This presentation provides an introduction to RESTful service design patterns by starting at the HTTP basics, then looking at good designs and finally covering good and bad practices.
The document discusses challenges and techniques for enabling cross-site communication between web components in rich web applications and mashups. It describes how the same-origin policy prevents direct cross-site communication and summarizes techniques used today like server-side proxies, Flash proxies, and JSON-P. It then introduces the "JavaScript Wormhole" technique, which uses a callback page and dynamically-generated JavaScript to pass data across sites. The document concludes by discussing proposals to evolve the platform to better support cross-site communication while maintaining security.
The document discusses challenges of cross-site communication for building rich web applications and mashups due to the same-origin policy, and describes techniques currently used like server-side proxies, Flash, JSON-P, and the "JavaScript wormhole" to overcome these limitations by establishing trust relationships between domains. It also considers proposals for new cross-domain tools and the evolving browser platform to better support these use cases in the future while maintaining security.
HTTP/2 addresses limitations in HTTP/1.x by multiplexing requests over a single TCP connection, compressing headers, and allowing servers to push responses. It leads to more efficient use of network resources and faster page loads. While browser support is good, server implementations are still maturing and need to fully support HTTP/2 features like streams, dependencies, and server push to provide optimizations. Efficient TLS is also important to avoid delays in taking advantage of HTTP/2 performance benefits.
The document provides a history of HTML and describes new features in HTML5 such as improved audio/video support, 2D/3D canvas, web storage, geolocation, and web workers. Key events include Tim Berners-Lee proposing HTML in 1989 at CERN and the formation of the WHATWG in 2004 to advance HTML standards in response to the W3C shifting focus away from HTML. HTML5 aims to improve compatibility while introducing new APIs for web applications.
An HTML5 overview I gave at Refresh FLL which showed the new features & touched on how to use progressive enhancement and polyfills to leverage HTML5 today.
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San FranciscoAlessandro Nadalin
The HTTP protocol has been there for more than 20 years, almost untouched, but the current needs of the web are pushing towards adding some spices into the mix.
In this talk we will have a brief look at the history of HTTP, what SPDY - the "new" protocol proposed by google - brings into the table and how HTTP/2.0 will look like.
The document discusses the evolution of HTML5 from XHTML and highlights new HTML5 elements, audio/video capabilities, and the Canvas element. Key points include: HTML5 aims to address shortcomings of XHTML by simplifying the language; new semantic elements like <header>, <nav>, <article> are introduced; audio and video can be embedded but browser support is limited; the Canvas element allows for dynamic 2D graphic scripts and drawings on the page.
The document discusses challenges and techniques for enabling cross-site communication between web components in rich web applications and mashups. It describes how the same-origin policy prevents direct cross-site communication and summarizes techniques used today like server-side proxies, Flash proxies, and JSON-P. It then introduces the "JavaScript Wormhole" technique, which uses a callback page and dynamically-generated JavaScript to pass data across sites. The document concludes by discussing proposals to evolve the platform to better support cross-site communication while maintaining security.
The document discusses challenges of cross-site communication for building rich web applications and mashups due to the same-origin policy, and describes techniques currently used like server-side proxies, Flash, JSON-P, and the "JavaScript wormhole" to overcome these limitations by establishing trust relationships between domains. It also considers proposals for new cross-domain tools and the evolving browser platform to better support these use cases in the future while maintaining security.
HTTP/2 addresses limitations in HTTP/1.x by multiplexing requests over a single TCP connection, compressing headers, and allowing servers to push responses. It leads to more efficient use of network resources and faster page loads. While browser support is good, server implementations are still maturing and need to fully support HTTP/2 features like streams, dependencies, and server push to provide optimizations. Efficient TLS is also important to avoid delays in taking advantage of HTTP/2 performance benefits.
The document provides a history of HTML and describes new features in HTML5 such as improved audio/video support, 2D/3D canvas, web storage, geolocation, and web workers. Key events include Tim Berners-Lee proposing HTML in 1989 at CERN and the formation of the WHATWG in 2004 to advance HTML standards in response to the W3C shifting focus away from HTML. HTML5 aims to improve compatibility while introducing new APIs for web applications.
An HTML5 overview I gave at Refresh FLL which showed the new features & touched on how to use progressive enhancement and polyfills to leverage HTML5 today.
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San FranciscoAlessandro Nadalin
The HTTP protocol has been there for more than 20 years, almost untouched, but the current needs of the web are pushing towards adding some spices into the mix.
In this talk we will have a brief look at the history of HTTP, what SPDY - the "new" protocol proposed by google - brings into the table and how HTTP/2.0 will look like.
The document discusses the evolution of HTML5 from XHTML and highlights new HTML5 elements, audio/video capabilities, and the Canvas element. Key points include: HTML5 aims to address shortcomings of XHTML by simplifying the language; new semantic elements like <header>, <nav>, <article> are introduced; audio and video can be embedded but browser support is limited; the Canvas element allows for dynamic 2D graphic scripts and drawings on the page.
The document provides an overview of HTML5 and describes several new features including content elements, native audio and video support, the canvas element for 2D drawing, new form elements, an HTML manifest for caching, offline functionality using localStorage and SQL databases, and browser support for various HTML5 features.
As programmers, we concentrate so much on the server/backend side of things that we often forget to measure performance from the Client's viewpoint. This presentation describes a bunch of techniques that can be used to speed up our websites.
