data acquisition, data science, database schema, double helix, en.wikipedia.org, epigenetics, fault tolerance, Firefox, Gregor Mendel, Hans Rosling, housing crisis, information retrieval, lake wobegon effect, Large Hadron Collider, longitudinal study, machine readable, machine translation, Mars Rover, natural language processing, openstreetmap, Paradox of Choice, power law, prediction markets, profit motive, semantic web, sentiment analysis, Simon Singh, social bookmarking, social graph, SPARQL, sparse data, speech recognition, statistical model, supply-chain management, systematic bias, TED Talk, text mining, the long tail, Vernor Vinge, web application

Developers could finally stop grappling with CORBA and DCOM to distribute their logic and data across networked machines, and instead use the standard HTTP and text-based tools to get their applications to talk to one another on levels lower than traditional web applications. This has led to an explosion of APIs across nearly every web application you can think of, as shown in Figure 8-1. An API became the thing every product manager had to have. This was both a good thing and a bad thing. On the bright side, thousands of products have opened up their data for all the world to use. Programmable Web (http://www. programmableweb.com/) has hundreds of them documented and ready to use.

Hughes, discusses the challenges of designing a data processing system that has to work within the constraints of space travel. Chapter 4, Cloud Storage Design in a PNUTShell, by Brian F. Cooper, Raghu Ramakrishnan, and Utkarsh Srivastava, describes the software Yahoo! has designed to turn its globally distributed data centers into a universal storage platform for powering modern web applications. Chapter 5, Information Platforms and the Rise of the Data Scientist, by Jeff Hammerbacher, traces the evolution of tools for information processing and the humans who power them, using specific examples from the history of Facebook’s data team. Chapter 6, The Geographic Beauty of a Photographic Archive, by Jason Dykes and Jo Wood, draws attention to the ubiquity and power of colorfully visualized spatial data collected by a volunteer community.

For example, Alice might change her status to “Busy on the phone,” and then later change it to “Off the phone, anybody wanna chat?” When Alice changes her status, we write it into her profile record so that her friends can see it. The profile table might look like Table 4-1. Notice that to support evolving web applications, we must allow for a flexible schema and sparse data; not every record will have a value for every field, and adding new fields must be cheap. T A B L E 4 - 1 . User profile table Username FullName Location Status Alice Alice Smith Sunnyvale, CA Off the phone, anybody Alice345 wanna chat?


Programming Computer Vision with Python by Jan Erik Solem

augmented reality, computer vision, database schema, en.wikipedia.org, optical character recognition, pattern recognition, text mining, Thomas Bayes, web application

For each example, the top row is the regular result and the bottom row the re-ranked result. 7.6 Building Demos and Web Applications In this last section on searching, we’ll take a look at a simple way of building demos and web applications with Python. By making demos as web pages, you automatically get cross-platform support and an easy way to show and share your project with minimal requirements. In the sections below we will go through an example of a simple image search engine. Creating Web Applications with CherryPy To build these demos, we will use the CherryPy package, available at http://www.cherrypy.org/.

Symbols 3D plotting, A Sample Data Set 3D reconstruction, 3D Reconstruction Example 4-neighborhood, 9.1 Graph Cuts A affine transformation, 3.1 Homographies affine warping, Affine Transformations affinity matrix, Clustering Images agglomerative clustering, 6.2 Hierarchical Clustering alpha map, Image in Image AR, 4.3 Pose Estimation from Planes and Markers array, Interactive Annotation array slicing, Array Image Representation aspect ratio, 4.1 The Pin-Hole Camera Model association, 9.2 Segmentation Using Clustering augmented reality, 4.3 Pose Estimation from Planes and Markers B bag-of-visual-words, Inspiration from Text Mining—The Vector Space Model bag-of-word representation, Searching Images baseline, Bundle adjustment Bayes classifier, Classifying Images—Hand Gesture Recognition binary image, Morphology—Counting Objects blurring, Using the Pickle Module bundle adustment, Bundle adjustment C calibration matrix, 4.1 The Pin-Hole Camera Model camera calibration, Computing the Camera Center camera center, Camera Models and Augmented Reality camera matrix, Camera Models and Augmented Reality camera model, Camera Models and Augmented Reality camera pose estimation, 4.3 Pose Estimation from Planes and Markers camera resectioning, Triangulation CBIR, Searching Images Chan-Vese segmentation, 9.3 Variational Methods characteristic functions, 9.3 Variational Methods CherryPy, 7.6 Building Demos and Web Applications, Image Search Demo class centroids, Clustering Images classifying images, Classifying Image Content clustering images, Clustering Images, Clustering Images complete linking, 6.2 Hierarchical Clustering confusion matrix, Classifying Images—Hand Gesture Recognition content-based image retrieval, Searching Images convex combination, Image in Image corner detection, Local Image Descriptors correlation, 2.1 Harris Corner Detector corresponding points, 2.1 Harris Corner Detector cpickle, PCA of Images cross-correlation, Finding Corresponding Points Between Images cumulative distribution function, Graylevel Transforms cv, OpenCV, 10.4 Tracking cv2, OpenCV D de-noising, Reading and writing .mat files Delaunay triangulation, Piecewise Affine Warping dendrogram, Clustering Images dense depth reconstruction, Bundle adjustment dense image features, A Simple 2D Example dense SIFT, A Simple 2D Example descriptor, 2.1 Harris Corner Detector difference-of-Gaussian, Finding Corresponding Points Between Images digit classification, Hand Gesture Recognition Again direct linear transformation, 3.1 Homographies directed graph, Image Segmentation distance matrix, Clustering Images E Edmonds-Karp algorithm, 9.1 Graph Cuts eight point algorithm, Plotting 3D Data with Matplotlib epipolar constraint, 5.1 Epipolar Geometry epipolar geometry, Multiple View Geometry epipolar line, 5.1 Epipolar Geometry epipole, 5.1 Epipolar Geometry essential matrix, The calibrated case—metric reconstruction F factorization, Factoring the Camera Matrix feature matches, Finding Corresponding Points Between Images feature matching, Matching Descriptors flood fill, Displaying Images and Results focal length, 4.1 The Pin-Hole Camera Model fundamental matrix, 5.1 Epipolar Geometry fundamental matrix estimation, 5.3 Multiple View Reconstruction G Gaussian blurring, Using the Pickle Module Gaussian derivative filters, Image Derivatives Gaussian distributions, 8.2 Bayes Classifier gesture recognition, Dense SIFT as Image Feature GL_MODELVIEW, PyGame and PyOpenGL GL_PROJECTION, PyGame and PyOpenGL Grab Cut dataset, Segmentation with User Input gradient angle, Blurring Images gradient magnitude, Blurring Images graph, Image Segmentation graph cut, Image Segmentation GraphViz, Matching Using Local Descriptors graylevel transforms, Array Image Representation H Harris corner detection, Local Image Descriptors Harris matrix, Local Image Descriptors hierarchical clustering, 6.2 Hierarchical Clustering hierarchical k-means, 6.3 Spectral Clustering histogram equalization, Graylevel Transforms Histogram of Oriented Gradients, A Simple 2D Example HOG, A Simple 2D Example homogeneous coordinates, Image to Image Mappings homography, Image to Image Mappings homography estimation, 3.1 Homographies Hough transform, Inpainting I Image, Basic Image Handling and Processing image contours, Plotting Images, Points, and Lines image gradient, Blurring Images image graph, 9.1 Graph Cuts image histograms, Plotting Images, Points, and Lines image patch, 2.1 Harris Corner Detector image plane, Camera Models and Augmented Reality image registration, Piecewise Affine Warping image retrieval, Searching Images image search demo, 7.6 Building Demos and Web Applications image segmentation, Visualizing the Images on Principal Components, Image Segmentation image thumbnails, Convert Images to Another Format ImageDraw, Clustering Images inliers, 3.3 Creating Panoramas inpainting, Using generators integral image, Color Spaces interest point descriptor, 2.1 Harris Corner Detector interest points, Local Image Descriptors inverse depth, 4.1 The Pin-Hole Camera Model inverse document frequency, Inspiration from Text Mining—The Vector Space Model io, Useful SciPy Modules iso-contours, Plotting Images, Points, and Lines J JSON, Downloading Geotagged Images from Panoramio K k-means, Clustering Images k-nearest neighbor classifier, Classifying Image Content kernel functions, 8.3 Support Vector Machines kNN, Classifying Image Content L Laplacian matrix, 6.3 Spectral Clustering least squares triangulation, Triangulation LibSVM, 8.3 Support Vector Machines local descriptors, Local Image Descriptors Lucas-Kanade tracking algorithm, Optical Flow M marking points, Interactive Annotation mathematical morphology, Morphology—Counting Objects Matplotlib, Create Thumbnails maximum flow (max flow), 9.1 Graph Cuts measurements, Morphology—Counting Objects, Extracting Cells and Recognizing Characters metric reconstruction, 5.1 Epipolar Geometry, Computing the Camera Matrix from a Fundamental Matrix minidom, Registering Images minimum cut (min cut), 9.1 Graph Cuts misc, Useful SciPy Modules morphology, Morphology—Counting Objects, Morphology—Counting Objects, Exercises mplot3d, A Sample Data Set, 3D Reconstruction Example multi-class SVM, Selecting Features multi-dimensional arrays, Interactive Annotation multi-dimensional histograms, Clustering Images multiple view geometry, Multiple View Geometry N naive Bayes classifier, Classifying Images—Hand Gesture Recognition ndimage, Affine Transformations ndimage.filters, Computing Disparity Maps normalized cross-correlation, Finding Corresponding Points Between Images normalized cut, 9.2 Segmentation Using Clustering NumPy, Interactive Annotation O objloader, Tying It All Together OCR, Hand Gesture Recognition Again OpenCV, Chapter Overview, OpenCV OpenGL, PyGame and PyOpenGL OpenGL projection matrix, From Camera Matrix to OpenGL Format optic flow, 10.4 Tracking optical axis, Camera Models and Augmented Reality optical center, The Camera Matrix optical character recognition, Hand Gesture Recognition Again optical flow, 10.4 Tracking optical flow equation, 10.4 Tracking outliers, 3.3 Creating Panoramas overfitting, Exercises P panograph, Exercises panorama, 3.3 Creating Panoramas PCA, PCA of Images pickle, PCA of Images, The SciPy Clustering Package, Creating a Vocabulary pickling, PCA of Images piecewise affine warping, Image in Image piecewise constant image model, 9.3 Variational Methods PIL, Basic Image Handling and Processing pin-hole camera, Camera Models and Augmented Reality plane sweeping, 5.4 Stereo Images plot formatting, Plotting Images, Points, and Lines plotting, Create Thumbnails point correspondence, 2.1 Harris Corner Detector pose estimation, 4.3 Pose Estimation from Planes and Markers Prewitt filters, Blurring Images Principal Component Analysis, PCA of Images, 8.2 Bayes Classifier principal point, The Camera Matrix projection, Camera Models and Augmented Reality projection matrix, Camera Models and Augmented Reality projective camera, Camera Models and Augmented Reality projective transformation, Image to Image Mappings pydot, Matching Using Local Descriptors pygame, PyGame and PyOpenGL pygame.image, PyGame and PyOpenGL pygame.locals, PyGame and PyOpenGL Pylab, Create Thumbnails PyOpenGL, PyGame and PyOpenGL pyplot, Exercises pysqlite, Setting Up the Database pysqlite2, Setting Up the Database Python Imaging Library, Basic Image Handling and Processing python-graph, 9.1 Graph Cuts Q quad, From Camera Matrix to OpenGL Format query with image, Querying with an Image quotient image, Exercises R radial basis functions, 8.3 Support Vector Machines ranking using homographies, 7.5 Ranking Results Using Geometry RANSAC, 3.3 Creating Panoramas, 5.3 Multiple View Reconstruction rectified image pair, Bundle adjustment rectifying images, Extracting Cells and Recognizing Characters registration, Piecewise Affine Warping rigid transformation, 3.1 Homographies robust homography estimation, RANSAC ROF, Reading and writing .mat files, 9.3 Variational Methods RQ-factorization, Factoring the Camera Matrix Rudin-Osher-Fatemi de-noising model, Reading and writing .mat files S Scale-Invariant Feature Transform, Finding Corresponding Points Between Images scikit.learn, Exercises Scipy, Using the Pickle Module scipy.cluster.vq, The SciPy Clustering Package, Clustering Images scipy.io, Useful SciPy Modules, Reading and writing .mat files scipy.misc, Reading and writing .mat files scipy.ndimage, Blurring Images, Morphology—Counting Objects, Extracting Cells and Recognizing Characters, Rectifying Images, Exercises scipy.ndimage.filters, Blurring Images, Blurring Images, 2.1 Harris Corner Detector scipy.sparse, Exercises searching images, Searching Images, Adding Images segmentation, Image Segmentation self-calibration, Bundle adjustment separating hyperplane, Using PCA to Reduce Dimensions SfM, The calibrated case—metric reconstruction SIFT, Finding Corresponding Points Between Images similarity matrix, Clustering Images similarity transformation, 3.1 Homographies similarity tree, 6.2 Hierarchical Clustering simplejson, Downloading Geotagged Images from Panoramio, Downloading Geotagged Images from Panoramio single linking, 6.2 Hierarchical Clustering slicing, Array Image Representation Sobel filters, Blurring Images spectral clustering, Clustering Images, 9.2 Segmentation Using Clustering SQLite, Setting Up the Database SSD, Finding Corresponding Points Between Images stereo imaging, Bundle adjustment stereo reconstruction, Bundle adjustment stereo rig, Bundle adjustment stereo vision, Bundle adjustment stitching images, Robust Homography Estimation stop words, Inspiration from Text Mining—The Vector Space Model structure from motion, The calibrated case—metric reconstruction structuring element, Morphology—Counting Objects Sudoku reader, Hand Gesture Recognition Again sum of squared differences, Finding Corresponding Points Between Images Support Vector Machines, Using PCA to Reduce Dimensions support vectors, 8.3 Support Vector Machines SVM, Using PCA to Reduce Dimensions T term frequency, Inspiration from Text Mining—The Vector Space Model term frequency–inverse document frequency, Inspiration from Text Mining—The Vector Space Model text mining, Searching Images tf-idf weighting, Inspiration from Text Mining—The Vector Space Model total variation, Reading and writing .mat files total within-class variance, Clustering Images tracking, 10.4 Tracking triangulation, 5.2 Computing with Cameras and 3D Structure U unpickling, PCA of Images unsharp masking, 1.5 Advanced Example: Image De-Noising urllib, Downloading Geotagged Images from Panoramio V variational methods, 9.3 Variational Methods variational problems, 9.3 Variational Methods vector quantization, The SciPy Clustering Package vector space model, Searching Images vertical field of view, From Camera Matrix to OpenGL Format video, Displaying Images and Results visual codebook, Inspiration from Text Mining—The Vector Space Model visual vocabulary, Inspiration from Text Mining—The Vector Space Model visual words, Inspiration from Text Mining—The Vector Space Model visualizing image distribution, Visualizing the Images on Principal Components VLFeat, Interest Points W warping, Affine Transformations watershed, Inpainting web applications, 7.6 Building Demos and Web Applications webcam, Optical Flow word index, Setting Up the Database X XML, Registering Images xml.dom, Registering Images About the Author Jan Erik Solem is a Python enthusiast and a computer vision researcher and entrepreneur. He is an applied mathematician and has worked as associate professor, startup CTO, and now also book author.

Symbols 3D plotting, A Sample Data Set 3D reconstruction, 3D Reconstruction Example 4-neighborhood, 9.1 Graph Cuts A affine transformation, 3.1 Homographies affine warping, Affine Transformations affinity matrix, Clustering Images agglomerative clustering, 6.2 Hierarchical Clustering alpha map, Image in Image AR, 4.3 Pose Estimation from Planes and Markers array, Interactive Annotation array slicing, Array Image Representation aspect ratio, 4.1 The Pin-Hole Camera Model association, 9.2 Segmentation Using Clustering augmented reality, 4.3 Pose Estimation from Planes and Markers B bag-of-visual-words, Inspiration from Text Mining—The Vector Space Model bag-of-word representation, Searching Images baseline, Bundle adjustment Bayes classifier, Classifying Images—Hand Gesture Recognition binary image, Morphology—Counting Objects blurring, Using the Pickle Module bundle adustment, Bundle adjustment C calibration matrix, 4.1 The Pin-Hole Camera Model camera calibration, Computing the Camera Center camera center, Camera Models and Augmented Reality camera matrix, Camera Models and Augmented Reality camera model, Camera Models and Augmented Reality camera pose estimation, 4.3 Pose Estimation from Planes and Markers camera resectioning, Triangulation CBIR, Searching Images Chan-Vese segmentation, 9.3 Variational Methods characteristic functions, 9.3 Variational Methods CherryPy, 7.6 Building Demos and Web Applications, Image Search Demo class centroids, Clustering Images classifying images, Classifying Image Content clustering images, Clustering Images, Clustering Images complete linking, 6.2 Hierarchical Clustering confusion matrix, Classifying Images—Hand Gesture Recognition content-based image retrieval, Searching Images convex combination, Image in Image corner detection, Local Image Descriptors correlation, 2.1 Harris Corner Detector corresponding points, 2.1 Harris Corner Detector cpickle, PCA of Images cross-correlation, Finding Corresponding Points Between Images cumulative distribution function, Graylevel Transforms cv, OpenCV, 10.4 Tracking cv2, OpenCV D de-noising, Reading and writing .mat files Delaunay triangulation, Piecewise Affine Warping dendrogram, Clustering Images dense depth reconstruction, Bundle adjustment dense image features, A Simple 2D Example dense SIFT, A Simple 2D Example descriptor, 2.1 Harris Corner Detector difference-of-Gaussian, Finding Corresponding Points Between Images digit classification, Hand Gesture Recognition Again direct linear transformation, 3.1 Homographies directed graph, Image Segmentation distance matrix, Clustering Images E Edmonds-Karp algorithm, 9.1 Graph Cuts eight point algorithm, Plotting 3D Data with Matplotlib epipolar constraint, 5.1 Epipolar Geometry epipolar geometry, Multiple View Geometry epipolar line, 5.1 Epipolar Geometry epipole, 5.1 Epipolar Geometry essential matrix, The calibrated case—metric reconstruction F factorization, Factoring the Camera Matrix feature matches, Finding Corresponding Points Between Images feature matching, Matching Descriptors flood fill, Displaying Images and Results focal length, 4.1 The Pin-Hole Camera Model fundamental matrix, 5.1 Epipolar Geometry fundamental matrix estimation, 5.3 Multiple View Reconstruction G Gaussian blurring, Using the Pickle Module Gaussian derivative filters, Image Derivatives Gaussian distributions, 8.2 Bayes Classifier gesture recognition, Dense SIFT as Image Feature GL_MODELVIEW, PyGame and PyOpenGL GL_PROJECTION, PyGame and PyOpenGL Grab Cut dataset, Segmentation with User Input gradient angle, Blurring Images gradient magnitude, Blurring Images graph, Image Segmentation graph cut, Image Segmentation GraphViz, Matching Using Local Descriptors graylevel transforms, Array Image Representation H Harris corner detection, Local Image Descriptors Harris matrix, Local Image Descriptors hierarchical clustering, 6.2 Hierarchical Clustering hierarchical k-means, 6.3 Spectral Clustering histogram equalization, Graylevel Transforms Histogram of Oriented Gradients, A Simple 2D Example HOG, A Simple 2D Example homogeneous coordinates, Image to Image Mappings homography, Image to Image Mappings homography estimation, 3.1 Homographies Hough transform, Inpainting I Image, Basic Image Handling and Processing image contours, Plotting Images, Points, and Lines image gradient, Blurring Images image graph, 9.1 Graph Cuts image histograms, Plotting Images, Points, and Lines image patch, 2.1 Harris Corner Detector image plane, Camera Models and Augmented Reality image registration, Piecewise Affine Warping image retrieval, Searching Images image search demo, 7.6 Building Demos and Web Applications image segmentation, Visualizing the Images on Principal Components, Image Segmentation image thumbnails, Convert Images to Another Format ImageDraw, Clustering Images inliers, 3.3 Creating Panoramas inpainting, Using generators integral image, Color Spaces interest point descriptor, 2.1 Harris Corner Detector interest points, Local Image Descriptors inverse depth, 4.1 The Pin-Hole Camera Model inverse document frequency, Inspiration from Text Mining—The Vector Space Model io, Useful SciPy Modules iso-contours, Plotting Images, Points, and Lines J JSON, Downloading Geotagged Images from Panoramio K k-means, Clustering Images k-nearest neighbor classifier, Classifying Image Content kernel functions, 8.3 Support Vector Machines kNN, Classifying Image Content L Laplacian matrix, 6.3 Spectral Clustering least squares triangulation, Triangulation LibSVM, 8.3 Support Vector Machines local descriptors, Local Image Descriptors Lucas-Kanade tracking algorithm, Optical Flow M marking points, Interactive Annotation mathematical morphology, Morphology—Counting Objects Matplotlib, Create Thumbnails maximum flow (max flow), 9.1 Graph Cuts measurements, Morphology—Counting Objects, Extracting Cells and Recognizing Characters metric reconstruction, 5.1 Epipolar Geometry, Computing the Camera Matrix from a Fundamental Matrix minidom, Registering Images minimum cut (min cut), 9.1 Graph Cuts misc, Useful SciPy Modules morphology, Morphology—Counting Objects, Morphology—Counting Objects, Exercises mplot3d, A Sample Data Set, 3D Reconstruction Example multi-class SVM, Selecting Features multi-dimensional arrays, Interactive Annotation multi-dimensional histograms, Clustering Images multiple view geometry, Multiple View Geometry N naive Bayes classifier, Classifying Images—Hand Gesture Recognition ndimage, Affine Transformations ndimage.filters, Computing Disparity Maps normalized cross-correlation, Finding Corresponding Points Between Images normalized cut, 9.2 Segmentation Using Clustering NumPy, Interactive Annotation O objloader, Tying It All Together OCR, Hand Gesture Recognition Again OpenCV, Chapter Overview, OpenCV OpenGL, PyGame and PyOpenGL OpenGL projection matrix, From Camera Matrix to OpenGL Format optic flow, 10.4 Tracking optical axis, Camera Models and Augmented Reality optical center, The Camera Matrix optical character recognition, Hand Gesture Recognition Again optical flow, 10.4 Tracking optical flow equation, 10.4 Tracking outliers, 3.3 Creating Panoramas overfitting, Exercises P panograph, Exercises panorama, 3.3 Creating Panoramas PCA, PCA of Images pickle, PCA of Images, The SciPy Clustering Package, Creating a Vocabulary pickling, PCA of Images piecewise affine warping, Image in Image piecewise constant image model, 9.3 Variational Methods PIL, Basic Image Handling and Processing pin-hole camera, Camera Models and Augmented Reality plane sweeping, 5.4 Stereo Images plot formatting, Plotting Images, Points, and Lines plotting, Create Thumbnails point correspondence, 2.1 Harris Corner Detector pose estimation, 4.3 Pose Estimation from Planes and Markers Prewitt filters, Blurring Images Principal Component Analysis, PCA of Images, 8.2 Bayes Classifier principal point, The Camera Matrix projection, Camera Models and Augmented Reality projection matrix, Camera Models and Augmented Reality projective camera, Camera Models and Augmented Reality projective transformation, Image to Image Mappings pydot, Matching Using Local Descriptors pygame, PyGame and PyOpenGL pygame.image, PyGame and PyOpenGL pygame.locals, PyGame and PyOpenGL Pylab, Create Thumbnails PyOpenGL, PyGame and PyOpenGL pyplot, Exercises pysqlite, Setting Up the Database pysqlite2, Setting Up the Database Python Imaging Library, Basic Image Handling and Processing python-graph, 9.1 Graph Cuts Q quad, From Camera Matrix to OpenGL Format query with image, Querying with an Image quotient image, Exercises R radial basis functions, 8.3 Support Vector Machines ranking using homographies, 7.5 Ranking Results Using Geometry RANSAC, 3.3 Creating Panoramas, 5.3 Multiple View Reconstruction rectified image pair, Bundle adjustment rectifying images, Extracting Cells and Recognizing Characters registration, Piecewise Affine Warping rigid transformation, 3.1 Homographies robust homography estimation, RANSAC ROF, Reading and writing .mat files, 9.3 Variational Methods RQ-factorization, Factoring the Camera Matrix Rudin-Osher-Fatemi de-noising model, Reading and writing .mat files S Scale-Invariant Feature Transform, Finding Corresponding Points Between Images scikit.learn, Exercises Scipy, Using the Pickle Module scipy.cluster.vq, The SciPy Clustering Package, Clustering Images scipy.io, Useful SciPy Modules, Reading and writing .mat files scipy.misc, Reading and writing .mat files scipy.ndimage, Blurring Images, Morphology—Counting Objects, Extracting Cells and Recognizing Characters, Rectifying Images, Exercises scipy.ndimage.filters, Blurring Images, Blurring Images, 2.1 Harris Corner Detector scipy.sparse, Exercises searching images, Searching Images, Adding Images segmentation, Image Segmentation self-calibration, Bundle adjustment separating hyperplane, Using PCA to Reduce Dimensions SfM, The calibrated case—metric reconstruction SIFT, Finding Corresponding Points Between Images similarity matrix, Clustering Images similarity transformation, 3.1 Homographies similarity tree, 6.2 Hierarchical Clustering simplejson, Downloading Geotagged Images from Panoramio, Downloading Geotagged Images from Panoramio single linking, 6.2 Hierarchical Clustering slicing, Array Image Representation Sobel filters, Blurring Images spectral clustering, Clustering Images, 9.2 Segmentation Using Clustering SQLite, Setting Up the Database SSD, Finding Corresponding Points Between Images stereo imaging, Bundle adjustment stereo reconstruction, Bundle adjustment stereo rig, Bundle adjustment stereo vision, Bundle adjustment stitching images, Robust Homography Estimation stop words, Inspiration from Text Mining—The Vector Space Model structure from motion, The calibrated case—metric reconstruction structuring element, Morphology—Counting Objects Sudoku reader, Hand Gesture Recognition Again sum of squared differences, Finding Corresponding Points Between Images Support Vector Machines, Using PCA to Reduce Dimensions support vectors, 8.3 Support Vector Machines SVM, Using PCA to Reduce Dimensions T term frequency, Inspiration from Text Mining—The Vector Space Model term frequency–inverse document frequency, Inspiration from Text Mining—The Vector Space Model text mining, Searching Images tf-idf weighting, Inspiration from Text Mining—The Vector Space Model total variation, Reading and writing .mat files total within-class variance, Clustering Images tracking, 10.4 Tracking triangulation, 5.2 Computing with Cameras and 3D Structure U unpickling, PCA of Images unsharp masking, 1.5 Advanced Example: Image De-Noising urllib, Downloading Geotagged Images from Panoramio V variational methods, 9.3 Variational Methods variational problems, 9.3 Variational Methods vector quantization, The SciPy Clustering Package vector space model, Searching Images vertical field of view, From Camera Matrix to OpenGL Format video, Displaying Images and Results visual codebook, Inspiration from Text Mining—The Vector Space Model visual vocabulary, Inspiration from Text Mining—The Vector Space Model visual words, Inspiration from Text Mining—The Vector Space Model visualizing image distribution, Visualizing the Images on Principal Components VLFeat, Interest Points W warping, Affine Transformations watershed, Inpainting web applications, 7.6 Building Demos and Web Applications webcam, Optical Flow word index, Setting Up the Database X XML, Registering Images xml.dom, Registering Images About the Author Jan Erik Solem is a Python enthusiast and a computer vision researcher and entrepreneur.


pages: 448 words: 84,462

Testing Extreme Programming by Lisa Crispin, Tip House

business logic, c2.com, continuous integration, data acquisition, database schema, Donner party, Drosophila, fail fast, hypertext link, index card, job automation, systems thinking, web application

A team for which Lisa was the tester used the short and frequent releases in XP as an opportunity to try different tools for acceptance-test automation. Here's Lisa's story: When I joined the team, they'd never automated any acceptance tests for the Web applications they were developing. I had been successfully using a vendor tool, WebART, to automate acceptance-test scripts for Web applications in other XP projects. We used this tool for the first release of this new project. We had a dedicated team of testers who learned the tool. We were fairly successful with automation; tests for central functionality were automated.

Ask tangential but targeted questions that allow the respondent to make connections and think of the details. OK, now it's your turn to try these ideas out with an exercise. Exercise 2 Introducing the XTrack Application This and subsequent exercises will be based on a simple but useful XP tracking application named XTrack. XTrack is a Web application that allows our XP team to maintain information about projects, such as their iterations, stories, tasks, and tests, in a central online repository available to all project stakeholders. This application serves several objectives: The project's tracker has a simple way to maintain information about a project, such as estimated and actual time to complete stories, who owns which tasks, and which stories are assigned to each iteration.

We call this the sad path. If a report has an input of a date range, ask yourself what should happen if the "end" date is earlier than the "from" date. Ask what the customer wants to see if the user types special characters into text fields in a GUI form and clicks the Submit button. Ask what should happen if it's a Web application and the user clicks the browser Back and Forward buttons. This is likely to raise cases where you can identify several alternatives, one of which is superior, and you can ask for confirmation. Then think about serious failures and worst-case scenarios, the bad path. What should or will happen when the log fills up?


pages: 196 words: 58,122

AngularJS by Brad Green, Shyam Seshadri

business logic, combinatorial explosion, continuous integration, Firefox, Google Chrome, Kickstarter, MVC pattern, node package manager, single page application, systems thinking, web application, WebSocket

Find us on Facebook: http://facebook.com/oreilly Follow us on Twitter: http://twitter.com/oreillymedia Watch us on YouTube: http://www.youtube.com/oreillymedia Acknowledgments We’d like to give special thanks to Misko Hevery, father of Angular, for having the courage to think very differently about how we write web applications and to drive it into reality; to Igor Minar for bringing stability and structure to the Angular project and for building the roots of today’s awesome open source community; to Vojta Jina for creating many parts of Angular, and for giving us the fastest test runner the world has ever seen; to Naomi Black, John Lindquist, and Mathias Matias Niemelä for their expert editing assistance.

Introduction to AngularJS Our ability to create amazing web-based apps is incredible, but the complexity involved in making these apps is similarly incredible. We on the Angular team wanted to relieve the pain involved with developing AJAX applications. At Google, we’d worked through the hard lessons of building large web applications like Gmail, Maps, Calendar, and several others. We thought we might be able to use these experiences to benefit everyone. We wanted writing web apps to feel more like the first time we wrote a few lines of code and stood back in amazement at what we’d made happen. We wanted the coding process to feel more like creating and less like trying to satisfy the strange inner workings of web browsers.

Concepts There are a few core ideas that you’ll use throughout an Angular app. As it turns out, we didn’t invent any of these. Instead, we’ve borrowed heavily from successful idioms in other development environments and implemented them in a way that embraces HTML, browsers, and many other familiar web standards. Client-Side Templates Multi-page web applications create their HTML by assembling and joining it with data on the server, and then shipping the finished pages up to the browser. Most single-page applications—also known as AJAX apps—do this as well, to some extent. Angular is different in that the template and data get shipped to the browser to be assembled there.


pages: 89 words: 24,277

Designing for Emotion by Aarron Walter

Abraham Maslow, big-box store, cotton gin, en.wikipedia.org, game design, John Gruber, Kickstarter, Skype, software as a service, Steve Jobs, Superbowl ad, Wall-E, web application

FIG 1.1: Dear Rainn Wilson, TMI. The curtain has been drawn back, exposing our humor, grumpiness, concern, stress, and all the other emotions that season our days. As we’ll see in Chapter 3, this honesty is creeping into the personalities we craft for our businesses, and our users are beginning to expect the websites and web applications they visit to reflect a personality that they can relate to. This book is chock-full of examples of a design sensibility that is distinctly human, individual, reflective of a real personality, and honest—all while keeping business goals in mind. You might have some trepidation about how to implement emotional design techniques without boiling your boss’s blood.

We need a new yardstick to measure the success of our designs. We can transcend usability to create truly extraordinary experiences. Usable = Edible If you’re working on the web, chances are you’ve used 37Signals’ handy project management app Basecamp (http://basecamphq.com) (fig 1.4). FIG 1.4: Basecamp, a project management web application. In building Basecamp, 37Signals’ design ethos centered around simplicity and usability. Their design ideas, summed up in Getting Real (http://bkaprt.com/de/2) inspired a generation of web pros to keep designs simple and make sure tasks are easy to complete. 37Signals helped us tackle the bottom of the needs pyramid.

Let’s look at how they leave surprises for customers not in the interface, but in their real, physical mailboxes. Wufoo: a surprisingly personal message Surprise needn’t be limited to the online experience. As we discovered in Chapter 1, Wufoo is skilled at creating emotionally engaging interactions inside their web application, but they also deliver surprises to their users’ mailboxes (the old school kind of mailbox). Though hundreds of thousands of people use their app, the guys that run Wufoo pen personal letters by hand to each of their customers thanking them for their loyalty. In the age of automation and electronic communication, a personal letter from a real person at a company serving thousands of customers is as rare as finding a prancing miniature unicorn in your mailbox.


pages: 319 words: 72,969

Nginx HTTP Server Second Edition by Clement Nedelcu

Debian, fault tolerance, Firefox, Google Chrome, Ruby on Rails, web application

Syntax: on or off Default value: off [ 130 ] www.it-ebooks.info Chapter 4 Random index This module enables a simple directive, random_index, which can be used within a location block in order for Nginx to return an index page selected randomly among the files of the specified directory. This module is not included in the default Nginx build. Syntax: on or off Log This module controls the behavior of Nginx regarding access logs. It is a key module for system administrators as it allows analyzing the runtime behavior of web applications. It is composed of three essential directives: Directive Description access_log This parameter defines the access log file path, the format of entries in the access log by selecting a template name, or disables access logging. Context: http, server, location Syntax: access_log path [format [buffer=size]] | off; Some remarks concerning the directive syntax: • Use access_log off to disable access logging at the current level • The format argument corresponds to a template declared with the log_format directive, described below • If the format argument is not specified, the default format is employed (combined) • You may use variables in the file path [ 131 ] www.it-ebooks.info Module Configuration Directive Description log_format Defines a template to be utilized by the access_log directive, describing the contents that should be included in an entry of the access log.

As explained before, since Apache, or more generally the backend server uses the IP address of the socket it communicates with, the IP that will appear in our design will always be the IP of the server hosting Nginx. We discussed a solution already — inserting the proxy_set_header X-Real-IP $remote_addr; directive in the configuration in order to forward the client IP address in the X-Real-IP header. Unfortunately, that is not enough as some web applications are not configured to make use of the X-Real-IP header. The client remote address needs to be replaced somehow by that value. When it comes to Apache, a module was written to do just that: mod_rpaf. Details on how to install and configure it are not discussed here; you may find more documentation over at the official website: http://stderr.net/ apache/rpaf/.

Whether you have decided that Nginx could be more efficient as a unique server rather than working as a reverse proxy, or simply because you want to get rid of Apache once and for all, this chapter will guide you through the complete process of replacing the latter by the former. This chapter covers: • An in-depth comparison between Apache and Nginx • A full guide to porting your Apache configuration • How to port your Apache rewrite rules to Nginx • Rewrite rule walkthroughs for a few popular web applications Nginx versus Apache This section will provide answers to the main questions that one would ask about Nginx — how does it stand apart from the other servers? How does it compare to Apache? Whether you were using Apache before or considered it as a replacement for your current web server, why would you decide to adopt Nginx at the expense of the web server that empowers nearly half of the Internet websites worldwide?


Service Design Patterns: Fundamental Design Solutions for SOAP/WSDL and RESTful Web Services by Robert Daigneau

Amazon Web Services, business intelligence, business logic, business process, continuous integration, create, read, update, delete, en.wikipedia.org, fault tolerance, loose coupling, machine readable, MITM: man-in-the-middle, MVC pattern, OSI model, pull request, RFC: Request For Comment, Ruby on Rails, software as a service, web application

Unfortunately, if the client crashed, then the server memory allocated for the client might never be released. In addition to these issues, if the process that maintained the client’s session crashed, then the client’s “work-in-progress” would be lost. Why Use Web Services? Web services make it relatively easy to reuse and share common logic with such diverse clients as mobile, desktop, and web applications. The broad reach of web services is possible because they rely on open standards that are ubiquitous, interoperable across different computing platforms, and independent of the underlying execution technologies. All web services, at the very least, use HTTP and leverage data-interchange standards like XML and JSON, and common media types.

Workflow Connector This page intentionally left blank Chapter 6 Web Service Infrastructures Introduction Certain software functions are so generic that they can be used over and over again by different web services and their clients. These functions are collectively referred to as software infrastructure. Frameworks like Java Enterprise Edition (Java EE) and .NET provide the most basic infrastructures for things like web application hosting, database connectivity, and security. Software developers frequently build their own infrastructures on top of these frameworks. Examples include frameworks for Object Relational Mapping (ORM) and workflow management. Software infrastructures like these are the foundation, low-level plumbing and glue used to build modern software.

These policies identify such things as the protocols for authentication, data encryption, data signing, and reliable message delivery. XML has become the dominant way to express service metadata. This information may be formally expressed through interface definition languages (IDLs) like WSDL and the Web Application Description Language (WADL). IDLs like these may be used by services with RPC APIs (18), Message APIs (27), or Resource APIs (38). The primary reason most people use descriptors is to help client developers generate the code for Service Connectors (168). To this end, service metadata may be imported directly into developer tools from web servers or acquired from a Service Registry (220).


pages: 199 words: 47,154

Gnuplot Cookbook by Lee Phillips

bioinformatics, computer vision, functional programming, general-purpose programming language, pattern recognition, statistical model, web application

One hopes that it is used responsibly, for exploration, sharing, and a reasonable amount of plot generation, and not abused. Writing a web GUI for gnuplot This final recipe will teach you how to make your own interactive web application that uses gnuplot to draw a graph in response to user input. It is not a general-purpose GUI for gnuplot as was the subject of the previous recipe, but rather shows one way to use gnuplot as part of a special-purpose web application. Because gnuplot can be controlled through text commands and can create PNG files, which are size-efficient and well supported by current web browsers, it is very well suited to this type of project.

Chapter 7, Programming gnuplot and dealing with data, covers how to use gnuplot's built-in programming constructs as well as its ability to be used from any programming language, and how to use the new volatile data features. Chapter 8, The Third Dimension, shows how to plot surfaces, vectors, heat maps, and lines in a 3D space. Chapter 9, Using and Making Graphical User Interfaces, introduces several GUIs for gnuplot and includes writing a web application with gnuplot on the backend. Chapter 10, Surveying Special Topics, covers several special techniques and applications: mapping; labeled contours; colored and broken axes; pictures; and more. Appendix A, Finding help and information, provides a brief list of sources of gnuplot information and education.

The game can be used to illustrate the elementary principles of ballistics; there are an infinite number of correct solutions that can be calculated with simple physics (there are no advanced complications such as air resistance). The previous figure shows what the game looks like; this is a screenshot taken directly from the browser window. Getting ready We need a few things in place in order to run a web application. Our example will use the Python scripting language for the back end, so we'll need to have a Python interpreter installed. Fortunately, this is very widespread and comes built-in on Macintosh OS X and many other systems; it's also free, open source, and easy to install. In order for Python code to run in response to requests from a web browser, we also need to install a Python web framework.


pages: 350 words: 114,454

Docker: Up & Running: Shipping Reliable Containers in Production by Sean P. Kane, Karl Matthias

Airbnb, Amazon Web Services, business logic, business process, cloud computing, Colossal Cave Adventure, continuous integration, Debian, DevOps, don't repeat yourself, false flag, interchangeable parts, Kubernetes, loose coupling, Lyft, microservices, revision control, software as a service, source of truth, web application

You can probably see how these can be composed into a workflow for building, deploying, and observing applications. But the Docker command-line tool is not the only way to interact with Docker, and it’s not necessarily the most powerful. Docker Engine API Like many other pieces of modern software, the Docker daemon has a remote web application programming interface (API). This is in fact what the Docker commandline tool uses to communicate with the daemon. But because the API is documented and public, it’s quite common for external tooling to use the API directly. This ena‐ bles all manners of tooling, from mapping deployed Docker containers to servers, to automated deployments, to distributed schedulers.

Because of this clean separation between deployment and configuration of your servers, many container-based production systems are now using tools such as HashiCorp’s Packer to build cloud virtual server images and then leveraging Docker to nearly or entirely avoid configuration management systems. Stateless Applications A good example of the kind of application that containerizes well is a web application that keeps its state in a database. Stateless applications are normally designed to immediately answer a single self-contained request, and have no need to track infor‐ mation between requests from one or more clients. You might also run something like ephemeral memcache instances in containers.

Since, by design, containers include all of their dependencies, tests run on containers are very reliable. If a unit test framework says tests were successful against a container image, you can be sure that you will not experience a problem with the versioning of an underlying library at deployment time, for example. That’s not easy with most other technologies, and even Java WAR (Web application ARchive) files, for example, don’t include testing of the application server itself. That same Java application deployed in a Docker container will generally also include an application server like Tomcat, and the whole stack can be smoke-tested before shipping to production. A secondary benefit of shipping applications in Docker containers is that in places where there are multiple applications that talk to each other remotely via something like an API, developers of one application can easily develop against a version of the other service that is currently tagged for the environment they require, like produc‐ tion or staging.


pages: 58 words: 12,386

Big Data Glossary by Pete Warden

business intelligence, business logic, crowdsourcing, fault tolerance, functional programming, information retrieval, linked data, machine readable, natural language processing, recommendation engine, web application

This high-level approach makes it similar to App Engine and Heroku, but because it’s just a wrapper for EC2, you can also log directly into the machines that the code is running on, to debug problems or tweak the environment. It’s still fundamentally designed around the needs of frontend web applications, though, so most data processing problems aren’t a good fit for its approach. Getting started with Elastic Beanstalk Heroku Heroku hosts Ruby web applications, offering a simple deployment process, a lot of free and paid plug-ins, and easy scalability. To ensure that your code can be quickly deployed across a large number of machines, there are some restrictions on things like access to the underlying filesystem, but in general the environment is more flexible than App Engine.

It offers a simplified programming environment for its operators to specify the kind of analysis they want, and then handles converting that into MapReduce jobs behind the scenes. It also has some user-friendly data importing tools, as well as visualization options. It’s a sign of where data processing solutions are headed, as we get better at building interfaces and moving to higher and more powerful abstraction levels. BigSheets IBM’s BigSheets is a web application that lets nontechnical users gather unstructured data from online and internal sources and analyze it to create reports and visualizations. Like Datameer, it uses Hadoop behind the scenes to handle very large amounts of data, along with services like OpenCalais to cope with extracting useful structured information from a soup of unstructured text.


pages: 257 words: 64,973

Intrusion Detection With Snort, Apache, Mysql, Php, and Acid by Rafeeq Ur Rehman

Chuck Templeton: OpenTable:, database schema, Free Software Foundation, information security, stealth mode startup, web application

. # # # config classification:shortname,short description,priority # config classification: not-suspicious,Not Suspicious Traffic,3 config classification: unknown,Unknown Traffic,3 config classification: bad-unknown,Potentially Bad Traffic, 2 config classification: attempted-recon,Attempted Information Leak,2 config classification: successful-recon-limited,Information Leak,2 config classification: successful-recon-largescale,Large Scale Information Leak,2 config classification: attempted-dos,Attempted Denial of Service,2 config classification: successful-dos,Denial of Service,2 config classification: attempted-user,Attempted User Privilege Gain,1 config classification: unsuccessful-user,Unsuccessful User Privilege Gain,1 config classification: successful-user,Successful User Privilege Gain,1 config classification: attempted-admin,Attempted Administrator Privilege Gain,1 config classification: successful-admin,Successful Administrator Privilege Gain,1 # NEW CLASSIFICATIONS config classification: rpc-portmap-decode,Decode of an RPC Query,2 config classification: shellcode-detect,Executable code was detected,1 config classification: string-detect,A suspicious string was detected,3 config classification: suspicious-filename-detect,A suspicious filename was detected,2 config classification: suspicious-login,An attempted login using a suspicious username was detected,2 config classification: system-call-detect,A system call was detected,2 config classification: tcp-connection,A TCP connection was detected,4 config classification: trojan-activity,A Network Trojan was detected, 1 config classification: unusual-client-port-connection,A client was using an unusual port,2 config classification: network-scan,Detection of a Network Scan,3 config classification: denial-of-service,Detection of a Denial of Service Attack,2 config classification: non-standard-protocol,Detection of a non-standard protocol or event,2 config classification: protocol-command-decode,Generic Protocol Command Decode,3 config classification: web-application-activity,access to a potentially vulnerable web application,2 config classification: web-application-attack,Web Application Attack,1 config classification: misc-activity,Misc activity,3 config classification: misc-attack,Misc Attack,2 config classification: icmp-event,Generic ICMP event,3 config classification: kickass-porn,SCORE! Get the lotion!,1 config classification: policy-violation,Potential Corporate Privacy Violation,1 config classification: default-login-attempt,Attempt to login by a default username and password,2 3.6.3 The content Keyword One important feature of Snort is its ability to find a data pattern inside a packet.

Default port numbers for HTTP, HTTPS, and TCP are 80, 443, and 9000 respectively. Cert This is the certificate to be used with HTTPS protocol. It is X.509 client certificate. Key The client private key. Ca The server certificate used for authentication. Server The Common Name or CN for X.509 certificate. Note that XML output is important for much web application development and for integrating Snort into such systems. Some Snort XML parsers exist, including ACID-XML at http://www.maximumunix.org, although these are still in their infancy. 4.2.6.1 Examples Logging to a file "xmlout" on the local host: output xml: log, file=xmlout The date and time will be appended to the name of the file so that data can be saved for multiple Snort sessions.

Creation of this table may take a few seconds on the database server when you run the snortdb-extra script. 5.1.5.2 Sample Entries in Snort Database Tables To give you an idea of what type of entries are present in different tables in the Snort database, let us select some items from the database and display them. Following are some entries from table sig_class. mysql> select * from sig_class; +--------------+--------------------------+ | sig_class_id | sig_class_name | +--------------+--------------------------+ | 9 | attempted-recon | | 8 | misc-attack | | 7 | bad-unknown | | 6 | web-application-activity | +--------------+--------------------------+ 4 rows in set (0.00 sec) mysql> The select command pulls out data from a database and displays it on the screen. You can use the select command after connecting to database using the mysql client. For more information on MySQL commands, refer to Appendix B.


pages: 408 words: 63,990

Build Awesome Command-Line Applications in Ruby: Control Your Computer, Simplify Your Life by David B. Copeland

business logic, Chris Wanstrath, Compatible Time-Sharing System, database schema, en.wikipedia.org, full stack developer, machine readable, Multics, Ruby on Rails, systems thinking, web application

Fortunately, the readline C library is widely available on most systems, and the Ruby standard library contains bindings for it so we can access its power from our app. To learn how to use it, we’re going to implement a JSON browser. JSON is a widely used format in web application APIs, something that command-line applications often need to consume. Sophisticated web applications yield heavily nested JSON objects that can be hard to understand by simply viewing them in the terminal. We’ll make an interactive application that reads a JSON file from disk and allows the user to move around inside it, inspecting bits of it at time.

As a means of demonstrating more clearly what we mean by having a “clear and concise purpose,” each problem-solving app will get an iteration in this chapter. The first version of each app will be naive and then quickly revised to be more single-purpose, so we can see firsthand the level of function we want our apps to have. 1.1 Problem 1: Backing Up Data Suppose our small development team is starting work on our company’s flagship web application. This application is heavily data-driven and highly complex, with many features and edge cases. To build it, we’re going to use an Agile methodology, where we work in two-week “sprints.” In each sprint, we’ll have a list of “user stories” representing the work we’re doing. To officially complete a user story, we’ll need to demonstrate that story functioning properly in a shared development environment.

Tools like JIRA, Bugzilla, and Pivotal Tracker provide a wealth of features for managing the most complex workflows and tasks, all from your web browser. A common technique when programming is to take a large task and break it down into smaller tasks, possibly even breaking those tasks down. Suppose we’re working on a new feature for our company’s flagship web application. We’re going to add a Terms of Service page and need to modify the account sign-up page to require that the user accept the new terms of service. In our company-wide task management tool, we might see a task like “Add Terms of Service Checkbox to Signup Page.” That’s the perfect level of granularity to track the work by our bosses and other interested stakeholders, but it’s too coarse to drive our work.


pages: 523 words: 154,042

Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks by Scott J. Shapiro

3D printing, 4chan, active measures, address space layout randomization, air gap, Airbnb, Alan Turing: On Computable Numbers, with an Application to the Entscheidungsproblem, availability heuristic, Bernie Sanders, bitcoin, blockchain, borderless world, Brian Krebs, business logic, call centre, carbon tax, Cass Sunstein, cellular automata, cloud computing, cognitive dissonance, commoditize, Compatible Time-Sharing System, Computing Machinery and Intelligence, coronavirus, COVID-19, CRISPR, cryptocurrency, cyber-physical system, Daniel Kahneman / Amos Tversky, Debian, Dennis Ritchie, disinformation, Donald Trump, double helix, Dr. Strangelove, dumpster diving, Edward Snowden, en.wikipedia.org, Evgeny Morozov, evil maid attack, facts on the ground, false flag, feminist movement, Gabriella Coleman, gig economy, Hacker News, independent contractor, information security, Internet Archive, Internet of things, invisible hand, John Markoff, John von Neumann, Julian Assange, Ken Thompson, Larry Ellison, Laura Poitras, Linda problem, loss aversion, macro virus, Marc Andreessen, Mark Zuckerberg, Menlo Park, meta-analysis, Minecraft, Morris worm, Multics, PalmPilot, Paul Graham, pirate software, pre–internet, QWERTY keyboard, Ralph Nader, RAND corporation, ransomware, Reflections on Trusting Trust, Richard Stallman, Richard Thaler, Ronald Reagan, Satoshi Nakamoto, security theater, Shoshana Zuboff, side hustle, Silicon Valley, Skype, SoftBank, SQL injection, Steve Ballmer, Steve Jobs, Steven Levy, Stuxnet, supply-chain attack, surveillance capitalism, systems thinking, TaskRabbit, tech billionaire, tech worker, technological solutionism, the Cathedral and the Bazaar, the new new thing, the payments system, Turing machine, Turing test, Unsafe at Any Speed, vertical integration, Von Neumann architecture, Wargames Reagan, WarGames: Global Thermonuclear War, Wayback Machine, web application, WikiLeaks, winner-take-all economy, young professional, zero day, éminence grise

It is the main language used for database searches on the web. When you enter your username and password into a log-in page or search for a book on a website, you are most likely using SQL. SQL enables a web application to search through a database potentially housed on a remote server for an inputted term and deliver information associated with the term back to the client. Thus, if I input “Fancy Bear Goes Phishing” in the search bar on a book website, the web application using SQL will find the book’s web page and deliver its file to my browser. To take a simple example, suppose Tom wants to retrieve his account information from www.example.com.

And Paris Hilton paid the price. The explanation of how Paris Hilton’s phone was hacked is, therefore, complex. Cameron LaCroix was able to breach T-Mobile’s web application not simply because the authentication downcode was glitchy. T-Mobile’s corporate upcode was glitchy as well. Because T-Mobile did not give adequate training to its store managers, a sixteen-year-old boy was able to get the password to its internal systems. And because the company was in such a rush to push out web applications for the Sidekick, testing was inadequate. But T-Mobile’s corporate upcode was buggy because the legal upcode was buggy as well.

Each user browsing the web is under the illusion that they are the only person accessing the remote computer, that they have the server all to themselves. Moreover, each user’s information is kept separate from the data of other users, thus ensuring a degree of security. Finally, the developer of the web application need not worry about whether the application is running in a browser on a Windows or a UNIX system. The browser client and server software sweats those details. It was easy to miss how internet browsers could be part of an operating system because early web pages were static. They simply presented information for the user to read or links for the user to navigate to other pages or sites.


Machine Learning Design Patterns: Solutions to Common Challenges in Data Preparation, Model Building, and MLOps by Valliappa Lakshmanan, Sara Robinson, Michael Munn

A Pattern Language, Airbnb, algorithmic trading, automated trading system, business intelligence, business logic, business process, combinatorial explosion, computer vision, continuous integration, COVID-19, data science, deep learning, DevOps, discrete time, en.wikipedia.org, Hacker News, industrial research laboratory, iterative process, Kubernetes, machine translation, microservices, mobile money, natural language processing, Netflix Prize, optical character recognition, pattern recognition, performance metric, recommendation engine, ride hailing / ride sharing, selection bias, self-driving car, sentiment analysis, speech recognition, statistical model, the payments system, web application

At the time that this book is being written, developers can access the Discovery API from Java, PHP, .NET, JavaScript, Objective-C, Dart, Ruby, Node.js, and Go. Powerful ecosystem Because web application frameworks are so widely used, there is a lot of tooling available to measure, monitor, and manage web applications. If we deploy the ML model to a web application framework, the model can be monitored and throttled using tools that software reliability engineers (SREs), IT administrators, and DevOps personnel are familiar with. They do not have to know anything about machine learning. Similarly, your business development colleagues know how to meter and monetize web applications using API gateways. They can carry over that knowledge and apply it to metering and monetizing machine learning models.

For example, we can invoke the serving function from within Cloud Functions as follows: serving_fn = None def handler(request): global serving_fn if serving_fn is None: serving_fn = (tf.keras.models.load_model(export_path) .signatures['serving_default']) request_json = request.get_json(silent=True) if request_json and 'review' in request_json: review = request_json['review'] outputs = serving_fn(full_text_input=tf.constant([review])) return outputs['positive_review_logits'] Note that we should be careful to define the serving function as a global variable (or a singleton class) so that it isn’t reloaded in response to every request. In practice, the serving function will be reloaded from the export path (on Google Cloud Storage) only in the case of cold starts. Why It Works The approach of exporting a model to a stateless function and deploying the stateless function in a web application framework works because web application frameworks offer autoscaling, can be fully managed, and are language neutral. They are also familiar to software and business development teams who may not have experience with machine learning. This also has benefits for agile development—an ML engineer or data scientist can independently change the model, and all the application developer needs to do is change the endpoint they are accessing.

For example, they need to be initialized on the first request and destroyed when the client terminates or times out. Because of these factors, stateless components are highly scalable, whereas stateful components are expensive and difficult to manage. When designing enterprise applications, architects are careful to minimize the number of stateful components. Web applications, for example, are often designed to work based on REST APIs, and these involve transfer of state from the client to the server with each call. In a machine learning model, there is a lot of state captured during training. Things like the epoch number and learning rate are part of a model’s state and have to be remembered because typically, the learning rate is decayed with each successive epoch.


pages: 211 words: 37,094

JQuery Pocket Reference by David Flanagan

Firefox, functional programming, post-work, web application

Chapter 1. Introduction to jQuery JavaScript has an intentionally simple core API and an overly complicated client-side API that is marred by major incompatibilities between browsers. The arrival of IE9 eliminates the worst of those incompatibilities, but many programmers find it easier to write web applications using a JavaScript framework or utility library to simplify common tasks and hide the differences between browsers. At the time of this writing, jQuery is one of the most popular and widely used of these libraries. Because it has become so widely used, web developers should be familiar with the jQuery library: even if you don’t use it in your own code, you are likely to encounter it in code written by others.

Once you have the code, you can include it in your web pages with a <script> tag: <script src="jquery-1.4.4.min.js"></script> At the time of this writing, the current version of jQuery is 1.4.4. The “min” in the filename above indicates that this is the minimized version of the library, with unnecessary comments and whitespace removed, and internal identifiers replaced with shorter ones. Another way to use jQuery in your web applications is to allow a content distribution network to serve it using a URL like one of these: http://code.jquery.com/jquery-1.4.4.min.js http://ajax.microsoft.com/ajax/jquery/jquery-1.4.4.min.js http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js Replace the “1.4.4” version number in the URLs above as necessary.

$("#logoff").click(function() { $.event.trigger("logoff"); // Broadcast an event window.location = "logoff.php"; // Go to a new page }); We’ll see in Ajax Events that jQuery’s Ajax methods broadcast custom events like this to notify interested listeners. Live Events The bind() method binds event handlers to specific document elements, just as addEventListener() and attachEvent() do. But web applications that use jQuery often dynamically create new elements. If we’ve used bind() to bind an event handler to all <a> elements in the document, and then we create new document content with new <a> elements, those new elements will not have the same event handlers as the old ones, so they will behave differently.


pages: 272 words: 52,204

Android 3. 0 Application Development Cookbook by Kyle Merrifield Mew

Google Chrome, QWERTY keyboard, social web, web application

Amongst other things he has also been a soldier, a cartoonist, a teacher, a charity fundraiser, and a web designer. Kyle has been programming since the early eighties, has written for several technology websites, and also done three radio plays. About the Reviewers Md. Mahmud Ahsan has been developing web applications for over six years. He has developed some medium to large web applications and was also an architect on some web applications. He's a Zend Certified Engineer and an expert in Facebook, Linkedin, Twitter, Twilio API, and mashup application development. Beside his full time freelance work, he blogs at http://thinkdiff.net and writes articles on different technologies, especially Facebook application development.

For the past year he's been developing iOS applications as a hobby and also developed some android applications. He lives in Bangladesh with his wife Jinat. Currently he's working as a Freelancer, managing and developing social web applications and iOS applications. He publishes his own iOS applications at http://ithinkdiff.net. He was a technical reviewer for the titles Zend Framework 1.8 Web Application Development and PHP jQuery Cookbook by Packt. I'm very grateful to my father who bought a computer for me in 2001, since then I have loved programming and working with various technologies. Dr. Frank Grützmacher has spent some years in the research of distributed electronic design tools and worked for several German blue chip companies such as Deutsche Post and AEG.


pages: 201 words: 63,192

Graph Databases by Ian Robinson, Jim Webber, Emil Eifrem

Amazon Web Services, anti-pattern, bioinformatics, business logic, commoditize, corporate governance, create, read, update, delete, data acquisition, en.wikipedia.org, fault tolerance, linked data, loose coupling, Network effects, recommendation engine, semantic web, sentiment analysis, social graph, software as a service, SPARQL, the strength of weak ties, web application

One of the big advantages of conducting performance testing over the course of an application’s development lifecycle, rather than at the end, is that failures and regressions can very often be tied back to a recent piece of development; this allows you to diagnose, pinpoint and remedy issues rapidly and succinctly. For generating load, you’ll need a load-generating agent. For Web applications, there are several open source stress and load testing tools available, including Grinder, JMeter and Gatling.11 When testing load balanced Web applications, you should ensure your test clients are distributed across different IP addresses so that requests are balanced across the cluster. 11. See http://grinder.sourceforge.net/, http://jmeter.apache.org/ and http://gatling-tool.org/.

Describe the Model in Terms of Your Application’s Needs The questions you need to ask of the data help identify entities and relationships. Agile user stories provide a concise means for expressing an outside-in, user-centred view of 57 an application’s needs, and the questions that arise in the course of satisfying this need. Here’s an example of a user story for a book review Web application: 1 AS A reader who likes a book, I WANT to know which books other readers who like the same book have liked, SO THAT I can find other books to read This story expresses a user need, which motivates the shape and content of our data model. From a data modeling point of view, the AS A clause establishes a context com‐ prising two entities—a reader and a book—plus the LIKES relationship that connects them.

When it comes to applying a graph database to a real-world problem, with real-world technical and business constraints, organisations choose graph databases for the following reasons: 1. “Minutes to milliseconds” performance. Query performance and responsiveness are top of many organisations’ concerns with regard to their data platforms. Online transactional systems, large Web applications in particular, must respond to endusers in milliseconds if they are to be successful. In the relational world, as an application’s dataset size grows, join pains begin to manifest themselves, and per‐ formance deteriorates. Using index-free adjacency, a graph database turns complex joins into fast graph traversals, thereby maintaining millisecond performance ir‐ respective of the overall size of the dataset. 2.


RDF Database Systems: Triples Storage and SPARQL Query Processing by Olivier Cure, Guillaume Blin

Amazon Web Services, bioinformatics, business intelligence, cloud computing, database schema, fault tolerance, folksonomy, full text search, functional programming, information retrieval, Internet Archive, Internet of things, linked data, machine readable, NP-complete, peer-to-peer, performance metric, power law, random walk, recommendation engine, RFID, semantic web, Silicon Valley, social intelligence, software as a service, SPARQL, sparse data, web application

TDB is a component of Jena allowing a fast persistent triples store (directly to disk) supporting the full range of Jena APIs. This system is defined in detail in Chapter 5. Similarly to Jena, Sesame is a framework for the development of Semantic Web applications and proposes an RDF store. Its mature set of APIs is used in several RDF stores, such as Virtuoso, GraphDB, and Bigdata. To develop a Semantic Web application an ontology and knowledge base editor is necessary. Protégé seems to be the most relevant choice and is the most widely used editor. It’s a free, open-source framework that can be envisioned as a plugin platform. Many plugins are available on the Protégé website (http://protege.stanford. edu/) concerning reasoners, visualization, and backends.

Therefore, there is a total freedom about the format of generated, stored, queried, and manipulated data. Nevertheless, best practices of the major industrial and opensource actors bring forward some popular formats such as XLS, CSV, XML, JSON, and RDF. The main advantages of JSON are its simplicity, flexibility (it’s schemaless), and native processing support for most Web applications due to a tight integration with the JavaScript programming language. But RDF is not without assets. For example, as a semi-structured data model, RDF data sets can be described with expressive schema languages, such as RDF Schema (RDFS) or Web Ontology Language (OWL), and can be linked to other documents present on the Web, forming the Linked Data movement.

Each one having its own peculiarities and facilitating the management of some particular kind of data: view of a database as a storage solution for persisting a value (key-value stores), allowing more flexibility about stored data (document stores), managing use cases like relationships (graph databases), or aggregating data (column databases). These systems have frequently been used to store various system logs, some components of social networks, or shopping carts in e-commerce web applications. But recently, new domains such as science and finance have started to be interested in these systems. NoSQL systems are becoming so popular that even database giants like Oracle, IBM, and Microsoft are enriching their offers to match some of the NoSQL features. 2.2.2 CAP and BASE The CAP conjecture was proposed by Eric Brewer in 2000 (Brewer, 2000).


pages: 255 words: 76,495

The Facebook era: tapping online social networks to build better products, reach new audiences, and sell more stuff by Clara Shih

Benchmark Capital, business process, call centre, Clayton Christensen, cloud computing, commoditize, conceptual framework, corporate governance, crowdsourcing, glass ceiling, jimmy wales, Marc Benioff, Mark Zuckerberg, Metcalfe’s law, Network effects, pets.com, pre–internet, rolodex, Salesforce, Savings and loan crisis, semantic web, sentiment analysis, Sheryl Sandberg, Silicon Valley, Silicon Valley startup, social graph, social web, software as a service, tacit knowledge, Tony Hsieh, web application

The MyStarbucksIdea application and Appirio’s Jobs4MyFriends recruiting application previously profiled were both built using Force.com for Facebook. And of course salesforce.com itself is investing in making its Web applications more socially aware and better integrated with the various social graphs, such as our Service Cloud initiative discussed in Chapter 4,“Social Sales.” At a more fundamental level, business professionals are recognizing a growing disparity between the powerful, easy-to-use Web applications they use at home versus the unwieldy, outdated systems they use at work. Gartner Research calls it “IT consumerization.” Flatter, More Productive Organizations Enterprise social networking fosters greater openness and transparency within organizations as well as beyond organizational boundaries.

Web 2.0 gave rise to the next generation of applications, which allowed anyone to participate, such as through posting a video on YouTube or tagging photos on Flickr. Now, though, we have evolved to an entirely new level with Web 3.0—an era that is entirely about innovation and collaboration. Cloud computing is enabling this new era by democratizing innovation. Today, anyone with an Internet connection can create even very complex and robust Web applications without any of the onerous infrastructure investment once required. Just look at the salesforce.com developer community, which now has over 450 independent software vendor (ISV) partners and 100,000 developers from around the world. Together, they have created more than 800 new applications now available on the AppExchange, our online marketplace for business Software-asa-service apps and for which Clara Shih currently serves as product line director.

I am grateful for the many lessons I learn each day from my AppExchange team at salesforce.com—Ryan Ellis, Ed Park, Sara Bright (Varni), Marie Laxague Rosecrans, Leyla Seka, and Eugene Feldman. I couldn’t have asked for a better group of people in my first management role. Their great ideas and unwavering commitment to excellence are forging a new experience for customers to find and buy Web applications to run better businesses. I would also like to thank: My brother, Vic, who is a leading scholar on China’s financial and political systems, real estate markets, and investment landscape. The guidance and inspiration he provided from his experience completing his first book have been invaluable.


pages: 960 words: 125,049

Mastering Ethereum: Building Smart Contracts and DApps by Andreas M. Antonopoulos, Gavin Wood Ph. D.

air gap, Amazon Web Services, bitcoin, blockchain, business logic, continuous integration, cryptocurrency, Debian, digital divide, Dogecoin, domain-specific language, don't repeat yourself, Edward Snowden, en.wikipedia.org, Ethereum, ethereum blockchain, fault tolerance, fiat currency, Firefox, functional programming, Google Chrome, information security, initial coin offering, intangible asset, Internet of things, litecoin, machine readable, move fast and break things, node package manager, non-fungible token, peer-to-peer, Ponzi scheme, prediction markets, pull request, QR code, Ruby on Rails, Satoshi Nakamoto, sealed-bid auction, sharing economy, side project, smart contracts, transaction costs, Turing complete, Turing machine, Vickrey auction, Vitalik Buterin, web application, WebSocket

The Third Age of the Internet In 2004 the term “Web 2.0” came to prominence, describing an evolution of the web toward user-generated content, responsive interfaces, and interactivity. Web 2.0 is not a technical specification, but rather a term describing the new focus of web applications. The concept of DApps is meant to take the World Wide Web to its next natural evolutionary stage, introducing decentralization with peer-to-peer protocols into every aspect of a web application. The term used to describe this evolution is web3, meaning the third “version” of the web. First proposed by Dr. Gavin Wood, web3 represents a new vision and focus for web applications: from centrally owned and managed applications, to applications built on decentralized protocols. In later chapters we’ll explore the Ethereum web3.js JavaScript library, which bridges JavaScript applications that run in your browser with the Ethereum blockchain.

IPFS The Inter-Planetary File System (IPFS) is a decentralized content-addressable storage system that distributes stored objects among peers in a P2P network. “Content addressable” means that each piece of content (file) is hashed and the hash is used to identify that file. You can then retrieve any file from any IPFS node by requesting it by its hash. IPFS aims to replace HTTP as the protocol of choice for delivery of web applications. Instead of storing a web application on a single server, the files are stored on IPFS and can be retrieved from any IPFS node. More information about IPFS can be found at https://ipfs.io. Swarm Swarm is another content-addressable P2P storage system, similar to IPFS. Swarm was created by the Ethereum Foundation, as part of the Go-Ethereum suite of tools.

Also may refer to a contract named “The DAO” launched on April 30, 2016, which was then hacked in June 2016; this ultimately motivated a hard fork (codenamed DAO) at block #1,192,000, which reversed the hacked DAO contract and caused Ethereum and Ethereum Classic to split into two competing systems. DApp Decentralized application. At a minimum, it is a smart contract and a web user interface. More broadly, a DApp is a web application that is built on top of open, decentralized, peer-to-peer infrastructure services. In addition, many DApps include decentralized storage and/or a message protocol and platform. Deed Non-fungible token (NFT) standard introduced by the ERC721 proposal. Unlike ERC20 tokens, deeds prove ownership and are not interchangeable, though they are not recognized as legal documents in any jurisdiction — at least not currently (see also “NFT”).


Designing Interfaces by Jenifer Tidwell

A Pattern Language, business intelligence, cognitive load, crowdsourcing, Firefox, longitudinal study, school vouchers, seminal paper, social software, social web, sorting algorithm, the long tail, Tony Hsieh, web application

Combo boxes’ drop-down menus might have funky layouts, like color grids or sliders, instead of the standard column of text items. You might see web applications that look like document-centered paint programs, but have no menu bars, and save the finished work only to a database somewhere. The freeform-ness of web pages seems to have taught users to relax their expectations with respect to graphics and interactivity. It’s OK now to break the old Windows style-guide strictures, as long as users can figure out what you’re doing. And that’s the hard part. Some applications, devices, and web applications are easy to use. Many aren’t. Following style guides never guaranteed usability anyhow, but now designers have even more choices than before (which, paradoxically, can make design a lot harder).

If you design interfaces today, you work with a much bigger palette of components and ideas. You have a choice of many more user interface toolkits than before, such as the Java toolkits, HTML/CSS, JavaScript, Flash, and numerous open source options. Apple’s and Microsoft’s native UI toolkits are richer and nicer-looking than they used to be. Display technology is better. Web applications often look as professionally designed as the websites they’re embedded in, and some of those web sensibilities have migrated back into desktop applications in the form of blue underlined links, Back/Next buttons, beautiful fonts and background images, and non-gray color schemes. But it’s still not easy to design good interfaces.

Even if the interface obeys all the standards, you may have misunderstood users’ preferred workflow, used the wrong vocabulary, or made it too hard to figure out what the software even does. Impatient users often won’t give you the benefit of the doubt. Worse, if you’ve built an unusable website or web application, frustrated users can give up and switch to your competitor with just the click of a button. So the cost of building a mediocre interface is higher than it used to be, too. Devices like phones, TVs, and car dashboards once were the exclusive domain of industrial designers. But now those devices have become smart.


pages: 561 words: 157,589

WTF?: What's the Future and Why It's Up to Us by Tim O'Reilly

"Friedman doctrine" OR "shareholder theory", 4chan, Affordable Care Act / Obamacare, Airbnb, AlphaGo, Alvin Roth, Amazon Mechanical Turk, Amazon Robotics, Amazon Web Services, AOL-Time Warner, artificial general intelligence, augmented reality, autonomous vehicles, barriers to entry, basic income, behavioural economics, benefit corporation, Bernie Madoff, Bernie Sanders, Bill Joy: nanobots, bitcoin, Blitzscaling, blockchain, book value, Bretton Woods, Brewster Kahle, British Empire, business process, call centre, Capital in the Twenty-First Century by Thomas Piketty, Captain Sullenberger Hudson, carbon tax, Carl Icahn, Chuck Templeton: OpenTable:, Clayton Christensen, clean water, cloud computing, cognitive dissonance, collateralized debt obligation, commoditize, computer vision, congestion pricing, corporate governance, corporate raider, creative destruction, CRISPR, crowdsourcing, Danny Hillis, data acquisition, data science, deep learning, DeepMind, Demis Hassabis, Dennis Ritchie, deskilling, DevOps, Didi Chuxing, digital capitalism, disinformation, do well by doing good, Donald Davies, Donald Trump, Elon Musk, en.wikipedia.org, Erik Brynjolfsson, fake news, Filter Bubble, Firefox, Flash crash, Free Software Foundation, fulfillment center, full employment, future of work, George Akerlof, gig economy, glass ceiling, Glass-Steagall Act, Goodhart's law, Google Glasses, Gordon Gekko, gravity well, greed is good, Greyball, Guido van Rossum, High speed trading, hiring and firing, Home mortgage interest deduction, Hyperloop, income inequality, independent contractor, index fund, informal economy, information asymmetry, Internet Archive, Internet of things, invention of movable type, invisible hand, iterative process, Jaron Lanier, Jeff Bezos, jitney, job automation, job satisfaction, John Bogle, John Maynard Keynes: Economic Possibilities for our Grandchildren, John Maynard Keynes: technological unemployment, John Zimmer (Lyft cofounder), Kaizen: continuous improvement, Ken Thompson, Kevin Kelly, Khan Academy, Kickstarter, Kim Stanley Robinson, knowledge worker, Kodak vs Instagram, Lao Tzu, Larry Ellison, Larry Wall, Lean Startup, Leonard Kleinrock, Lyft, machine readable, machine translation, Marc Andreessen, Mark Zuckerberg, market fundamentalism, Marshall McLuhan, McMansion, microbiome, microservices, minimum viable product, mortgage tax deduction, move fast and break things, Network effects, new economy, Nicholas Carr, Nick Bostrom, obamacare, Oculus Rift, OpenAI, OSI model, Overton Window, packet switching, PageRank, pattern recognition, Paul Buchheit, peer-to-peer, peer-to-peer model, Ponzi scheme, post-truth, race to the bottom, Ralph Nader, randomized controlled trial, RFC: Request For Comment, Richard Feynman, Richard Stallman, ride hailing / ride sharing, Robert Gordon, Robert Metcalfe, Ronald Coase, Rutger Bregman, Salesforce, Sam Altman, school choice, Second Machine Age, secular stagnation, self-driving car, SETI@home, shareholder value, Silicon Valley, Silicon Valley startup, skunkworks, Skype, smart contracts, Snapchat, Social Responsibility of Business Is to Increase Its Profits, social web, software as a service, software patent, spectrum auction, speech recognition, Stephen Hawking, Steve Ballmer, Steve Jobs, Steven Levy, Stewart Brand, stock buybacks, strong AI, synthetic biology, TaskRabbit, telepresence, the built environment, the Cathedral and the Bazaar, The future is already here, The Future of Employment, the map is not the territory, The Nature of the Firm, The Rise and Fall of American Growth, The Wealth of Nations by Adam Smith, Thomas Davenport, Tony Fadell, Tragedy of the Commons, transaction costs, transcontinental railway, transportation-network company, Travis Kalanick, trickle-down economics, two-pizza team, Uber and Lyft, Uber for X, uber lyft, ubercab, universal basic income, US Airways Flight 1549, VA Linux, warehouse automation, warehouse robotics, Watson beat the top human players on Jeopardy!, We are the 99%, web application, Whole Earth Catalog, winner-take-all economy, women in the workforce, Y Combinator, yellow journalism, zero-sum game, Zipcar

Control over standards for displaying content and applications in the browser would, in theory, give Netscape the kind of market power enjoyed by Microsoft in the PC market. In the end, both web browsers and web servers turned out to be commodities, and value moved up the stack to services delivered over the true web platform. Google, by contrast, began its life as a native web application, never sold or packaged, but delivered as a service, with customers paying, directly or indirectly, for the use of that service. None of the trappings of the old software industry were present. No scheduled software releases, just continuous improvement. No licensing or sale, just usage. No porting to different platforms so that customers can run the software on their own equipment, just a massively scalable collection of commodity PCs running open source operating systems plus homegrown applications and utilities that no one outside the company ever gets to see.

