Profile cover photo
Profile photo
Chris Adams
81 followers
81 followers
About
Chris's posts

We've recently just released a new HTML 5 web app that follows the single page app design and are using App Cache to enable a certain amount of offline functionality.  However most data is fetched from a cross origin RESTful API in which we allow access to via the NETWORK element in the App Cache manifest file.

In order to secure the data being transferred from the app to the API we want to ensure all calls to the API are made securely using SSL.  When we change the protocol for the URL of the endpoint and update the NETWORK white-list to https://domain.co.uk we find in Chrome that it kills the request off.  The request never makes it outside of the browser.  Testing in desktop Firefox appears to not experience the same behaviour.

It appears the if we make the NETWORK element a full wildcard then Chrome is happy and our requests make it out of the browser.  However I'm unhappy to implement this as a fix as it's unclear if in doing so we risk having the application load all resources from the network even if previously we had asked it to cache them through the App Cache CACHE directive.  From a security perspective whilst we would achieve securing the data transfer between the web app and the RESTful API we would open up another security hole by allowing any script network access to download whatever content it likes.

At the moment I want to understand if this is a bug just in Chrome, or if we're doing something that App Cache wasn't designed for.  I'll update you as my journey unfolds as we dig further.

#html5 #appcache #'CORS

In my day to day job I'm always asked for dates. When can this be done, when can that be done. However I find generally in a very rapid software development environment dates are often meaningless.

My natural preference is to give a timeframe, within a week, within a sprint as this allows us to prioritise daily on what's important and urgent. Unless something has an externally placed fixed time then working to specific dates I find causes more pain than learning to work within a timeframe. Having dates means you have to continually feedback when small time periods are missed or delayed just to the nature of the work we do.

However the rest of the world seems stuck on dates even when I say "It'll be done in the week" which I mean that it'll be done this week so plan for acting on this next week, gets a response of "we'll what day this week."

I'm sure if we adopted a more agile process these tensions will ease, yet my gut feeling will be that even in a more formal sprint process people will still be asking me for specific dates. 

Working as a manager of a development team always throws up interesting challenges to overcome.  Generally in non technical areas.  The one raised today is how to generally get developers to blog.

The main question that arises, is blog about what?  Especially where that blog is not personal but related to the place of work ads in extra pressures on what is interesting and valid.

For myself blogging is a personal experience and one that you're either into or not.  Those people likely to want to write a blog are already doing so and would quite happily write a blog post for the company website.  They are already out there in the websphere open to comment and critique and have already honed their skills.

Most developers in my team don't blog, surprisingly most don't even use twitter, or if they do for a read only.  I do, and enjoy doing so, but twitter for me is an extension of my personal life and so I fill it with inane things around what I'm doing for lunch or how my kids are driving me up the wall that moment.  The link is in my profile, follow me if you want to to.

I try to use Google+ for a more professional aspect of my life (though Picasa likes to post pictures into my timeline, luckily just to myself though).  Which is why I rarely write items up here.   My hope is that by trying to explore a more creative side I'll understand the motivations to blog and so be able to encourage this in my team.  However I'm struggling to to achieve this.

Looking however at my timeline, shows that this is still an area that is not natural to me and what I find most is having a lack of time to write something well thought out.  I often think of great posts to write at the weekend, but juggling two small children and trying to write on an iPhone doesn't result in the best creative space to research and flesh out a well thought out argument.  When I get into the office I either find I've forgotten what I was going to post about, or get dragged into something else and then the moment has passed.  I also question is it part of my job to write posts - though of a relevant nature to my work, it doesn't get my task list any shorter.

So how am I going to encourage people to write blogs?  Firstly by understanding my own filters and fears around writing myself. Secondly I'll have to really challenge my belief that you can't force someone to blog, as my own holding belief will not enable me to effectively rally up the troops.

I'm looking fora senior software developer to join my team in Brighton. Contact me for more details.

http://www.wiredsussex.com/jobs/vacancy/senior_software_developer_in_brighton_and_hove/10662

Post has attachment

Post has attachment

Post has attachment

Post has attachment
Common pitfalls on user agent string sniffing is to just try detecting android to determine if this is a mobile device.  However this also applies to just detecting the word mobile.  iPad's also contain mobile within their user-agent string and so without more specific matching you can inadvertently redirect iPad's to your mobile interface.

Post has attachment

Currently at work I'm reviewing how we should deal with redirection for a new mobile HTML 5 that delivers content for smartphones and trying to determine the impact on SEO.

Whilst the recommendation is that this should be delivered via responsive design I'm not yet convinced that devices and technology can provide a workable website that can 'adapt' to each site without providing too much compromise on the functionality offered.

We're at an interesting crossroad where mobile bandwidth is increasing or becoming less important as more people connect to wifi with their mobile device; but does this mean that we should stop considering network traffic and best behaviours when looking to build more than pure content sites.  If your website offers some level of functionality I fear we'll end up with poorly performing applications on mobile devices or bad compromises to usability on desktop browsers to accomodate performance on mobile networks and form factors.

Where this debate will go will be interesting to watch but in the mean time serving separate content on different URL's to different devices and redirecting between the two for me appears to provide the best option at the moment, and the challenge will be how these different views of the same content can be best represented to users and search engines.
Wait while more posts are being loaded