HttpOnly

The HttpOnly flag in a cookie helps to mitigate some risks, e.g. client side script accessing.
In Java:


Cookie cookie = new Cookie(name, value);
cookie.setHttpOnly(true);
In Ruby:

cookies[:name] => { :value => "name", :httponly => true }

Have a look for further information:
https://www.owasp.org/index.php/HttpOnly

jens | show | 19.02.2014 10:35

MySQL

Login to your MySQL DB:


# mysql -u root -p
And type there:

mysql> create database <db_name>
mysql> grant all privileges on <db_name>.* to
'<user>'@'localhost' identified by '<password>';
mysql> flush privileges;

jens | show | 17.02.2014 10:47

user registration in shiro

(java security framework)
To get your password encrypted properly the way shiro does it, you have to use class DefaultPasswordService from shiro with method encryptPassword. And then store that damn password in your database.


PasswordService svc = new DefaultPasswordService();
String encrypted = svc.encryptPassword(this.password);

jens | show | 18.12.2013 23:08

postgres backup heroku to localhost

You want your production database on heroku backup in your local machine?
It's not difficult.

... read more

jens | show | 31.03.2013 19:06


© service - b.org 2012