This idea was expressed by another of the principles I laid out in the paper, which I called “Software Above the Level of a Single Device,” using a phrase first introduced by Microsoft open source lead David Stutz in his open letter to the company when he left in 2003. The implications of this principle continue to unfold. When I first wrote about the idea of software above the level of a single device, I wasn’t just thinking about web applications like Google but also hybrid applications like iTunes, which used three tiers of software—a cloud-based music store, a personal PC-based application, and a handheld device (at the time, the iPod). Today’s applications are even more complex. Consider Uber. The system (it’s hard to call it an “application” anymore) simultaneously spans code running in Uber’s data centers, on GPS satellites and real-time traffic feeds, and apps on the smartphones of hundreds of thousands of drivers and of millions of passengers, in a complex choreography of data and devices.

The system (it’s hard to call it an “application” anymore) simultaneously spans code running in Uber’s data centers, on GPS satellites and real-time traffic feeds, and apps on the smartphones of hundreds of thousands of drivers and of millions of passengers, in a complex choreography of data and devices. HARNESSING COLLECTIVE INTELLIGENCE Another key to what distinguished the web applications that survived the dot-com bust from those that died was that the survivors all, in one way or another, worked to harness the collective intelligence of their users. Google is an aggregator of hundreds of millions of websites built by people all over the world, and uses hidden signals from its own users and from the people who create those websites to rank and organize them.


pages: 678 words: 159,840

The Debian Administrator's Handbook, Debian Wheezy From Discovery to Mastery by Raphaal Hertzog, Roland Mas

bash_history, Debian, distributed generation, do-ocracy, en.wikipedia.org, end-to-end encryption, failed state, Firefox, Free Software Foundation, GnuPG, Google Chrome, Jono Bacon, MITM: man-in-the-middle, Neal Stephenson, NP-complete, precautionary principle, QWERTY keyboard, RFC: Request For Comment, Richard Stallman, Skype, SpamAssassin, SQL injection, Valgrind, web application, zero day, Zimmermann PGP

Other Security-Related Considerations Security is not just a technical problem; more than anything, it's about good practices and understanding the risks. This section reviews some of the more common risks, as well as a few best practices which should, depending on the case, increase security or lessen the impact of a successful attack. 14.5.1. Inherent Risks of Web Applications The universal character of web applications led to their proliferation. Several are often run in parallel: a webmail, a wiki, some groupware system, forums, a photo gallery, a blog, and so on. Many of those applications rely on the “LAMP” (Linux, Apache, MySQL, PHP) stack. Unfortunately, many of those applications were also written without much consideration for security problems.

VOCABULARY SQL injection When a program inserts data into SQL queries in an insecure manner, it becomes vulnerable to SQL injections; this name covers the act of changing a parameter in such a way that the actual query executed by the program is different from the intended one, either to damage the database or to access data that should normally not be accessible. → http://en.wikipedia.org/wiki/SQL_Injection Updating web applications regularly is therefore a must, lest any cracker (whether a professional attacker or a script kiddy) can exploit a known vulnerability. The actual risk depends on the case, and ranges from data destruction to arbitrary code execution, including web site defacement. 14.5.2. Knowing What To Expect A vulnerability in a web application is often used as a starting point for cracking attempts. What follows is a short review of possible consequences. QUICK LOOK Filtering HTTP queries Apache 2 includes modules allowing filtering incoming HTTP queries.

For instance, limiting the length of parameters can prevent buffer overflows. More generally, one can validate parameters before they are even passed to the web application and restrict access along many criteria. This can even be combined with dynamic firewall updates, so that a client infringing one of the rules is banned from accessing the web server for a given period of time. Setting up these checks can be a long and cumbersome task, but it can pay off when the web application to be deployed has a dubious track record where security is concerned. mod-security (in the libapache-mod-security package) is the main such module.


pages: 25 words: 5,789

Data for the Public Good by Alex Howard

"World Economic Forum" Davos, 23andMe, Atul Gawande, Cass Sunstein, cloud computing, crowdsourcing, data science, Hernando de Soto, Internet of things, Kickstarter, lifelogging, machine readable, Network effects, openstreetmap, Silicon Valley, slashdot, social intelligence, social software, social web, web application

The challenge is for the men and women entrusted with coordinating response to identify signals in the noise. First responders and crisis managers are using a growing suite of tools for gathering information and sharing crucial messages internally and with the public. Structured social data and geospatial mapping suggest one direction where these tools are evolving in the field. A web application from ESRI deployed during historic floods in Australia demonstrated how crowdsourced social intelligence provided by Ushahidi can enable emergency social data to be integrated into crisis response in a meaningful way. The Australian flooding web app includes the ability to toggle layers from OpenStreetMap, satellite imagery, and topography, and then filter by time or report type.

The interactions of citizens with companies or government entities generate a huge amount of economically valuable data. If consumers and regulators had access to that data, they could tap it to make better choices about everything from finance to healthcare to real estate, much in the same way that web applications like Hipmunk and Zillow let consumers make more informed decisions. Personal Data Assets When a trend makes it to the World Economic Forum (WEF) in Davos, it’s generally evidence that the trend is gathering steam. A report titled “Personal Data Ownership: The Emergence of a New Asset Class” suggests that 2012 will be the year when citizens start thinking more about data ownership, whether that data is generated by private companies or the public sector.


pages: 255 words: 78,207

Web Scraping With Python: Collecting Data From the Modern Web by Ryan Mitchell

AltaVista, Amazon Web Services, Apollo 13, cloud computing, Computing Machinery and Intelligence, data science, en.wikipedia.org, Firefox, Guido van Rossum, information security, machine readable, meta-analysis, natural language processing, optical character recognition, random walk, self-driving car, Turing test, web application

His router stamps its own IP address on the packet as the “from” IP address, and sends it off across the Internet. 3. Bob’s packet traverses several intermediary servers, which direct his packet toward the correct physical/wired path, on to Alice’s server. 4. Alice’s server receives the packet, at her IP address. 5. Alice’s server reads the packet port destination (almost always port 80 for web applications, this can be thought of as something like an “apartment number” for packet data, where the IP address is the “street address”), in the header, and passes it off to the appropriate application – the web server application. 6. The web server application receives a stream of data from the server processor.

It doesn’t matter if the applications are written by different programmers, with different architectures, or even in different languages—APIs are designed to serve as a lingua franca between different pieces of software that need to share information with each other. Although various APIs exist for a variety of different software applications, in recent times “API” has been commonly understood as meaning “web application API.” Typi‐ cally, a programmer will make a request to an API via HTTP for some type of data, and the API will return this data in the form of XML or JSON. Although most APIs still support XML, JSON is quickly becoming the encoding protocol of choice. If taking advantage of a ready-to-use program to get information prepackaged in a useful format seems like a bit of a departure from the rest of this book, well, it is and it isn’t.

The following gives a quick demonstration of how Python’s JSON library handles the different values that might be encountered in a JSON string: import json jsonString = '{"arrayOfNums":[{"number":0},{"number":1},{"number":2}], "arrayOfFruits":[{"fruit":"apple"},{"fruit":"banana"}, {"fruit":"pear"}]}' jsonObj = json.loads(jsonString) print(jsonObj.get("arrayOfNums")) print(jsonObj.get("arrayOfNums")[1]) print(jsonObj.get("arrayOfNums")[1].get("number")+ jsonObj.get("arrayOfNums")[2].get("number")) print(jsonObj.get("arrayOfFruits")[2].get("fruit")) The output of which is: [{'number': 0}, {'number': 1}, {'number': 2}] {'number': 1} 3 pear Line 1 is a list of dictionary objects, line 2 is a dictionary object, line 3 is an integer (the sum of the integers accessed in the dictionaries), and line 4 is a string. Bringing It All Back Home Although the raison d'être of many modern web applications is to take existing data and format it in a more appealing way, I would argue that this isn’t very interesting thing to do in most instances. If you’re using an API as your only data source, the best you can do is merely copy someone else’s database that already exists, and which is, essentially, already published.


pages: 161 words: 30,412

Creating Development Environments With Vagrant - Second Edition by Michael Peacock

Amazon Web Services, cloud computing, continuous integration, Debian, domain-specific language, web application

Note Supervisord is the name of the software, however, the Puppet module we are going to use to manage supervisord is called supervisor (no "d")—so watch out for that! Supervisord is a tool that maintains a number of running processes, for example, if you have a background worker in a web application to resize images, the supervisor might be responsible for keeping five workers running at any one instance, respawning them when one has finished. The following is an example of how this module would be used in a default Puppet manifest: supervisor::service { 'resize_images': ensure => present, command => '/usr/bin/php /vagrant/app/console img:resize', user => 'root', group => 'root', autorestart => true, startsecs => 0, num_procs => 5, require => [ Package['php5-cli'], Package['beanstalkd'] ]; } supervisor::service { email': ensure => present, command => '/usr/bin/php /vagrant/app/console email', user => 'root', group => 'root', autorestart => true, startsecs => 0, num_procs => 5, require => [ Package['php5-cli'], Package['beanstalkd'] ]; } Here, we are instructing Puppet to use the supervisord module twice to set up and manage two workers for us.

If, for instance, we want to map a public folder within our web servers root directory to a folder within our Vagrant shared folder, we can do this as follows: - name: make our Vagrant synced folder our web root file: src=/vagrant dest=/var/www/site owner=www-data group=www-data state=link Creating folders We can also use the file resource type to create folders; this is particularly useful for scenarios such as folders to hold files (avatars, attachments, and so on) uploaded by users of a web application: - name: create an uploads folder file: path=/var/www/uploads owner=www-data group=www-data mode=0777 state=directory We can use the mode parameter to set the permissions of the folder, and the owner and group parameters to set the user and groups who own the directory (these also can be used for files we create and manage too).

If, for instance, we want to map a public folder within our web server's root directory to a folder within our Vagrant shared folder, we can do this as follows: link "/var/www/public" do to "/vagrant/src/public" end Creating folders We can use the directory resource to create folders; this is particularly useful for scenarios such as folders to hold files (avatars, attachments, and so on) uploaded by users of a web application: directory "/var/www/uploads" do owner "root" group "root" mode 00777 action :create end We can use the mode parameter to set the permissions of the folder, and the owner and group parameters to set the user and groups who own the directory (these also can be used for files we create and manage too).


pages: 132 words: 31,976

Getting Real by Jason Fried, David Heinemeier Hansson, Matthew Linderman, 37 Signals

call centre, David Heinemeier Hansson, iterative process, John Gruber, knowledge worker, Merlin Mann, Metcalfe's law, performance metric, post-work, premature optimization, Ruby on Rails, slashdot, social bookmarking, Steve Jobs, web application

Too many features, too many buttons, too much to learn. Our products do less than the competition — intentionally. We build products that work smarter, feel better, allow you to do things your way, and are easier to use. Our products As of the publishing date of this book, we have five commercial products and one open source web application framework. Basecamp turns project management on its head. Instead of Gantt charts, fancy graphs, and stats-heavy spreadsheets, Basecamp offers message boards, to-do lists, simple scheduling, collaborative writing, and file sharing. So far, hundreds of thousands agree it's a better way. Farhad Manjoo of Salon.com said "Basecamp represents the future of software on the Web."

Thomas Weber of the Wall Street Journal said it's the best product in its class and David Pogue of the New York Times called it a "very cool" organization tool. Writeboard lets you write, share, revise, and compare text solo or with others. It's the refreshing alternative to bloated word processors that are overkill for 95% of what you write. John Gruber of Daring Fireball said, "Writeboard might be the clearest, simplest web application I've ever seen." Web-guru Jeffrey Zeldman said, "The brilliant minds at 37signals have done it again." Ta-da List keeps all your to-do lists together and organized online. Keep the lists to yourself or share them with others for easy collaboration. There's no easier way to get things done. Over 100,000 lists with nearly 1,000,000 items have been created so far.

Table of contents | Essay list for this chapter | Next essay 37signals Resources 37signals site Signal vs. Noise weblog Basecamp — Web-based project collaboration Campfire — Web-based group chat for business Backpack — Web-based information organizer Writeboard — Web-based collaborative writing Ta-da List — Web-based dead-simple to-do lists Ruby on Rails — Open-source web application framework Table of contents | Essay list for this chapter Table of Contents Introduction chapter 1 The Starting Line chapter 2 Stay Lean chapter 3 Priorities chapter 4 Feature Selection chapter 5 Process chapter 6 The Organization chapter 7 Staffing chapter 8 Interface Design chapter 9 Code chapter 10 Words chapter 11 Pricing and Signup chapter 12 Promotion chapter 13 Support chapter 14 Post-Launch chapter 15 Conclusion chapter 16 In this book we'll show you...


pages: 315 words: 85,791

Technical Blogging: Turn Your Expertise Into a Remarkable Online Presence by Antonio Cangiano

23andMe, Albert Einstein, anti-pattern, bitcoin, bounce rate, cloud computing, content marketing, en.wikipedia.org, Hacker News, John Gruber, Kickstarter, Lean Startup, lolcat, Network effects, Paradox of Choice, revision control, Ruby on Rails, search engine result page, slashdot, software as a service, web application

Likewise, taking an all-business approach in which you either share the details of how you run your startup or go into business topics at great length will tend to attract fellow entrepreneurs. Again, if they are your potential customers (e.g., your product is B2B), this approach can pay off. The aforementioned 37signals produces web applications that are aimed at helping companies better handle communication and collaboration. Their unique and opinionated take on the way a business should be run, broadcast through their blog and books, has attracted many of their customers. In most other cases, you’ll find that your customers won’t be particularly interested in learning how your Facebook ad campaign generated a 300 percent ROI (return on investment).

Instead of listing articles, come up with a main theme for your blog, then list ten relevant topics that you are passionate about and have some degree of expertise in. For example, if you’re dealing with a blog about web development as your main theme, you might write down the following topics: Ruby on Rails HTML5/CSS3 JavaScript/CoffeeScript Ajax Deployment Scaling web applications Security issues NoSQL databases UI/UX/Usability Using and creating RESTful APIs As you can see, these are very broad topics, each of which would roughly correspond to different categories for your blog. This task is not just meant to help you figure out what kind of topics you’ll be covering in your blog.

It could be something that grinds your gears or simply a topic you believe more readers should know about. Interview popular people in your field (more on this in the next chapter). Review books, services, gadgets, or products that are relevant to your niche. Collect, organize, and present links to relevant resources all in a single post (e.g., “White Papers on the Scalability of Web Applications”). Create cheatsheets (e.g., HTML5 Cheatsheet). If possible, include both an HTML version and a PDF version for printing. Collect interesting data about your industry and compile it into a useful infographic. If you are not a designer, you can usually commission it to designers who specialize in creating infographics that go viral online.


pages: 560 words: 135,629

Eloquent JavaScript: A Modern Introduction to Programming by Marijn Haverbeke

always be closing, Charles Babbage, domain-specific language, Donald Knuth, en.wikipedia.org, Firefox, fizzbuzz, functional programming, higher-order functions, hypertext link, job satisfaction, MITM: man-in-the-middle, premature optimization, slashdot, web application, WebSocket

It helps omit details, provides convenient building blocks (such as while and console.log), allows you to define your own building blocks (such as sum and range), and makes those blocks easy to compose. What Is JavaScript? JavaScript was introduced in 1995 as a way to add programs to web pages in the Netscape Navigator browser. The language has since been adopted by all other major graphical web browsers. It has made modern web applications possible—applications with which you can interact directly without doing a page reload for every action. JavaScript is also used in more traditional websites to provide various forms of interactivity and cleverness. It is important to note that JavaScript has almost nothing to do with the programming language named Java.

“I look at the many colors before me. I look at my blank canvas. Then, I try to apply colors like words that shape poems, like notes that shape music.” — Joan Miró 19 PROJECT: A PIXEL ART EDITOR The material from the previous chapters gives you all the elements you need to build a basic web application. In this chapter, we will do just that. Our application will be a pixel-drawing program, where you can modify a picture pixel-by-pixel by manipulating a zoomed-in view of it, shown as a grid of colored squares. You can use the program to open image files, scribble on them with your mouse or other pointer device, and save them.

The component model and data flow convention I used in this chapter is a crude form of that. As mentioned, there are libraries that try to make user interface programming more pleasant. At the time of writing, React and Angular are popular choices, but there’s a whole cottage industry of such frameworks. If you’re interested in programming web applications, I recommend investigating a few of them to understand how they work and what benefits they provide. Exercises There is still room for improvement in our program. Let’s add a few more features as exercises. Keyboard Bindings Add keyboard shortcuts to the application. The first letter of a tool’s name selects the tool, and CTRL-Z or COMMAND-Z activates undo.


pages: 757 words: 193,541

The Practice of Cloud System Administration: DevOps and SRE Practices for Web Services, Volume 2 by Thomas A. Limoncelli, Strata R. Chalup, Christina J. Hogan

active measures, Amazon Web Services, anti-pattern, barriers to entry, business process, cloud computing, commoditize, continuous integration, correlation coefficient, database schema, Debian, defense in depth, delayed gratification, DevOps, domain-specific language, en.wikipedia.org, fault tolerance, finite state, Firefox, functional programming, Google Glasses, information asymmetry, Infrastructure as a Service, intermodal, Internet of things, job automation, job satisfaction, Ken Thompson, Kickstarter, level 1 cache, load shedding, longitudinal study, loose coupling, machine readable, Malcom McLean invented shipping containers, Marc Andreessen, place-making, platform as a service, premature optimization, recommendation engine, revision control, risk tolerance, Salesforce, scientific management, seminal paper, side project, Silicon Valley, software as a service, sorting algorithm, standardized shipping container, statistical model, Steven Levy, supply-chain management, systems thinking, The future is already here, Toyota Production System, vertical integration, web application, Yogi Berra

Even if that weren’t the case, the IP address of a particular machine changes from time to time: when a laptop moves from one WiFi network to another, when a mobile device moves from WiFi to cellular and back, or if any machine is turned off and turned on again on a different (or sometimes even the same) network. Using the IP address as an identity wouldn’t even work for one user running two web browsers on the same machine. Instead, when a user logs into a web application, the web application generates a secret and includes it with the reply. The secret is something generated randomly and given to only that user on that web browser. In the future, whenever that web browser sends an HTTP request to that same web app, it also sends the secret. Because this secret was not sent to any other user, and because the secret is difficult to guess, the web app can trust that this is the same user.

Now we move up one layer to the application architecture. We start with an examination of common web service architectures beginning with a single web server, to multi-machine designs, growing larger and larger until we have a design that is appropriate for a large global service. Then we examine architectures that are common behind the scenes of web applications: message buses and service-oriented architectures. Most examples in this chapter will assume that the service is a web-based application using the Hyper-Text Transfer Protocol (HTTP). The user runs a web browser such as Firefox, Chrome, or Internet Explorer. In HTTP terminology, this is called the client.

The client then displays the web page or file to the user. Generally each HTTP request, or query, is a separate TCP/IP connection, although there are extensions to the protocol that let one session process many HTTP requests. Some applications use protocols other than HTTP. For example, they may implement their own protocol. Some non-web applications use HTTP. For example, mobile phone apps may use HTTP to talk to APIs to make requests or gather information. While most of our examples will assume web browsers speaking the HTTP protocol, the principles apply to any client/server application and protocol. 4.1 Single-Machine Web Server The first design pattern we examine is a single self-sufficient machine used to provide web service (Figure 4.1).


pages: 234 words: 63,522

Puppet Essentials by Felix Frank

business logic, cloud computing, Debian, DevOps, domain-specific language, Infrastructure as a Service, platform as a service, web application

This built-in server provides a reliable interface and little overhead for the application but really has no way of scaling, as Puppet is not multithreaded. As such, the WEBrick-based master is hardly fit for production and should usually be used for testing purposes only. For scalable low-latency operations, Puppet can rely on the industry standard for Ruby-based web applications—Passenger. The Puppet Labs documentation contains portable instructions for installing Passenger from the Ruby gem. Many users might prefer the stability of packages from the software-distribution maintainers. The following instructions rely on Debian packages. Make sure that the standalone master process is stopped before setting up Apache with mod_passenger.

The class wraps the resource, so to speak. This is useful for resources that are needed in different contexts. By wrapping them away in a class, you can make sure that those contexts do not create multiple declarations of the same resource. For example, the netcat package can be useful to firewall servers, but also to web application servers. There is probably a firewall class and an appserver class. Both declare the netcat package: package { 'netcat': ensure => 'installed'; } If any server ever has both roles (this might happen for budget reasons or in other unforeseen circumstances), this is a problem: when both the firewall and appserver classes are included, then the resulting manifest declares the netcat package twice.

These static files suffice in many situations, but sometimes, you will want the master to manage very specific configuration values for each agent. These values can be quite individual. For example, an Apache server usually requires a MaxClients setting. Appropriate values depend on many aspects, including hardware specifications and characteristics of the web application that is being run. It would be impractical to prepare all possible choices as distinct files in the module. Learning the template syntax Templates make short work of such scenarios. If you are familiar with ERB templates already, you can safely skip to the next section. If you know your way around PHP or JSP, you will quickly get the hang of ERB—it's basically the same but with Ruby inside the code tags.


pages: 352 words: 64,282

MongoDB: The Definitive Guide by Kristina Chodorow, Michael Dirolf

create, read, update, delete, Debian, FOSDEM, pattern recognition, Ruby on Rails, web application

Keeping with tradition, the Open Source community has created a plethora of “better ways” in response to the ballooning data needs of modern web applications. They span the spectrum from simple in-memory key/value stores to complicated SQL-speaking MySQL/InnoDB derivatives. But the sheer number of choices has made finding the right solution more difficult. I’ve looked at many of them. I was drawn to MongoDB by its pragmatic approach. MongoDB doesn’t try to be everything to everyone. Instead it strikes the right balance between features and complexity, with a clear bias toward making previously difficult tasks far easier. In other words, it has the features that really matter to the vast majority of today’s web applications: indexes, replication, sharding, a rich query syntax, and a very flexible data model.

Scaling a database comes down to the choice between scaling up (getting a bigger machine) or scaling out (partitioning data across more machines). Scaling up is often the path of least resistance, but it has draw-backs: large machines are often very expensive, and eventually a physical limit is reached where a more powerful machine cannot be purchased at any cost. For the type of large web application that most people aspire to build, it is either impossible or not cost-effective to run off of one machine. Alternatively, it is both extensible and eco-nomical to scale out: to add storage space or increase performance, you can buy another commodity server and add it to your cluster. MongoDB was designed from the beginning to scale out.

There are up-to-date instructions on integrating MongoDB with Rails on the MongoDB site. Custom Submission Forms: Ruby | 167 Real-Time Analytics: Python The Python driver for MongoDB is called PyMongo. In this section, we’ll use PyMongo to implement some real-time tracking of metrics for a web application. The most upto-date documentation on PyMongo is available at http://api.mongodb.org/python. Installing PyMongo PyMongo is available in the Python Package Index and can be installed using easy_install (http://pypi.python.org/pypi/setuptools): $ easy_install pymongo Searching for pymongo Reading http://pypi.python.org/simple/pymongo/ Reading http://github.com/mongodb/mongo-python-driver Best match: pymongo 1.6 Downloading ...


Engineering Security by Peter Gutmann

active measures, address space layout randomization, air gap, algorithmic trading, Amazon Web Services, Asperger Syndrome, bank run, barriers to entry, bitcoin, Brian Krebs, business process, call centre, card file, cloud computing, cognitive bias, cognitive dissonance, cognitive load, combinatorial explosion, Credit Default Swap, crowdsourcing, cryptocurrency, Daniel Kahneman / Amos Tversky, Debian, domain-specific language, Donald Davies, Donald Knuth, double helix, Dr. Strangelove, Dunning–Kruger effect, en.wikipedia.org, endowment effect, false flag, fault tolerance, Firefox, fundamental attribution error, George Akerlof, glass ceiling, GnuPG, Google Chrome, Hacker News, information security, iterative process, Jacob Appelbaum, Jane Jacobs, Jeff Bezos, John Conway, John Gilmore, John Markoff, John von Neumann, Ken Thompson, Kickstarter, lake wobegon effect, Laplace demon, linear programming, litecoin, load shedding, MITM: man-in-the-middle, Multics, Network effects, nocebo, operational security, Paradox of Choice, Parkinson's law, pattern recognition, peer-to-peer, Pierre-Simon Laplace, place-making, post-materialism, QR code, quantum cryptography, race to the bottom, random walk, recommendation engine, RFID, risk tolerance, Robert Metcalfe, rolling blackouts, Ruby on Rails, Sapir-Whorf hypothesis, Satoshi Nakamoto, security theater, semantic web, seminal paper, Skype, slashdot, smart meter, social intelligence, speech recognition, SQL injection, statistical model, Steve Jobs, Steven Pinker, Stuxnet, sunk-cost fallacy, supply-chain attack, telemarketer, text mining, the built environment, The Death and Life of Great American Cities, The Market for Lemons, the payments system, Therac-25, too big to fail, Tragedy of the Commons, Turing complete, Turing machine, Turing test, Wayback Machine, web application, web of trust, x509 certificate, Y2K, zero day, Zimmermann PGP

As Bruce Schneier so aptly puts it, “anyone who creates his or her own cryptographic primitives is either a genius or a fool. Given the genius/fool ratio for our species, the odds aren’t very good” [478]. This is confirmed by the results of a security survey of a wide range of software applications which found that cryptographic errors led the pack, affecting more than half of all non-web applications that were evaluated (for web applications the more usual cross-site scripting and other issues pushed the cryptographic problems further down the list) [479]. 86 The target platform for many encryption mechanisms is Powerpoint slide projectors. Problems like the IV-reuse one are typically addressed through a (verbal) comment during the presentation that people shouldn’t do that. 368 Design Let’s say though that your boss doesn’t believe this, and since your company has the best developers in the world they shouldn’t have any trouble creating their own proprietary patent-pending encryption algorithm or security mechanism that’s better than anyone else’s.

Baig and Amr Youssef, Digital Investigation, Vol.7, No.1-2 (October 2009), p.1. [148] “Speaker Recognition in Encrypted Voice Streams”, Michael Backes, Goran Doychev, Markus Dürmuth and Boris Köpf, Proceeding of the 15th European Symposium on Research in Computer Security (ESORICS’10), SpringerVerlag LNCS No.6345, September 2010, p.508. [149] “On Privacy Leakage through Silence Suppression”, Ye Zhui, Proceedings of the 13th Information Security Conference (ISC’10), Springer-Verlag LNCS No.6531, October 2010, p.276. [150] “Uncovering Spoken Phrases in Encrypted Voice over IP Conversations”, Charles Wright, Lucas Ballard, Scott Coull, Fabian Monrose and Gerald Masson, ACM Transactions on Information and System Security (TISSEC), Vol.13, No.4 (December 2010), Article No.35. [151] “Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on fon-iks”, Andrew White, Austin Matthews, Kevin Snow and Fabian Monrose, Proceedings of the 2011 Symposium on Security and Privacy (S&P’11), May 2011, to appear. [152] “Datamining for Hackers”, Stefan Burschka, presentation at the 28 th Chaos Communication Congress (28C3), December 2011, http://events.ccc.de/congress/2011/Fahrplan/events/4732.en.html. [153] “On Privacy of Encrypted Speech Communications”, Ye Zhu, Yuanchao Lu and Anil Vikram, IEEE Transactions on Dependable and Secure Computing, Vol.9, No.4 (July-August 2012), p.470. [154] “Devices That Tell On You: Privacy Trends in Consumer Ubiquitous Computing”, T.Scott Saponas, Jonathan Lester, Carl Hartung, Sameer Agarwal and Tadayoshi Kohno, Proceedings of the 16th Usenix Security Symposium (Security’07), August 2007, p.55. [155] “Video Streaming Forensic — Content Identification with Traffic Snooping”, Yali Liu, Ahmad-Reza Sadeghi, Dipak Ghosal and Biswanath Mukherjee, Proceedings of the 13th Information Security Conference (ISC’10), SpringerVerlag LNCS No.6531, October 2010, p.129. [156] “Uncovering Identities: A Study into VPN Tunnel Fingerprinting”, Vafa Izadinia, Derrick Kourie and Jan Eloff, Computers & Security, Vol.25, No.2 (March 2006), p.97. [157] “Encrypted Protocol Identification via Statistical Analysis”, Rob King and Rohlt Dhamankar, presentation at ShmooCon 2007, March 2007, http://www.shmoocon.org/2007/presentations/PISA.ppt. [158] “Statistical Identification of Encrypted Web Browsing Traffic”, Qixiang Sun, Daniel Simon Yi-Min Wang, Wilf Russell, Venkata Padmanabhan and Lili Qiu, Proceedings of the 2002 Symposium on Security and Privacy (S&P’02), May 2002, p.19. [159] “Privacy Vulnerabilities in Encrypted HTTP Streams”, George Bissias, Marc Liberatore, David Jensen and Brian Levine, Proceedings of the 5th Privacy Enhancing Technologies Symposium (PETS’05), May 2005, p.1. [160] “Inferring the Source of Encrypted HTTP Connections”, Marc Liberatore and Brian Levine, Proceedings of the 13th Conference on Computer and Communications Security (CCS’06), October 2006, p.255. [161] “Exposing Private Information by Timing Web Applications”, Andrew Bortz, Dan Boneh and Palash Nandy, Proceedings of the 16th World Wide Web Conference (WWW’07), May 2007, p.621. References 643 [162] “Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow”, Shuo Chen, Rui Wang, XiaoFeng Wang and Kehuan Zhang, Proceedings of the 2010 Symposium on Security and Privacy (S&P’10), May 2010, p.191. [163] “Fingerprinting Websites Using Remote Traffic Analysis”, Xun Gong, Negar Kiyavash and Nikita Borisov, Proceedings of the 17th Conference on Computer and Communications Security (CCS’10), October 2010, p.684. [164] “I can still see your actions on Google Maps over SSL”, Vincent Berg, 8 February 2012, http://blog.ioactive.com/2012/02/ssl-trafficanalysis-on-google-maps.html. [165] “Finding Location Data In Google Maps SSL Sessions”, Dennis Fisher, 13 February 2012, https://threatpost.com/en_us/blogs/finding-locationdata-google-maps-ssl-sessions-021312. [166] “Privacy Failures in Encrypted Messaging Services: Apple iMessage and Beyond”, Scott Coull and Kevin Dyer, to appear. [167] “Fingerprinting Websites using Traffic Analysis”, Andrew Hintz, Proceedings of the 2nd Conference on Privacy Enhancing Technologies (PET’02), SpringerVerlag LNCS No.2482, April 2002, p.171. [168] “Website Fingerprinting: Attacking Popular Privacy Enhancing Technologies with the Multinomial Naïve-Bayes Classifier”, Dominik Herrmann, Rolf Wendolsky and Hannes Federrath, Proceedings of the ACM Workshop on Cloud Computing Security (CCSW’09), November 2009, p.31. [169] “Website Fingerprinting and Indentification Using Ordered Feature Sequences”, Liming Lu, Ee-Chein Chang and Mun Chan, Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS’10), Springer-Verlag LNCS No.6345, September 2010, p.199. [170] “HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows”, Xiapu Luo, Peng Zhou, Edmond Chan, Wenke Lee, Rocky Chang and Roberto Perdisci, Proceedings of the 18th Network & Distributed System Security Symposium (NDSS’11), February 2011, http://www.isoc.org/isoc/conferences/ndss/11/pdf/6_3.pdf. [171] “Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis”, Charles Wright, Scott Coull and Fabian Monrose, Proceedings of the 16th Annual Network & Distributed System Security Symposium (NDSS’09), February 2009, http://www.isoc.org/isoc/conferences/ndss/09/pdf/14.pdf. [172] “Design for Usability”, Bruce Tognazzini, in “Security and Usability: Designing Secure Systems That People Can Use”, O’Reilly, 2005, p.31. [173] “Shouldn’t All Security Be Usable?”

In fact in exchange for the system instability that security software can cause you may also be getting security holes rather than protection. One survey of a wide range of software applications found that the second-largest overall class of insecure software after customer-support applications, presumably belonging to the notoriously insecure family of web applications, was security products [484]. This issue is so severe that one pen-tester at an Internet security company pointed out that they specifically target security applications because they’re widely used and it’s easy to own companies through them once you’ve found the holes in their security software.


pages: 680 words: 157,865

Beautiful Architecture: Leading Thinkers Reveal the Hidden Beauty in Software Design by Diomidis Spinellis, Georgios Gousios

Albert Einstein, barriers to entry, business intelligence, business logic, business process, call centre, continuous integration, corporate governance, database schema, Debian, domain-specific language, don't repeat yourself, Donald Knuth, duck typing, en.wikipedia.org, fail fast, fault tolerance, financial engineering, Firefox, Free Software Foundation, functional programming, general-purpose programming language, higher-order functions, iterative process, linked data, locality of reference, loose coupling, meta-analysis, MVC pattern, Neal Stephenson, no silver bullet, peer-to-peer, premature optimization, recommendation engine, Richard Stallman, Ruby on Rails, semantic web, smart cities, social graph, social web, SPARQL, Steve Jobs, Stewart Brand, Strategic Defense Initiative, systems thinking, the Cathedral and the Bazaar, traveling salesman, Turing complete, type inference, web application, zero-coupon bond

Supporting Functionality for the System At this point, developer-created software is running on the Facebook services, incorporated as not just widgets but as full applications. Along the way, we’ve created a very different notion of a social web application. We started with the standard setup of isolated data, logic, and display of a typical web application, bereft of any social data except what users could be convinced to contribute. We’ve now fully progressed to an application consuming Facebook social data services while becoming itself an FBML service for full integration into the container site.

Architects often must do architecture-level refactoring of a system, for example to move from simplex to distributed deployment, or from single-threaded to multithreaded in order to meet scalability or performance requirements, or hardcoded parameters to external configuration files because parameters that were never going to change now need to be modified. Although there are many architectures that can meet functional requirements, only a subset of these will also satisfy quality requirements. Let’s go back to the web application example. Think of the many ways to serve up web pages—Apache with static pages, CGI, servlets, JSP, JSF, PHP, Ruby on Rails, or ASP.NET, to name just a few. Choosing one of these technologies is an architecture decision that will have significant impact on your ability to meet certain quality requirements.

Feel free to follow along, noting that the samples here are abbreviated for clarity. We start with the motivation for these types of integrations with an example of “external” application logic and data (a book store), Facebook’s social data (user information and “friend” relationships), and the case for integrating the two. Some Application Core Data Web applications, even those that do not produce or consume a data platform of any sort, are still motivated largely by their internal data. As an example, take http://fettermansbooks.com, a hypothetical website that provides information on books (and likely, the ability to purchase these titles if the mood struck).


pages: 197 words: 35,256

NumPy Cookbook by Ivan Idris

business intelligence, cloud computing, computer vision, data science, Debian, en.wikipedia.org, Eratosthenes, mandelbrot fractal, p-value, power law, sorting algorithm, statistical model, transaction costs, web application

JPype uses the Java Native Interface (JNI), which is a bridge between native C code and Java. Unfortunately, using JNI hurts performance, so you have to be mindful of that fact. See also Installing JPype in this chapter Installing Google App Engine Google App Engine (GAE) enables you to build web applications in the Google cloud. Since 2012, there is official support for NumPy; you need to have a Google account to use GAE. How to do it... The first step is to download GAE. Download GAE.Download GAE for your operating system from https://developers.google.com/appengine/downloads. From this page, you can download documentation and the GAE Eclipse plugin as well.

Create a new application.Create a new application with the launcher (File | New Application). Name it numpycloud. This will create a folder with the same name containing the following files: app.yaml: YAML application configuration file favicon.ico: Icon image index.yaml: Auto generated file main.py: Main entry point for the web application Add NumPy to the libraries.First, we need to let GAE know that we want to use NumPy. Add the following lines to the app.yaml configuration file in the libraries section: - name: NumPy version: "1.6.1" The configuration file should have the following contents: application: numpycloud version: 1 runtime: python27 api_version: 1 threadsafe: yes handlers: - url: /favicon\.ico static_files: favicon.ico upload: favicon\.ico - url: .* script: main.app libraries: - name: webapp2 version: "2.5.1" - name: numpy version: "1.6.1" Write NumPy code.To demonstrate that we can use NumPy code, let's modify the main.py file.

<br/>') self.response.out.write('NumPy sum = ' + str(numpy.arange(7).sum())) app = webapp2.WSGIApplication([('/', MainHandler)], debug=True) If you click on the Browse button in the GAE launcher, you should see a web page in your default browser, with the following text: Hello world!NumPy sum = 21 How it works... GAE is free depending on how much of the resources are used. You can create up to ten web applications. GAE takes the sandboxing approach, which means that NumPy was not available for a while, but now it is, as demonstrated in this recipe. You should also be aware that GAE currently does not support relational databases. There are other features too, which might make portability a concern. Running NumPy code in a Python Anywhere web console In Chapter 1, we already saw a Python Anywhere console in action, without having an account.


pages: 713 words: 93,944

Seven Databases in Seven Weeks: A Guide to Modern Databases and the NoSQL Movement by Eric Redmond, Jim Wilson, Jim R. Wilson

AGPL, Amazon Web Services, business logic, create, read, update, delete, data is the new oil, database schema, Debian, domain-specific language, en.wikipedia.org, fault tolerance, full text search, general-purpose programming language, Kickstarter, Large Hadron Collider, linked data, MVC pattern, natural language processing, node package manager, random walk, recommendation engine, Ruby on Rails, seminal paper, Skype, social graph, sparse data, web application

Notice that dev2@127.0.0.1 is now gone from the connected_nodes list. Start dev2, and it will rejoin itself to the Riak ring (we’ll discuss the ring on Day 2). REST Is Best (or Doing cURLs) REST stands for REpresentational State Transfer. It sounds like a mouthful of jargon, but it has become the de facto architecture of web applications, so it’s worth knowing. REST is a guideline for mapping resources to URLs and interacting with them using CRUD verbs: POST (Create), GET (Read), PUT (Update), and DELETE (Delete). If you don’t already have it installed, install the HTTP client program cURL. We use it as our REST interface, because it’s easy to specify verbs (like GET and PUT) and HTTP header information (like Content-Type).

You can find other URL parameters in the following table: Param Description Default q The given query string q.op Query terms are either and or or or sort Field name to sort by none start The first object in the matching list to return 0 rows The max number of results to return 20 wt Output either xml or json xml index Specifies the index to use There is plenty more to learn about the Riak search extension, far more than we can reasonably cover here. Ideally you’ve gotten a feel for its power. It’s a clear choice if you plan to provide search functionality for a large web application, but it also deserves a second look if you need a lot of simple ad hoc querying. Indexing Riak As of version 1.0, Riak supports secondary indexes. These are similar to the indexes we saw in PostgreSQL but with a slight twist. Rather than indexing on a specific column or columns of data, Riak allows you to index on metadata attached to the header of the object.

Building a Client Application Our program will connect to HBase over Thrift and then list any tables it finds along with their column families. These would be the first steps toward building an administrative interface for HBase. Unlike our previous examples, this script is meant to be run by good old normal Ruby, not JRuby. It could be suitable for inclusion in a Ruby-based web application, for example. Key this into a new text file (we called ours thrift_example.rb): hbase/thrift_example.rb ​​$:.push('./gen-rb')​​ ​​require 'thrift'​​ ​​require 'hbase'​​ ​​​​ ​​socket = Thrift::Socket.new( 'localhost', 9090 )​​ ​​transport = Thrift::BufferedTransport.new( socket )​​ ​​protocol = Thrift::BinaryProtocol.new( transport )​​ ​​client = Apache::Hadoop::Hbase::Thrift::Hbase::Client.new( protocol )​​ ​​​​ ​​transport.open()​​ ​​​​ ​​client.getTableNames().sort.each do |table|​​ ​​ puts "#{table}"​​ ​​ client.getColumnDescriptors( table ).each do |col, desc|​​ ​​ puts " #{desc.name}"​​ ​​ puts " maxVersions: #{desc.maxVersions}"​​ ​​ puts " compression: #{desc.compression}"​​ ​​ puts " bloomFilterType: #{desc.bloomFilterType}"​​ ​​ end​​ ​​end​​ ​​​​ ​​transport.close()​​ In the previous code, the first thing we do is make sure Ruby can find the model files by adding gen-rb to the path and including thrift and hbase.


pages: 398 words: 86,855

Bad Data Handbook by Q. Ethan McCallum

Amazon Mechanical Turk, asset allocation, barriers to entry, Benoit Mandelbrot, business intelligence, cellular automata, chief data officer, Chuck Templeton: OpenTable:, cloud computing, cognitive dissonance, combinatorial explosion, commoditize, conceptual framework, data science, database schema, DevOps, en.wikipedia.org, Firefox, Flash crash, functional programming, Gini coefficient, hype cycle, illegal immigration, iterative process, labor-force participation, loose coupling, machine readable, natural language processing, Netflix Prize, One Laptop per Child (OLPC), power law, quantitative trading / quantitative finance, recommendation engine, selection bias, sentiment analysis, SQL injection, statistical model, supply-chain management, survivorship bias, text mining, too big to fail, web application

The blank space is ASCII code 0x20, but it is typically encoded as + rather than %20. The server application must decode the URL encoding to recover exactly what the user has entered. In general, URL encoding artifacts leaking into plain text is not a serious problem. URL encoding and decoding of form submissions happens behind the scenes in most web application frameworks. Even if URL encoded text did leak into other parts of an application, it would be easily detectable by the lack of spaces and abundance of + and %XX codes. One notable exception is when analyzing a list of URLs or URL fragments. In that case, it may be worthwhile to ensure that all of the URLs have been decoded consistently.

'xmlcharrefreplace') >>> print(encoded) &lt;script&gt;//Do Some &#201;v&#238;l&lt;/script ↪ &gt; >>> print(HTMLParser.HTMLParser().unescape(encoded)) <script>//Do Some Évîl</script> The call to cgi.escape in Example 4-9 replaces the angle brackets < and > with the named entities &lt; and &gt; respectively. unicode.encode(…, xmlcharrefreplace) replaces the non-ASCII characters É (U+C9) and î (U+EE) with their numeric entities: &201; and &238; (0xC9 = 201, 0xEE=238). When a browser encounters the encoded string &lt;script&gt;//Do Some &#201;v&#238;l&lt;/script&gt; it will display <script>//Do Some Évîl</script>, but it will not actually execute the evil script. It is a reasonable decision to have a web application store HTML encoded strings in its database. That decision ensures that raw text submitted by the users won’t appear in our other pages, and it may speed up the server-side rendering time for those pages. However, if we decide to text mine the user-submitted content, we’ll need to understand how the content is formatted in database dumps, and we’ll want to decode the HTML entity references before processing it.

However, if we decide to text mine the user-submitted content, we’ll need to understand how the content is formatted in database dumps, and we’ll want to decode the HTML entity references before processing it. I’ve actually seen redundantly HTML-encoded strings such as &amp;amp;lt; in what was supposed to be a plain text dump. That data presumably passed through multiple web applications and databases before I got my hands on it. Example 4-10 expands on code from Example 4-9 to decode repeatedly HTML-encoded strings inside a while loop. Example 4-10. Decoding redundantly HTML encoded text >>> # add a few more layers of encoding >>> ss = cgi.escape(encoded).encode('ascii', ...


pages: 59 words: 12,801

The Little Book on CoffeeScript by Alex MacCaw

duck typing, Firefox, MVC pattern, node package manager, web application, Y2K

This book is completely open source, and was written by Alex MacCaw (@maccman) with great contributions from David Griffiths, Satoshi Murakami, Chris Smith, Katsuya Noguchi, and Jeremy Ashkenas. If you have any errata or suggestions, please don’t hesitate to open a ticket on the book’s GitHub page. Readers may also be interested in JavaScript Web Applications (O’Reilly), a book I authored that explores rich JavaScript applications and moving state to the client side. So let’s dive right into it: why is CoffeeScript better than writing pure JavaScript? Well, for a start, there’s less code to write; CoffeeScript is very succinct, and takes white space into account.

In other words, build a series of modular de-coupled components. Keep application logic as generic as possible, abstracting it out as appropriate. Lastly, separate out your logic into views, models, and controllers (MVC). Implementing MVC is beyond the scope of this chapter; for that, I recommend you check out my book on JavaScript Web Applications and use a framework like Backbone or Spine. Rather than that, here we’re going to cover structuring applications using CommonJS modules. Structure and CommonJS So what exactly are CommonJS modules? Well, If you’ve used NodeJS before, you’ve used CommonJS modules, probably without realizing it.


pages: 666 words: 181,495

In the Plex: How Google Thinks, Works, and Shapes Our Lives by Steven Levy

"World Economic Forum" Davos, 23andMe, AltaVista, Andy Rubin, Anne Wojcicki, Apple's 1984 Super Bowl advert, autonomous vehicles, Bill Atkinson, book scanning, Brewster Kahle, Burning Man, business process, clean water, cloud computing, crowdsourcing, Dean Kamen, discounted cash flows, don't be evil, Donald Knuth, Douglas Engelbart, Douglas Engelbart, Dutch auction, El Camino Real, Evgeny Morozov, fault tolerance, Firefox, General Magic , Gerard Salton, Gerard Salton, Google bus, Google Chrome, Google Earth, Googley, high-speed rail, HyperCard, hypertext link, IBM and the Holocaust, informal economy, information retrieval, Internet Archive, Jeff Bezos, John Markoff, Ken Thompson, Kevin Kelly, Kickstarter, large language model, machine translation, Mark Zuckerberg, Menlo Park, one-China policy, optical character recognition, PageRank, PalmPilot, Paul Buchheit, Potemkin village, prediction markets, Project Xanadu, recommendation engine, risk tolerance, Rubik’s Cube, Sand Hill Road, Saturday Night Live, search inside the book, second-price auction, selection bias, Sheryl Sandberg, Silicon Valley, SimCity, skunkworks, Skype, slashdot, social graph, social software, social web, spectrum auction, speech recognition, statistical model, Steve Ballmer, Steve Jobs, Steven Levy, subscription business, Susan Wojcicki, Ted Nelson, telemarketer, The future is already here, the long tail, trade route, traveling salesman, turn-by-turn navigation, undersea cable, Vannevar Bush, web application, WikiLeaks, Y Combinator

“We’ve learned to live with the irony,” said engineer Mark Larson during the development process. Page and Brin wanted Chrome optimized to run web applications—fast. When you run a program faster by an order of magnitude, you haven’t made something better—you’ve made something new. The crucial element in speeding up a browser was a component called a JavaScript engine, a “virtual machine” that ran web application code. In previous browsers, JavaScript didn’t run quickly enough to make web applications seem as nimble as desktop apps; Google felt that if it changed that, people would use the web more and thus use Google’s services and ads more.

And so on, until the engineers not willing to stake their budgets on the most contested resources dropped out. “Hence,” write the paper’s authors, “the auction allows users to ‘discover’ prices in which all users pay/receive payment in proportion to uniform resource prices.” To round out its suite of web applications, Google began developing a cloud-based alternative to Microsoft’s PowerPoint. In early 2007, it heard about an innovative start-up that was working on a web-based presentation program that had some even niftier features than the one Google was developing internally. Wayne Crosby and Robby Walker had begun a company called Zenter.

In 2010, Microsoft rolled out an online version of its Office product—for free. Even if only a small percentage of the marketplace used Google’s own productivity apps, the company had achieved its larger goal—moving work onto the web. Google’s next step would put it even more squarely into Microsoft’s sights: it was going to build its own version of the web application that had been at the center of Microsoft’s government antitrust case, a browser. The idea long predated Google’s plans for web-based applications. In 2001, Page and Brin had told Schmidt they wanted Google to build its own browser. Right away. Schmidt understood the impulse: browsers were important.


pages: 536 words: 73,482

Programming Clojure by Stuart Halloway, Aaron Bedra

continuous integration, duck typing, en.wikipedia.org, functional programming, general-purpose programming language, Gödel, Escher, Bach, higher-order functions, Neal Stephenson, Paul Graham, Ruby on Rails, type inference, web application

.​ ​​ ​-----> Discovering process types​ ​ Procfile declares types -> web​ ​-----> Compiled slug size is 12.8MB​ ​-----> Launching... done, v4​ ​ http://stormy-water-3888.herokuapp.com deployed to Heroku​ You can visit your application using the heroku command as well: ​heroku open​ This will open a browser and send you right to your deployed application. It might take some time to load on the first visit, but subsequent requests will get faster. You can find an additional Heroku/Clojure tutorial on Heroku’s dev center at http://devcenter.heroku.com/articles/clojure-web-application. Have fun with your new Clojure web application. Make it better, give it some personality, and share it with the world! 10.6 Farewell Congratulations. You have come a long way in a short time. You have learned the many ideas that combine to make Clojure great: Lisp, Java, functional programming, and explicit concurrency.

Finally, Chapter 10, ​Building an Application​ provides a view into a complete Clojure workflow. You will build an application from scratch, working through solving the various parts to a problem and thinking about simplicity and quality. You will use a set of helpful Clojure libraries to produce and deploy a web application. Appendix 1, ​Editor Support​ lists editor support options for Clojure, with links to setup instructions for each. How to Read This Book All readers should begin by reading the first two chapters in order. Pay particular attention to Section 1.1, ​Why Clojure?​, which provides an overview of Clojure’s advantages.

If you find test.generative interesting, you should definitely check out QuickCheck, which has a long development history and many capabilities not yet found in test.generative. Now that we have some confidence in our scoring function, let’s see about running a game of Clojurebreaker on the Web. 10.4 Creating an Interface With a solid foundation, introducing an interface and a playable version of the game should be a breeze. Let’s start with a basic web application. The noir web framework will serve as a nice base for us to build our application. Creating a new noir project is easy. First, you will need to install the lein-noir plug-in to leiningen: ​$ lein plugin install lein-noir 1.2.0​ Now we can generate our application and launch it: ​$ lein noir new clojurebreaker​ ​$ cd clojurebreaker​ ​$ lein run​ Point your browser to http://localhost:8080.


pages: 696 words: 111,976

SQL Hacks by Andrew Cumming, Gordon Russell

Apollo 13, bioinformatics, book value, business intelligence, business logic, business process, database schema, en.wikipedia.org, Erdős number, Firefox, full text search, Hacker Conference 1984, Hacker Ethic, leftpad, Paul Erdős, SQL injection, Stewart Brand, web application

Calculate the Distance Between GPS Locations Hack 37. Reconcile Invoices and Remittances Hack 38. Find Transposition Errors Hack 39. Apply a Progressive Tax Hack 40. Calculate Rank Chapter 6. Online Applications Hack 41. Copy Web Pages into a Table Hack 42. Present Data Graphically Using SVG Hack 43. Add Navigation Features to Web Applications Hack 44. Tunnel into MySQL from Microsoft Access Hack 45. Process Web Server Logs Hack 46. Store Images in a Database Hack 47. Exploit an SQL Injection Vulnerability Hack 48. Prevent an SQL Injection Attack Chapter 7. Organizing Data Hack 49. Keep Track of Infrequently Changing Values Hack 50.

> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="-120 -120 240 240" text-anchor="middle" stroke="black"> <xsl:apply-templates/> </svg> </xsl:template> <xsl:template match="row[field[@name='tag']='text']"> <text x='{field[@name="att1"]}' y='{field[@name="att2"]}'> <xsl:value-of select='field[@name="content"]'/> </text> </xsl:template> <xsl:template match="row[field[@name='tag']='path']"> <path d='{field[@name="att1"]}' fill='{field[@name="att2"]}'/> </xsl:template> </xsl:stylesheet> You can run that using xsltproc as follows: $ mysql -u scott -ptiger dbname --xml -e 'SELECT * FROM pie7 ORDER BY s'\ > | xsltproc pie.xsl - <?xml version="1.0"?> <svg xmlns="http://www.w3.org/2000/svg" viewBox="-120 -120 240 240" text-anchor="middle" stroke="black"> <path xmlns="" d="M0 0 l 100 0 A100,100 0 0, 1 -80.897342382161,58.78452173407 z" fill="blue"/> Hack 43. Add Navigation Features to Web Applications Sometimes you want to present users with a list of values, but the list is too large to fit comfortably on a single web page. You could let users search for the item, but sometimes it is better to let them browse for it. One of the worst crimes against interface design is the search box that almost always says "no," which you can see in Figure 6-3.

However, MySQL does permit you to update a JOIN, so you can exploit this by performing the tests in a derived table: UPDATE bank w CROSS JOIN (SELECT COUNT(*) AS c FROM bank WHERE name='Archie' OR (name='Ritchie' AND balance>=3)) t SET w.balance = CASE WHEN w.name='Archie' THEN w.balance+3 WHEN w.name='Ritchie' THEN w.balance-3 END WHERE w.name IN ('Archie','Ritchie') AND t.c=2; Hack 68. Cope with Unexpected Redo When a user initiates an operation you can ensure that your code copes well with repeated attempts. Suppose you are writing user account creation routines for a web application. A user can create an account on your system, where the username is his preferred email address. As part of the process, the user will be given a random password if he was successful, or will be shown an error message if appropriate. The form uses USER for username and PASS for password. The username column is the primary key of usertable: CREATE TABLE usertable ( username varchar(20) primary key, password varchar(20) ); Here is the PHP to provide a user creation form: <?


pages: 540 words: 103,101

Building Microservices by Sam Newman

airport security, Amazon Web Services, anti-pattern, business logic, business process, call centre, continuous integration, Conway's law, create, read, update, delete, defense in depth, don't repeat yourself, Edward Snowden, fail fast, fallacies of distributed computing, fault tolerance, index card, information retrieval, Infrastructure as a Service, inventory management, job automation, Kubernetes, load shedding, loose coupling, microservices, MITM: man-in-the-middle, platform as a service, premature optimization, pull request, recommendation engine, Salesforce, SimCity, social graph, software as a service, source of truth, sunk-cost fallacy, systems thinking, the built environment, the long tail, two-pizza team, web application, WebSocket

So think of user interfaces as compositional layers — places where we weave together the various strands of the capabilities we offer. So with that in mind, how do we pull all these strands together? Constraints Constraints are the different forms in which our users interact with our system. On a desktop web application, for example, we consider constraints such as what browser visitors are using, or their resolution. But mobile has brought a whole host of new constraints. The way our mobile applications communicate with the server can have an impact. It isn’t just about pure bandwidth concerns, where the limitations of mobile networks can play a part.

Finally, understand the importance of defense in depth, make sure you patch your operating systems, and even if you consider yourself a rock star, don’t try to implement your own cryptography! If you want a general overview of security for browser-based applications, a great place to start is the excellent Open Web Application Security Project (OWASP) nonprofit, whose regularly updated Top 10 Security Risk document should be considered essential reading for any developer. Finally, if you want a more general discussion of cryptography, check out the book Cryptography Engineering by Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno (Wiley).

More often than not, caching is about eliminating needless round-trips to databases or other services to serve results faster. Used well, it can yield huge performance benefits. The reason that HTTP scales so well in handling large numbers of requests is that the concept of caching is built in. Even with a simple monolithic web application, there are quite a few choices as to where and how to cache. With a microservice architecture, where each service is its own source of data and behavior, we have many more choices to make about where and how to cache. With a distributed system, we typically think of caching either on the client side or on the server side.


pages: 168 words: 50,647

The End of Jobs: Money, Meaning and Freedom Without the 9-To-5 by Taylor Pearson

Airbnb, barriers to entry, Ben Horowitz, Black Swan, call centre, cloud computing, commoditize, content marketing, creative destruction, David Heinemeier Hansson, drop ship, Elon Musk, en.wikipedia.org, Frederick Winslow Taylor, future of work, Google Hangouts, Hacker Conference 1984, Kaizen: continuous improvement, Kevin Kelly, Kickstarter, knowledge economy, knowledge worker, loss aversion, low skilled workers, Lyft, Marc Andreessen, Mark Zuckerberg, market fragmentation, means of production, Oculus Rift, passive income, passive investing, Peter Thiel, power law, remote working, Ronald Reagan: Tear down this wall, scientific management, sharing economy, side hustle, side project, Silicon Valley, Skype, software as a service, software is eating the world, Startup school, Steve Jobs, Steve Wozniak, Stewart Brand, systems thinking, TED Talk, telemarketer, the long tail, Thomas Malthus, Uber and Lyft, uber lyft, unpaid internship, Watson beat the top human players on Jeopardy!, web application, Whole Earth Catalog

The same phenomenon that Scott Young created for himself is now being created by companies making it even more accessible. Online forums and communities in your industry let you learn from other people in the trenches day-to-day. No one is going to sell enough copies of a book about User Onboarding for web applications or marketing iPhone Apps to stock it in a bookstore or offer it in a university, but those work on the internet. The Long Tail has let businesses emerge that are hyper specific and couldn’t have existed in a retail world, a concept we’ll come back to in the next chapter. It’s Cheaper to Make Widgets!

He expanded that expertise and those relationships into starting a similar dropshipping business selling trolling motors, and now runs eCommerceFuel.com where he helps other eCommerce Entreprenurs grow their eCommerce businesses.37 Nathan Barry, a designer and author, stair stepped his way from his job as a designer into running his own business by writing two books on design, The App Design Handbook and Designing Web Applications. After he saw that many people were interested in his strategy for publishing high priced eBooks (the book started at $39), he wrote another book on that, Authority, his most successful ever. Now he is growing ConvertKit, a software product designed to help authors with email marketing.38 John McIntyre was working as an intern at a resort in the Philippines when someone asked him to write an email autoresponder, a series of five emails designed to help new prospects convert into customers.

Many entrepreneurs now release income reports showing their businesses growth. Dan Norris and Alex McClafferty founded WPCurve in 2012, and are on pace to do $768,000 in 2015. John Lee Dumas has gone from never having run a business in 2010 to over $100,000 in monthly revenue in October 2013 and $433,000 in monthly revenue in February 2015. Buffer, a web application has grown from less than $130,000 in monthly revenue in September 2013 to over $300,000 in August 2014. Groove HQ, another software application, has grown from $35,000 in monthly revenue to over $75,000 in less than a year. Am I cherry-picking the best examples here? Definitely. The guys with slower growth aren’t broadcasting their slow growth for us to look at.


Designing Data-Intensive Applications: The Big Ideas Behind Reliable, Scalable, and Maintainable Systems by Martin Kleppmann

active measures, Amazon Web Services, billion-dollar mistake, bitcoin, blockchain, business intelligence, business logic, business process, c2.com, cloud computing, collaborative editing, commoditize, conceptual framework, cryptocurrency, data science, database schema, deep learning, DevOps, distributed ledger, Donald Knuth, Edward Snowden, end-to-end encryption, Ethereum, ethereum blockchain, exponential backoff, fake news, fault tolerance, finite state, Flash crash, Free Software Foundation, full text search, functional programming, general-purpose programming language, Hacker News, informal economy, information retrieval, Internet of things, iterative process, John von Neumann, Ken Thompson, Kubernetes, Large Hadron Collider, level 1 cache, loose coupling, machine readable, machine translation, Marc Andreessen, microservices, natural language processing, Network effects, no silver bullet, operational security, packet switching, peer-to-peer, performance metric, place-making, premature optimization, recommendation engine, Richard Feynman, self-driving car, semantic web, Shoshana Zuboff, social graph, social web, software as a service, software is eating the world, sorting algorithm, source of truth, SPARQL, speech recognition, SQL injection, statistical model, surveillance capitalism, systematic bias, systems thinking, Tragedy of the Commons, undersea cable, web application, WebSocket, wikimedia commons

The output of those batch jobs is often some kind of database: for example, a data‐ base that can be queried by user ID to obtain suggested friends for that user, or a database that can be queried by product ID to get a list of related products [45]. These databases need to be queried from the web application that handles user requests, which is usually separate from the Hadoop infrastructure. So how does the output from the batch process get back into a database where the web application can query it? The most obvious choice might be to use the client library for your favorite database directly within a mapper or reducer, and to write from the batch job directly to the database server, one record at a time.

You will, however, develop a good intuition for what your systems are doing under the hood so that you can reason about their behavior, make good design decisions, and track down any problems that may arise. Who Should Read This Book? If you develop applications that have some kind of server/backend for storing or pro‐ cessing data, and your applications use the internet (e.g., web applications, mobile apps, or internet-connected sensors), then this book is for you. This book is for software engineers, software architects, and technical managers who love to code. It is especially relevant if you need to make decisions about the architec‐ ture of the systems you work on—for example, if you need to choose tools for solving a given problem and figure out how best to apply them.

Comparing characteristics of transaction processing versus analytic systems Property Main read pattern Transaction processing systems (OLTP) Small number of records per query, fetched by key Analytic systems (OLAP) Aggregate over large number of records Main write pattern Random-access, low-latency writes from user input Bulk import (ETL) or event stream Primarily used by End user/customer, via web application Internal analyst, for decision support What data represents Latest state of data (current point in time) History of events that happened over time Dataset size Gigabytes to terabytes Terabytes to petabytes At first, the same databases were used for both transaction processing and analytic queries.


pages: 1,237 words: 227,370

Designing Data-Intensive Applications: The Big Ideas Behind Reliable, Scalable, and Maintainable Systems by Martin Kleppmann

active measures, Amazon Web Services, billion-dollar mistake, bitcoin, blockchain, business intelligence, business logic, business process, c2.com, cloud computing, collaborative editing, commoditize, conceptual framework, cryptocurrency, data science, database schema, deep learning, DevOps, distributed ledger, Donald Knuth, Edward Snowden, end-to-end encryption, Ethereum, ethereum blockchain, exponential backoff, fake news, fault tolerance, finite state, Flash crash, Free Software Foundation, full text search, functional programming, general-purpose programming language, Hacker News, informal economy, information retrieval, Infrastructure as a Service, Internet of things, iterative process, John von Neumann, Ken Thompson, Kubernetes, Large Hadron Collider, level 1 cache, loose coupling, machine readable, machine translation, Marc Andreessen, microservices, natural language processing, Network effects, no silver bullet, operational security, packet switching, peer-to-peer, performance metric, place-making, premature optimization, recommendation engine, Richard Feynman, self-driving car, semantic web, Shoshana Zuboff, social graph, social web, software as a service, software is eating the world, sorting algorithm, source of truth, SPARQL, speech recognition, SQL injection, statistical model, surveillance capitalism, systematic bias, systems thinking, Tragedy of the Commons, undersea cable, web application, WebSocket, wikimedia commons

The output of those batch jobs is often some kind of database: for example, a database that can be queried by user ID to obtain suggested friends for that user, or a database that can be queried by product ID to get a list of related products [45]. These databases need to be queried from the web application that handles user requests, which is usually separate from the Hadoop infrastructure. So how does the output from the batch process get back into a database where the web application can query it? The most obvious choice might be to use the client library for your favorite database directly within a mapper or reducer, and to write from the batch job directly to the database server, one record at a time.

You will, however, develop a good intuition for what your systems are doing under the hood so that you can reason about their behavior, make good design decisions, and track down any problems that may arise. Who Should Read This Book? If you develop applications that have some kind of server/backend for storing or processing data, and your applications use the internet (e.g., web applications, mobile apps, or internet-connected sensors), then this book is for you. This book is for software engineers, software architects, and technical managers who love to code. It is especially relevant if you need to make decisions about the architecture of the systems you work on—for example, if you need to choose tools for solving a given problem and figure out how best to apply them.

Comparing characteristics of transaction processing versus analytic systems Property Transaction processing systems (OLTP) Analytic systems (OLAP) Main read pattern Small number of records per query, fetched by key Aggregate over large number of records Main write pattern Random-access, low-latency writes from user input Bulk import (ETL) or event stream Primarily used by End user/customer, via web application Internal analyst, for decision support What data represents Latest state of data (current point in time) History of events that happened over time Dataset size Gigabytes to terabytes Terabytes to petabytes At first, the same databases were used for both transaction processing and analytic queries.


pages: 99 words: 19,884

Getting Started with RStudio by John Verzani

Debian, RFID, web application

The current project name is listed on the far right of the main application toolbar in a combobox that allows one to switch between open projects, open an existing project, or create a new project. A new project requires just a name and a working directory. This feature is a natural fit for RStudio, because when it runs as a web application, there is a need to serialize and restore sessions due to the nature of web connections. Switching between projects is as easy as selecting an open project. RStudio just serializes the old one and restores the newly selected one. Note As of writing, the “project” feature is not available in the stable release (0.94.102) but is in the “daily build” version.

The widely used Rcmdr package, which provides a set of graphical interfaces to numerous R functions, can be run in this manner. One can also use the interfaces provided by RGtk2 and qtbase. In addition, the desktop user can take advantage of R’s internal help server. The googleVis package uses this to take advantage of Google’s visualization tools, and the Rack package provides an API for R users to write web applications that take advantage of this same server. Chapter 4. Case Study: Creating a Package Before describing more systematically the components that RStudio provides for development work in R (most importantly the source-code editor), we will pick up where we left off on our case study of analyzing the group behavior and individual movements of a colony of naked mole rats.


pages: 518 words: 49,555

Designing Social Interfaces by Christian Crumlish, Erin Malone

A Pattern Language, Amazon Mechanical Turk, anti-pattern, barriers to entry, c2.com, carbon footprint, cloud computing, collaborative editing, commons-based peer production, creative destruction, crowdsourcing, en.wikipedia.org, Firefox, folksonomy, Free Software Foundation, game design, ghettoisation, Howard Rheingold, hypertext link, if you build it, they will come, information security, lolcat, Merlin Mann, Nate Silver, Network effects, Potemkin village, power law, recommendation engine, RFC: Request For Comment, semantic web, SETI@home, Skype, slashdot, social bookmarking, social graph, social software, social web, source of truth, stealth mode startup, Stewart Brand, systems thinking, tacit knowledge, telepresence, the long tail, the strength of weak ties, The Wisdom of Crowds, web application, Yochai Benkler

You,” http://www.graphpaper.com/2007/08-02_user-vs-you (Chris Fahey’s Graphpaper blog Wikipedia entry on Cargo Cult Programming, http://en.wikipedia.org/wiki/ Cargo_cult_programming “You vs. I,” http://www.graphpaper.com/2007/08-11_you-vs-i (Chris Fahey’s Graphpaper blog) “Your Web Application as a Text Adventure,” http://2007.sxsw.com/blogs/podcasts. php/2007/05/31/your_web_application_as_a_text_adventure? (Michael Buffington, podcast from South by Southwest 2007) Download at WoweBook.Com Download at WoweBook.Com Part II I Am Somebody The notion of self, something long discussed and debated by philosophers, psychologists, and scientists, is now part of the discussion in the user experience design world.

A safer alternative is to use services such as OAuth, OpenID, or Facebook Connect to officially authorize access to the user’s data on the other site. Download at WoweBook.Com Invitations 63 OAuth is “[a]n open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.” In other words, it is an open technology that allows sites to access a user’s data in a safe way that doesn’t require the user to throw names and passwords all over the Internet. The actual access happens on the third-party site where the data is stored and under its control. AOL, Yahoo!, and Google have all agreed to support OAuth, so there should be no reason to perpetuate this anti-pattern in the coming years.

Special cases It used to be that beta was a period of time when real users would be asked to try the site out—to find bugs at a larger scale that might not have shown up with smaller test groups—and then the product would move quickly to General Availability (GA) release, where the public at large would have access. Download at WoweBook.Com 68 Chapter 3: You’re Invited! In today’s world of Web 2.0 and the ability to quickly launch web applications, we are seeing more and more sites slap the beta flag on the site and then never remove it. (See Figures 3-21, 3-22, and 3-23.) Figure 3-21. Gmail has been in beta since 2004. Figure 3-22. The Flickr home page from May 2004. (flickr.com was in beta for a couple of years.) Download at WoweBook.Com Invitations 69 Figure 3-23.


Practical OCaml by Joshua B. Smith

cellular automata, Debian, domain-specific language, duck typing, Free Software Foundation, functional programming, general-purpose programming language, Grace Hopper, higher-order functions, hiring and firing, John Conway, Paul Graham, slashdot, SpamAssassin, text mining, Turing complete, type inference, web application, Y2K

This eliminates the fork/exec and provides a way to maintain state information. FastCGI is really a different way of writing web applications than CGI or integrated methods. In FastCGI, your application is running the whole time. FastCGI uses more traditional IPC (Unix domain sockets or IP sockets) to handle the interprocess communication. This IPC mechanism also enables FastCGI programs to be located on more than one machine, which can be important for performance—especially in a language such as OCaml that does not support SMP. Because FastCGI is not a very popular way of writing web applications, it will not be covered in any more detail in this chapter. Integrated Approaches Integrated approaches seek to pull the logic of web-based applications closer into the web server to provide better application performance.

Although both libraries were created to solve the same set of problems, the mod_caml library is more mature. Other Frameworks There are other frameworks, too. Typesafe programming and secure-by-design programming have become new in web design. Frameworks such as Ex-nunc and Ocsigen are two frameworks that provide typesafe environments for building web applications. Ex-nunc can be downloaded from http://ex-nunc.sourceforge.net. (At the time of this writing, you can also find sample code and a limited amount of documentation.) Ocsigen (found at http://www.ocsigen.org) is also under active development. Ex-nunc supports CGI and FastCGI, whereas Ocsigen uses its own http server.

action=main\">Home</a> <hr> <br> ::table(entries):: ::entry:: Entry Written: ::timestamp:: ::end:: </body> </html>";; let get_timestamp x = let st = Unix.stat x in let utm = Unix.localtime (st.Unix.st_mtime) in Printf.sprintf "%i/%i/%i %i:%i:%i" utm.Unix.tm_mon utm.Unix.tm_mday (utm.Unix.tm_year + 1900) utm.Unix.tm_hour utm.Unix.tm_min utm.Unix.tm_sec;; let display_all_entries dir = let dirs = Sys.readdir dir in let sorted = Array.map (fun x -> let fn = Filename.concat dir x in ➥ (fn,Unix.stat fn)) dirs in Array.sort compr sorted; Array.map (fun entry -> ["entry", Template.VarString (read_file (fst entry)); "timestamp",Template.VarString ➥ (get_timestamp (fst entry))]) sorted;; let run req = let request = new cgi req in let entrytable = Array.to_list (display_all_entries "/var/tmp/blog") in let disp_template = Template.template_from_string viewing_template in disp_template#table "entries" entrytable; request#template disp_template let () = register_script run 620Xch21final.qxd 9/22/06 12:27 AM Page 291 CHAPTER 21 ■ PRACTICAL: WEB PROGRAMMING Cocanwiki If you are interested in a large web application that uses OCaml, look at Cocanwiki. You can download the source from http://www.merjis.com (the same site that hosts the mod_caml pages). Cocanwiki is an excellent wiki. It currently is part of how development on mod_caml and Cocanwiki get paid for. If You Are Not Using Apache If you are not using Apache, you are probably stuck with using CGI.


pages: 834 words: 180,700

The Architecture of Open Source Applications by Amy Brown, Greg Wilson

8-hour work day, anti-pattern, bioinformatics, business logic, c2.com, cloud computing, cognitive load, collaborative editing, combinatorial explosion, computer vision, continuous integration, Conway's law, create, read, update, delete, David Heinemeier Hansson, Debian, domain-specific language, Donald Knuth, en.wikipedia.org, fault tolerance, finite state, Firefox, Free Software Foundation, friendly fire, functional programming, Guido van Rossum, Ken Thompson, linked data, load shedding, locality of reference, loose coupling, Mars Rover, MITM: man-in-the-middle, MVC pattern, One Laptop per Child (OLPC), peer-to-peer, Perl 6, premature optimization, recommendation engine, revision control, Ruby on Rails, side project, Skype, slashdot, social web, speech recognition, the scientific method, The Wisdom of Crowds, web application, WebSocket

In addition to a build system, over the years CMake has evolved into a family of development tools: CMake, CTest, CPack, and CDash. CMake is the build tool responsible for building software. CTest is a test driver tool, used to run regression tests. CPack is a packaging tool used to create platform-specific installers for software built with CMake. CDash is a web application for displaying testing results and performing continuous integration testing. 5.1. CMake History and Requirements When CMake was being developed, the normal practice for a project was to have a configure script and Makefiles for Unix platforms, and Visual Studio project files for Windows.

