Best Buys of 2010

January 13, 2011

A Co-Motion Periscope Torpedo and a Jesper Sit Stand Desk

0 comments Read the full post →

App Stores Hurt Publishing and Discovery

January 13, 2011

Wikipedia’s Jimmy Wales says that "(app stores are) a threat to a diverse and open ecosystem" This is the one of the most profound points I have heard on this topic. In an open ecosystem like the Web, apart from the technical infrastructure that is open and mostly royalty-free, there are two things that are [...]

0 comments Read the full post →

Grokked REST?

January 6, 2011

Now-a-days when I look at any REST-related discussion, I find two common problems being debated – how to use hypermedia for managing application state, and how to choose/design media types for representations. These problems may be relevant in enterprise-integration scenarios or when you are just interested in exposing a new interface to clients. However, in [...]

6 comments Read the full post →

Personalized Feeds

January 4, 2011

Despite what the pundits say, feeds are not dead. In fact personalized feeds should get more attention as more users are switching to tablets and apps for a good chunk of their reading. But right now, third party apps can’t read personalized content from content publishers, as those publishers want the user to get out [...]

0 comments Read the full post →

Asserting Identity

January 3, 2011

Suppose that a front-end server (“A”) is sending an HTTP request to another server (“B”) to process the request and return some response, and that B needs to know on whose behalf A is making that request. This is an “identity assertion” problem. Though this problem is quite common in the HTTP/REST/API-era, the solution is [...]

5 comments Read the full post →

Tandem vs Solo Riding

December 17, 2010

The results are in, and the tandem has won.

0 comments Read the full post →

Resource Router for Nodejs

December 6, 2010

Last week, I started using the Connect framework for one of the servers's I’m developing. However, I found that the default routing mechanism in Connect is not ideal. In particular, its programming model is method-centric and not resource-centric. See below. Here the app needs to implement callbacks for each HTTP method, and the a path. [...]

4 comments Read the full post →

Interfaces for Interoperability

November 8, 2010

Last week, I presented at QCon in San Francisco on a topic related to the interfaces of the web for interoperability in a track organized by Stefan. The session was about how to use the interfaces of the web to promote interoperability. Here are the slides – Do You Do REST?

3 comments Read the full post →

First 30 Minutes

October 26, 2010

First 30-minute experience is a quality attribute that any web platform must consider to be able to succeed. Why 30 minutes? Does not matter – pick 2 hours or any amount of time that is less the time a developer can sit down without having to get up (say a max of 3 hours). If [...]

0 comments Read the full post →

Code on Demand

October 24, 2010

Thanks to efforts like nodejs, server-side Javascript is getting mainstream. Now code-on-demand on the server side is easy. The idea of code-on-demand is simple. The server extends the functionality of the client by sending back code that the client needs to execute. Here is an example. http.createServer(function(request, response) { // Write the document response.writeHead(200, {“Content-Type” [...]

6 comments Read the full post →

Referer Leak

October 18, 2010

A Wall Street Journal blog post is reporting that Facebook is leaking user IDs to third-party developer sites via the Referer header. This was followed by some tweets that using Caja would fix this for app platforms like Facebook, iGoogle, and Yahoo!. It takes some additional steps beyond Caja to ensure that sites don’t leak [...]

1 comment Read the full post →

OAuth 2.0 and Cookie Convergence

September 21, 2010

Despite the argument by Eran that OAuth 2.0 without signatures is bad for the web, I find that OAuth 2.0 is what OAuth 1.0 should have been. The most notable difference in OAuth 2.0 is that the token that clients use to access protected resources is exchanged like a Cookie. Consider a typical flow for [...]

5 comments Read the full post →

← Previous Entries

Next Entries →