SEARCH KEYWORD -- Java Security


  Fastjson just fixed a bug which might cause out of memory issue

Fastjson just fixed a bug which might cause service down a few days ago. This bug is caused by some mishandling of special character \x which is an escaped character to indicate hexdecimal number. The impact of this bug would be big if the attacker constructs a malicious data which would cause the service down.  The code which causes the issue is in com.alibaba.fastjson.parser.JSONLexerBase#scanString, when a JSON string is passed in, fastjson would parse the string character by c...

   FASTJSON,ALIBABA,BUG,NEWS     2019-09-07 06:03:49

  Why 0.1+0.2 != 0.3

In programming languages such as JavaScript, c/c++, Java and Matlab, you will find that you will get unexpected result when doing float point calculation. For example, when calculating 0.1 + 0.1, you will not get 0.3: > 0.1 + 0.2 == 0.3 false > 0.1 + 0.2 0.30000000000000004 Don't be surprised of this result, this is the end result of IEEE 754 standard, float point number cannot be accurately represented according to IEEE 754 because: No enough memory is allocated for representing the num...

   float point,comparison,JavaScript     2014-11-19 05:32:46

  One good way to use optional parameter in function

In GoLang, it doesn't support method overloading like in Java, hence sometimes it would be a headache to create functions to construct new structs with different parameters.  Normally, we would construct the new function as below when want to let others create a new struct instance with explicit function call. type Queue struct { Name string } func NewQueue(name string) *Queue { return &Queue{name} } But with the scope and complexity of the struct increases, there might be more prope...

   OPTION PATTERN,VARIADIC FUNCTION,OPTIONAL PARAMETER     2020-09-18 21:45:29

  TIOBE : No news today

TIOBE released the programming index for September 2012. There is no big change for this month compared to last month, the top 3 are still C, Java and Objective-C. In top 20, only Transact-SQL exchanged the position with VB.NET. Java shows trend of drop, will it be worse because of the ignorance of Java's vulnerabilities by Oracle. This index shows that the programing lnaguage market is quite normal, no big events. Except Objective-C, in recent years there are no other new languages which have b...

   TIOBE,Objective-C,Index     2012-09-05 07:36:07

  Building Security onto Your Mobile Application

Analysts state that more than 75% of the mobile applications will fail the basic security tests in 2015 – Gartner Research. Enterprises that follow the Bring Your Own Device (BYOD) approach and facilitate mobile computing to their employees are susceptible to security threats and other vulnerabilities, unless they implement stringent security measures. In the development or deployment of mobile applications, a business can be severely impacted both financially and otherwise, if they are to...

   Web Application Development Company, iPhone App Development Company     2015-08-21 07:22:32

  Stream API in Java 8

Overview In this lesson on Stream API in Java, we will study how we can put Streams to use to write efficient and much more maintainable code. We will also write code with and without Streams so that we are able to compare the two versions. Before doing all this, we must know how to create a Stream and process it and that is what we will get started with. Introduction to Streams We will be starting with creating Streams. Let us get started with the Stream<T> API which enables us to play w...

   STREAM API,JAVA 8,DEVELOPMENT,TEAM     2018-01-30 00:14:46

  Benefits and Drawback of a Layered Architecture

Most enterprises today are application centric. But the problem with the application is that their database schemas, user interfaces, programming interfaces and object models are tightly coupled and difficult to change. If you want to add a new field to a database table and you’re lucky, the change will reflect through the entire system. But often the change needs to be replicated manually across the entire system. And as applications are difficult to change, adding business rules or proce...

   JAVA, PROGRAMMING,WEB DEVELOPMENT,ENTERPRISE APPLICATION     2017-05-04 08:19:34

  How to check whether a web page can be loaded in iframe

Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it. To prevent a page from being loaded by an iframe from other site, the response ...

   HTTP,HTML,IFRAME,SECURITY,X-FRAME-OPTIONS,CONTENT-SECURITY-POLICY     2018-07-27 22:36:02

  How to prevent next HeartBleed bug?

How to ensure the security of open source projects is a concern for many open source users including individual users and companies. But it's not an easy task to ensure the security of open source projects. Because everyone can see the source code, there is much higher possibility that a bug may be found by someone. Once a bug is disclosed, people may exploit it and do evil things, this may cause loss of money either for individuals or companies, some of the bugs may even have big impact to the...

   Open source,HeartBleed,Security     2014-04-24 09:07:05

  try { return } finally {}

Do you know what value will be printed when following program is ran? class Test { public int aaa() { int x = 1; try { return ++x; } catch (Exception e) { } finally { ++x; } return x; } public static void main(String[] args) { Test t = new Test(); int y = t.aaa(); System.out.println(y); } } And before answering the above question, do you have answers to following questions? If ther...

   JAVA,JAVA INTERVIEW QUESTION     2016-09-26 08:06:28

RECENT