-- ===================================================================== --> <extension point="org.eclipse.help.toc"> <toc file="topics_Guide.xml"> </toc> <toc file="topics_Reference.xml"> </toc> <toc file="topics_Porting.xml"> </toc> <toc file="topics_Questions.xml"> </toc> <toc file="topics_Samples.xml"> </toc> </extension> Apache Lucene is used to index and search the online help content. In early versions of Eclipse, online help was served as a Tomcat web application. Additionally, by providing help within Eclipse itself, you can also use the subset of help plugins to provide a standalone help server.3 Eclipse also provides team support to interact with a source code repository, create patches and other common tasks. The workspace provided collection of files and metadata that stored your work on the filesystem.

Single-server performance: If you want to safely store data on disk, what on-disk data structures are best-geared toward read-heavy or write-heavy workloads? Is writing to disk your bottleneck? Analytical workloads: We're going to pay a lot of attention to lookup-heavy workloads of the kind you need to run a responsive user-focused web application. In many cases, you will want to build dataset-sized reports, aggregating statistics across multiple users for example. Does your use-case and toolchain require such functionality? While we will touch on all of these consideration, the last three, while equally important, see the least attention in this chapter. 13.2.


pages: 1,076 words: 67,364

Haskell Programming: From First Principles by Christopher Allen, Julie Moronuki

book value, c2.com, en.wikipedia.org, fail fast, fizzbuzz, functional programming, heat death of the universe, higher-order functions, natural language processing, spaced repetition, tiling window manager, Turing complete, Turing machine, type inference, web application, Y Combinator

The Text package used is named…text: import Data.Text (Text) import qualified Data.Text as T import qualified Data.UUID as UUID import qualified Data.UUID.V4 as UUIDv4 textUuid :: IO Text textUuid = fmap (T.pack . UUID.toString) UUIDv4.nextRandom 1. nextRandom :: IO UUID 2. toString :: UUID -> String 3. pack :: String -> Text 4. fmap :: (UUID -> Text) -> IO UUID -> IO Text Lifting over web app monads Frequently when you write web applications, you’ll have a custom datatype to describe the web application which is also a Monad. It’s a Monad because your “app context” will have a type parameter to describe what result was produced in the course of a running web CHAPTER 19. APPLYING STRUCTURE 745 application. Often these types will abstract out the availability of a request or other configuration data with a Reader (explained in a later chapter), as well as the performance of effects via IO.

A helper function for logging. 5. And a fair bit more than this. The issue here is that your AppHandler is meant to be slotted into a web application which requires the reading in of configuration, initialization of a web server, and the sending of a request to get everything in motion. This is essentially a bunch of functions waiting for arguments — waiting for something to do. It doesn’t make sense to do all that yourself every time you want a value that can only be obtained in the course of the web application doing its thing. Accordingly, our Functor is letting us write functions over structure which handles all this work.

Haskell’s ecosystem has an array of well-developed libraries and tools. Hoogle is a search tool that allows you to search for the function you want by type signature. It has a sophisticated structural understanding of types and can match on more than just syntax. Libraries such as Yesod and Scotty allow you to build web applications quickly, each addressing a different niche of web development. Aeson is popular and in wide use in the Haskell community for processing JSON data which is currently the lingua franca for data serialization and transmission on the web. Gloss is popular for rendering 2d vector graphics. Xmonad is a tiled window manager for Linux/X11, written in Haskell and popular with Haskell users and non-Haskellers.


pages: 203 words: 14,242

Ship It!: A Practical Guide to Successful Software Projects by Jared R. Richardson, William A. Gwaltney

continuous integration, David Heinemeier Hansson, Donald Knuth, index card, MVC pattern, no silver bullet, place-making, Ruby on Rails, web application

Integrated combinatorial testing, reporting, row testing, data-driven testing, and other concepts are all part of the package. A PPENDIX F. T ESTING F RAMEWORKS HTMLUnit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Used inside another test harness (such as JUnit), HTMLUnit simulates a web browser to test web applications. HTTPUnit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . HTTPUnit is a lot like HTMLUnit, but it uses HTTP requests and responses to do its testing. JWebUnit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . JWebUnit sits on top of HTTPUnit to give you a high-level API for navigating a web app.

. $29.95 Visit our secure online store: Facets of Ruby Series Learn how to use the popular Ruby programming language from the Pragmatic Programmers: your definitive source for reference and tutorials on the Ruby language and exciting new application development tools based on Ruby. The Facets of Ruby series includes the definitive guide to Ruby, widely known as the PickAxe book. Upcoming titles in this series feature the Ruby on Rails web application framework and other exciting new technologies. • The definitive guide for Ruby programmers. • Up-to-date and expanded for Ruby version 1.8. • Complete documentation of all built-in classes, modules, and methods. • Complete descriptions of all ninety-eight standard libraries. • 200+ pages of new content in this edition. • Learn more about Ruby’s web tools, unit testing, and programming philosophy.

. • Learn more about Ruby’s web tools, unit testing, and programming philosophy. Programming Ruby: The Pragmatic Programmer’s Guide, 2nd Edition Dave Thomas with Chad Fowler and Andy Hunt (864 pages) ISBN : 0-9745140-5-5. $44.95 • Learn all about this new open-source, full-stack web framework. • Develop sophisticated web applications quickly and easily. • Use incremental and iterative development to create the web apps that users want. • Get to go home on time. Agile Web Development with Rails: A Pragmatic Guide Dave Thomas and David Heinemeier Hansson (450 pages) ISBN : 0-9766940-0-X. $34.95 Visit our store at The Pragmatic Bookshelf The Pragmatic Bookshelf features books written by developers for developers.


Alpha Girls: The Women Upstarts Who Took on Silicon Valley's Male Culture and Made the Deals of a Lifetime by Julian Guthrie

"Susan Fowler" uber, "World Economic Forum" Davos, Airbnb, Alan Greenspan, Andy Rubin, Apollo 11, Apple II, barriers to entry, Bear Stearns, Benchmark Capital, blockchain, Bob Noyce, call centre, cloud computing, credit crunch, deal flow, disruptive innovation, Elon Musk, equal pay for equal work, Fairchild Semiconductor, fear of failure, game design, Gary Kildall, glass ceiling, hiring and firing, information security, Jeff Bezos, Larry Ellison, Louis Pasteur, Lyft, Marc Benioff, Mark Zuckerberg, Menlo Park, Mitch Kapor, new economy, PageRank, peer-to-peer, pets.com, phenotype, place-making, private spaceflight, retail therapy, ROLM, Ronald Reagan, Rosa Parks, Salesforce, Sand Hill Road, Sheryl Sandberg, Silicon Valley, Silicon Valley startup, Skype, Snapchat, software as a service, South of Market, San Francisco, stealth mode startup, Steve Jobs, Steve Jurvetson, Steve Wozniak, Susan Wojcicki, TaskRabbit, Teledyne, Tim Cook: Apple, Timothy McVeigh, Travis Kalanick, uber lyft, unpaid internship, upwardly mobile, urban decay, UUNET, web application, William Shockley: the traitorous eight, women in the workforce

After the board meeting, Theresia and Shlomo headed to their first stop, Goldman Sachs. Where Check Point’s firewall security protected networks, WebCohort would be the first-of-its-kind Web application and database firewall. Shlomo had landed on the idea after reading a report on the growth of Web application servers, which host a combination of files and programs to implement applications accessed remotely. Shlomo realized that security would be needed to protect the server and keep the Web applications secure. Theresia told the information security officers, “Your crown jewels—your database—are only one, two clicks away from hackers.”

Hackers could easily create fake log-in credentials, she said, that would take them straight to the bank’s Web server and data server and into customer accounts and records. Shlomo added, “That’s where everything personal is, including all your credit card info. The hackers who penetrate applications are interested in the data and the database, and they get in using sequel queries,” or sequel injection attacks. “The Web applications are the front door to this data.” After Goldman Sachs, Theresia and Shlomo went to see executives at several other banks, including J.P. Morgan and Citibank. As they asked the information security chiefs about their systems and needs, their interest in what Shlomo was proposing ranged from enthusiastic to tepid.


pages: 597 words: 119,204

Website Optimization by Andrew B. King

AltaVista, AOL-Time Warner, bounce rate, don't be evil, Dr. Strangelove, en.wikipedia.org, Firefox, In Cold Blood by Truman Capote, information retrieval, iterative process, Kickstarter, machine readable, medical malpractice, Network effects, OSI model, performance metric, power law, satellite internet, search engine result page, second-price auction, second-price sealed-bid, semantic web, Silicon Valley, slashdot, social bookmarking, social graph, Steve Jobs, the long tail, three-martini lunch, traumatic brain injury, web application

Addressing Network Robustness While we're on the subject of networking with Ajax, one important concern is network robustness: something few developers may want to acknowledge as a potential problem. Traditional web applications employ a useful form of human-based error correction that we might dub "layer eight" error correction in reference to the seven-layer network model. [127] Users are accustomed to failures with traditional web applications. If a site takes too long to load, they simply click Stop and reload the page. They may even retry this process a few times before timing out and giving up—clicking the Back button or finding another site of interest.

We have encountered the following issues when analyzing and optimizing Ajax for clients: Mandatory JavaScript-style architecture effects — Accessibility problems — Search engine optimization (SEO) problems caused by lack of indexing by non-JavaScript-aware spiders coupled with one-page architecture issues Perception of browser and code errors by users Network effects — Lags in response time when the user expects immediacy — Timeouts and retries because of intermittent network issues — Lack of appropriate network and server error handling — Dependency and data ordering problems One-page architecture effects — Breaking the Back button and bookmarking — Difficulty with standard web analytics systems — Indexability of deep content by search robots * * * [120] Garrett, J. February 18, 2005. "Ajax: A New Approach to Web Applications." Adaptive Path, http://www.adaptivepath.com/publications/essays/archives/000385.php (accessed April 15, 2008). [121] Ajax was a mythological Greek hero who played an important role in Homer's Iliad. He is described as the strongest of all the Achaeans. Although not the origin of this technology's name, it is certainly a suitable lineage for the power the technology provides.

var g_abort = false; var g_retries = 0; function sendAjaxRequest( ) { var xhr = createXHR( ); if (xhr) { xhr.open("GET","sayhello.php",true); var timeout = setTimeout(function ( ){responseTimeout(xhr);},5000); xhr.onreadystatechange = function( ){responseCallback(xhr,timeout);}; xhr.send( ); } } function responseTimeout(xhr) { g_abort = true; xhr.abort( ); if (g_retries < 3) { send AjaxRequest( ); g_retries++; } } Out-of-order responses Finally, you need to acknowledge that your HTTP requests can come back out of order. In traditional web application design, the whole page is the unit of execution, so we tend not to worry about having one image come down before another. If you are using Ajax to issue to a server multiple requests that depend on one another, however, it is quite possible that in some situations you may receive responses out of order.


pages: 124 words: 25,026

PayPal APIs: Up and Running: A Developer's Guide by Michael Balderas

web application

A good example is something like CCleaner: you can download it and use it free, and pay for a license if you want support. You can also make donations to future development—and they accept PayPal for both.) PayPal’s NVP API makes it simple to integrate PayPal payments into your specific web application. You, the merchant, construct an NVP string and post it via HTTPS (HTTP Secure, aka TLS/SSL) to the PayPal authorization server. PayPal posts back an NVPformatted response that you then parse in your web application for the information relevant to the payment. Figure 1-1 shows a basic request and response workflow. 1 Download from Wow! eBook <www.wowebook.com> Figure 1-1. Basic NVP request and response The request identifies: • The name or method of the API operation to be performed and its version • PayPal API credentials • Operation-specific parameters formatted as name/value pairs Adaptive APIs also require an APP ID during the request.


pages: 936 words: 85,745

Programming Ruby 1.9: The Pragmatic Programmer's Guide by Dave Thomas, Chad Fowler, Andy Hunt

book scanning, David Heinemeier Hansson, Debian, domain-specific language, duck typing, Jacquard loom, Kickstarter, Neal Stephenson, off-by-one error, p-value, revision control, Ruby on Rails, slashdot, sorting algorithm, web application

That’s how it can help you become a better programmer: by giving you the chance to spend your time creating solutions for your users, not for the compiler.” That belief is even stronger today. Almost eight years later, Ruby is still our language of choice: I use it for client applications and web applications. I use it to run our publishing business (our online store, http://pragprog.com, is more than 40,000 lines of Rails code), and I use it for all those little programming jobs I do just to get things running smoothly. 1. http://pragprog.com/titles/ruby 17 Report erratum P REFACE 18 In those eight years, Ruby has progressed nicely.

A large number of methods have been added to the built-in classes and modules, and the size of the standard library (those libraries included in the Ruby distribution) has grown tremendously. The community now has a standard documentation system (RDoc), and RubyGems has become the system of choice for packaging Ruby code for distribution. We have a best-of-breed web application framework, Ruby on Rails, with others waiting in the wings. Ruby Versions This version of the PickAxe documents Ruby 1.9.2 Exactly what version of Ruby did I use to write this book? Let’s ask Ruby: % ruby -v ruby 1.9.1p0 (2009-01-30 revision 21907) [i386-darwin9.6.0] This illustrates an important point.

If a block is used, it is passed the matching substring, and the block’s value is substituted into the original string. a = "quick brown fox" a.sub(/^./) {|match| match.upcase } a.gsub(/[aeiou]/) {|vowel| vowel.upcase } # => # => "Quick brown fox" "qUIck brOwn fOx" Maybe we want to normalize names entered by users into a web application. They may enter DAVE THOMAS, dave thomas, or dAvE tHoMas, and we’d like to store it as Dave Thomas. The following method is a simple first iteration. The pattern that matches the first character of a word is \b\w—look for a word boundary followed by a word character. Combine this with gsub, and we can hack the names: def mixed_case(name) name.downcase.gsub(/\b\w/) {|first| first.upcase } end mixed_case("DAVE THOMAS") mixed_case("dave thomas") mixed_case("dAvE tHoMas") 1.9 # => # => # => "Dave Thomas" "Dave Thomas" "Dave Thomas" There’s an idiomatic way to write the substitution in Ruby 1.9, but we’ll have to wait until Chapter 23 on page 379 to see why it works: def mixed_case(name) name.downcase.gsub(/\b\w/, &:upcase) end mixed_case("dAvE tHoMas") # => "Dave Thomas" You can also give sub and gsub a hash as the replacement parameter, in which case they will look up matched groups and use the corresponding values as replacement text: replacement = { "cat" => "feline", "dog" => "canine" } replacement.default = "unknown" "cat and dog".gsub(/\w+/, replacement) # => "feline unknown canine" Backslash Sequences in the Substitution Earlier we noted that the sequences \1, \2, and so on, are available in the pattern, standing for the nth group matched so far.


pages: 496 words: 174,084

Masterminds of Programming: Conversations With the Creators of Major Programming Languages by Federico Biancuzzi, Shane Warden

Benevolent Dictator For Life (BDFL), business intelligence, business logic, business process, cellular automata, cloud computing, cognitive load, commoditize, complexity theory, conceptual framework, continuous integration, data acquisition, Dennis Ritchie, domain-specific language, Douglas Hofstadter, Fellow of the Royal Society, finite state, Firefox, follow your passion, Frank Gehry, functional programming, general-purpose programming language, Guido van Rossum, higher-order functions, history of Unix, HyperCard, industrial research laboratory, information retrieval, information security, iterative process, Ivan Sutherland, John von Neumann, Ken Thompson, Larry Ellison, Larry Wall, linear programming, loose coupling, machine readable, machine translation, Mars Rover, millennium bug, Multics, NP-complete, Paul Graham, performance metric, Perl 6, QWERTY keyboard, RAND corporation, randomized controlled trial, Renaissance Technologies, Ruby on Rails, Sapir-Whorf hypothesis, seminal paper, Silicon Valley, slashdot, software as a service, software patent, sorting algorithm, SQL injection, Steve Jobs, traveling salesman, Turing complete, type inference, Valgrind, Von Neumann architecture, web application

Also, there will be facilities for communicating between geographically remote processes through sockets, iostreams, and so on, rather like boost::networking. In my opinion, much of what is interesting about concurrency will appear as multiple libraries supporting logically distinct concurrency models. Many modern systems are componentized and spread out over a network; the age of web applications and mashups may accentuate that trend. Should a language reflect those aspects of the network? Bjarne: There are many forms of concurrency. Some are aimed at improving the throughput or response time of a program on a single computer or cluster, some are aimed at dealing with geographical distribution, and some are below the level usually considered by programmers (pipelining, caching, etc.).

Over that long period of time, I have had the opportunity to ponder which operations are faster and which are slower—for example, I may be aware more than most users that locals are faster than globals (though others have gone overboard using this, not me!), or that functions and method calls are expensive (more so than in C or Java), or that the fastest data type is a tuple. When it comes to using the standard library and beyond, I often feel that others have an advantage. For example, I write about one web application every few years, and the technology available changes each time, so I end up writing a “first” web app using a new framework or approach each time. And I still haven’t had the opportunity to do serious XML mangling in Python. It seems that one of the features of Python is its conciseness. How does this affect the maintainability of the code?

The most important thing to look for is the same as in all languages: be suspicious of data provided by someone you don’t trust (for a web server, this is every byte of the incoming web request, even the headers). One specific thing to watch out for is regular expressions—it is easy to write a regular expression that runs in exponential time, so web applications that implement searches where the end user types in a regular expression should have some mechanism to limit the running time. Is there any fundamental concept (general rule, point of view, mindset, principle) that you would suggest to be proficient in developing with Python? Guido: I would say pragmatism.


pages: 274 words: 58,675

Puppet 3 Cookbook by John Arundel

Amazon Web Services, cloud computing, continuous integration, Debian, defense in depth, DevOps, don't repeat yourself, Free Software Foundation, GnuPG, Larry Wall, place-making, Ruby on Rails, web application

A module is simply a way of grouping related things: for example, a webserver module might include everything necessary for a machine to be a web server: Apache configuration files, virtual host templates, and the Puppet code necessary to deploy these. Separating things into modules makes it easier to re-use and share code; it's also the most logical way to organize your manifests. In this example we'll create a module to manage memcached, a memory caching system commonly used with web applications. How to do it… Here are the steps to create an example module. 1. Create the following new directories in your Puppet repo: ubuntu@cookbook:~/puppet$ mkdir modules/memcached 38 Chapter 2 ubuntu@cookbook:~/puppet$ mkdir modules/memcached/manifests ubuntu@cookbook:~/puppet$ mkdir modules/memcached/files 2.

This comes in handy when you need to move applications and services around between machines. If two applications that use the same resource end up sharing a machine, they would cause a conflict unless you make the resource virtual. To clarify this, let's look at a typical situation where virtual resources might come in useful. You are responsible for two popular web applications, FaceSquare and Flipr. Both are web apps running on Apache, so they both require the Apache package to be installed. The definition for FaceSquare might look something like the following: class app::facesquare { package { 'apache2-mpm-worker': ensure => installed } ... } 112 Chapter 5 The definition for Flipr might look like this: class app::flipr { package { 'apache2-mpm-worker': ensure => installed } ... } All is well until you need to consolidate both apps onto a single server: node 'bigbox' { include app::facesquare include app::flipr } Now Puppet will complain because you tried to define two resources with the same name: apache2-mpm-worker.

Create the file modules/firewall/files/common.role with the following contents: # Allow all traffic on loopback interface iptables -I INPUT 1 -i lo -j ACCEPT iptables -I OUTPUT 1 -o lo -j ACCEPT # Allow established and related connections iptables -I INPUT 2 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -I OUTPUT 2 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow SSH and ping iptables -A INPUT -p tcp -m tcp --dport ${SSH} -j ACCEPT iptables -A INPUT -p ICMP --icmp-type echo-request -j ACCEPT # Allow common outbound ports iptables -A OUTPUT -p tcp --dport iptables -A OUTPUT -p udp --dport iptables -A OUTPUT -p tcp --dport iptables -A OUTPUT -p udp --dport iptables -A OUTPUT -p tcp --dport iptables -A OUTPUT -p tcp --dport iptables -A OUTPUT -p tcp --dport # Drop some iptables -A iptables -A iptables -A iptables -A iptables -A iptables -A iptables -A iptables -A iptables -A commonly INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p INPUT -p ${SMTP} -j ACCEPT ${NTP} -j ACCEPT ${NTP} -j ACCEPT ${DNS} -j ACCEPT ${WEB} -j ACCEPT ${WEB_SSL} -j ACCEPT ${MYSQL} -j ACCEPT probed ports tcp --dport 23 -j DROP # telnet tcp --dport 135 -j DROP # epmap tcp --dport 139 -j DROP # netbios tcp --dport 445 -j DROP # Microsoft DS udp --dport 1433 -j DROP # SQL server tcp --dport 1433 -j DROP # SQL server udp --dport 1434 -j DROP # SQL server tcp --dport 1434 -j DROP # SQL server tcp --dport 2967 -j DROP # SSC-agent 6. Create the file modules/firewall/files/webserver.role with the following contents: # Access to web ports iptables -A INPUT -p tcp --dport ${WEB} -j ACCEPT iptables -A INPUT -p tcp --dport ${WEB_SSL} -j ACCEPT # Send mail from web applications iptables -A OUTPUT -p tcp --dport ${SMTP} -j ACCEPT 181 Servers and Cloud Infrastructure 7. Create the file modules/firewall/manifests/role.pp with the following contents: # Manage a specific firewall role define firewall::role() { include firewall file { "/etc/firewall/roles/${name}": source => "puppet:///modules/firewall/${name}.role", require => File['/etc/firewall/roles'], notify => Exec['run-iptables'], } append_if_no_such_line { "${name} role": file => "/etc/firewall/hosts/${::hostname}", line => ".


pages: 924 words: 196,343

JavaScript & jQuery: The Missing Manual by David Sawyer McFarland

Firefox, framing effect, functional programming, HyperCard, information retrieval, Ruby on Rails, Steve Jobs, web application

While there were plenty of map sites before Google, they always required reloading multiple web pages (usually a slow process) to get to the information you wanted. Google Maps, on the other hand, works without page refreshes—it responds immediately to your choices. The programs you create with JavaScript can range from the really simple (like popping up a new browser window with a web page in it) to full-blown web applications like Google Docs (http://docs.google.com), which let you create presentations, edit documents, and create spreadsheets using your web browser with the feel of a program running directly on your computer. A Bit of History Invented by Netscape back in 1995, JavaScript is nearly as old as the web itself.

(There are still a few incompatibilities among current web browsers, so you’ll need to learn a few tricks for dealing with cross-browser problems. You’ll learn how to overcome browser incompatibilities in this book.) In the past several years, JavaScript has undergone a rebirth, fueled by high-profile websites like Google, Yahoo, and Flickr, which use JavaScript extensively to create interactive web applications. There’s never been a better time to learn JavaScript. With the wealth of knowledge and the quality of scripts being written, you can add sophisticated interaction to your website—even if you’re a beginner. Note JavaScript is also known by the name ECMAScript. ECMAScript is the “official” JavaScript specification, which is developed and maintained by an international standards organization called Ecma International: http://www.ecmascript.org/ JavaScript Is Everywhere JavaScript isn’t just for web pages, either.

While the effect is really cool, and the calendar makes it especially easy to pick a date, JavaScript provides only the interactivity—the actual calendar is created with the same old HTML and CSS that you’re familiar with. Figure 4-2. The jQuery UI project (http://jqueryui.com) provides useful user interface widgets for web applications. The Datepicker, for example, provides an easy, user-friendly way to specify a date. If you look under the hood of the calendar, you’ll find a series of HTML tags such as divs, a table, and <td> tags, with special classes and IDs (ui-datepicker-month, ui-datepicker-div, and so on) applied to them.


pages: 237 words: 65,794

Mining Social Media: Finding Stories in Internet Data by Lam Thuy Vo

barriers to entry, correlation does not imply causation, data science, Donald Trump, en.wikipedia.org, Filter Bubble, Firefox, Google Chrome, Internet Archive, natural language processing, social web, web application

Chapter 7: Visualizing Your Data Explores how visualization tools—like making charts within Google Sheets and using conditional formatting to highlight data variations—can help us better understand our data. Chapter 8: Advanced Tools for Data Analysis Transfers concepts you learned from analyzing data in Google Sheets into the realm of programmatic analysis. You’ll see how to set up virtual environments in Python 3, navigate Jupyter Notebooks (a web application that is capable of reading and running Python code), and use the Python library pandas. You’ll also explore the structure and breadth of your data sets. Chapter 9: Finding Trends in Reddit Data Builds on the previous chapter to show you how to modify data, filter data, and run basic aggregation using functions in pandas.

In this chapter, we’ll practice reading in and exploring data using Python. During this process, you’ll be introduced to several more programming-related tools and concepts. You’ll learn how to set up a virtual environment, which is a contained, localized way of using libraries. After that, I’ll show you how to navigate the web application Jupyter Notebook, an interface you can use to write and modify code, output results, and render text and charts. Finally, you’ll install pandas, a Python library that enables you to do statistical analyses. As in the earlier chapters, you’ll absorb all this new knowledge through a practical exercise—ingesting and exploring Reddit submissions data.

But as we build our Python skills and start working on more-complex scripts, we should look into tools to make these kinds of projects more manageable, structured, and shareable. The more complicated and longer our scripts become, the harder it is to keep track of every single step of our analysis. This is where learning how to use Jupyter Notebook can be helpful. Jupyter is an open source web application that runs locally on your computer and is rendered in a browser like Chrome. Notebooks allow us to run our scripts in chunks, a few lines at a time, making it easier for us to adjust parts of our code as we iterate and improve upon it. The Jupyter Notebook web app, which evolved out of the web app IPython Notebooks, was created to accommodate three programming languages—Julia, Python, and R (Ju-Pyt-R)—but has since evolved to support many other coding languages.


pages: 178 words: 33,275

Ansible Playbook Essentials by Gourav Shah

Amazon Web Services, cloud computing, Debian, DevOps, fault tolerance, information security, web application

For example, a load balancer would connect to web servers, which in turn read/write to a database and connect to the caching server to fetch in-memory objects. Most of the time, when we launch such application stacks, we need to configure these components in a very specific order. Here is an example of a very common three-tier web application running a load balancer, a web server, and a database backend: Ansible lets you translate this diagram into a blueprint, which defines your infrastructure policies. The format used to specify such policies is what playbooks are. Example policies and the sequence in which those are to be applied is shown in the following steps: Install, configure, and start the MySQL service on the database servers.

The following is a sample playbook that translates the infrastructure blueprint into policies enforceable by Ansible: Plays A playbook consists of one or more plays, which map groups of hosts to well-defined tasks. The preceding example contains three plays, each to configure one layer in the multitiered web application. Plays also define the order in which tasks are configured. This allows us to orchestrate multitier deployments. For example, configure the load balancers only after starting the web servers, or perform two-phase deployment where the first phase only adds this configurations and the second phase starts the services in the desired order.


Exploring ES6 - Upgrade to the next version of JavaScript by Axel Rauschmayer

anti-pattern, domain-specific language, duck typing, en.wikipedia.org, Firefox, functional programming, Google Chrome, MVC pattern, web application, WebSocket

Similar to normal <script> elements, <script type="module"> can also be used to load external modules. For example, the following tag starts a web application via a main module (the attribute name import is my invention, it isn’t yet clear what name will be used). <script type="module" import="impl/main"></script> The advantage of supporting modules in HTML via a custom <script> type is that it is easy to bring that support to older engines via a polyfill (a library). There may or may not eventually be a dedicated element for modules (e.g. <module>). 17.6.2 Bundling Modern web applications consist of many, often small, modules. Loading those modules over HTTP impacts performance negatively, because a separate request is needed for each.

Versions of JavaScript are defined by specifications that carry the official name of the language. Hence, the first standard version of JavaScript is ECMAScript 1 which is short for “ECMAScript Language Specification, Edition 1”. ECMAScript x is often abbreviated ESx. 1.4 Upgrading to ES6 The stake holders on the web are: • Implementors of JavaScript engines • Developers of web applications • Users ⁷http://tc39wiki.calculist.org/about/harmony/ ⁸https://github.com/tc39/ecma262 ⁹https://tc39.github.io/process-document/ About ECMAScript 6 (ES6) 4 These groups have remarkably little control over each other. That’s why upgrading a web language is so challenging. On one hand, upgrading engines is challenging, because they are confronted with all kinds of code on the web, sometimes very old one.

There were now two groups working on future ECMAScript versions: ¹³Source: Introduction of ES6 spec. […] regular expressions, better string handling, new control statements, try/catch exception handling, tighter definition of errors, formatting for numeric output and other enhancements. [1] ¹⁴http://www.adaptivepath.com/ideas/ajax-new-approach-web-applications/ About ECMAScript 6 (ES6) 7 • ECMAScript 4 was designed by Adobe, Mozilla, Opera, and Google and was a massive upgrade. Its planned feature sets included: – Programming in the large (classes, interfaces, namespaces, packages, program units, optional type annotations, and optional static type checking and verification) – Evolutionary programming and scripting (structural types, duck typing, type definitions, and multimethods) – Data structure construction (parameterized types, getters and setters, and meta-level methods) – Control abstractions (proper tail calls, iterators, and generators) – Introspection (type meta-objects and stack marks) • ECMAScript 3.1 was designed by Microsoft and Yahoo.


Programming Python by Mark Lutz

Benevolent Dictator For Life (BDFL), Build a better mousetrap, business logic, business process, cloud computing, Firefox, general-purpose programming language, Google Chrome, Guido van Rossum, iterative process, linear programming, loose coupling, machine readable, MVC pattern, natural language processing, off grid, slashdot, sorting algorithm, web application

And the BitTorrent peer-to-peer file transfer system—written in Python and downloaded by tens of millions of users—leverages Python’s networking skills to share files among clients and remove some server bottlenecks. Many also build and manage their sites with larger Python-based toolkits. For instance, the Zope web application server was an early entrant to the domain and is itself written and customizable in Python. Others build sites with the Plone content management system, which is built upon Zope and delegates site content to its users. Still others use Python to script Java web applications with Jython (formerly known as JPython)—a system that compiles Python programs to Java bytecode, exports Java libraries for use in Python scripts, and allows Python code to serve as web applets downloaded and run in a browser.

Extensions to the CGI Model Finally, there are more advanced protocols and frameworks for retaining state on the server, which we won’t cover in this book. For instance, the Zope web application framework, discussed briefly in Chapter 12, provides a product interface, which allows for the construction of web-based objects that are automatically persistent. Other schemes, such as FastCGI, as well as server-specific extensions such as mod_python for Apache, may attempt to work around the autonomous, one-shot nature of CGI scripts, or otherwise extend the basic CGI model to support long-lived memory stores. For example: FastCGI allows web applications to run as persistent processes, which receive input data from and send reply streams to the HTTP web server over Inter-Process Communication (IPC) mechanisms such as sockets.

Such models are not universally supported, though, and may come with some added cost in complexity—for example, to synchronize access to persistent data with locks. Moreover, a failure in a FastCGI-style web application impacts the entire application, not just a single page, and things like memory leaks become much more costly. For more on persistent CGI models, and support in Python for things such as FastCGI, search the Web or consult web-specific resources. Combining Techniques Naturally, these techniques may be combined to achieve a variety of memory strategies, both for interaction sessions and for more permanent storage needs. For example: A web application may use cookies to store a per-user or per-session key on the client, and later use that key to index into a server-side database to retrieve the user’s or session’s full state information.


PostgreSQL: Up and Running, 3rd Edition by Unknown

cloud computing, database schema, full text search, job automation, platform as a service, profit maximization, Salesforce, SQL injection, web application

SELECT employee FROM employment WHERE period @> CURRENT_DATE GROUP employee -------Alex The reverse of the contains operator is the contained operator (<@), whose first argument is the value and the second the range. JSON PostgreSQL provides JSON (JavaScript Object Notation) and many support functions. JSON has become the most popular data interchange format for web applications. Version 9.3 significantly beefed up JSON support with new functions for extracting, editing, and casting to other data types. Version 9.4 introduced the JSONB data type, a binary form of JSON that can also take advantage of indexes. Version 9.5 introduced more functions for jsonb, including functions for setting elements in a jsonb object.

.* by accident, but check out the result: x -----------------------------------------------------------------(86,Population,"{D001,Total:}",d001) (87,Population,"{D002,Total:,""Not Hispanic or Latino:""}",d002) Instead of erroring out, the preceding example returns the canonical representation of a lu_fact_type data type. Composites can serve as input to several useful functions, among which are array_agg and hstore (a function packaged with the hstore extension that converts a row into a key-value pair object). If you are building web applications, you can take advantage of the built-in JSON and JSONB support we covered in “JSON” and use a combination of array_agg and array_to_json to output a query as a single JSON object as shown in Example 7-21. In PostgreSQL 9.4, you can use json_agg. See Example 7-22. Example 7-21. Query to JSON output SELECT array_to_json(array_agg(f)) As cat FROM ( SELECT MAX(fact_type_id) As max_type, category FROM census.lu_fact_types GROUP BY category ) As f; This will give you an output of: cats ---------------------------------------------------[{"max_type":102,"category":"Population"}, {"max_type":153,"category":"Housing"}] Defines a subquery with name f. f can then be used to reference each row in the subquery.

There is an extension called plv8x that makes using Node.js modules and modules you build easier to reuse in PL/V8. You can find several examples on our site of PL/V8 use. Some involved copying fairly large bodies of JavaScript code that we pulled from the Web and wrapped in a PL/V8 wrapper, as detailed in Using PLV8 to build JSON Selectors. The PL/V8 family mates perfectly with web applications because much of the same client-side JavaScript logic can be reused. More important, it makes a great all-purpose language for developing numeric functions, updating data, and so on. Basic Functions One of the great benefits of PL/V8 is that you can use any JavaScript function in your PL/V8 functions with minimal change.


pages: 276 words: 78,094

Design for Hackers: Reverse Engineering Beauty by David Kadavy

Airbnb, complexity theory, en.wikipedia.org, Firefox, Hacker News, Isaac Newton, John Gruber, Paul Graham, Ruby on Rails, semantic web, Silicon Valley, Silicon Valley startup, Steve Jobs, TaskRabbit, web application, wikimedia commons, Y Combinator

Web 2.0 graphics Time will tell what art and design produced today will stand the test of time and go down in history as historically significant, but it’s safe to assume that it will be art that is a product of technological and cultural influence. One such artistic style, believe it or not, may well be that associated with the Web 2.0 movement. The Web 2.0 movement gathered momentum around 2005 and is typically understood to encompass web applications that enable information sharing between multiple users. Services such as Flickr, Blogger, Delicious, and YouTube all benefit from what their users produce. This user-generated content contributes to the overall value of the service. The more photos that are added to the photo-sharing site Flickr, the more it grows into a repository where you can easily find photos on nearly any subject.

Unfortunately, though, many designers worked for large corporations where they didn’t get the opportunity to experiment with new techniques, or had conservative clients who were reluctant to try designs that were anything unlike the rectilinear designs that were commonplace at the time. Fortunately for some of these designers, the Web 2.0 revolution was coming. Frameworks such as Ruby on Rails and Django, both released in 2005, were making it easier than ever for developers to create web applications that would bring Internet users the social experiences that they craved. Small teams of young developers flocked to Silicon Valley to start companies and try to secure funding. These teams included designers (myself included) who were eager to try out their new bag of tricks. These small teams could call all the shots themselves.

Proportional relationships help organize the various elements involved in a design, not only drawing the attention of the viewer, but guiding her eye throughout that piece of design. Whether you’re taking photograph of a flower, chiseling a sculpture out of marble, or crafting the interface of a web application, understanding proportion is critical not only in attracting the attention of the viewer, but in holding her attention while guiding her eye. Look at the two simple compositions in Figure 5-3. The one on the left is generally not very visually interesting. But the one on the right is. I’m speaking relatively of course – I don’t expect it to end up in the Louvre.


pages: 550 words: 84,515

Vue.js 2 Cookbook by Andrea Passaglia

bitcoin, business logic, cognitive load, functional programming, Kickstarter, Large Hadron Collider, loose coupling, MVC pattern, node package manager, Silicon Valley, single page application, web application, WebSocket

Title Page Vue.js 2 Cookbook Build modern, interactive web applications with Vue.js Andrea Passaglia BIRMINGHAM - MUMBAI Vue.js 2 Cookbook Copyright © 2017 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied.

I'll quote the documentation to summarize what we said so that you can have a proper checklist when you are in doubt: Props: They allow the external environment to pass data into the component Events: They allow the component to trigger side effects in the external environment Slots: They allow the external environment to compose the component with extra content Vue Communicates with the Internet In this chapter, the following recipes will be covered: Sending basic AJAX request with Axios Validating user data before sending it Creating a form and sending data to your server Recovering from an error during a request Creating a REST client (and server!) Implementing infinite scrolling Processing a request before sending it out Preventing XSS attacks to your app Introduction Web applications rarely work all by themselves. What makes them interesting is actually the fact that they enable us to communicate with the world in innovative ways that didn't exist just a few years ago. Vue, by itself, doesn't contain any mechanism or library to make AJAX requests or open web sockets. In this chapter, we will, therefore, explore how Vue interacts with built-in mechanisms and external libraries to connect to external services.

$store.dispatch('goToLastPanel') } } </script> Also, you can delete most of the App.vue template and leave only the following: <template> <div id="app"> <router-view></router-view> </div> </template> How it works... The proxyTable object will configure the http-proxy-middleware. This is useful every time we are developing the UI of a bigger web application and we launch our developer server on localhost, but our API responds to another web server. This is especially relevant when we want to use CORS and we don't allow other websites to use our API. The Xkcd API doesn't allow localhost to consume the web service. This is why, even if we try to use the Xkcd API directly, our browser won't let us.


pages: 1,136 words: 73,489

Working in Public: The Making and Maintenance of Open Source Software by Nadia Eghbal

Amazon Web Services, Apollo 11, barriers to entry, Benevolent Dictator For Life (BDFL), Big Tech, bitcoin, Clayton Christensen, cloud computing, commoditize, commons-based peer production, context collapse, continuous integration, crowdsourcing, cryptocurrency, David Heinemeier Hansson, death of newspapers, Debian, disruptive innovation, Dunbar number, en.wikipedia.org, eternal september, Ethereum, Firefox, Free Software Foundation, Guido van Rossum, Hacker Ethic, Hacker News, Induced demand, informal economy, information security, Jane Jacobs, Jean Tirole, Kevin Kelly, Kickstarter, Kubernetes, leftpad, Mark Zuckerberg, Menlo Park, Neal Stephenson, Network effects, node package manager, Norbert Wiener, pirate software, pull request, RFC: Request For Comment, Richard Stallman, Ronald Coase, Ruby on Rails, side project, Silicon Valley, Snapchat, social graph, software as a service, Steve Jobs, Steve Wozniak, Steven Levy, Stewart Brand, tacit knowledge, the Cathedral and the Bazaar, The Death and Life of Great American Cities, The Nature of the Firm, TikTok, Tragedy of the Commons, transaction costs, two-sided market, urban planning, web application, wikimedia commons, Yochai Benkler, Zimmermann PGP

Today, developers publish bits of code online, for public use, as easily as others discover and use them. But just as tweets are easy to read and retweet without context as to who wrote them, code is easy to copy-paste without knowing, or caring, where it came from. The npm ecosystem—which, according to its parent company, makes up an estimated 97% of the code in modern web applications today—offers some clues to the future.8 Npm, which stands for Node Package Manager, is the platform commonly used by JavaScript developers to install and manage packages, or libraries. (Libraries are prewritten bits of code that other developers can use, instead of having to write the same code from scratch.

When the costs of coordination outpace the benefits, the commons breaks down as a useful production model. The theory of the commons helps explain the curious behaviors of developers, seemingly unmotivated by money, which led to the early success of open source. It explains the success of prominent open source projects built by big, decentralized communities, like the web application framework Ruby on Rails. Commons-based peer production also explains why some developers hold the view that money and open source don’t mix. If production runs on intrinsic motivation, money is an extrinsic motivator that is thought to interfere with an already well-coordinated system. Although the commons might not be as profitable as the firm, it’s also more resilient, because the currency of its transactions is the desire to participate, rather than money.

Because the term “maintainer” doesn’t have a universal definition, it can be difficult to make generalizations about what the role entails. Bigger projects might have maintainers who are responsible for specific subprojects, or for areas of expertise that span the whole project. For example, the Python-based web application framework Django has a security team, an ops team to maintain tooling and infrastructure, a release team to build and manage releases, and several technical teams to handle triage, contributions, and code review.141 All of these developers could be considered maintainers, but because Django is such a big project their work is more specialized.


pages: 296 words: 41,381

Vue.js by Callum Macrae

Airbnb, business logic, single page application, single source of truth, source of truth, web application, WebSocket

It’s easy enough to update a bit of text on a page by using jQuery, but as we need to do more—updating large, interactive sections of a page; handling complicated state; performing client-side routing; and simply writing and organizing a lot more code—using a JavaScript framework makes our jobs a lot easier. A framework is a JavaScript tool that makes it easier for developers to create rich, interactive websites. Frameworks contain functionality that enable us to make a fully functional web application: manipulating complicated data and displaying it on the page, handling routing client-side instead of having to rely on a server, and sometimes even allowing us to create a full website that needs to hit the server only once for the initial download. Vue.js is the latest popular JavaScript framework and is rapidly increasing in popularity.

It provides a fully featured webpack setup with vue-loader for single-file components (.vue files), hot module reloading, and linting, and can set you up with vue-router, unit tests, and functional tests if you want them. pwa This template is based on the webpack template and does everything it does, but also sets up your application to be used as a progressive web application—a web app that is available offline and is designed to be saved to the home screen of a user’s mobile device. webpack-simple This template is like the webpack template, but simpler. It provides only a simple webpack setup with vue-loader and other essential loaders, but doesn’t set up anything like hot module reloading, linting, or any of the optional modules the webpack template installs.


pages: 314 words: 94,600

Business Metadata: Capturing Enterprise Knowledge by William H. Inmon, Bonnie K. O'Neil, Lowell Fryman

affirmative action, bioinformatics, business cycle, business intelligence, business process, call centre, carbon-based life, continuous integration, corporate governance, create, read, update, delete, database schema, en.wikipedia.org, folksonomy, informal economy, knowledge economy, knowledge worker, semantic web, tacit knowledge, The Wisdom of Crowds, web application

. ✦ The expert may not even know that he or she is an expert; knowing something and knowing what you know may be two different skills. 98 Chapter 6 Business Metadata Capture It seems that we need the security of consulting an expert, even when he or she may have dubious credentials. Surowiecki uses the term seer sucker to capture our inherent need for an expert: Even though no expert seems to exist, a sucker will still be found to serve as one. The credibility of experts is a topic worth consideration. Deborah McGuinness, in her talk entitled “Making Web Applications More Trustable” at SemTech in 2006, presented some ideas about how some sources of knowledge are more credible than others. One way you can measure credibility is to assign weights to people’s opinions. Some Web sites already do a version of expert weighting, based on users voting on whether a book review was helpful, or whether a person’s list is useful.

Review of The Wisdom of Crowds. http://www.amazon.com/ Wisdom-Crowds-James-Surowiecki/dp/0385721706/sr=1-1/qid=1162589559/ ref=pd_bbs_sr_1/103-0890407-7574238?ie=UTF8&s=books 120 Chapter 6 Business Metadata Capture ✦ Dixon, Nancy M. Common Knowledge. Cambridge, MA: Harvard Business School Press, March 2000. ✦ McGuinness, Deborah. “Making Web Applications Trustable.” Semantic Technology Conference, March 2006. ✦ McQuade, James. “Combining Business Metadata Delivery with Knowledge Management.” DAMA International, 2005. ✦ Segal, Jonathan A. “Time Is on Their Side.” HR Magazine, February 2006. http://findarticles.com/p/articles/mi_m3495/is_2_51/ai_n16101872 ✦ Surowiecki, James.

Companies like PPC specialize in development of the visual analytic application and also mentoring your personnel, so when new views of the data are required, your staff can create them. 9.4.4 New Web 2.0 Technology: Mashups! A very exciting method is now available that can capture and deliver business metadata at the same time: mashups. Mashups are integrated Web applications that usually consist of a collection of different types of components and data, all displayed together on the same Web page. The really cool feature of these new tools that have recently been released is their ability to allow ordinary users—not just programmers—to create their own mashup, with no programming.


pages: 394 words: 118,929

Dreaming in Code: Two Dozen Programmers, Three Years, 4,732 Bugs, and One Quest for Transcendent Software by Scott Rosenberg

A Pattern Language, AOL-Time Warner, Benevolent Dictator For Life (BDFL), Berlin Wall, Bill Atkinson, c2.com, call centre, collaborative editing, Computer Lib, conceptual framework, continuous integration, Do you want to sell sugared water for the rest of your life?, Donald Knuth, Douglas Engelbart, Douglas Engelbart, Douglas Hofstadter, Dynabook, en.wikipedia.org, Firefox, Ford Model T, Ford paid five dollars a day, Francis Fukuyama: the end of history, Free Software Foundation, functional programming, General Magic , George Santayana, Grace Hopper, Guido van Rossum, Gödel, Escher, Bach, Howard Rheingold, HyperCard, index card, intentional community, Internet Archive, inventory management, Ivan Sutherland, Jaron Lanier, John Markoff, John Perry Barlow, John von Neumann, knowledge worker, L Peter Deutsch, Larry Wall, life extension, Loma Prieta earthquake, machine readable, Menlo Park, Merlin Mann, Mitch Kapor, Neal Stephenson, new economy, Nicholas Carr, no silver bullet, Norbert Wiener, pattern recognition, Paul Graham, Potemkin village, RAND corporation, Ray Kurzweil, Richard Stallman, Ronald Reagan, Ruby on Rails, scientific management, semantic web, side project, Silicon Valley, Singularitarianism, slashdot, software studies, source of truth, South of Market, San Francisco, speech recognition, stealth mode startup, stem cell, Stephen Hawking, Steve Jobs, Stewart Brand, Strategic Defense Initiative, Ted Nelson, the Cathedral and the Bazaar, Therac-25, thinkpad, Turing test, VA Linux, Vannevar Bush, Vernor Vinge, Wayback Machine, web application, Whole Earth Catalog, Y2K

Fried said it’s not uncommon for his team to spend hours debating each word and button and box displayed on them. 37 Signals set out to create some small programs, not to build an ambitious new platform or application framework. But in the course of building Basecamp, Hansson had written some useful and innovative code that streamlined and simplified the basic chores that all Web applications had to perform in the course of storing and retrieving data. After Basecamp’s launch, he and 37 Signals decided to take that work and release it as an open source platform called Ruby on Rails. Rails, as it came to be called, made writing Web applications easier, in part by limiting the programmer’s options. “Flexibility is overrated. Constraints are liberating,” Hansson says. And Rails was ready-made for the AJAX-style interface enhancements that were making those Web-based programs credible competition to their desktop equivalents.

A Mozilla-based Chandler would need to base such a feature on Javascript, a programming language meant specifically for embedding program code inside Web pages. (HTML, the basic language for publishing Web pages, isn’t really a programming language at all; it just tells a browser what to show on screen.) “You never see this in a Web application because the client can only make a few round trips to the server in a second,” Kapor says. “I want a sense of confidence that we’ll have a first-class way to do this. To me this is at the heart of the whole PC-versus-Web thing. You can have only so many round trips to the server per second or your performance gets clobbered.”

(That problem had figured prominently in Mitch Kapor’s rationale for not building Chandler as a Web-based application.) It made the Web browser work a little more like the kind of “rich client” application Chandler was going to be. It was whittling down the difference between desktop applications and Web applications. Gmail wasn’t the only product to show off such wizardry, which later became known by the acronym AJAX (for asynchronous Javascript and XML); smaller outfits were performing similar cool tricks. Flickr, the product of a small company based in Vancouver, British Columbia, achieved the same kind of speed and delight in a new Web-based service that allowed people to share digital photos.


Text Analytics With Python: A Practical Real-World Approach to Gaining Actionable Insights From Your Data by Dipanjan Sarkar

bioinformatics, business intelligence, business logic, computer vision, continuous integration, data science, deep learning, Dr. Strangelove, en.wikipedia.org, functional programming, general-purpose programming language, Guido van Rossum, information retrieval, Internet of things, invention of the printing press, iterative process, language acquisition, machine readable, machine translation, natural language processing, out of africa, performance metric, premature optimization, recommendation engine, self-driving car, semantic web, sentiment analysis, speech recognition, statistical model, text mining, Turing test, web application

Hence, Python is often the choice of language especially when rapid prototyping and development are essential for solving an important problem in little time. Complete robust ecosystem: One of the main advantages of Python is that it is a multipurpose programming language that can be used for just about anything! From web applications to intelligent systems, Python powers a wide variety of applications and systems. We will talk about some of them later in this chapter. Besides being a multipurpose language, the wide variety of frameworks, libraries, and platforms that have been developed by using Python and to be used for Python form a complete robust ecosystem around Python.

A lot of Python scripts are used in an ad-hoc fashion for automating operations like network socket communication, handling email, parsing and extracting web pages, file sharing and transfer via FTP, communicating via different protocols, and several more. Web development: There are a lot of robust and stable Python frameworks out there that are used extensively for web development, including Django, Flask, Web2Py, and Pyramid. You can use them for developing complete enterprise web applications, and Python supports various architecture styles like RESTful APIs and the MVC architecture. It also provides ORM support to interact with databases and use OOP on top of that. Python even has frameworks like Kivy, which support cross-platform development for developing apps on multiple platforms like iOS, Android, Windows, and OS X.

WordNet is used extensively as a lexical database, in text analytics, NLP, and artificial intelligence (AI)-based applications. The WordNet database consists of over 155,000 words, represented in more than 117,000 synsets, and contains over 206,000 word-sense pairs. The database is roughly 12 MB in size and can be accessed through various interfaces and APIs. The official web site has a web application interface for accessing various details related to words, synsets, and concepts related to the entered word. You can access it at http://wordnetweb.princeton.edu/perl/webwn or download it from https://wordnet.princeton.edu/wordnet/download/ . The download contains various packages, files, and tools related to WordNet.


The Art of Readable Code by Dustin Boswell, Trevor Foucher

Albert Einstein, business logic, don't repeat yourself, Donald Knuth, off-by-one error, web application

For example, suppose you wrote a function that sends an email to a given user: void SendEmail(string to, string subject, string body); The implementation of this function involves connecting to an external email service, which might take up to a whole second, or possibly longer. Someone who is writing a web application might not realize this and mistakenly call this function while handling an HTTP request. (Doing this would cause their web application to “hang” if the email service is down.) To prevent this likely mishap, you should comment on this “implementation detail”: // Calls an external service to deliver email. (Times out after 1 minute.) void SendEmail(string to, string subject, string body); Here is another example: suppose you have a FixBrokenHtml() function that attempts to rewrite broken HTML by inserting missing closing tags and the like: def FixBrokenHtml(html): ...


pages: 692 words: 95,244

Speaking JavaScript: An In-Depth Guide for Programmers by Axel Rauschmayer

Airbnb, anti-pattern, digital divide, en.wikipedia.org, fail fast, Firefox, functional programming, higher-order functions, machine readable, web application

Furthermore, new ideas are already in development to make JavaScript fast enough for the remaining applications: asm.js is a (very static) subset of JavaScript that runs fast on current engines, approximately 70% as fast as compiled C++. It can, for example, be used to implement performance-critical algorithmic parts of web applications. It has also been used to port C++-based games to the web platform. ParallelJS parallelizes JavaScript code that uses the new array methods mapPar, filterPar, and reducePar (parallelizable versions of the existing array methods map, filter, and reduce). In order for parallelization to work, callbacks must be written in a special style; the main restriction is that you can’t mutate data that hasn’t been created inside the callbacks.

He called these traits Ajax, a shorthand for Asynchronous JavaScript and XML.[5] The two cornerstones of Ajax are loading content asynchronously in the background (via XMLHttpRequest) and dynamically updating the current page with the results (via dynamic HTML). That was a considerable usability improvement from always performing complete page reloads. Ajax marked the mainstream breakthrough of JavaScript and dynamic web applications. It is interesting to note how long that took—at that point, the Ajax ingredients had been available for years. Since the inception of Ajax, other data formats have become popular (JSON instead of XML), other protocols are used (e.g., Web Sockets in addition to HTTP), and bidirectional communication is possible.

W web platform as native platform, Historical JavaScript Milestones JavaScript as part of, The Nature of JavaScript WebKit, Historical JavaScript Milestones WebOS, Historical JavaScript Milestones while loop, Loops whitespace in code, Syntax window object, Cross-Platform Considerations checking if global variable exists, Use case: checking whether a global variable exists creating things in global scope, Use case: creating things in global scope not referring to built-in globals via window, Use case: built-ins use cases for window, Use case: marking global variables Windows 8, Historical JavaScript Milestones with statement, The with Statement–The Rationale for the Deprecation deprecated, The with Statement Is Deprecated rationale for deprecation, The Rationale for the Deprecation techniques for avoiding use of, Techniques for avoiding the with statement wrapper objects for primitives, Wrapper Objects for Primitives–Type Coercion differences between wrapper objects and primitives, Wrapper Objects Are Different from Primitives lenient equality (==) not working for, Use case: comparing wrapper instances with primitives X XMLHttprequest, Historical JavaScript Milestones XRegExp library, Four Language Libraries Y Yeoman suite of tools, More Tools YUI Compressor (minification tool), More Tools Z zero (0), positive and negative, Two Zeros–Distinguishing the two zeros About the Author Dr. Axel Rauschmayer specializes in JavaScript and web technologies. He blogs at 2ality.com, teaches web development for ecmanauten.de, edits JavaScript Weekly and organizes Munich’s JavaScript user group (munichjs.de). Axel has been programming since 1985, developing web applications since 1995 and held his first talk on Ajax in 2006. In 1999, he was technical manager at a German internet startup that later expanded internationally. He has done extensive research into programming language design and has followed the state and future of JavaScript since its creation. Colophon The animal on the cover of Speaking JavaScript is a Papuan Hornbill (Rhyticeros plicatus), a large bird inhabiting the forest canopy in Eastern Indonesia and New Guinea.


The Internet Trap: How the Digital Economy Builds Monopolies and Undermines Democracy by Matthew Hindman

A Declaration of the Independence of Cyberspace, accounting loophole / creative accounting, activist fund / activist shareholder / activist investor, AltaVista, Amazon Web Services, barriers to entry, Benjamin Mako Hill, bounce rate, business logic, Cambridge Analytica, cloud computing, computer vision, creative destruction, crowdsourcing, David Ricardo: comparative advantage, death of newspapers, deep learning, DeepMind, digital divide, discovery of DNA, disinformation, Donald Trump, fake news, fault tolerance, Filter Bubble, Firefox, future of journalism, Ida Tarbell, incognito mode, informal economy, information retrieval, invention of the telescope, Jeff Bezos, John Perry Barlow, John von Neumann, Joseph Schumpeter, lake wobegon effect, large denomination, longitudinal study, loose coupling, machine translation, Marc Andreessen, Mark Zuckerberg, Metcalfe’s law, natural language processing, Netflix Prize, Network effects, New Economic Geography, New Journalism, pattern recognition, peer-to-peer, Pepsi Challenge, performance metric, power law, price discrimination, recommendation engine, Robert Metcalfe, search costs, selection bias, Silicon Valley, Skype, sparse data, speech recognition, Stewart Brand, surveillance capitalism, technoutopianism, Ted Nelson, The Chicago School, the long tail, The Soul of a New Machine, Thomas Malthus, web application, Whole Earth Catalog, Yochai Benkler

Gannett Co. (2018, February). Gannett Reports Fourth Quarter and Full-Year 2017 Results. Press release. Retrieved from https://www.gannett.com/news/pressreleases/2018/2/20/gannett-reports-fourth-quarter-and-full-year-2017-results/ Garrett, J. J. (2005). Ajax: a new approach to web applications. Retrieved from http://www.adaptivepath.com/ideas/ajax-new-approach-web-applications. Garrett, R. K. (2009). Politically motivated reinforcement seeking: reframing the selective exposure debate. Journal of Communication, 59(4), 676–99. Gates, B. (2000). Business at the speed of thought: succeed in the digital economy. New York: Warner Business Books.

Because the largest content producers had hooked fiber directly into local isp networks, or even colocated servers in isps’ data centers, the portion of data traveling over the national backbones dropped. Packets took fewer hops, and users saw their web pages and videos load faster, at least when they visited the largest sites. This shift of traffic to the edges is crucial for high-bandwidth, low-latency uses, like online video or interactive web applications. But it also challenges the notion that the internet is still a peer-to-peer network. Google might have its fiber hooked directly into Comcast’s network, but small sites do not. Google’s hardware, networking infrastructure, and software stack all show how big internet firms become more efficient as they scale up.


pages: 212 words: 49,544

WikiLeaks and the Age of Transparency by Micah L. Sifry

1960s counterculture, Amazon Web Services, Andy Carvin, banking crisis, barriers to entry, Bernie Sanders, Buckminster Fuller, Chelsea Manning, citizen journalism, Climategate, crowdsourcing, digital divide, digital rights, Evgeny Morozov, Gabriella Coleman, Google Earth, Howard Rheingold, Internet Archive, Jacob Appelbaum, John Markoff, John Perry Barlow, Julian Assange, Network effects, RAND corporation, school vouchers, Skype, social web, source of truth, Stewart Brand, the Cathedral and the Bazaar, web application, WikiLeaks, Yochai Benkler

Vivek Kundra, who was then D.C.’s innovative Chief Technology Officer (before becoming the Obama administration’s first Chief Information Officer), called this “building the digital public square.” In mid-October 2008, he announced an “Apps for Democracy” contest that offered $20,000 in cash prizes for outside developers and designers for web applications and tools that made useful visualizations from the city’s data catalog. In just a few weeks, Kundra received nearly fift y applications. The winners included: y iLive.at, a site that shows with one click all the local information around one address, including the closest places to go shopping, buy gas, or mail a letter; the locations of recently reported crimes; and the demographic makeup of the local neighborhood; y Where’s My Money DC, a tool that meshes with Facebook and enables users to look up and discuss all city expenditures above $2,500; and y Stumble Safely, an online guide to the best bars and safe paths to stumble home after a night out. 128 MICAH L.

. –– Vota Intelligente (VotaInteligente.cl). A project of the Fundación Ciudadano Inteligente (“Smart Citizen Foundation”), a Chileanbased non-governmental organization that promotes transparency and accountability in Latin American politics by collecting data and delivering it to citizens through the web and the use of web applications. See also Brazil’s Congresso Aberto (CongressoAberto.com.br), and Colombia’s Congreso Visible (CongresoVisible.org) –– The Philippine Public Transparency Reporting Project (TransparencyReporting.net). A collaboration of four media development organizations––the Institute for War and Peace Reporting (IWPR), the Center for Community Journalism and Development (CCJD), the Mindanao News and Information Cooperative Center (MindaNews) and the National Union of Journalists of the Philippines (NUJP)––that work alongside and through existing and new media to monitor, mobilize and demand greater public transparency and accountability. –– Visible Government (VisibleGovernment.ca).


pages: 205 words: 47,169

PostgreSQL: Up and Running by Regina Obe, Leo Hsu

cloud computing, database schema, Debian, en.wikipedia.org, full text search, Salesforce, SQL injection, web application

PostgreSQL enjoys a generous number of freely available database drivers that can be used in many programming languages. In addition, there are various commercial organizations that provide drivers with extra bells and whistles at modest prices. Below, we’ve listed a few popular, open source ones: PHP is a common language used to develop web applications, and most PHP distributions come packaged with at least one PostgreSQL driver. There is the older pgsql and the newer pdo_pgsql. You may need to enable them in your php.ini or do a yum install, but they are usually already there. Java. If you are doing Java development, there are always updated versions of JDBC that support the latest PostgreSQL, which you can download from http://jdbc.postgresql.org.

This is not to say the service is poor, since most issues involve systemwide issues that it promptly addresses. If you feel uncomftable with this arrangement or are a non-techie with lots of basic OS hand-holding needs, Amazon is probably not the best host for you. RackSpace is not specifically designed for PostgreSQL, but we know several PostgreSQL users using it for PostgreSQL and web application, and are happy with the performance and Rackspace support team. It offers both Linux and Windows. SoftLayer is not specifically designed for PostgreSQL but similar to GoGrid, it provides both dedicated as well as cloud hosting offerings and Private network setups. It provides hosting for both Linux and Windows.


Data and the City by Rob Kitchin,Tracey P. Lauriault,Gavin McArdle

A Declaration of the Independence of Cyberspace, algorithmic management, bike sharing, bitcoin, blockchain, Bretton Woods, Chelsea Manning, citizen journalism, Claude Shannon: information theory, clean water, cloud computing, complexity theory, conceptual framework, corporate governance, correlation does not imply causation, create, read, update, delete, crowdsourcing, cryptocurrency, data science, dematerialisation, digital divide, digital map, digital rights, distributed ledger, Evgeny Morozov, fault tolerance, fiat currency, Filter Bubble, floating exchange rates, folksonomy, functional programming, global value chain, Google Earth, Hacker News, hive mind, information security, Internet of things, Kickstarter, knowledge economy, Lewis Mumford, lifelogging, linked data, loose coupling, machine readable, new economy, New Urbanism, Nicholas Carr, nowcasting, open economy, openstreetmap, OSI model, packet switching, pattern recognition, performance metric, place-making, power law, quantum entanglement, RAND corporation, RFID, Richard Florida, ride hailing / ride sharing, semantic web, sentiment analysis, sharing economy, Silicon Valley, Skype, smart cities, Smart Cities: Big Data, Civic Hackers, and the Quest for a New Utopia, smart contracts, smart grid, smart meter, social graph, software studies, statistical model, tacit knowledge, TaskRabbit, technological determinism, technological solutionism, text mining, The Chicago School, The Death and Life of Great American Cities, the long tail, the market place, the medium is the message, the scientific method, Toyota Production System, urban planning, urban sprawl, web application

Web Services have been widely used for exposing data and functionality between systems since their introduction. They provide many advanced and complex features. The advanced features of Web Services are not necessary for exposing a resource (like reading a small set of data from a database) in many simple scenarios, such as public Web applications and connected mobile apps. In this context, REST (Representational State Transfer) has gained widespread acceptance across the Web as a simpler alternative to Web Services (SOAP and WSDL) (Erl 2008). Key evidence of this shift in interface design is the adoption of REST by mainstream Web 2.0 service providers.

In general, bindings are defined by their underlying transport protocol, encoding, message format and security level as shown in Table 10.3. Figure 10.5 Organizational Service Layer in an organization. Table 10.2 Potential users and client applications for various service types in a city Service type Potential client applications Potential users REST Web applications (like city dashboard), connected mobile applications WS-W Enterprise applications (for running long and/ or complex jobs like service composition, communication with a big data technology) outside of an organization Other software applications inside an organization (for sharing data and analysis in fastest possible way) GIS applications (mostly Desktop GIS applications) Citizen data scientists, researchers, citizens, developers Developers outside the organization WS-T OGC Developers inside the organization GIS developers and GIS experts 138 P.

Developing applications using WS-W and WS-T bindings is easier for professional developers (or enterprise developers) because the services have a machine-readable contract and creating consumer applications (proxy classes) is almost automatic using integrated development environments. REST endpoints can be used for accessing data and analysis which should be publicly available. The REST services are usually consumed for developing Web 2.0 applications and connected mobile applications (mobile apps that need to be always connected to the internet). A good example of such Web applications is a city dashboard which shows various aggregated metrics, reports and indicators from several organizations. The aim of city dashboard is to provide interactive data about all aspects of a city (see Chapter 9). A city dashboard can be used by citizens and companies to better understand city and by city managers to grasp the dynamics of the city and to monitor the progress of city projects.


pages: 188 words: 9,226

Collaborative Futures by Mike Linksvayer, Michael Mandiberg, Mushon Zer-Aviv

4chan, AGPL, Benjamin Mako Hill, British Empire, citizen journalism, cloud computing, collaborative economy, corporate governance, crowdsourcing, Debian, Eben Moglen, en.wikipedia.org, fake news, Firefox, informal economy, jimmy wales, Kickstarter, late capitalism, lolcat, loose coupling, Marshall McLuhan, means of production, Naomi Klein, Network effects, optical character recognition, packet switching, planned obsolescence, postnationalism / post nation state, prediction markets, Richard Stallman, semantic web, Silicon Valley, slashdot, Slavoj Žižek, stealth mode startup, technoutopianism, The future is already here, the medium is the message, The Wisdom of Crowds, web application, WikiLeaks, Yochai Benkler

It is worth noting that the more recent and widely used, if not ubiquitous, instant messaging protocol XMPP as well as the brand new and li le used Wave protocol have an architecture similar to email, though use of nonprovider domains seems even less common, and in the case of Wave, Google is currently the only service provider. It may be valuable to assess so ware services from the respect of community autonomy as well as user autonomy. The former may explicitly note requirements for the product of collaboration—non-private data, roughly—as well as service governance: In cases where one accepts a centralized web application, should one demand that application be somehow constitutionally open? Some possible criteria: All source code for the running service should be published under an open source license and developer source control available for public viewing. All private data available for on-demand export in standard formats.

Any such development helps traditional users of free so ware as well as makes doing computing on one’s own computer (which may be a “personal server” or virtual machine that one controls) more a ractive. 112 Perhaps one of the most hopeful trends is relatively widespread deployment by end users of free so ware web applications like WordPress and MediaWiki. StatusNet, free so ware for microblogging, is a empting to replicate this adoption success. StatusNet also includes technical support for a form of decentralization (remote subscription) and a legal requirement for service providers to release modifications as free so ware via the AGPL.


pages: 377 words: 110,427

The Boy Who Could Change the World: The Writings of Aaron Swartz by Aaron Swartz, Lawrence Lessig

Aaron Swartz, affirmative action, Alfred Russel Wallace, American Legislative Exchange Council, Benjamin Mako Hill, bitcoin, Bonfire of the Vanities, Brewster Kahle, Cass Sunstein, deliberate practice, do what you love, Donald Knuth, Donald Trump, failed state, fear of failure, Firefox, Free Software Foundation, full employment, functional programming, Hacker News, Howard Zinn, index card, invisible hand, Joan Didion, John Gruber, Lean Startup, low interest rates, More Guns, Less Crime, peer-to-peer, post scarcity, power law, Richard Feynman, Richard Stallman, Ronald Reagan, school vouchers, semantic web, single-payer health, SpamAssassin, SPARQL, telemarketer, The Bell Curve by Richard Herrnstein and Charles Murray, the scientific method, Toyota Production System, unbiased observer, wage slave, Washington Consensus, web application, WikiLeaks, working poor, zero-sum game

We met through working on these things together but since have kept in touch and share emails about what we’re working on and are just generally nice to each other. And the same goes for almost all the other people I cite and criticize. Moreover, the reason we were working together is that I too did my time in the Semantic Web salt mines. My first web application was a collaboratively written encyclopedia, but my second, aggregated news headlines from sites around the Web, led me into a downward spiral that ended with many years spent on RDF Core Working Groups and an ultimate decision to get out of the world of computers altogether. Obviously, that didn’t work out quite as planned.

We will continue by considering what it means to build a program on top of the Web—how to write software that both fairly serves its immediate users as well as the developers who want to build on top of it. Too often, an API is bolted on top of an existing application, as an afterthought or a completely separate piece. But, as we’ll see, when a web application is designed properly, APIs naturally grow out of it and require little effort to maintain. Then we’ll look into what it means for your application to be not just another tool for people and software to use, but part of the ecology—a section of the programmable web. This means exposing your data to be queried and copied and integrated, even without explicit permission, into the larger software ecosystem, while protecting users’ freedom.

XMLHttpRequest changed that, allowing web pages to get more data from the server whenever they pleased. Google was apparently the first to realize what a sea change this was. With Gmail and Google Maps, they built applications that took advantage of this to provide a user interface that was much more like a web application. (The start-up Oddpost, bought by Yahoo, actually predated this, but their software was for-pay and so they didn’t receive as much attention.) With Gmail, for example, the application is continually asking the server if there’s new email. If there is, then it live updates the page; it doesn’t make you download a new one.


pages: 462 words: 172,671

Clean Code: A Handbook of Agile Software Craftsmanship by Robert C. Martin

business logic, continuous integration, database schema, disinformation, domain-specific language, don't repeat yourself, Donald Knuth, en.wikipedia.org, Eratosthenes, finite state, G4S, Ignaz Semmelweis: hand washing, iterative process, place-making, Rubik’s Cube, web application

Decoupling what from when can dramatically improve both the throughput and structures of an application. From a structural point of view the application looks like many little collaborating computers rather than one big main loop. This can make the system easier to understand and offers some powerful ways to separate concerns. Consider, for example, the standard “Servlet” model of Web applications. These systems run under the umbrella of a Web or EJB container that partially manages concurrency for you. The servlets are executed asynchronously whenever Web requests come in. The servlet programmer does not have to manage all the incoming requests. In principle, each servlet execution lives in its own little world and is decoupled from all the other servlet executions.

In an idealized world this means that the processor is fully utilized. Each one-second page read is overlapped with two parses. Thus, we can process two pages per second, which is three times the throughput of the single-threaded solution. Figure A-2 Three concurrent threads Deadlock Imagine a Web application with two shared resource pools of some finite size: • A pool of database connections for local work in process storage • A pool of MQ connections to a master repository Assume there are two operations in this application, create and update: • Create—Acquire connection to master repository and database.

