Profile

Cover photo
Chris Adams
Works at Madgex
Lives in Brighton
79 followers|962,818 views
AboutPosts

Stream

Chris Adams

Shared publicly  - 
 
We've recently just released a new HTML 5 web app that follows the single page app design and are using App Cache to enable a certain amount of offline functionality.  However most data is fetched from a cross origin RESTful API in which we allow access to via the NETWORK element in the App Cache manifest file.

In order to secure the data being transferred from the app to the API we want to ensure all calls to the API are made securely using SSL.  When we change the protocol for the URL of the endpoint and update the NETWORK white-list to https://domain.co.uk we find in Chrome that it kills the request off.  The request never makes it outside of the browser.  Testing in desktop Firefox appears to not experience the same behaviour.

It appears the if we make the NETWORK element a full wildcard then Chrome is happy and our requests make it out of the browser.  However I'm unhappy to implement this as a fix as it's unclear if in doing so we risk having the application load all resources from the network even if previously we had asked it to cache them through the App Cache CACHE directive.  From a security perspective whilst we would achieve securing the data transfer between the web app and the RESTful API we would open up another security hole by allowing any script network access to download whatever content it likes.

At the moment I want to understand if this is a bug just in Chrome, or if we're doing something that App Cache wasn't designed for.  I'll update you as my journey unfolds as we dig further.

#html5 #appcache #'CORS
1
1
Chris Adams's profile photoGlenn Jones's profile photo
 
Update is that this isn't a bug in Chrome but us not following the specification.   Digging through the http://www.whatwg.org/specs/web-apps/current-work/multipage/offline.html documentation the NETWORK on-line white-list section says that the is can either contain a single * character or a valid URL identifying a resource other than the manifest itself.

Further down it defines that relative URLS must be given to the manifest's own URL.  All URLs in the manifest must have the same <scheme> as the manifest itself (either explicitly or implicitly, through the use of relative URLs).

Whilst this is all still confusing and not 100% clear as to the reason of limiting the NETWORK section to either be a wildcard or relative URL, the description for parsing the white-list section is more explicit by stating that is the entry is not a * or a URL of the same scheme then it is ignored.

So I guess that where we're setting a URL and not the wildcard Chrome is setting the online whitelist wildcard flag as blocking, but then because the URL is not in the same scheme it's not adding it to the list, so we effectively block all URL's.

Firefox is probably more lax and because the URL is not a valid URL for the NETWORK section due to the different scheme it is being kind as saying as there are no properly formed URL's then it's leaving the online whitelist wildcard flag as open.

With many thanks to +Glenn Jones for his research into this over the weekend.
Add a comment...

Chris Adams

Shared publicly  - 
 
Working as a manager of a development team always throws up interesting challenges to overcome.  Generally in non technical areas.  The one raised today is how to generally get developers to blog.

The main question that arises, is blog about what?  Especially where that blog is not personal but related to the place of work ads in extra pressures on what is interesting and valid.

For myself blogging is a personal experience and one that you're either into or not.  Those people likely to want to write a blog are already doing so and would quite happily write a blog post for the company website.  They are already out there in the websphere open to comment and critique and have already honed their skills.

Most developers in my team don't blog, surprisingly most don't even use twitter, or if they do for a read only.  I do, and enjoy doing so, but twitter for me is an extension of my personal life and so I fill it with inane things around what I'm doing for lunch or how my kids are driving me up the wall that moment.  The link is in my profile, follow me if you want to to.

I try to use Google+ for a more professional aspect of my life (though Picasa likes to post pictures into my timeline, luckily just to myself though).  Which is why I rarely write items up here.   My hope is that by trying to explore a more creative side I'll understand the motivations to blog and so be able to encourage this in my team.  However I'm struggling to to achieve this.

Looking however at my timeline, shows that this is still an area that is not natural to me and what I find most is having a lack of time to write something well thought out.  I often think of great posts to write at the weekend, but juggling two small children and trying to write on an iPhone doesn't result in the best creative space to research and flesh out a well thought out argument.  When I get into the office I either find I've forgotten what I was going to post about, or get dragged into something else and then the moment has passed.  I also question is it part of my job to write posts - though of a relevant nature to my work, it doesn't get my task list any shorter.

So how am I going to encourage people to write blogs?  Firstly by understanding my own filters and fears around writing myself. Secondly I'll have to really challenge my belief that you can't force someone to blog, as my own holding belief will not enable me to effectively rally up the troops.
1
Add a comment...

Chris Adams

Shared publicly  - 
 
I'm looking for a leading Senior Software Developer to join my team.  Contact me for more details.
Wired Sussex is a Brighton-based membership organisation for companies and freelancers operating in the digital, media and tech sectors in Sussex. Our goal is to support our members in their quest to ...
1
Add a comment...

Chris Adams

Shared publicly  - 
 
A great article on best practices for handling mobile sites with indexing.
Recently, Google released their Building Smartphone-Optimized Websites recommendations. Within these pages, Google briefly describes the different techniques for implementing mobile-optimized sites......
1
Add a comment...

