TechGear

Cross-Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application. Cross-site Request Forgery (CSRF) protection via Synchronizer Token Patterns This protection technique is called as Synchronizer Token Pattern. This solution is to ensure th...

Cross-Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application. Cross-site Request Forgery(CSRF) protection via Double Submit Cookies Patterns. In this technique, we send a random value in both a cookie and as a request param...

Cron expressions are used to configure instances of CronTrigger, a subclass of org.quartz.Trigger. A cron expressions is a string consisting of six or seven subexpressions (fields) that describe individual details of the schedule. These fields, separated by white space, can contain any of the allowed values with various combinations of the allowed characters for that field. Table 1 Cron Expression Allowed Fields and Values Name Required Allowed Values Allowed Special Charaters Seconds Y 0-59 ,-*/ Minutes Y 0-59 ,-*/ Hours Y 0-23 ,-*/ Day of month Y 1-31 ,-*?/LWC Month Y 0-11 or JAN-DEC ,-*/ Day of week Y 1-7 or SUN-SAT ,-*?/LC# Year N Empty or 1970-2099 ,-*/ Example Cron expression can be as simple as * * * * ? * or as complex as 0 0/5 14,18,3-39,52 ? JAN,MAR,SEP MON-FRI 2002-2010 ...

Maven is a project management and comprehension tool. Maven provides developers a complete build lifecycle framework. Development team can automate the project’s build infrastructure in almost no time as Maven uses a standard directory layout and a default build lifecycle. In cases of multiple development team’s environment, Maven can set-up the way to work as per standards in a very short time. As most of the project setups are simple and reusable, Maven makes life of developer easy while creating reports, checks, build and testing automation setups. Maven History Maven was originally designed to simplify building processes in Jakarta Turbine project. There were several projects and each project contained slightly different ANT build files. JARs were checked into CVS Maven Objective Maven primary goal is to provide developer ·                   A comprehensive model for projects...

Over 6 billion hours of video are watched each month on Youtube That’s almost one hour for every person on Earth Youtube wants to get that video to you as fast as possible Identification of problem Youtube developers analysis data from real user monitoring and broke down the Critical Stages of Playback Initializing player stage is same for every playback So, they decide to reuse the same player when switching from video to video Solution Youtube introducing a new JavaScript framework for page navigation SPF is a lightweight framework for navigation and page updates When someone visits YouTube for first time the pages is statically loaded with whole content including video player. If he/she visit another video the video player will be kept persist and only the other parts of the pages will be loaded by receiving these page fragments from server increases performance compared to loading the whole page again and again. Result of SPF YouTube videos are ...

AngularJs is a JavaScript-based open source front-end web application framework mainly maintained by Google. The JavaScript components complement Apache Cordova, the framework used for developing cross-platform mobile apps. The AngularJS framework works by first reading the HTML page, which has embedded into it additional custom tag attributes. Angular interprets those attributes as directives to bind input or output parts of the page to a model that is represented by standard JavaScript variables. The values of retrieved from static or dynamic JSON resources. AngularJS Exteds HTML with ng-directives. The ng-app directive defines an AngularJS application. The ng-model directive binds the value of HTML controls to application data. The ng-bind directive binds application data to the HTML view. AngularJS Expressions             AngularJS expressions are written inside double braces: {{ expression }} AngularJ...