See POJOs platforms, running threaded code, 188 pleasing code, 7 pluggable thread-based code, 187 POJO system, agility provided by, 168 POJOs (Plain-Old Java Objects) creating, 187 implementing business logic, 162 separating threaded-aware code, 190 in Spring, 163 writing application domain logic, 166 polyadic argument, 40 polymorphic behavior, of functions, 296 polymorphic changes, 96–97 polymorphism, 37, 299 position markers, 67 positives as easier to understand, 258 expressing conditionals as, 302 of decisions, 301precision as the point of all naming, 30 predicates, naming, 25 preemption, breaking, 338 prefixes for member variables, 24 as useless in today’s environments, 312–313 pre-increment operator, ++, 324, 325, 326 “prequel”, this book as, 15 principle of least surprise, 288–289, 295 principles, of design, 15 PrintPrimes program, translation into Java, 141 private behavior, isolating, 148–149 private functions, 292 private method behavior, 147 problem domain names, 27 procedural code, 97 procedural shape example, 95–96 procedures, compared to objects, 101 process function, repartitioning, 319–320 process method, I/O bound, 319 processes, competing for resources, 184 processor bound, code as, 318 producer consumer execution model, 184 producer threads, 184 production environment, 127–130 productivity, decreased by messy code, 4 professional programmer, 25 professional review, of code, 268 programmers as authors, 13–14 conundrum faced by, 6 responsibility for messes, 5–6 unprofessional, 5–6 programming defined, 2 structured, 48–49 programs, getting them to work, 201 pronounceable names, 21–22 protected variables, avoiding, 80 proxies, drawbacks of, 163 public APIs, javadocs in, 59 puns, avoiding, 26–27 PUTFIELD instruction, as atomic, 325 Q queries, separating from commands, 45–46 R random jiggling, tests running, 190 range, including end-point dates in, 276 readability of clean tests, 124 of code, 76 Dave Thomas on, 9 improving using generics, 115 readability perspective, 8 readers of code, 13–14 continuous, 184 readers-writers execution model, 184 reading clean code, 8 code from top to bottom, 37 versus writing, 14 reboots, as a lock up solution, 331 recommendations, in this book, 13 redesign, demanded by the team, 5 redundancy, of noise words, 21 redundant comments, 60–62, 272, 275, 286–287 ReentrantLock class, 183 refactored programs, as longer, 146 refactoring Args, 212 code incrementally, 172 as an iterative process, 265 putting things in to take out, 233 test code, 127 Refactoring (Fowler), 285 renaming, fear of, 30 repeatability, of concurrency bugs, 180 repeatable tests, 132 requirements, specifying, 2 resetId, byte-code generated for, 324–325 resources bound, 183 processes competing for, 184 threads agreeing on a global ordering of, 338 responsibilities counting in classes, 136 definition of, 138 identifying, 139 misplaced, 295–296, 299 splitting a program into main, 146 return codes, using exceptions instead, 103–105 reuse, 174 risk of change, reducing, 147 robust clear code, writing, 112 rough drafts, writing, 200 runnable interface, 326 run-on expressions, 295 run-on journal entries, 63–64 runtime logic, separating startup from, 154 S safety mechanisms, overridden, 289 scaling up, 157–161 scary noise, 66 schema, of a class, 194 schools of thought, about clean code, 12–13 scissors rule, in C++, 81 scope(s) defined by exceptions, 105 dummy, 90 envying, 293 expanding and indenting, 89 hierarchy in a source file, 88 limiting for data, 181 names related to the length of, 22–23, 312 of shared variables, 333 searchable names, 22–23 Second Law, of TDD, 122 sections, within functions, 36 selector arguments, avoiding, 294–295 self validating tests, 132 Semaphore class, 183 semicolon, making visible, 90 “serial number”, SerialDate using, 271 SerialDate class making it right, 270–284 naming of, 270–271 refactoring, 267–284 SerialDateTests class, 268 serialization, 272 server, threads created by, 319–321 server application, 317–318, 343–344 server code, responsibilities of, 319 server-based locking, 329 as preferred, 332–333 with synchronized methods, 185 “Servlet” model, of Web applications, 178 Servlets, synchronization problems, 182 set functions, moving into appropriate derivatives, 232, 233–235 setArgument, changing, 232–233 setBoolean function, 217 setter methods, injecting dependencies, 157 setup strategy, 155 SetupTeardownIncluder.java listing, 50–52 shape classes, 95–96 shared data, limiting access, 181 shared variables method updating, 328 reducing the scope of, 333 shotgun approach, hand-coded instrumentation as, 189 shut-down code, 186 shutdowns, graceful, 186 side effects having none, 44 names describing, 313 Simmons, Robert, 276 simple code, 10, 12 Simple Design, rules of, 171–176 simplicity, of code, 18, 19 single assert rule, 130–131 single concepts, in each test function, 131–132 Single Responsibility Principle (SRP), 15, 138–140 applying, 321 breaking, 155 as a concurrency defense principle, 181 recognizing violations of, 174 server violating, 320 Sql class violating, 147 supporting, 157 in test classes conforming to, 172 violating, 38 single value, ordered components of, 42 single-letter names, 22, 25 single-thread calculation, of throughput, 334 SINGLETON pattern, 274 small classes, 136 Smalltalk Best Practice Patterns, 296 smart programmer, 25 software project, maintenance of, 175 software systems.


pages: 39 words: 10,453

Designing Great Web APIs: Creating Business Value Through Developer Experience by James Higginbotham

business logic, business process, cloud computing, create, read, update, delete, Internet of things, software as a service, web application

Reason #1 – Higher Demand Historically, APIs were used to integrate different software systems or even different organizations. Web APIs are now in high demand due to three key factors: the modern browser, mobile devices, and the Internet of Things. Years ago, modern browsers were limited to displaying content and limited scripting capabilities using JavaScript. Modern browsers have moved beyond this, allowing rich web applications to be built using a combination of HTML, CSS, and modern JavaScript frameworks. As a result, we no longer require servers to generate complete web pages. Instead, JavaScript frameworks request data from one or more web APIs, dynamically changing what the user sees and the actions they can perform.


pages: 933 words: 205,691

Hadoop: The Definitive Guide by Tom White

Amazon Web Services, bioinformatics, business intelligence, business logic, combinatorial explosion, data science, database schema, Debian, domain-specific language, en.wikipedia.org, exponential backoff, fallacies of distributed computing, fault tolerance, full text search, functional programming, Grace Hopper, information retrieval, Internet Archive, Kickstarter, Large Hadron Collider, linked data, loose coupling, openstreetmap, recommendation engine, RFID, SETI@home, social graph, sparse data, web application

This is conveniently achieved using Ant, using a task such as this (you can find the complete build file in the example code): <jar destfile="hadoop-examples.jar" basedir="${classes.dir}"/> If you have a single job per JAR, then you can specify the main class to run in the JAR file’s manifest. If the main class is not in the manifest, then it must be specified on the command line (as you will see shortly). Also, any dependent JAR files should be packaged in a lib subdirectory in the JAR file. (This is analogous to a Java Web application archive, or WAR file, except in that case the JAR files go in a WEB-INF/lib subdirectory in the WAR file.) Launching a Job To launch the job, we need to run the driver, specifying the cluster that we want to run the job on with the -conf option (we could equally have used the -fs and -jt options): % hadoop jar hadoop-examples.jar v3.MaxTemperatureDriver -conf conf/hadoop-cluster.xml \ input/ncdc/all max-temp The waitForCompletion() method on Job launches the job and polls for progress, writing a line summarizing the map and reduce’s progress whenever either changes.

For the sake of this example, let us allow that the dataset is massive, that the observations run to the billions, and that the rate at which temperature updates arrive is significant—say hundreds to thousands of updates a second from around the world across the whole range of weather stations. Also, let us allow that it is a requirement that the web application must display the most up-to-date observation within a second or so of receipt. The first size requirement should preclude our use of a simple RDBMS instance and make HBase a candidate store. The second latency requirement rules out plain HDFS. A MapReduce job could build initial indices that allowed random-access over all of the observation data, but keeping up this index as the updates arrived is not what HDFS and MapReduce are good at.

HBase includes TableInputFormat and TableOutputFormat to help with MapReduce jobs that source and sink HBase (see Example 13-2). One way to write the previous example would have been to use MaxTemperatureMapper from Chapter 5 as is but add a reducer task that takes the output of the MaxTemperatureMapper and feeds it to HBase via TableOutputFormat. Web Queries To implement the web application, we will use the HBase Java API directly. Here it becomes clear how important your choice of schema and storage format is. The simplest query will be to get the static station information. This type of query is simple in a traditional database, but HBase gives you additional control and flexibility.


Seeking SRE: Conversations About Running Production Systems at Scale by David N. Blank-Edelman

Affordable Care Act / Obamacare, algorithmic trading, AlphaGo, Amazon Web Services, backpropagation, Black Lives Matter, Bletchley Park, bounce rate, business continuity plan, business logic, business process, cloud computing, cognitive bias, cognitive dissonance, cognitive load, commoditize, continuous integration, Conway's law, crowdsourcing, dark matter, data science, database schema, Debian, deep learning, DeepMind, defense in depth, DevOps, digital rights, domain-specific language, emotional labour, en.wikipedia.org, exponential backoff, fail fast, fallacies of distributed computing, fault tolerance, fear of failure, friendly fire, game design, Grace Hopper, imposter syndrome, information retrieval, Infrastructure as a Service, Internet of things, invisible hand, iterative process, Kaizen: continuous improvement, Kanban, Kubernetes, loose coupling, Lyft, machine readable, Marc Andreessen, Maslow's hierarchy, microaggression, microservices, minimum viable product, MVC pattern, performance metric, platform as a service, pull request, RAND corporation, remote working, Richard Feynman, risk tolerance, Ruby on Rails, Salesforce, scientific management, search engine result page, self-driving car, sentiment analysis, Silicon Valley, single page application, Snapchat, software as a service, software is eating the world, source of truth, systems thinking, the long tail, the scientific method, Toyota Production System, traumatic brain injury, value engineering, vertical integration, web application, WebSocket, zero day

Rather than developing the same antibot or DDoS mitigation tooling in each application, you can use scriptable load balancers to build a layer of protection against these threats and use them on all web-exposed services.13 Cloudflare has built a business providing such a layer with its web application firewall functionality. Any service behind its middleware gains the same benefits of protection against Open Web Application Security Project (OWASP) vulnerabilities, common DoS vectors, and zero-day exploits. When the danger or authenticity of a request is ambiguous, the middleware is able to redirect to a challenge-response test to validate that the request comes from a legitimate source.

Scriptable Load Balancers: The New Kid on the Block Look at almost any web service, and often you’ll find a load balancer being the first thing a request hits, as Figure 25-1 depicts.1 These servers act as proxies, receiving requests (HTTP or otherwise) and forwarding them to a specified pool of upstream servers. They have become ubiquitous for their value in improving resiliency and performance. Today, they’re often used for not much more than Secure Sockets Layer (SSL) offloading, simple caching, and distributing load across multiple upstreams. Figure 25-1. Architecture of a typical web application with a user request hitting a load balancer before being routed to an application server. Load balancers are highly capable, specialized components in our architecture. Their ability to process requests quickly and serve orders of magnitude more traffic than their upstreams is a powerful trait.

Furthermore, load balancers specialize at routing and serving requests. An enormous amount of effort is invested in ensuring that they’re able to do this quickly, at high volume. With little effort, these same properties can be inherited by the modules added to scriptable load balancers. You can see this in Cloudflare’s Web Application Firewall (WAF)8 and Shopify’s Sorting Hat (L7 routing layer),9 which both measure performance in microseconds. Case Study: Intermission For most services, the ability to ship code into production quickly and easily is important. One component of being able to do that is zero-downtime deploys.


pages: 541 words: 109,698

Mining the Social Web: Finding Needles in the Social Haystack by Matthew A. Russell

Andy Rubin, business logic, Climategate, cloud computing, crowdsourcing, data science, en.wikipedia.org, fault tolerance, Firefox, folksonomy, full text search, Georg Cantor, Google Earth, information retrieval, machine readable, Mark Zuckerberg, natural language processing, NP-complete, power law, Saturday Night Live, semantic web, Silicon Valley, slashdot, social graph, social web, sparse data, statistical model, Steve Jobs, supply-chain management, text mining, traveling salesman, Turing test, web application

Sample results from Example 9-5 Graffiti Art Programming 492 C++ Programming 495 Basic Programming 495 Programming 215 C Programming 493 C programming language 492 Programming 490 ACM Programming Competitors 496 programming 494 COMPUTER PROGRAMMING 494 Programming with Python 494 Game Programming 494 ASLMU Programming 494 Programming 352 Programming 450 Programmation - Programming 480 A sample web application that encapsulates most of the example code from this chapter and uses the same basic pattern is hosted on GAE, if you’d like to take it for a spin before laying down some code of your own. Figure 9-4 illustrates the results of our sample query for “programming” groups. Recall that you can install and fully customize the GAE-powered Facebook app yourself if that’s a better option for you than running scripts from a local console.

To a degree, the motivation behind the Web 2.0 thought process that emerged back in 2004 was to more precisely define the increasingly blurry notion of exactly what the Web was and what it was becoming. Along those lines, some folks think of the Web as it existed from its inception until the present era of highly interactive web applications and user collaboration as being Web 1.0, the current era of Rich Internet Applications (RIAs) and collaboration as the Web 2.x era, and the era of semantic karma that’s yet to come as Web 3.0 (see Table 10-1). At present, there’s no real consensus about what Web 3.0 really means, but most discussions of the subject generally include the phrase “semantic web” and the notion of information being consumed and acted upon by machines in ways that are not yet possible at web scale.

(A Data-Driven Game), Visualizing Wall Data As a (Rotating) Tag Cloud geographical clustering of LinkedIn network, Geographically Clustering Your Network, Mapping Your Professional Network with Dorling Cartograms, Mapping Your Professional Network with Google Earth, Mapping Your Professional Network with Google Earth, Mapping Your Professional Network with Dorling Cartograms mapping network with Dorling Cartograms, Mapping Your Professional Network with Dorling Cartograms mapping network with Google Earth, Mapping Your Professional Network with Google Earth, Mapping Your Professional Network with Google Earth Graph Your Inbox Chrome extension, The Graph Your (Gmail) Inbox Chrome Extension large number of tweets, Visualizing Tons of Tweets, Visualizing Tweets with Tricked-Out Tag Clouds, Visualizing Community Structures in Twitter Search Results, Visualizing Community Structures in Twitter Search Results, Closing Remarks community structures in Twitter search results, Visualizing Community Structures in Twitter Search Results, Closing Remarks using tag clouds, Visualizing Tweets with Tricked-Out Tag Clouds, Visualizing Community Structures in Twitter Search Results mail events, using SIMILE Timeline, Visualizing Mail “Events” with SIMILE Timeline, Analyzing Your Own Mail Data similarity, visualizing with graphs, Clustering Posts with Cosine Similarity tweet graphs, Visualizing Tweet Graphs, Synthesis: Visualizing Retweets with Protovis, Synthesis: Visualizing Retweets with Protovis visualizing retweets, using Protovis, Synthesis: Visualizing Retweets with Protovis W wall data (Facebook), visualizing as rotating tag cloud, Visualizing Wall Data As a (Rotating) Tag Cloud, Visualizing Wall Data As a (Rotating) Tag Cloud web page for this book, How to Contact Us weighting tags in tag clouds, Visualizing Tweets with Tricked-Out Tag Clouds WhitespaceTokenizer, Sentence Detection in Blogs with NLTK Wikipedia articles with geo markup, Plotting geo data via microform.at and Google Maps Windows systems, Installing Python Development Tools, Installing Python Development Tools, Visualizing Tweet Graphs, couchdb-lucene: Full-Text Indexing and More, Visualizing Community Structures in Twitter Search Results ActivePython, Installing Python Development Tools couchdb-lucene service wrapper, couchdb-lucene: Full-Text Indexing and More DOT language output for Graphviz, Visualizing Community Structures in Twitter Search Results GVedit application, Visualizing Tweet Graphs installing easy_install, Installing Python Development Tools WolframAlpha, entity analysis with, Entity-Centric Analysis: A Deeper Understanding of the Data word tokenizer, Sentence Detection in Blogs with NLTK WP-Cumulus tag cloud, Visualizing Tweets with Tricked-Out Tag Clouds, Visualizing Tweets with Tricked-Out Tag Clouds, Visualizing Wall Data As a (Rotating) Tag Cloud sample HTML template displaying, Visualizing Tweets with Tricked-Out Tag Clouds X XFN (XHTML Friends Network), XFN and Friends, Exploring Social Connections with XFN, Brief analysis of breadth-first techniques, Exploring Social Connections with XFN, A Breadth-First Crawl of XFN Data, A Breadth-First Crawl of XFN Data, A Breadth-First Crawl of XFN Data example markup, Exploring Social Connections with XFN pseudocode for breadth-first search, A Breadth-First Crawl of XFN Data scraping XFN content from a web page, A Breadth-First Crawl of XFN Data using breadth-first search to crawl XFN links, A Breadth-First Crawl of XFN Data XHTML, Microformats: Semantic Markup and Common Sense Collide, XFN and Friends (see also XFN) semantic markup versus, XFN and Friends Xoauth, Accessing Gmail with OAuth xoauth.py command-line utility, Accessing Gmail with OAuth Z Zipf’s law, Extracting relationships from the tweets, Data Hacking with NLTK frequency distribution of words in a corpus, Data Hacking with NLTK About the Author Matthew Russell, Vice President of Engineering at Digital Reasoning Systems (http://www.digitalreasoning.com/) and Principal at Zaffra (http://zaffra.com), is a computer scientist who is passionate about data mining, open source, and web application technologies. He’s also the author of Dojo: The Definitive Guide (O’Reilly). Colophon The animal on the cover of Mining the Social Web is a groundhog (Marmota monax), also known as a woodchuck (a name derived from the Algonquin name wuchak). Groundhogs are famously associated with the US/Canadian holiday Groundhog Day, held every February 2nd.


Succeeding With AI: How to Make AI Work for Your Business by Veljko Krunic

AI winter, Albert Einstein, algorithmic trading, AlphaGo, Amazon Web Services, anti-fragile, anti-pattern, artificial general intelligence, autonomous vehicles, Bayesian statistics, bioinformatics, Black Swan, Boeing 737 MAX, business process, cloud computing, commoditize, computer vision, correlation coefficient, data is the new oil, data science, deep learning, DeepMind, en.wikipedia.org, fail fast, Gini coefficient, high net worth, information retrieval, Internet of things, iterative process, job automation, Lean Startup, license plate recognition, minimum viable product, natural language processing, recommendation engine, self-driving car, sentiment analysis, Silicon Valley, six sigma, smart cities, speech recognition, statistical model, strong AI, tail risk, The Design of Experiments, the scientific method, web application, zero-sum game

By definition, if you’re using AI, you’re using it because the answer to the question of what is the best thing to do isn’t self-evident, and/or the size of the data is too large for any single human to manually inspect. This characteristic of an AI project makes managing such projects different from managing other software projects. It’s much easier to say what good progress is for a web application than for a recommendation engine. Similar problems emerge when you’re wondering what task the team should work on next. NOTE Once a project is in flight, decisions need to be made. You’re better off if those decisions are made in a systematic way. Figure 4.1 uses an analogy from another domain to contrast systematic decisions with making decisions based on feel.

If a customer appears unhappy, an alert is issued so that you can contact the customer and try to appease them before they decide to leave. (That part of AI which determines whether a customer is happy or not is technically called sentiment analysis.) You already have an AI software library that performs sentiment analysis. The data is in your customer support system, which is a web application. Question 2: Suppose you implement the ML pipeline from the previous example in your organization. Which departments would be responsible for the implementation of which parts of the pipeline? 134 CHAPTER 5 What is an ML pipeline, and how does it affect an AI project? Question 3: What business metric would you use to measure the success of the ML pipeline from question 1?

If a customer appears unhappy, an alert is issued so that you can contact the customer and try to appease them before they decide to 234 APPENDIX B Exercise solutions leave. (That part of AI which determines whether a customer is happy or not is technically called sentiment analysis.) You already have an AI software library that performs sentiment analysis. The data is in your customer support system, which is a web application. Answer to question 1:  More than one result is an acceptable answer to this question; after all, there’s no universal ML pipeline that works the best in all cases!  Figure B.1 shows one ML pipeline I’d start with. Web app handling customer support Support cases database Figure B.1 Sentiment Analysis Alerting System ML pipeline for sentiment analysis of the customer feedback Question 2: Suppose you implement the ML pipeline from the previous example in your organization.


pages: 323 words: 65,306

Programming in CoffeeScript by Mark Bates

don't repeat yourself, en.wikipedia.org, MVC pattern, node package manager, Ruby on Rails, single page application, web application

About the Author Mark Bates is the founder and chief architect of the Boston-based consulting company Meta42 Labs. Mark spends his days focusing on new application development and consulting for his clients. At night he writes books, raises kids, and occasionally he forms a band and “tries to make it.” Mark has been writing web applications, in one form or another, since 1996. His career started as a UI developer writing HTML and JavaScript applications before moving toward the middle(ware) with Java and Ruby. Nowadays, Mark spends his days cheating on Ruby with his new mistress, CoffeeScript. Always wanting to share his wisdom, or more correctly just wanting to hear the sound of his own voice, Mark has spoken at several high-profile conferences, including RubyConf, RailsConf, and jQueryConf.

The REPL is a powerful and quick way to try out a few ideas, but as we’ve seen it can get a bit hard to use when dealing with more complex code. Later in this chapter, in the section “Executing CoffeeScript Files,” we’ll discuss how to execute files containing CoffeeScript, which is a more appropriate way of running complex code. In-Browser Compilation When developing web applications, a time will come when you want to write some CoffeeScript directly inline in your HTML2 file. CoffeeScript does allow you to do this, and I will show you how. However, I want to caution you against doing such a thing. First, there is a very good reason why practices such as Unobtrusive JavaScript3 have become so popular recently.


pages: 270 words: 64,235

Effective Programming: More Than Writing Code by Jeff Atwood

AltaVista, Amazon Web Services, barriers to entry, cloud computing, endowment effect, fail fast, Firefox, fizzbuzz, Ford Model T, future of work, game design, gamification, Google Chrome, gravity well, Hacker News, job satisfaction, Khan Academy, Kickstarter, loss aversion, Marc Andreessen, Mark Zuckerberg, Merlin Mann, Minecraft, Paul Buchheit, Paul Graham, price anchoring, race to the bottom, recommendation engine, science of happiness, Skype, social software, Steve Jobs, systems thinking, TED Talk, Tragedy of the Commons, web application, Y Combinator, zero-sum game

The user’s proximity to your web server has an impact on response times. Deploying your content across multiple, geographically dispersed servers will make your pages load faster from the user’s perspective. But where should you start? As a first step to implementing geographically dispersed content, don’t attempt to redesign your web application to work in a distributed architecture. Depending on the application, changing the architecture could include daunting tasks such as synchronizing session state and replicating database transactions across server locations. Attempts to reduce the distance between users and your content could be delayed by, or never pass, this application architecture step.

Just because some pixels can be arranged a certain way in Photoshop doesn’t mean that can magically be turned into a compiling, shippable product in any sane timeframe. To ameliorate that problem, take advantage of visual design patterns. If you’re building a GUI application, use a palette of widgets common to your GUI. If you’re building a web application, use a palette of HTML, CSS and DOM elements from all over the web. Let the palette enforce your technology constraints. It shouldn’t be difficult to sit down with a few basic tools and slap together a rough mockup of how the user interface will look. However, it is extremely important at this point to stay out of technical development environments when mocking your user interface, or the temptation to turn the model into the product may be too strong for your team to resist.


Team Topologies: Organizing Business and Technology Teams for Fast Flow by Matthew Skelton, Manuel Pais

anti-pattern, business logic, business process, call centre, cognitive load, continuous integration, Conway's law, database schema, DevOps, different worldview, Dunbar number, holacracy, information security, Infrastructure as a Service, Internet of things, Jeff Bezos, Kanban, Kickstarter, knowledge worker, Kubernetes, Lean Startup, loose coupling, meta-analysis, microservices, Norbert Wiener, operational security, platform as a service, pull request, remote working, systems thinking, two-pizza team, web application

Change the team working environment to help teams succeed. 1 The Problem with Org Charts Organizations should be viewed as complex and adaptive organisms rather than mechanistic and linear systems. —Naomi Stanford, Guide to Organisation Design Technology workers are in a constant state of action: creating and updating systems at an unbelievable rate, and combining different types of technology to create a compelling user experience. Mobile applications; cloud-based services; web applications; and embedded, wearable, or industrial IoT devices all need to interoperate effectively to achieve the desired business outcomes. Today, these systems affect nearly every aspect of people’s day-to-day lives in ways that are increasingly profound. If software is poorly designed—or more importantly, if there is a mismatch in the interaction of the software, the provider, and the customer—people will be adversely affected.

., “How do I deploy this component again?” “How do I configure this service?”) Germane cognitive load—relates to aspects of the task that need special attention for learning or high performance (e.g., “How should this service interact with the ABC service?”) For example, the intrinsic cognitive load for a web application developer could be the knowledge of the computer language being used (on top of the fundamentals of programming), the extraneous cognitive load might be details of the commands needed to instantiate a dynamic testing environment (which needs multiple hard-to-remember console commands), and the germane cognitive load could be the specific aspects of the business domain that the application developer is programming (such as an invoicing system or a video-processing algorithm).


pages: 234 words: 67,589

Internet for the People: The Fight for Our Digital Future by Ben Tarnoff

4chan, A Declaration of the Independence of Cyberspace, accounting loophole / creative accounting, Alan Greenspan, Alan Turing: On Computable Numbers, with an Application to the Entscheidungsproblem, algorithmic management, AltaVista, Amazon Web Services, barriers to entry, Bernie Sanders, Big Tech, Black Lives Matter, blue-collar work, business logic, call centre, Charles Babbage, cloud computing, computer vision, coronavirus, COVID-19, decentralized internet, deep learning, defund the police, deindustrialization, desegregation, digital divide, disinformation, Edward Snowden, electricity market, fake news, Filter Bubble, financial intermediation, future of work, gamification, General Magic , gig economy, God and Mammon, green new deal, independent contractor, information asymmetry, Internet of things, Jeff Bezos, Jessica Bruder, John Markoff, John Perry Barlow, Kevin Roose, Kickstarter, Leo Hollis, lockdown, lone genius, low interest rates, Lyft, Mark Zuckerberg, means of production, Menlo Park, natural language processing, Network effects, Nicholas Carr, packet switching, PageRank, pattern recognition, pets.com, profit maximization, profit motive, QAnon, recommendation engine, rent-seeking, ride hailing / ride sharing, Sheryl Sandberg, Shoshana Zuboff, side project, Silicon Valley, single-payer health, smart grid, social distancing, Steven Levy, stock buybacks, supply-chain management, surveillance capitalism, techlash, Telecommunications Act of 1996, TikTok, transportation-network company, Travis Kalanick, Uber and Lyft, Uber for X, uber lyft, undersea cable, UUNET, vertical integration, Victor Gruen, web application, working poor, Yochai Benkler

The Internet’s Factories When capitalism transforms something, it tends to add more machinery. The internet was no different. In the post-dot-com period, as firms began to find more promising paths to profitability, they also made the internet more complex. The simple static web page faded from view. In its place came the dynamic and interactive web application, designed to seize a user’s attention and stimulate their engagement, linked to elaborate subterranean systems of data collection and analysis. The online mall would be a computationally intensive affair. Just as the capitalist transformation of manufacturing meant replacing the workshop with the factory, the capitalist transformation of the internet would hatch factories of its own.

., 50, 66 Healy, Kieran, 109 High-Performance Computing and Communications Act of 1991, 20 Inouye, Daniel, 21, 22 internet access to, xv, 10, 13, 21, 23, 25, 28, 30, 31–35, 40–41, 44, 46, 50, 51, 59, 60, 61, 62, 63, 65, 77, 127, 163, 76 and algorithmic management, 114–15, 116, 118, 119, 121 ARPANET network of, 12, 18, 24, 79, 104, 114 and broadband internet, xv, 27–29, 31, 32–33, 35, 39, 40, 41, 43, 46, 48–49, 50, 53, 55–56, 59–61, 176 buying and selling on, 71, 73–74, 81–82, 124 and the cloud, 103–9, 110, 111, 112, 115, 116, 118, 119, 121, 123, 128, 131, 163 common language of, 9, 10–11, 14, 79, 110, 113, 177 and communications networks, x–xi, 5, 8, 27, 123, 128, 148, 170 and competition among providers, 61–64 and connectivity, xi, xii, 29, 30, 33, 35, 41, 43, 44, 59, 60, 127 and consumer costs, 23, 30–31, 40, 43, 44–45, 49, 50, 52, 60, 61–64 and content, xvii, 29, 152–54 creation of, xiii, 6–12, 13, 88, 104, 113 and data generation, 88–89, 92–93, 101, 108–9, 121, 123, 129, 149–50, 158, 165–66 and data’s value, 86–87, 92, 109, 121, 122, 165 and data transmission, 3–6, 8, 10, 14–15, 25, 28–29, 39, 55, 103–4, 159 and data trusts, 165–66 and democratic internet, xvi, 37, 42–43, 47–48, 50, 55, 56–57, 58, 66–67, 155, 175–76 and deprivatization, xvi, 51, 56, 59, 153, 154–55, 157, 169–70, 175, 176 and dial-up modems, 23, 27, 28 different scales of, 54–55, 168 and dot.com bubble, 72, 76–79, 80, 83, 90, 93, 94, 98, 102, 106, 109, 123, 124 and email, xiv, 12, 15–16, 79–80, 159 and fiber to the home (FTTH) networks, 39, 40, 41, 51 and founding of startups, 76, 119–20, 123–24 and infrastructure, xiii, xiv, 7, 15, 17, 24, 27, 28, 30, 31, 41, 43, 44, 45, 48, 49, 51, 56, 61–62, 65, 85, 106–9, 127, 160, 164, 176 and internet service providers, 15, 17, 24–26, 27–31, 38, 39–41, 46, 49, 51–53, 59–63, 65, 72, 77, 95, 127–8 and market-dominated internet, 22, 35, 42, 46–47, 119, 122, 152–54 and the military, 9–10, 11, 12, 79, 113–15, 177, xiii and online classes, 32, 34, 132–33 and online malls, 86–87, 93, 103, 108, 109, 112, 115, 121, 123, 128, 129, 131–33, 135, 137–40, 147, 148, 149, 151, 153, 154–58, 160, 163, 165, 166, 168, 169, 170–73, 176 and organizing, xv, 37, 43–46, 50, 58 and Pets.com, 77, 82 and platforms, xiv–xv, 67, 75, 84, 98, 127, 158, 164, 166, 176 and politics, xi, xii, 18, 28, 46, 47–49, 54, 80, 139–49, 171, 174, 177 privatization of, xiii, xiv–xv, 14, 16–20, 23–25, 27–30, 36–37, 44, 45, 47, 56, 58, 65, 67, 72, 76–79, 84, 93, 98, 109, 119, 120, 123–25, 127, 135, 147, 148, 154, 159, 172, 174–75 and profit motive, xi, xii, xiii, xv, xvi, xvii, 9, 26, 31, 33, 35–36, 37, 45, 47, 52–53, 55, 87, 127–28, 147, 152, 174–75, 176 public funding for, 6–8, 14, 15, 16, 18, 21, 22, 23, 41–42, 48–51, 59, 60, 160, 164–65, 176 public or cooperative ownership of, xvi, 8, 40–46, 48–49, 51–52, 60, 62, 65, 71, 155, 163–65, 168, 169, 176 and racism, xvii, 31, 43, 134, 137–40, 153 regulation of, xii, 17, 22, 28, 147, 149–53 and rise of search engines, 72, 136–37 and selling ads, 93–94, 96–97, 146 and shopping malls, 84–86 and “smartness,” 110–13, 118 and smartphones, 6, 31–32, 110, 112, 115, 119, 123, 128 social aspect of, 79–80, 81, 86, 94–95 state surveillance of, 64–65, 66 and submarine fiber-optic cables, ix–x, xii, xiv, 29–30, 56, 65, 113 and the techlash, 149, 152, xii, xiii, xv universal protocol for, 9, 11–12, 19, 88, 110, 113, 159, 172 and universities, 52, 88, 109, 169 and US government, xiii, xiv, 7, 13–14, 17–20, 21, 22, 23, 25, 48–49, 59–60, 64–67, 113–15, 170 and web applications, 103, 170, 171, 176 wide area networks (WANs) of, 117–19 and the World Wide Web, 15–16, 72, 76, 80, 89 and Yahoo!, 72, 89, 135–36, 174 See also community networks; Defense Advanced Research Projects Agency (DARPA); eBay; internetworking; social media; TCP/IP; Uber internetworking, 3–5, 10 Kahn, Robert, 11, 12, 19–20 Kalanick, Travis, 122 Kesan, Jay P., 13 Khan, Lina, 151, 152 MAREA, x, xii, xiv Marx, Karl, 36, 78 Microsoft, x, 29–30, 31, 71–72, 81 Nakamura, Lisa, 135 National Science Foundation (NSF) and Acceptable Use Policy (AUP), 14–15 and the internet, 20, 89 and NSFNET backbone, 13–21, 22, 23, 71 and state-supported universities, 13–14, 16 See also internetworking; Wolff, Stephen Netflix, 29 Netscape, 72, 76 New Brandeisians, 150–52, 153, 157, 170 Noble, Safiya, 133, 134, 135, 136, 138, 160 Obama, Barack, 27, 28 Omidyar, Pierre, 71, 73–74, 80–84, 87, 90, 99 See also eBay Page, Larry, 88, 89, 91 Pinkham, Chris, 105–6, 107 Sandberg, Sheryl, 90, 94 Sanders, Bernie, 48–49, 50, 141 Schifter, Doug, 126–27, 128, 130, 131 Schrader, William, 17 Shah, Rajiv C., 13 Silicon Valley, CA, 3, 71, 131 Snowden, Edward, 64 social media and competition among companies, 152–53 and content moderation, 131–32, 144, 158, 162 and cooperative servers, 166 and decentralization, 158–59, 163, 166 and disinformation, 140, 141–43 and Facebook, 94, 98, 141, 143, 158, 159, 170 and Mastodon server, 159, 160, 163, 170 and online malls, 94–96, 139–40, 144–45 and platforms, 161 and polarization, 140–13, 144 and politics, 140–47 and profit motives, 161 and public media, 161–62, 163 and right-wing propaganda, xv, 138–42, 143, 144, 145–46, 161, 162, 163 self-governing communities on, 176 and Twitter, 94, 141, 159, 166, 173 user participation on, 94, 140, 141–46, 152, 162 and YouTube, 94, 144, 159 See also Facebook Starosielski, Nicole, x, xi TCP/IP, 11, 12, 19 Technology Networks (of GLC), 167–69, 170, 171 Telecommunications Act of 1996, 26–27 Telecommunications Policy Roundtable, 21–22 Telefónica, x Thatcher, Margaret, 47, 168, 171 Tomlinson, Ray, 79 Travers, Virginia Strazisar, 88 Trump, Donald, 27, 149 Turing, Alan, 111 Uber algorithmic management of, 121, 129 and the cloud, 115, 116, 119, 121, 128 and the gig economy, 116–17, 119, 121, 130–31 and large amounts of data, 116, 121, 124, 129 and London’s transportation agency, 164 and online malls, 115, 119, 121, 129 and platforms, xv and politics, 128 and treatment of drivers, 115–16, 129, 130 unprofitability of, 120–22, 123 and venture capital, 120–23, 128, 129, 131 and worker-run companies, 166 See also Schifter, Doug United States and antitrust enforcement bills, 151 and Bloomberg US Internet Index, 77 and the Cold War, 7, 18 Department of Justice (DOJ) of, 151 Detroit in, 43, 44, 45–46, 59 economy of, 122, 125 and election of 2016, 141–42, 148–49 and Espionage Act of 1917, 66 and Etam Earth Station, WV, 4 and the “Framework for Global Electronic Commerce,” 22, 30 independent contractors in, 116–17, 118, 128, 129–31 and the internet, xiii, 11–12, 18, 24–25, 55–56, 59–60, 128, 139–40, 148–51 and Marina del Rey, CA, 5 media sphere of, 161 and money for corporate providers, 59–60 and national electricity grid, 56 North Dakota in, 41–42, 46 and police and prison abolitionists, 156–57 Postal Service of, 21, 65–66 public libraries in, 160, 161, 163 racism in, 54, 153 and riot at US Capitol, 145 Roosevelt administration of, 38, 40 and telecom deregulation, 20, 21 and the Tennessee Valley Authority (TVA), 38, 40 and US Department of Housing and Urban Development, 137 and Virginia Beach, VA, x See also Chattanooga, TN; Silicon Valley, CA Verizon, 25, 49, 61 Viljoen, Salomé, 165 Warren, Elizabeth, 48, 50 Wolff, Stephen, 16, 17, 18 Zuckerberg, Mark, 94, 96–97, 146, 154, 160, 166 Zuckerman, Ethan, 158


pages: 49 words: 12,968

Industrial Internet by Jon Bruner

air gap, autonomous vehicles, barriers to entry, Boeing 747, commoditize, computer vision, data acquisition, demand response, electricity market, en.wikipedia.org, factory automation, Google X / Alphabet X, industrial robot, Internet of things, job automation, loose coupling, natural language processing, performance metric, Silicon Valley, slashdot, smart grid, smart meter, statistical model, the Cathedral and the Bazaar, web application

Google’s geocoder API[2] will make the conversion almost instantaneously, masking the complexity of the underlying process (text parsing, looking up possible matches in a database, choosing the best one). Geolocation thus becomes accessible to anyone building a Web site — no expertise in cartography needed. These services become modules in Web applications, which are designed with minimal assumptions about the services they use so that a change or failure in one module won’t break the entire application. In the same way, the industrial internet presents machines as services, accessible to any authorized application that’s on the network. The scope of knowledge needed to contribute to a physical-world solution becomes smaller in the process.


The Art of Scalability: Scalable Web Architecture, Processes, and Organizations for the Modern Enterprise by Martin L. Abbott, Michael T. Fisher

always be closing, anti-pattern, barriers to entry, Bernie Madoff, business climate, business continuity plan, business intelligence, business logic, business process, call centre, cloud computing, combinatorial explosion, commoditize, Computer Numeric Control, conceptual framework, database schema, discounted cash flows, Dunning–Kruger effect, en.wikipedia.org, fault tolerance, finite state, friendly fire, functional programming, hiring and firing, Infrastructure as a Service, inventory management, machine readable, new economy, OSI model, packet switching, performance metric, platform as a service, Ponzi scheme, power law, RFC: Request For Comment, risk tolerance, Rubik’s Cube, Search for Extraterrestrial Intelligence, SETI@home, shareholder value, Silicon Valley, six sigma, software as a service, the scientific method, transaction costs, Vilfredo Pareto, web application, Y2K

It is a “high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.”2 This particular cache is very fast-using nonblocking network input/output (I/O) and its own slab allocator to prevent memory fragmentation guaranteeing allocations to be O(1) or able to be computed in constant time and thus not bound by the size of the data. As indicated in the description of memcached, it is primarily designed to speed up Web applications by alleviating requests to the database. This makes sense because the database is almost always the slowest retrieval device in the application tiers.

This was the original Blah as a Service term and started with software such as customer relationship management (CRM) software as some of the earliest offerings. Almost any form of software can be offered in this manner and it can be done either over the Web or via download. • Platform as a Service (PaaS). This model provides all the required components for developing and deploying Web applications and services. These components include workflow management, integrated development environments, testing, deployment, and hosting. • Infrastructure as a Service (IaaS). This is the concept of offering computing infrastructure such as servers, storage, network, and bandwidth for use as necessary by clients.

. • Software as a Service refers to almost any form of software that is offered in a pay as you use model. • Infrastructure as a Service is the idea of offering infrastructure such as storage, servers, network, and bandwidth in a pay as you use model. • Platform as a Service provides all the required components for developing and deploying Web applications and services. • Everything as a Service is the idea of being able to have small components that can be pieced together to provide a new service. • Grid computing as a concept has been around for almost two decades. It is used to describe the use of two or more computers processing individual parts of an overall task. • There are three types of cloud vendors: service providers, backbones, and virtualization software providers. 437 This page intentionally left blank Chapter 29 Soaring in the Clouds This is called, using the conquered foe to augment one’s own strength.


pages: 580 words: 125,129

Androids: The Team That Built the Android Operating System by Chet Haase

Andy Rubin, Apple II, Apple's 1984 Super Bowl advert, augmented reality, barriers to entry, Beos Apple "Steve Jobs" next macos , Big Tech, Bill Atkinson, commoditize, continuous integration, crowdsourcing, en.wikipedia.org, fault tolerance, Firefox, General Magic , Google Chrome, Ken Thompson, lock screen, machine readable, Menlo Park, PalmPilot, Parkinson's law, pull request, QWERTY keyboard, side project, Silicon Valley, skunkworks, speech recognition, stealth mode startup, Steve Ballmer, Steve Jobs, Steve Wozniak, Tony Fadell, turn-by-turn navigation, web application

People with the skills that the Android team needed were routed through that more specialized hiring committee. But getting people through the hiring process was only part of the problem. There was also the added complication of just getting the right people to apply. Google was known at the time for search and ads, along with some web applications like the new Gmail app that launched the previous year. As Dianne Hackborn put it, “I’d never thought about working at Google, because I don’t care about search and web stuff.” Joe Onorato (who worked with Dianne at PalmSource and later joined her framework team at Google) agreed: “When I applied to Google in 2005, my girlfriend asked why Google has so many people.

So Cary implemented a system in the browser that would detect when the user was trying to scroll repeatedly and would pop up a magnifier object on the page, with a zoomed-out view of the entire page, allowing the user to quickly go to a specific location on the page. 243 In 1997, I was talking to a Microsoft ‘evangelist’ about the concern of writing web applications that could run cross-platform. The fear of developers at that time was that web apps written for IE would run only on Windows, since there was functionality for IE that differed from that on Netscape’s browser. His response, somewhat tongue-in-cheek (but somewhat not) was that cross platform wouldn’t be a concern when everyone ran IE and Windows. 244 There’s a video on YouTube that the Chrome team posted in 2010, “Google Chrome Speed Tests” that proves the point by comparing website loading speed to a potato gun, sound waves, and lightning.

But nobody in those early years ever doubted that anybody else was not in for the cause. We were all on the same train.” Web vs. Mobile One of the things that kept Android separate from the rest of Google was that it was a fundamentally different product than everyone else at Google worked on. Google, at the time, developed primarily web applications. This resulted in two important implications with respect to Android: unhappiness within Google that Android was not web-based, and incomprehension of the timeframe realities of mobile software. First, there was a core distrust of what Android was doing because Google was fundamentally about web technologies.


HBase: The Definitive Guide by Lars George

Alignment Problem, Amazon Web Services, bioinformatics, create, read, update, delete, Debian, distributed revision control, domain-specific language, en.wikipedia.org, fail fast, fault tolerance, Firefox, FOSDEM, functional programming, Google Earth, information security, Kickstarter, place-making, revision control, smart grid, sparse data, web application

Column-oriented and row-oriented storage layouts The speed at which data is created today is already greatly increased, compared to only just a few years back. We can take for granted that this is only going to increase further, and with the rapid pace of globalization the problem is only exacerbated. Websites like Google, Amazon, eBay, and Facebook now reach the majority of people on this planet. The term planet-size web application comes to mind, and in this case it is fitting. Facebook, for example, is adding more than 15 TB of data into its Hadoop cluster every day[9] and is subsequently processing it all. One source of this data is click-stream logging, saving every step a user performs on its website, or on sites that use the social plug-ins offered by Facebook.

docs This directory contains a copy of the HBase project website, including the documentation for all the tools, the API, and the project itself. Open your web browser of choice and open the docs/index.html file by either dragging it into the browser, double-clicking that file, or using the File→Open (or similarly named) menu. hbase-webapps HBase has web-based user interfaces which are implemented as Java web applications, using the files located in this directory. Most likely you will never have to touch this directory when working with or deploying HBase into production. lib Java-based applications are usually an assembly of many auxiliary libraries plus the JAR file containing the actual program. All of these libraries are located in the lib directory.

The protocol between the gateways and the clients is then driven by the available choices and requirements of the remote client. An obvious choice is Representational State Transfer (REST),[68] which is based on existing web-based technologies. The actual transport is typically HTTP—which is the standard protocol for web applications. This makes REST ideal for communicating between heterogeneous systems: the protocol layer takes care of transporting the data in an interoperable format. REST defines the semantics so that the protocol can be used in a generic way to address remote resources. By not changing the protocol, REST is compatible with existing technologies, such as web servers, and proxies.


pages: 62 words: 15,274

Sass for Web Designers by Dan Cederholm

c2.com, don't repeat yourself, Firefox, Kickstarter, Ruby on Rails, web application

Colors, fonts, oft-used groupings of properties, etc. The typical CSS file is an extremely linear document—the kind of thing that makes an object-oriented programmer want to tear their hair out. (I’m not an object-oriented programmer, but I have very little hair left. Read into that as you may). As interfaces and web applications become more robust and complex, we’re bending the original design of CSS to do things it never dreamed of doing. We’re crafty like that. Fortunately, browser makers adopt new CSS features far more rapidly these days, with more efficient and powerful properties and selectors that solve the problems today’s web poses.


pages: 156 words: 15,746

Personal Finance with Python by Max Humber

asset allocation, backtesting, bitcoin, cryptocurrency, data science, Dogecoin, en.wikipedia.org, Ethereum, passive income, web application

Just one more thing… nteract Note If you already know how to use Jupyter Notebooks, this step isn’t strictly necessary. However, nteract is pretty darn slick; you should give it a fair shake! To actually run Python code, you’ll need a Jupyter5 Notebook interface called nteract. While Jupyter is an open-source web application that allows you to create documents that contain live code (and was installed for you with Anaconda), nteract is a super user-friendly desktop-based skin for Jupyter. You can download nteract from the nteract.io website.6 Once it’s downloaded and installed, you can load a fresh Jupyter Notebook by clicking the nteract icon.


pages: 270 words: 75,626

User Stories Applied: For Agile Software Development by Mike Cohn

A Pattern Language, c2.com, call centre, continuous integration, do well by doing good, Great Leap Forward, index card, iterative process, job automation, job satisfaction, phenotype, tacit knowledge, web application

Sadalage, ISBN 0321293533 Continuous Integration: Improving Software Quality and Reducing Risk Paul M. Duvall, with Steve Matyas and Andrew Glover, 0321336380 Patterns of Enterprise Application Architecture Martin Fowler, ISBN: 0321127420 Refactoring HTML: Improving the Design of Existing Web Applications Elliotte Rusty Harold, ISBN 0321503635 Beyond Software Architecture: Creating and Sustaining Winning Solutions Luke Hohmann, ISBN: 0201775948 Enterprise Integration Patterns: Desinging, Building, and Deploying Messaging Solutions Gregor Hohpe and Bobby Woolf, ISBN: 0321200683 Refactoring to Patterns Joshua Kerievsky, ISBN 0321213351 User Stories Applied For Agile Software Development Mike Cohn Boston • San Francisco • New York • Toronto • Montreal London • Munich • Paris • Madrid Capetown • Sydney • Tokyo • Singapore • Mexico City Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks.

Information Age (August-September 2002). Constantine, Larry L., and Lucy A.D. Lockwood. Software for Use: A practical guide to the models and methods of usage-centered design. Reading, Mass.: Addison-Wesley, 1999. Constantine, Larry L., and Lucy A.D. Lockwood. “Usage-Centered Engineering for Web Applications.” IEEE Software 19, no. 2 (March/April 2002): 42–50. Cooper, Alan. The Inmates Are Running the Asylum. Indianapolis: SAMS, 1999. Cusumano, Michael A., and Richard W. Selby. Microsoft Secrets: How the world’s most powerful software company creates technology, shapes markets, and manages people.


pages: 448 words: 71,301

Programming Scala by Unknown

billion-dollar mistake, business logic, domain-specific language, duck typing, en.wikipedia.org, fault tolerance, functional programming, general-purpose programming language, higher-order functions, information security, loose coupling, type inference, web application

Reductio is less widely used than ScalaCheck, but it offers a “native” Java API as well as a Scala API, so it would be more convenient for “pure” Java teams. Other Notable Scala Libraries and Tools While Scala benefits from the rich legacy of Java and .NET libraries, there is a growing collection of libraries written specifically for Scala. Here we discuss some of the more notable ones. Lift Lift is the leading web application framework written in Scala. It recently reached “1.0” status. Lift has been used for a number of commercial websites. You can also find documentation on the Lift website. Other web frameworks include Sweet, Pinky, and Slinky. Scalaz Scalaz is a library that fills in gaps in the standard library.

(exclamation point), under Symbols) base classes, 91 base type, 394 BDD (Behavior-Driven Development), 57 BDD syntax provided by ScalaTest, 361 defined, 394 specification exercising combined Button and Subject types, 80 Specs library, 363–365 BigDecimal class, 221 blogging system (example), 215–216 AtomFeed class, 215 Index | 409 Download at WoweBook.Com boolean literals, 38 bound variables, 394 break method, 63 build tools, 353 Buildr tool, 353 by-name parameters, 189, 263 defined, 394 by-value parameters, 189 defined, 394 C C# abstract methods, 18 override keyword for concrete methods, 18 this keyword, 18 C++ multiple inheritance, 321 templates, 297 C.super type, 273 C.this type, 273 Cake Pattern, 335–340 call site (see declaration site) call-by-name parameters, 277 capture groups, defining in regular expressions, 69 case classes, 136–142 binary operations, 139 copy method in Scala 2.8, 140 defined, 395 defining for pattern matching, 68 enumerations as alternative to, 300 enumerations versus, 304 inheritance, 140, 334 pattern matching on, 67 case clauses, binding nested variables in, 69 case keyword, 394 case class example, 136 case objects, 198 case statements pattern matching versus, 64 cases in pattern matching, 67 unreachable case, 64 character literals, 38 characters operator characters, encoding in Java, 375 used in identifiers, 54 child types, 395 class keyword, 12, 89 classes abstract, 18, 48 adding new methods to, 188 basics of, 89 declaration of classes as singletons, 149 defined, 395 derived, overriding vals declared in parent classes, 25 JDK and .NET, use in Scala, 9 nested, 95 overriding abstract and concrete fields in, 119 overriding abstract and concrete methods, 112 parent, 91 sealed class hierarchies, 151–155 traits versus, 87 Upper class (example), 12 ClassfileAnnotation class, 292 Clickable trait (example), 82 clients, 395 closures, 169 defined, 5, 395 CLR (Common Language Runtime), Scala running on, 5 code examples in this book, xix, 10 code, organizing in files and namespaces, 44 codec for SMTP (example), 206 collections apply and unapplySeq methods, 132 mutable and immutable, 158 command-line tools, 343–353 information on, 10 sbaz, 352 scala, 345–350 scalac, 343 scaladoc, 352 scalap, javap, and jad, 350 comments, 11, 395 companion classes, 126 defined, 395 companion objects, 126–136 apply and unapplySeq methods for collections, 132 apply method, 127–129 conversion methods defined in, 187 creation for case classes, 138 defined, 395 Java static methods and, 134 Map and Set, 146 410 | Index Download at WoweBook.Com methods defined in, visibility to Java code, 373 Pair object for Pair class, 146 unapply method, 129–131 compiled, command-line tool, converting script to, 15 compiler (see scalac compiler) compiling versus interpreting, 12 component model, functional programming and, 192 components defined, 313, 395 fine-grained visibility rules in Scala, 314 implementing as traits, 337 compound types, 276 defined, 395 comprehensions, 59 concrete types, 395 concurrency, 16–21 Actor model of, 393 event-based, 397 Java and, 2 problems of shared, synchronized state, 193 traditional, using threading and events, 203–210 events, 205–210 one-off threads, 203 using java.util.concurrent, 204 using Actors, 194–203 Actors in abstract, 194 Actors in Scala, 194–203 conditional operators, 63 Console.println( ) method, 14 constant identifiers, 54 constants default argument values, 27 defining, 149 constructors, 18, 92–95 case class, 138 constraints on, advantages and disadvantage of, 94 parent class constructors, calling, 94 context-free grammars, 230, 395 contract, 254 defined, 395 contractual constraints in Design by Contract, 340 contravariance or contravariant, 396 contravariant subclassing, 252 covariance or covariant, 396 covariant specialization, 317 covariant subclassing, 252 @cps (continual passing style) annotation, 298 cross-cutting concerns, 396 cross-platform installer (lzPack), 8 curried functions, 184, 278 currying, 396 D data types, 247–288 abstract, 47, 267 parameterized types versus, 270 AnyVal types, conversion to Java primitives, 375 defined, 404 documentation for Scala type system, 288 existential types, 284 importing types and their members, 45 inferring type information, 29–36 infinite data structures and lazy vals, 285 Nothing and Null, 267 parameterized types, 47, 249 path-dependent types, 272 pattern matching on type, 65 reflection, 248 Scala’s sophisticated type system, 6 self-type annotations, 279–283 static versus dynamic typing, 2 structural types, 77, 283 type bounds, 259–267 type hierarchy in Scala, 155 value types, 275–279 variance under inheritance, 251 variance in Scala versus Java, 256–259 variance of mutable types, 255 decimal integer literals, 36 declaration site, 251, 396 declarations annotations in, 289–300 order of declaration, traits and, 86 visibility modifiers in, 97 declarative composition of traits, 86 declarative programming, 396 decompilers (scalap, javap, and jad), 350 deep matching, 67 def keyword, 12, 26 Index | 411 Download at WoweBook.Com default argument value, 396 definitions, method, 26 dependency injection (DI) defined, 396 Spring Framework, 381 using Cake Pattern, 334–340 derived types, 395 access to members of parent types, 97 Design by Contract, 253, 340 BankAccountSpec object (example), 341 defined, 396 design patterns, 325–340, 397 alternative to Visitor Pattern, 326–334 dependency injection (DI) implementation, Cake Pattern, 334–340 diamond of death (problem with multiple inheritance), 321 do-while loops, 62 documentation Scala tools and APIs, 10 Scala type system, 288 DSLs (Domain-Specific Languages), 57, 217– 245 benefits and drawbacks of, 217 defined, 397 external DSLs with parser combinators, 230–244 generating paychecks with external DSL, 239–244 parser combinators, 230 payroll external DSL, 230–233 Scala implementation of external DSL grammar, 233–239 internal DSL for payroll application (example), 218–230 apply methods, 224 implicit conversions and user-defined types, 223 infix operator notation, 223 payroll API, 219–222 payroll internal DSL, 222 payroll rules DSL implementation, 224– 229 internal versus external, 244 duck typing, 283 defined, 397 dynamic typing, 397 versus static typing, 2 dynamically typed languages, 2 E eager matching, 64 EBNF (Extended Backus-Naur Form) grammar notation, 230 external payroll DSL grammar, 231 Eclipse IDE developing Scala applications, 355 installing Scala plugin, 354 Eiffel language, 340 Either object, 158 else clause (if statements), 59 Emacs editor, 360 encapsulation defined, 397 visibility rules and, 96 Ensuring class, 342 enumerated types, 72 Enumeration class, 72 Enumeration.Value class, 302 enumerations, 72, 300–304 advantages and disadvantages of, 304 case classes and pattern matching versus, 304 HttpMethod object (example), 301–304 scala.Enumeration class, 300 eq method (AnyRef), 143 equality of objects, 142 equals method, 143 case class comparisons, 141 equals operator (==), 63 events, 397 using for concurrency, 205–210, 397 exception handling, pattern matching using try, catch, and finally clauses, 70 exceptions @throws annotation and, 298 @unchecked annotation and, 296 and alternatives to, 311 throwing, 71 executing a script, 12 existential types, 266, 284 defined, 397 examples of, 285 expectations, 364 exponentials with floating-point literals, 37 expressions for expression, 59 if statements as, 58 extends keyword, 79, 91 412 | Index Download at WoweBook.Com external DSLs, 218, 230 (see also DSLs) internal DSLs versus, 244 extractors, 397 translating regular expression capture groups to, 69 unapply methods, 129 use in pattern matching case statements, 138 F factory methods, apply method as, 127 family polymorphism, 317 Fibonacci sequence, calculating, 285 fields, 90 comparison to Java class-level, 148 defined, 397 indistinguishable from accessor methods, overriding, 123–126 mutable, 18 order of initialization, using lazy vals, 190 overriding abstract and concrete fields, 114 overriding abstract and concrete fields in classes, 119 overriding abstract and concrete fields in traits, 114–119 referencing object field, 149 visibility and access to, 97 filtering in for expressions, 60 in functional programming, 178 final declarations, attempting to override, 112 final keyword, 397 finishing problem (in DSL design), 229 first class, 397 floating-point literals, 37 fluent interface, 226 folding data structures, 179–181 for comprehensions, 59–61 expanded variable scope, 61 filters in, 60 simple example, 59 using Options with, 308 yielding collections, 60 yielding successive blocks of dynamically formatted XML, 216 foreach method, 79 traversal operations in functional programming, 175 formal parameters, 397 FP (see functional programming) free variables, 397 fsc (fast scala compiler) tool, 353 function literals, 78 closures and, 169 defined, 13, 398 passing to foreach, 16 passing to method for pattern matching, 19 function types, 277 defined, 398 Function.curried method, 185 Functional Java project, 367 functional programming, 165–192, 398 call by name and call by value, 189 component model and, 192 currying, 184 data structures, 172 lists, 173 maps, 173 definition of, 166 filtering operations, 178 folding and reducing operations, 179–181 functions in mathematics, 166 implicit conversions, 186 implicit function parameters, 188 implicits, caution with, 189 lazy vals, 190 mapping operations, 175 mixed paradigm in Scala, 5 Options object, 181 partial functions, 183 pattern matching, 182 recursion, 170 in Scala, 167–170 function literals and closures, 169 tail calls and tail-call optimization, 171 traversal of data structures, 175 variables, immutable values of, 166 FunctionN object, 159 defining traits for, 277 variance under inheritance, 252 functions, 165 (see also functional programming) defined, 398 higher order, 166, 398 overloaded, 401 Scala, using in Java, 371 futures, 202 Index | 413 Download at WoweBook.Com G Gang of Four (GOF) patterns, 325 generator expressions, 62 generators <- (left-arrow) operator, 60 defined, 398 in for comprehensions, 309 generics, 6, 369–371 defined, 398 Java, 47 using from Scala, 369 Scala, using from Java, 370 variance under inheritance, differences between Java and Scala, 251 grammars context-free, 395 EBNF notation for external payroll DSL grammar, 231 parsing expression grammars (PEGs), 401 guards, pattern matching on, 67 H Hadoop library, 384 Haskell, QuickCheck tool, 365 hexadecimal integer literals, 36 higher-order functions, 166, 398 I I/O (input/output) automatic importation of methods by Scala, 15 NIO (non-blocking I/O), 205 identifiers, characters allowed in, 54 IDEs (integrated development environments), 354–360 Eclipse developing Scala applications, 355 installing Scala plugin, 354 IntelliJ developing Scala applications, 357 installing Scala plugins, 356 NetBeans developing Scala applications, 360 installing Scala plugins, 359 text editors, 360 if statements, 58 immutable values, 398 immutable variables, 5 declaring, 24 imperative languages, 20 imperative programming, 398 implicit arguments, 398 implicit conversions caution with, 189 defined, 398 defining custom object and conversion method, 187 in functional programming, 186 in internal DSL payroll implementation, 223 Int into RichInt, 62 Predef.any2ArrowAssoc method, 147 rules for compiler to find and use conversion methods, 187 implicit function parameters, 188 caution with, 189 implicit keyword, 186 defined, 398 implicit typing, 405 import statements, 19 importing Java types and their members, 45 relative path used in, 46 infinite data structures, 398 laziness and, 285 using lazy vals to manage, 191 infix notation, 53 defined, 398 infix operator notation, 223 infix types, 276, 399 inheritance case class, 140 defined, 399 definition, 87 linearization of object hierarchy, 159–163 multiple, problems with, 321 single inheritance plus traits in Scala, 322 variance under, 251–259 instance, 89, 399 instantiate, 399 integer literals, 36 IntelliJ IDEA developing Scala applications, 357 installing Scala plugins, 356 interactive mode, scala command, 10 @interface keyword (Java), 289 internal DSLs, 218, 229 414 | Index Download at WoweBook.Com (see also DSLs) external DSLs versus, 244 interned strings, 39 interpreter, starting, 10 interpreting versus compiling, 12 invariance and invariant, 399 invariant subclassing, 252 invariants, 340 inversion of control (IoC), 334, 399 IOHandlerActorAdapter object, 208 Iterable object, 175 filtering methods, 178 fold and reduce methods, 180 map method, 175 Iterator Pattern, 325 J jad tool, 351 Java, 1 annotations, 289 aspect-oriented programming, AspectJ, 76 DI (dependency injection), 335 importation of data types into Scala, 45 interfacing with type system, using existential types, 284 invoking method name identical to Scala reserved word, 54 JDK (Java Development Kit), 7 JVM (Java Virtual Machine), 2 reflection methods, 248 libraries, interoperability with Scala, 377– 385 AspectJ, 377–381 Hadoop, 384 Spring Framework, 381 Terracotta, 384 package concept for namespaces, 44 regular expressions, 69 Scala interoperability with, 369–377 AnyVal types and Java primitives, 375 Java and Scala generics, 369 JavaBean properties, 374 Scala names in Java code, 375 using Scala functions in Java, 371 static methods, companion objects and, 134–136 static typing, 3 variance, 256–258 java command, 344 java.io.IOException class, 298 java.lang.String class, 186 java.nio package, 205 java.util.concurrent package, 204 JavaBeans conventions for, 374, 381 vetoable events, 84 javac compiler, 7 Javadoc-style @return annotation, 241 javap tool, 350 JavaRebel tool, 368 JavaTokenParsers, 235 JDK (Java Development Kit), 7 join points, 378 JUnit, 81 running specifications, 365 JVM (Java Virtual Machine), 2 JVM version of Scala, 5 installing, 8 L lazy evaluation, infinite data structures and, 285 lazy values, 117, 190 Post class (example), 215 lazy, defined, 399 left-associative method invocations, 57 libraries Java library interoperability, 377–385 AspectJ, 377–381 Hadoop, 384 Spring Framework, 381 Terracotta, 384 miscellaneous smaller Scala libraries, 368 notable Scala libraries, 367 Lift web framework, 367 linearization of object hierarchy, 159–163, 274, 399 algorithm for reference types, 161 hand calculation for C2 (example), 163 LinkedList class that uses Nodes (example), 264 Liskov Substitution Principle, 87 List class apply and unapplySeq methods, 132 declaration, 47 Nil case object, 267 Scala implementation, 261–263 List object Index | 415 Download at WoweBook.Com apply method, parameterized, 251 folding, 179 lists in functional programming, 173 literals, 36–40 boolean, 38 character, 38 defined, 399 floating-point, 37 integer, 36 string, 39 symbol, 39 load-time weaving, 380 loops do-while, 62 for loops or comprehensions, 59–61 generator expressions in, 62 looping through and matching XML, 213 trampoline, 172 while, 61 lower type bounds, 260, 268 M Mac OS X installing Scala, 8 TextMate editor, 360 mailbox for Actors, 196, 399 main method, 15, 399 Manifests, 250 Map companion object, 147 Map values, 146 Map.apply method, 147, 177 MapReduce, 384, 400 maps in functional programming, 173 MatchError object, 151 mathematics, functions in, 166 Maven build tool, 353 members, 90, 400 importing, 45 memoization, 169, 400 support by packrat parsers, 245 messages, 400 metadata, 290 (see also annotations) adding to declarations, 289 default values and, 292 metaprogramming, 8 MetaScala library, 368 method chaining, 223 methods, 90 abstract types as arguments, 270 adding new methods to classes, 188 class-level, 149 declarations, 26–29 default and named arguments, 26 nesting method definitions, 28 defined, 400 defining, 12 Java static methods and companion objects, 134–136, 373 operators as, 53 infix notation, 53 overriding, 112 overriding accessor methods indistinguishable from fields, 123–126 parameterized, 251 without parentheses and dots, 55 operator precedence, 56 referencing object method, 149 Meyer, Bertrand, 340 MINA (Apache), 205 events provided by, 209 mixin composition, 4, 316, 322 using traits, 6 mixins, 75 defined, 400 invasive, 324 traits as, 76–82 modules components and, 313 contract of, 340 multiple inheritance, 400 mutable fields, 18 mutable values, 400 N Naggati library, 205 named arguments, 27, 400 namespaces, 44 relationship to Scala’s nested package syntax, 44 ne method (AnyRef), 143 nested classes, 95 .NET invoking method name identical to Scala reserved word, 54 regular expressions, 69 .NET version of Scala, 5 416 | Index Download at WoweBook.Com NetBeans developing Scala applications, 360 installing Scala plugins, 359 new operator, 14 Nil case object, 267 NIO (non-blocking I/O), 205 NioSocketAcceptor object, 208 NodeSeq class, \ and \\ methods, 55 NodeSeq object, 212 None class, 41 nonterminals, 232, 400 Nothing type, 259, 267 Null object, 267 nulls avoiding using Option, Some, and None classes, 41–43 Options versus, 306 O object system (Scala), 145–164 classes and objects, 148 package objects, 150 linearization of object hierarchy, 159–163 Predef object, 145 sealed class hierarchies, 151–155 type hierarchy, 155 object-oriented programming (OOP), 89 case classes, 136–142 classes and objects, basics of, 89 companion objects, 126–136 constructors, 92–95 defined, 400 equality of objects, 142 mixed paradigm in Scala, 4 nested classes, 95 overriding members of classes and traits, 111–126 parent classes, 91 reusable software components and, 192 visibility rules, 96–110 objects basics of, 89 deep matching on contents, 67 defined, 400 instantiation in Scala, 149 in Scala, 5 versus class-level members, 14 ObservableClicks trait (example), 83 working with VetoableClicks trait (example), 85 Observer Pattern, 77, 326 trait implementing, 77 octal integer literals, 36 Odersky, Martin, 7 Open-Closed Principle (OCP), 153 violation by Visitor Pattern, 328 operator characters, 54 defined, 401 encoding in Java identifiers, 375 in identifiers, 54 operator notation, 398 infix operator notation, 53, 223 operator overloading, 401 operator precedence, 56 operators, 53 conditional, 63 Option class, 41–43 alternatives to exceptions, 312 functional operations on, 181 nulls versus, 306 using with for comprehensions, 308 or operator (||), 63 overloaded functions, 401 overloaded methods, 90 explicit return type requirement, 32 override keyword, 18, 79, 111 overriding class and trait members, 111–126 abstract and concrete fields, 114 in classes, 119 in traits, 114–119 abstract and concrete methods, 112 abstract types, 120–123 accessor methods indistinguishable from fields, 123–126 final declarations, 112 P package objects, 150, 401 packages, 44 defining using nested package syntax in Scala, 44 root package for Scala library classes, 45 packrat parsers, 245, 401 Pair class, 146 apply method, 127 Pair object, 146 parameterized methods, 251 Index | 417 Download at WoweBook.Com parameterized types, 13, 47, 249 abstract types versus, 270 defined, 401 Manifests, 250 parameterized methods, 251 value types created from, 275 parameters constructor, initialization of vals and vars, 25 implicit function parameters, 188 order of, named arguments and, 27 required return type annotations, 30 parent classes, 91, 401 parser combinators, external DSLs with, 230– 244 generating paychecks with PayrollParserCombinators, 239– 244 payroll external DSL, 230–233 Scala implementation of external DSL grammar, 233–239 Parsers object, 235 documentation of composition operators, 233 ~ case class, 238 parsing expression grammars (PEGs), 245, 401 partial application, 401 partial functions, 183, 401 path-dependent types, 272, 401 C.super, 273 C.this, 273 p.Success case class (example), 236 period-delimited path expressions, 274 pattern matching, 19, 64–72 binding nested variables in case clauses, 69 on case classes, 67 defined, 401 on enumerations, 302 extractors in case statements, 138 in functional programming, 182 matching on tuples and guards, 66 polymorphism versus, 20 on regular expressions, 68 on sequences, 65 simple match of boolean values, 64 on type, 65 using on XML structures, 213 using try, catch, and finally clauses, 70 using with case classes, enumerations versus, 304 variables in matches, 64 pattern matching identifiers, 54 payroll external DSL (example), 230–233 payroll internal DSL (example), 222 PEGs (parsing expression grammars), 245, 401 performance, 6 Pimp My Library design pattern, 188, 401 plain identifiers, 54 pointcuts, 378 polymorphism family polymorphism, 317 pattern matching versus, 20, 71, 182 postconditions, 340, 402 postfix notation, 53, 402 @Pre annotation, 290 pre-initialized fields, 117 precedence, operator, 56 preconditions, 340, 401 Predef object, 145 any2ArrowAssoc method, 147 declaring types and exceptions, 146 documentation, 148 implicit conversion methods for value types, 158 items imported or defined by, 145 require and assume methods, using for contract enforcement, 340 stringWrapper method, 186 primary constructor, 92, 402 primitive data types, 402 instances of value types corresponding to, 91 Java, conversion of AnyVal types to, 375 println function, 14, 15 partially applied (example), 183 private keyword, 92, 97 private visibility, 100 scoped, 102–110 production, 402 production rules, 232 projection functions, 212 protected keyword, 97 protected visibility, 99 scoped, 102–110 public visibility, 98 pure (side-effect-free functions), 402 418 | Index Download at WoweBook.Com Q exceptions, 312 method resolution in, 283 QuickCheck (Haskell), 365 S R Range object, 287 Range.Inclusive class, 62 raw strings in regular expression pattern matching, 69 recursion, 28, 402 explicit return type annotation, 30, 31 in functional programming, 170 tail-call, 171 foldLeft and reduceLeft, 181 reducing data structures, 179–181 Reductio tool, 367 reference types, 91, 402 linearization algorithm for, 160, 161 listed, 156 parent of, AnyRef, 155 testing equality, 143 referential transparency, 402 refinement in compound type declarations, 276 defined, 402 reflection, 248 Regex class, 69 regular expressions matching on, 68 use in parsing, 235 reified types, 402 relative imports, 46 REPL (Read, Evaluate, Print, Loop), 402 Request case class, 207 requirements specification, 363 reserved words listing of reserved words in Scala, 49 not allowed in identifiers, 54 @Retention annotation, 290 @return annotation, 241 return keyword, 13, 31 return type for methods, 30–36 required explicit declarations of, 31 using Option, Some, and None types, 41 RichInt class, 62 RichString class, 186 right-associative method invocations, 57 Ruby dynamic typing, 2 sbaz tool, 10, 352 installing ScalaCheck, 365 SBT (simple build tool), 353 Scala benefits of, 7 code examples, 10–16 combining with other languages, 8 installing, 8 introduction to, 4 official website, 8 resources for more information, 10 scala command, 10, 12, 345–350 -cp option, 16, 346 commands available in scala interactive mode, 347 documentation, 348 interactive mode, 10 invoking scripts, 348 limitations of, versus scalac, 348 options, 347 running in interpreted mode, 346 script or object specified for, 346 scala-tool-support package, 360 scala.actors.Actor class, 194 @scala.reflect.BeanProperty annotation, 374, 381 scalability, Scala support for, 6 scalable abstractions (see components) scalable language (Scala), 7 scalac compiler, 10, 343 -X options, 345 -Xscript option, 349 command options, 344 compiling code into JVM .class file, 16 plugin architecture, 345 scala command versus, 348 ScalaCheck, 365 scaladoc tool, 10, 352 Scaladocs, 402 ScalaObject class, 157 $tag method, 351, 393 scalap tool, 350 ScalaTest, 361 Scalax library, 368 Scalaz library, 367 Index | 419 Download at WoweBook.Com scope defined, 402 expanded variable scope in for comprehensions, 61 package objects, 150 of private and protected visibility, 102–110 scripting languages, popularity of, 2 sealed class hierarchies, 151–155 sealed keyword, 402 self types, 6 self-type annotations, 279–283 and abstract type members, 317 defined, 403 TwitterClientComponent (example), 337 Seq class, first and firstOption methods, 312 sequences matching on, 65 Range.Inclusive class, 62 sequential composition, 233 combinator operators, 234 @serialVersionUID annotation, 291 Set companion object, 147 Set values, 146 sets in functional programming, 174 short-circuiting operators (&& and ||), 63 side-effect-free, 403 signature, 90, 403 single inheritance, 403 Single Responsibility Principle, 76 singleton objects, 14, 134 eliminating need for Singleton Pattern, 325 methods defined in companion objects, 373 singleton types, 279, 403 singletons, 403 Scala classes declared as, 149 sleeping barber problem (demonstrating Actors), 197–202 SMTP mail server (example), 205–210 codec for SMTP, 206 conversation with server, 209 setup, 207 SmtpHandler class, 208 Some class, 41 @specialized annotation, 297 Specs library, 57, 363–365 using for BDD specification exercising combined Button and Subject types, 80 Spring Framework, 381 stable types, 403 state, 403 static members, Scala and, 148 static typing, 403 versus dynamic typing, 2 StaticAnnotation class, 291 annotations derived from, 294 Stream class, 286 strict, 403 String class, 186 implicit conversion to RichString, 187 string literals, 39 strong versus weak typing, 3 structural types, 77, 283 defined, 403 subtypes, 395, 403 super keyword, 114 supertype, 403 @switch annotation, 296 symbol literals, 39 symbols, 133 defined, 403 in method names and other identifiers, 53 T $tag method (ScalaObject), 351, 393 tail calls, 171 @tailRec annotation and, 296 foldLeft and reduceLeft operations, 181 trampoline for, 172 tail-call recursion, 403 @tailRec annotation, 296 TDD (Test-Driven Development), 81, 361– 367 defined, 403 Design by Contract and, 342 ScalaCheck tool, 365 ScalaTest tool, 361 Specs library, 363–365 terminals, 232, 403 Terracotta library, 384 test double, 404 text editors, 360 TextMate editor, 360 this keyword, 18, 89 self versus, in self-type annotations, 319 self-type annotations, 279 super versus, 114 420 | Index Download at WoweBook.Com threading in Scala, 203 one-off threads, 203 using java.util.concurrent, 204 @throws annotation, 298 trait keyword, 77 traits, 4, 75–88 aspects versus, 381 constructing, 86 class or trait, 87 initializing values in traits, 87 defined, 404 effective design of, 321–325 functions as instances of, 278 implementing components with, 337 as mixins, 76–82 vetoing click events, 84 overriding accessor methods indistinguishable from fields, 125 overriding members of abstract and concrete fields, 114–119 promotion of mixin composition, 316 stacking, 82 trampolines, 172, 404 try, catch, and finally clauses, 70 tuples, 40 defined, 404 pattern matching on, 66 value type, syntax for, 275 ways to create two-item tuple, 148 Twitter client, component model for (example), 335–340 type alias, 74 type annotations, 12 defined, 404 required explicit type annotations, 30 self-type annotations, 279–283 type bounds, 256, 259–267 defined, 404 List class, Scala implementation, 261–263 lower, 260 upper, 259 using in abstract type declarations, 268 views and view bounds, 263 type constructors, 404 type designators, 275, 404 type erasure, 90 defined, 405 getClass method on JVM, 248 type inference, 29–36, 405 type projections, 279, 405 type system, 2, 247 (see also data types) Scala, 6 type variance, 251, 405 (see also variance under inheritance) type variance annotations, 405 types, 247 (see also data types) defined, 404 typing, 2 U unapply method, 129–131 unapplySeq method for collections, 132 @unchecked annotation, 296 Unicode characters, 38 Uniform Access Principle, 97, 124 universe (sbaz remote repository), 352 upper type bounds, 259, 268 V val keyword, 14 in declaration of read-only variable, 11 using in declaration of immutable variable, 24 vals, lazy (see lazy values) Value class, 302 Value object, 405 value types, 91, 275 defined, 405 function types, 277 implicit conversions by Predef object methods, 158 infix types, 276 listed, 156 parameterized types, 275 singleton types, 279 tuples, 275 type designators, 275 type projections, 279 use in type bounds expressions, 268 Value.toString method, 73 values, 405 var keyword, 18 variable identifiers, 54 variable-length argument lists, 12, 147 variables Index | 421 Download at WoweBook.Com binding nested variables in case clauses, 69 declarations, 24 defined, 405 expanded scope in for expressions, 61 immutable values in functional programming, 166 in matches, 64 mutable and immutable, 5 in static and dynamic typing, 2 variance annotations, 249 summary of, 251 variance under inheritance, 251 abstract versus parameterized types, 270 variance in Scala versus Java, 256–259 variance of mutable types, 255 versions, Scala, 9 VetoableClicks trait (example), 85 view bounds, 264–267, 405 implementing LinkedList class that uses Nodes, 264 views, 187, 263–267, 405 Vim editor, 360 visibility, 96–110, 405 fine-grained visibility rules in Scala, 314 private, 100 protected, 99 public, 98 scoped private and protected visibility, 102– 110 summary of visibility scopes, 97 Visitor Pattern, alternative to, 326–334 exploring using NodeSeq tools, 212 looping and matching, 213 reading, 211 writing, 214 blogging system (example), 215–216 Y yield keyword, 60 W weak versus strong typing, 3 weaving, load-time, 380 web application frameworks, 367 web page for this book, xxi code examples, xix, 10 while loops, 61 implementing using by-name parameters and currying, 189 with keyword, 79 wrapper classes in Scala, 186 Rich wrapper classes defined in scala.runtime package, 187 X XML, 211–216 422 | Index Download at WoweBook.Com About the Authors Dean Wampler is a consultant, trainer, and mentor with Object Mentor, Inc.