The document discusses common web application security threats like cross-site request forgery (CSRF), cross-site scripting (XSS), and SQL injections. It provides examples of each threat and explains how Joomla handles them, such as by adding tokens for CSRF protection and escaping user input. The document also covers other attacks like direct code access, register globals being on, and outlines best practices for secure web development like input sanitization and validation.
This document discusses the importance of website speed and performance. It notes that most top retail sites take over 3 seconds to load critical content, and median page load times have slowed by 23% year-over-year. Faster sites see benefits like 10% higher conversions. Network latency has a greater impact on performance than bandwidth. Techniques like preloading fonts and images can help mitigate latency. Frameworks and features like service workers may also help if designed deliberately for performance. Regular measurement and setting performance budgets are recommended to build fast user experiences.
Are Today’s Good Practices… Tomorrow’s Performance Anti-Patterns?Andy Davies
Talk from Akamai Edge 2014 looking at some of our current web performance optimisation practices and how they may need to change as new standards and protocols emerge
The Case for HTTP/2 - EpicFEL Sept 2015Andy Davies
HTTP/2 is here but why do we need it, and how is it different to HTTP/1.1?
Video - https://www.youtube.com/watch?v=ob-CnA9YmiI
These are the slides from my talk at Front-End London's one day conference, EpicFEL
This document discusses various web service technologies including RSS, ATOM, JSON, SOAP, and REST. RSS and ATOM are formats for syndicating web content using XML. JSON is a lightweight data format inspired by JavaScript. SOAP defines an envelope for XML messaging, while REST uses HTTP methods to manipulate resources on a server. REST embraces HTTP and models services as resources with unique identifiers accessed via standard methods like GET and PUT.
Work on HTML5 began in 2004 through a collaborative effort between the W3C and WHATWG. It introduces new semantic elements, supports embedded video and audio, introduces the canvas element for drawing, and improves forms. While the specification is still in development, browser support is increasing and many of the new features can be used now to have cleaner code and stay ahead of changes. However, lack of support in some browsers and the evolving specification mean disadvantages include things may change and not work everywhere.
HTML 5 is a new version of HTML that is still being developed. It aims to evolve HTML instead of reinventing it. Key features include new form elements, input types, semantic elements, APIs for offline apps, and standardized video and audio embedding. Browser support is growing but the specification may not be finalized until 2022. However, many features are already implemented and can be used today through emulation if needed.
This document discusses how to get the most out of the webpagetest.org tool for testing website performance. It provides an overview of the metrics webpagetest measures like load times, bandwidth usage, and script execution. The document also shares links to examples of using scripting commands to test service workers and customizing domain names. Additionally, it promotes Patrick Meenan's GitHub projects for Cloudflare Workers that can optimize sites and mentions the bulk testing feature on webpagetest.org.
Internet Explorer 8 for Developers by Christian ThilmanyChristian Thilmany
The document discusses new features in Internet Explorer 8 including improved standards support, developer tools, performance optimizations, security enhancements, and methods for cross-domain communication and messaging between frames from different domains without compromising security. Key areas covered are DOM storage, cross-domain requests, cross-document messaging, and web slices for subscribing to portions of web pages.
The document provides instructions for installing PHP on Windows, including downloading the PHP binaries, running the installation wizard, configuring PHP to work with MySQL, and testing the PHP installation. It then provides examples of basic PHP programs, including displaying the date and time, generating random numbers, and retrieving meta tags.
This document discusses HTML5 features and how they relate to PHP development. It begins by noting that HTML5 moves from documents to applications and from hacks to solutions. It then discusses how technologies like Ajax, Comet, and real-time updates have led to a change where content is less important than context and applications like Facebook and Twitter are really applications, not just pages. The document outlines several new HTML5 features like WebSockets, Web Workers, offline applications, geolocation, drag and drop, and the file API. It argues that more logic will move to the client and browsers with these features. The summary concludes that HTML5 is part of a new application framework and that PHP developers will need to learn JavaScript to
HTML5 Semantics, Accessibility & Forms [Carsonified HTML5 Online Conference]Aaron Gustafson
This document discusses HTML5 semantics, accessibility, and forms. It begins with an overview of HTML5 and its new semantic elements like section, article, header, footer, nav, aside, figure, and details. It also covers new form elements and adjustments to existing elements like b, i, em, strong, small, cite, menu, and hr. The document provides examples and illustrations of how to properly use these new and updated elements to improve semantics, accessibility, and organization of content.
The document discusses declarative approaches to building user interfaces, which focus on describing what user interface elements to display rather than how to display them. Declarative languages allow for easier design, reuse, and sharing of information compared to imperative languages. Some challenges of declarative approaches include cross-browser compatibility issues and a lack of support for certain features in some browsers.
The document discusses various topics related to web development including XHTML, CSS, and JavaScript. It provides definitions and explanations of XHTML, CSS, JavaScript, and the differences between HTML and XHTML. It also covers common issues with supporting older browsers like IE6 and strategies for overcoming those issues such as using frameworks to simplify tasks like DOM manipulation and event handling.
The document discusses the evolution of HTML over time. It notes that XHTML proposals broke backwards compatibility and saw slow adoption. Meanwhile, browsers and technologies like Ajax advanced independently of standards bodies. This led to the formation of the WHATWG to further develop HTML. HTML 5 is described as just a nickname for ongoing incremental HTML revisions, combining the work of the WHATWG and W3C, allowing both XML and classic HTML syntaxes.
