Tag: Groovy
-
Groovy: Handling Byte Order Marks When Reading a File
PROBLEM Given a file with the following content:- When reading the file:- … the following values are printed:- Even though the value is trimmed, there is still a leading space in front of text. A further inspection reveals the leading space is not a regular space:- SOLUTION Some editors prepend a special Unicode character called… Read More…
-
Spring Security: Propagating Security Context to Spawned Threads
PROBLEM Let’s assume we have the following Parent class… … and Child class… Let’s also assume the user has successfully logged in and Spring Security has set up the user authentication info. The Parent will spawn a new thread (through @Async) to run Child. When invoking the Parent, this is what we see:- The Child,… Read More…
-
JEE Security: Preventing Clickjacking Attacks
PROBLEM Clickjacking is an attack that tricks the users to perform unintended actions… see OWASP’s Testing for Clickjacking (OTG-CLIENT-009) SOLUTION To prevent clickjacking attacks, the app must set X-FRAME-OPTIONS header with an appropriate value:- If set correctly, the HTTPS response should show X-FRAME-OPTIONS header:- There are several ways to set this header. Solution 1: Using… Read More…
-
JEE Security: Disabling HTTP OPTIONS method
PROBLEM HTTP OPTIONS method is used to provide a list of methods that are supported by the web server. For example, the following shows both GET and HEAD are allowed on the given link:- Enabling OPTIONS may increase the risk of cross-site tracing (XST)… see OWASP’s Test HTTP Methods (OTG-CONFIG-006). SOLUTION There are several ways… Read More…
-
Groovy: Copying Properties Between Two Beans
PROBLEM Given two beans… There are several ways to copy properties from one bean to another:- SOLUTION Groovy provides a helper class to solve this problem called InvokerHelper. The advantage of using this is there’s no need to import yet another dependency and it still allows us to keep our code concise. Scenario 1: Both… Read More…
-
Java: Exploring Preferences API
BACKGROUND In any written scripts or rich client apps, there is almost a need to persist the user preferences or app configurations. Most of the time, we, the proud developers, handle that situation in very ad-hoc manner. When storing in a file, we use different formats: from old-boring XML, to cool-kid JSON, to even cooler-kid… Read More…