Stock quote and chart from Yahoo in Java
I was recently in need of a stock quote web service in order to display quote information and charts for a corporate website I was working on, so I started looking around for something, free of course. I kept reading that the most common example of web as a service is the stock quote example, but I didn't really find any examples that gave me a warm and fuzzy, everyone seemed to be scraping the html from a page. Doesn't seem to be much out there, in the way of quote services for free, but I did come across a yahoo download service and a few half written examples, where you can fetch quote information from Yahoo in .csv format, with a 20 minute delay of course. I've also added a 1-day small chart and a 5-day large chart image by passing the symbol into Yahoo's basic chart image url.
Simple Cross Site Scripting (XSS) Servlet Filter
Ran into some issues on some of our Java sites today and needed a quick fix to protect the sites from malicious Cross Site Scripting (XSS) attempts. If you're not aware of what XSS is and have websites that have sensitive user data, you may want to read up, you're probably vulnerable, which means your users are vulnerable. I'm not claiming this is a perfect solution, but it was easy to implement and corrected the vulnerabilities with form and url injection. We basically have a Servlet Filter that's going to intercept every request sent to the web application and then we use an HttpServletRequestWrapper to wrap and override the getParameter methods and clean any potential script injection.
URLRewriteFilter Servlet Filter problem in WebSphere 6.1.0.5
I recently wrote up an article on SEO Friendly URL's for J2EE frameworks, while my tomcat implementations and WebSphere 5.1 implementations of the URLRewriteFilter were seemless, I ran into a problem on WebSphere 6.1 that caused me to rack my brain. The Output urls in the page were being rewritten fine, which is usually a gotcha if you forgot to response.encodeURL, but none of the inbound rules seemed to be rewriting back to the original url. In fact I was receiving a big fat 404 error and nothing in the console indicating that the URLRewrite Servlet Filter was not even being invoked. After several hours of Googling, I found that the guys over at Atlassian had run into the same problem with their products Jira and Confluence.
Apparently IBM made a change in 6.1.0.5 that is causing this problem:
WebSphere 6.1.0.5 and above checks if a URL is mapped to a servlet or a file before it puts a request through the filter chain. As we do not have a servlet or a file that is mapped to a URL:
http:///a/AZ/
WebSphere 6.1.0.5 sends a 404 to the user before giving the UrlRewrite filter a chance to redirect a URL to the correct place.
To make the filter invoke on a request without a servlet mapping you should be able to do the following in the WebSphere Admin Console:
- expand Servers -> Application Servers -> <server> -> Web Container Settings -> Web Container -> Custom Properties
- select New and then enter "com.ibm.ws.webcontainer.invokefilterscompatibility" as the property name and "true" as the value
- save the update and restart the server
Hopefully this explanation helps the WebSphere community with their SEO strategies by letting them rewrite their urls.
Java image resizer servlet
I'm working on a photo gallery application running on Java 6 using Tomcat 6, JQuery for the client side, and images and xml generated from Picasa. I needed several sizes of images for thumbnails and animations and I wasn't about to create multiple image sizes with Fireworks (I'm a lazy developer). Doing what every lazy developer does, I search Google for an image resize solution that would run on the application server and give me the sizes that I needed and take the manual work out of the equation. I found several PHP examples and disjointed Java examples, but no complete solutions. So, unfortunately I had to do some work to put something together.
The functional mess that is Oracle JDeveloper
By corporate mandate I've been using Oracle JDeveloper 10.1.3.1.0.3984, that version number is ridiculous and ought to tell us something, to develop Java EE web applications on and off for about 6 months now and I've never been so frustrated with a development environment in my life. I hear it from seasoned Oracle developers that the wizards are great, you can create web service in a few clicks, you can create an EJB effortlessly, and the application has come such a long way, my God how bad was it before. Honestly, I don't give a flying fuck what you can do with the wizards if the core application is unusable. Coming from an Eclipse/RAD background my gripes are probably slanted, I'm used to being able to do simple things easily and quickly without the IDE flaking out on me completely.