February 01, 2011
Mark Wielaard: New GPG key.
Finally created a new GPG key using gnupg. The old one was a DSA/1024 bits one and 8 years old. The new one is a RSA/2048 bits one. I will use the new one in the future to sign any release tarballs I might create. pub 2048R/57816A6A 2011-01-29 Key f...
More »
February 01, 2011
Andrew Hughes: [SECURITY] IcedTea6 1.7.8, 1.8.5, 1.9.5 Released!.
We are pleased to announce a new set of security releases, IcedTea6 1.7.8, IcedTea6 1.8.5 and IcedTea6 1.9.5.
This update contains the following security updates:
The IcedTea project provides a harness to build the source code from OpenJDK6 u...
More »
November/2024
Sun | Mon | Tue | Wed | Thu | Fri | Sat |
| | | | | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 |
18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | | | | | | | |
|
|
Jersey feat. jQuery + JSONP
One of the most controversial but yet powerful techniques for integrating distributed systems is the JSONP format, a javascript function that bypasses the same origin policy of the browser. Jersey provides built-in support for JSONP and this blog demonstrates how to benefit from this feature.
When JSONP is a good option?
The controversial around JSONP is the fact that using JSONP your application bypasses the Same Origin Policy, facilitating the fearful cross-site scripting (XSS) [1, 2]. Despite that obvious risk, there are certain scenarios where JSONP makes sense and solves a lot of problems which would require a more expensive solution without the usage of cross site scripts.
Consider you need to integrate some data between two web applications hosted by third party companies. Suppose those companies have no previous agreement so in order to share data between the companies you have two choices:
To establish a secure channel between the servers (think about the business costs here).
To expose the application data using JSONP, and then one application can consume the data of the other without any change in the network (the technical effort to support the JSONP format is minimum).
The other aspect to consider in using the traditional is the problem of b...
Date: February, 25 2010
Url: http://www.java.net/blog/felipegaucho/archive/2010/02/25/jersey-feat-jquery-jsonp
Others News
|