WebAssembly and Blazor: A decades old problem solved
Posted on July 24, 2020, Level beginner Resource Length medium
In mid-April 2019, Microsoft gently nudged a young framework from the "anything is possible" experimental phase to a "we're committed to making this happen" preview. The framework, named Blazor because it runs in the browser and leverages a templating system or "view engine" called Razor, enables the scenario .NET developers almost gave up on. By Jeremy Likness, Cloud Advocate for Azure @Microsoft.
Top 5 threats to apis servicing mobile apps
Posted on July 20, 2020, Level beginner Resource Length short
David Stewart put together this blog post about security threats to APIs. As mobile apps become increasingly paramount to operating successfully in today's markets, a big question mark over API security is raised. Gartner has previously predicted that by 2022, "API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications." Since every mobile app out there is powered by APIs, securing them is clearly a top priority.
REST API with Elixir/Phoenix - beginner's tutorial
Posted on July 18, 2020, Level beginner Resource Length medium
For this tutorial, we are going to write a simple Books REST API with database persistence using PostgreSQL. The requirements are to have a single endpoint on /api/books that allows CRUD operations over the books resource. By Dairon Medina Caro.
An introduction to the automation test wheel
Posted on June 13, 2020, Level beginner Resource Length long
As a software tester, I like thinking about testing a product from a number of different angles. Over the last few years I've learned about security testing and performance testing, and I've come to see how important those activities are in validating software quality. By Kristin Jackvony.
5 Useful jq commands to parse JSON on the CLI
Posted on June 5, 2020, Level beginner Resource Length long
JSON has become the de facto standard data representation for the web. It's lightweight, human-readable (in theory) and supported by all major languages and platforms. However, working on the CLI with JSON is still hard using traditional CLI tooling. By Fabian Keller.
Managing a secure JSON Web Token Implementation
Posted on July 22, 2019, Level beginner Resource Length medium
Daniel Fanara wrote this article about more advanced topics of managing secure JSON Web Tokens (JWT). They are great for representing a user's authentication / authorization state without needing to maintain a server-side session store.
API design: Why you should use links, not keys, to represent relationships in APIs
Posted on May 17, 2019, Level intermediate Resource Length long
An article by Martin Nally from Google about how expressing relationships is very important in APIs. The most common way that API developers express relationships is to expose database keys, or proxies for them, in the fields of the entities they expose.
Parsing logs 230x faster with Rust
Posted on November 10, 2018, Level intermediate Resource Length medium
Andre Arko blog post about dealing with logs for very busy web application behind RubyGems.org. A single day of request logs was usually around 500 gigabytes on disk. They tried few hosted logging products, but at their volume they can typically only offer a retention measured in hours. The only thing they could think of to do with the full log firehose was to run it through gzip -9 and then drop it in AWS S3.
REST API design -- resource modeling
Posted on August 26, 2018, Level intermediate Resource Length medium
In this older article by Prakash Subramaniam from ThoughtWorks looks at the REST API design best practices. The key abstraction of information in REST is a resource. A resource is a conceptual mapping to a set of entities, not the entity that corresponds to the mapping at any particular point in time.
Tags restful apis web-development json
7 Best Practices for JSON Web Tokens
Posted on May 28, 2017, Level intermediate Resource Length medium
Neil Madden has written about best practices for JSON Web Tokens (JWTs, pronounced "jots").
Tags json infosec web-development