This document discusses installing PHP on Windows, provides PHP code samples, and describes:
1) Installing PHP 5 on Windows by downloading binaries, selecting installation options, and testing the installation.
2) PHP code samples that output dates/times in different formats, change background colors based on conditions, generate random numbers, and other basic PHP scripts.
3) Additional PHP functions demonstrated include string manipulation, file handling, and working with arrays.
The document discusses testing and deploying a workflow service application using Windows Server AppFabric and provides the following steps:
1. Prepare a demo workflow service app in Visual Studio to add and return the sum of two input integers.
2. Publish the app to a local IIS website using web deploy and test it using the WCF test client.
3. View and configure the services and endpoints for the site using the AppFabric dashboard.
4. Update the project's web.config and add error handling to demonstrate the AppFabric logging capabilities.
The document provides an overview of HTML5 and describes several new features including content elements, native audio and video support, the canvas element for 2D drawing, new form elements, an HTML manifest for caching, offline functionality using localStorage and SQL databases, and browser support for various HTML5 features.
As programmers, we concentrate so much on the server/backend side of things that we often forget to measure performance from the Client's viewpoint. This presentation describes a bunch of techniques that can be used to speed up our websites.
The document discusses common web application security threats like cross-site request forgery (CSRF), cross-site scripting (XSS), and SQL injections. It provides examples of each threat and explains how Joomla handles them, such as by adding tokens for CSRF protection and escaping user input. The document also covers other attacks like direct code access, register globals being on, and outlines best practices for secure web development like input sanitization and validation.
This document discusses the importance of website speed and performance. It notes that most top retail sites take over 3 seconds to load critical content, and median page load times have slowed by 23% year-over-year. Faster sites see benefits like 10% higher conversions. Network latency has a greater impact on performance than bandwidth. Techniques like preloading fonts and images can help mitigate latency. Frameworks and features like service workers may also help if designed deliberately for performance. Regular measurement and setting performance budgets are recommended to build fast user experiences.
Are Today’s Good Practices… Tomorrow’s Performance Anti-Patterns?Andy Davies
Talk from Akamai Edge 2014 looking at some of our current web performance optimisation practices and how they may need to change as new standards and protocols emerge
The Case for HTTP/2 - EpicFEL Sept 2015Andy Davies
HTTP/2 is here but why do we need it, and how is it different to HTTP/1.1?
Video - https://www.youtube.com/watch?v=ob-CnA9YmiI
These are the slides from my talk at Front-End London's one day conference, EpicFEL
This document discusses various web service technologies including RSS, ATOM, JSON, SOAP, and REST. RSS and ATOM are formats for syndicating web content using XML. JSON is a lightweight data format inspired by JavaScript. SOAP defines an envelope for XML messaging, while REST uses HTTP methods to manipulate resources on a server. REST embraces HTTP and models services as resources with unique identifiers accessed via standard methods like GET and PUT.
Work on HTML5 began in 2004 through a collaborative effort between the W3C and WHATWG. It introduces new semantic elements, supports embedded video and audio, introduces the canvas element for drawing, and improves forms. While the specification is still in development, browser support is increasing and many of the new features can be used now to have cleaner code and stay ahead of changes. However, lack of support in some browsers and the evolving specification mean disadvantages include things may change and not work everywhere.
HTML 5 is a new version of HTML that is still being developed. It aims to evolve HTML instead of reinventing it. Key features include new form elements, input types, semantic elements, APIs for offline apps, and standardized video and audio embedding. Browser support is growing but the specification may not be finalized until 2022. However, many features are already implemented and can be used today through emulation if needed.
This document discusses how to get the most out of the webpagetest.org tool for testing website performance. It provides an overview of the metrics webpagetest measures like load times, bandwidth usage, and script execution. The document also shares links to examples of using scripting commands to test service workers and customizing domain names. Additionally, it promotes Patrick Meenan's GitHub projects for Cloudflare Workers that can optimize sites and mentions the bulk testing feature on webpagetest.org.
Internet Explorer 8 for Developers by Christian ThilmanyChristian Thilmany
The document discusses new features in Internet Explorer 8 including improved standards support, developer tools, performance optimizations, security enhancements, and methods for cross-domain communication and messaging between frames from different domains without compromising security. Key areas covered are DOM storage, cross-domain requests, cross-document messaging, and web slices for subscribing to portions of web pages.
The document provides instructions for installing PHP on Windows, including downloading the PHP binaries, running the installation wizard, configuring PHP to work with MySQL, and testing the PHP installation. It then provides examples of basic PHP programs, including displaying the date and time, generating random numbers, and retrieving meta tags.
This document discusses HTML5 features and how they relate to PHP development. It begins by noting that HTML5 moves from documents to applications and from hacks to solutions. It then discusses how technologies like Ajax, Comet, and real-time updates have led to a change where content is less important than context and applications like Facebook and Twitter are really applications, not just pages. The document outlines several new HTML5 features like WebSockets, Web Workers, offline applications, geolocation, drag and drop, and the file API. It argues that more logic will move to the client and browsers with these features. The summary concludes that HTML5 is part of a new application framework and that PHP developers will need to learn JavaScript to
HTML5 Semantics, Accessibility & Forms [Carsonified HTML5 Online Conference]Aaron Gustafson
This document discusses HTML5 semantics, accessibility, and forms. It begins with an overview of HTML5 and its new semantic elements like section, article, header, footer, nav, aside, figure, and details. It also covers new form elements and adjustments to existing elements like b, i, em, strong, small, cite, menu, and hr. The document provides examples and illustrations of how to properly use these new and updated elements to improve semantics, accessibility, and organization of content.