Dean is a frequent speaker at industry and academic conferences on these topics. He has a Ph.D. in physics from the University of Washington. Alex Payne is Platform Lead at Twitter, Inc., where he develops services that enable programmers to build atop the popular social messaging service. Alex has previously built web applications for political campaigns, non-profits, and early-stage startups, and supported information security efforts for military and intelligence customers. In his free time, Alex studies, speaks, and writes about the history, present use, and evolution of programming languages, as well as minimalist art and design.


pages: 567 words: 122,311

Lean Analytics: Use Data to Build a Better Startup Faster by Alistair Croll, Benjamin Yoskovitz

Airbnb, Amazon Mechanical Turk, Amazon Web Services, Any sufficiently advanced technology is indistinguishable from magic, barriers to entry, Bay Area Rapid Transit, Ben Horowitz, bounce rate, business intelligence, call centre, cloud computing, cognitive bias, commoditize, constrained optimization, data science, digital rights, en.wikipedia.org, Firefox, Frederick Winslow Taylor, frictionless, frictionless market, game design, gamification, Google X / Alphabet X, growth hacking, hockey-stick growth, Infrastructure as a Service, Internet of things, inventory management, Kickstarter, lateral thinking, Lean Startup, lifelogging, longitudinal study, Marshall McLuhan, minimum viable product, Network effects, PalmPilot, pattern recognition, Paul Graham, performance metric, place-making, platform as a service, power law, price elasticity of demand, reality distortion field, recommendation engine, ride hailing / ride sharing, rolodex, Salesforce, sentiment analysis, skunkworks, Skype, social graph, social software, software as a service, Steve Jobs, subscription business, telemarketer, the long tail, transaction costs, two-sided market, Uber for X, web application, Y Combinator

Similarly, business professionals involved in product development, product management, marketing, public relations, and investing will find much of the content relevant, as it will help them understand and assess startups. Most of the tools and techniques we’ll cover were first applied to consumer web applications. Today, however, they matter to a far broader audience: independent local businesses, election managers, business-to-business startups, rogue civil servants trying to change the system from within, and “intrapreneurs” innovating within big, established organizations.[2] In that respect, Lean Analytics is for anyone trying to make his or her organization more effective.

Apple’s application model is tightly regimented, with the company controlling what’s allowed and reviewing submissions. Applications for the Android platform may be downloaded from the Android store or “side-loaded” from sources that aren’t tightly controlled. For Lean startups, an app store model[34] presents a challenge. Unlike web applications, where it’s easy to do A/B testing and continuous deployment, mobile apps go through the app store gatekeeper—which limits the number of iterations a company can undergo, and hampers experimentation. Modern mobile apps are getting around the gatekeepers to some degree by feeding in online content without requiring an actual app upgrade, but this takes extra work to set up.

If something is going to take months to build, you need good confidence that it will have a significant impact. Can you break it into smaller parts, or test the inherent risk with a curated MVP or a prototype instead? 4. Will the Feature Overcomplicate Things? Complexity kills products. It’s most obvious in the user experience of many web applications: they become so convoluted and confusing that users leave for a simpler alternative. “And” is the enemy of success. When discussing a feature with your team, pay attention to how it’s being described. “The feature will allow you to do this, and it’d be great if it did this other thing, and this other thing, and this other thing too.”


pages: 71 words: 14,237

21 Recipes for Mining Twitter by Matthew A. Russell

en.wikipedia.org, Google Earth, natural language processing, NP-complete, social web, web application

ISBN: 978-1-449-30316-7 [LSI] 1296485191 Table of Contents Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii The Recipes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 1.10 1.11 1.12 1.13 1.14 1.15 1.16 1.17 1.18 1.19 1.20 1.21 Using OAuth to Access Twitter APIs Looking Up the Trending Topics Extracting Tweet Entities Searching for Tweets Extracting a Retweet’s Origins Creating a Graph of Retweet Relationships Visualizing a Graph of Retweet Relationships Capturing Tweets in Real-time with the Streaming API Making Robust Twitter Requests Harvesting Tweets Creating a Tag Cloud from Tweet Entities Summarizing Link Targets Harvesting Friends and Followers Performing Setwise Operations on Friendship Data Resolving User Profile Information Crawling Followers to Approximate Potential Influence Analyzing Friendship Relationships such as Friends of Friends Analyzing Friendship Cliques Analyzing the Authors of Tweets that Appear in Search Results Visualizing Geodata with a Dorling Cartogram Geocoding Locations from Profiles (or Elsewhere) 1 3 5 7 10 13 15 20 22 25 29 34 37 39 43 45 48 50 52 54 58 v Preface Introduction This intentionally terse recipe collection provides you with 21 easily adaptable Twitter mining recipes and is a spin-off of Mining the Social Web (O'Reilly), a more comprehensive work that covers a much larger cross-section of the social web and related analysis. Think of this ebook as the jetpack that you can strap onto that great Twitter mining idea you've been noodling on—whether it’s as simple as running some disposible scripts to crunch some numbers, or as extensive as creating a full-blown interactive web application. All of the recipes in this book are written in Python, and if you are reasonably confident with any other programming language, you’ll be able to quickly get up to speed and become productive with virtually no trouble at all. Beyond the Python language itself, you’ll also want to be familiar with easy_install (http://pypi.python.org/pypi/setup tools) so that you can get third-party packages that we'll be using along the way.


pages: 90 words: 17,297

Deploying OpenStack by Ken Pepple

Amazon Web Services, cloud computing, database schema, Infrastructure as a Service, Kickstarter, Ruby on Rails, web application, x509 certificate

This should be an address in the form of http://xxx.xxx.xxx.xxx:8888/, where xxx.xxx.xxx.xxx is your server’s IP address. Once you connect to that address, you will be redirected to Smart Installer login screen. Note Your browser will need to have access to the Internet. It acts as a middleman between the two, gathering config data from your server and transferring to the configuration web application. Your server does not need access to the Internet. The first screen of the Smart Installer will ask you to create an account and then login. While creating an account is not a necessity, it will allow you to save, edit, and redeploy your configurations later. Figure 7-3 shows the login screen.


pages: 792 words: 48,468

Tcl/Tk, Second Edition: A Developer's Guide by Clif Flynt

book value, Donald Knuth, hypertext link, machine readable, revision control, web application

There are several Tcl integrated development environments (IDEs) available, ranging from commercial packages such as ActiveState’s Komodo and Neatware’s MyrmocoX, to freeware such as ASED and TclIDE, to tools such as the editor Mike Doyle and Hattie Schroeder developed as an example in their book Interactive Web Applications with Tcl/Tk (www.eolas.com/tcl). IDEs are discussed in more detail in Chapter 14. Several of these packages are found on the companion CD-ROM. 27 28 Chapter 2 The Mechanics of Using the Tcl and Tk Interpreters You can also use the Tk Console to type in Tcl commands and then save them to a file via the File > Save > History menu choice.

The ease with which HTML support is added to the text widget may make you think that it would be easy to write a full browser with Tk. Before you do too much work on that project, take a look at Steve Ball’s plume browser at http://tcltk.anu.edu.au/1.0a1/ and read Mike Doyle and Hattie Schroeder’s book Web Applications in Tcl/Tk. Much of the work you will need to do to create a browser has already been done. Using a text widget to implement a browser display has the following problems. ■ Performance: Displaying HTML in a text widget requires a great deal of parsing HTML and calculating layout parameters. This can be compute intensive, and becomes slow when done in an interpreted language like Tcl

Example 14.9 Script Example load /usr/local/lib/libmysqltcl.so # Connect to database set handle [mysqlconnect -db clif1] # Create two new tables set createCmds { {CREATE TABLE books ( first CHAR(20), last CHAR(20), title CHAR(50), publisher INTEGER, ID INTEGER);} {CREATE TABLE publishers ( name CHAR(50), id INTEGER);} } foreach createCmd $createCmds { set result [mysqlexec $handle $createCmd] puts “Create Table result: $result” } # Define data for tables set bookData { {’Brent’, ’Welch’, \ ’Practical Programming in Tcl/Tk’, 2, 1} {’Dave’, ’Zeltserman’, \ ’Building Network Management Tools with Tcl/Tk’, 2, 2} {’Mike’, ’Doyle’, \ ’Interactive Web Applications with Tcl/Tk’, 1, 3} {’Clif’, ’Flynt’, \ 589 590 Chapter 14 Extensions and Packages ’Tcl/Tk: A Developer\’s Guide’, 1, 4} } set publisherData { {’Morgan Kaufmann’, 1} {’Prentice Hall’, 2} } # Insert data into the tables. foreach book $bookData { set result [mysqlexec $handle “INSERT INTO books VALUES ($book)”] puts “Insert result: $result” } foreach pub $publisherData { mysqlexec $handle “INSERT INTO publishers VALUES ($pub)” } # And now extract data and generate a simple report. set fail [catch \ {mysqlsel $handle “SELECT * FROM books” -list } bookList] if {$fail} { error “SQL error number $mysqlstatus(code) message: $bookList” “” } foreach book $bookList { foreach {first last title pubId id} $book {} foreach {pubName pubID} [mysqlsel $handle \ “Select * from publishers where ID=$pubId” -flatlist] {} puts [format “%-12s %-30s \n %-30s” \ $last $title $pubName] } Script Output Create Create Insert Insert Insert Insert Welch Table result: 0 Table result: 0 result: 1 result: 1 result: 1 result: 1 Practical Programming in Tcl/Tk Prentice Hall Zeltserman Building Network Management Tools with Tcl/Tk Prentice Hall Doyle Interactive Web Applications with Tcl/Tk 14.6 VSdb Package Flynt Academic Press Professional Tcl/Tk, A Developer’s Guide Morgan Kaufmann 14.6 VSdb Package Language Tcl Primary Site http://sourceforge.net/projects/tclvs/ Original Author Steve Wahle Contact creat@lowcountry.com, Scott Beasley Tcl Revision Supported Tcl: 8.x; Tk: 8.x Supported Platforms UNIX, Windows The VSdb package is a small, pure Tcl database package that can easily be merged into an application that needs to be portable.


Mining of Massive Datasets by Jure Leskovec, Anand Rajaraman, Jeffrey David Ullman

cloud computing, crowdsourcing, en.wikipedia.org, first-price auction, G4S, information retrieval, John Snow's cholera map, Netflix Prize, NP-complete, PageRank, pattern recognition, power law, random walk, recommendation engine, second-price auction, sentiment analysis, social graph, statistical model, the long tail, web application

(4)The technology of search engines, including Google’s PageRank, link-spam detection, and the hubs-and-authorities approach. (5)Frequent-itemset mining, including association rules, market-baskets, the A-Priori Algorithm and its improvements. (6)Algorithms for clustering very large, high-dimensional datasets. (7)Two key problems for Web applications: managing advertising and recommendation systems. (8)Algorithms for analyzing and mining the structure of very large graphs, especially social-network graphs. (9)Techniques for obtaining the important properties of a large dataset by dimensionality reduction, including singular-value decomposition and latent semantic indexing

The idea of competitive ratio is another important concept covered in this chapter; it is the ratio of the guaranteed performance of an online algorithm compared with the performance of the optimal algorithm that is allowed to see all the data before making any decisions. These ideas are used to give good algorithms that match bids by advertisers for the right to display their ad in response to a query against the search queries arriving at a search engine. Finally, Chapter 9 is devoted to recommendation systems. Many Web applications involve advising users on what they might like. The Netflix challenge is one example, where it is desired to predict what movies a user would like, or Amazon’s problem of pitching a product to a customer based on information about what they might be interested in buying. There are two basic approaches to recommendation.

Conf. on Management of Data, pp. 103–114, 1996. 1 You can prove this fact by evaluating a double integral, but we shall not do the math here, as it is not central to the discussion. 2 This space would not be Euclidean, of course, but the principles regarding hierarchical clustering carry over, with some modifications, to non-Euclidean clustering. 3 Do not forget that the term “cluster” has two completely different meanings in this section. 8 Advertising on the Web One of the big surprises of the 21st century has been the ability of all sorts of interesting Web applications to support themselves through advertising, rather than subscription. While radio and television have managed to use advertising as their primary revenue source, most media – newspapers and magazines, for example – have had to use a hybrid approach, combining revenue from advertising and subscriptions.


pages: 122 words: 19,807

Tmux: Productive Mouse-Free Development by Brian P. Hogan

en.wikipedia.org, Ruby on Rails, Skype, web application

script_id=1349 [7] http://www.iterm2.com [8] http://superuser.com/questions/285381/how-does-the-tmux-color-palette-work [9] See http://www.foragoodstrftime.com/ for a handy tool to help you find the perfect time format. Copyright © 2012, The Pragmatic Bookshelf. Chapter 3 Scripting Customized tmux Environments You probably run a wide collection of tools and programs as you work on your projects. If you’re working on a web application, you most likely need to have a command shell, a text editor, a database console, and another window dedicated to running your automated test suite for your application. That’s a lot of windows to manage, and a lot of commands to type to get it all fired up. Imagine being able to come to your workstation, ready to tackle that new feature, and being able to bring every one of those programs up, each in its own pane or window in a single tmux session, using a single command.


pages: 294 words: 82,438

Simple Rules: How to Thrive in a Complex World by Donald Sull, Kathleen M. Eisenhardt

Affordable Care Act / Obamacare, Airbnb, Apollo 13, asset allocation, Atul Gawande, barriers to entry, Basel III, behavioural economics, Berlin Wall, carbon footprint, Checklist Manifesto, complexity theory, Craig Reynolds: boids flock, Credit Default Swap, Daniel Kahneman / Amos Tversky, democratizing finance, diversification, drone strike, en.wikipedia.org, European colonialism, Exxon Valdez, facts on the ground, Fall of the Berlin Wall, Glass-Steagall Act, Golden age of television, haute cuisine, invention of the printing press, Isaac Newton, Kickstarter, late fees, Lean Startup, Louis Pasteur, Lyft, machine translation, Moneyball by Michael Lewis explains big data, Nate Silver, Network effects, obamacare, Paul Graham, performance metric, price anchoring, RAND corporation, risk/return, Saturday Night Live, seminal paper, sharing economy, Silicon Valley, Startup school, statistical model, Steve Jobs, TaskRabbit, The Signal and the Noise by Nate Silver, transportation-network company, two-sided market, Wall-E, web application, Y Combinator, Zipcar

We were particularly interested in the remarkable story of one of Kathy’s graduate students at Stanford, Raghu Shukla, who went from diligent scholar to professional-level poker player in the space of two years. Raghu grew up in Chennai, and attended the University of Delhi before finishing his degree in math at the University of Southern California. He followed several cousins, and became a computer science graduate student at Stanford. After finishing an especially rough web-application assignment, he played his first poker game with other students one Saturday night. Yet unlike many of his equally smart friends, Raghu dramatically improved his poker-playing rules over time. The poker-playing grad students favored Texas Hold’em. In this version of the game, each player gets two face-down cards at the start of the hand (the hole).

.” [>] Raghu grew up: Raghu’s story is based on interviews with him on March 17, 2014, and June 6, 2014, emails, and other conversations. At his request, we have used a pseudonym for him, and changed some identifying details. Raghu would like readers to know that he spent his college summers working as an intern with a consulting firm in Dubai, at a tech startup, and with a winemaker in Clovis, California, and that the web-application assignment was for CS 142. [>] The poker-playing grad students: Kathy thanks Bob Eberhart for significantly improving her strategic knowledge of poker. [>] He also learned: Keeping opponents off-balance by switching these strategies is also recommended by poker coach Corwin Cole. Corwin Cole, “Unpredictability Keeps Opponents Off Balance,” San Jose Mercury News, April 18, 2014. [>] Professor Melissa Schilling: Melissa A.


Functional Programming in Scala by Paul Chiusano, Rúnar Bjarnason

domain-specific language, functional programming, higher-order functions, iterative process, loose coupling, off-by-one error, type inference, web application

These systems are often expressed in terms of actors, which communicate via explicit message sends and receives. We can express components in these architectures as stream processors, which lets us describe extremely complex state machines and behaviors while retaining a high-level, compositional API. Servers, web applications: A web application can be thought of as converting a stream of HTTP requests to a stream HTTP responses. UI programming: We can view individual UI events such as mouseclicks as streams, and the UI as one large network of stream processors determining how the UI responds to user interaction. Big data, distributed systems: Stream processing libraries can be distributed and parallelized for processing large amounts of data.


Industry 4.0: The Industrial Internet of Things by Alasdair Gilchrist

3D printing, additive manufacturing, air gap, AlphaGo, Amazon Web Services, augmented reality, autonomous vehicles, barriers to entry, business intelligence, business logic, business process, chief data officer, cloud computing, connected car, cyber-physical system, data science, deep learning, DeepMind, deindustrialization, DevOps, digital twin, fault tolerance, fulfillment center, global value chain, Google Glasses, hiring and firing, industrial robot, inflight wifi, Infrastructure as a Service, Internet of things, inventory management, job automation, low cost airline, low skilled workers, microservices, millennium bug, OSI model, pattern recognition, peer-to-peer, platform as a service, pre–internet, race to the bottom, RFID, Salesforce, Skype, smart cities, smart grid, smart meter, smart transportation, software as a service, stealth mode startup, supply-chain management, The future is already here, trade route, undersea cable, vertical integration, warehouse robotics, web application, WebRTC, Y2K

This was more to do with the vendor retaining control of development and being able to up-sell functionality and integration with other enterprise applications and databases as an additional service. However, as IT shifted away from SOA to web and mobile applications, APIs have also become a relatively simple template that we use to communicate between our mobile and web applications and with other backend databases and enterprise applications. Let’s break it down by looking at each of its parts. Let’s first look at an API’s component parts. Application If you have a laptop, tablet, or smartphone, you are well acquainted with what applications are, i.e., the tools, games, social networks, and other software that we use every day.

These independent services run a unique process and communicate through a well-defined, lightweight web service or other mechanism in order to deliver a specific result. 151 152 Chapter 9 | Software Design Concepts What makes microservices valuable are that applications can be constructed that decouple the underlying complexities of the host systems from the application’s purpose. If we take a look at a client-server web application, these are built as monolithic applications, where the server portion of the code handles HTTP requests, executes logic, and retrieves or posts data from/to the database. The problem with this style is that any changes will require a new version of the entire application, as each function is intertwined and not readily isolated and updatable.


pages: 502 words: 82,170

The Book of CSS3 by Peter Gasston

centre right, disruptive innovation, en.wikipedia.org, Firefox, Google Chrome, Great Leap Forward, Salesforce, web application, wikimedia commons

Summary The introduction of transparency to CSS may seem minor, but transparency could potentially cause some significant changes to page designs; overlapping colors have long been a staple of print design, but this style has yet to make serious inroads into web design because of how difficult it is to implement. The appearance property is also a small change with big implications. HTML5 is arriving and bringing with it expanded scope for building web applications and further blurring the boundaries between desktop and Web. More web applications will frequently blend with a user’s operating system in the near future. In the next chapter, I’ll complete the quartet of chapters on backgrounds, borders, and colors with a look at the bleeding edge of CSS3: the gradient background. Color and Opacity: Browser Support WebKit Firefox Opera IE opacity Yes Yes Yes No (expected in IE9) RGBA values Yes Yes Yes No (expected in IE9) HSL values Yes Yes Yes No (expected in IE9) HSLA values Yes Yes Yes No (expected in IE9) currentColor value Yes Yes Yes No (expected in IE9) appearance Yes Yes No No Chapter 11.


pages: 292 words: 81,699

More Joel on Software by Joel Spolsky

a long time ago in a galaxy far, far away, AOL-Time Warner, barriers to entry, Black Swan, Build a better mousetrap, business process, call centre, Danny Hillis, David Heinemeier Hansson, Dennis Ritchie, failed state, Firefox, fixed income, functional programming, George Gilder, Larry Ellison, Larry Wall, lolcat, low cost airline, Mars Rover, Network effects, Paradox of Choice, Paul Graham, performance metric, place-making, price discrimination, prisoner's dilemma, Ray Oldenburg, Ruby on Rails, Salesforce, Sand Hill Road, Silicon Valley, slashdot, social software, Steve Ballmer, Steve Jobs, Superbowl ad, The Great Good Place, The Soul of a New Machine, Tragedy of the Commons, type inference, unpaid internship, wage slave, web application, Y Combinator

Let’s pretend that you’re building some kind of a web-based application, since those seem to be all the rage with the kids these days. Now, there’s a security vulnerability called the Cross-Site Scripting Vulnerability, a.k.a. XSS. I won’t go into the details here: all you have to know is that when you build a web application, you have to be careful never to repeat back any strings that the user types into forms. So, for example, if you have a web page that says, “What is your name?” with an edit box and then submitting that page takes you to another page that says, “Hello, Elmer!” (assuming the user’s name is Elmer), well, that’s a security vulnerability, because the user could type in all kinds of weird HTML and JavaScript instead of “Elmer,” and their weird JavaScript could do narsty things, and now those narsty things appear to come from you, so, for example, they can read cookies that you put there and forward them on to Dr.

For example, maybe you want to store these user strings in a database somewhere, and it doesn’t make sense to have them stored HTML encoded in the database, because they might have to go somewhere that is not an HTML page, like to a credit card processing application that will get confused if they are HTML encoded. Most web applications are developed under the principle that all strings internally are not encoded until the very last moment before they are sent to an HTML page, and that’s probably the right architecture. 188 More from Joel on Software We really need to be able to keep things around in unsafe format for a while.


pages: 350 words: 90,898

A World Without Email: Reimagining Work in an Age of Communication Overload by Cal Newport

Cal Newport, call centre, Claude Shannon: information theory, cognitive dissonance, collaborative editing, Compatible Time-Sharing System, computer age, COVID-19, creative destruction, data science, David Heinemeier Hansson, fault tolerance, Ford Model T, Frederick Winslow Taylor, future of work, Garrett Hardin, hive mind, Inbox Zero, interchangeable parts, it's over 9,000, James Watt: steam engine, Jaron Lanier, John Markoff, John Nash: game theory, Joseph Schumpeter, Kanban, Kickstarter, knowledge worker, Marshall McLuhan, Nash equilibrium, passive income, Paul Graham, place-making, pneumatic tube, remote work: asynchronous communication, remote working, Richard Feynman, rolodex, Salesforce, Saturday Night Live, scientific management, Silicon Valley, Silicon Valley startup, Skype, social graph, stealth mode startup, Steve Jobs, supply-chain management, technological determinism, the medium is the message, the scientific method, Tragedy of the Commons, web application, work culture , Y Combinator

For a more comprehensive picture of what’s going on in the standard networked office, we’ll turn to a small productivity software firm called RescueTime, which in recent years, with the help of a pair of dedicated data scientists, has been quietly producing a remarkable data set that allows an unprecedented look into the details of the communication habits of contemporary knowledge workers. * * * — The core product of RescueTime is its eponymous time-tracking tool, which runs in the background on your devices and records how much time you spend using various applications and websites. The company’s origin story begins in 2006, when a group of web application developers became fed up with the experience of working hard all day and then feeling like they didn’t have much actual output to show for it. Curious to figure out where their time was going, they cobbled together some scripts to monitor their behavior. As Robby Macdonell, the current CEO, explained to me, their experiment became popular in their social circles: “We were hearing from more and more people who wished they could see what their application use actually looked like.”

As Robby Macdonell, the current CEO, explained to me, their experiment became popular in their social circles: “We were hearing from more and more people who wished they could see what their application use actually looked like.” In the winter of 2008, the idea was accepted by the prestigious Y Combinator incubator, and the company was born. The primary purpose of RescueTime is to provide individual users with detailed feedback on their behavior so they can find ways to be more productive. Because the tool is a web application, however, all this data is stored in central servers, which makes it possible to aggregate and analyze the time use habits of tens of thousands of users. After a few false starts, RescueTime got serious about getting these analyses right. In 2016 they hired a pair of full-time data scientists, who transformed the data into the right format to study trends and properly protect privacy, and then got to work trying to understand how these modern, productivity-minded knowledge workers were actually spending their time.


pages: 673 words: 164,804

Peer-to-Peer by Andy Oram

AltaVista, big-box store, c2.com, combinatorial explosion, commoditize, complexity theory, correlation coefficient, dark matter, Dennis Ritchie, fault tolerance, Free Software Foundation, Garrett Hardin, independent contractor, information retrieval, Kickstarter, Larry Wall, Marc Andreessen, moral hazard, Network effects, P = NP, P vs NP, p-value, packet switching, PalmPilot, peer-to-peer, peer-to-peer model, Ponzi scheme, power law, radical decentralization, rolodex, Ronald Coase, Search for Extraterrestrial Intelligence, semantic web, SETI@home, Silicon Valley, slashdot, statistical model, Tragedy of the Commons, UUNET, Vernor Vinge, web application, web of trust, Zimmermann PGP

Jon Udell (co-author of Chapter 18) demonstrated that one could even take data from one web site and pass it to another for further processing, in a web equivalent to the Unix pipeline. SOAP makes this process more explicit, turning web sites into peers that can provide more complex services than simple CGI forms to their users. The next generation of web applications won’t consist of single-point conversations between a single server and a single browser, but a multipoint conversation between cooperating programs. One of the key issues that comes up, once you start thinking about more complex interactions between sites on the Net, is that metadata management is critical.

The technique they use to work around the standards bottleneck is simple, being much the same as saying things like “the person whose personal mailbox is...” or “the company whose corporate homepage is...”. Being simple, it can (and should) be applied in other contexts where peer-to-peer and web applications want to query networked services for metadata. There’s no reason to use a different protocol when asking for a CD track list and when asking for metadata describing any other kind of thing. The basic protocol being used in CD metadata query is both simple and general: “tell me what you know about the resource whose CD checksum is some-huge-number”—a protocol reminiscent of the PICS label bureau protocol.

On the contrary, while MP3 CD rippers currently embed lots of descriptive information (track listings) right into the encoding, they omit the most crucial piece of data from a fan’s point of view: the CD and track identifiers. The simple unique identifier for a song on a CD, while only a tiny fragment of data, could allow both peer-to-peer and web applications to hook into a marketplace of descriptive services. How could MP3 services use this information? One application is to update the metadata inside MP3 files, either to correct errors or to add additional information. If we don’t know which CD an MP3 file was derived from, it becomes hard to know which MP3 files to update when we learn more about that CD.


pages: 132 words: 28,815

Ansible Configuration Management - Second Edition by Daniel Hall

cloud computing, Debian, pull request, web application

While effectively useless when used from the Ansible command line, it can be very handy when used inside a playbook. Generally, the pause module is used when we want the user to provide confirmation to continue, or if manual intervention is required at a particular point. For example, if we have just deployed a new version of a web application to a server, and we need to have the user check manually to make sure it looks okay before we configure them to receive production traffic, we can put a pause there. It is also handy to warn the user of a possible problem and give them the option of continuing. This will make Ansible print out the names of the servers and ask the user to press Enter to continue.


Beautiful Visualization by Julie Steele

barriers to entry, correlation does not imply causation, data acquisition, data science, database schema, Drosophila, en.wikipedia.org, epigenetics, global pandemic, Hans Rosling, index card, information retrieval, iterative process, linked data, Mercator projection, meta-analysis, natural language processing, Netflix Prize, no-fly zone, pattern recognition, peer-to-peer, performance metric, power law, QR code, recommendation engine, semantic web, social bookmarking, social distancing, social graph, sorting algorithm, Steve Jobs, the long tail, web application, wikimedia commons, Yochai Benkler

Wordle provides varied palettes, fonts, and layouts I believe that my efforts to simplify Wordle, and to emphasize pleasure over business, have been paid for many times over. Wordle has been used in ways I’d never anticipated, by far more people than I’d dared to expect. Some of Wordle’s success is due to the design of the web application itself, with its one-paste/one-click instant gratification. However, to the extent that the design of the Wordle visualization itself has contributed to its ubiquity, it might be worth looking at what Wordle is not before we examine in detail what it is and how it works. Anatomy of a Tag Cloud The typical tag cloud is organized around lines of text.[6] If one word on a line is larger than another, the smaller word will have a disproportionate amount of whitespace overhead, which can look awkward.

Look for trends and holes. Present fewer dimensions to make a point. Walk through dimensions clearly. Highlight critical points. Group points together to show trends and motion. These two perspectives are not completely disjoint, of course. Many interactive web applications allow users to explore a few dimensions, while still not exposing raw data. The tension between presentation and exploration suggests that designers need to consider the purpose of their visualizations. There are design trade-offs, not only for animation, but more generally. Types of Animation Some forms of animation are most suited to presentation, while others work well for exploration.


pages: 407 words: 103,501

The Digital Divide: Arguments for and Against Facebook, Google, Texting, and the Age of Social Netwo Rking by Mark Bauerlein

Alvin Toffler, Amazon Mechanical Turk, Andrew Keen, business cycle, centre right, citizen journalism, collaborative editing, computer age, computer vision, corporate governance, crowdsourcing, David Brooks, digital divide, disintermediation, folksonomy, Frederick Winslow Taylor, Future Shock, Hacker News, Herbert Marcuse, Howard Rheingold, invention of movable type, invention of the steam engine, invention of the telephone, Jaron Lanier, Jeff Bezos, jimmy wales, Kevin Kelly, knowledge worker, late fees, Lewis Mumford, Mark Zuckerberg, Marshall McLuhan, means of production, meta-analysis, moral panic, Network effects, new economy, Nicholas Carr, PageRank, PalmPilot, peer-to-peer, pets.com, radical decentralization, Results Only Work Environment, Saturday Night Live, scientific management, search engine result page, semantic web, Silicon Valley, slashdot, social graph, social web, software as a service, speech recognition, Steve Jobs, Stewart Brand, technology bubble, Ted Nelson, the long tail, the strength of weak ties, The Wisdom of Crowds, Thorstein Veblen, web application, Yochai Benkler

(The question is particularly urgent because the Web 2.0 meme has become so widespread that companies are now pasting it on as a marketing buzzword, with no real understanding of just what it means. The question is particularly difficult because many of those buzzword-addicted start–ups are definitely not Web 2.0, while some of the applications we identified as Web 2.0, like Napster and BitTorrent, are not even properly Web applications!) We began trying to tease out the principles that are demonstrated in one way or another by the success stories of Web 1.0 and by the most interesting of the new applications. 1 > the web as platform Like many important concepts, Web 2.0 doesn’t have a hard boundary, but rather, a gravitational core.

Much like the “horseless carriage” framed the automobile as an extension of the familiar, Netscape promoted a “webtop” to replace the desktop, and planned to populate that webtop with information updates and applets pushed to the webtop by information providers who would purchase Netscape servers. In the end, both Web browsers and Web servers turned out to be commodities, and value moved “up the stack” to services delivered over the Web platform. Google, by contrast, began its life as a native Web application, never sold or packaged, but delivered as a service, with customers paying, directly or indirectly, for the use of that service. None of the trappings of the old software industry are present. No scheduled software releases, just continuous improvement. No licensing or sale, just usage. No porting to different platforms so that customers can run the software on their own equipment, just a massively scalable collection of commodity PCs running open-source operating systems plus homegrown applications and utilities that no one outside the company ever gets to see.


pages: 117 words: 30,538

It Doesn't Have to Be Crazy at Work by Jason Fried, David Heinemeier Hansson

8-hour work day, Airbnb, Atul Gawande, Community Supported Agriculture, content marketing, David Heinemeier Hansson, Jeff Bezos, market design, remote work: asynchronous communication, remote working, Ruby on Rails, Silicon Valley, solopreneur, Stephen Hawking, web application

And when it comes to life, we’re all just trying to figure it out as we go. DAVID HEINEMEIER HANSSON is the cofounder of Basecamp and the New York Times bestselling coauthor of REWORK and REMOTE. He’s also the creator of the software toolkit Ruby on Rails, which has been used to launch and power Twitter, Shopify, GitHub, Airbnb, Square, and over a million other web applications. Originally from Denmark, he moved to Chicago in 2005 and now divides his time between the US and Spain with his wife and two sons. In his spare time, he enjoys 200-mph race cars in international competition, taking cliché pictures of sunsets and kids, and ranting far too much on Twitter. Discover great authors, exclusive offers, and more at hc.com.


pages: 468 words: 233,091

Founders at Work: Stories of Startups' Early Days by Jessica Livingston

"World Economic Forum" Davos, 8-hour work day, Aaron Swartz, affirmative action, AltaVista, Apple II, Apple Newton, Bear Stearns, Boeing 747, Brewster Kahle, business cycle, business process, Byte Shop, Compatible Time-Sharing System, Danny Hillis, David Heinemeier Hansson, digital rights, don't be evil, eat what you kill, fake news, fear of failure, financial independence, Firefox, full text search, game design, General Magic , Googley, Hacker News, HyperCard, illegal immigration, Internet Archive, Jeff Bezos, Joi Ito, Justin.tv, Larry Wall, Maui Hawaii, Max Levchin, Menlo Park, Mitch Kapor, Multics, nuclear winter, PalmPilot, Paul Buchheit, Paul Graham, Peter Thiel, proprietary trading, Richard Feynman, Robert Metcalfe, Ruby on Rails, Sam Altman, Sand Hill Road, side project, Silicon Valley, slashdot, social software, software patent, South of Market, San Francisco, Startup school, stealth mode startup, Steve Ballmer, Steve Jobs, Steve Jurvetson, Steve Wozniak, The Soul of a New Machine, web application, Y Combinator

I had visions of raising money and building something cool, but originally the idea for Pyra was around web-based project management, or collaboration, which was an area I had been interested in for a long time. The idea for Pyra was the personal and project information management system: to build projects for clients around their intranets and help them organize their work and personal information. It is a web application where you would put your stuff, things you are thinking about, things you had to do, things you wanted to share with other people. There is not exactly a corollary to it today, but it is along the same lines as Basecamp or Ta-da List (but more complicated). There are a lot of products that are about organizing your work and stuff.

We started talking to the few people we knew, but we just didn’t have any inroads for that. We wrote a business plan, I think. Evan Williams 113 The first year was entirely self-funded. It was just doing this work mostly for HP. HP basically funded Pyra for the first year, unbeknownst to them, because at the time you could charge a decent amount of money for doing pretty simple web application development. If one of us was working on that full-time, it would pay for three of us (not that we were paying ourselves much). We started working on things in November ’98. We technically started the company in January. Meg started full-time in February, and we hired our first employee, Paul Bausch, in May.

As we showed it to colleagues in the industry, we quickly realized that others had the same problem; there was not a lot of software available for small companies to manage projects. Microsoft Project and the other heavyweight approaches to this relied on critical path management and things that might work fine for a 200-person project on a construction site, but not well for 3 people trying to deliver a web application. So we started out just thinking, “This is going to help us solve our consultancy needs.” And as we got more feedback, we realized it was a good time to start thinking about how we could make this 37signals’s product. Livingston: Do you remember the moment? Heinemeier Hansson: It was more just a flow of the application coming together and the feedback we started to get from people we respected saying, “I want this too!”


pages: 123 words: 32,382

Grouped: How Small Groups of Friends Are the Key to Influence on the Social Web by Paul Adams

Airbnb, Cass Sunstein, cognitive dissonance, content marketing, David Brooks, Dunbar number, information retrieval, invention of the telegraph, Jeff Hawkins, mirror neurons, planetary scale, race to the bottom, Richard Thaler, sentiment analysis, social web, statistical model, the strength of weak ties, The Wisdom of Crowds, web application, white flight

People with higher education tended to have double the number of strong ties as those who didn’t finish high school.23 In their research on friendship, Spencer and Pahl found that some people have bounded relationships where friends are made at a particular life stage and new people remain acquaintances, while others have serial relationships where friends are replaced at each life stage. Others have evolving patterns, where new friends are added at each life stage, but some remain from previous life stages.1 * * * Quick Tips We need to keep lists of people, whether that’s in a social web application, or a customer marketing database, up to date. We need to know whether people still turn to the same people they did in the past, and whether their trusted sources have changed. * * * Summary We have unique relationships with everyone we know and these relationships heavily influence how we behave around others.


pages: 688 words: 107,867

Python Data Analytics: With Pandas, NumPy, and Matplotlib by Fabio Nelli

Amazon Web Services, backpropagation, centre right, computer vision, data science, Debian, deep learning, DevOps, functional programming, Google Earth, Guido van Rossum, Internet of things, optical character recognition, pattern recognition, sentiment analysis, speech recognition, statistical model, web application

In this section you will see how to use th e read_json() and to_json() functions to stay within the I/O API functions discussed in this chapter. But in the second part you will see another example in which you will have to deal with structured data in JSON format much more related to real cases. In my opinion, a useful online application for checking the JSON format is JSONViewer, available at http://jsonviewer.stack.hu/ . This web application, once you enter or copy data in JSON format, allows you to see if the format you entered is valid. Moreover it displays the tree structure so that you can better understand its structure (see Figure 5-4). Figure 5-4 JSONViewer Let’s begin with the more useful case, that is, when you have a dataframe and you need to convert it into a JSON file.

The position of the tick is adjusted by an object called a Locator while the formatting tick label is regulated by an object called a Formatter . Scripting Layer (pyplot) Artist classes and their related functions (the matplotlib API) are particularly suitable to all developers, especially for those who work on web application servers or develop the GUI. But for purposes of calculation, and in particular for the analysis and visualization of data, the scripting layer is best. This layer consists of an interface called pyplot. pylab and pyplot In general there is talk of pylab and pyplot. But what is the difference between these two packages?


pages: 353 words: 104,146

European Founders at Work by Pedro Gairifo Santos

business intelligence, clean tech, cloud computing, crowdsourcing, deal flow, do what you love, fail fast, fear of failure, full text search, Hacker News, hockey-stick growth, information retrieval, inventory management, iterative process, Jeff Bezos, Joi Ito, Lean Startup, Mark Zuckerberg, Multics, natural language processing, pattern recognition, pre–internet, recommendation engine, Richard Stallman, Salesforce, Silicon Valley, Skype, slashdot, SoftBank, Steve Jobs, Steve Wozniak, subscription business, technology bubble, TED Talk, web application, Y Combinator

So, I looked at the numbers for our third anniversary, which was last week or ten days ago, and we sold over $6.6 million of Mockups to over fifty thousand customers. And business is still growing. I got lucky. I don’t know what to tell you. It found this underserved niche that is growing, as well. More people are getting into user experience and have web sites and web applications or software that they’re building. So, somehow, I hit a sweet spot with the price and the feature list, and I guess we’re doing a good job. Santos: But when you launched, did you do a media campaign? Did you contact TechCrunch or whoever to get a lot of media attention? Guilizzoni: Yeah, I have a blog post about what I did.

I decided to suggest to my board that we should focus on that and build applications, and I thought there would have been a huge success or huge successes around Twitter, like there were around Facebook. The future proved me wrong, but that's how we felt at the time. We decided to change Seesmic's direction and started to build Twitter applications on the desktop, web, and mobile. For the last two years, we created iPhone, Android, Windows Phone 7.0 even, and desktop and web applications for Twitter. We reached a very good number of users, still today using it, but Twitter completely changed. It was heaven with Twitter. We were presenting our road map and everything that we were building to the whole Twitter company at lunch. I remember that moment very well. We had most of the Twitter team in front of us, helping us and telling us, “This is awesome.


pages: 398 words: 107,788

Coding Freedom: The Ethics and Aesthetics of Hacking by E. Gabriella Coleman

activist lawyer, Benjamin Mako Hill, commoditize, Computer Lib, crowdsourcing, Debian, disinformation, Donald Knuth, dumpster diving, Eben Moglen, en.wikipedia.org, financial independence, Free Software Foundation, Gabriella Coleman, ghettoisation, GnuPG, Hacker Conference 1984, Hacker Ethic, Hacker News, Herbert Marcuse, informal economy, information security, Jacob Appelbaum, Jaron Lanier, Jason Scott: textfiles.com, Jean Tirole, knowledge economy, laissez-faire capitalism, Larry Wall, Louis Pasteur, machine readable, means of production, Multics, Neal Stephenson, Paul Graham, peer-to-peer, pirate software, popular electronics, RFC: Request For Comment, Richard Stallman, rolodex, Ronald Reagan, Silicon Valley, Silicon Valley startup, slashdot, software patent, software studies, Steve Ballmer, Steven Levy, tacit knowledge, technological determinism, Ted Nelson, the Cathedral and the Bazaar, The Hackers Conference, the scientific method, The Soul of a New Machine, The Structural Transformation of the Public Sphere, web application, web of trust, Yochai Benkler

Alternatives to Capitalism: IMCs Also bearing a three-letter acronym, the IMC once represented the vibrant epicenter of a grassroots, people-based digital media journalism, whose mission and spirit could not be more antithetical to the goals of a corporate mammoth like IBM.11 A worldwide volunteer collective of loosely affiliated grassroots media Web sites and centers, IMC activists make and disseminate locally generated media using various Web applications and tools. Indymedia emerged out of historic struggles against corporate neoliberal globalism policies. In the mid- to late 1990s, opposition against corporate globalization began to take shape among various groups across the globe. Ya Basta!, the Direct Action Network, and the Zapatista National Liberation Army were notable players, while the World Trade Organization protests in the streets of Seattle on November 30, 1999, registered a potent, distilled version of this dissent in an area of the world where spectacular street demonstrations had been in extended hibernation.

The nonprofit organization he founded, Creative Commons, has developed licenses and Web tools that are used by individuals and organizations to “build an intellectual property conservancy.”15 The model he drew from, unsurprisingly, was the GNU GPL: Taking inspiration in part from the Free Software Foundation’s GNU General Public License (GNU GPL), Creative Commons has developed a Web application that helps people dedicate their creative works to the public domain—or retain their copyright while licensing them as free for certain uses, on certain conditions.16 While Lessig and Creative Commons may represent the most prominent of these liberal translations, there are many others. Bollier’s book Silent Theft (the title plays off Rachel Carson’s Silent Spring, which crystallized much thinking about the movement), for instance, contends that the establishment of a commons can limit the multinational plundering of knowledge and culture.


pages: 461 words: 106,027

Zero to Sold: How to Start, Run, and Sell a Bootstrapped Business by Arvid Kahl

business logic, business process, centre right, Chuck Templeton: OpenTable:, cognitive load, content marketing, continuous integration, coronavirus, COVID-19, crowdsourcing, domain-specific language, financial independence, functional programming, Google Chrome, hockey-stick growth, if you build it, they will come, information asymmetry, information retrieval, inventory management, Jeff Bezos, job automation, Kanban, Kubernetes, machine readable, minimum viable product, Network effects, performance metric, post-work, premature optimization, risk tolerance, Ruby on Rails, sentiment analysis, side hustle, Silicon Valley, single source of truth, software as a service, solopreneur, source of truth, statistical model, subscription business, sunk-cost fallacy, supply-chain management, the long tail, trickle-down economics, value engineering, web application

You may think of letting the customer quickly inform the hairdresser when this happens so they can reschedule. You may think of automatically rescheduling appointments when snowy days are expected. All of these solutions could probably make a meaningful impact on the lives of your customers. None of these solutions are products yet. They could become apps, services, processes, web applications, or just new ways to operate a business. You need to validate the solutions you find to choose the one that has maximum impact. Solution Validation Doesn’t Happen in a Vacuum: Talking to Your Future Customers Entrepreneurs are good at coming up with ideas. We envision solutions to the problems that trouble the audience we have chosen to help.

The schools chose to stick with their video provider. The problem now was the nature of evergreen browsers, automatically updating eventually. Instead the schools went for something that we didn't expect: they froze their teachers' browsers in time by having them teach through an Electron-based application. Using Electron is like shipping a web application packaged with a browser to run it. And with a package, they could stay in control of the update process, effectively freezing their teachers' Chrome version in a pre-2020 state forever. Problem solved for the Chinese Kid English companies. They now had to release updates both to their website and the teaching application that would load their site in that old browser version, but the Flash issue would have no impact.


pages: 514 words: 111,012

The Art of Monitoring by James Turnbull

Amazon Web Services, anti-pattern, business logic, cloud computing, continuous integration, correlation does not imply causation, Debian, DevOps, domain-specific language, failed state, functional programming, Kickstarter, Kubernetes, microservices, performance metric, pull request, Ruby on Rails, single source of truth, software as a service, source of truth, web application, WebSocket

To be more sophisticated we could also replace the regular expression lookups for web-tier-hosts and the others with lookups of an external data source from a configuration management tool like PuppetDB or service discovery tools like Zookeeper or Consul. Using this, and by modifying the regular expression, we could also match on events from a wide variety of applications. For example, we could create a generic set of three-tier web application checks by renaming our tornado namespace. (ns examplecom.app.webapps "Monitoring streams for Web Applications" . . . We can then update the stream inside our riemann.config to select events from multiple applications. (tagged-any ["tornado" "avalanche"] (webapps/checks)) The tagged-any stream will match on events that have any of the tags listed; here events with either the tornado or the avalanche tags will be sent to the application/checks function.


pages: 297 words: 35,674

Slide:ology: the art and science of creating great presentations by Nancy Duarte

An Inconvenient Truth, fear of failure, Isaac Newton, Menlo Park, Silicon Valley, Steve Jobs, telepresence, web application, work culture

Creating Diagrams 57 Making Diagrams Work Together Now that you’ve seen the building blocks for abstract and realistic concepts, you’ll look at how to build them into a complex concept. Complex concepts can be communicated by connecting more than one diagram type. In the Silicon Valley, there are many presenters who need to explain software structures, web applications, and other invisible concepts visually. On the facing page is a concept sketch of a data warehouse solution that the customer called a “marketecture” diagram. It needed to show how the products and process work together like a “system.” A system similar to the one shown is a good way to represent elaborate and complex relationships.


pages: 179 words: 42,006

Startup Weekend: How to Take a Company From Concept to Creation in 54 Hours by Marc Nager, Clint Nelsen, Franck Nouyrigat

Amazon Web Services, barriers to entry, business climate, fail fast, hockey-stick growth, invention of the steam engine, James Watt: steam engine, Mark Zuckerberg, minimum viable product, pattern recognition, Silicon Valley, TED Talk, transaction costs, web application, Y Combinator

Bhide, The Origin and Evolution of New Businesses (New York: Oxford University Press, 2003). S. Blank, The Four Steps to the Epiphany: Successful Strategies for Products that Win (San Mateo, CA: CafePress.com, 2005). J. Fried, Getting Real: The Smarter, Faster, Easier Way to Build a Successful Web Application (Chicago: 37signals, LLC., 2009). J. Fried, Rework (Chicago: 37signals, LLC., 2010). S. Godin, Linchpin: Are You Indispensable? (New York: Penguin Group, 2010). T. Hsieh, Delivering Happiness: A Path to Profits, Passion, and Purpose (New York: Hachette Book Group, 2010). G.


The Icon Handbook by Jon Hicks

augmented reality, Debian, Firefox, Google Chrome, Kickstarter, Skype, web application

If so, try monochrome icons. Do the icons still convey the same meaning? Or, if every navigation element has its own icon, try it with just the most important one, such as the shop or shopping basket, or perhaps the contact details or where to find us information. The design of 37 Signals’ Basecamp web application has been much copied, but one of the elements that its derivatives miss is its restraint with icons. The interface is not littered with icons — just key functions like delete, print and add. Summary Now that we’ve looked at all the ways in which icons can be used beyond simple adornment, we can move on to actually creating them… Chapter references International symbol, icon blunders can be avoided http://www.deseretnews.com/article/705370663/International-symbol-icon-blunders-can-be-avoided.html AIGA icons for the Department of Transport http://www.aiga.org/symbol-signs/ McDonald’s Nutrition Icons: http://www.translationdirectory.com/articles/article1387.php http://www.boxercreative.co.uk/our_work/McDonald’s_nutrition.html Skype http://www.telecompaper.com/news/skype-grows-fy-revenues-20-reaches-663-mln-users http://hicksdesign.co.uk/journal/new-skype-emoticons http://julianfrost.co.nz/things/skype-emoticons/ Chapter 3 Favicons Now we’ll start building up our icon skills, beginning with favicons.


pages: 138 words: 40,787

The Silent Intelligence: The Internet of Things by Daniel Kellmereit, Daniel Obodovski

Airbnb, Amazon Web Services, Any sufficiently advanced technology is indistinguishable from magic, autonomous vehicles, barriers to entry, business intelligence, call centre, Clayton Christensen, cloud computing, commoditize, connected car, crowdsourcing, data acquisition, driverless car, en.wikipedia.org, Erik Brynjolfsson, first square of the chessboard, first square of the chessboard / second half of the chessboard, Freestyle chess, Google X / Alphabet X, Internet of things, lifelogging, Metcalfe’s law, Network effects, Paul Graham, Ray Kurzweil, RFID, Robert Metcalfe, Salesforce, self-driving car, Silicon Valley, smart cities, smart grid, software as a service, Steve Jobs, The future is already here, the long tail, Tony Fadell, vertical integration, web application, Y Combinator, yield management

When BodyMedia started twelve years ago, there weren’t any wearable monitoring products. Most monitoring devices were either for performance athletes or for clinically sick people. There was nothing in the middle for those who just wanted to be fit and healthy. Ivo continues: We built hardware, software, and Web applications accessible from any Internet device. We had to build all these tools ourselves. We worked hard on creating a user interface that was easy to understand without overwhelming people with data. Our device has five body sensors: a three-axis accelerometer to detect movement, activity, and orientation; skin temperature; body heat flux; galvanic skin conductivity response; and near-body ambience.


pages: 280 words: 40,881

JQuery UI by Eric Sarrion

Chuck Templeton: OpenTable:, Firefox, Ruby on Rails, web application

"div#books img[isSelected=true]" : "div#books img.ui-selected"; $(selector).each (function (index) { $(this).css ({ position : "relative", top : ui.helper.css ("top"), left : ui.helper.css ("left") }); }); }, stop : function (event) { $("div#books").selectable ("enable"); } }); }, unselected : function (event, ui) { ui.unselected.isSelected = false; $(ui.unselected).draggable ("destroy"); } }); </script> Figure 11-9. Three books are placed in the cart simultaneously Chapter 12. Permutation of Elements in the Page Moving items to insert them elsewhere in the page has become indispensable in current web applications. Users move elements visually by dragging with the mouse, and the system automatically inserts the moved items. Here, everything is handled internally by jQuery UI, which provides us the mechanism that implements this functionality. Here we call this operation a permutation, because the moved element leaves its place, while the destination (the location where the element is deposited) expands to allow the insertion of the new element.


pages: 133 words: 42,254

Big Data Analytics: Turning Big Data Into Big Money by Frank J. Ohlhorst

algorithmic trading, bioinformatics, business intelligence, business logic, business process, call centre, cloud computing, create, read, update, delete, data acquisition, data science, DevOps, extractivism, fault tolerance, information security, Large Hadron Collider, linked data, machine readable, natural language processing, Network effects, pattern recognition, performance metric, personalized medicine, RFID, sentiment analysis, six sigma, smart meter, statistical model, supply-chain management, warehouse automation, Watson beat the top human players on Jeopardy!, web application

It should also make use of the new integration targets, at least from a development perspective. Consequently, there are specific characteristics and features that a Big Data platform should offer to work effectively with Big Data analytics processes: Support for batch and real-time analytics. Most of the existing platforms for processing data were designed for handling transactional Web applications and have little support for business analytics applications. That situation has driven Hadoop to become the de facto standard for handling batch processing. However, real-time analytics is altogether different, requiring something more than Hadoop can offer. An event-processing framework needs to be in place as well.


pages: 587 words: 117,894

Cybersecurity: What Everyone Needs to Know by P. W. Singer, Allan Friedman

4chan, A Declaration of the Independence of Cyberspace, air gap, Apple's 1984 Super Bowl advert, barriers to entry, Berlin Wall, bitcoin, blood diamond, borderless world, Brian Krebs, business continuity plan, Chelsea Manning, cloud computing, cognitive load, crowdsourcing, cuban missile crisis, data acquisition, do-ocracy, Dr. Strangelove, drone strike, Edward Snowden, energy security, failed state, fake news, Fall of the Berlin Wall, fault tolerance, Free Software Foundation, global supply chain, Google Earth, information security, Internet of things, invention of the telegraph, John Markoff, John Perry Barlow, Julian Assange, Khan Academy, M-Pesa, military-industrial complex, MITM: man-in-the-middle, mutually assured destruction, Network effects, packet switching, Peace of Westphalia, pre–internet, profit motive, RAND corporation, ransomware, RFC: Request For Comment, risk tolerance, rolodex, Seymour Hersh, Silicon Valley, Skype, smart grid, SQL injection, Steve Jobs, Stuxnet, Twitter Arab Spring, uranium enrichment, vertical integration, We are Anonymous. We are Legion, web application, WikiLeaks, Yochai Benkler, zero day, zero-sum game

A key is that most computer systems treat data as both information to be processed and commands to be executed. This principle is foundational to the very idea of the modern computer, but also a major source of insecurity. A good illustration is a SQL (pronounced “sequel”) injection, one of the most common ways a website is attacked. Many web applications are built on Structured Query Language (SQL), a type of programming language used to manage data. It’s a highly effective system that dates back to the 1970s. But an attacker, instead of entering a name and address as requested, can enter specifically crafted commands that the database will read and interpret as program code, rather than just data to be stored.

It not only minimizes risk, in case your password was already compromised, but it minimizes the likelihood that an irresponsible user has used his work password to, say, buy shoes, and now that password is compromised. At the very least, your e-mail passwords should be strong and unique, since many web applications allow you to reset many account details by e-mail. You may also want to consider a “password manager.” This application generates random, secure passwords for all the sites you need, and enters them automatically. Modern password manager applications work across platforms and devices, requiring you to only have to remember one password for the tool itself—just make sure that’s a good one!


pages: 779 words: 116,439

Test-Driven Development With Python by Harry J. W. Percival

business logic, continuous integration, database schema, Debian, DevOps, don't repeat yourself, duck typing, Firefox, loose coupling, MVC pattern, off-by-one error, platform as a service, pull request, web application, WebSocket

Harry does a fantastic job of holding our attention whilst exploring real world testing practices.” — Michael Foord Python Core Developer and Maintainer of unittest “This book is far more than an introduction to Test Driven Development—it’s a complete best-practices crash course, from start to finish, into modern web application development with Python. Every web developer needs this book.” — Kenneth Reitz Fellow at Python Software Foundation “Harry’s book is what we wish existed when we were learning Django. At a pace that’s achievable and yet delightfully challenging, it provides excellent instruction for Django and various test practices.

And finally thanks to you, the latest reader, for deciding to check out the book! I hope you enjoy it. xxviii | Acknowledgments www.it-ebooks.info PART I The Basics of TDD and Django In this first part, I’m going to introduce the basics of Test-Driven Development (TDD). We’ll build a real web application from scratch, writing tests first at every stage. We’ll cover functional testing with Selenium, as well as unit testing, and see the differ‐ ence between the two. I’ll introduce the TDD workflow, what I call the unit-test/code cycle. We’ll also do some refactoring, and see how that fits with TDD.


pages: 273 words: 46,214

JavaScript: the good parts by Douglas Crockford

functional programming, Ken Thompson, web application

}, { "first": "Harry", "middle": "Moses", "last": "Howard", "nick-name": "Moe", "born": 1897, "died": 1975, "quote": "Why, you!" }, { "first": "Louis", "last": "Feinberg", "nick-name": "Larry", "born": 1902, "died": 1975, "quote": "I'm sorry. Moe, it was an accident!" } ] E.2. Using JSON Securely JSON is particularly easy to use in web applications because JSON is JavaScript. A JSON text can be turned into a useful data structure with the eval function: var myData = eval('(' + myJSONText + ')'); (The concatenation of the parentheses around the JSON text is a workaround for an ambiguity in JavaScript's grammar.) The eval function has horrendous security problems, however.


Nagios: System and Network Monitoring by Wolfgang Barth

Chuck Templeton: OpenTable:, Debian, en.wikipedia.org, Firefox, RFC: Request For Comment, web application

If a simple connection to the utility cannot be established and a constant value (version number, system name) cannot be queried, you can still use a generic plugin to address the corresponding port. Another example of using service dependencies are the applications that depend on a database: a Web application with dynamic Web pages fails if the underlying database (which may be located somewhere in the network on another host) is not working. A precisely defined dependency between the database service and 237 12 The Nagios Notification System dynamic Web application also ensures here that the administrator is notified of the actual cause. 12.6.2 Only in exceptional cases: host dependencies Host dependencies function in principle exactly like service dependencies; the hostdependency object is also capable of suppressing messages.


pages: 458 words: 135,206

CTOs at Work by Scott Donaldson, Stanley Siegel, Gary Donaldson

Amazon Web Services, Andy Carvin, bioinformatics, business intelligence, business process, call centre, centre right, cloud computing, computer vision, connected car, crowdsourcing, data acquisition, distributed generation, do what you love, domain-specific language, functional programming, glass ceiling, Hacker News, hype cycle, Neil Armstrong, orbital mechanics / astrodynamics, pattern recognition, Pluto: dwarf planet, QR code, Richard Feynman, Ruby on Rails, Salesforce, shareholder value, Silicon Valley, Skype, smart grid, smart meter, software patent, systems thinking, thinkpad, web application, zero day, zero-sum game

Cherches, Loveland, Mosca and Natoli Mind Over Machines Dmitry Cherches Cherches is Chief Technology Officer at Mind Over Machines. His 15+ years in IT have been largely focused on the development of high-transaction databases and e-commerce applications, high-availability servers and storage solutions, and multi-lingual Web applications. For more than a decade, he has been responsible for setting the technology vision for Mind Over Machines. Under his direction, the company has increased its depth of expertise and certifications in web programming languages, tools and technology platforms. A native of Belarus, Russia and one-time aspiring professional swimmer on the Junior Olympic team, Dmitry was disassembling mainframe computers and creating DOS-based games as a child.

Ballard: Multiple different kinds. I'm really into it. I think of it as eclectic computing. I will routinely use relational databases, mixed platforms. For example, right now we've got SQL server and MySQL in regular use. MongoDB is a personal favorite because it really embraces the reality of web application development, where JavaScript and JSON are data models on the browser, so why not keep that data model end-to-end? I use full text indexes as databases routinely. So, products like Xapien from the open-source community work really well. Plain old tab-delimited text files are a really good database technology when you're doing set processing.


pages: 470 words: 128,328

Reality Is Broken: Why Games Make Us Better and How They Can Change the World by Jane McGonigal

Abraham Maslow, airport security, Albert Einstein, Amazon Mechanical Turk, Anthropocene, citizen journalism, clean water, collaborative economy, crowdsourcing, delayed gratification, en.wikipedia.org, fear of failure, G4S, game design, hedonic treadmill, hobby farmer, Ian Bogost, jimmy wales, mass immigration, Merlin Mann, Network effects, new economy, oil shock, peak oil, planetary scale, Ralph Waldo Emerson, Richard Stallman, science of happiness, Search for Extraterrestrial Intelligence, SETI@home, Silicon Valley, SimCity, smart meter, Stewart Brand, The Wisdom of Crowds, Tony Hsieh, Tragedy of the Commons, urban planning, We are as Gods, web application, Whole Earth Catalog

I published the rule set on my blog, and I gave it the more general name SuperBetter (after all, most people probably don’t dream of being like Buffy the Vampire Slayer).9 I suggested that people use the hashtag “#SuperBetter” for their own videos, blog posts, and Twitter updates, in case they wanted to find each other online. (A hashtag is a way to easily add context to your online content, and to find other people talking about the same topic.) And that was it. I didn’t build a Web application, or develop an automated scoring system, or even set up a social network for playing the game. A game doesn’t have to be a computer program. It can simply be like chess or hide-and-seek: a set of rules that one player can pass on to another. An alternate reality game can be as simple as a good idea, a fresh way of looking at a problem.

It should have arrived in your inbox a little while ago. When you said that during your speech, I thought, “Why shouldn’t she be able to get a +1 in public speaking?!” and built plusoneme.com. Great talk. Check out what you inspired. I followed the link, and sure enough, there was a perfect little Web application dedicated to giving and tracking stats in an array of thirty-seven different personal strengths: creativity, generosity, speed, fashion, listening, and backbone, for example. It was definitely a broader and more diverse set of stats than I’d even seen in a role-playing game. For every plus-one you send, you can also attach a reason: “+1 backbone for sticking up for our idea in the meeting,” for example, or “+1 endurance for getting through the long drive home tonight.”


pages: 458 words: 46,761

Essential Sqlalchemy by Jason Myers, Rick Copeland

create, read, update, delete, database schema, microservices, Ruby on Rails, side project, SQL injection, web application

Now we can print a list of the ingredient names, as shown here: dcc.ingredient_names And we will get the following output: ['Egg', 'Flour', 'Oil', 'Sugar', 'Dark Chocolate Chips'] This enabled us to quickly handle existing and new ingredients when we added them to our cookie, and the resulting output was just what we desired. Association proxies have lots of other uses, too; you can learn more in the association proxy documentation. Integrating SQLAlchemy with Flask It’s common to see SQLAlchemy used with a Flask web application. The creator of Flask has also created a Flask-SQLalchemy package to make this integration easy. Using Flask-SQLalchemy will provide preconfigured scoped sessions that are tied to the page life cycle of your Flask application. You can install Flask-SQLalchemy with pip as shown here: # pip install flask-sqlalchemy When using Flask-SQLalchemy, I highly recommend you use the app factory pattern, which is not what is shown in the quick start section of the Flask-SQLalchemy documentation.


pages: 244 words: 20,327

Structuring Backbone Code With RequireJS and Marionette Modules by David Sulc

en.wikipedia.org, MVC pattern, web application

Keeping the URL up to date also enables the browser’s “back” and “forward” buttons to function properly. It’s very important to differentiate triggering routing events from updating the URL. In traditional web frameworks, actions are triggered by hitting their corresponding URLs. This isn’t true for javascript web applications: our ContactManager has been working just fine (even “changing pages”) without ever caring about the current URL. And now that we have a basic app functioning as we want it to, we’ll add in a router to manage the URL-related functionality. Our router will only get triggered by the first URL it recognizes, resulting in our app getting “initialized” to the correct state (i.e. showing the proper data in the proper views).


pages: 1,201 words: 233,519

Coders at Work by Peter Seibel

Ada Lovelace, Bill Atkinson, bioinformatics, Bletchley Park, Charles Babbage, cloud computing, Compatible Time-Sharing System, Conway's Game of Life, Dennis Ritchie, domain-specific language, don't repeat yourself, Donald Knuth, fallacies of distributed computing, fault tolerance, Fermat's Last Theorem, Firefox, Free Software Foundation, functional programming, George Gilder, glass ceiling, Guido van Rossum, history of Unix, HyperCard, industrial research laboratory, information retrieval, Ken Thompson, L Peter Deutsch, Larry Wall, loose coupling, Marc Andreessen, Menlo Park, Metcalfe's law, Multics, no silver bullet, Perl 6, premature optimization, publish or perish, random walk, revision control, Richard Stallman, rolodex, Ruby on Rails, Saturday Night Live, side project, slashdot, speech recognition, systems thinking, the scientific method, Therac-25, Turing complete, Turing machine, Turing test, type inference, Valgrind, web application

While mathematics has always been closely associated with computers and programming, I wonder if once you're talking about developing things like web frameworks or a web application on top of a framework, if it requires skills more related to writing. Bloch: Yes—earlier you mentioned that there were two distinct communities of Java programmers. The need for math is much greater in the community that writes libraries, compilers, and frameworks. If you write web applications on top of frameworks, you have to understand communication, both verbal and visual. I get infuriated at web sites when they drive me to do the wrong thing.

But someone today couldn't take the same path that I took because that path doesn't even exist anymore. Ten years ago I would have said absolutely the first thing you have to do is learn assembly language. You have to learn how the machine actually works. Does that matter any more? I don't even know. Maybe it does. But possibly not. If the way software is going to be ten years from now is all web applications or a piece of distributed code in some rented computing cluster that's moving around between a dozen different Google servers and spawning other copies of itself and then merging back together once it's got results, does anyone need to know assembly language any more? Is that so abstracted away that it doesn't matter?


pages: 1,758 words: 342,766

Code Complete (Developer Best Practices) by Steve McConnell

Ada Lovelace, Albert Einstein, Buckminster Fuller, business logic, call centre, classic study, continuous integration, data acquisition, database schema, don't repeat yourself, Donald Knuth, fault tolerance, General Magic , global macro, Grace Hopper, haute cuisine, if you see hoof prints, think horses—not zebras, index card, inventory management, iterative process, Larry Wall, loose coupling, Menlo Park, no silver bullet, off-by-one error, Perl 6, place-making, premature optimization, revision control, Sapir-Whorf hypothesis, seminal paper, slashdot, sorting algorithm, SQL injection, statistical model, Tacoma Narrows Bridge, the Cathedral and the Bazaar, the scientific method, Thomas Kuhn: the structure of scientific revolutions, Turing machine, web application

Java was designed to run on any platform by converting Java source code to byte code, which is then run in each platform within an environment known as a virtual machine. Java is in widespread use for programming Web applications. JavaScript JavaScript is an interpreted scripting language that is loosely related to Java. It is used primarily for client-side programming such as adding simple functions and online applications to Web pages. Perl Perl is a string-handling language that is based on C and several UNIX utilities. Perl is often used for system administration tasks, such as creating build scripts, as well as for report generation and processing. It's also used to create Web applications such as Slashdot. The acronym "Perl" stands for Practical Extraction and Report Language.

It can be embedded in Web pages to access and present database information. The acronym "PHP" originally stood for Personal Home Page but now stands for PHP: Hypertext Processor. Python Python is an interpreted, interactive, object-oriented language that runs in numerous environments. It is used most commonly for writing scripts and small Web applications and also contains some support for creating larger programs. SQL SQL is the de facto standard language for querying, updating, and managing relational databases. "SQL" stands for Structured Query Language. Unlike other languages listed in this section, SQL is a "declarative language," meaning that it does not define a sequence of operations, but rather the result of some operations.

Boston, MA: Addison-Wesley, 2002. This book covers software performance engineering, an approach for building performance into software systems at all stages of development. It makes extensive use of examples and case studies for several kinds of programs. It includes specific recommendations for Web applications and pays special attention to scalability. cc2e.com/2592 Newcomer, Joseph M. "Optimization: Your Worst Enemy." May 2000, http://www.flounder.com/optimization.htm. Newcomer is an experienced systems programmer who describes the various pitfalls of ineffective optimization strategies in graphic detail.


pages: 153 words: 52,175

Bit Literacy: Productivity in the Age of Information and E-mail Overload by Mark Hurst

en.wikipedia.org, Firefox, Google Earth, mail merge, off-the-grid, pre–internet, profit motive, social bookmarking, social software, software patent, web application

There’s no “iLetter” application that organizes personal letters. The file has to live somewhere; there must be some catch-all place to store files that aren’t managed by another application. There is such a catch-all: the file system, the application that stores and organizes all types of files. Every computer has one—Mac, Windows, and Linux—and some Web applications offer “online file systems” that allow users to store and organize files online. Even applications like iPhoto and iTunes use the computer’s file system, behind the scenes, to organize the user’s files; they just show the files in a prettier format than the file system would. It’s like getting laundry done at a luxury hotel.


pages: 220

Startupland: How Three Guys Risked Everything to Turn an Idea Into a Global Business by Mikkel Svane, Carlye Adler

Airbnb, Ben Horowitz, Benchmark Capital, Burning Man, business process, call centre, Chuck Templeton: OpenTable:, cloud computing, credit crunch, David Heinemeier Hansson, Elon Musk, fail fast, housing crisis, Jeff Bezos, Kickstarter, Marc Benioff, Menlo Park, remote working, Ruby on Rails, Salesforce, Sand Hill Road, Silicon Valley, Silicon Valley startup, Skype, software as a service, South of Market, San Francisco, Steve Jobs, subscription business, Tesla Model S, web application

As mentioned earlier, it’s ironic that one of its key people, Danish programmer David Heinemeier Hansson, had been let go at Caput. (It was assuredly not one of the most joyful times of his career; he had started working for us right before the issues and the problems.) Although we couldn’t keep him, we knew he was incredibly talented, and it was exhilarating to see him create Ruby on Rails as a free web application framework and use it to create 37signals’ first product, Basecamp (now the company name)—transforming the company from a web design firm to a software company. 37signals was almost like a religion; it established a new school focused on placing user experience above fussy features. We were disciples of this school and followed the company with great interest.


pages: 312 words: 52,762

Gray Hat Python: Python Programming for Hackers and Reverse Engineers by Justin Seitz

Firefox, information security, web application

Bug Classes When analyzing a software application for faults, a hacker or reverse engineer is looking for particular bugs that will enable him to take control of code execution within that application. Fuzzers can provide an automated way of finding bugs that assist a hacker in taking control of the host system, escalating privileges, or stealing information that the application has access to, whether the target application operates as an independent process or as a web application that uses a scripting language. We are going to focus on bugs that are typically found in software that runs as an independent process on the host operating system and are most likely to result in a successful host compromise. Buffer Overflows Buffer overflows are the most common type of software vulnerability.


pages: 271 words: 52,814

Blockchain: Blueprint for a New Economy by Melanie Swan

23andMe, Airbnb, altcoin, Amazon Web Services, asset allocation, banking crisis, basic income, bioinformatics, bitcoin, blockchain, capital controls, cellular automata, central bank independence, clean water, cloud computing, collaborative editing, Conway's Game of Life, crowdsourcing, cryptocurrency, data science, digital divide, disintermediation, Dogecoin, Edward Snowden, en.wikipedia.org, Ethereum, ethereum blockchain, fault tolerance, fiat currency, financial innovation, Firefox, friendly AI, Hernando de Soto, information security, intangible asset, Internet Archive, Internet of things, Khan Academy, Kickstarter, Large Hadron Collider, lifelogging, litecoin, Lyft, M-Pesa, microbiome, Neal Stephenson, Network effects, new economy, operational security, peer-to-peer, peer-to-peer lending, peer-to-peer model, personalized medicine, post scarcity, power law, prediction markets, QR code, ride hailing / ride sharing, Satoshi Nakamoto, Search for Extraterrestrial Intelligence, SETI@home, sharing economy, Skype, smart cities, smart contracts, smart grid, Snow Crash, software as a service, synthetic biology, technological singularity, the long tail, Turing complete, uber lyft, unbanked and underbanked, underbanked, Vitalik Buterin, Wayback Machine, web application, WikiLeaks

Individuals or companies engage in mining in exchange for transaction fees and newly created Bitcoins. Besides mining, Bitcoins can, like any currency, be obtained in exchange for fiat money, products, and services. Users can send and receive Bitcoins electronically for an optional transaction fee using wallet software on a personal computer, mobile device, or web application. What Is the Blockchain? The blockchain is the public ledger of all Bitcoin transactions that have ever been executed. It is constantly growing as miners add new blocks to it (every 10 minutes) to record the most recent transactions. The blocks are added to the blockchain in a linear, chronological order.


