Profile

Cover photo
Glenn Jones
Works at Madgex
Lives in Brighton
1,804 followers|31,922 views
AboutPostsPhotosYouTube

Stream

Glenn Jones

Shared publicly  - 
 
More AppCache problems - it is a douchebag of an API
 
We've recently just released a new HTML 5 web app that follows the single page app design and are using App Cache to enable a certain amount of offline functionality.  However most data is fetched from a cross origin RESTful API in which we allow access to via the NETWORK element in the App Cache manifest file.

In order to secure the data being transferred from the app to the API we want to ensure all calls to the API are made securely using SSL.  When we change the protocol for the URL of the endpoint and update the NETWORK white-list to https://domain.co.uk we find in Chrome that it kills the request off.  The request never makes it outside of the browser.  Testing in desktop Firefox appears to not experience the same behaviour.

It appears the if we make the NETWORK element a full wildcard then Chrome is happy and our requests make it out of the browser.  However I'm unhappy to implement this as a fix as it's unclear if in doing so we risk having the application load all resources from the network even if previously we had asked it to cache them through the App Cache CACHE directive.  From a security perspective whilst we would achieve securing the data transfer between the web app and the RESTful API we would open up another security hole by allowing any script network access to download whatever content it likes.

At the moment I want to understand if this is a bug just in Chrome, or if we're doing something that App Cache wasn't designed for.  I'll update you as my journey unfolds as we dig further.

#html5 #appcache #'CORS
1
Jonathan Kingston's profile photoGlenn Jones's profile photo
4 comments
 
Finally got to bottom of this, there a line in the AppCache spec:

"Relative URLs must be given relative to the manifest's own URL. All URLs in the manifest must have the same <scheme> as the manifest itself (either explicitly or implicitly, through the use of relative URLs)."

We had setup the API under SSL, but the website was still running without. So the manifest was not under the same scheme as the URLs in the NETWORK section.

So you either put the whole website under SSL and then you can use

NETWORK:
https//example.com/restapi/

or do what everyone else does and use the wildcard

NETWORK:
*

This problem does not effect Firefox, it does not seem to follow the spec here. 

Cheers Glenn
Add a comment...

Glenn Jones

Shared publicly  - 
 
From todays walk on the south downs - great day to be walking
1
Add a comment...

Glenn Jones

Shared publicly  - 
 
I have just released a new node.js microformats parser. It is based on
the javascript microformat-shiv project, which is used to build browser
extensions and web apps.

It currently supports the following formats: hCard, XFN, hReview,
hCalendar, hAtom, hResume, geo, adr and tag. I have not built
microformats v2 support into it yet.

The project page: http://glennjones.github.com/microformat-node
Source code: https://github.com/glennjones/microformat-node
Test server : http://microformat-node.jit.su
4
7
Add a comment...

Glenn Jones

Shared publicly  - 
 
Just uploaded new/updated collection of browser File and Clipboard API demo's
2
1
Add a comment...

Glenn Jones

Shared publicly  - 
 
The new home of the Chromebook Google gave me. Sits nicely in the couch, for web browsing. Thinking about the wider product feedback for the chrome team. 
1
Add a comment...
In his circles
434 people
Have him in circles
1,804 people

Glenn Jones

Shared publicly  - 
 
I have just released a brand new microformats 2 parser for node.js.

Demo API
http://microformat2-node.jit.su/

Try the API with:
http://the-pastry-box-project.net/
http://microformats.org/

About microformats 2
http://microformats.org/wiki/microformats-2

The blog post link gives a bit more of an overview. I hope this work will help microformats and the concept of the semantic web move forward another little step. Enjoy
4
1
Add a comment...

Glenn Jones

Shared publicly  - 
 
Last weekend I attended NodeCopter Brighton, a day of hacking AR-Drone’s and node.js. I wanted to control the drone by hand jestures using the Kinect’s motion detection abilities. 

Hackdays are funny, sometimes everything comes together, other times small things just trip you up. Unfortunately Saturday was a day when nothing seemed to work for me, mainly because I made the mistake of loading the wrong version of a USB driver.

On the upside that day I bumped into Aral getting coffee at Taylor St who pointed me to a project he did using Kinect with processing.

So after a couple of hours of hacking after the event, I could wave my hands and fly a drone. Once I had the right USB driver installed.

Thanks to everyone who made the day possible, I had a great time. I am glad with others, Madgex was able to sponsor the event.
1
Add a comment...

Glenn Jones

Shared publicly  - 
 
I have just uploaded a new version of microformat-node. The parser now takes between 30-40 milliseconds to parse an average page, about 8 times the speed of the last version. 

Features of new version
* About 8x faster at parsing 
* Will now load onto Windows based hosting solutions correctly
* Inbuilt cache system, which can be customised
* Upgraded logging and trace options
* Upgraded unit test system
* Added support for JavaScript promise

Code: https://github.com/glennjones/microformat-node
Example: http://microformat-node.jit.su/

I have changed how the method calls work so if you are using it you may have to update your code. The parse methods parseHtml and parseUrl now follow the standard pattern used in node.js and return an error and data object rather than just the data object.
4
1
Sebastian Lasse's profile photo
 
Really nice piece [just checked the example] - thx for sharing.
Will play around with the code next week. Expect my feedback.
Add a comment...

Glenn Jones

Shared publicly  - 
 
From todays brighton to lewis walk across the south downs
1
Tom Hume's profile photo
 
Wonderful composition.
Add a comment...

Glenn Jones

Shared publicly  - 
 
Really good idea, should help widen the conversation aboutweb intents
4
Tom Hume's profile photoGlenn Jones's profile photo
3 comments
 
Tom if you’re interested can also follow +Web Intents on Google+
Add a comment...

Glenn Jones

Shared publicly  - 
 
Was great presenting microformats and semantic mark-up to a new group of people at BrightonSEO, who thought the SEO industry may pick up a torch left by web standards crew! :)
1
1
Add a comment...

Glenn Jones

Shared publicly  - 
4
Tantek Çelik's profile photoBrad Fitzpatrick's profile photo
3 comments
 
Thanks for the explanation +Brad Fitzpatrick. Still sorry to see it go. Any possibility of keeping a scaled-back version, e.g. one that just does/provides all the rel-me processing/discovery? Since Google main search results is now visibly using rel=me combined with rel=author (e.g. https://www.google.com/search?q=site%3Atantek.com&q=XFN ), perhaps an API to access rel=me + rel=author would be helpful. cc: +Jeremy Keith
Add a comment...
People
In his circles
434 people
Have him in circles
1,804 people
Work
Occupation
Director
Employment
  • Madgex
    Director, present
Basic Information
Gender
Male
Story
Tagline
Exploring ideas of the semantic web and data portability
Introduction
Glenn Jones is a Director and founder of Madgex. Equally as passionate about interaction design and coding, he is currently addicted to exploring ideas of the semantic web and data portability.
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Brighton