The document discusses declarative approaches to building user interfaces, which focus on describing what user interface elements to display rather than how to display them. Declarative languages allow for easier design, reuse, and sharing of information compared to imperative languages. Some challenges of declarative approaches include cross-browser compatibility issues and a lack of support for certain features in some browsers.
The document discusses various topics related to web development including XHTML, CSS, and JavaScript. It provides definitions and explanations of XHTML, CSS, JavaScript, and the differences between HTML and XHTML. It also covers common issues with supporting older browsers like IE6 and strategies for overcoming those issues such as using frameworks to simplify tasks like DOM manipulation and event handling.
The document discusses the evolution of HTML over time. It notes that XHTML proposals broke backwards compatibility and saw slow adoption. Meanwhile, browsers and technologies like Ajax advanced independently of standards bodies. This led to the formation of the WHATWG to further develop HTML. HTML 5 is described as just a nickname for ongoing incremental HTML revisions, combining the work of the WHATWG and W3C, allowing both XML and classic HTML syntaxes.
This document discusses installing PHP on Windows, provides PHP code samples, and describes:
1) Installing PHP 5 on Windows by downloading binaries, selecting installation options, and testing the installation.
2) PHP code samples that output dates/times in different formats, change background colors based on conditions, generate random numbers, and other basic PHP scripts.
3) Additional PHP functions demonstrated include string manipulation, file handling, and working with arrays.
The document discusses testing and deploying a workflow service application using Windows Server AppFabric and provides the following steps:
1. Prepare a demo workflow service app in Visual Studio to add and return the sum of two input integers.
2. Publish the app to a local IIS website using web deploy and test it using the WCF test client.
3. View and configure the services and endpoints for the site using the AppFabric dashboard.
4. Update the project's web.config and add error handling to demonstrate the AppFabric logging capabilities.
Sikuli is an open source visual UI automation tool developed at MIT that allows users to automate tasks by taking screenshots and clicking/typing based on visual elements on the screen without the need for code. It provides an IDE and scripting capabilities using Jython but has issues with poor documentation, some bugs, and lacks reporting or exporting test results.
The document discusses reflection in .NET and provides information on:
1. How reflection allows accessing metadata for any .NET type including methods, properties, fields and attributes.
2. The types involved in reflection like MemberInfo, MethodInfo, and how they can be used to explore types.
3. How reflection emits IL and can be used to dynamically generate types and assemblies at runtime.
4. Some common uses of reflection like attributes, dynamic invocation, and assembly loading.
A high level tour of what DevOps is and how the tooling from Microsoft aligns & assists an organization move to DevOps.
This session was presented as part of the Microsoft South Africa Dev Day roadshow in March 2015.
More info at: http://www.sadev.co.za/content/slides-my-devday-march-2015-talks
These slides are from my talk at the JSinSA (http://www.jsinsa.com/). This talk covers things I want people to know about Microsoft & JavaScript and highlights my favourite features & tools!
Video: http://youtu.be/KIPo3Rct1E4
More: http://sadev.co.za/content/visual%20studio%20%3C3%20javascript
DevConf is a community led, independent conference for software developers. This short slide deck is aimed to assist those attending in preparing for the event.
Lightswitch is a new tool from Microsoft that is part of the Visual Studio family. It uses a Russian doll model structure with a backend SQL or Azure database in the middle tier connected to a Silverlight front end through WCF RIA services. Lightswitch handles complexity through proven multi-tiered design patterns so developers can focus on business logic. It utilizes the latest technologies like Silverlight and WCF RIA services while still providing programmers flexibility through extensibility and custom controls.
Windows Server AppFabric Caching - What it is & when you should use it?Robert MacLean
This is from my Tech-Ed Africa 2010 talk. For more information see: http://www.sadev.co.za/content/teched-africa-2010-slides-scripts-and-demos-my-talks
This session looks at what AppFabric Caching is from start to deep dive.
Windows 8 introduces three types of apps: desktop apps, Windows Store apps, and Phone 8 apps. Windows Store apps are built on the new WinRT API and can be developed using HTML5, JavaScript and CSS, or managed languages like C++, C#, and VB. They integrate with the OS using contracts and metadata and run in a sandboxed environment. Desktop apps continue to use existing languages like C++ and .NET but only run on x86/x64. Phone 8 apps use Silverlight and run on the phone version of the Windows core.
O documento descreve um empreendimento imobiliário de luxo chamado Summer Club, que oferece aos compradores a oportunidade de viverem em um condomínio fechado com diversas comodidades e serviços de alto padrão, como piscinas, spa, quadras esportivas e apartamentos amplos, prometendo uma experiência de vida superior.
Movie Maker es un software de edición de video creado por Microsoft que permite crear presentaciones y videos caseros con características como efectos, transiciones, títulos, audio e importar fotos, videos y sonidos de cámaras y dispositivos. Se explican funciones como agregar títulos, transiciones, editar videos, quitar sonido y agregar otro sonido.
La red LAN conecta dispositivos dentro de una misma oficina o edificio usando cables o conexión inalámbrica, mientras que la red MAN conecta dispositivos en una ciudad o campus usando routers y la red WAN provee conexión entre ciudades usando diferentes tipos de conexiones con velocidades variables dependiendo de la ubicación.