Multitool Linux: Practical Uses for Open Source Software by Michael Schwarz, Jeremy Anderson, Peter Curtis

business process, Debian, defense in depth, Free Software Foundation, GnuPG, index card, indoor plumbing, Larry Ellison, Larry Wall, MITM: man-in-the-middle, optical character recognition, PalmPilot, publish or perish, RFC: Request For Comment, Richard Stallman, seminal paper, SETI@home, slashdot, the Cathedral and the Bazaar, two and twenty, web application

Did you ever as a kid take two soup cans and a length of string and make a telephone? We're going to show how to do that as an adult. But this time, it's digital! I recently bought myself a preloaded Linux laptop. I hadn't owned a laptop before, I had never had need of one. Because I was getting back into consulting following a stint as an employee on the Web applications design team that still employs two of my co-authors, I knew I would often be unable to control my desktop. Given this, I wanted the laptop so I could have Linux with me, whatever level of control was maintained over the client-provided computers. It has served me well. With a 10/100 ethernet card and a basic Linux laptop, I was always able to have my Linux, even when I was not allowed to install it on my desktop.

Resources PHP PHP is a powerful scripting language, as you can well imagine. It works on Unix and Win32 Web servers and provides massive connectivity features. It's also very well documented. Online manuals: http://www.php.net/docs.php Several books are also out there on PHP, including Web applications: · Development with PHP 4.0, by Tobias Ratschiller and Till Gerken · Professional PHP Programming, by Jesus Castagnetto, Harish Rawat, Sascha Schumann, Chris Scollo, and Deepak Veliath Apache Apache is also, as you can see, a powerful Web server that supports a multitude of options.


Programming Android by Zigurd Mednieks, Laird Dornin, G. Blake Meike, Masumi Nakamura

anti-pattern, business process, conceptual framework, create, read, update, delete, database schema, Debian, domain-specific language, en.wikipedia.org, fault tolerance, general purpose technology, Google Earth, interchangeable parts, iterative process, loose coupling, MVC pattern, revision control, RFID, SQL injection, systems thinking, web application

You can use multiple workspaces to separate projects that target different platforms, and that may use markedly different environments—for example, Rails projects and Android projects. You can use multiple workspaces to run more than one instance of Eclipse. Suppose you have Eclipse-based tools for some web application framework that are not compatible with the version of Eclipse you are using for Android development. By using a separate workspace for Android development, you can maintain separate state and even run both Eclipse versions at the same time. Java Environments Three distinct Java environments are used in Java software development in Eclipse.

To reiterate, a project, as introduced in Projects, is a workspace devoted to producing a single deployable artifact. In the wider world of Java, that artifact might be no more than a library (a .jar file that cannot be run by itself but that implements some specific functionality). It might, on the other hand, be a deployable web application or a double-clickable desktop application. In the Android space, the artifact is most likely to be a single runnable service: a ContentProvider, a Service, or an Activity. A content provider that is used by a single activity certainly might start its life as a part of the activity project. As soon as a second activity needs to use it, though, it is time to consider refactoring it into its own project.


pages: 478 words: 149,810

We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency by Parmy Olson

4chan, Asperger Syndrome, bitcoin, call centre, Chelsea Manning, corporate governance, crowdsourcing, disinformation, Firefox, Gabriella Coleman, hive mind, it's over 9,000, Julian Assange, lolcat, Minecraft, MITM: man-in-the-middle, Occupy movement, off-the-grid, peer-to-peer, pirate software, side project, Skype, speech recognition, SQL injection, Stephen Hawking, Stuxnet, We are Anonymous. We are Legion, We are the 99%, web application, WikiLeaks, zero day

Details about the technical impact of Anonymous DDoS attacks on Scientology’s website come from research by Arbor Networks, along with court documents related to Brian Mettenbrink’s case; these documents provide, among other things, the date when Scientology hired Prolexic Technologies. Details on LOIC come from numerous online articles about the Web application, screenshots of the interface, news reports from tech site Gizmodo, and research from the IT security firm Imperva. Details on Praetox come from the programmer’s own website, http://ptech.50webs.com/, which appears to have been created in 2007 but was abandoned around 2009 or 2010. The emergence of NewEraCracker as another programmer to develop LOIC comes from details on GitHub, a Web-based hosting service for software projects.

Each IRC network attracts communities who share a common interest, such as the AnonOps IRC, which attracts those interested in Anonymous. Network and channel “operators” moderate the discussions on these networks; such roles are seen as an indicator of high social status. LOIC (low orbit ion cannon): Originally created as a stress-testing tool for servers, this open-source Web application has become popular among supporters of Anonymous as a digital weapon that, if used by enough people, can be used to carry out a DDoS attack on a website. Lulz: An alteration of the abbreviation LOL (laugh out loud), this term is thought to have first appeared on an Internet Relay Chat network in 2003 in reaction to something funny.


pages: 960 words: 140,978

Android Cookbook by Ian F. Darwin

crowdsourcing, Debian, en.wikipedia.org, Firefox, full text search, openstreetmap, QR code, social software, web application

Look at where we use the requestFocus() method of the View class. Since the EditText widget is derived from the View class, this method is applicable to it. This is done so that when our application loads the Total Amount text field will receive focus and the cursor will be placed in it. This is similar to popular web application login screens where the cursor is present in the username text field. Now look at where the Calculate button is disabled by calling the setEnabled(boolean enabled) method on the Button widget. This is done so that the user cannot click on it before entering values in the required fields. If we allowed the user to click Calculate without entering values in the Total Amount and No. of People fields, we would have to write validation code to catch these conditions.

Paging is where all the information requested by a user cannot feasibly be shown at once. For instance, the user may be browsing his email inbox, which contains 2,000 emails; it would not be feasible to download all 2,000 messages from the email server. Nor would it be required, as the user will probably only scan the first 10 or so entries. Most web applications handle this problem by segmenting the results into pages, and having controls at the footer to allow the user to navigate through these pages. With a ListView, the application can retrieve an initial batch of the first results, which are shown to the user in a list. When the user reaches the end of the list, a final row is seen, containing an indeterminate progress bar.


Version Control With Git: Powerful Tools and Techniques for Collaborative Software Development by Jon Loeliger, Matthew McCullough

continuous integration, Debian, distributed revision control, GnuPG, Larry Wall, peer-to-peer, peer-to-peer model, pull request, revision control, Snow Crash, web application, web of trust

Teams are a grouping mechanism for users that associates with a certain permission level and a set of repositories. The three permission levels are pull only, pull+push, and pull+push+administration as shown in Figure 21-36. Figure 21-36. Organization permissions REST API Having a web application is a great starting point, but GitHub has a rich community of developers that are eager to use true services, not just page scraping, to build the next layer of useful features. To facilitate the community construction of supporting tools, GitHub has built a full Application Programming Interface (API).

GitHub Enterprise in VirtualBox GitHub in Sum Git is a developer tool that has shaken the very foundations of CVS, SVN, Perforce, and ClearCase installations by showing that high performance, collaborative, and distributed version control can be found in an open source solution. Offset by only a short delay from Git’s own development, GitHub has equally shown that a sharp web application can reduce tool burden, facilitate quicker fixes, allow a greater number of contributors to further a project, and most importantly, turn the act of coding into a truly social activity. Index A note on the digital index A link in an index entry is displayed as the section title in which that entry appears.


Mastering Blockchain, Second Edition by Imran Bashir

3D printing, altcoin, augmented reality, autonomous vehicles, bitcoin, blockchain, business logic, business process, carbon footprint, centralized clearinghouse, cloud computing, connected car, cryptocurrency, data acquisition, Debian, disintermediation, disruptive innovation, distributed ledger, Dogecoin, domain-specific language, en.wikipedia.org, Ethereum, ethereum blockchain, fault tolerance, fiat currency, Firefox, full stack developer, general-purpose programming language, gravity well, information security, initial coin offering, interest rate swap, Internet of things, litecoin, loose coupling, machine readable, MITM: man-in-the-middle, MVC pattern, Network effects, new economy, node package manager, Oculus Rift, peer-to-peer, platform as a service, prediction markets, QR code, RAND corporation, Real Time Gross Settlement, reversible computing, RFC: Request For Comment, RFID, ride hailing / ride sharing, Satoshi Nakamoto, seminal paper, single page application, smart cities, smart contracts, smart grid, smart meter, supply-chain management, transaction costs, Turing complete, Turing machine, Vitalik Buterin, web application, x509 certificate

The application model Any blockchain application for Hyperledger Fabric follows the MVC-B architecture. This is based on the popular MVC design pattern. Components in this model are Model, View, Control, and Blockchain: View logic: This is concerned with the user interface. It can be a desktop, web application, or mobile frontend. Control logic: This is the orchestrator between the user interface, data model, and APIs. Data model: This model is used to manage the off-chain data. Blockchain logic: This is used to manage the blockchain via the controller and the data model via transactions. The IBM cloud service offers sample applications for blockchain under its blockchain as a service offering.

Medical records will be shared securely while preserving the privacy of patients between various private blockchains run by consortia of health providers. It may well be a single private blockchain shared among all service providers including pharmacies, hospitals, and clinics. Elections will be held via decentralized web applications with a backend of blockchains transparently and securely. Financial institutions will be running many private blockchains to share data between participants and for internal processes. Financial institutions will be making use of semiprivate blockchains that will provide identity information for AML and KYC functions and will be shared between many or all of the financial institutions around the world.


Data Wrangling With Python: Tips and Tools to Make Your Life Easier by Jacqueline Kazil

Amazon Web Services, bash_history, business logic, cloud computing, correlation coefficient, crowdsourcing, data acquisition, data science, database schema, Debian, en.wikipedia.org, Fairphone, Firefox, Global Witness, Google Chrome, Hacker News, job automation, machine readable, Nate Silver, natural language processing, pull request, Ronald Reagan, Ruby on Rails, selection bias, social web, statistical model, web application, WikiLeaks

Logging and monitoring If you have distributed machines or you are integrating your script into your com‐ pany or university’s Python-based server environment, you may want to have robust monitoring of not just Python, but the entire system. There are many services that offer monitoring for system load database traffic, and web applications, as well as automated tasks. One of the most popular services used for this is New Relic, which can watch your servers and system processes as well as web applications. Using MongoDB and AWS? Or MySQL and Apache? New Relic plug-ins allow you to easily integrate logging for your services into the same dashboards you are using for monitoring server and application health. In addition, they offer a Python agent so you can easily log your Python application (or script) into the same ecosystem.


Learning Ansible 2 - Second Edition by Fabio Alessandro Locati

Amazon Web Services, anti-pattern, business logic, cloud computing, continuous integration, Debian, DevOps, don't repeat yourself, Infrastructure as a Service, inventory management, Kickstarter, revision control, source of truth, web application

First of all, I always create three files in the root folder: • ansible.cfg: A small configuration file to explain to Ansible where to find the files in our folder structure • hosts: The hosts file we have already seen in the previous chapters • master.yaml: A playbook that aligns the whole infrastructure In addition to those three files, I create two folders: • playbooks: This will contain the playbooks and a folder called groups for groups management • roles: This will contain all the roles we need To clarify this, let's use the Linux tree command to see the structure of an Ansible repository for a simple web application needing web servers and database servers: ansible.cfg hosts master.yaml playbooks firstrun.yaml groups database.yaml webserver.yaml roles common database webserver As you can see, I've added a common role as well. This is very useful for putting in all the things that should be performed for every server.


pages: 209 words: 54,638

Team Geek by Brian W. Fitzpatrick, Ben Collins-Sussman

anti-pattern, barriers to entry, cognitive dissonance, Dean Kamen, do what you love, en.wikipedia.org, fail fast, fear of failure, Free Software Foundation, Guido van Rossum, Ken Thompson, Paradox of Choice, Paul Graham, publish or perish, Richard Stallman, Silicon Valley, Steve Jobs, TED Talk, value engineering, web application

The first time your software runs, don’t present the user with a giant form to fill out or a giant panel of mandatory preferences to set. Forcing the user to create some sort of new account is pretty off-putting as well; it implies long-term commitment before the user has even done anything. All these things send the user screaming in the other direction. If your product is a web application, make sure it loads quickly! We’ve become spoiled about web page speed. When told to check out a new website, if it doesn’t load within three or four seconds, Fitz usually aborts and loses interest. There’s simply no excuse here. When programmers make users wait in line at the entrance, that’s an irritating barrier to entry.


pages: 197 words: 60,477

So Good They Can't Ignore You: Why Skills Trump Passion in the Quest for Work You Love by Cal Newport

adjacent possible, Apple II, bounce rate, business cycle, Byte Shop, Cal Newport, capital controls, clean tech, Community Supported Agriculture, deal flow, deliberate practice, do what you love, financial independence, follow your passion, Frank Gehry, information asymmetry, job satisfaction, job-hopping, knowledge worker, Mason jar, medical residency, new economy, passive income, Paul Terrell, popular electronics, renewable energy credits, Results Only Work Environment, Richard Bolles, Richard Feynman, rolodex, Sand Hill Road, side project, Silicon Valley, Skype, Steve Jobs, Steve Wozniak, Stuart Kauffman, TED Talk, web application, winner-take-all economy

“I had a lot of interest from companies in San Francisco and Silicon Valley,” he told me, reflecting on the period that began in 2008. He decided to take a job with ENTP, one of the country’s top Ruby programming firms. They doubled his salary and put him to work on interesting projects. In 2009, Giles was bit by an entrepreneurial bug. He left ENTP and built up a blog and a collection of mini–Web applications that soon brought in enough money to support him. “I had an audience who wanted to know what I thought about a whole ton of different things,” he told me. “In many cases they were happy to pay money just to ask me questions.” Eventually, he decided that he had had his fill with the solo lifestyle (“working from home is kind of lame when you don’t have roommates, a girlfriend, or even a dog”), so he pursued a longstanding interest in filmmaking by going to work for hitRECord: a company started by actor Joseph Gordon-Levitt that provides a Web-based platform for collaborative media projects.


pages: 232 words: 63,846

Traction: How Any Startup Can Achieve Explosive Customer Growth by Gabriel Weinberg, Justin Mares

Airbnb, content marketing, Firefox, Hacker News, if you build it, they will come, jimmy wales, Justin.tv, Lean Startup, Marc Andreessen, Mark Zuckerberg, Network effects, Paul Graham, Peter Thiel, Salesforce, side project, Skype, Snapchat, social bookmarking, social graph, software as a service, TechCrunch disrupt, the long tail, the payments system, Uber for X, Virgin Galactic, web application, working poor, Y Combinator

As with invites, if you double your conversion percentage (by doing things like testing different signup flows), you double your viral coefficient. The best signup flows reduce friction by making things simpler, such as cutting out pages or signup fields. For example, the conversion steps for a standard Web application often involve clicking on a link and filling out a form to create an account. In that case, you could break the conversion percentage into two percentages. K = i * conversion percentage = i * click-through percentage * signup percentage When you break out conversion percentage in this way, you can determine the weakest part of your equation and focus on it.


pages: 186 words: 50,651

Interactive Data Visualization for the Web by Scott Murray

barriers to entry, data science, Firefox, intentional community, iterative process, TED Talk, the long tail, web application, your tax dollars at work

For some reason, we humans just love seeing real-world things replicated on screens. Chapter 12. Geomapping Bar charts, scatterplots, ring charts, and even force-directed graphs… Yeah, that’s all okay, you’re thinking, but get to the maps already! JSON, Meet GeoJSON You’ve already met JSON. Now meet GeoJSON, the JSON-based standard for encoding geodata for web applications. GeoJSON actually is not a totally different format, but just a very specific use of JSON. Before you can generate a geographic map, you need to acquire the path data (the outlines) for the shapes you want to display. We’ll start with a common example, mapping US state boundaries. I’ve included a file us-states.json with the sample code.


pages: 219 words: 63,495

50 Future Ideas You Really Need to Know by Richard Watson

23andMe, 3D printing, access to a mobile phone, Albert Einstein, Alvin Toffler, artificial general intelligence, augmented reality, autonomous vehicles, BRICs, Buckminster Fuller, call centre, carbon credits, Charles Babbage, clean water, cloud computing, collaborative consumption, computer age, computer vision, crowdsourcing, dark matter, dematerialisation, Dennis Tito, digital Maoism, digital map, digital nomad, driverless car, Elon Musk, energy security, Eyjafjallajökull, failed state, Ford Model T, future of work, Future Shock, gamification, Geoffrey West, Santa Fe Institute, germ theory of disease, global pandemic, happiness index / gross national happiness, Higgs boson, high-speed rail, hive mind, hydrogen economy, Internet of things, Jaron Lanier, life extension, Mark Shuttleworth, Marshall McLuhan, megacity, natural language processing, Neil Armstrong, Network effects, new economy, ocean acidification, oil shale / tar sands, pattern recognition, peak oil, personalized medicine, phenotype, precision agriculture, private spaceflight, profit maximization, RAND corporation, Ray Kurzweil, RFID, Richard Florida, Search for Extraterrestrial Intelligence, self-driving car, semantic web, Skype, smart cities, smart meter, smart transportation, space junk, statistical model, stem cell, Stephen Hawking, Steve Jobs, Steven Pinker, Stewart Brand, strong AI, Stuxnet, supervolcano, synthetic biology, tech billionaire, telepresence, The Wisdom of Crowds, Thomas Malthus, Turing test, urban decay, Vernor Vinge, Virgin Galactic, Watson beat the top human players on Jeopardy!, web application, women in the workforce, working-age population, young professional

Links with digital payments, micropayments, stored value, embedded currency and mobile payments. Virtual duplicate An object’s virtual twin in cyberspace. Used to provide additional information. Links with augmented reality and cybertwins. VR Virtual Reality—a computer-simulated environment. Web 2.0 A term often used to describe Web applications that help individuals to share information online, examples being sites such as Facebook and YouTube. Sometimes referred to as the participatory or conversational Web. Web 3.0 The next stage of Web development, although the term causes much disagreement. Sometimes refers to the ability of search engines to answer complex questions.


pages: 145 words: 40,897

Gamification by Design: Implementing Game Mechanics in Web and Mobile Apps by Gabe Zichermann, Christopher Cunningham

airport security, business logic, future of work, game design, gamification, Ian Bogost, lateral thinking, minimum viable product, pattern recognition, power law, Ruby on Rails, SimCity, social graph, social web, systems thinking, urban planning, web application

Nike Plus: Making Fitness Fun According to the Centers for Disease Control, more than two-thirds of American adults are overweight or obese, and fewer than 20% get enough exercise. From these statistics, it’s clear that physical fitness could be a lot more engaging. Nike Plus is a social running game. The most current version is an iPhone and web application that employs sophisticated game mechanics to encourage runners—both casual and hardcore—to compete and improve their fitness program. It’s a wonderful example of what great gamification can do to motivate players. An Application for Runners While Nike’s goal was to generate brand loyalty and ultimately sell more sporting equipment, clearly it thought very carefully about what kinds of people would use the application and prioritized those players’ needs first.


pages: 1,606 words: 168,061

Python Cookbook by David Beazley, Brian K. Jones

don't repeat yourself, Firefox, Guido van Rossum, iterative process, p-value, SQL injection, web application

If you know that the text you are reading or writing is in a different encoding, supply the optional encoding parameter to open(). For example: with open('somefile.txt', 'rt', encoding='latin-1') as f: ... Python understands several hundred possible text encodings. However, some of the more common encodings are ascii, latin-1, utf-8, and utf-16. UTF-8 is usually a safe bet if working with web applications. ascii corresponds to the 7-bit characters in the range U+0000 to U+007F. latin-1 is a direct mapping of bytes 0-255 to Unicode characters U+0000 to U+00FF. latin-1 encoding is notable in that it will never produce a decoding error when reading text of a possibly unknown encoding. Reading a file as latin-1 might not produce a completely correct text decoding, but it still might be enough to extract useful data out of it.

For example: # Writing JSON data with open('data.json', 'w') as f: json.dump(data, f) # Reading data back with open('data.json', 'r') as f: data = json.load(f) Discussion JSON encoding supports the basic types of None, bool, int, float, and str, as well as lists, tuples, and dictionaries containing those types. For dictionaries, keys are assumed to be strings (any nonstring keys in a dictionary are converted to strings when encoding). To be compliant with the JSON specification, you should only encode Python lists and dictionaries. Moreover, in web applications, it is standard practice for the top-level object to be a dictionary. The format of JSON encoding is almost identical to Python syntax except for a few minor changes. For instance, True is mapped to true, False is mapped to false, and None is mapped to null. Here is an example that shows what the encoding looks like: >>> json.dumps(False) 'false' >>> d = {'a': True, ...


pages: 233 words: 66,446

Bitcoin: The Future of Money? by Dominic Frisby

3D printing, Alan Greenspan, altcoin, bank run, banking crisis, banks create money, barriers to entry, bitcoin, Bitcoin Ponzi scheme, blockchain, capital controls, Chelsea Manning, cloud computing, computer age, cryptocurrency, disintermediation, Dogecoin, Ethereum, ethereum blockchain, fiat currency, financial engineering, fixed income, friendly fire, game design, Hacker News, hype cycle, Isaac Newton, John Gilmore, Julian Assange, land value tax, litecoin, low interest rates, M-Pesa, mobile money, Money creation, money: store of value / unit of account / medium of exchange, Occupy movement, Peter Thiel, Ponzi scheme, prediction markets, price stability, printed gun, QR code, quantitative easing, railway mania, Ronald Reagan, Ross Ulbricht, Satoshi Nakamoto, Silicon Valley, Skype, slashdot, smart contracts, Snapchat, Stephen Hawking, Steve Jobs, Ted Nelson, too big to fail, transaction costs, Turing complete, Twitter Arab Spring, Virgin Galactic, Vitalik Buterin, War on Poverty, web application, WikiLeaks

That post would be the beginning of the end for Ulbricht. Hello, sorry if there is another thread for this kind of post, but I couldn’t find one. I’m looking for the best and brightest IT pro in the bitcoin community to be the lead developer in a venture backed bitcoin startup company. The ideal candidate would have at least several years of web application development experience, having built applications from the ground up. A solid understanding of oop and software architecture is a must. Experience in a start-up environment is a plus, or just being super hard working, self-motivated, and creative. Compensation can be in the form of equity or a salary, or somewhere in-between.


pages: 222 words: 70,132

Move Fast and Break Things: How Facebook, Google, and Amazon Cornered Culture and Undermined Democracy by Jonathan Taplin

"Friedman doctrine" OR "shareholder theory", "there is no alternative" (TINA), 1960s counterculture, affirmative action, Affordable Care Act / Obamacare, Airbnb, AlphaGo, Amazon Mechanical Turk, American Legislative Exchange Council, AOL-Time Warner, Apple's 1984 Super Bowl advert, back-to-the-land, barriers to entry, basic income, battle of ideas, big data - Walmart - Pop Tarts, Big Tech, bitcoin, Brewster Kahle, Buckminster Fuller, Burning Man, Clayton Christensen, Cody Wilson, commoditize, content marketing, creative destruction, crony capitalism, crowdsourcing, data is the new oil, data science, David Brooks, David Graeber, decentralized internet, don't be evil, Donald Trump, Douglas Engelbart, Douglas Engelbart, Dynabook, Edward Snowden, Elon Musk, equal pay for equal work, Erik Brynjolfsson, Fairchild Semiconductor, fake news, future of journalism, future of work, George Akerlof, George Gilder, Golden age of television, Google bus, Hacker Ethic, Herbert Marcuse, Howard Rheingold, income inequality, informal economy, information asymmetry, information retrieval, Internet Archive, Internet of things, invisible hand, Jacob Silverman, Jaron Lanier, Jeff Bezos, job automation, John Markoff, John Maynard Keynes: technological unemployment, John Perry Barlow, John von Neumann, Joseph Schumpeter, Kevin Kelly, Kickstarter, labor-force participation, Larry Ellison, life extension, Marc Andreessen, Mark Zuckerberg, Max Levchin, Menlo Park, Metcalfe’s law, military-industrial complex, Mother of all demos, move fast and break things, natural language processing, Network effects, new economy, Norbert Wiener, offshore financial centre, packet switching, PalmPilot, Paul Graham, paypal mafia, Peter Thiel, plutocrats, pre–internet, Ray Kurzweil, reality distortion field, recommendation engine, rent-seeking, revision control, Robert Bork, Robert Gordon, Robert Metcalfe, Ronald Reagan, Ross Ulbricht, Sam Altman, Sand Hill Road, secular stagnation, self-driving car, sharing economy, Silicon Valley, Silicon Valley ideology, Skinner box, smart grid, Snapchat, Social Justice Warrior, software is eating the world, Steve Bannon, Steve Jobs, Stewart Brand, tech billionaire, techno-determinism, technoutopianism, TED Talk, The Chicago School, the long tail, The Market for Lemons, The Rise and Fall of American Growth, Tim Cook: Apple, trade route, Tragedy of the Commons, transfer pricing, Travis Kalanick, trickle-down economics, Tyler Cowen, Tyler Cowen: Great Stagnation, universal basic income, unpaid internship, vertical integration, We are as Gods, We wanted flying cars, instead we got 140 characters, web application, Whole Earth Catalog, winner-take-all economy, women in the workforce, Y Combinator, you are the product

As the Wall Street Journal reported that day: A large swath of the Internet ran without advertising for over an hour Wednesday after Google’s online ad-serving system DoubleClick for Publishers went down. The outage caused websites run by publishers including BuzzFeed, Time and Forbes to show blank spaces where display ads usually run… Wednesday’s outages affected more than 55,000 websites, according to Dynatrace, which monitors website and web application performance for companies including eight out of the 10 largest retailers in North America. Compared to its competitors, it is clear that Google owns the dominant share of online advertising. So instead of a competitive market for advertising keywords, Google runs an auction, which provides no transparency for the buyer other than the minimum price, set at Google’s discretion.


pages: 226 words: 17,533

Programming Scala: tackle multicore complexity on the JVM by Venkat Subramaniam

augmented reality, business logic, continuous integration, domain-specific language, don't repeat yourself, functional programming, higher-order functions, loose coupling, semantic web, type inference, web application

Title Year ISBN Advanced Rails Recipes: 84 New Ways to Build Stunning Rails Apps 2008 9780978739225 Pages 464 Agile Retrospectives: Making Good Teams Great 2006 9780977616640 200 Agile Web Development with Rails, Third Edition 2009 9781934356166 784 Augmented Reality: A Practical Guide 2008 9781934356036 328 Behind Closed Doors: Secrets of Great Management 2005 9780976694021 192 Best of Ruby Quiz 2006 9780976694076 304 Core Animation for Mac OS X and the iPhone: Creating Compelling Dynamic User Interfaces 2008 9781934356104 200 Data Crunching: Solve Everyday Problems using Java, Python, and More 2005 9780974514079 208 Deploying Rails Applications: A Step-by-Step Guide 2008 9780978739201 280 Design Accessible Web Sites: 36 Keys to Creating Content for All Audiences and Platforms 2007 9781934356029 336 Desktop GIS: Mapping the Planet with Open Source Tools 2008 9781934356067 368 Developing Facebook Platform Applications with Rails 2008 9781934356128 200 Enterprise Integration with Ruby 2006 9780976694069 360 Enterprise Recipes with Ruby and Rails 2008 9781934356234 416 Everyday Scripting with Ruby: for Teams, Testers, and You 2007 9780977616619 320 FXRuby: Create Lean and Mean GUIs with Ruby 2008 9781934356074 240 From Java To Ruby: Things Every Manager Should Know 2006 9780976694090 160 GIS for Web Developers: Adding Where to Your Web Applications 2007 9780974514093 275 Google Maps API, V2: Adding Where to Your Applications 2006 PDF-Only Groovy Recipes: Greasing the Wheels of Java 2008 9780978739294 264 Hello, Android: Introducing Google’s Mobile Development Platform 2008 9781934356173 200 Interface Oriented Design 2006 9780976694052 240 Land the Tech Job You Love 2009 9781934356265 280 Learn to Program, 2nd Edition 2009 9781934356364 230 Continued on next Download page at Boykma.Com Prepared exclusively for sam kaplan 83 Title Year ISBN Manage It!


Exploring Everyday Things with R and Ruby by Sau Sheong Chang

Alfred Russel Wallace, bioinformatics, business process, butterfly effect, cloud computing, Craig Reynolds: boids flock, data science, Debian, duck typing, Edward Lorenz: Chaos theory, Gini coefficient, income inequality, invisible hand, p-value, price stability, Ruby on Rails, Skype, statistical model, stem cell, Stephen Hawking, text mining, The Wealth of Nations by Adam Smith, We are the 99%, web application, wikimedia commons

:), in Ruby ternary conditional expression, if and unless R R Development Core Team, Introducing R R language, Packing Your Bags, Introducing R–Introducing R, Introducing R, Introducing R, Using R–Using R, The R Console–The R Console, The R Console, The R Console, Sourcing Files and the Command Line–Sourcing Files and the Command Line, Sourcing Files and the Command Line, Packages–Using packages, Programming R, Variables and Functions, Variables and Functions–Variables and Functions, Variables and Functions–Variables and Functions, Conditionals and Loops, Conditionals and Loops–Conditionals and Loops, Vectors–Vectors, Lists–Lists, Matrices–Matrices, Arrays–Arrays, Factors–Factors, Data frames–Data frames, Importing Data–Importing data from a database, Charting–Adjustments, Basic Graphs, MailMiner–MailMiner arrays, Arrays–Arrays assignment operators, Variables and Functions batch mode, Sourcing Files and the Command Line charting, Charting–Adjustments conditionals, Conditionals and Loops console for, The R Console–The R Console data frames, Data frames–Data frames expressions, Programming R factors, Factors–Factors functions, Variables and Functions–Variables and Functions importing data, Importing Data–Importing data from a database installing, Introducing R lists, Lists–Lists loops, Conditionals and Loops–Conditionals and Loops matrices, Matrices–Matrices output formats, Basic Graphs packages for, Packages–Using packages packages for, creating, MailMiner–MailMiner running, Using R–Using R running code from a file, Sourcing Files and the Command Line–Sourcing Files and the Command Line statistical functions, The R Console variables, Variables and Functions–Variables and Functions vectors, The R Console, Vectors–Vectors version of, Introducing R R-Forge repository, Packages .rb file extension, Running Ruby rbind() function, R, Data frames read() function, R, Importing data from text files read.table() function, R, Interpreting the Data, Number of Messages by Day of the Month repeat loop, R, Conditionals and Loops require statement, Ruby, Requiring External Libraries restrooms example, Offices and Restrooms–The Final Simulation, Offices and Restrooms, The Simple Scenario–The Simple Scenario, The Simple Scenario–The First Simulation, Representing Restrooms and Such, Representing Restrooms and Such, Representing Restrooms and Such, Interpreting the Data–Interpreting the Data, Interpreting the Data–Interpreting the Data, The Second Simulation–The Final Simulation, The Second Simulation, The Second Simulation–The Second Simulation, The Third Simulation–The Third Simulation, The Final Simulation–The Final Simulation charts for, Interpreting the Data–Interpreting the Data, The Second Simulation, The Second Simulation–The Second Simulation, The Third Simulation–The Third Simulation, The Final Simulation–The Final Simulation data results, interpreting, Interpreting the Data–Interpreting the Data Facility class for, Representing Restrooms and Such HSE (Health and Safety Executive) data regarding, Offices and Restrooms modeling, The Simple Scenario–The Simple Scenario Person class for, Representing Restrooms and Such Restroom class for, Representing Restrooms and Such simulations for, The Simple Scenario–The First Simulation, The Second Simulation–The Final Simulation return keyword, R, Variables and Functions return keyword, Ruby, Methods Reynolds, Craig (creator of Boids algorithm), Schooling Fish and Flocking Birds RIFF format, Extracting Data from Sound right angle bracket (>), The R Console, Variables and Functions -> assignment operator, R, Variables and Functions > R console prompt, The R Console RMagick library, Extracting Data from Video, Extracting Data from Video Ruby language, Packing Your Bags, Ruby–Why Ruby, Why Ruby, Installing Ruby–Installing Ruby using your platform’s package management tool, Installing Ruby from source, Running Ruby–Running Ruby, Running Ruby, Running Ruby, Requiring External Libraries–Requiring External Libraries, Strings–Strings, Strings, Arrays and hashes–Arrays and hashes, Arrays and hashes–Arrays and hashes, Arrays and hashes, Symbols, Conditionals and loops–case expression, Loops, Classes and objects–Classes and objects, Classes and objects–Classes and objects, Methods, Class methods and variables, Class methods and variables–Class methods and variables, Inheritance–Inheritance, Inheritance–Inheritance, Inheritance, Inheritance, Code like a duck–Code like a duck, Code like a duck–Code like a duck, Shoes–Shoes doodler, Roids arrays, Arrays and hashes–Arrays and hashes, Arrays and hashes class methods, Class methods and variables class variables, Class methods and variables–Class methods and variables classes, Classes and objects–Classes and objects compiling from source code, Installing Ruby from source conditionals, Conditionals and loops–case expression duck typing, Code like a duck–Code like a duck dynamic typing, Code like a duck–Code like a duck external libraries for, Requiring External Libraries–Requiring External Libraries hashes, Arrays and hashes–Arrays and hashes here-documents, Strings inheritance, Inheritance–Inheritance installing, Installing Ruby–Installing Ruby using your platform’s package management tool interactive tool for, Running Ruby interpreter for, Running Ruby loops, Loops methods, Methods mixin mechanism, Inheritance modules, Inheritance objects, Classes and objects–Classes and objects open classes, Roids running, Running Ruby–Running Ruby Shoes toolkit for, Shoes–Shoes doodler strings, Strings–Strings subclassing, Inheritance–Inheritance symbols, Symbols website for, Why Ruby Ruby Version Manager (RVM), Ruby Version Manager (RVM) RubyGems package manager, Requiring External Libraries RubyInstaller, RubyInstaller RVideo library, Extracting Data from Video RVM (Ruby Version Manager), Ruby Version Manager (RVM) S saccadic masking, Data, Data, Everywhere sample frame, Extracting Data from Sound sample points, Extracting Data from Sound sapply() function, R, Variables and Functions scale_shape_manual() function, Interpreting the Data scale_x_continuous() function, Interpreting the Data scale_y_continuous() function, Interpreting the Data scatterplot, R, The R Console, Sourcing Files and the Command Line scatterplots, Interpreting the Data–Interpreting the Data, The Second Simulation, The Third Simulation–The Third Simulation, The Final Simulation–The Final Simulation, Number of Messages by Day of the Month–Number of Messages by Hour of the Day, Implementation schools of fish, Schooling Fish and Flocking Birds (see flocking example) sd() function, R, The R Console self keyword, Ruby, Class methods and variables seq() function, R, Vectors Shapiro-Wilk test, Money Shoes toolkit, Shoes–Shoes doodler, A Rainbow of Shoes, Installing Shoes–Installing Shoes, Programming Shoes–Shoes doodler, Shoes stopwatch, Shoes stopwatch, Shoes stopwatch, Simulation–Simulation, Roids–Roids flows, Shoes stopwatch installing, Installing Shoes–Installing Shoes programming in, Programming Shoes–Shoes doodler slots, Shoes stopwatch stacks, Shoes stopwatch versions (colors) of, A Rainbow of Shoes simulations, Bringing the World to Us, The Simple Scenario–The First Simulation, The Simple Scenario–The First Simulation, The Second Simulation–The Final Simulation, The Simulation–The Simulation, The Simulation–The Simulation, Simulation–Simulation, The Boid Flocking Rules–Putting in Obstacles economics example, The Simulation–The Simulation, The Simulation–The Simulation flocking example, Simulation–Simulation, The Boid Flocking Rules–Putting in Obstacles Monte Carlo method, The Simple Scenario–The First Simulation restrooms example, The Simple Scenario–The First Simulation, The Second Simulation–The Final Simulation single quotes (' '), enclosing Ruby strings, Strings slots, Shoes, Shoes stopwatch Smith, Adam (author), The Invisible Hand An Inquiry into the Nature and Causes of the Wealth of Nations (University of Chicago Press), The Invisible Hand source() function, R, Sourcing Files and the Command Line square brackets ([ ]), Vectors, Matrices, Data frames accessing subset of R data frame, Data frames enclosing R matrix indexes, Matrices enclosing R vector indexes, Vectors square brackets, double ([[ ]]), enclosing single R vector index, Vectors stacks, Shoes, Shoes stopwatch standard deviation, R, The R Console Standard library, Ruby, Requiring External Libraries Starlings in Flight (STARFLAG) project, A Variation on the Rules statistical functions, R, The R Console, Packages, Interpreting the Data–Interpreting the Data stats package, R, Packages stat_bin() function, R, Statistical transformation, Statistical transformation stethoscope, homemade, Homemade Digital Stethoscope stopwatch example, Shoes stopwatch–Shoes stopwatch String class, Extracting Data from Sound strings, Ruby, Strings–Strings subclassing, Ruby, Inheritance–Inheritance sudo command, Installing Ruby using your platform’s package management tool symbols, Ruby, Symbols T table() function, R, Interpreting the Data, Number of Messages by Day of the Month term-document matrix, Text Mining ternary conditional expression, Ruby, if and unless text document, Text Mining text files, Importing data from text files, Importing data from text files, The Emailing Habits of Enron Executives (see also CSV files) email message data in, The Emailing Habits of Enron Executives importing data from, R, Importing data from text files text mining, Text Mining–Text Mining The Grammar of Graphics (Springer), Introducing ggplot2 tm library, Text Mining U Ubuntu system, installing Ruby on, Installing Ruby using your platform’s package management tool UI toolkits, Shoes toolkit, Shoes–Shoes doodler unless expression, Ruby, if and unless unpack method, String class, Extracting Data from Sound until loop, Ruby, Loops Utopia example, It’s a Good Life, It’s a Good Life, Money–Money, Money–Money, Money–Money, Sex–The Changes, Birth and Death, The Changes–The Changes, Evolution–Implementation, Implementation, Implementation charts for, Money–Money, Implementation data, analyzing, Money–Money, The Changes–The Changes, Implementation evolution added to simulation, Evolution–Implementation flocking roids, as basis for simulation, It’s a Good Life food added to simulation, Money–Money mortality added to simulation, Birth and Death procreation added to simulation, Sex–The Changes research regarding, It’s a Good Life V variables, R, Variables and Functions–Variables and Functions Vector class, Ruby, Roids vectors, R, The R Console, Vectors–Vectors video file, extracting data from, Extracting Data from Video–Extracting Data from Video W WAV files, Homemade Digital Stethoscope, Extracting Data from Sound–Extracting Data from Sound, Extracting Data from Sound extracting to CSV file, Extracting Data from Sound–Extracting Data from Sound format of, Extracting Data from Sound recording audio to, Homemade Digital Stethoscope waveforms, Generating the Heart Sounds Waveform–Generating the Heart Sounds Waveform, Generating the Heartbeat Waveform and Calculating the Heart Rate–Generating the Heartbeat Waveform and Calculating the Heart Rate webcam, pulse oximeter using, Homemade Pulse Oximeter website resources, How to Contact Us, Why Ruby, Installing Ruby from source, Ruby Version Manager (RVM), RubyInstaller, Introducing R, Packages, The Emailing Habits of Enron Executives, The Emailing Habits of Enron Executives Enron email data, The Emailing Habits of Enron Executives for this book, How to Contact Us Internet Message Format, The Emailing Habits of Enron Executives R language, Introducing R R packages, Packages Ruby language, Why Ruby Ruby source code, Installing Ruby from source RubyInstaller, RubyInstaller RVM (Ruby Version Manager), Ruby Version Manager (RVM) weight example, The R Console (see height and weight example) while loop, R, Conditionals and Loops while loop, Ruby, Loops Wickham, Hadley (creator of ggplot2 package), Introducing ggplot2 Wilkinson, Leland (author), Introducing ggplot2 The Grammar of Graphics (Springer), Introducing ggplot2 win.metafile() function, R, Basic Graphs Windows, RubyInstaller, Installing Shoes, Using R, Basic Graphs installing Ruby on, RubyInstaller installing Shoes on, Installing Shoes opening graphics device, Basic Graphs R user interface for, Using R windows() function, R, Basic Graphs with() function, R, Data frames, Importing data from a database write() method, Ruby, The Simulation X X11() function, R, Basic Graphs About the Author Sau Sheong Chang has been in software development, mostly web applications and recently cloud- and data-related systems, for almost 17 years and is still a keen and enthusiastic programmer. He has been active in programming with Ruby for the past 6 years and recently started with R for the past year. He is active in the local developer communities, especially in the Singapore Ruby Brigade.


pages: 232 words: 71,024

The Decline and Fall of IBM: End of an American Icon? by Robert X. Cringely

AltaVista, Bernie Madoff, business cycle, business process, Carl Icahn, cloud computing, commoditize, compound rate of return, corporate raider, financial engineering, full employment, Great Leap Forward, if you build it, they will come, immigration reform, interchangeable parts, invention of the telephone, Khan Academy, knowledge worker, low skilled workers, managed futures, Paul Graham, platform as a service, race to the bottom, remote working, Robert Metcalfe, Robert X Cringely, shareholder value, Silicon Valley, six sigma, software as a service, Steve Jobs, stock buybacks, tech worker, TED Talk, Toyota Production System, Watson beat the top human players on Jeopardy!, web application, work culture

It cost IBM easily ten times more per user than comparable systems. IBM may also have sold its support services to itself at a profit—one division's profit was another division's cost.” Today, in 2014, there are still almost no corporate file servers at IBM. Employees still attach files to e-mails or upload them to a Notes application or a web application. The master customer database for IBM isn’t a database at all. It’s a spreadsheet. The company has an internal desktop back-up service; the only problem is it can take over 300 hours to recover your data if you lose your hard drive. Three hundred hours is close to two weeks, during which time you can't get anything done.


Introducing Elixir by Simon St.Laurent, J. David Eisenberg

Debian, finite state, functional programming, higher-order functions, Pluto: dwarf planet, Ruby on Rails, web application

(It’s sort of like learning a foreign language; there are phrases you may never have to say yourself, but you want to be able to understand them when someone says them to you.) When (Not) to Use Macros | 189 CHAPTER 15 Using Phoenix While it’s great to use Elixir from the command line, sometimes you’ll want to expose your work to the web as well. The Phoenix framework offers an Elixir-based toolkit, somewhat like Ruby on Rails, for building web applications. Phoenix is designed for robustness and scalability, building on macros, OTP, and Erlang’s Cowboy server. It wraps those powerful features, though, so you can get started building simple things without mastering those details. Skeleton Installation Once you have Elixir itself installed, installing just Phoenix isn’t difficult.


pages: 357 words: 63,071

Essential SQLAlchemy by Rick Copeland

database schema, defense in depth, domain-specific language, SQL injection, value engineering, web application

The complete list of supported databases and drivers follows: PostgreSQL psycopg2 at http://www.initd.org/pub/software/psycopg/ SQLite pysqlite at http://initd.org/pub/software/pysqlite/ or sqlite3 (included with Python versions 2.5 and greater) MySQL MySQLdb athttp://sourceforge.net/projects/mysql-python Oracle cx_Oracle athttp://www.cxtools.net/ SQL Server Support for Microsoft SQL server is provided by multiple drivers as follows: pyodbc at http://pyodbc.sourceforge.net/ (recommended driver) adodbapi at http://adodbapi.sourceforge.net/ pymssql at http://pymssql.sourceforge.net/ Firebird kinterbasdb athttp://kinterbasdb.sourceforge.net/ Informix informixdb athttp://informixdb.sourceforge.net/ SQLAlchemy Tutorial Once you have installed SQLAlchemy and the SQLite driver (either pysqlite or sqlite3), you can start really exploring SQLAlchemy. This tutorial shows off some of the basic features of SQLAlchemy that you can use to become immediately productive. This tutorial is based on a stripped-down version of a user authentication module that might be used in a web application. Connecting to the Database and Creating Some Tables Before doing anything, we need to import the modules we will use. In this case, for simplicity’s sake, we will simply import everything from the sqlalchemy package. We will also import the datetime class from the datetime package for use in defining default values for our tables.


pages: 378 words: 67,804

Learning Android by Marko Gargenta

business logic, create, read, update, delete, database schema, Firefox, loose coupling, slashdot, SQL injection, web application

This book is a distilled version of the Android Bootcamp training course that I developed at Marakana and fine-tuned over numerous engagements. My background is in Java from back before it was even called that. From the beginning, I was very interested in embedded development as a way to program various devices that surround us in everyday life. Because Java primarily took off in web application development, most of my experience in the previous decade has been in building large enterprise systems. Then Android arrived, and once again I became very excited about building software for nontraditional computers. My current interests lie in using Android on devices that may not even resemble a typical phone.


pages: 205 words: 20,452

Data Mining in Time Series Databases by Mark Last, Abraham Kandel, Horst Bunke

backpropagation, call centre, computer vision, discrete time, G4S, information retrieval, iterative process, NP-complete, p-value, pattern recognition, random walk, sensor fusion, speech recognition, web application

Xie) Vol. 55: Web Document Analysis: Challenges and Opportunities (Eds. A. Antonacopoulos and J. Hu) Vol. 56: Artificial Intelligence Methods in Software Testing (Eds. M. Last, A. Kandel and H. Bunke) Vol. 57: Data Mining in Time Series Databases (Eds. M. Last, A. Kandel and H. Bunke) Vol. 58: Computational Web Intelligence: Intelligent Technology for Web Applications (Eds. Y. Zhang, A. Kandel, T. Y. Lin and Y. Yao) Vol. 59: Fuzzy Neural Network Theory and Application (P. Liu and H. Li) *For the complete list of titles in this series, please write to the Publisher. Series in Machine Perception and Artificial Intelligence - Vol, 57 DATA MINING IN TIME SERIES DATABASES Editors Mark Last Ben-Gurion LIniversity of the Negeu, Israel Abraham Kandel Zl-Auiv University, Israel University of South Florida, Tampa, LISA Horst Bunke University of Bern, Switzerland vp World Scientific N E W JERSEY * LONDON * SINGAPORE BElJlNG SHANGHAI HONG KONG TAIPEI CHENNAI Published by World Scientific Publishing Co.


pages: 238 words: 68,914

Where Does It Hurt?: An Entrepreneur's Guide to Fixing Health Care by Jonathan Bush, Stephen Baker

Affordable Care Act / Obamacare, Alan Greenspan, Atul Gawande, barriers to entry, Clayton Christensen, commoditize, data science, informal economy, inventory management, job automation, knowledge economy, lifelogging, obamacare, personalized medicine, ride hailing / ride sharing, Ronald Reagan, Salesforce, Silicon Valley, Steve Jobs, web application, women in the workforce, working poor

After all, unhappy patients are less likely to leave if their medical records stay behind. A single system like Epic is a hospital’s dream. It’s the inverse of athenahealth. A doctor using our system can manage patients as they move through the ecosystem of health care, overseeing medications, lab reports, checkups, and, yes, billing. Practically everyone’s data works on our Web application, athenaNet. Openness is at the heart of our business model. However, when that patient enters a hospital running on Epic, the data flow, traditionally, has come to a halt. Every technology company’s goal in our nook of the industry, naturally, is to build systems that follow a patient’s medical care.


pages: 227 words: 63,186

An Elegant Puzzle: Systems of Engineering Management by Will Larson

Ben Horowitz, Cass Sunstein, Clayton Christensen, data science, DevOps, en.wikipedia.org, fault tolerance, functional programming, Google Earth, hive mind, Innovator's Dilemma, iterative process, Kanban, Kickstarter, Kubernetes, loose coupling, microservices, MITM: man-in-the-middle, no silver bullet, pull request, Richard Thaler, seminal paper, Sheryl Sandberg, Silicon Valley, statistical model, systems thinking, the long tail, web application

We have shipped support for Security Keys in the Chrome web browser and in Google’s online services. We show that Security Keys lead to both an increased level of security and user satisfaction by analyzing a two-year deployment which began within Google and has extended to our consumer-facing web applications. The Security Key design has been standardized by the FIDO Alliance, an organization with more than 250 member companies spanning the industry. Currently, Security Keys have been deployed by Google, Dropbox, and GitHub. These keys are also remarkably cheap! Order a few and start securing your life in a day or two.


pages: 1,881 words: 178,824

HTML5 Canvas by Steve Fulton, Jeff Fulton

barriers to entry, Firefox, game design, Google Chrome, off-the-grid, web application, WebSocket

You will have to update the setElementPath() method and the fallback DOM element with new coordinate data every time something moves, which means triple overhead for a game that is probably not accessible in the first place. Still, this is a good move by the W3C, because making the Canvas accessible for user interfaces is another huge step in making it more widely accepted for web applications. We hope these two new methods are added to the specification as soon as possible. The good news is, as of December 2012, the “Hit Testing Proposal” has been incorporated into the specification for the next version of Canvas, dubbed Canvas Level-2. What’s Next? So now you should have a basic understanding of the HTML and JavaScript that we will use to render and control HTML5 Canvas on an HTML page.

While we showed you how to do some pretty cool stuff with the video and HTML5 Canvas, we went on to show you new ways to capture video and use it on the canvas. This is really just the tip of the iceberg. We believe that these two very powerful and flexible new features of HTML5 (video and the canvas) will prove to be a very potent combination for web applications of the future. In the next chapter, we will dive into HTML5 audio and how it can be used with applications created on the canvas. Chapter 7. Working with Audio You can’t physically manipulate audio with HTML5 Canvas as directly as you can video, but many canvas applications can use that extra dimension of sound.


pages: 996 words: 180,520

Nagios: System and Network Monitoring, 2nd Edition by Wolfgang Barth

business process, Chuck Templeton: OpenTable:, Debian, en.wikipedia.org, Firefox, Free Software Foundation, RFC: Request For Comment, web application

If a simple connection to the utility cannot be established and a constant value (version number, system name) cannot be queried, you can still use a generic plugin to address the corresponding port. Another example of using service dependencies are the applications that depend on a database: a Web application with dynamic Web pages fails if the underlying database (which may be located somewhere in the network on another host) is not working. A precisely defined dependency between the database service and dynamic Web application also ensures here that the administrator is notified of the actual cause. Additional functions in Nagios 3.0 Nagios 3.0 includes two innovations: On one hand, the parameter dependency_period now allows a time restriction to be placed on the dependency.


Deep Work: Rules for Focused Success in a Distracted World by Cal Newport

8-hour work day, Albert Einstein, barriers to entry, behavioural economics, Bluma Zeigarnik, business climate, Cal Newport, Capital in the Twenty-First Century by Thomas Piketty, Clayton Christensen, David Brooks, David Heinemeier Hansson, deliberate practice, digital divide, disruptive innovation, do what you love, Donald Knuth, Donald Trump, Downton Abbey, en.wikipedia.org, Erik Brynjolfsson, Evgeny Morozov, experimental subject, follow your passion, Frank Gehry, Hacker News, Higgs boson, informal economy, information retrieval, Internet Archive, Jaron Lanier, knowledge worker, Mark Zuckerberg, Marshall McLuhan, Merlin Mann, Nate Silver, Neal Stephenson, new economy, Nicholas Carr, popular electronics, power law, remote working, Richard Feynman, Ruby on Rails, seminal paper, Silicon Valley, Silicon Valley startup, Snapchat, statistical model, the medium is the message, Tyler Cowen, Watson beat the top human players on Jeopardy!, web application, winner-take-all economy, work culture , zero-sum game

Over time, however, he got better at concentrating, eventually getting to a point where he was regularly clocking five or more disconnected hours per day in the room, focused without distraction on learning this hard new skill. “I probably read something like eighteen books on the topic by the time I was done,” he recalls. After two months locked away studying, Benn attended the notoriously difficult Dev Bootcamp: a hundred-hour-a-week crash course in Web application programming. (While researching the program, Benn found a student with a PhD from Princeton who had described Dev as “the hardest thing I’ve ever done in my life.”) Given both his preparation and his newly honed ability for deep work, Benn excelled. “Some people show up not prepared,” he said.


pages: 266 words: 80,018

The Snowden Files: The Inside Story of the World's Most Wanted Man by Luke Harding

affirmative action, air gap, airport security, Anton Chekhov, Apple's 1984 Super Bowl advert, Berlin Wall, Big Tech, Bletchley Park, Chelsea Manning, disinformation, don't be evil, drone strike, Edward Snowden, Etonian, Firefox, Google Earth, information security, Jacob Appelbaum, job-hopping, Julian Assange, Khan Academy, kremlinology, Laura Poitras, Mark Zuckerberg, Maui Hawaii, MITM: man-in-the-middle, national security letter, operational security, Panopticon Jeremy Bentham, pre–internet, Ralph Waldo Emerson, rolodex, Rubik’s Cube, Silicon Valley, Skype, social graph, Steve Jobs, TechCrunch disrupt, undersea cable, web application, WikiLeaks

He gave an account of the incident to the New York Times’s James Risen. According to Risen, Snowden was keen to get promoted but got embroiled in a ‘petty email spat’ with a superior, whose judgement he challenged. Months later, Snowden was filling in his annual CIA self-evaluation form. He detected flaws in the personnel web application and pointed those out to his boss. His boss told him to drop it but eventually agreed to allow Snowden to test the system’s susceptibility to hacking. Snowden added some code and text ‘in a non-malicious manner’, proving his point. His immediate boss signed off on it. But then the more senior manager with whom Snowden had clashed previously discovered what he had done and was furious.


pages: 252 words: 75,349

Spam Nation: The Inside Story of Organized Cybercrime-From Global Epidemic to Your Front Door by Brian Krebs

barriers to entry, bitcoin, Brian Krebs, cashless society, defense in depth, Donald Trump, drop ship, employer provided health coverage, independent contractor, information security, John Markoff, mutually assured destruction, offshore financial centre, operational security, payday loans, pirate software, placebo effect, ransomware, seminal paper, Silicon Valley, Stuxnet, the payments system, transaction costs, web application

His Cutwail botnet had grown to more than 125,000 infected computers and was able to blast out 16 billion spam messages daily. Soon enough, his company’s growth forced him to find and hire several new programmers. To give you a sense of what he was looking for, below is an ad that he posted to Crutop.nu, seeking a talented programmer experienced in building web applications. Job type: local office in Moscow (benefits package included), full-time (9 hours per day, 5 days a week). REQUIREMENTS: • Excellent knowledge of Perl and PHP • Excellent knowledge of SQL • Knowledge of AJAX, JavaScript • The ability to quickly write scripts without bugs • At least 22 years of age • Responsibility The salary for a probationary period $1.5K (1 month), after—$2K +.


pages: 291 words: 77,596

Total Recall: How the E-Memory Revolution Will Change Everything by Gordon Bell, Jim Gemmell

airport security, Albert Einstein, book scanning, cloud computing, Computing Machinery and Intelligence, conceptual framework, Douglas Engelbart, full text search, information retrieval, invention of writing, inventory management, Isaac Newton, Ivan Sutherland, John Markoff, language acquisition, lifelogging, Menlo Park, optical character recognition, pattern recognition, performance metric, RAND corporation, RFID, semantic web, Silicon Valley, Skype, social web, statistical model, Stephen Hawking, Steve Ballmer, Steve Bannon, Ted Nelson, telepresence, Turing test, Vannevar Bush, web application

Many companies run their entire businesses using remote servers, without having to invest in computers, storage, or associated software. To serve this need, Amazon, which has vast amounts of excess storage, has a service called EC2, for Elastic Compute Cloud. Likewise, Microsoft has Azure, a cloud-based operating system that will let companies develop and run Web applications without setting up their own data center. Microsoft CEO Steve Ballmer has predicted that nearly all Internet data centers will be outsourced in this way by 2020. Cloud computing will lead to a single, integrated e-memory experience. Every device will act as an access point to recall from your e-memory.


pages: 231 words: 71,248

Shipping Greatness by Chris Vander Mey

business logic, corporate raider, don't be evil, en.wikipedia.org, fudge factor, Google Chrome, Google Hangouts, Gordon Gekko, Jeff Bezos, Kickstarter, Lean Startup, minimum viable product, performance metric, recommendation engine, Skype, slashdot, sorting algorithm, source of truth, SQL injection, Steve Jobs, Superbowl ad, two-pizza team, web application

For example, on Mac interfaces, the OK button is always on the lower-right side of a UI, so users can click the button without having to read the copy above the button or read the name of the button. Sadly, PCs are different, and the OK button appears to the left of the Cancel button on the bottom-right side. If you’re building a web application, this convention doesn’t help. But you’d best make sure that within your application the buttons are in a consistent place, especially if you’re working in iOS or Android. Here are some other conventions you can leverage to make your UI more understandable: Make all primary buttons large and the same color.


pages: 258 words: 74,942

Company of One: Why Staying Small Is the Next Big Thing for Business by Paul Jarvis

Abraham Maslow, Airbnb, big-box store, Boeing 747, Cal Newport, call centre, content marketing, corporate social responsibility, David Heinemeier Hansson, digital nomad, drop ship, effective altruism, Elon Musk, en.wikipedia.org, endowment effect, follow your passion, fulfillment center, gender pay gap, glass ceiling, growth hacking, Inbox Zero, independent contractor, index fund, job automation, Kickstarter, Lyft, Mark Zuckerberg, Naomi Klein, passive investing, Paul Graham, pets.com, remote work: asynchronous communication, remote working, Results Only Work Environment, ride hailing / ride sharing, Ruby on Rails, Salesforce, Sheryl Sandberg, side project, Silicon Valley, Skype, Snapchat, social bookmarking, software as a service, Steve Jobs, supply-chain management, TED Talk, Tim Cook: Apple, too big to fail, uber lyft, web application, William MacAskill, Y Combinator, Y2K

Remember, Wakefield Brunswick only partners with other businesses when a project requires it; otherwise, they are free to work on whatever they want. Business at every level is built on who we know and who knows us. Similarly, Ghostly Ferns, a “family of designers,” works on agency-sized projects while remaining a loose group of independent workers who all offer different design services, from illustration to branding to web application design. The team grows and shrinks as projects demand, and individual members also take on their own projects as needed. This flexibility has allowed them to work with big clients like Lincoln Motor Company, compete with and win bids from larger clients, and earn prestigious awards as well. Meg Lewis, the founder of Ghostly Ferns, believes that mixing their skills together, serving as a sounding board for each other, and generally supporting each other has led to a greater outcome than the sum of their individual skills could have achieved.


pages: 280 words: 71,268

Measure What Matters: How Google, Bono, and the Gates Foundation Rock the World With OKRs by John Doerr

Abraham Maslow, Albert Einstein, Big Tech, Bob Noyce, cloud computing, collaborative editing, commoditize, crowdsourcing, data science, fail fast, Fairchild Semiconductor, Firefox, Frederick Winslow Taylor, Google Chrome, Google Earth, Google X / Alphabet X, Haight Ashbury, hockey-stick growth, intentional community, Jeff Bezos, job satisfaction, Khan Academy, knowledge worker, Mary Meeker, Menlo Park, meta-analysis, PageRank, Paul Buchheit, Ray Kurzweil, risk tolerance, Salesforce, scientific management, self-driving car, Sheryl Sandberg, side project, Silicon Valley, Silicon Valley startup, Skype, Steve Jobs, Steven Levy, subscription business, Susan Wojcicki, web application, Yogi Berra, éminence grise

If Chrome wasn’t going to be dramatically different and better and faster than the traditional browsers already on the market, there was no point in moving ahead. In 2008, the year of Chrome’s rollout, our product management team formulated a top-level annual objective that would have an enduring influence on Google’s future: to “develop the next-generation client platform for web applications.” The main key result: “Chrome reaches 20 million seven-day active users.” Upping the Goal In Google’s OKR climate, it was understood that 70 percent achievement (on average) was considered a success. You weren’t supposed to strive for greens on every OKR you wrote—that wouldn’t stretch the team.


pages: 269 words: 77,876

Brilliant, Crazy, Cocky: How the Top 1% of Entrepreneurs Profit From Global Chaos by Sarah Lacy

Asian financial crisis, barriers to entry, Benchmark Capital, BRICs, clean tech, clean water, cloud computing, Deng Xiaoping, digital divide, Donald Trump, Elon Musk, fear of failure, Firefox, Great Leap Forward, Huaqiangbei: the electronics market of Shenzhen, China, income per capita, intangible asset, Jeff Bezos, knowledge economy, knowledge worker, M-Pesa, Mahatma Gandhi, Marc Andreessen, Mark Zuckerberg, Max Levchin, McMansion, megacity, Network effects, off-the-grid, One Laptop per Child (OLPC), paypal mafia, QWERTY keyboard, risk tolerance, Salesforce, Skype, social web, Steve Jobs, Tony Hsieh, urban planning, web application, women in the workforce, working-age population, zero-sum game

The former founders and executives from PayPal had their fingerprints al over the burgeoning U.S. Web 2.0 movement. They had founded LinkedIn, Slide, Yelp, YouTube, and now Geni, and they had invested in Facebook, Digg, and others. Sacks had two big advantages—he knew how to turn the wonky academic science of genealogy into a sexy social Web application, and he knew how to play the venture game. He told me at the time of the deal, “Charles River Ventures invested $10 mil ion with a double liquidation preference.” That meant CRV got the first $20 mil ion out of any exit. “Do you real y think we won’t even be worth $20 mil ion? Worst case they double their money.”


pages: 248 words: 72,174

The $100 Startup: Reinvent the Way You Make a Living, Do What You Love, and Create a New Future by Chris Guillebeau

Airbnb, big-box store, clean water, digital nomad, do what you love, fixed income, follow your passion, if you build it, they will come, index card, informal economy, Kevin Kelly, Kickstarter, knowledge economy, late fees, messenger bag, Nelson Mandela, price anchoring, Ralph Waldo Emerson, side project, Silicon Valley, Skype, solopreneur, Steve Jobs, Tony Hsieh, web application

Several said that when they told their customers or clients about the increase, the response was, “It’s about time! You’re worth more than you’ve been charging.” (When your clients complain about the price being too low, you should listen.) Andy Dunn is a developer in Belfast, Northern Ireland. He left his day job after pitching a Web application to a CEO. Crucially, Andy didn’t just pitch an idea—he had the idea and then acted on it by creating the entire app and sending it over to the CEO, requesting approval. Impressed, the CEO called him up to say thanks, and even agreed to underwrite the expenses for some additional features. Out on his own, Andy had no problem attracting new business, but he did have a big problem with pricing.


pages: 193 words: 31,998

Java: The Good Parts by Jim Waldo

en.wikipedia.org, remote working, revision control, Tragedy of the Commons, web application

There were a small number of libraries that provided basic functionality, all written by the same small group of engineers and all sharing a similar design philosophy. If you knew C or C++, Java was easy to learn. Although some libraries may have been better than others, they were all reasonable. Since then, Java and the associated environment have grown tremendously, both in popularity and in size. Java started out as a language for writing web applications that would run in a browser, and is now a language that is used for core system programming in the enterprise. The language itself has seen a number of major and minor additions, ranging from generic types (major) to autoboxing (minor). The platform has grown from a single entity to multiple editions, from Java Enterprise Edition and Standard Edition to all of the small Java environments for phones and smart cards.


pages: 280 words: 79,029

Smart Money: How High-Stakes Financial Innovation Is Reshaping Our WorldÑFor the Better by Andrew Palmer

Affordable Care Act / Obamacare, Alan Greenspan, algorithmic trading, Andrei Shleifer, asset-backed security, availability heuristic, bank run, banking crisis, behavioural economics, Black Monday: stock market crash in 1987, Black-Scholes formula, bonus culture, break the buck, Bretton Woods, call centre, Carmen Reinhart, cloud computing, collapse of Lehman Brothers, collateralized debt obligation, computerized trading, corporate governance, credit crunch, Credit Default Swap, credit default swaps / collateralized debt obligations, Daniel Kahneman / Amos Tversky, David Graeber, diversification, diversified portfolio, Edmond Halley, Edward Glaeser, endogenous growth, Eugene Fama: efficient market hypothesis, eurozone crisis, family office, financial deregulation, financial engineering, financial innovation, fixed income, Flash crash, Google Glasses, Gordon Gekko, high net worth, housing crisis, Hyman Minsky, impact investing, implied volatility, income inequality, index fund, information asymmetry, Innovator's Dilemma, interest rate swap, Kenneth Rogoff, Kickstarter, late fees, London Interbank Offered Rate, Long Term Capital Management, longitudinal study, loss aversion, low interest rates, margin call, Mark Zuckerberg, McMansion, Minsky moment, money market fund, mortgage debt, mortgage tax deduction, Myron Scholes, negative equity, Network effects, Northern Rock, obamacare, payday loans, peer-to-peer lending, Peter Thiel, principal–agent problem, profit maximization, quantitative trading / quantitative finance, railway mania, randomized controlled trial, Richard Feynman, Richard Thaler, risk tolerance, risk-adjusted returns, Robert Shiller, Savings and loan crisis, short selling, Silicon Valley, Silicon Valley startup, Skype, South Sea Bubble, sovereign wealth fund, statistical model, subprime mortgage crisis, tail risk, Thales of Miletus, the long tail, transaction costs, Tunguska event, unbanked and underbanked, underbanked, Vanguard fund, web application

He was one of the first batch of Thiel fellows, twenty people under twenty who were each given one hundred thousand dollars to skip college for two years and pursue their ambitions in a program funded by Peter Thiel, a guru of technology investing whose résumé includes founding PayPal and backing Facebook. So Gu headed to Silicon Valley, where he worked for six months developing a variety of random Web applications. As he turned business ideas over in his head, he was drawn to a very basic financial problem for young people. As we discussed in the opening chapter, people have two forms of capital: they have financial capital, which is the money they actually accumulate, and they have human capital, which is their potential to make money through their future earnings.


pages: 269 words: 79,285

Silk Road by Eileen Ormsby

4chan, bitcoin, blockchain, Brian Krebs, corporate governance, cryptocurrency, disinformation, drug harm reduction, Edward Snowden, fiat currency, Firefox, incognito mode, Julian Assange, litecoin, Mark Zuckerberg, Network effects, off-the-grid, operational security, peer-to-peer, Ponzi scheme, power law, profit motive, Right to Buy, Ross Ulbricht, Satoshi Nakamoto, stealth mode startup, Ted Nelson, trade route, Turing test, web application, WikiLeaks

IT pro needed for venture-backed bitcoin startup Hello, sorry if there is another thread for this kind of post, but I couldn’t find one. I’m looking for the best and brightest IT pro in the bitcoin community to be the lead developer in a venture-backed bitcoin startup company. The ideal candidate would have at least several years of web application development experience, having built applications from the ground up. A solid understanding of oop [object-oriented programming] and software architecture is a must. Experience in a start-up environment is a plus, or just being super hard working, self-motivated, and creative. Compensation can be in the form of equity or a salary, or somewhere in-between.


pages: 434 words: 77,974

Mastering Blockchain: Unlocking the Power of Cryptocurrencies and Smart Contracts by Lorne Lantz, Daniel Cawrey

air gap, altcoin, Amazon Web Services, barriers to entry, bitcoin, blockchain, business logic, business process, call centre, capital controls, cloud computing, corporate governance, creative destruction, cross-border payments, cryptocurrency, currency peg, disinformation, disintermediation, distributed ledger, Dogecoin, Ethereum, ethereum blockchain, fault tolerance, fiat currency, Firefox, global reserve currency, information security, initial coin offering, Internet of things, Kubernetes, litecoin, low interest rates, Lyft, machine readable, margin call, MITM: man-in-the-middle, multilevel marketing, Network effects, offshore financial centre, OSI model, packet switching, peer-to-peer, Ponzi scheme, prediction markets, QR code, ransomware, regulatory arbitrage, rent-seeking, reserve currency, Robinhood: mobile stock trading app, Ross Ulbricht, Satoshi Nakamoto, Silicon Valley, Skype, smart contracts, software as a service, Steve Wozniak, tulip mania, uber lyft, unbanked and underbanked, underbanked, Vitalik Buterin, web application, WebSocket, WikiLeaks

Gox-Bitfinex jurisdiction over cryptocurrency exchanges, Jurisdiction order types in cryptocurrency exchanges, The Role of Exchanges risks of, in cryptocurrency trading, Exchange Risk types of cryptocurrency exchanges, Jurisdiction externally owned account (EOA) wallets, Multisignature Contracts F Fabric (Hyperledger), Hyperledger FacebookLibra Association, The Libra Association Novi wallet, Novi false stake attacks, Proof-of-Stake faucets (Ethereum testnets), Authoring a smart contract Federal Reserve (see US Federal Reserve) federated sidechains, Sidechains fiat currencies, Electronic Systems and Trustblockchain-based assets pegged to, Stablecoins mint-based model, The Whitepaper file storage in web applications, Web 3.0 Financial Action Task Force (FATF), Travel Rule, The FATF and the Travel Rule Financial Crimes Enforcement Network (FinCEN), FinCEN Guidance and the Beginning of Regulation financial crisis of 2008, Electronic Systems and Trust, The 2008 Financial Crisis financial transactions, reliance on trust, Electronic Systems and Trust flash loans, Flash Loans-The Fulcrum Exploitcreating a smart contract for, Creating a Flash Loan Contract-Deploying the Contract deploying the smart contract, Deploying the Contract executing, Executing a Flash Loan-Executing a Flash Loan floatconfiguration 1, Float Configuration 1 configuration 2, Float Configuration 2 configuration 3, Float Configuration 3 timing and managing, Timing and Managing Float Force, Carl, Skirting the Laws forks, Understanding Forks-Replay attacks, Altcoins(see also altcoins) contentious hard forks, Contentious Hard Forks-Replay attacksfork of Bitcoin Cash into Bitcoin SV, The Bitcoin Cash Fork replay attacks vulnerability, Replay attacks different types of, Understanding Forks Ethereum Classic, The Ethereum Classic Fork, Forking Ethereum and the creation of Ethereum Classic fork choice rule in Ethereum 2.0, Ethereum Scaling other Ethereum forks, Other Ethereum forks in proof-of-stake networks, Proof-of-Stake fraud risk as seen by banking audits, Banking Risk Fulcrum attack, The Fulcrum Exploit full nodes (Libra), How the Libra Protocol Works funding amount, Lightning funding transactions, Funding transactions fungible tokens, Fungible and Nonfungible TokensERC-20 standard for, ERC-20 ERC-777 proposed standard for, ERC-777 futures, Derivatives G gambling, on Web 3.0, Web 3.0 gamingpermissioned ledger uses of blockchain, Gaming tracking virtual goods in games, ERC-1155 Garza, Homero Joshua, Skirting the Laws gas, Ether and GasETH Gas Station, Gas and Pricing list of gas prices by opcode, Gas and Pricing GAW Miners, Skirting the Laws GeistGeld, Altcoins Gemini, arbitrage trading on, Arbitrage Trading-Exchange APIs and Trading BotsAPI example, BTC/USD ticker call, Exchange APIs and Trading Bots Genesis block (Bitcoin), Achieving Consensus Gitcoin, Web 3.0 Gnosis, Tokenize Everything government-backed currencies (see fiat currencies) graphics processing units (GPUs), Mining Is About Incentives Grin, Mimblewimble, Beam, and Grin H halting problem, Ether and Gas hard forks, Understanding Forks hardware wallets, Wallet Type Variations, Wallets hash algorithms, Proof-of-Work hash power, Block discovery, How Omni Layer works hash rates, Proof-of-Work Hashcash, Hashcash hashes, Hashcash, Hashes-Custody: Who Holds the KeysBitcoin hash function, double SHA-256, The Merkle Root block, Storing Data in a Chain of Blocks, Block Hashes-Custody: Who Holds the Keys of information generated by transactions in Bitcoin, Introducing the Timestamp Server MD5 password hashes, Zero-Knowledge Proof Merkle root, The Merkle Root-The Merkle Root in proof-of-work cryptocurrency mining, Proof-of-Work public key hash on Bitcoin, Public and Private Keys in Cryptocurrency Systems in Satoshi Nakamoto's whitepaper, The Whitepaper health care, permissioned ledger implementations of blockchain, Health Care height number (block), Storing Data in a Chain of Blocks hex value arguments to smart contract calls, Custody and counterparty risk Honest validator framework, Ethereum Scaling Hong Kong, regulatory arbitrage, Hong Kong hot or cold storage wallets, Counterparty Risk hot wallets, Wallet Type Variations HotStuff algorithm, Borrowing from Existing Blockchains Hyperledger, Hyperledger I IBMIoT interaction by Watson and data storage in Blockchain Platform, Internet of Things toolset offering support for Hyperledger Fabric, Blockchain as a Service identifyverification of, Security Fundamentals identityand dangers of hacking, Identity and the Dangers of Hacking associating with Bitcoin addresses, The Evolution of Crypto Laundering identification services, Private Keys IDEX decentralized exchange, Decentralized Exchange Contracts illiquidity, signs of, Counterparty Risk infinite recursion, Forking Ethereum and the creation of Ethereum Classic information on blockchain industry, Information Infura, Interacting with Code initial coin offerings (ICOs), Mastercoin and Smart Contracts, Tokenize Everything, Initial Coin Offerings-Whitepaperas example of regulatory arbitrage, Initial Coin Offerings DAOs and, Decentralized Autonomous Organizations Ethereum, Tokenize Everything founder intentions, Founder Intentions funds collected into multisignature wallets, Multisignature Contracts illegal activities in, Skirting the Laws legal, regulatory, and other problems with, Tokenize Everything Mastercoin, Tokenize Everything motivations for founders versus venture-funding startups, Whitepaper other terms for, Initial Coin Offerings spectrum of ICO viability, Initial Coin Offerings token economics, Token Economics use of Ethereum platform, Use Cases: ICOs whitepaper, Whitepaper intermediary trust, Electronic Systems and Trust internetdata exchange protocols, evolution of, The More Things Change dot-com crash, Tulip Mania or the internet?