Chris Adams

Shared publicly  - 
 
Interesting comment about the Vary HTTP header.  Will be interesting to see how easy this will be to force the ASP.NET stack to allow me to set this.
Home · Google for Webmasters · Rich Snippets · Intro to Rich Snippets · Types of Rich Snippets · Product Search · Reviews · Recipe Markup · Events · Software Applications · Notifying Google · Troubles...
1
Add a comment...

Chris Adams

Shared publicly  - 
 
Looking for front ends dev's. Let me know if your interested.
 
We're hiring. Are you a talented & experienced Front End Designer looking for a new exciting role in central Brighton? If so we want to hear from you.
1
Add a comment...
Have him in circles
79 people
Rose Parker's profile photo
Matt Ablott's profile photo
Makemedia UK's profile photo
Bo Peep's profile photo
Scott Lawson's profile photo
G Plus SEO's profile photo
Simon Loader's profile photo
Vanessa Parr's profile photo
Jane Dallaway's profile photo

Chris Adams

Shared publicly  - 
 
In my day to day job I'm always asked for dates. When can this be done, when can that be done. However I find generally in a very rapid software development environment dates are often meaningless.

My natural preference is to give a timeframe, within a week, within a sprint as this allows us to prioritise daily on what's important and urgent. Unless something has an externally placed fixed time then working to specific dates I find causes more pain than learning to work within a timeframe. Having dates means you have to continually feedback when small time periods are missed or delayed just to the nature of the work we do.

However the rest of the world seems stuck on dates even when I say "It'll be done in the week" which I mean that it'll be done this week so plan for acting on this next week, gets a response of "we'll what day this week."

I'm sure if we adopted a more agile process these tensions will ease, yet my gut feeling will be that even in a more formal sprint process people will still be asking me for specific dates. 
1
Add a comment...

Chris Adams

Shared publicly  - 
 
I'm looking fora senior software developer to join my team in Brighton. Contact me for more details.

http://www.wiredsussex.com/jobs/vacancy/senior_software_developer_in_brighton_and_hove/10662
1
Add a comment...

Chris Adams

Shared publicly  - 
 
We're looking for a new Junior Developer to join our team.  Contact me if you want more information.
Wired Sussex is a Brighton-based membership organisation for companies and freelancers operating in the digital, media and tech sectors in Sussex. Our goal is to support our members in their quest to ...
1
Add a comment...

Chris Adams

Shared publicly  - 
 
Common pitfalls on user agent string sniffing is to just try detecting android to determine if this is a mobile device.  However this also applies to just detecting the word mobile.  iPad's also contain mobile within their user-agent string and so without more specific matching you can inadvertently redirect iPad's to your mobile interface.
1
Chris Adams's profile photo
 
Interestingly that Google's own blog doesn't have the ability to plus 1 it's content
Add a comment...

Chris Adams

Shared publicly  - 
 
Currently at work I'm reviewing how we should deal with redirection for a new mobile HTML 5 that delivers content for smartphones and trying to determine the impact on SEO.

Whilst the recommendation is that this should be delivered via responsive design I'm not yet convinced that devices and technology can provide a workable website that can 'adapt' to each site without providing too much compromise on the functionality offered.

We're at an interesting crossroad where mobile bandwidth is increasing or becoming less important as more people connect to wifi with their mobile device; but does this mean that we should stop considering network traffic and best behaviours when looking to build more than pure content sites.  If your website offers some level of functionality I fear we'll end up with poorly performing applications on mobile devices or bad compromises to usability on desktop browsers to accomodate performance on mobile networks and form factors.

Where this debate will go will be interesting to watch but in the mean time serving separate content on different URL's to different devices and redirecting between the two for me appears to provide the best option at the moment, and the challenge will be how these different views of the same content can be best represented to users and search engines.
1
Add a comment...

Chris Adams

Shared publicly  - 
 
For one reason or another I had to build a previous revision of a tag in SVN.  Now I know that we are probably approaching the situation wrong, and deleting and re-creating a tag isn't the best approach.  However it's the easiest approach for getting builds done at the moment.

So I was trying to checkout using the following command

svn checkout -r 23103 https://sourcecontrol/myproject/tags/release-4.0

The behaviour I got though was for it to checkout that folder at the HEAD level for all files apart from those at that particular revision.  To get it to checkout all files as they were at that revision  I had to use the following syntax

svn checkout https://sourcecontrol/myproject/tags/release-4.0@23103

If anyone can help explain the difference between the two, that would be really useful as the documentation doesn't currently shed much light.
1
Add a comment...
People
Have him in circles
79 people
Rose Parker's profile photo
Matt Ablott's profile photo
Makemedia UK's profile photo
Bo Peep's profile photo
Scott Lawson's profile photo
G Plus SEO's profile photo
Simon Loader's profile photo
Vanessa Parr's profile photo
Jane Dallaway's profile photo
Work
Occupation
Chief Software Architect
Employment
  • Madgex
    Chief Software Architect, present
  • KCOM
  • Mistral
  • Reuters
  • Multex
  • Netcheck.co.uk
  • IPC Media
  • Madgex
Basic Information
Gender
Male
Story
Introduction
Father of two beautiful children, and web software architect, developer, team manager living in Brighton and enjoying family life.
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Brighton
Previously
Harlow - Bishops Stortford - Auckland