El documento compara y contrasta los circuitos eléctricos en paralelo y en serie. Un circuito en paralelo tiene todos sus dispositivos conectados entre los puertos de entrada y salida, mientras que un circuito en serie conecta los dispositivos de forma secuencial uno tras otro entre la entrada y salida.
No dia 8 de março de 1857, operárias de uma fábrica de tecidos nos Estados Unidos fizeram uma greve para reivindicar melhores condições de trabalho. A manifestação foi reprimida com violência e 130 mulheres morreram queimadas. Em 1910, o dia 8 de março passou a ser o Dia Internacional da Mulher em homenagem a essas vítimas. A data busca diminuir o preconceito e desvalorização da mulher, embora ainda haja desafios. No Brasil, as mulheres conquistaram o direito ao voto em 1932.
Este documento apresenta um empreendimento imobiliário localizado na Av. Visconde de Albuquerque no Leblon, Rio de Janeiro. Contém fotos do local e das vistas dos apartamentos de diferentes colunas no 6o andar. Descreve os detalhes do projeto arquitetônico e da fachada, assim como as características e plantas baixas dos apartamentos dúplex e triplex.
El documento presenta varios algoritmos para resolver problemas cotidianos y matemáticos de forma secuencial. Incluye algoritmos para realizar una llamada telefónica, eliminar un virus de una memoria USB, realizar operaciones matemáticas básicas como suma, resta y multiplicación, calcular el área de un cuadrado, convertir unidades de almacenamiento y calcular la edad de una persona a partir de su año de nacimiento.
O documento descreve um condomínio localizado na Barra da Tijuca no Rio de Janeiro com mais de 40.000 m2 de área de lazer e infraestrutura completa, incluindo shopping, supermercado, transporte, segurança e escola próximos. Detalha também a localização próxima a praias, parques e hospitais e as diversas facilidades internas como piscinas, academia, salões e espaços de lazer.
The document discusses a study that examined the relationship between leaf characteristics and mite populations on plants. Specifically, it looked at how leaf surface area, number of veins, and number of domatia (cave-like structures) affected mite diversity and abundance. Leaves from 10 tree species were sampled and analyzed in the lab by recording domatia, area, veins and identifying/counting the mite species present. The results found no statistically significant correlation between the leaf traits and mite diversity or numbers. While tree species may impact mites, more research with larger samples is needed to confirm findings.
Cálculo resistencia limitadora a diodo ledJohn Travolta
El documento describe los cálculos para determinar la resistencia limitadora necesaria para diodos LED en serie y paralelo. Proporciona las características de los diodos LED utilizados, que tienen una tensión de 3 voltios y una corriente de 20 mA. Luego anuncia que realizará cálculos para configuraciones en serie y en paralelo.
The document provides an overview of key web technologies including:
- The World Wide Web (WWW) is a global system of interconnected documents accessed via URLs over HTTP. It consists of web servers that host content and web browsers that render pages.
- HTTP is the fundamental protocol of the WWW. It uses a request-response model where clients make requests that servers respond to. Common requests are GET to retrieve resources and POST to submit data.
- Cookies are small pieces of data stored by the client that are included in future HTTP requests to maintain state across interactions.
The document discusses using Web::Scraper to scrape web pages in a robust, maintainable way by using CSS selectors and XPath queries rather than fragile regular expressions. Web::Scraper provides a domain-specific language for defining scraping processes and extracting desired data from web pages into structured results. Examples show how to scrape links, text, and nested data from HTML elements using a simple declarative syntax.
Living in the Cloud: Hosting Data & Apps Using the Google Infrastructureguest517f2f
In the modern web, the user rules. Nearly every successful web app has to worry about scaling to an exponentially growing user base and giving those users multiple ways of interacting with their data. This talk will provide an overview of two technologies that aim to make web development and data portability easier: Google App Engine and the Google Data APIs.
This talk was presented by Pamela Fox, who works on the Google Developer Relations team as the Maps API Support Engineer.
The document discusses extending service-oriented architecture (SOA) with REST and Web 2.0 principles. It defines representational state transfer (REST) and describes its characteristics, including being resource-centric, using uniform interfaces, and being stateless. It advocates designing SOAs in a RESTful way by following best practices like using standard HTTP methods and URIs to access resources.
A presentation on Shanghai on Rails, March 14 2009, includes rack middelware introduction, one-file application using sinatra and sequel, and sinatra program running under Rails Metal.
The document discusses the differences between REST and SOAP APIs. REST APIs use standard HTTP methods to manipulate resources identified by URLs, are simpler to develop but less secure, while SOAP APIs are more complex but provide greater flexibility and security through XML envelopes and namespaces. Both styles have pros and cons, so providing both may be optimal but also increases maintenance overhead.
Living in the Cloud: Hosting Data & Apps Using the Google InfrastructurePamela Fox
In the modern web, the user rules. Nearly every successful web app has to worry about scaling to an exponentially growing user base and giving those users multiple ways of interacting with their data. Pamela Fox, Maps API Support Engineer & Developer advocate, provides an overview of two technologies - Google App Engine and the Google Data APIs - that aim to make web development and data portability easier.
Living in the Cloud: Hosting Data & Apps Using the Google Infrastructureguest517f2f
The document discusses Google's cloud computing infrastructure and services, including App Engine and Google data APIs. App Engine allows developers to run web applications on Google's servers and infrastructure, providing automatic scaling. Google data APIs provide a standardized way to access and share data through RESTful protocols like AtomPub, allowing developers to build applications that integrate with Google and other services. Examples are given of using the Google data protocol for CRUD operations and querying through demonstrations of sample applications built with App Engine and the APIs.