Docker Deep Dive by Nigel Poulton

Debian, DevOps, Kubernetes, microservices, platform as a service, source of truth, web application

container inspect command to view detailed container metadata. 8: Containerizing an app Doer is all about taking applications and running them in containers. e process of taking an application and configuring it to run as a container is called “containerizing”. In this apter, we’ll walk through the process of containerizing a simple Linux-based web application. If you don’t have a Linux Doer environment to follow along with, you can use Play With Doer for free. Just point your web browser to hps://play-with-doer.com and spin up some Linux Doer nodes. It’s my favourite way to spin up Doer and do testing! We’ll split this apter into the usual three parts: • e TLDR • e deep dive • e commands Let’s containerize an app!


Ubuntu 15.04 Server with systemd: Administration and Reference by Richard Petersen

Amazon Web Services, bash_history, cloud computing, Debian, Firefox, lock screen, Mark Shuttleworth, MITM: man-in-the-middle, OpenAI, operational security, RFC: Request For Comment, SpamAssassin, web application

Print server This is the CUPS print server (see Chapter 10). Samba file server This is the SAMBA file server which provides access to shared directories and printers on a Windows network (see Chapter 12). Tomcat Java server This is the Tomcat implementation of the JAVA Servlet and Java Server Pages (JSP) support for Web applications. Virtual Machine host This is the kernel-based virtual machine server, KVM (libvirt). Ubuntu Desktop USB This is USB image for installing the Ubuntu Desktop on a USB drive. Manual package selection Select the particular packages you want. You can select additional packages you want installed.

JMeter is a Java desktop tool used to test performance of server resources, such as server lets and CGI scripts. Velocity is a template engine that provides easy access to Java objects. Watchdog is a tool that checks the compatibility of servlet containers. Struts, Cactus, and Tapestry are Java frameworks, established methods for developing Java web applications. LAMP During installation, you can install the Apache Web server as part of the LAMP collection of packages. LAMP stands for Linux Apache MySQL and PHP. It consists essentially of the Web server (Apache) with database support (MySQL) and programming capability (PHP). For programming, PHP is selected by default, though you could use Python or Perl instead.


pages: 1,409 words: 205,237

Architecting Modern Data Platforms: A Guide to Enterprise Hadoop at Scale by Jan Kunigk, Ian Buss, Paul Wilkinson, Lars George

Amazon Web Services, barriers to entry, bitcoin, business intelligence, business logic, business process, cloud computing, commoditize, computer vision, continuous integration, create, read, update, delete, data science, database schema, Debian, deep learning, DevOps, domain-specific language, fault tolerance, Firefox, FOSDEM, functional programming, Google Chrome, Induced demand, information security, Infrastructure as a Service, Internet of things, job automation, Kickstarter, Kubernetes, level 1 cache, loose coupling, microservices, natural language processing, Network effects, platform as a service, single source of truth, source of truth, statistical model, vertical integration, web application

Hue Hue has long been the de facto web-based UI for Hadoop (although, more recently, UI components have also been provided via Ambari Views). Hue allows users to interact with HDFS, issue queries to Impala and Hive, construct Oozie workflows, and build dashboards over Solr indexes, and provides a host of other functionality. Hue is a web application, and therefore, the normal methods for scaling and providing HA for such applications apply, with a couple of caveats. Hue stores most of its runtime state in an underlying database, including user and group definitions, access permissions, and running operations. This means the underlying database should be shared between all instances of Hue, which in turn means the database should support concurrent connections and should be configured for HA.

All traffic between subnets is also subject to firewalls in public clouds. This is yet another service that you need to explicitly configure. We provide a detailed discussion of cloud firewalls and perimeter controls in “Perimeter Controls and Firewalling”. If you intend to offer frontend services, such as web applications that rely on data stored in Hadoop, we recommend placing them in a separate public subnet, which is shown to the left of the public subnet in Figure 16-5. Optionally, you can create other public or private subnets, as required, to segment additional components of your overall solution. Although all frontend services most likely require direct access to certain hosts in the cluster via corresponding routes, direct users, such as developers or analysts, should access the cluster via dedicated edge hosts.


Writing Effective Use Cases by Alistair Cockburn

business process, c2.com, create, read, update, delete, finite state, index card, information retrieval, iterative process, operational security, recommendation engine, Silicon Valley, web application, work culture

What is the system that encloses it, and what is outside that containing system, that it must communicate with? Give the enclosing system a name. Exercise 9 Draw a picture of the multiple scopes in action for the Personal Advisors/Finance system. Exercise 10 Draw a picture of the multiple scopes in action for a web application in which a user’s workstation is connected through the web to your company’s web server, attached to a legacy mainframe system. Exercise 11 Describe the difference between "enterprise-scope white-box business use cases" and "enterprise-scope black-box business use cases". 3.3 The Outermost Use Cases In “Enterprise to system scope” on page 50, I recommend writing two use cases, one for the system under design, and one at an outer scope.


pages: 371 words: 78,103

Webbots, Spiders, and Screen Scrapers by Michael Schrenk

Amazon Web Services, corporate governance, digital rights, fault tolerance, Firefox, machine readable, Marc Andreessen, new economy, pre–internet, SpamAssassin, The Hackers Conference, Turing test, web application

Wireless Carrier Text Message Email Address Alltel 10digitphonenumber@alltelmessage.com Ameritech Paging 10digitpagernumber@paging.acswireless.com BeeLine GSM phonenumber@sms.beemail.ru Bell Mobility (Canada) phonenumber@txt.bell.ca Bell South phonenumber@bellsouth.cl Bell South Mobility phonenumber@blsdcs.net Blue Sky Frog phonenumber@blueskyfrog.com Boost phonenumber@myboostmobile.com Cellular One 10digitphonenumber@mobile.celloneusa.com Cellular One West phonenumber@mycellone.com Cingular Wireless 10digitphonenumber@mobile.mycingular.com Dutchtone/Orange-NL phonenumber@sms.orange.nl Edge Wireless phonenumber@sms.edgewireless.com Fido phonenumber@fido.ca Golden Telecom phonenumber@sms.goldentele.com Idea Cellular phonenumber@ideacellular.net Manitoba Telecom Systems phonenumber@text.mtsmobility.com MetroPCS 10digitphonenumber@mymetropcs.com MobileOne phonenumber@m1.com.sg Mobilfone phonenumber@page.mobilfone.com Mobility Bermuda phonenumber@ml.bm Netcom phonenumber@sms.netcom.no Nextel 10digitphonenumber@messaging.nextel.com NPI Wireless phonenumber@npiwireless.com O2 username@o2.co.uk Orange phonenumber@orange.net Oskar phonenumber@mujoskar.cz Personal Communication sms@pcom.ru (number in subject line) PlusGSM phonenumber@text.plusgsm.pl Qualcomm name@pager.qualcomm.com Qwest 10digitphonenumber@qwestmp.com Southern LINC 10digitphonenumber@page.southernlinc.com Sprint PCS 10digitphonenumber@messaging.sprintpcs.com SunCom number@tms.suncom.com SureWest Communications phonenumber@mobile.surewest.com T-Mobile 10digitphonenumber@tmomail.net T-Mobile Germany phonenumber@t-d1-sms.de T-Mobile UK phonenumber@t-mobile.uk.net Tele2 Latvia phonenumber@sms.tele2.lv Telefonica Movistar phonenumber@movistar.net Telenor phonenumber@mobilpost.no TIM 10digitphonenumber@timnet.com UMC phonenumber@sms.umc.com.ua Unicel phonenumber@utext.com Verizon Pagers 10digitpagernumber@myairmail.com Verizon PCS 10digitphonenumber@vtext.com Virgin Mobile phonenumber@vmobl.com Wyndtell number@wyndtell.com About the Author Michael Schrenk uses webbots and data-driven web applications to create competitive advantages for businesses. He has written for Computerworld and Web Techniques magazines and has taught courses on Web usability and Internet marketing. He has also given presentations on intelligent Web agents and online corporate intelligence at the DEFCON hacker's convention.


pages: 285 words: 81,743

Start-Up Nation: The Story of Israel's Economic Miracle by Dan Senor, Saul Singer

"World Economic Forum" Davos, agricultural Revolution, Albert Einstein, Apollo 11, Apollo 13, back-to-the-land, banking crisis, Benchmark Capital, Boycotts of Israel, call centre, Celtic Tiger, clean tech, Dissolution of the Soviet Union, Fairchild Semiconductor, friendly fire, Gene Kranz, immigration reform, labor-force participation, mass immigration, military-industrial complex, Neil Armstrong, new economy, pez dispenser, post scarcity, profit motive, Robert Solow, Silicon Valley, smart grid, social graph, sovereign wealth fund, Steve Ballmer, Suez crisis 1956, unit 8200, web application, women in the workforce, Yom Kippur War

So the CG guy crossed the disciplinary walls and ventured into modeling and into scriptwriting.” The term in the United States for this kind of crossover is a mashup. And the term itself has been rapidly morphing and acquiring new meanings. Originally referring to the merging of two or more songs into one, it has also come to designate digital and video combinations, as well as a Web application that meshes data from other sites—such as HousingMaps.com, which graphically displays craigslist rentals postings on Google Maps. An even more powerful mashup, in our view, is when innovation is born from the combination of radically different technologies and disciplines. The companies where mashups are most common in Israel are in the medical-device and biotech sectors, where you find wind tunnel engineers and doctors collaborating on a credit card–sized device that may make injections obsolete.


pages: 264 words: 79,589

Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground by Kevin Poulsen

Apple II, Brian Krebs, Burning Man, corporate governance, dumpster diving, Exxon Valdez, fake news, gentrification, Hacker Ethic, hive mind, index card, Kickstarter, McMansion, Mercator projection, offshore financial centre, packet switching, pirate software, Ponzi scheme, Robert Hanssen: Double agent, Saturday Night Live, Silicon Valley, SQL injection, Steve Jobs, Steve Wozniak, Steven Levy, traffic fines, web application, WikiLeaks, zero day, Zipcar

Anyway I just don’t want this to happen again, so I’m going to let it lie … “The Cracker” With that, Max shut down his five-day attack on the government, with more cracked systems behind him than he could count. He was satisfied that he’d made the Internet safer than it was before; thousands of computers that had been vulnerable to every hacker in the world were now vulnerable to only one: Max Vision. Max immediately jumped into a new, more socially acceptable project: He would write a Web application that would let anyone on the Internet request an automatic real-time scan of their network to assess whether or not they were open to the BIND attack. He also conceived a benign variant of the siege he’d just concluded. Like before, he would scan government and military networks. But instead of cracking the vulnerable computers, he’d automatically send an e-mail warning to the administrators.


pages: 537 words: 82,938

Rust Programming by Example by Guillaume Gomez, Antoni Boucher

Debian, MVC pattern, type inference, web application

Other Books You May Enjoy If you enjoyed this book, you may be interested in these other books by Packt: Learning Rust Paul Johnson, Vesa Kaihlavirta ISBN: 978-1-78588-430-6 Set up Rust for Windows, Linux, and OS X Write effective code using Rust Expand your Rust applications using libraries Interface existing non-Rust libraries with your Rust applications Use the standard library within your applications Understand memory management within Rust and speed efficiency when passing variables Create more complex data types Study concurrency in Rust with multi-threaded applications and sync threading techniques to improve the performance of an application problem Mastering Rust Vesa Kaihlavirta ISBN: 978-1-78588-530-3 Implement unit testing patterns with the standard Rust tools Get to know the different philosophies of error handling and how to use them wisely Appreciate Rust's ability to solve memory allocation problems safely without garbage collection Get to know how concurrency works in Rust and use concurrency primitives such as threads and message passing Use syntax extensions and write your own Create a Web application with Rocket Use Diesel to build safe database abstractions Leave a review - let other readers know what you think Please share your thoughts on this book with others by leaving a review on the site that you bought it from. If you purchased the book from Amazon, please leave us an honest review on this book's Amazon page.


pages: 252 words: 78,780

Lab Rats: How Silicon Valley Made Work Miserable for the Rest of Us by Dan Lyons

"Friedman doctrine" OR "shareholder theory", "Susan Fowler" uber, "World Economic Forum" Davos, Airbnb, Amazon Robotics, Amazon Web Services, antiwork, Apple II, augmented reality, autonomous vehicles, basic income, Big Tech, bitcoin, blockchain, Blue Ocean Strategy, business process, call centre, Cambridge Analytica, Clayton Christensen, clean water, collective bargaining, corporate governance, corporate social responsibility, creative destruction, cryptocurrency, data science, David Heinemeier Hansson, digital rights, Donald Trump, Elon Musk, Ethereum, ethereum blockchain, fake news, full employment, future of work, gig economy, Gordon Gekko, greed is good, Hacker News, hiring and firing, holacracy, housing crisis, impact investing, income inequality, informal economy, initial coin offering, Jeff Bezos, job automation, job satisfaction, job-hopping, John Gruber, John Perry Barlow, Joseph Schumpeter, junk bonds, Kanban, Kevin Kelly, knowledge worker, Larry Ellison, Lean Startup, loose coupling, Lyft, Marc Andreessen, Mark Zuckerberg, McMansion, Menlo Park, Milgram experiment, minimum viable product, Mitch Kapor, move fast and break things, new economy, Panopticon Jeremy Bentham, Parker Conrad, Paul Graham, paypal mafia, Peter Thiel, plutocrats, precariat, prosperity theology / prosperity gospel / gospel of success, public intellectual, RAND corporation, remote working, RFID, ride hailing / ride sharing, Ronald Reagan, Rubik’s Cube, Ruby on Rails, Sam Altman, San Francisco homelessness, Sand Hill Road, scientific management, self-driving car, shareholder value, Sheryl Sandberg, Silicon Valley, Silicon Valley startup, six sigma, Skinner box, Skype, Social Responsibility of Business Is to Increase Its Profits, SoftBank, software is eating the world, Stanford prison experiment, stem cell, Steve Jobs, Steve Wozniak, Stewart Brand, stock buybacks, super pumped, TaskRabbit, tech bro, tech worker, TechCrunch disrupt, TED Talk, telemarketer, Tesla Model S, Thomas Davenport, Tony Hsieh, Toyota Production System, traveling salesman, Travis Kalanick, tulip mania, Uber and Lyft, Uber for X, uber lyft, universal basic income, web application, WeWork, Whole Earth Catalog, work culture , workplace surveillance , Y Combinator, young professional, Zenefits

In the early 2000s, Fried hired Hansson, who was then a college student in his native Denmark, to develop a project management tool that 37signals could use to keep track of the work it was doing for clients. Hansson (who is known among software hackers by his initials, DHH) wrote the first version of Basecamp in 2004. As Hansson was writing Basecamp, he also created a web framework—a tool that helps coders save time when they are writing web applications, by providing standard ways to do certain tasks that most web apps have in common, like fetching information from a database. Hansson called his framework Ruby on Rails and made it available to anyone, free of charge, as an open-source product. The code was wildly successful and today runs on more than a million websites.


pages: 286 words: 87,401

Blitzscaling: The Lightning-Fast Path to Building Massively Valuable Companies by Reid Hoffman, Chris Yeh

"Susan Fowler" uber, activist fund / activist shareholder / activist investor, adjacent possible, Airbnb, Amazon Web Services, Andy Rubin, autonomous vehicles, Benchmark Capital, bitcoin, Blitzscaling, blockchain, Bob Noyce, business intelligence, Cambridge Analytica, Chuck Templeton: OpenTable:, cloud computing, CRISPR, crowdsourcing, cryptocurrency, Daniel Kahneman / Amos Tversky, data science, database schema, DeepMind, Didi Chuxing, discounted cash flows, Elon Musk, fake news, Firefox, Ford Model T, forensic accounting, fulfillment center, Future Shock, George Gilder, global pandemic, Google Hangouts, Google X / Alphabet X, Greyball, growth hacking, high-speed rail, hockey-stick growth, hydraulic fracturing, Hyperloop, initial coin offering, inventory management, Isaac Newton, Jeff Bezos, Joi Ito, Khan Academy, late fees, Lean Startup, Lyft, M-Pesa, Marc Andreessen, Marc Benioff, margin call, Mark Zuckerberg, Max Levchin, minimum viable product, move fast and break things, Network effects, Oculus Rift, oil shale / tar sands, PalmPilot, Paul Buchheit, Paul Graham, Peter Thiel, pre–internet, Quicken Loans, recommendation engine, ride hailing / ride sharing, Salesforce, Sam Altman, Sand Hill Road, Saturday Night Live, self-driving car, shareholder value, sharing economy, Sheryl Sandberg, Silicon Valley, Silicon Valley startup, Skype, smart grid, social graph, SoftBank, software as a service, software is eating the world, speech recognition, stem cell, Steve Jobs, subscription business, synthetic biology, Tesla Model S, thinkpad, three-martini lunch, transaction costs, transport as a service, Travis Kalanick, Uber for X, uber lyft, web application, winner-take-all economy, work culture , Y Combinator, yellow journalism

The enterprise software company Slack reached this critical stage once it was able to demonstrate the rapid and accelerating adoption of its team messaging apps by its initial market of software development teams. Nearly five years passed between the time when Slack was founded and the initial launch of its product. But once it launched, Slack users themselves drove user growth by adding many colleagues at a time, aided by a frictionless process that allowed new users to jump in with a simple Web application or by downloading a mobile app from iTunes or Google Play. After the company reached this point, it began to scale rapidly, adding employees, capital, and customers at a blistering pace. Slack had raised $17 million during the first five years of its life; within eight months of launch, it had raised another $163 million and a total of $800 million by late 2017.


pages: 275 words: 84,418

Dogfight: How Apple and Google Went to War and Started a Revolution by Fred Vogelstein

"World Economic Forum" Davos, Andy Rubin, AOL-Time Warner, Apple II, Ben Horowitz, Benchmark Capital, Big Tech, Bill Atkinson, cloud computing, commoditize, disintermediation, don't be evil, driverless car, Dynabook, Firefox, General Magic , Google Chrome, Google Glasses, Googley, Jeff Hawkins, John Markoff, Jony Ive, Larry Ellison, Marc Andreessen, Mark Zuckerberg, Mary Meeker, Neil Armstrong, Palm Treo, PalmPilot, Peter Thiel, pre–internet, Sheryl Sandberg, Silicon Valley, Silicon Valley startup, Skype, software patent, SpaceShipOne, spectrum auction, Steve Ballmer, Steve Jobs, Steve Wozniak, Steven Levy, stock buybacks, tech worker, Tim Cook: Apple, Tony Fadell, web application, zero-sum game

“I guess we’re not going to ship that phone.” What the Android team had been working on, a phone code-named Sooner, sported software that was arguably more revolutionary than what had just been revealed in the iPhone. In addition to having a full Internet browser, and running all of Google’s great web applications, such as search, Maps, and YouTube, the software was designed not just to run on Sooner, but on any smartphone, tablet, or other portable device not yet conceived. It would never need to be tethered to a laptop or desktop. It would allow multiple applications to run at the same time, and it would easily connect to an online store of other applications that Google would seed and encourage.


pages: 247 words: 81,135

The Great Fragmentation: And Why the Future of All Business Is Small by Steve Sammartino

3D printing, additive manufacturing, Airbnb, augmented reality, barriers to entry, behavioural economics, Bill Gates: Altair 8800, bitcoin, BRICs, Buckminster Fuller, citizen journalism, collaborative consumption, cryptocurrency, data science, David Heinemeier Hansson, deep learning, disruptive innovation, driverless car, Dunbar number, Elon Musk, fiat currency, Frederick Winslow Taylor, game design, gamification, Google X / Alphabet X, haute couture, helicopter parent, hype cycle, illegal immigration, index fund, Jeff Bezos, jimmy wales, Kickstarter, knowledge economy, Law of Accelerating Returns, lifelogging, market design, Mary Meeker, Metcalfe's law, Minecraft, minimum viable product, Network effects, new economy, peer-to-peer, planned obsolescence, post scarcity, prediction markets, pre–internet, profit motive, race to the bottom, random walk, Ray Kurzweil, recommendation engine, remote working, RFID, Rubik’s Cube, scientific management, self-driving car, sharing economy, side project, Silicon Valley, Silicon Valley startup, skunkworks, Skype, social graph, social web, software is eating the world, Steve Jobs, subscription business, survivorship bias, The Home Computer Revolution, the long tail, too big to fail, US Airways Flight 1549, vertical integration, web application, zero-sum game

We were so used to being cogs in the industrial machine that we forget about the human need for connection. Are we really all connected? Once we started to realise there was incredible value in us all being connected to each other’s expertise, thoughts and creativity, we couldn’t get enough. The void was filled very quickly. And while early web applications such as email and forums could be regarded as social, the truly networked social systems that connected the populous only arrived in the early 2000s. It took only 10 years for most of us to permanently connect to the web. The process we go through to find an old friend is the best proof of how connected we are today.


pages: 239 words: 80,319

Lurking: How a Person Became a User by Joanne McNeil

"World Economic Forum" Davos, 4chan, A Declaration of the Independence of Cyberspace, Ada Lovelace, Adam Curtis, Airbnb, AltaVista, Amazon Mechanical Turk, Andy Rubin, benefit corporation, Big Tech, Black Lives Matter, Burning Man, Cambridge Analytica, Chelsea Manning, Chris Wanstrath, citation needed, cloud computing, context collapse, crowdsourcing, data science, deal flow, decentralized internet, delayed gratification, dematerialisation, disinformation, don't be evil, Donald Trump, drone strike, Edward Snowden, Elon Musk, eternal september, fake news, feminist movement, Firefox, gentrification, Google Earth, Google Glasses, Google Hangouts, green new deal, helicopter parent, holacracy, Internet Archive, invention of the telephone, Jeff Bezos, jimmy wales, John Perry Barlow, Jon Ronson, Julie Ann Horvath, Kim Stanley Robinson, l'esprit de l'escalier, Marc Andreessen, Mark Zuckerberg, Marshall McLuhan, Max Levchin, means of production, Menlo Park, Mondo 2000, moral panic, move fast and break things, Neal Stephenson, Network effects, packet switching, PageRank, pre–internet, profit motive, Project Xanadu, QAnon, real-name policy, recommendation engine, Salesforce, Saturday Night Live, Sheryl Sandberg, Shoshana Zuboff, Silicon Valley, slashdot, Snapchat, social graph, Social Justice Warrior, Stephen Hawking, Steve Jobs, Steven Levy, Stewart Brand, subscription business, surveillance capitalism, tech worker, techlash, technoutopianism, Ted Nelson, TED Talk, Tim Cook: Apple, trade route, Turing complete, Wayback Machine, We are the 99%, web application, white flight, Whole Earth Catalog, you are the product

In 2007, a Harvard engineer created a secret app called both Judgebook and Prettyorwitty to rank random Facebook users. It was released internally with the launch of the Facebook Platform for third-party developers. It reminded Kate Losse of a comment Zuckerberg made about “having to choose between a girl who looks like a model or is smart … only in web application form” (The Boy Kings, 127). I learned about “babe ticker” in Angwin’s Stealing MySpace (221). Annie Karni’s Politico story “In Jared Kushner, Trump Finds a Kindred Spirit” (November 18, 2016) details, “At The New York Observer, which he bought when he was 25, Kushner pushed for the newspaper to launch a standalone website called ‘Socialite Slapdown.’


The Buddha and the Badass: The Secret Spiritual Art of Succeeding at Work by Vishen Lakhiani

Abraham Maslow, Buckminster Fuller, Burning Man, call centre, Colonization of Mars, crowdsourcing, data science, deliberate practice, do what you love, Elon Musk, fail fast, fundamental attribution error, future of work, gamification, Google Glasses, Google X / Alphabet X, iterative process, Jeff Bezos, meta-analysis, microbiome, performance metric, Peter Thiel, profit motive, Ralph Waldo Emerson, Silicon Valley, Silicon Valley startup, skunkworks, Skype, social bookmarking, social contagion, solopreneur, Steve Jobs, Steven Levy, TED Talk, web application, white picket fence, work culture

We had little to offer them, just a meager salary and a dream. Our first tech product was still years from launching. But they both saw our venture as a training opportunity. Mike and I now had two interns on board, and the four of us built the business to a place where we were desperate for talent. Our focus was primarily building innovative Web applications for the then-emerging space known as Web 2.0. We were competing with start-ups in Silicon Valley. But our growth was stalled by our desperate need for talented engineers, marketing minds, and branding experts. We needed smart workers fast. And I was spread thin—it was an obvious sign that we needed to hire.


pages: 328 words: 84,682

The Business of Platforms: Strategy in the Age of Digital Competition, Innovation, and Power by Michael A. Cusumano, Annabelle Gawer, David B. Yoffie

activist fund / activist shareholder / activist investor, Airbnb, AltaVista, Amazon Web Services, AOL-Time Warner, asset light, augmented reality, autonomous vehicles, barriers to entry, bitcoin, blockchain, business logic, Cambridge Analytica, Chuck Templeton: OpenTable:, cloud computing, collective bargaining, commoditize, CRISPR, crowdsourcing, cryptocurrency, deep learning, Didi Chuxing, distributed ledger, Donald Trump, driverless car, en.wikipedia.org, fake news, Firefox, general purpose technology, gig economy, Google Chrome, GPS: selective availability, Greyball, independent contractor, Internet of things, Jeff Bezos, Jeff Hawkins, John Zimmer (Lyft cofounder), Kevin Roose, Lean Startup, Lyft, machine translation, Mark Zuckerberg, market fundamentalism, Metcalfe’s law, move fast and break things, multi-sided market, Network effects, pattern recognition, platform as a service, Ponzi scheme, recommendation engine, Richard Feynman, ride hailing / ride sharing, Robert Metcalfe, Salesforce, self-driving car, sharing economy, Silicon Valley, Skype, Snapchat, SoftBank, software as a service, sovereign wealth fund, speech recognition, stealth mode startup, Steve Ballmer, Steve Jobs, Steven Levy, subscription business, Susan Wojcicki, TaskRabbit, too big to fail, transaction costs, transport as a service, Travis Kalanick, two-sided market, Uber and Lyft, Uber for X, uber lyft, vertical integration, Vision Fund, web application, zero-sum game

In the old days, it was expensive and difficult for most users to own both a Windows PC and a Macintosh. Most users chose one platform and were restricted to applications available on that platform. Nowadays, applications are usually available on both types of personal computers and many more applications are available as web applications, accessible from different types of devices and platforms. For example, it costs nothing to do a general search on Google, compare airfares on Kayak, or seek travel advice on TripAdvisor or Expedia. There is no need to buy a particular computer or smartphone. All users need today is a device with access to the Internet.


pages: 282 words: 85,658

Ask Your Developer: How to Harness the Power of Software Developers and Win in the 21st Century by Jeff Lawson

Airbnb, AltaVista, Amazon Web Services, barriers to entry, big data - Walmart - Pop Tarts, Big Tech, big-box store, bitcoin, business process, call centre, Chuck Templeton: OpenTable:, cloud computing, coronavirus, COVID-19, create, read, update, delete, cryptocurrency, data science, David Heinemeier Hansson, deep learning, DevOps, Elon Musk, financial independence, global pandemic, global supply chain, Hacker News, Internet of things, Jeff Bezos, Kanban, Lean Startup, loose coupling, Lyft, Marc Andreessen, Marc Benioff, Mark Zuckerberg, microservices, minimum viable product, Mitch Kapor, move fast and break things, Paul Graham, peer-to-peer, ride hailing / ride sharing, risk tolerance, Ruby on Rails, Salesforce, side project, Silicon Valley, Silicon Valley startup, Skype, social distancing, software as a service, software is eating the world, sorting algorithm, Startup school, Steve Ballmer, Steve Jobs, Telecommunications Act of 1996, Toyota Production System, transaction costs, transfer pricing, two-pizza team, Uber and Lyft, uber lyft, ubercab, web application, Y Combinator

I’d been in countless retail stores in my life, seen cashiers ring up purchases with a laser scanner, swipe my credit cards with the swipey device, and print receipts a thousand times. Now I got to dive in and learn how all that stuff worked. What happens when the laser hits the bar code on the sticker? What information is encoded on your credit card’s magnetic strip anyway? How does the cash drawer know when to open? I built all that as a web application, because, well, the web was what I knew. In the language PHP, I wrote a complete point-of-sale system, the software that retailers use to ring up sales, take cash and credit cards, print receipts, and more. Better yet, because I’d written the whole thing, I could build it and change it in any way I wanted.


pages: 251 words: 80,831

Super Founders: What Data Reveals About Billion-Dollar Startups by Ali Tamaseb

"World Economic Forum" Davos, 23andMe, additive manufacturing, Affordable Care Act / Obamacare, Airbnb, Anne Wojcicki, asset light, barriers to entry, Ben Horowitz, Benchmark Capital, bitcoin, business intelligence, buy and hold, Chris Wanstrath, clean water, cloud computing, coronavirus, corporate governance, correlation does not imply causation, COVID-19, cryptocurrency, data science, discounted cash flows, diversified portfolio, Elon Musk, Fairchild Semiconductor, game design, General Magic , gig economy, high net worth, hiring and firing, index fund, Internet Archive, Jeff Bezos, John Zimmer (Lyft cofounder), Kickstarter, late fees, lockdown, Lyft, Marc Andreessen, Marc Benioff, Mark Zuckerberg, Max Levchin, Mitch Kapor, natural language processing, Network effects, nuclear winter, PageRank, PalmPilot, Parker Conrad, Paul Buchheit, Paul Graham, peer-to-peer lending, Peter Thiel, Planet Labs, power law, QR code, Recombinant DNA, remote working, ride hailing / ride sharing, robotic process automation, rolodex, Ruby on Rails, Salesforce, Sam Altman, Sand Hill Road, self-driving car, shareholder value, sharing economy, side hustle, side project, Silicon Valley, Silicon Valley startup, Skype, Snapchat, SoftBank, software as a service, software is eating the world, sovereign wealth fund, Startup school, Steve Jobs, Steve Wozniak, survivorship bias, TaskRabbit, telepresence, the payments system, TikTok, Tony Fadell, Tony Hsieh, Travis Kalanick, Uber and Lyft, Uber for X, uber lyft, ubercab, web application, WeWork, work culture , Y Combinator

Let’s hear from Tom about his journey and the early days of GitHub. I’d always dabbled in computers. So I started studying computer science, but I dropped out of college after my sophomore year to work for a startup. I taught myself through books, and I read and practiced. But I was always coding the whole time. I got into Ruby on Rails [a web-application framework]. I ended up moving to San Francisco to work for a company that was doing Ruby on Rails called Powerset, which was a search company trying to beat Google. It turns out that’s hard, but the company did get acquired by Microsoft. And I was employee number thirty-two there. So I got $10,000 or something out of it.


pages: 629 words: 83,362

Programming TypeScript by Boris Cherny

billion-dollar mistake, bitcoin, business logic, database schema, don't repeat yourself, duck typing, Firefox, functional programming, Internet of things, pull request, source of truth, SQL injection, type inference, web application

It looked something like this: window.emailListModule = { renderList() {} // ... } window.emailComposerModule = { renderComposer() {} // ... } window.appModule = { renderApp() { window.emailListModule.renderList() window.emailComposerModule.renderComposer() } } Because loading and running JavaScript blocks the browser’s UI, as a web application grows and includes more and more lines of code, the user’s browser gets slower and slower. For this reason, clever programmers started dynamically loading JavaScript after the page loaded, rather than loading it all in one shot. Nearly 10 years after JavaScript was first released, Dojo (Alex Russell, 2004), YUI (Thomas Sha, 2005), and LABjs (Kyle Simpson, 2009) shipped module loaders—ways to lazily (and often asynchronously) load JavaScript code after the initial page load has happened.


pages: 306 words: 82,909

A Hacker's Mind: How the Powerful Bend Society's Rules, and How to Bend Them Back by Bruce Schneier

4chan, Airbnb, airport security, algorithmic trading, Alignment Problem, AlphaGo, Automated Insights, banking crisis, Big Tech, bitcoin, blockchain, Boeing 737 MAX, Brian Krebs, Capital in the Twenty-First Century by Thomas Piketty, cloud computing, computerized trading, coronavirus, corporate personhood, COVID-19, cryptocurrency, dark pattern, deepfake, defense in depth, disinformation, Donald Trump, Double Irish / Dutch Sandwich, driverless car, Edward Thorp, Elon Musk, fake news, financial innovation, Financial Instability Hypothesis, first-past-the-post, Flash crash, full employment, gig economy, global pandemic, Goodhart's law, GPT-3, Greensill Capital, high net worth, Hyman Minsky, income inequality, independent contractor, index fund, information security, intangible asset, Internet of things, Isaac Newton, Jeff Bezos, job automation, late capitalism, lockdown, Lyft, Mark Zuckerberg, money market fund, moral hazard, move fast and break things, Nate Silver, offshore financial centre, OpenAI, payday loans, Peter Thiel, precautionary principle, Ralph Nader, recommendation engine, ride hailing / ride sharing, self-driving car, sentiment analysis, Skype, smart cities, SoftBank, supply chain finance, supply-chain attack, surveillance capitalism, systems thinking, TaskRabbit, technological determinism, TED Talk, The Wealth of Nations by Adam Smith, theory of mind, TikTok, too big to fail, Turing test, Uber and Lyft, uber lyft, ubercab, UNCLOS, union organizing, web application, WeWork, When a measure becomes a target, WikiLeaks, zero day

That’s why your computer and phone are constantly patched, and generally stay secure despite all the hacking out there. That’s also why your home router is rarely patched, despite its vulnerabilities. Lots of high-profile hacks have occurred because of unpatched systems. China hacked Equifax in 2017 through a vulnerability in the Apache Struts web-application software. Apache patched the vulnerability in March; Equifax failed to promptly update its software and was successfully attacked in May. Also in 2017, the WannaCry worm spread to over 200,000 computers worldwide and caused as much as $4 billion in damage, all to networks that hadn’t yet installed the patch for a Microsoft Windows vulnerability.


pages: 754 words: 48,930

Programming in Scala by Martin Odersky, Lex Spoon, Bill Venners

domain-specific language, functional programming, Guido van Rossum, higher-order functions, Larry Wall, off-by-one error, Silicon Valley, sorting algorithm, the Cathedral and the Bazaar, type inference, web application

The “Glossary” and “Index” links take you to reference parts of the book. Finally, the “Discuss” link takes you to an online forum where you discuss questions with other readers, the authors, and the larger Scala community. If you find a typo, or something you think could be explained better, please click on the “Suggest” link, which will take you to an online web application where you can give the authors feedback. Although the same pages appear in the eBook as the printed book, blank pages are removed and the remaining pages renumbered. The pages are numbered differently so that it is easier for you to determine PDF page numbers when printing only a portion of the eBook.

In the remainder of this chapter, we’ll show how to use objects as modules to achieve the desired “in the large” modularity without using an external framework. 2 Fowler, “Inversion of control containers and the dependency injection pattern.” [Fow04] Cover · Overview · Contents · Discuss · Suggest · Glossary · Index Section 27.2 Chapter 27 · Modular Programming Using Objects 27.2 A recipe application Imagine you are building an enterprise web application that will allow users to manage recipes. You want to partition the software into layers, including a domain layer and an application layer. In the domain layer, you’ll define domain objects, which will capture business concepts and rules and encapsulate state that will be persisted to an external relational database.


pages: 329 words: 95,309

Digital Bank: Strategies for Launching or Becoming a Digital Bank by Chris Skinner

algorithmic trading, AltaVista, Amazon Web Services, Any sufficiently advanced technology is indistinguishable from magic, augmented reality, bank run, Basel III, bitcoin, Bitcoin Ponzi scheme, business cycle, business intelligence, business process, business process outsourcing, buy and hold, call centre, cashless society, clean water, cloud computing, corporate social responsibility, credit crunch, cross-border payments, crowdsourcing, cryptocurrency, demand response, disintermediation, don't be evil, en.wikipedia.org, fault tolerance, fiat currency, financial innovation, gamification, Google Glasses, high net worth, informal economy, information security, Infrastructure as a Service, Internet of things, Jeff Bezos, Kevin Kelly, Kickstarter, M-Pesa, margin call, mass affluent, MITM: man-in-the-middle, mobile money, Mohammed Bouazizi, new economy, Northern Rock, Occupy movement, Pingit, platform as a service, Ponzi scheme, prediction markets, pre–internet, QR code, quantitative easing, ransomware, reserve currency, RFID, Salesforce, Satoshi Nakamoto, Silicon Valley, smart cities, social intelligence, software as a service, Steve Jobs, strong AI, Stuxnet, the long tail, trade route, unbanked and underbanked, underbanked, upwardly mobile, vertical integration, We are the 99%, web application, WikiLeaks, Y2K

Interestingly, Google has now integrated the payments capability into Gmail, so the combination of the Wallet and Gmail should see Google becoming a serious player in the mobile internet payments revolution. The bad news about mobile As every bank is getting into mobile, there are issues. A good example is the coordinated ZeuS malware attack in Q4 2010, where a web application supposedly from the bank asks the victim to input their mobile phone number. The victim is then asked via text message to install an application onto the phone and the application is used to intercept any text messages the victim sends thereafter. There is also a whole load of new man-in-the-middle and mobile malware attacks that are growing by the day such as a recent Facebook update about Justin Bieber, which resulted in over 100,000 in 24 hours with 27% via mobile Facebook.


pages: 291 words: 90,200

Networks of Outrage and Hope: Social Movements in the Internet Age by Manuel Castells

"World Economic Forum" Davos, access to a mobile phone, banking crisis, call centre, centre right, citizen journalism, cognitive dissonance, collective bargaining, conceptual framework, crowdsourcing, currency manipulation / currency intervention, disintermediation, en.wikipedia.org, Glass-Steagall Act, housing crisis, income inequality, microcredit, military-industrial complex, Mohammed Bouazizi, Occupy movement, offshore financial centre, Port of Oakland, social software, statistical model, Twitter Arab Spring, We are the 99%, web application, WikiLeaks, World Values Survey, young professional, zero-sum game

The true programmatic goals of Podemos were being discussed at the time of this writing, and they were in flux as the process of deliberation was open ended, with tens of thousands of participants in Plaza Podemos, and without real control of the participants. However, Podemos is also a technologically sophisticated organization in which participation procedures are organized with the help of a number of web applications that are much more advanced than anything done in Spain before to ensure both security and activity of the participation process. Podemos is truly a party of the digital age (Frediani 2014). However, Podemos combined a large participation of its members over the Internet and in local circles with a centralized structure of decision-making.


pages: 372 words: 89,876

The Connected Company by Dave Gray, Thomas Vander Wal

A Pattern Language, Alan Greenspan, Albert Einstein, Amazon Mechanical Turk, Amazon Web Services, Atul Gawande, Berlin Wall, business cycle, business process, call centre, Clayton Christensen, commoditize, complexity theory, creative destruction, David Heinemeier Hansson, digital rights, disruptive innovation, en.wikipedia.org, factory automation, folksonomy, Googley, index card, industrial cluster, interchangeable parts, inventory management, Jeff Bezos, John Markoff, Kevin Kelly, loose coupling, low cost airline, market design, minimum viable product, more computing power than Apollo, power law, profit maximization, Richard Florida, Ruby on Rails, Salesforce, scientific management, self-driving car, shareholder value, side project, Silicon Valley, skunkworks, software as a service, South of Market, San Francisco, Steve Jobs, Steven Levy, Stewart Brand, subscription business, systems thinking, tacit knowledge, The Wealth of Nations by Adam Smith, Tony Hsieh, Toyota Production System, two-pizza team, Vanguard fund, web application, WikiLeaks, work culture , Zipcar

He was writing code in a language called Ruby, first created in Japan in the early 1990s. As he worked, Heinemeier Hansson developed a series of libraries and frameworks that made it easier for him to do the work. At some point about halfway through the project, he realized that the tools he had created constituted a work environment that made it much easier to program web applications. So he decided to share it with other developers. He open-sourced the framework and called it Ruby on Rails. Rails was an immediate hit with programmers, because it allowed them to do more work more elegantly and efficiently than they could in any other language. The developer community that rallied around Rails helped build out and improve the framework, adding new functionality, fixing bugs, adding patches, and so on.


pages: 263 words: 20,730

Exploring Python by Timothy Budd

c2.com, centre right, duck typing, functional programming, general-purpose programming language, Guido van Rossum, higher-order functions, index card, random walk, sorting algorithm, web application

The command x[3:] is used to strip off the first three character, that is the text “db/”. This list of names is sorted, so that the patterns are in alphabetical order. A loop is then used to produce html tags that will, when pressed, link the user to the appropriate page. That’s it. With four small Python programs we have created our completed Wiki Web application. The following exercises will help explore some of the ideas introduced in this chapter. Exercises 1. One problem with the PatternWord convention is that it can frequently make the English in a sentence sound awkward. For example, the PatternWord may be a singular noun, and it is used in a sentence that requires a plural value.


pages: 336 words: 88,320

Being Geek: The Software Developer's Career Handbook by Michael Lopp

do what you love, finite state, game design, job satisfaction, John Gruber, knowledge worker, reality distortion field, remote working, rolodex, Silicon Valley, Silicon Valley startup, Skype, sorting algorithm, systems thinking, web application

The news is that you need to care. You need to be able to explain in great detail why using green-colored text on a black background is THE ONLY WAY TO CODE. You need to be a zealot about your tools, and zealotry starts with fit. I was a database guy, then I was a shrink-wrap guy, and then I became a web applications guy. Each of those professions came with their own set of bright and shiny tools, but the tools were not important. Even a specific feature inside of that tool is not that interesting. I believe you can be just as productive sitting inside of a rich development environment such as Xcode as you can inside of TextMate and a slew of terminal windows.


pages: 299 words: 88,375

Gray Day: My Undercover Mission to Expose America's First Cyber Spy by Eric O'Neill

active measures, autonomous vehicles, Berlin Wall, bitcoin, computer age, cryptocurrency, deep learning, disinformation, Dissolution of the Soviet Union, Edward Snowden, Fall of the Berlin Wall, false flag, fear of failure, full text search, index card, information security, Internet of things, Kickstarter, messenger bag, Mikhail Gorbachev, operational security, PalmPilot, ransomware, rent control, Robert Hanssen: Double agent, Ronald Reagan, Skype, thinkpad, Timothy McVeigh, web application, white picket fence, WikiLeaks, young professional

But financial and political motives for hacking often go hand in hand. In early September 2017, the credit-reporting agency Equifax disclosed that unknown hackers had obtained sensitive personal and financial information for millions of consumers. The attack began in May 2017 through a known exploit in back-end software for web applications called Apache Struts. A security researcher had told Apache about the flaw, and Apache had published a patch that would fix it. Unfortunately for Equifax and many American households, attackers learned about the vulnerability before Equifax managed to install the patch. The attack continued until July 2017 and siphoned consumer data from 148 million American households, including Social Security numbers, birthdates, addresses, 200,000 credit card numbers, and dispute information for 180,000 Americans.


pages: 336 words: 93,672

The Future of the Brain: Essays by the World's Leading Neuroscientists by Gary Marcus, Jeremy Freeman

23andMe, Albert Einstein, backpropagation, bioinformatics, bitcoin, brain emulation, cloud computing, complexity theory, computer age, computer vision, conceptual framework, correlation does not imply causation, crowdsourcing, dark matter, data acquisition, data science, deep learning, Drosophila, epigenetics, Geoffrey Hinton, global pandemic, Google Glasses, ITER tokamak, iterative process, language acquisition, linked data, mouse model, optical character recognition, pattern recognition, personalized medicine, phenotype, race to the bottom, Richard Feynman, Ronald Reagan, semantic web, speech recognition, stem cell, Steven Pinker, supply-chain management, synthetic biology, tacit knowledge, traumatic brain injury, Turing machine, twin studies, web application

Developed as an enterprise system for scalability, it consists of a number of algorithmic modules that are integrated into an internally developed laboratory information management system (LIMS) and job scheduling and submission backbone. These components form a fully automated pipeline, capable of processing one petabyte (1015 bytes) of imaging data per year. The final product is delivered via a web application at www.brain-map.org. It allows users to search for projections of one or more structure(s) to other structure(s), search similar connectivity patterns and for virtual retrograde connections, view and download the original primary data in high resolution, view data in both 2D and 3D along with the Allen Reference Atlas to provide anatomical context, view and analyze one or more datasets and download all computed values to perform large-scale data mining and analysis.


pages: 722 words: 90,903

Practical Vim: Edit Text at the Speed of Thought by Drew Neil

Bram Moolenaar, don't repeat yourself, en.wikipedia.org, fault tolerance, finite state, fizzbuzz, off-by-one error, place-making, QWERTY keyboard, web application

We can find out what this is at any given time by running the :pwd command (print working directory), and we can change our working directory at any time using the :cd {path} command (change directory). It’s important to understand that Vim’s filename autocompletion always expands paths relative to the working directory, not relative to the file that is currently being edited. Suppose that we were working on a small web application comprised of the following files: ​​webapp/​​ ​​ config.ru​​ ​​ public/​​ ​​ index.html​​ ​​ js/​​ ​​ application.js​​ Now let’s say that we were editing the index.html file: auto_complete/webapp/public/index.html ​​<!DOCTYPE html>​​ ​​<html>​​ ​​ <head>​​ ​​ <title>Practical Vim - the app</title>​​ ​​ <script src="" type="text/javascript" > </script>​​ ​​ </head>​​ ​​ <body> </body>​​ ​​</html>​​ We want to fill out the src="" attribute to refer to the application.js file.


pages: 305 words: 93,091

The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data by Kevin Mitnick, Mikko Hypponen, Robert Vamosi

4chan, big-box store, bitcoin, Bletchley Park, blockchain, connected car, crowdsourcing, data science, Edward Snowden, en.wikipedia.org, end-to-end encryption, evil maid attack, Firefox, Google Chrome, Google Earth, incognito mode, information security, Internet of things, Kickstarter, Laura Poitras, license plate recognition, Mark Zuckerberg, MITM: man-in-the-middle, off-the-grid, operational security, pattern recognition, ransomware, Ross Ulbricht, Salesforce, self-driving car, Silicon Valley, Skype, Snapchat, speech recognition, Tesla Model S, web application, WikiLeaks, zero day, Zimmermann PGP

Instead of just knowing about your visit to a single site, it knows about all the sites, all the brands you use its log-in information for. When we use OAuth, we’re giving up a lot of privacy for the sake of convenience. Facebook is perhaps the most “sticky” of all social media platforms. Logging out of Facebook may deauthorize your browser from accessing Facebook and its Web applications. Furthermore, Facebook adds trackers for monitoring user activity that function even after you’re logged out, requesting information such as your geographic location, which sites you visit, what you click on within individual sites, and your Facebook username. Privacy groups have expressed concern about Facebook’s intent to start tracking information from some of the websites and apps its users are visiting in order to display more personalized ads.


pages: 313 words: 91,098

The Knowledge Illusion by Steven Sloman

Affordable Care Act / Obamacare, Air France Flight 447, attribution theory, bitcoin, Black Swan, Cass Sunstein, combinatorial explosion, computer age, Computing Machinery and Intelligence, CRISPR, crowdsourcing, Dmitri Mendeleev, driverless car, Dunning–Kruger effect, Elon Musk, Ethereum, Flynn Effect, Great Leap Forward, Gregor Mendel, Hernando de Soto, Higgs boson, hindsight bias, hive mind, indoor plumbing, Isaac Newton, John von Neumann, libertarian paternalism, Mahatma Gandhi, Mark Zuckerberg, meta-analysis, Nick Bostrom, obamacare, Peoples Temple, prediction markets, randomized controlled trial, Ray Kurzweil, Richard Feynman, Richard Thaler, Rodney Brooks, Rosa Parks, seminal paper, single-payer health, speech recognition, stem cell, Stephen Hawking, Steve Jobs, technological singularity, The Coming Technological Singularity, The Wisdom of Crowds, Vernor Vinge, web application, Whole Earth Review, Y Combinator

Machines without the basic human ability to share attention and goals will never be able to read our minds and outsmart us because they won’t even be able to understand us. But there is a sense in which technology is enabling superintelligence. The web has provided smart new tools for us to use, like GPS devices and operating systems that talk to us. But one of the most useful forms of web applications turns people themselves into tools. Crowdsourcing applications have created broader and more dynamic communities of knowledge than ever before by aggregating the knowledge and skills of large numbers of people. Crowdsourcing is the critical provider of information to sites and apps that integrate knowledge from different experiences, locations, and knowledge bases.


Practical Vim, Second Edition (for Stefano Alcazi) by Drew Neil

Bram Moolenaar, don't repeat yourself, en.wikipedia.org, fault tolerance, finite state, fizzbuzz, off-by-one error, place-making, QWERTY keyboard, web application

We can find out what this is at any given time by running the :pwd command (print working directory), and we can change our working directory at any time using the :cd {path} command (change directory). It’s important to understand that Vim’s filename autocompletion always expands paths relative to the working directory, not relative to the file that is currently being edited. Suppose that we were working on a small web application comprised of the following files: ​ webapp/ ​ public/ ​ index.html ​ js/ ​ application.js Now let’s say that we were editing the index.html file: auto_complete/webapp/public/index.html ​ ​<!DOCTYPE html>​ ​ <html> ​ <head> ​ <title>Practical Vim - the app</title> ​ <script src=​""​ type=​"text/javascript"​></script> ​ </head> ​ <body></body> ​ </html> We want to fill out the src="" attribute to refer to the application.js file.


Practical Vim by Drew Neil

Bram Moolenaar, don't repeat yourself, en.wikipedia.org, fault tolerance, finite state, fizzbuzz, off-by-one error, place-making, QWERTY keyboard, web application

We can find out what this is at any given time by running the :pwd command (print working directory), and we can change our working directory at any time using the :cd {path} command (change directory). It’s important to understand that Vim’s filename autocompletion always expands paths relative to the working directory, not relative to the file that is currently being edited. Suppose that we were working on a small web application comprised of the following files: ​ webapp/ ​ public/ ​ index.html ​ js/ ​ application.js Now let’s say that we were editing the index.html file: auto_complete/webapp/public/index.html ​ ​<!DOCTYPE html>​ ​ <html> ​ <head> ​ <title>Practical Vim - the app</title> ​ <script src=​""​ type=​"text/javascript"​></script> ​ </head> ​ <body></body> ​ </html> We want to fill out the src="" attribute to refer to the application.js file.


Lessons-Learned-in-Software-Testing-A-Context-Driven-Approach by Anson-QA

anti-pattern, Chuck Templeton: OpenTable:, finite state, framing effect, full employment, independent contractor, information retrieval, job automation, knowledge worker, lateral thinking, Ralph Nader, Richard Feynman, side project, Silicon Valley, statistical model, systems thinking, tacit knowledge, web application

Lesson 217: Build your testing staff's expertise in the relevant technology As our hardware and software environments get more complex, more of the problems with our applications will be interaction problems between our application and another application, a remote server, or some other software or hardware that is out of the application developer's immediate control. Nguyen (2000) introduces Web application testers to testing for these types of interaction problems. To be successful at it, you have to know a lot about the other hardware and software. (He provides useful introductory material.) Additionally, your group will benefit if some of your staff understand the technology of the programmers.


pages: 281 words: 95,852

The Googlization of Everything: by Siva Vaidhyanathan

"Friedman doctrine" OR "shareholder theory", 1960s counterculture, activist fund / activist shareholder / activist investor, AltaVista, barriers to entry, Berlin Wall, borderless world, Burning Man, Cass Sunstein, choice architecture, cloud computing, commons-based peer production, computer age, corporate social responsibility, correlation does not imply causation, creative destruction, data acquisition, death of newspapers, digital divide, digital rights, don't be evil, Firefox, Francis Fukuyama: the end of history, full text search, global pandemic, global village, Google Earth, Great Leap Forward, Howard Rheingold, Ian Bogost, independent contractor, informal economy, information retrieval, John Markoff, Joseph Schumpeter, Kevin Kelly, knowledge worker, libertarian paternalism, market fundamentalism, Marshall McLuhan, means of production, Mikhail Gorbachev, moral panic, Naomi Klein, Network effects, new economy, Nicholas Carr, PageRank, Panopticon Jeremy Bentham, pirate software, radical decentralization, Ray Kurzweil, Richard Thaler, Ronald Reagan, side project, Silicon Valley, Silicon Valley ideology, single-payer health, Skype, Social Responsibility of Business Is to Increase Its Profits, social web, Steven Levy, Stewart Brand, technological determinism, technoutopianism, the long tail, The Nature of the Firm, The Structural Transformation of the Public Sphere, Thorstein Veblen, Tyler Cowen, urban decay, web application, Yochai Benkler, zero-sum game

As Google vice president Marissa Mayer explained during her 2008 keynote speech at a software developers’ conference, one of the most significant things that Google discovered in its early user studies was that speed mattered more than anything else in generating a “posi- 54 G O OG LE’S WAYS AND MEA NS tive user experience.” This fact has driven Google to push the Internet industry for faster broadband service, create faster-running Web applications, and invest in an expensive, complicated, and powerful infrastructure to conduct Google’s core activity: copying and searching the World Wide Web. “Users really care about speed,” Mayer told developers. “They respond to speed. As the web gets faster, as Google gets faster, people search more.”3 More searching yields more advertising links displayed, more advertising links clicked, and more revenue for Google’s advertising clients and Google itself.


pages: 289 words: 99,936

Digital Dead End: Fighting for Social Justice in the Information Age by Virginia Eubanks

affirmative action, Alvin Toffler, Berlin Wall, call centre, cognitive dissonance, creative destruction, desegregation, digital divide, Fall of the Berlin Wall, future of work, game design, global village, index card, informal economy, invisible hand, Kevin Kelly, knowledge economy, labor-force participation, low-wage service sector, microcredit, new economy, post-industrial society, race to the bottom, rent control, rent stabilization, Shoshana Zuboff, Silicon Valley, social contagion, South of Market, San Francisco, tech worker, telemarketer, Thomas L Friedman, trickle-down economics, union organizing, urban planning, web application, white flight, women in the workforce, work culture , working poor

The Women’s Economic Empowerment Series A nine-part workshop series dealing with women’s economic justice issues, including global economic development, the self-sufficiency standard, women’s paid and unpaid work, local histories of protest, and songwriting for social change. Held over several months in the summer and fall of 2002, the series attracted significant community involvement, and became a base through which we recruited several new WYMSM members. Community Asset Bank A database-driven Web application intended to facilitate the identification and sharing of community and individual assets by connecting resourceful people in low-income neighborhoods. The community asset bank, prototyped by RPI information technology undergraduate Jes Constantine, draws on the asset-based community development model for sharing material and intellectual resources between local residents and institutions.


pages: 415 words: 95,261

Map Scripting 101: An Example-Driven Guide to Building Interactive Maps With Bing, Yahoo!, and Google Maps by Adam Duvander

Firefox, Google Earth, openstreetmap, SQL injection, web application

You can geo-reference a graphic to a map in a number of ways. Microsoft has a program called MapCruncher that works well. In this case, you'll need a Windows machine and the resulting graphic can only be used for noncommercial purposes. MetaCarta also has a web tool called Map Rectifier. For this project, I'll be using a web application called Map Warper, which can be found at http://warper.geothings.net/. Map Warper was built by Tim Waters and is open source and meant to free you from worries over how you can use the end result. You will need to create a free account to store your map images. Once you do, click the Add Map link to start a new map.


pages: 367 words: 102,188

Sleepyhead: Narcolepsy, Neuroscience and the Search for a Good Night by Henry Nicholls

A. Roger Ekirch, confounding variable, Donald Trump, double helix, Drosophila, global pandemic, Kickstarter, longitudinal study, meta-analysis, mouse model, placebo effect, Saturday Night Live, stem cell, traumatic brain injury, web application, Yom Kippur War

Levey and others, ‘Articulatory Suppression and the Treatment of Insomnia’, Behaviour Research and Therapy, 29.1 (1991), 85–89 <https://doi.org/10.1016/S0005-7967(09)80010-7>. p. 222 crucial step Peter Hames, Interview with author, 17 June 2015. p. 222 Sleepio works Colin A. Espie and others, ‘A Randomized, Placebo-Controlled Trial of Online Cognitive Behavioral Therapy for Chronic Insomnia Disorder Delivered via an Automated Media-Rich Web Application’, Sleep, 35.6 (2012), 769–81 <https://doi.org/10.5665/sleep.1872>. p. 223 affects sleep at night Plazzi, Serra and Ferri. p. 224 histamine signalling system Valko and others. 11 Mind, body and soul p. 225 death from want of sleep Winslow, On Obscure Diseases of the Brain and Disorders of the Mind, p. 484.


pages: 268 words: 109,447

The Cultural Logic of Computation by David Golumbia

Alan Turing: On Computable Numbers, with an Application to the Entscheidungsproblem, American ideology, Benoit Mandelbrot, Bletchley Park, borderless world, business process, cellular automata, citizen journalism, Claude Shannon: information theory, computer age, Computing Machinery and Intelligence, corporate governance, creative destruction, digital capitalism, digital divide, en.wikipedia.org, finite state, folksonomy, future of work, Google Earth, Howard Zinn, IBM and the Holocaust, iterative process, Jaron Lanier, jimmy wales, John von Neumann, Joseph Schumpeter, late capitalism, Lewis Mumford, machine readable, machine translation, means of production, natural language processing, Norbert Wiener, One Laptop per Child (OLPC), packet switching, RAND corporation, Ray Kurzweil, RFID, Richard Stallman, semantic web, Shoshana Zuboff, Slavoj Žižek, social web, stem cell, Stephen Hawking, Steve Ballmer, Stewart Brand, strong AI, supply-chain management, supply-chain management software, technological determinism, Ted Nelson, telemarketer, The Wisdom of Crowds, theory of mind, Turing machine, Turing test, Vannevar Bush, web application, Yochai Benkler

To the degree that Google has implemented sophisticated search algorithms that rank closeness of various search terms to each other, hidden markup may impede Google’s own ability to search the text in question, or force it to maintain separate plain-text repositories of marked-up text. Google’s power, simplicity, and success and its utility for us relies in part on the assumption that much web data will be largely unmarked— except, ideally, for library card-like metadata that is already incorporated into web applications. This makes it difficult to see how searching might be better if text were widely marked up, especially if plain-text versions of texts are not offered in addition to richly marked versions. And unless a scheme is developed to decide which aspects of texts to richly mark in a way that does not simply repeat lexemes already occurring in the text itself, a scheme that itself seems improbable on conceptual grounds, it will be hard to see what additional lexical value the markup can add to the text in question.


pages: 368 words: 96,825

Bold: How to Go Big, Create Wealth and Impact the World by Peter H. Diamandis, Steven Kotler

3D printing, additive manufacturing, adjacent possible, Airbnb, Amazon Mechanical Turk, Amazon Web Services, Apollo 11, augmented reality, autonomous vehicles, Boston Dynamics, Charles Lindbergh, cloud computing, company town, creative destruction, crowdsourcing, Daniel Kahneman / Amos Tversky, data science, deal flow, deep learning, dematerialisation, deskilling, disruptive innovation, driverless car, Elon Musk, en.wikipedia.org, Exxon Valdez, fail fast, Fairchild Semiconductor, fear of failure, Firefox, Galaxy Zoo, Geoffrey Hinton, Google Glasses, Google Hangouts, gravity well, hype cycle, ImageNet competition, industrial robot, information security, Internet of things, Jeff Bezos, John Harrison: Longitude, John Markoff, Jono Bacon, Just-in-time delivery, Kickstarter, Kodak vs Instagram, Law of Accelerating Returns, Lean Startup, life extension, loss aversion, Louis Pasteur, low earth orbit, Mahatma Gandhi, Marc Andreessen, Mark Zuckerberg, Mars Rover, meta-analysis, microbiome, minimum viable product, move fast and break things, Narrative Science, Netflix Prize, Network effects, Oculus Rift, OpenAI, optical character recognition, packet switching, PageRank, pattern recognition, performance metric, Peter H. Diamandis: Planetary Resources, Peter Thiel, pre–internet, Ray Kurzweil, recommendation engine, Richard Feynman, ride hailing / ride sharing, risk tolerance, rolodex, Scaled Composites, self-driving car, sentiment analysis, shareholder value, Sheryl Sandberg, Silicon Valley, Silicon Valley startup, skunkworks, Skype, smart grid, SpaceShipOne, stem cell, Stephen Hawking, Steve Jobs, Steven Levy, Stewart Brand, Stuart Kauffman, superconnector, Susan Wojcicki, synthetic biology, technoutopianism, TED Talk, telepresence, telepresence robot, Turing test, urban renewal, Virgin Galactic, Wayback Machine, web application, X Prize, Y Combinator, zero-sum game

At Planetary Resources, once we pulled the trigger on the campaign, we spent four solid months extensively planning, organizing, and strategizing. Costs incurred during the campaign included advertising (Google, Facebook, Kicktraq, etc.), supplier fees (marketing, creative costs, PR, legal), Kickstarter fees (Amazon hosting, Kickstarter percentage take), physical fulfillment (T-shirts, patches, models, cards, etc.), web applications and education, and contracted work/salaries. As with any digital product launch, you also have to take into account the sometimes substantial costs of faulty payments, refunds, and processing fees. 7. TELLING A MEANINGFUL STORY (AND USING THE RIGHT WORDS) Traditional fund-raising is something of a niche game.


pages: 416 words: 100,130

New Power: How Power Works in Our Hyperconnected World--And How to Make It Work for You by Jeremy Heimans, Henry Timms

"Susan Fowler" uber, "World Economic Forum" Davos, 3D printing, 4chan, Affordable Care Act / Obamacare, Airbnb, algorithmic management, augmented reality, autonomous vehicles, battle of ideas, benefit corporation, Benjamin Mako Hill, Big Tech, bitcoin, Black Lives Matter, blockchain, British Empire, Chris Wanstrath, Columbine, Corn Laws, crowdsourcing, data science, David Attenborough, death from overwork, Donald Trump, driverless car, Elon Musk, fake news, Ferguson, Missouri, future of work, game design, gig economy, hiring and firing, holacracy, hustle culture, IKEA effect, impact investing, income inequality, informal economy, job satisfaction, John Zimmer (Lyft cofounder), Jony Ive, Kevin Roose, Kibera, Kickstarter, Lean Startup, Lyft, Mark Zuckerberg, Minecraft, Network effects, new economy, Nicholas Carr, obamacare, Occupy movement, post-truth, profit motive, race to the bottom, radical decentralization, ride hailing / ride sharing, rolling blackouts, rolodex, Salesforce, Saturday Night Live, sharing economy, side hustle, Silicon Valley, six sigma, Snapchat, social web, subscription business, TaskRabbit, tech billionaire, TED Talk, the scientific method, transaction costs, Travis Kalanick, Uber and Lyft, uber lyft, upwardly mobile, web application, WikiLeaks, Yochai Benkler

He saw a big prize in a more fluid and pluralistic world of platforms in which “online social networking will be more immune to censorship, monopoly, regulation, and other exercise of central authority.” Today, he is hard at work on a project to address that very issue, a plan to radically alter the way web applications work, one that would divorce all our personal data and content from the apps and platforms that now—often literally—own it. Berners-Lee’s Solid project would allow us to own our own data as part of a personal secure “pod” in which we would carry around our digital lives. So imagine that, rather than having all your data on a third-party platform, you now take it with you.


Mindf*ck: Cambridge Analytica and the Plot to Break America by Christopher Wylie

4chan, affirmative action, Affordable Care Act / Obamacare, air gap, availability heuristic, Berlin Wall, Bernie Sanders, Big Tech, big-box store, Boris Johnson, Brexit referendum, British Empire, call centre, Cambridge Analytica, Chelsea Manning, chief data officer, cognitive bias, cognitive dissonance, colonial rule, computer vision, conceptual framework, cryptocurrency, Daniel Kahneman / Amos Tversky, dark pattern, dark triade / dark tetrad, data science, deep learning, desegregation, disinformation, Dominic Cummings, Donald Trump, Downton Abbey, Edward Snowden, Elon Musk, emotional labour, Etonian, fake news, first-past-the-post, gamification, gentleman farmer, Google Earth, growth hacking, housing crisis, income inequality, indoor plumbing, information asymmetry, Internet of things, Julian Assange, Lyft, Marc Andreessen, Mark Zuckerberg, Menlo Park, move fast and break things, Network effects, new economy, obamacare, Peter Thiel, Potemkin village, recommendation engine, Renaissance Technologies, Robert Mercer, Ronald Reagan, Rosa Parks, Sand Hill Road, Scientific racism, Shoshana Zuboff, side project, Silicon Valley, Skype, Stephen Fry, Steve Bannon, surveillance capitalism, tech bro, uber lyft, unpaid internship, Valery Gerasimov, web application, WikiLeaks, zero-sum game

The research also explored political themes on Facebook, finding that high scorers in psychopathy were most likely to post about authoritarian political issues. In conjunction with clinical and computational psychologists, Kogan worked with the “data of Facebook users from Russia and the USA by means of a special web-application,” according to one of the research briefings from his Russian research team. By late summer, Kogan was delivering lectures in Russia on the potential political applications of social media profiling. I remember him mentioning to me that there was “overlap” between his work in St. Petersburg and at Cambridge Analytica, but this could have been a coincidence.


pages: 420 words: 100,811

We Are Data: Algorithms and the Making of Our Digital Selves by John Cheney-Lippold

algorithmic bias, bioinformatics, business logic, Cass Sunstein, centre right, computer vision, critical race theory, dark matter, data science, digital capitalism, drone strike, Edward Snowden, Evgeny Morozov, Filter Bubble, Google Chrome, Google Earth, Hans Moravec, Ian Bogost, informal economy, iterative process, James Bridle, Jaron Lanier, Julian Assange, Kevin Kelly, late capitalism, Laura Poitras, lifelogging, Lyft, machine readable, machine translation, Mark Zuckerberg, Marshall McLuhan, mass incarceration, Mercator projection, meta-analysis, Nick Bostrom, Norbert Wiener, offshore financial centre, pattern recognition, price discrimination, RAND corporation, Ray Kurzweil, Richard Thaler, ride hailing / ride sharing, Rosa Parks, Silicon Valley, Silicon Valley startup, Skype, Snapchat, software studies, statistical model, Steven Levy, technological singularity, technoutopianism, the scientific method, Thomas Bayes, Toyota Production System, Turing machine, uber lyft, web application, WikiLeaks, Zimmermann PGP

Megan Sapnar Ankerson, “Writing Web Histories with an Eye on the Analog Past,” New Media & Society 14, no. 3 (2012): 384–400; Megan Sapnar Ankerson, “Read/Write the Digital Archive: Strategies for Historical Web Research,” in Digital Research Confidential: The Secrets of Studying Behavior Online, ed. Eszter Hargittai and Christian Sandvig (Cambridge, MA: MIT Press, 2015), 29–54. 42. Spencer Ackerman, “NSA Review Panel Casts Doubt on Bulk Data Collection Claims,” Guardian, January 14, 2014, www.theguardian.com. 43. An MIT-based web application called Immersion does a good job of mining the entirety of your Gmail contacts and conversations in order to generate a cluster model of social relationships that visually distributes your “proximity” to others. See https://immersion.media.mit.edu. 44. Matteo Pasquinelli, “Italian Operaismo and the Information Machine,” Theory, Culture & Society 32, no. 3 (2014): 51. 45.


pages: 411 words: 98,128

Bezonomics: How Amazon Is Changing Our Lives and What the World's Best Companies Are Learning From It by Brian Dumaine

activist fund / activist shareholder / activist investor, AI winter, Airbnb, Amazon Robotics, Amazon Web Services, Atul Gawande, autonomous vehicles, basic income, Bernie Sanders, Big Tech, Black Swan, call centre, Cambridge Analytica, carbon tax, Carl Icahn, Chris Urmson, cloud computing, corporate raider, creative destruction, Danny Hillis, data science, deep learning, Donald Trump, Elon Musk, Erik Brynjolfsson, Fairchild Semiconductor, fake news, fulfillment center, future of work, gig economy, Glass-Steagall Act, Google Glasses, Google X / Alphabet X, income inequality, independent contractor, industrial robot, Internet of things, Jeff Bezos, job automation, Joseph Schumpeter, Kevin Kelly, Kevin Roose, Lyft, Marc Andreessen, Mark Zuckerberg, military-industrial complex, money market fund, natural language processing, no-fly zone, Ocado, pets.com, plutocrats, race to the bottom, ride hailing / ride sharing, Salesforce, Sand Hill Road, self-driving car, shareholder value, Sheryl Sandberg, Silicon Valley, Silicon Valley startup, Snapchat, speech recognition, Steve Jobs, Stewart Brand, supply-chain management, TED Talk, Tim Cook: Apple, too big to fail, Travis Kalanick, two-pizza team, Uber and Lyft, uber lyft, universal basic income, warehouse automation, warehouse robotics, wealth creators, web application, Whole Earth Catalog, work culture

Another way that Amazon invades a new industry is to take something that it does well internally and then offer that service to others. The computer expertise that Amazon acquired while selling books online was impressive. Why not share that capability with other businesses? In 2006, Amazon Web Services was born. After a decade of building web applications, Amazon realized it had developed a core competency in operating computer infrastructure and data centers at a massive scale and that it could offer cloud services for customers at a great price. Today, AWS is the largest cloud computing company in the world by a wide margin. And since the folks at AWS were also really good at AI and machine learning, why not sell that knowledge to customers at an attractive price?


pages: 302 words: 100,493

Working Backwards: Insights, Stories, and Secrets From Inside Amazon by Colin Bryar, Bill Carr

Amazon Web Services, barriers to entry, Big Tech, Black Lives Matter, business logic, business process, cloud computing, coronavirus, COVID-19, data science, delayed gratification, en.wikipedia.org, fulfillment center, iterative process, Jeff Bezos, late fees, loose coupling, microservices, Minecraft, performance metric, search inside the book, shareholder value, Silicon Valley, six sigma, Steve Jobs, subscription business, Toyota Production System, two-pizza team, web application, why are manhole covers round?

