Getting Around Browser’s Same Origin Policy (SOP) With Proxies, Script Injection , JSONP and CORS

If you work with Web Development or Javascript / Ajax a lot you must have come across browser’s same origin policy or SOP. Same Origin Policy or SOP is a security concept in which documents retrieved from distinct origins are isolated from each other. This is quite strictly implemented by almost all major browsers today.

Continue reading

Implementing HTTP Digest Authentication in Java

I recently had to implement my own version of RFC 2617 which addresses the digest authentication in http protocol. This RFC is an improvement over RFC 2069 which was the previous version of Digest Access authentication. However RFC 2617 adds some additional security features such as quality of protection (qop) to try to counter re-play attacks. Continue reading

The Maker’s Schedule – Know how your developers function

Do you know why your developers get so irritated when someone (You) distract them? After all you have a software in production, and so your developers should be able to constantly adjust to the changing needs and nature of the challenges you have , either due to problems in production , or because of competition. As a manager or a CEO you would love to work in such a fluid organization which can adjust priorities rapidly based on external factors. In reality you might be shooting yourself in the foot.

Continue reading