This document discusses RESTful web services and compares them to SOAP. It proposes redesigning the Flickr API to be more RESTful by defining resources like users, photos, tags and comments and allowing them to be manipulated via HTTP methods at URI endpoints. It also discusses representing resources in different formats like XML, JSON and addressing challenges of HATEOAS through hypermedia links between related resources.
Phing - A PHP Build Tool (An Introduction)Michiel Rook
PHing Is Not GNU make; it's a PHP project build system or build tool based on Apache Ant.
These are slides from my talk during the Unconference at the Dutch PHP 2011 Conference (Amsterdam). During this talk I gave an overview of the features and how to use, adapt and extend Phing.
A talk about how HTTP caching features that can and should be used to reduce origin server loads and traffic whilst retaining very small cache expire times. More specifically will cover what basic http headers are used by standard cache devices and how they differ, as well as how can they be used in combination to achieve smart cache revalidation.
This is the presentation from Null/OWASP/g4h December Bangalore MeetUp by Akash Mahajan.
technology.inmobi.com/events/null-owasp-g4h-december-meetup
Abstract:
This will cover the basics of Hyper Text Transfer Protocol. You will learn how to send HTTP requests like GET, POST by crafting them manually and using a command line tool like CURL. You will also see how session management using cookies happens using the same tools.
To practice along please install curl (http://curl.haxx.se/download.html).
GTLAB Installation Tutorial for SciDAC 2009marpierc
GTLAB is a Java Server Faces tag library that wraps Grid and web services to build portal-based and standalone applications. It contains tags for common tasks like job submission, file transfer, credential management. GTLAB applications can be deployed as portlets or converted to Google Gadgets. The document provides instructions for installing GTLAB, examples of tags, and making new custom tags.
RFC 7540 was ratified over 2 years ago and, today, all major browsers, servers, and CDNs support the next generation of HTTP. Just over a year ago, at Velocity (https://www.slideshare.net/Fastly/http2-what-no-one-is-telling-you), we discussed the protocol, looked at some real world implications of its deployment and use, and what realistic expectations we should have from its use.
Now that adoption is ramped up and the protocol is being regularly used on the Internet, it's a good time to revisit the protocol and its deployment. Has it evolved? Have we learned anything? Are all the features providing the benefits we were expecting? What's next?
In this session, we'll review protocol basics and try to answer some of these questions based on real-world use of it. We'll dig into the core features like interaction with TCP, server push, priorities and dependencies, and HPACK. We'll look at these features through the lens of experience and see if good practice patterns have emerged. We'll also review available tools and discuss what protocol enhancements are in the near and not-so-near horizon.
The document discusses using Selenium IDE to record and play test cases for web applications. It provides an overview of key web technologies like HTTP, HTML, DOM, CSS, and JavaScript. It then covers how to install and use Selenium IDE to record tests, modify test cases, handle random input, and run tests on a standalone Selenium server in different browsers.
Yahoo has developed the de facto standard for building fast front-ends for websites. The bad news: you have to follow 34 rules to get there. The good news: I'll take a subset of those rules, explain them, and show how you can implement those rules in an automated fashion to minimize impact on developers and designers for your high-traffic website.
GTAC: AtomPub, testing your server implementationDavid Calavera
The document discusses Atom Publishing Protocol (AtomPub), an application-level protocol for publishing and editing web resources. It provides an introduction to AtomPub and the Atom format, describes how AtomPub works using an introspective protocol, and outlines steps for testing an AtomPub server including creating, retrieving, modifying and deleting resources.
The document provides an overview of how the web works, including definitions and explanations of key concepts like servers, clients, protocols, URLs, HTML, and considerations for diversity and accessibility on the web. It then walks through steps to create a simple web page for a restaurant website, including adding basic document structure and text elements, an image, and basic styling with CSS.
14 things you need to be a successful software developer (v3)Robert MacLean
As we passed 140 years of software development, you would think the path to success has been worked out, documented, taught, and largely understood and yet, most software is late, over budget, or full of bugs (sometimes all three). This talk is not about the new Wizz-bang tech that will change your life by solving the issues in software development and only cost you a monthly subscription to your favourite tech company, rather this talk is focused on the only thing that you have control to change, YOURSELF. Join Robert as he will share 14 rules for being successful in software development, a talk he wished he had gotten over 20 years ago.
The OWASP top 10 is a list of the most prolific security issues facing web developers today. In this talk, Robert, will take you through all 10 and demonstrate the problems (we will hack for real… in a safe way) and talk about the solutions. This is an introductory talk, so no prior experience is needed in web dev or security. Not doing web dev? Many of these apply to all development! So join in for a lively session of demos, learning and fun
Video of this talk: https://www.youtube.com/watch?v=p5YCHNnQNyg
Building a µservice with Kotlin, Micronaut & GCPRobert MacLean
The document summarizes a presentation about building microservices with Kotlin, Micronaut, and Google Cloud Platform (GCP). The key points are:
1) Micronaut is a new Java framework from 2018 that is designed for building microservices and embraces modern JVM features and memory management.
2) Micronaut provides features like dependency injection, HTTP clients, and filters/interceptors out of the box that help build modern services.