The second case we labeled Amazon Graph, and it looked nothing like a website. It was an app that displayed a network graph with nodes and lines connecting the nodes. Each node represented a single product, and the lines pointed to other products based on our similarities data. It was a fascinating representation of our product catalog. These types of web applications simply could not have been created before we released this feature. And then I got “the call” mentioned at the top of the chapter, when Jeff summoned me to his office. I grabbed my laptop and hurried out of my office in the 1930s Art Deco building that used to be part of the Marine Hospital Service, descended one flight of stairs, and went into Jeff’s office.


pages: 903 words: 235,753

The Stack: On Software and Sovereignty by Benjamin H. Bratton

1960s counterculture, 3D printing, 4chan, Ada Lovelace, Adam Curtis, additive manufacturing, airport security, Alan Turing: On Computable Numbers, with an Application to the Entscheidungsproblem, algorithmic trading, Amazon Mechanical Turk, Amazon Robotics, Amazon Web Services, Andy Rubin, Anthropocene, augmented reality, autonomous vehicles, basic income, Benevolent Dictator For Life (BDFL), Berlin Wall, bioinformatics, Biosphere 2, bitcoin, blockchain, Buckminster Fuller, Burning Man, call centre, capitalist realism, carbon credits, carbon footprint, carbon tax, carbon-based life, Cass Sunstein, Celebration, Florida, Charles Babbage, charter city, clean water, cloud computing, company town, congestion pricing, connected car, Conway's law, corporate governance, crowdsourcing, cryptocurrency, dark matter, David Graeber, deglobalization, dematerialisation, digital capitalism, digital divide, disintermediation, distributed generation, don't be evil, Douglas Engelbart, Douglas Engelbart, driverless car, Edward Snowden, Elon Musk, en.wikipedia.org, Eratosthenes, Ethereum, ethereum blockchain, Evgeny Morozov, facts on the ground, Flash crash, Frank Gehry, Frederick Winslow Taylor, fulfillment center, functional programming, future of work, Georg Cantor, gig economy, global supply chain, Google Earth, Google Glasses, Guggenheim Bilbao, High speed trading, high-speed rail, Hyperloop, Ian Bogost, illegal immigration, industrial robot, information retrieval, Intergovernmental Panel on Climate Change (IPCC), intermodal, Internet of things, invisible hand, Jacob Appelbaum, James Bridle, Jaron Lanier, Joan Didion, John Markoff, John Perry Barlow, Joi Ito, Jony Ive, Julian Assange, Khan Academy, Kim Stanley Robinson, Kiva Systems, Laura Poitras, liberal capitalism, lifelogging, linked data, lolcat, Mark Zuckerberg, market fundamentalism, Marshall McLuhan, Masdar, McMansion, means of production, megacity, megaproject, megastructure, Menlo Park, Minecraft, MITM: man-in-the-middle, Monroe Doctrine, Neal Stephenson, Network effects, new economy, Nick Bostrom, ocean acidification, off-the-grid, offshore financial centre, oil shale / tar sands, Oklahoma City bombing, OSI model, packet switching, PageRank, pattern recognition, peak oil, peer-to-peer, performance metric, personalized medicine, Peter Eisenman, Peter Thiel, phenotype, Philip Mirowski, Pierre-Simon Laplace, place-making, planetary scale, pneumatic tube, post-Fordism, precautionary principle, RAND corporation, recommendation engine, reserve currency, rewilding, RFID, Robert Bork, Sand Hill Road, scientific management, self-driving car, semantic web, sharing economy, Silicon Valley, Silicon Valley ideology, skeuomorphism, Slavoj Žižek, smart cities, smart grid, smart meter, Snow Crash, social graph, software studies, South China Sea, sovereign wealth fund, special economic zone, spectrum auction, Startup school, statistical arbitrage, Steve Jobs, Steven Levy, Stewart Brand, Stuxnet, Superbowl ad, supply-chain management, supply-chain management software, synthetic biology, TaskRabbit, technological determinism, TED Talk, the built environment, The Chicago School, the long tail, the scientific method, Torches of Freedom, transaction costs, Turing complete, Turing machine, Turing test, undersea cable, universal basic income, urban planning, Vernor Vinge, vertical integration, warehouse automation, warehouse robotics, Washington Consensus, web application, Westphalian system, WikiLeaks, working poor, Y Combinator, yottabyte

This example comes from conversations with Bruce Randolph Tizes. 13.  The stack model referred to is the network protocol stack, but this is not the only form of a software/hardware stack. Memory stacks based on FIFO (first in–first out) are taught in basic data structures courses. Application programming stacks are central to how web applications are engineered. Any complex software system is built from layers of code designed to perform different low-level or high-level functions, from the operating system kernel, to system utilities, to core and application services, to applications themselves and the graphical user interfaces that translate human-cultural interest into machine-executable instruction and back again.

Programming stacks are sometimes an aligned combination of an operating system: a server, a database system, a programming and scripting language for the authoring of unique applications. For example, the LAMP stack (Linux/Apache/MySQL/PHP, or Python) is (was) a widely used, open source set of programming languages and related tools and libraries for building general-purpose web applications. (This generic structure allows programmers of code on one layer, the Python scripts, to rely on the code constructed at the other levels by other programmers, knowing that the entire system will work as planned. Available open source code written for one project may be repurposed for a particular project, and as we move up the stack, that code requires more specific programming for specific applications.)


The Art of SEO by Eric Enge, Stephan Spencer, Jessie Stricchiola, Rand Fishkin

AltaVista, barriers to entry, bounce rate, Build a better mousetrap, business intelligence, cloud computing, content marketing, dark matter, en.wikipedia.org, Firefox, folksonomy, Google Chrome, Google Earth, hypertext link, index card, information retrieval, Internet Archive, Larry Ellison, Law of Accelerating Returns, linked data, mass immigration, Metcalfe’s law, Network effects, optical character recognition, PageRank, performance metric, Quicken Loans, risk tolerance, search engine result page, self-driving car, sentiment analysis, social bookmarking, social web, sorting algorithm, speech recognition, Steven Levy, text mining, the long tail, vertical integration, Wayback Machine, web application, wikimedia commons

All you need to do in this case is tell your analytics software that the loading of that “thank you” page is considered a conversion, and then give it a value. Life gets more complicated when you want to track actual product sales on sites where products vary in price. Generally speaking, this will require putting some custom JavaScript on your order confirmation page. In addition, you will need to have your web application populate certain data in the JavaScript before executing it, such as the total amount spent. Oftentimes, publishers choose to include a lot more data, such as listing all the products sold, the price per product, the number of units, shipping costs, and so on. Although this is a lot more complex than the other scenarios we’ve outlined, it is still achievable.

AdWords takes click-through rate into consideration, in addition to the advertiser’s bid and other factors, to determine the ad’s relative position within the paid search results. Affiliate site An affiliate site markets products or services on behalf of another website. It sends visitors to another website to complete the sale, in exchange for fees or commissions. AJAX (Asynchronous JavaScript and XML) Allows you to create a more user-friendly web application by working behind the scenes (inside a web browser) to make web pages feel more responsive. Using AJAX, you can create applications on your pages that change the content of the page without having to reload the entire web page. alt Designed to provide an alternative text description (a text equivalent) for images.


pages: 519 words: 102,669

Programming Collective Intelligence by Toby Segaran

algorithmic management, always be closing, backpropagation, correlation coefficient, Debian, en.wikipedia.org, Firefox, full text search, functional programming, information retrieval, PageRank, prediction markets, recommendation engine, slashdot, social bookmarking, sparse data, Thomas Bayes, web application

This information is interesting to look at, and it can potentially be used for other applications or as a starting point for other applications. The biggest downside to naïve Bayesian classifiers is their inability to deal with outcomes that change based on combinations of features. Imagine the following scenario in which you are trying to distinguish spam from nonspam email: let's say your job is building web applications, so the word "online" frequently appears in your work-related email. Your best friend works at a pharmacy and likes sending you funny stories about things that happen to him at work. Also, like most people who haven't closely guarded their email addresses, you occasionally receive spam containing the words "online pharmacy."


pages: 459 words: 103,153

Adapt: Why Success Always Starts With Failure by Tim Harford

An Inconvenient Truth, Andrew Wiles, banking crisis, Basel III, behavioural economics, Berlin Wall, Bernie Madoff, Black Swan, Boeing 747, business logic, car-free, carbon footprint, carbon tax, Cass Sunstein, charter city, Clayton Christensen, clean water, cloud computing, cognitive dissonance, complexity theory, corporate governance, correlation does not imply causation, creative destruction, credit crunch, Credit Default Swap, crowdsourcing, cuban missile crisis, Daniel Kahneman / Amos Tversky, Dava Sobel, Deep Water Horizon, Deng Xiaoping, disruptive innovation, double entry bookkeeping, Edmond Halley, en.wikipedia.org, Erik Brynjolfsson, experimental subject, Fall of the Berlin Wall, Fermat's Last Theorem, financial engineering, Firefox, food miles, Gerolamo Cardano, global supply chain, Great Leap Forward, Herman Kahn, Intergovernmental Panel on Climate Change (IPCC), Isaac Newton, Jane Jacobs, Jarndyce and Jarndyce, Jarndyce and Jarndyce, John Harrison: Longitude, knowledge worker, loose coupling, Martin Wolf, mass immigration, Menlo Park, Mikhail Gorbachev, mutually assured destruction, Netflix Prize, New Urbanism, Nick Leeson, PageRank, Piper Alpha, profit motive, Richard Florida, Richard Thaler, rolodex, Shenzhen was a fishing village, Silicon Valley, Silicon Valley startup, South China Sea, SpaceShipOne, special economic zone, spectrum auction, Steve Jobs, supply-chain management, tacit knowledge, the market place, The Wisdom of Crowds, too big to fail, trade route, Tyler Cowen, Tyler Cowen: Great Stagnation, Virgin Galactic, web application, X Prize, zero-sum game

More often, Christensen found, the problem was not technological but psychological and organisational: it is hard for a major organisation to pay much attention to a piddling new idea that makes little money and invites a yawn or a blank stare from important customers. Microsoft bought Hotmail, yes – but it was always going to be hard for Microsoft to pay more attention to Hotmail than to Outlook. Microsoft’s core corporate customers regarded webmail as an irrelevance. Google’s users did not. Google only made web applications, and Gmail was a natural fit. We already know one possible solution for corporations faced with a potentially disruptive innovation: a skunk works, a sort of corporate version of Lübeck, in which the regular culture and priorities and politics of the old corporation do not apply. Lockheed’s Skunk Works got its name (originally ‘skonk works’) because it began life inside a circus tent pitched next to a foul-smelling plastics factory.


pages: 416 words: 112,268

Human Compatible: Artificial Intelligence and the Problem of Control by Stuart Russell

3D printing, Ada Lovelace, AI winter, Alan Turing: On Computable Numbers, with an Application to the Entscheidungsproblem, Alfred Russel Wallace, algorithmic bias, AlphaGo, Andrew Wiles, artificial general intelligence, Asilomar, Asilomar Conference on Recombinant DNA, augmented reality, autonomous vehicles, basic income, behavioural economics, Bletchley Park, blockchain, Boston Dynamics, brain emulation, Cass Sunstein, Charles Babbage, Claude Shannon: information theory, complexity theory, computer vision, Computing Machinery and Intelligence, connected car, CRISPR, crowdsourcing, Daniel Kahneman / Amos Tversky, data science, deep learning, deepfake, DeepMind, delayed gratification, Demis Hassabis, Elon Musk, en.wikipedia.org, Erik Brynjolfsson, Ernest Rutherford, fake news, Flash crash, full employment, future of work, Garrett Hardin, Geoffrey Hinton, Gerolamo Cardano, Goodhart's law, Hans Moravec, ImageNet competition, Intergovernmental Panel on Climate Change (IPCC), Internet of things, invention of the wheel, job automation, John Maynard Keynes: Economic Possibilities for our Grandchildren, John Maynard Keynes: technological unemployment, John Nash: game theory, John von Neumann, Kenneth Arrow, Kevin Kelly, Law of Accelerating Returns, luminiferous ether, machine readable, machine translation, Mark Zuckerberg, multi-armed bandit, Nash equilibrium, Nick Bostrom, Norbert Wiener, NP-complete, OpenAI, openstreetmap, P = NP, paperclip maximiser, Pareto efficiency, Paul Samuelson, Pierre-Simon Laplace, positional goods, probability theory / Blaise Pascal / Pierre de Fermat, profit maximization, RAND corporation, random walk, Ray Kurzweil, Recombinant DNA, recommendation engine, RFID, Richard Thaler, ride hailing / ride sharing, Robert Shiller, robotic process automation, Rodney Brooks, Second Machine Age, self-driving car, Shoshana Zuboff, Silicon Valley, smart cities, smart contracts, social intelligence, speech recognition, Stephen Hawking, Steven Pinker, superintelligent machines, surveillance capitalism, Thales of Miletus, The Future of Employment, The Theory of the Leisure Class by Thorstein Veblen, Thomas Bayes, Thorstein Veblen, Tragedy of the Commons, transport as a service, trolley problem, Turing machine, Turing test, universal basic income, uranium enrichment, vertical integration, Von Neumann architecture, Wall-E, warehouse robotics, Watson beat the top human players on Jeopardy!, web application, zero-sum game

They do not prove that the same system will work in other circumstances or that other instances of the system will behave the same way as the original. One of the classic examples of assumption failure in computer science comes from cybersecurity. In that field, a huge amount of mathematical analysis goes into showing that certain digital protocols are provably secure—for example, when you type a password into a Web application, you want to be sure that it is encrypted before transmission so that someone eavesdropping on the network cannot read your password. Such digital systems are often provably secure but still vulnerable to attack in reality. The false assumption here is that this is a digital process. It isn’t.


Reactive Messaging Patterns With the Actor Model: Applications and Integration in Scala and Akka by Vaughn Vernon

A Pattern Language, business intelligence, business logic, business process, cloud computing, cognitive dissonance, domain-specific language, en.wikipedia.org, fault tolerance, finite state, functional programming, Internet of things, Kickstarter, loose coupling, remote working, type inference, web application

Introducing Reactive Applications Reactive applications employ an architecture that allows you to build systems that are responsive, resilient, elastic, and message-driven and that are capable of producing a real-time feel. This section follows the definition given by the Reactive Manifesto [Reactive Manifesto]. The manifesto addresses the problem with existing enterprise and Web applications that are generally single-threaded. Regardless of your personal feelings about the value of various computing manifestos, the Reactive Manifesto offers a complete definition of what is both typical of and expected of reactive applications. It is meant to help bridge the gap between current, typical single-threaded thinking, introducing those to the need to scale using a reactive, event-driven approach to software development.


pages: 508 words: 120,339

Working Effectively With Legacy Code by Michael Feathers

business logic, c2.com, computer age, functional programming, HyperCard, index card, Mars Rover, Silicon Valley, web application

When we make changes, we can know that we are changing only one piece of behavior at a time. In short, we’re in control of our work. * * * Regression testing is a great idea. Why don’t people do it more often? There is this little problem with regression testing. Often when people practice it, they do it at the application interface. It doesn’t matter whether it is a web application, a command-line application, or a GUI-based application; regression testing has traditionally been seen as an application-level testing style. But this is unfortunate. The feedback we can get from it is very useful. It pays to do it at a finer-grained level. Let’s do a little thought experiment.


pages: 523 words: 111,615

The Economics of Enough: How to Run the Economy as if the Future Matters by Diane Coyle

accounting loophole / creative accounting, affirmative action, Alan Greenspan, An Inconvenient Truth, bank run, banking crisis, behavioural economics, Berlin Wall, bonus culture, Branko Milanovic, BRICs, business cycle, call centre, carbon tax, Cass Sunstein, central bank independence, classic study, collapse of Lehman Brothers, conceptual framework, corporate governance, correlation does not imply causation, Credit Default Swap, deindustrialization, demographic transition, Diane Coyle, different worldview, disintermediation, Edward Glaeser, endogenous growth, Eugene Fama: efficient market hypothesis, experimental economics, Fall of the Berlin Wall, Financial Instability Hypothesis, Francis Fukuyama: the end of history, general purpose technology, George Akerlof, Gini coefficient, global supply chain, Gordon Gekko, greed is good, happiness index / gross national happiness, hedonic treadmill, Hyman Minsky, If something cannot go on forever, it will stop - Herbert Stein's Law, illegal immigration, income inequality, income per capita, industrial cluster, information asymmetry, intangible asset, Intergovernmental Panel on Climate Change (IPCC), invisible hand, Jane Jacobs, Joseph Schumpeter, Kenneth Arrow, Kenneth Rogoff, knowledge economy, light touch regulation, low skilled workers, market bubble, market design, market fundamentalism, megacity, Network effects, new economy, night-watchman state, Northern Rock, oil shock, Paradox of Choice, Pareto efficiency, principal–agent problem, profit motive, purchasing power parity, railway mania, rising living standards, Robert Solow, Ronald Reagan, selective serotonin reuptake inhibitor (SSRI), Silicon Valley, social contagion, South Sea Bubble, Steven Pinker, tacit knowledge, The Design of Experiments, The Fortune at the Bottom of the Pyramid, The Market for Lemons, The Myth of the Rational Market, The Spirit Level, the strength of weak ties, Tragedy of the Commons, transaction costs, transfer pricing, tulip mania, ultimatum game, University of East Anglia, vertical integration, web application, web of trust, winner-take-all economy, World Values Survey, zero-sum game

Existing applications include election monitoring and conflict reporting, but this is a promising and realistic avenue for the collection of statistics relevant to comprehensive wealth measures.3 The next step in advancing this is: • shift some current aid funding (a relatively small amount will be sufficient) to finance R&D on mobile and web applications that will improve information flows in developing economies; • and to finance the training of officials so that they can monitor and collate statistics. In fact, user-generated statistics could be useful in Western economies too, although they will prove essential in poor economies. Conventional economic statistics in the OECD countries are collected by surveys of businesses or shops or individuals.


pages: 377 words: 115,122

Quiet: The Power of Introverts in a World That Can't Stop Talking by Susan Cain

8-hour work day, Albert Einstein, An Inconvenient Truth, AOL-Time Warner, Asperger Syndrome, autism spectrum disorder, Bill Gates: Altair 8800, call centre, crowdsourcing, David Brooks, delayed gratification, deliberate practice, emotional labour, game design, hive mind, index card, indoor plumbing, Isaac Newton, knowledge economy, knowledge worker, longitudinal study, Mahatma Gandhi, mass immigration, Menlo Park, meta-analysis, Mikhail Gorbachev, Nelson Mandela, new economy, popular electronics, Ralph Waldo Emerson, ride hailing / ride sharing, Rosa Parks, selective serotonin reuptake inhibitor (SSRI), shareholder value, Silicon Valley, Steve Jobs, Steve Wozniak, telemarketer, The Wisdom of Crowds, traveling salesman, twin studies, Walter Mischel, web application, white flight

The managers assumed that their shoe designers would want office space with plenty of access to each other so they could brainstorm (an idea they probably picked up when they were getting their MBAs). Luckily, they consulted first with the shoe designers themselves, who told them that actually what they needed was peace and quiet so they could concentrate. This would not have come as news to Jason Fried, cofounder of the web application company 37signals. For ten years, beginning in 2000, Fried asked hundreds of people (mostly designers, programmers, and writers) where they liked to work when they needed to get something done. He found that they went anywhere but their offices, which were too noisy and full of interruptions.


pages: 349 words: 114,038

Culture & Empire: Digital Revolution by Pieter Hintjens

4chan, Aaron Swartz, airport security, AltaVista, anti-communist, anti-pattern, barriers to entry, Bill Duvall, bitcoin, blockchain, Boeing 747, bread and circuses, business climate, business intelligence, business process, Chelsea Manning, clean water, commoditize, congestion charging, Corn Laws, correlation does not imply causation, cryptocurrency, Debian, decentralized internet, disinformation, Edward Snowden, failed state, financial independence, Firefox, full text search, gamification, German hyperinflation, global village, GnuPG, Google Chrome, greed is good, Hernando de Soto, hiring and firing, independent contractor, informal economy, intangible asset, invisible hand, it's over 9,000, James Watt: steam engine, Jeff Rulifson, Julian Assange, Kickstarter, Laura Poitras, M-Pesa, mass immigration, mass incarceration, mega-rich, military-industrial complex, MITM: man-in-the-middle, mutually assured destruction, Naomi Klein, national security letter, Nelson Mandela, new economy, New Urbanism, no silver bullet, Occupy movement, off-the-grid, offshore financial centre, packet switching, patent troll, peak oil, power law, pre–internet, private military company, race to the bottom, real-name policy, rent-seeking, reserve currency, RFC: Request For Comment, Richard Feynman, Richard Stallman, Ross Ulbricht, Russell Brand, Satoshi Nakamoto, security theater, selection bias, Skype, slashdot, software patent, spectrum auction, Steve Crocker, Steve Jobs, Steven Pinker, Stuxnet, The Wealth of Nations by Adam Smith, The Wisdom of Crowds, trade route, transaction costs, twin studies, union organizing, wealth creators, web application, WikiLeaks, Y2K, zero day, Zipf's Law

The combination of a workable TCP stack (originally, Trumpet Winsock, and belatedly, Microsoft's own stack), an affordable home computer, and the graphical web browser formed the basis for cheap and scalable connectivity. Many people tried to use their PCs as "home servers." One of my popular fin du siecle free software programs, Xitami, turned a Windows PC into a fast little web server. Nonetheless, most of us learned to use our PCs as thin clients, especially by 2005 or so, when web applications became powerful enough to replace desktop applications. Today, PCs are rarely used for anything intensive except high-end gaming. There were some very successful mesh-like applications up until 2005 or so, including Skype (before Microsoft changed Skype to use centralized servers). However even pre-Microsoft Skype and infamous P2P file sharing protocols like BitTorrent all worked through the broadband connection, allowing the ISPs to see all the traffic, filter it, log it, and so on.


Visual Thinking: The Hidden Gifts of People Who Think in Pictures, Patterns, and Abstractions by Temple Grandin, Ph.D.

2013 Report for America's Infrastructure - American Society of Civil Engineers - 19 March 2013, 3D printing, a long time ago in a galaxy far, far away, air gap, Albert Einstein, American Society of Civil Engineers: Report Card, Apollo 11, Apple II, ASML, Asperger Syndrome, autism spectrum disorder, autonomous vehicles, Black Lives Matter, Boeing 737 MAX, Captain Sullenberger Hudson, clean water, cloud computing, computer vision, Computing Machinery and Intelligence, coronavirus, cotton gin, COVID-19, defense in depth, Drosophila, Elon Musk, en.wikipedia.org, GPT-3, Gregor Mendel, Greta Thunberg, hallucination problem, helicopter parent, income inequality, industrial robot, invention of movable type, Isaac Newton, James Webb Space Telescope, John Nash: game theory, John von Neumann, Jony Ive, language acquisition, longitudinal study, Mark Zuckerberg, Mars Rover, meta-analysis, Neil Armstrong, neurotypical, pattern recognition, Peter Thiel, phenotype, ransomware, replication crisis, Report Card for America’s Infrastructure, Robert X Cringely, Saturday Night Live, self-driving car, seminal paper, Silicon Valley, Skinner box, space junk, stem cell, Stephen Hawking, Steve Jobs, Steve Wozniak, Tacoma Narrows Bridge, TaskRabbit, theory of mind, TikTok, twin studies, unpaid internship, upwardly mobile, US Airways Flight 1549, warehouse automation, warehouse robotics, web application, William Langewiesche, Y Combinator

“Neurodiversity as a Competitive Advantage.” Harvard Business Review, May–June 2017. Belli, G. “How Many Jobs Are Found through Networking, Really?” Payscale, April 6, 2017. https://www.payscale.com/career-advice/many-jobs-found-networking/. Burger, D., et al. “Filtergraph: A Flexible Web Application for Instant Data Visualization of Astronomy Datasets.” arXiv:1212.4458. Cabral, A. “How Dubai Powers Apple’s ‘Spaceship.’ ” Khaleej Times, September 13, 2017. https://www.khaleejtimes.com/tech/how-dubai-powers-apples-spaceship. Cann, S. “The Debate behind Disability Hiring.” Fast Company, November 26, 2012. https://www.fastcompany.com/3002957/disabled-employee-amendment.


pages: 481 words: 121,669

The Invisible Web: Uncovering Information Sources Search Engines Can't See by Gary Price, Chris Sherman, Danny Sullivan

AltaVista, American Society of Civil Engineers: Report Card, Bill Atkinson, bioinformatics, Brewster Kahle, business intelligence, dark matter, Donald Davies, Douglas Engelbart, Douglas Engelbart, full text search, HyperCard, hypertext link, information retrieval, Internet Archive, it's over 9,000, joint-stock company, knowledge worker, machine readable, machine translation, natural language processing, pre–internet, profit motive, Project Xanadu, publish or perish, search engine result page, side project, Silicon Valley, speech recognition, stealth mode startup, Ted Nelson, Vannevar Bush, web application

Search Form URL: http://www.galegroup.com/servlet/Reference ReviewSearchPageServlet Librarian’s Yellow Pages http://www.librariansyellowpages.com Reference 333 “... constantly updated database has products and services from 2,000+ library vendors ... with full-text, keyword searchable listings.” Search Form URL: See Main Page NoodleBib (Bibliography Creator) http://www.noodletools.com “NoodleBib is a Web application that allows you to create and edit your MLA-style bibliographies online.” Search Form URL: http://www.noodletools.com/noodlebib/ index.html Related Resources: Noodlequest (Search Tool Selection Aid) http://www.noodletools.com/noodlequest/main.php3 Locators Alternative Fuel Stations (Alternative Fuels Data Center) http://www.afdc.doe.gov/ “The Alternative Fuels Data Center lists refueling site locations (stations) for compressed natural gas (CNG), 85% methanol and 15% gasoline (M85), 85% ethanol and 15% gasoline (E85), liquefied petroleum gas (LPG), liquefied natural gas (LNG), as well as electric charging stations located throughout the United States.


pages: 448 words: 117,325

Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World by Bruce Schneier

23andMe, 3D printing, air gap, algorithmic bias, autonomous vehicles, barriers to entry, Big Tech, bitcoin, blockchain, Brian Krebs, business process, Citizen Lab, cloud computing, cognitive bias, computer vision, connected car, corporate governance, crowdsourcing, cryptocurrency, cuban missile crisis, Daniel Kahneman / Amos Tversky, David Heinemeier Hansson, disinformation, Donald Trump, driverless car, drone strike, Edward Snowden, Elon Musk, end-to-end encryption, fault tolerance, Firefox, Flash crash, George Akerlof, incognito mode, industrial robot, information asymmetry, information security, Internet of things, invention of radio, job automation, job satisfaction, John Gilmore, John Markoff, Kevin Kelly, license plate recognition, loose coupling, market design, medical malpractice, Minecraft, MITM: man-in-the-middle, move fast and break things, national security letter, Network effects, Nick Bostrom, NSO Group, pattern recognition, precautionary principle, printed gun, profit maximization, Ralph Nader, RAND corporation, ransomware, real-name policy, Rodney Brooks, Ross Ulbricht, security theater, self-driving car, Seymour Hersh, Shoshana Zuboff, Silicon Valley, smart cities, smart transportation, Snapchat, sparse data, Stanislav Petrov, Stephen Hawking, Stuxnet, supply-chain attack, surveillance capitalism, The Market for Lemons, Timothy McVeigh, too big to fail, Uber for X, Unsafe at Any Speed, uranium enrichment, Valery Gerasimov, Wayback Machine, web application, WikiLeaks, Yochai Benkler, zero day

Dan Goodin (9 Mar 2017), “Critical vulnerability under ‘massive’ attack imperils high-impact sites,” Ars Technica, https://arstechnica.com/information-technology/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites. 106Equifax had been notified by Apache: Dan Goodin (2 Oct 2017), “A series of delays and major errors led to massive Equifax breach,” Ars Technica, https://arstechnica.com/information-technology/2017/10/a-series-of-delays-and-major-errors-led-to-massive-equifax-breach. 106but didn’t get around to installing: Cyrus Farivar (15 Sep 2017), “Equifax CIO, CSO ‘retire’ in wake of huge security breach,” Ars Technica, https://arstechnica.com/tech-policy/2017/09/equifax-cio-cso-retire-in-wake-of-huge-security-breach. 106The company’s insecurity was incredible: James Scott (20 Sep 2017), “Equifax: America’s in-credible insecurity,” Institute for Critical Infrastructure Technology, http://icitech.org/wp-content/uploads/2017/09/ICIT-Analysis-Equifax-Americas-In-Credible-Insecurity-Part-One.pdf. 106“laughably bad”: Bruce Schneier (1 Nov 2017), “Testimony and statement for the record: Hearing on ‘securing consumers’ credit data in the age of digital commerce’ before the Subcommittee on Digital Commerce and Consumer Protection Committee on Energy and Commerce, United States House of Representatives,” http://docs.house.gov/meetings/IF/IF17/20171101/106567/HHRG-115-IF17-Wstate-SchneierB-20171101.pdf. 106Equifax had a history of security failures: Thomas Fox-Brewster (8 Sep 2017), “A brief history of Equifax security fails,” Forbes, https://www.forbes.com/sites/thomasbrewster/2017/09/08/equifax-data-breach-history. 106“security by design”: Here’s one example of what that means: Open Web Application Security Project (last modified 3 Aug 2016), “Security by design principles,” https://www.owasp.org/index.php/Security_by_Design_Principles. 109Those principles, and some of the items: Jonathan Zittrain et al. (Feb 2018), “‘Don’t Panic’ Meets the Internet of Things: Recommendations for a Responsible Future,” Berklett Cybersecurity Project, Berkman Center for Internet and Society at Harvard University, unpublished draft. 109While researching for this book: Bruce Schneier (9 Feb 2017), “Security and privacy guidelines for the Internet of Things,” Schneier on Security, https://www.schneier.com/blog/archives/2017/02/security_and_pr.html. 110anonymizing data is much harder: Latanya Sweeney has done some amazing work reidentifying anonymized data.


pages: 519 words: 118,095

Your Money: The Missing Manual by J.D. Roth

Airbnb, Alan Greenspan, asset allocation, bank run, book value, buy and hold, buy low sell high, car-free, Community Supported Agriculture, delayed gratification, diversification, diversified portfolio, do what you love, estate planning, Firefox, fixed income, full employment, hedonic treadmill, Home mortgage interest deduction, index card, index fund, John Bogle, late fees, lifestyle creep, low interest rates, mortgage tax deduction, Own Your Own Home, Paradox of Choice, passive investing, Paul Graham, random walk, retail therapy, Richard Bolles, risk tolerance, Robert Shiller, speech recognition, stocks for the long run, traveling salesman, Vanguard fund, web application, Zipcar

There are other desktop programs out there, but they seem to be a dying breed. Web-based tools (covered next) now rule the roost. Tip For a list of 16 great personal finance programs (both the online and desktop variety), head to http://tinyurl.com/PFprograms Web-Based Tools If you're comfortable using web applications, you can choose from at least a dozen online personal-finance programs. Most of the sites on the following list are free, and many of them feature blogs with financial advice and important money-related news. Though they all have similar features, each one has its own special twist. Many also offer iPhone applications so you can track your money while you're on the go.


pages: 382 words: 120,064

Bank 3.0: Why Banking Is No Longer Somewhere You Go but Something You Do by Brett King

3D printing, Abraham Maslow, additive manufacturing, Airbus A320, Albert Einstein, Amazon Web Services, Any sufficiently advanced technology is indistinguishable from magic, Apollo 11, Apollo 13, Apollo Guidance Computer, asset-backed security, augmented reality, barriers to entry, behavioural economics, bitcoin, bounce rate, business intelligence, business process, business process outsourcing, call centre, capital controls, citizen journalism, Clayton Christensen, cloud computing, credit crunch, crowdsourcing, disintermediation, en.wikipedia.org, fixed income, George Gilder, Google Glasses, high net worth, I think there is a world market for maybe five computers, Infrastructure as a Service, invention of the printing press, Jeff Bezos, jimmy wales, Kickstarter, London Interbank Offered Rate, low interest rates, M-Pesa, Mark Zuckerberg, mass affluent, Metcalfe’s law, microcredit, mobile money, more computing power than Apollo, Northern Rock, Occupy movement, operational security, optical character recognition, peer-to-peer, performance metric, Pingit, platform as a service, QR code, QWERTY keyboard, Ray Kurzweil, recommendation engine, RFID, risk tolerance, Robert Metcalfe, self-driving car, Skype, speech recognition, stem cell, telepresence, the long tail, Tim Cook: Apple, transaction costs, underbanked, US Airways Flight 1549, web application, world market for maybe five computers

VoIP: Voice Over Internet Protocol—an Internet-based protocol that allows users to use voice communication such as over a telephone system VSC: Virtual Support Centre—a call centre virtually supported by customer service representatives who typically operate from home (i.e. homesourcing). WAP: Wireless Access Protocol—the original protocol for simple Internet browsing or simple menu interactions via 2G (digital) mobile phones. Web 2.0: Web applications that facilitate interactive information sharing, interoperability, user-centred design and collaboration on the World Wide Web. Widget: A generic type of software application that is usually portable and works across different operating systems and devices. WiMax: Worldwide Interoperability for Microwave Access—a telecommunications technology that enables wireless transmission of data from point-to-multipoint links to portable and fully mobile Internet access.


pages: 494 words: 121,217

Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency by Andy Greenberg

2021 United States Capitol attack, Airbnb, augmented reality, bitcoin, Bitcoin Ponzi scheme, Black Lives Matter, blockchain, Brian Krebs, Cody Wilson, commoditize, computerized markets, COVID-19, crowdsourcing, cryptocurrency, Edward Snowden, Elon Musk, Ethereum, ethereum blockchain, forensic accounting, Global Witness, Google Glasses, Higgs boson, hive mind, impulse control, index card, Internet Archive, Jeff Bezos, Julian Assange, Large Hadron Collider, machine readable, market design, operational security, opioid epidemic / opioid crisis, pirate software, Ponzi scheme, ransomware, reserve currency, ride hailing / ride sharing, rolodex, Ross Ulbricht, Satoshi Nakamoto, Skype, slashdot, Social Justice Warrior, the market place, web application, WikiLeaks

He used almost none of the flowery libertarian rhetoric of the Dread Pirate Roberts and instead seemed to have a steely focus on the bottom line. In his DeepDotWeb interview, Alpha02 wrote in the style of a corporate press release: “We have made sure to have created a stable & fast marketplace web application which has been built with security in mind right from the start,” adding, “We would like to assure all of our users (both vendors & buyers) that their security, privacy and anonymity rank first place in our priorities list.” What Alpha02 lacked in political inspiration, he seemed to make up for in technological aspiration and coding competency.


Producing Open Source Software: How to Run a Successful Free Software Project by Karl Fogel

active measures, AGPL, barriers to entry, Benjamin Mako Hill, collaborative editing, continuous integration, Contributor License Agreement, corporate governance, Debian, Donald Knuth, en.wikipedia.org, experimental subject, Firefox, Free Software Foundation, GnuPG, Hacker Ethic, Hacker News, intentional community, Internet Archive, iterative process, Kickstarter, natural language processing, off-by-one error, patent troll, peer-to-peer, pull request, revision control, Richard Stallman, selection bias, slashdot, software as a service, software patent, SpamAssassin, the Cathedral and the Bazaar, Wayback Machine, web application, zero-sum game

The many open source anti-surveillance and censorship-circumvention tools supported by the Open Internet Tools Project (OpenITP.org) and by the Open Technology Institute at the New America Foundation. Checkbook NYC, the municipal financial transparency software released by the New York City Office of the Comptroller. The Arches Project, an open source geospatial web application for inventorying and helping protect cultural heritage sites (e.g., historic buildings, archeological sites, etc), created by the Getty Conservation Institute and World Monuments Fund. OpenOffice.org / LibreOffice.org, the Berkeley Database from Sleepycat, and MySQL Database; I have not been involved with these projects personally, but have observed them and, in some cases, talked to people there.


pages: 549 words: 134,988

Pro Git by Scott Chacon, Ben Straub

Chris Wanstrath, continuous integration, creative destruction, Debian, distributed revision control, GnuPG, pull request, remote working, revision control, systems thinking, web application

If you’re looking for a more modern, fully featured Git server, there are some several open source solutions out there that you can install instead. As GitLab is one of the more popular ones, we’ll cover installing and using it as an example. This is a bit more complex than the GitWeb option and likely requires more maintenance, but it is a much more fully featured option. Installation GitLab is a database-backed web application, so its installation is a bit more involved than some other git servers. Fortunately, this process is very well-documented and supported. There are a few methods you can pursue to install GitLab. To get something up and running quickly, you can download a virtual machine image or a one-click installer from https://bitnami.com/stack/gitlab, and tweak the configuration to match your particular environment.


pages: 562 words: 146,544

Daemon by Daniel Suarez

Berlin Wall, Burning Man, call centre, digital map, disruptive innovation, double helix, failed state, Fall of the Berlin Wall, game design, high net worth, invisible hand, McMansion, offshore financial centre, optical character recognition, peer-to-peer, plutocrats, RFID, satellite internet, SQL injection, Stewart Brand, tech worker, telemarketer, web application

Back at the front desk Ross typed like a maniac. Now he knew the OS of the Web server. He thought about the odds of cracking into the server in time to clear the Web logs. Not likely, and it was the first thing the Daemon would try for. “Listen, open the door.” “No way!” Ross flipped back to the hotel’s Web application. He needed to go straight for the customer database. The file extension on the URL told him it was a scripted page. He started typing directly in the URL box of the browser, back-spacing to the hotel’s domain name—to which he appended the text: /global.asa+.htr Then he hit ENTER. To Ross’s relief, the hotel hadn’t patched their Web server, either, and the browser disgorged the source code of the application onto the screen.


pages: 629 words: 142,393

The Future of the Internet: And How to Stop It by Jonathan Zittrain

A Declaration of the Independence of Cyberspace, algorithmic bias, Amazon Mechanical Turk, Andy Kessler, barriers to entry, behavioural economics, book scanning, Brewster Kahle, Burning Man, c2.com, call centre, Cass Sunstein, citizen journalism, Citizen Lab, Clayton Christensen, clean water, commoditize, commons-based peer production, corporate governance, Daniel Kahneman / Amos Tversky, digital divide, disruptive innovation, distributed generation, en.wikipedia.org, end-to-end encryption, Firefox, folksonomy, Free Software Foundation, game design, Hacker Ethic, Howard Rheingold, Hush-A-Phone, illegal immigration, index card, informal economy, information security, Internet Archive, jimmy wales, John Markoff, John Perry Barlow, license plate recognition, loose coupling, mail merge, Morris worm, national security letter, old-boy network, One Laptop per Child (OLPC), OSI model, packet switching, peer-to-peer, post-materialism, pre–internet, price discrimination, profit maximization, radical decentralization, Ralph Nader, RFC: Request For Comment, RFID, Richard Stallman, Richard Thaler, risk tolerance, Robert Bork, Robert X Cringely, SETI@home, Silicon Valley, Skype, slashdot, software patent, Steve Ballmer, Steve Jobs, Ted Nelson, Telecommunications Act of 1996, the Cathedral and the Bazaar, the long tail, The Nature of the Firm, The Wisdom of Crowds, Tragedy of the Commons, web application, wikimedia commons, Yochai Benkler, zero-sum game

See Karasaridis, supra note 55. 68. See Sullivan, supra note 56. 69. Id. 70. CERT has also noted another threat, evidenced by the exploding number of incidents of application attacks as Web sites increasingly link Web pages to company databases. See Bee Ware, The Risk of Application Attacks Securing Web Applications (Jan. 7, 2005), http://www.securitydocs.com/library/2839. 71. IBM INTERNET SECURITY SYSTEMS, IBM INTERNET SECURITY SYSTEMS X-FORCE 2006 TREND STATISTICS 4 (2007), http://www.iss.net/documents/whitepapers/X_Force _Exec_Brief.pdf 72. Id. at 7—8. 73. Internet Sys. Consortium, supra note 2. 74.


pages: 565 words: 151,129

The Zero Marginal Cost Society: The Internet of Things, the Collaborative Commons, and the Eclipse of Capitalism by Jeremy Rifkin

3D printing, active measures, additive manufacturing, Airbnb, autonomous vehicles, back-to-the-land, benefit corporation, big-box store, bike sharing, bioinformatics, bitcoin, business logic, business process, Chris Urmson, circular economy, clean tech, clean water, cloud computing, collaborative consumption, collaborative economy, commons-based peer production, Community Supported Agriculture, Computer Numeric Control, computer vision, crowdsourcing, demographic transition, distributed generation, DIY culture, driverless car, Eben Moglen, electricity market, en.wikipedia.org, Frederick Winslow Taylor, Free Software Foundation, Garrett Hardin, general purpose technology, global supply chain, global village, Hacker Conference 1984, Hacker Ethic, industrial robot, informal economy, information security, Intergovernmental Panel on Climate Change (IPCC), intermodal, Internet of things, invisible hand, Isaac Newton, James Watt: steam engine, job automation, John Elkington, John Markoff, John Maynard Keynes: Economic Possibilities for our Grandchildren, John Maynard Keynes: technological unemployment, Julian Assange, Kickstarter, knowledge worker, longitudinal study, low interest rates, machine translation, Mahatma Gandhi, manufacturing employment, Mark Zuckerberg, market design, mass immigration, means of production, meta-analysis, Michael Milken, mirror neurons, natural language processing, new economy, New Urbanism, nuclear winter, Occupy movement, off grid, off-the-grid, oil shale / tar sands, pattern recognition, peer-to-peer, peer-to-peer lending, personalized medicine, phenotype, planetary scale, price discrimination, profit motive, QR code, RAND corporation, randomized controlled trial, Ray Kurzweil, rewilding, RFID, Richard Stallman, risk/return, Robert Solow, Rochdale Principles, Ronald Coase, scientific management, search inside the book, self-driving car, shareholder value, sharing economy, Silicon Valley, Skype, smart cities, smart grid, smart meter, social web, software as a service, spectrum auction, Steve Jobs, Stewart Brand, the built environment, the Cathedral and the Bazaar, the long tail, The Nature of the Firm, The Structural Transformation of the Public Sphere, The Wealth of Nations by Adam Smith, The Wisdom of Crowds, Thomas Kuhn: the structure of scientific revolutions, Thomas L Friedman, too big to fail, Tragedy of the Commons, transaction costs, urban planning, vertical integration, warehouse automation, Watson beat the top human players on Jeopardy!, web application, Whole Earth Catalog, Whole Earth Review, WikiLeaks, working poor, Yochai Benkler, zero-sum game, Zipcar

In his article, Berners-Lee warns that “large social networking sites are walling off information posted by their users from the rest of the Web” and creating enclosed commercial spaces.16 While the Internet is a commons, the applications on the Web are a hybrid of nonprofit organizations, generally operated as Commons, and commercial enterprises with an eye to the market. Wikipedia and Linux line up in the first category and Google and Facebook in the second category. Although users of Web applications on the Internet are aware that sites like Amazon are purely commercial, they are less likely to feel so about sites like Google and Facebook, because the apps provide them with opportunities to link up to a range of free services, from the world’s premiere search engine to inclusion in the largest family album on Earth.


pages: 543 words: 153,550

Model Thinker: What You Need to Know to Make Data Work for You by Scott E. Page

Airbnb, Albert Einstein, Alfred Russel Wallace, algorithmic trading, Alvin Roth, assortative mating, behavioural economics, Bernie Madoff, bitcoin, Black Swan, blockchain, business cycle, Capital in the Twenty-First Century by Thomas Piketty, Checklist Manifesto, computer age, corporate governance, correlation does not imply causation, cuban missile crisis, data science, deep learning, deliberate practice, discrete time, distributed ledger, Easter island, en.wikipedia.org, Estimating the Reproducibility of Psychological Science, Everything should be made as simple as possible, experimental economics, first-price auction, Flash crash, Ford Model T, Geoffrey West, Santa Fe Institute, germ theory of disease, Gini coefficient, Higgs boson, High speed trading, impulse control, income inequality, Isaac Newton, John von Neumann, Kenneth Rogoff, knowledge economy, knowledge worker, Long Term Capital Management, loss aversion, low skilled workers, Mark Zuckerberg, market design, meta-analysis, money market fund, multi-armed bandit, Nash equilibrium, natural language processing, Network effects, opioid epidemic / opioid crisis, p-value, Pareto efficiency, pattern recognition, Paul Erdős, Paul Samuelson, phenotype, Phillips curve, power law, pre–internet, prisoner's dilemma, race to the bottom, random walk, randomized controlled trial, Richard Feynman, Richard Thaler, Robert Solow, school choice, scientific management, sealed-bid auction, second-price auction, selection bias, six sigma, social graph, spectrum auction, statistical model, Stephen Hawking, Supply of New York City Cabdrivers, systems thinking, tacit knowledge, The Bell Curve by Richard Herrnstein and Charles Murray, The Great Moderation, the long tail, The Rise and Fall of American Growth, the rule of 72, the scientific method, The Spirit Level, the strength of weak ties, The Wisdom of Crowds, Thomas Malthus, Thorstein Veblen, Tragedy of the Commons, urban sprawl, value at risk, web application, winner-take-all economy, zero-sum game

Cause of inequality: Increased connectedness increases social influences, creating a positive feedback. We can apply that same logic to the economy writ large.10 The potential for positive feedbacks through social networks to contribute to inequality depends in part on the nature of what people buy. Weightless goods such as movie and music downloads, web applications, and some technologies can be scaled quickly, if not immediately. Tractors, cars, and washing machines cannot be duplicated by clicking on an icon. So while a new smartphone application can scale up with little to no capital outlay, a best-selling car cannot. As a benchmark, in May 2015, Volvo announced that it would build its S60 sedan in South Carolina.


We Are the Nerds: The Birth and Tumultuous Life of Reddit, the Internet's Culture Laboratory by Christine Lagorio-Chafkin

"Friedman doctrine" OR "shareholder theory", 4chan, Aaron Swartz, Airbnb, Amazon Web Services, Bernie Sanders, big-box store, bitcoin, blockchain, Brewster Kahle, Burning Man, compensation consultant, crowdsourcing, cryptocurrency, data science, David Heinemeier Hansson, digital rights, disinformation, Donald Trump, East Village, eternal september, fake news, game design, Golden Gate Park, growth hacking, Hacker News, hiring and firing, independent contractor, Internet Archive, Jacob Appelbaum, Jeff Bezos, jimmy wales, Joi Ito, Justin.tv, Kickstarter, Large Hadron Collider, Lean Startup, lolcat, Lyft, Marc Andreessen, Mark Zuckerberg, medical residency, minimum viable product, natural language processing, Palm Treo, Paul Buchheit, Paul Graham, paypal mafia, Peter Thiel, plutocrats, QR code, r/findbostonbombers, recommendation engine, RFID, rolodex, Ruby on Rails, Sam Altman, Sand Hill Road, Saturday Night Live, self-driving car, semantic web, Sheryl Sandberg, side project, Silicon Valley, Silicon Valley ideology, Silicon Valley startup, slashdot, Snapchat, Social Justice Warrior, social web, South of Market, San Francisco, Startup school, Stephen Hawking, Steve Bannon, Steve Jobs, Steve Wozniak, Streisand effect, technoutopianism, uber lyft, Wayback Machine, web application, WeWork, WikiLeaks, Y Combinator

As with Ohanian, his height made him stand out at parties, bars, or just walking down the street, and his striking light blue eyes and thick shock of golden hair made him recognizable. Once, a fellow passenger in an Uber car pool ID’d him solely by his voice; he’d listened to hours upon hours of an online course Huffman taught called “CS253: Web Application Engineering.” When Huffman has to prepare for an event, speak onstage, or lead a meeting, he likes being “Steve Huffman, founder of Reddit.” When he’s out with friends, he does not. If asked at bars if he’s Steve Huffman, he often replies, “No,” and turns away. Now that he was over thirty, he was confident in his desires.


pages: 496 words: 70,263

Erlang Programming by Francesco Cesarini

cloud computing, fault tolerance, finite state, functional programming, higher-order functions, loose coupling, revision control, RFC: Request For Comment, social bookmarking, sorting algorithm, Turing test, type inference, web application

In the worst case, end users might * At least two, according to Joe Armstrong, but three if you ask Leslie Lamport. 245 believe they experienced a network glitch when the socket reconnects to the new node, but all they would notice are other users signing out and in. The Erlang Web framework, an open source application for Erlang-based web applications, uses distribution for scalability and reliability. A typical cluster consists of frontend and backend nodes. The frontend nodes contain the web servers (running in the Erlang node), a cache layer, and a layer handling XML parsing for inbound requests. It also contains the functionality for handling the dynamic generation of XHTML.


Digital Accounting: The Effects of the Internet and Erp on Accounting by Ashutosh Deshmukh

accounting loophole / creative accounting, AltaVista, book value, business continuity plan, business intelligence, business logic, business process, call centre, computer age, conceptual framework, corporate governance, currency risk, data acquisition, disinformation, dumpster diving, fixed income, hypertext link, information security, interest rate swap, inventory management, iterative process, late fees, machine readable, money market fund, new economy, New Journalism, optical character recognition, packet switching, performance metric, profit maximization, semantic web, shareholder value, six sigma, statistical model, supply chain finance, supply-chain management, supply-chain management software, telemarketer, transaction costs, value at risk, vertical integration, warehouse automation, web application, Y2K

The standard biller-side control and reporting features include ability to access online documents, logging customer visits and payment behavior, data mining abilities and report generation capabilities. The output can also be presented on e-mail, fax, palm device, cell phones and pagers, and can be remotely printed. The EIPP/EBPP software needs to be integrated with the Web application software. The messaging software to facilitate communication between concerned parties is also required. The EIPP/EBPP software also monitors delivery of the invoice to the customer. If the software detects failure in delivery, then alternate routes, such as printing and posting of the invoices, are invoked.


pages: 719 words: 181,090

Site Reliability Engineering: How Google Runs Production Systems by Betsy Beyer, Chris Jones, Jennifer Petoff, Niall Richard Murphy

"Margaret Hamilton" Apollo, Abraham Maslow, Air France Flight 447, anti-pattern, barriers to entry, business intelligence, business logic, business process, Checklist Manifesto, cloud computing, cognitive load, combinatorial explosion, continuous integration, correlation does not imply causation, crowdsourcing, database schema, defense in depth, DevOps, en.wikipedia.org, exponential backoff, fail fast, fault tolerance, Flash crash, George Santayana, Google Chrome, Google Earth, if you see hoof prints, think horses—not zebras, information asymmetry, job automation, job satisfaction, Kubernetes, linear programming, load shedding, loose coupling, machine readable, meta-analysis, microservices, minimum viable product, MVC pattern, no silver bullet, OSI model, performance metric, platform as a service, proprietary trading, reproducible builds, revision control, risk tolerance, side project, six sigma, the long tail, the scientific method, Toyota Production System, trickle-down economics, warehouse automation, web application, zero day

Robbins, Web Operations: Keeping the Data on Time: O’Reilly, 2010. [All12] J. Allspaw, “Blameless PostMortems and a Just Culture”, blog post, 2012. [All15] J. Allspaw, “Trade-Offs Under Pressure: Heuristics and Observations of Teams Resolving Internet Service Outages”, MSc thesis, Lund University, 2015. [Ana07] S. Anantharaju, “Automating web application security testing”, blog post, July 2007. [Ana13] R. Ananatharayan et al., “Photon: Fault-tolerant and Scalable Joining of Continuous Data Streams”, in SIGMOD ’13, 2013. [And05] A. Andrieux, K. Czajkowski, A. Dan, et al., “Web Services Agreement Specification (WS-Agreement)”, September 2005.


pages: 579 words: 183,063

Tribe of Mentors: Short Life Advice From the Best in the World by Timothy Ferriss

"World Economic Forum" Davos, 23andMe, A Pattern Language, agricultural Revolution, Airbnb, Albert Einstein, Alvin Toffler, Bayesian statistics, bitcoin, Black Lives Matter, Black Swan, blockchain, Brownian motion, Buckminster Fuller, Clayton Christensen, cloud computing, cognitive dissonance, Colonization of Mars, corporate social responsibility, cryptocurrency, David Heinemeier Hansson, decentralized internet, dematerialisation, do well by doing good, do what you love, don't be evil, double helix, driverless car, effective altruism, Elon Musk, Ethereum, ethereum blockchain, family office, fear of failure, Gary Taubes, Geoffrey West, Santa Fe Institute, global macro, Google Hangouts, Gödel, Escher, Bach, haute couture, helicopter parent, high net worth, In Cold Blood by Truman Capote, income inequality, index fund, information security, Jeff Bezos, job satisfaction, Johann Wolfgang von Goethe, Kevin Kelly, Lao Tzu, Larry Ellison, Law of Accelerating Returns, Lyft, Mahatma Gandhi, Marc Andreessen, Marc Benioff, Marshall McLuhan, Max Levchin, Mikhail Gorbachev, minimum viable product, move fast and break things, Mr. Money Mustache, Naomi Klein, Neal Stephenson, Nick Bostrom, non-fiction novel, Peter Thiel, power law, profit motive, public intellectual, Ralph Waldo Emerson, Ray Kurzweil, Salesforce, Saturday Night Live, Sheryl Sandberg, side project, Silicon Valley, Skype, smart cities, smart contracts, Snapchat, Snow Crash, Steve Jobs, Steve Jurvetson, Steven Pinker, Stewart Brand, sunk-cost fallacy, TaskRabbit, tech billionaire, TED Talk, Tesla Model S, too big to fail, Turing machine, uber lyft, Vitalik Buterin, W. E. B. Du Bois, web application, Whole Earth Catalog, Y Combinator

—John Rawls Jason Fried TW: @jasonfried basecamp.com JASON FRIED is the co-founder and CEO of Basecamp (previously 37signals), a Chicago-based software firm. The company’s flagship product, Basecamp, is a project management and team communication application trusted by millions. He is the co-author of Getting Real: The Smarter, Faster, Easier Way to Build a Successful Web Application, which is available for free at gettingreal.37signals.com. He is also the co-author of the New York Times bestseller Rework and Remote: Office Not Required. Jason writes a regular column for Inc. magazine and is a frequent contributor to Basecamp’s popular blog, Signal v. Noise, which offers “strong opinions and shared thoughts on design, business, and tech.”


pages: 612 words: 187,431

The Art of UNIX Programming by Eric S. Raymond

A Pattern Language, Albert Einstein, Apple Newton, barriers to entry, bioinformatics, Boeing 747, Clayton Christensen, combinatorial explosion, commoditize, Compatible Time-Sharing System, correlation coefficient, David Brooks, Debian, Dennis Ritchie, domain-specific language, don't repeat yourself, Donald Knuth, end-to-end encryption, Everything should be made as simple as possible, facts on the ground, finite state, Free Software Foundation, general-purpose programming language, George Santayana, history of Unix, Innovator's Dilemma, job automation, Ken Thompson, Larry Wall, level 1 cache, machine readable, macro virus, Multics, MVC pattern, Neal Stephenson, no silver bullet, OSI model, pattern recognition, Paul Graham, peer-to-peer, premature optimization, pre–internet, publish or perish, revision control, RFC: Request For Comment, Richard Stallman, Robert Metcalfe, Steven Levy, the Cathedral and the Bazaar, transaction costs, Turing complete, Valgrind, wage slave, web application

This compromises Java's original objective of universal portability. Sadly, browser applets are dead. Microsoft's decision not to support Java 1.2 in Internet Explorer effectively killed them. However, Java seems to have found a secure niche in the computing ecology, for ‘servlets’ running within Web application servers. It has also become commonly used for a lot of in-house corporate programming not directly tied to databases or webservers. It has become major competition for both Microsoft's ASP/COM platform and Perl CGIs. Finally, it is in widespread and increasing use as a language for teaching introductory programming (a role for which it is extremely well suited).


pages: 651 words: 186,130

This Is How They Tell Me the World Ends: The Cyberweapons Arms Race by Nicole Perlroth

4chan, active measures, activist lawyer, air gap, Airbnb, Albert Einstein, Apollo 11, barriers to entry, Benchmark Capital, Bernie Sanders, Big Tech, bitcoin, Black Lives Matter, blood diamond, Boeing 737 MAX, Brexit referendum, Brian Krebs, Citizen Lab, cloud computing, commoditize, company town, coronavirus, COVID-19, crony capitalism, crowdsourcing, cryptocurrency, dark matter, David Vincenzetti, defense in depth, digital rights, disinformation, don't be evil, Donald Trump, driverless car, drone strike, dual-use technology, Edward Snowden, end-to-end encryption, failed state, fake news, false flag, Ferguson, Missouri, Firefox, gender pay gap, George Floyd, global pandemic, global supply chain, Hacker News, index card, information security, Internet of things, invisible hand, Jacob Appelbaum, Jeff Bezos, John Markoff, Ken Thompson, Kevin Roose, Laura Poitras, lockdown, Marc Andreessen, Mark Zuckerberg, mass immigration, Menlo Park, MITM: man-in-the-middle, moral hazard, Morris worm, move fast and break things, mutually assured destruction, natural language processing, NSO Group, off-the-grid, offshore financial centre, open borders, operational security, Parler "social media", pirate software, purchasing power parity, race to the bottom, RAND corporation, ransomware, Reflections on Trusting Trust, rolodex, Rubik’s Cube, Russian election interference, Sand Hill Road, Seymour Hersh, Sheryl Sandberg, side project, Silicon Valley, Skype, smart cities, smart grid, South China Sea, Steve Ballmer, Steve Bannon, Steve Jobs, Steven Levy, Stuxnet, supply-chain attack, TED Talk, the long tail, the scientific method, TikTok, Tim Cook: Apple, undersea cable, unit 8200, uranium enrichment, web application, WikiLeaks, zero day, Zimmermann PGP

And in those first few months, they knew hackers would be testing them, seeing what they could get away with. Hackers were not about to turn over their best exploits right away; they’d start with the low-hanging fruit. Of the first thousand bugs submitted over the next eighteen months, half were crap. Some were cross-site scripting vulnerabilities—common bugs in web applications that novice hackers could use to deface a website. Or they were bugs that caused Microsoft Word to crash anytime you opened a new Word document. These bugs were a nuisance, but black hats weren’t using them to steal intellectual property or customer data. James and Endler contemplated turning these bugs away.


pages: 721 words: 197,134

Data Mining: Concepts, Models, Methods, and Algorithms by Mehmed Kantardzić

Albert Einstein, algorithmic bias, backpropagation, bioinformatics, business cycle, business intelligence, business process, butter production in bangladesh, combinatorial explosion, computer vision, conceptual framework, correlation coefficient, correlation does not imply causation, data acquisition, discrete time, El Camino Real, fault tolerance, finite state, Gini coefficient, information retrieval, Internet Archive, inventory management, iterative process, knowledge worker, linked data, loose coupling, Menlo Park, natural language processing, Netflix Prize, NP-complete, PageRank, pattern recognition, peer-to-peer, phenotype, random walk, RFID, semantic web, speech recognition, statistical model, Telecommunications Act of 1996, telemarketer, text mining, traveling salesman, web application

., Academic Press, Amsterdam, NL, 2009, pp. 151–172. Sirmakessis, S., Text Mining and Its Applications, Springer-Verlag, Berlin, 2003. Zhang, Q., R. S. Segall, Review of Data, Text and Web Mining Software, Kybernetes, Vol. 39, No. 4, 2010, pp. 625–655. Zhang, Y., et al., Computational Web Intelligence: Intelligent Technology for Web Applications, World Scientific Publ. Co., Singapore, 2004. Zhang, X., J. Edwards, J. Harding, Personalised Online Sales Using Web Usage Data Mining, Computers in Industry, Vol. 58, No. 8–9, 2007, pp. 772–782. CHAPTER 12 Antunes, C., A. Oliveira, Temporal Data Mining: An Overview, Proceedings of Workshop on Temporal Data Mining (KDD'01). 2001, pp. 1–13.


pages: 677 words: 206,548

Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It by Marc Goodman

23andMe, 3D printing, active measures, additive manufacturing, Affordable Care Act / Obamacare, Airbnb, airport security, Albert Einstein, algorithmic trading, Alvin Toffler, Apollo 11, Apollo 13, artificial general intelligence, Asilomar, Asilomar Conference on Recombinant DNA, augmented reality, autonomous vehicles, Baxter: Rethink Robotics, Bill Joy: nanobots, bitcoin, Black Swan, blockchain, borderless world, Boston Dynamics, Brian Krebs, business process, butterfly effect, call centre, Charles Lindbergh, Chelsea Manning, Citizen Lab, cloud computing, Cody Wilson, cognitive dissonance, computer vision, connected car, corporate governance, crowdsourcing, cryptocurrency, data acquisition, data is the new oil, data science, Dean Kamen, deep learning, DeepMind, digital rights, disinformation, disintermediation, Dogecoin, don't be evil, double helix, Downton Abbey, driverless car, drone strike, Edward Snowden, Elon Musk, Erik Brynjolfsson, Evgeny Morozov, Filter Bubble, Firefox, Flash crash, Free Software Foundation, future of work, game design, gamification, global pandemic, Google Chrome, Google Earth, Google Glasses, Gordon Gekko, Hacker News, high net worth, High speed trading, hive mind, Howard Rheingold, hypertext link, illegal immigration, impulse control, industrial robot, information security, Intergovernmental Panel on Climate Change (IPCC), Internet of things, Jaron Lanier, Jeff Bezos, job automation, John Harrison: Longitude, John Markoff, Joi Ito, Jony Ive, Julian Assange, Kevin Kelly, Khan Academy, Kickstarter, Kiva Systems, knowledge worker, Kuwabatake Sanjuro: assassination market, Large Hadron Collider, Larry Ellison, Laura Poitras, Law of Accelerating Returns, Lean Startup, license plate recognition, lifelogging, litecoin, low earth orbit, M-Pesa, machine translation, Mark Zuckerberg, Marshall McLuhan, Menlo Park, Metcalfe’s law, MITM: man-in-the-middle, mobile money, more computing power than Apollo, move fast and break things, Nate Silver, national security letter, natural language processing, Nick Bostrom, obamacare, Occupy movement, Oculus Rift, off grid, off-the-grid, offshore financial centre, operational security, optical character recognition, Parag Khanna, pattern recognition, peer-to-peer, personalized medicine, Peter H. Diamandis: Planetary Resources, Peter Thiel, pre–internet, printed gun, RAND corporation, ransomware, Ray Kurzweil, Recombinant DNA, refrigerator car, RFID, ride hailing / ride sharing, Rodney Brooks, Ross Ulbricht, Russell Brand, Salesforce, Satoshi Nakamoto, Second Machine Age, security theater, self-driving car, shareholder value, Sheryl Sandberg, Silicon Valley, Silicon Valley startup, SimCity, Skype, smart cities, smart grid, smart meter, Snapchat, social graph, SoftBank, software as a service, speech recognition, stealth mode startup, Stephen Hawking, Steve Jobs, Steve Wozniak, strong AI, Stuxnet, subscription business, supply-chain management, synthetic biology, tech worker, technological singularity, TED Talk, telepresence, telepresence robot, Tesla Model S, The future is already here, The Future of Employment, the long tail, The Wisdom of Crowds, Tim Cook: Apple, trade route, uranium enrichment, Virgin Galactic, Wall-E, warehouse robotics, Watson beat the top human players on Jeopardy!, Wave and Pay, We are Anonymous. We are Legion, web application, Westphalian system, WikiLeaks, Y Combinator, you are the product, zero day

March 14, 2014, 37 Even if a hacker: “Hacked X-Rays Could Make TSA Scanners Useless,” video, Wall Street Journal, Feb. 12, 2014. 38 Shockingly, using a common hacker tactic: Kim Zetter, “Hacked X-Rays Could Slip Guns Past Airport Security,” Wired, Feb. 11, 2014. 39 “Hackers have hobbled”: U.S. Department of Transportation, “Review of Web Applications Security and Intrusion Detection in Air Traffic Control Systems,” Project ID: FI-2009-049, May 4, 2009. 40 The inspector general: Siobhan Gorman, “FAA’s Air-Traffic Networks Breached by Hackers,” Wall Street Journal, May 7, 2009. 41 Moreover, a security audit: Thomas Claburn, “Air Traffic Control System Repeatedly Hacked,” Dark Reading, May 7, 2009. 42 “will be highly automated”: Steve Henn, “Could the New Air Traffic Control System Be Hacked?


pages: 706 words: 202,591

Facebook: The Inside Story by Steven Levy

active measures, Airbnb, Airbus A320, Amazon Mechanical Turk, AOL-Time Warner, Apple's 1984 Super Bowl advert, augmented reality, Ben Horowitz, Benchmark Capital, Big Tech, Black Lives Matter, Blitzscaling, blockchain, Burning Man, business intelligence, Cambridge Analytica, cloud computing, company town, computer vision, crowdsourcing, cryptocurrency, data science, deep learning, disinformation, don't be evil, Donald Trump, Dunbar number, East Village, Edward Snowden, El Camino Real, Elon Musk, end-to-end encryption, fake news, Firefox, Frank Gehry, Geoffrey Hinton, glass ceiling, GPS: selective availability, growth hacking, imposter syndrome, indoor plumbing, information security, Jeff Bezos, John Markoff, Jony Ive, Kevin Kelly, Kickstarter, lock screen, Lyft, machine translation, Mahatma Gandhi, Marc Andreessen, Marc Benioff, Mark Zuckerberg, Max Levchin, Menlo Park, Metcalfe’s law, MITM: man-in-the-middle, move fast and break things, natural language processing, Network effects, Oculus Rift, operational security, PageRank, Paul Buchheit, paypal mafia, Peter Thiel, pets.com, post-work, Ray Kurzweil, recommendation engine, Robert Mercer, Robert Metcalfe, rolodex, Russian election interference, Salesforce, Sam Altman, Sand Hill Road, self-driving car, sexual politics, Sheryl Sandberg, Shoshana Zuboff, side project, Silicon Valley, Silicon Valley startup, skeuomorphism, slashdot, Snapchat, social contagion, social graph, social software, South of Market, San Francisco, Startup school, Steve Ballmer, Steve Bannon, Steve Jobs, Steven Levy, Steven Pinker, surveillance capitalism, tech billionaire, techlash, Tim Cook: Apple, Tragedy of the Commons, web application, WeWork, WikiLeaks, women in the workforce, Y Combinator, Y2K, you are the product

After a few months on the computer he told himself, All right, this is interesting—I’ve learned all about it, and now I want to control it. “So I learned programming,” he says. One night he demanded that his parents take him to Barnes & Noble to purchase a guide to writing C++, a key computer language for creating web applications. “He’s ten!” recalls Ed Zuckerberg. When the acolyte coder discovered that a book explicitly targeted to “dummies” lacked key information, Dr. Z hired a tutor. For two years the tutor would visit once a week. “It was his favorite hour of the week,” says his mother. The Zuckerbergs explored enrolling him in an AP computer class at the high school, but the teacher told them Mark already knew everything he’d learn in the class.


pages: 643 words: 53,639

Rapid GUI Programming With Python and Qt by Mark Summerfield

Debian, duck typing, Guido van Rossum, loose coupling, MVC pattern, software patent, sorting algorithm, web application

Titles currently in the series include: Linux® Debugging and Performance Tuning Steve Best 0131492470, Paper, ©2006 SELinux by Example Frank Mayer, David Caplan, Karl MacMillan 0131963694, Paper, ©2007 The Definitive Guide to the Xen Hypervisor David Chisnall 013234971X, Hard, ©2008 UNIX to Linux® Porting Alfredo Mendoza, Chakarat Skawratananond, Artis Walker 0131871099, Paper, ©2006 Understanding AJAX Joshua Eichorn 0132216353, Paper, ©2007 The Linux Programmer’s Toolbox John Fusco 0132198576, Paper, ©2007 Embedded Linux Primer Christopher Hallinan 0131679848, Paper, ©2007 The Apache Modules Book Nick Kew 0132409674, Paper, © 2007 New to the series: Digital Short Cuts Rapid Web Applications with TurboGears Mark Ramm, Kevin Dangoor, Gigi Sayfan 0132433885, Paper, © 2007 Linux Programming by Example Arnold Robbins 0131429647, Paper, ©2004 The Linux® Kernel Primer Claudia Salzberg, Gordon Fischer, Steven Smolski 0131181637, Paper, ©2006 Rapid GUI Programming with Python and Qt Mark Summerfield 0132354187, Hard, © 2008 Short Cuts are short, concise, PDF documents designed specifically for busy technical professionals like you.


pages: 1,065 words: 229,099

Real World Haskell by Bryan O'Sullivan, John Goerzen, Donald Stewart, Donald Bruce Stewart

bash_history, database schema, Debian, distributed revision control, domain-specific language, duck typing, en.wikipedia.org, Firefox, functional programming, general-purpose programming language, Guido van Rossum, higher-order functions, job automation, Larry Wall, lateral thinking, level 1 cache, machine readable, p-value, panic early, plutocrats, revision control, sorting algorithm, SQL injection, transfer pricing, type inference, web application, Yochai Benkler

My Ph.D. supervisor, Manuel Chakravarty, and the PLS research group, who provided encouragement, vision, and energy and showed me that a rigorous, foundational approach to programming can make the impossible happen. And, finally, thanks to Suzie, for her insight, patience, and love. Thank You to Our Reviewers We developed this book in the open, posting drafts of chapters to our website as we completed them. Readers then submitted feedback using a web application that we developed. By the time we finished writing the book, about 800 people had submitted over 7,500 comments—an astounding figure. We deeply appreciate the time that so many people volunteered to help us to improve our book. Their encouragement and enthusiasm over the 15 months we spent writing made the process a pleasure.


pages: 394 words: 110,352

The Art of Community: Building the New Age of Participation by Jono Bacon

barriers to entry, Benchmark Capital, Benevolent Dictator For Life (BDFL), collaborative editing, crowdsourcing, Debian, DevOps, digital divide, digital rights, do what you love, do-ocracy, en.wikipedia.org, Firefox, Free Software Foundation, game design, Guido van Rossum, Johann Wolfgang von Goethe, Jono Bacon, Kickstarter, Larry Wall, Mark Shuttleworth, Mark Zuckerberg, openstreetmap, Richard Stallman, side project, Silicon Valley, Skype, slashdot, social graph, software as a service, Stephen Fry, telemarketer, the long tail, union organizing, VA Linux, web application

Note The Tobe project is no longer running, so don’t get too excited if you are looking for something similar. I still think a FAQ management system would be an incredible resource for many communities, though, so if you produce one, do let me know! Our fictional Tobe system is a complete web application for maintaining FAQs. It is written using the PHP language and MySQL database. Because it’s fictional, let’s say it has an excellent user interface, wonderfully written code, and legions of fans around the world (including Johnny Depp and Nicole Kidman). As such, Tobe has a large and bustling contributor community, so large that we are feeling the need for a Community Council to help guide the project forward and ensure that the community is always open and accessible.


Data Mining: Concepts and Techniques: Concepts and Techniques by Jiawei Han, Micheline Kamber, Jian Pei

backpropagation, bioinformatics, business intelligence, business process, Claude Shannon: information theory, cloud computing, computer vision, correlation coefficient, cyber-physical system, database schema, discrete time, disinformation, distributed generation, finite state, industrial research laboratory, information retrieval, information security, iterative process, knowledge worker, linked data, machine readable, natural language processing, Netflix Prize, Occam's razor, pattern recognition, performance metric, phenotype, power law, random walk, recommendation engine, RFID, search costs, semantic web, seminal paper, sentiment analysis, sparse data, speech recognition, statistical model, stochastic process, supply-chain management, text mining, thinkpad, Thomas Bayes, web application

Witt Developing High Quality Data Models Matthew West Location-Based Services Jochen Schiller, Agnes Voisard Managing Time in Relational Databases: How to Design, Update, and Query Temporal Data Tom Johnston, Randall Weis Database Modeling with Microsoft® Visio for Enterprise Architects Terry Halpin, Ken Evans, Patrick Hallock, Bill Maclean Designing Data-Intensive Web Applications Stephano Ceri, Piero Fraternali, Aldo Bongio, Marco Brambilla, Sara Comai, Maristella Matera Mining the Web: Discovering Knowledge from Hypertext Data Soumen Chakrabarti Advanced SQL: 1999—Understanding Object-Relational and Other Advanced Features Jim Melton Database Tuning: Principles, Experiments, and Troubleshooting Techniques Dennis Shasha, Philippe Bonnet SQL: 1999—Understanding Relational Language Components Jim Melton, Alan R.


pages: 1,266 words: 278,632

Backup & Recovery by W. Curtis Preston

Berlin Wall, business intelligence, business process, database schema, Debian, dumpster diving, failed state, fault tolerance, full text search, job automation, Kickstarter, operational security, rolling blackouts, side project, Silicon Valley, systems thinking, web application

SQL Server 2005 also offers a wealth of additional features such as services for analysis, data integration, notification, and reporting as well as the service broker. Combined, these elements make up a complete relational database system that can be used for simple tasks such as a database-driven web application or for more advanced needs such as data mining, complex business intelligence gathering, specialized reporting and notification, and a host of additional needs. Tip When referring to specific versions, this chapter often uses just the version numbers. For example, 2000 refers to SQL Server 2000, and 2005 refers to SQL Server 2005.


UNIX® Network Programming, Volume 1: The Sockets Networking API, 3rd Edition by W. Richard Stevens, Bill Fenner, Andrew M. Rudoff

Dennis Ritchie, exponential backoff, failed state, fudge factor, global macro, history of Unix, information retrieval, OpenAI, OSI model, p-value, RFC: Request For Comment, Richard Stallman, UUNET, web application

Most of the improvement is obtained with three simultaneous connections (the clock time is halved), and the performance increase is much less with four or more simultaneous connections. We provide this example using simultaneous connects because it is a nice example using nonblocking I/O and one whose performance impact can be measured. It is also a feature used by a popular Web application, the Netscape browser. There are pitfalls in this technique if there is any congestion in the network. Chapter 21 of TCPv1 describes TCP’s slow-start and congestion avoidance algorithms in detail. When multiple connections are established from a client to a server, there is no communication between the connections at the TCP layer.