3) The presentation demonstrates building a sample microservice with Micronaut and deploying it to GCP using Docker and Kubernetes. Jib is used to containerize the application.
Robert recently completed a large scale project using Vue.js, TypeScript, MobX and other terms to make this very high on Google rankings. Now it is the time for the retrospective, what went well and what did not. This talk is about the front end only and is light on demos, with the focus being on the real system which was built. When you leave, you will have a set of new architectures you can apply to your next web project, regardless if it is Vue, React or Angular.
This document contains information about an introduction to Kotlin programming course held on August 29th in Newlands at CodeBridge. It also references an expert drinks event on August 2nd. The document is authored by Robert MacLean and includes his Twitter and website contact details.
The document covers JavaScript concepts like scoping, for loops, eval, with, arrays, equality comparisons, semicolons, commas, strict mode, and numbers. It provides examples to demonstrate variable scoping, proper for loop syntax, uses of eval(), the with statement, array creation and properties, equality vs identity operators, optional semicolons, comma operators, what strict mode does, and rounding errors with floating point numbers.
State of testing at Microsoft focuses on quality, collaboration throughout the development lifecycle. Microsoft provides tools to empower testing, feedback, and monitoring including test case management, manual and exploratory testing, browser-based testing, feedback management, quality dashboards, lab management, release management, and application insights. The tools are designed to put quality at the center and close the loop between development and operations.
This fun session covers some of the new language features found in C# 6.
This session was presented as part of the Microsoft South Africa Dev Day roadshow in March 2015.
More info at: http://www.sadev.co.za/content/slides-my-devday-march-2015-talks
This document discusses several Microsoft technologies for app development including Xamarin, LightSwitch, Cordova, Azure VMs, Visual Studio in the cloud, Chef/Puppet, and PowerShell. Xamarin allows building native apps using C# that run across iOS, Android and Windows. LightSwitch is for quickly building line of business apps. Cordova uses web technologies like HTML/CSS/JS to build cross-platform apps. Azure VMs provide scalable cloud computing resources. Visual Studio in the cloud allows using VS via the internet. Chef and Puppet automate server configuration. PowerShell enables automation on Azure. Demos are presented on many of these topics.
Agile lessons learned in the Microsoft ALM RangersRobert MacLean
The document discusses lessons learned from the Microsoft ALM Rangers team regarding agile practices. It provides an overview of scrum basics including that the product owner owns the backlog, the team completes work in sprints, and sprints end with a review and retrospective. It also notes some key lessons learned such as the importance of passion, priority definitions, light ceremonies, time as an engineering constraint, communication over metrics, and video not being a nice-to-have.
Building services for apps on a shoestring budgetRobert MacLean
You want to build an app and need a backend but have a limited budget? This presentation is a look at two major solutions:
1 - Using Cloud services like Azure, AppHarbour & Amazon cheaply
2 - Using combination of other services to power your app
This document discusses the history and features of Visual Studio and ASP.NET. It outlines the cadence of Visual Studio releases from 2008 to 2013. Key features discussed include backwards compatibility, support for multiple .NET frameworks, and the removal of the "ASP.NET Configuration" dialog. The document promotes the unification of ASP.NET under "One ASP.NET" and highlights features in Visual Studio 2013 like Browser Link and no separation between Web Forms and MVC.
The document discusses LightSwitch, a tool for quickly building data-driven applications. It provides an overview of LightSwitch's structure and evolution. The presentation then demonstrates building a board game voting application in LightSwitch. Finally, it reviews LightSwitch's capabilities for easily creating different types of applications and services.
How to build a Mobile API or HTML 5 app in 5 minutesRobert MacLean
Robert gave a talk about how LightSwitch can help developers build mobile APIs and HTML5 apps faster by automating common development tasks and boring code, allowing them to focus on adding unique value. LightSwitch is a tool that streamlines creating the technical requirements for apps so they can be developed more quickly, connecting to data sources like SQL Server and exposing them through OData for mobile and HTML5 clients.
Protection of Personal Information Bill (POPI)Robert MacLean
A short presentation that focuses on the proposed POPI law, how it impacts businesses, technology, IT depts & the cloud. It was based on a draft so some aspects may have changed.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Things to Consider When Choosing a Website Developer for your Website | FODUUFODUU
Choosing the right website developer is crucial for your business. This article covers essential factors to consider, including experience, portfolio, technical skills, communication, pricing, reputation & reviews, cost and budget considerations and post-launch support. Make an informed decision to ensure your website meets your business goals.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
OpenID AuthZEN Interop Read Out - AuthorizationDavid Brossard
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
2. Robert MacLean www.sadev.co.za @rmaclean BB&D ATC Introduction HTTP Basics URI’s Methods Status Codes Content Type Authentication URI Planning Patterns Style Accidental Services Examples Actions Guidelines Anti-Patterns Security Wrap Up About me Agenda Welcome
3. REST Acronym? Representational State Transfer Source? Came about in 2000 doctoral dissertation of Roy Fielding
4. What is it? ROA – Resource Orientated Architecture WOA – Web Orientated Architecture Thanks Gartner for another TLA It is a style NOT API Interface Official Standard A drop in replacement for SOAP
5. Benefits of REST Highly scalable Designed for HTTP Easy to consume & produce No complex request/response model. No complex XML contracts Easy to understand for you and machines URI + Method = Intent
6. HTTP Basics REST builds on HTTP so you need to know HTTP HTTP is not HTML HTTP is stateless HTTP URI Header http://www.sadev.co.za Method GET Status Code 200 Content Type text/plain Body text
7. URI Basics Hostname Scheme Query http://www.sadev.co.za/users/1/contact http://www.sadev.co.za?user=1&action=contact http://rob:pass@bbd.co.za:8044 https://bbd.co.za/index.html#about Query Hostname Scheme Userinfo Hostname Port Scheme Scheme Hostname Query Fragment
9. Status Codes 1xx – Informational 2xx – Success 3xx – Redirection 4xx – Client Error 5xx – Server Error
10. Status Codes Examples 100 = Continue 102 = Processing 200 = OK 201 = Created 204 = No Content 206 = Partial Content 301 = Moved Permanently 302 = Found (Moved Temp) 307 = Temp Redirect 400 = Bad Request 401 = Unauthorised 402 = Payment Required 403 = Forbidden 404 = Not Found 405 = Method Not Allowed 409 = Conflict 418 = I’m a teapot 450 = Blocked by Windows Parental Controls 500 = Internal Server Error 501 = Not Implemented
11. Content Type Proper name: Internet Media Type Also known as MIME type Parts: Type, SubType, Optional Parameters x- prefix for nonstandard types or subtypes vnd. prefix for vendor specific subtypes Frowned upon by purists
12. Content Type Examples text/plain – Plain text text/xml – XML text/html – HTML image/png – PNG image audio/basic – Wave audio audio/mpeg – MPEG audio (MP3) video/quicktime – Quicktime Video application/pdf – Adobe PDF document application/javascript – JavaScript application/vnd.ms-powerpoint – PowerPoint file application/x-rar-compressed – RAR file
13. HTTP Authentication Basic Authentication Easy to do, but plain text. Easy to reverse engineer. Less of an issue when used with SSL. Digest Authentication Harder to do, still plain text. Hard (impossible?) to reverse engineer because of hashing. NTLM Authentication Hard to do, Windows specific. Hard (impossible?) to reverse engineer.
14. Header Example Request HEAD /index.html HTTP/1.1 Host: www.example.com Response HTTP/1.1 200 OK Date: Mon, 23 May 2005 22:38:34 GMT Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT Etag: "3f80f-1b6-3e1cb03b" Accept-Ranges: bytes Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8
15. Lego Catalogue A simple system to store what LEGO’s a person owns. Want to Add bricks Set bricks status to be in use Remove bricks Get list of bricks Check if I have enough bricks Get picture of brick
21. Real Life URI Example Resource: Photos Where: http://farm{farm-id}.static.flickr.com/{server-id}/{id}_{secret}.jpg http://farm{farm-id}.static.flickr.com/{server-id}/{id}_{secret}_[mstb].jpg http://farm{farm-id}.static.flickr.com/{server-id}/{id}_{o-secret}_o.(jpg|gif|png) What: JPEG, GIF or PNG (defined in the URL) http://farm1.static.flickr.com/2/1418878_1e92283336_m.jpg
24. Methods Example http://bbddb01/northwind/users[firstname=“rob%”] + POST = Error + GET = Returns everyone who begins with rob + PUT = Error + DELETE = Deletes everyone who begins with rob http://bbddb01/northwind/users + we add some input data + POST = Creates a new user + GET = Returns everyone who meets criteria + PUT = Creates/Updates a user (based on data) + DELETE = Deletes everyone who meets criteria
26. What about actions? GetStoreOpenTime(Location) GET http://lc/stores/{location}/times?state=open RejectDesign(Design) POST http://lc/rejections + form data PerformBrickCount(Design) POST http://lc/design/124/brickCount GET http://lc/design/124/brickCount/2
27. Guidelines Design to be stateless Design for resources, not services Stock quote service vs. A way to work with stock resources Use cookies for self-contained state
28. Guidelines Naming: Favour nouns over verbs GET /brick/2/delete DELETE /brick/2 Shorter nice URI’s preferred, not required Do not change URI’s Use 3xx redirection if needed
29. Guidelines Give every resource an ID http://lc/brick/1 http://lc/project/planned/223 More URI’s the better
30. Guidelines Support for multiple data types or representations For data use XML and/or JSON Postfixes to define type GET /brick/2/image.jpg GET /brick/2/image.png
31. Guidelines Design with standards in mind – for example RSS & ATOM Create should return URI’s not resources Use the right HTTP methods for the right actions You are on HTTP – use the infrastructure. Proxy, Caching, Etag, Expires
35. Anti-Patterns Use one HTTP method – like GET for everything Often called GET or POST Tunnelling Pass everything in URI’s Assume this is a replacement for SOAP or WS*
36. Security101 Are RESTful services secure? It’s a style, not a technology so that depends on how you implement it. Are you open to SQL injection attacks? When you look at http://bbddb01/northwind/users[firstname=“rob%”], you may think so but you shouldn’t be. Because: The parameter shouldn’t be SQL If it is SQL, why are you not filtering it? Remember the old rule: Do not trust user input URI’s are user input
37. Security102 How can I do authentication? It’s built on HTTP, so everything you have for authentication in HTTP is available PLUS You could encode your authentication requirements into the input fields
38. Good Examples WCF Data Services Previously called ADO.NET Data Services & Astoria NerdDinner.com Twitter.com MediaWiki Their action’s are frowned upon by purists
39. Benefits of REST Highly scalable Designed for HTTP and stateless Easy to consume No complex request/response model. No complex XML contracts Easy to understand for you and machines URI + Method = Intent