Lazy Diary @ Hatena Blog

PowerShell / Java / miscellaneous things about software development, Tips & Gochas. CC BY-SA 4.0/Apache License 2.0

Software Development

Pause before HTTP redirect (302) and get redirection URI with Chrome developer tools

Context When you try to attack to OAuth2 Authorization Code Flow with CSRF (See RFC 6749 "10.12. Cross-Site Request Forgery"), you have to pause before redirect in order to get redirection URI, because the redirection URI is unique and wil…

What can you do with account lockout and its unlock

Purpose of account lockout These are some purpose for account lockout, such as: Detect login attempts 1 Example: Logging 2 Slow down login attempts Example: Duration-based lockout, scrypt, Argon2 Interrupt login attempts Example: Requires …

A List of What Cannot JCache do

JCache cannot save the order of insertion. You should use LinkedHashMap for that purposes. JCache cannot update whole entries in a cache atomically. You should use AtomicReference or some locking mechanisms for that purpose. (Ofcourse you …

The meanings of word "cache" in software engineering

I think the word "cache" has so many different meanings in different contexts like below. Note: In this list, the word "invalidated" means the source of cached value might be changed. Something like the cache in web browsers. The cache sto…

情報システムの受託開発中に発見されたバグの情報の行方

情報システムの受託開発で、OSSに依存するアプリを開発したとしよう。さらに、そのアプリの開発中に、当該OSSのバグを見つけたとしよう。この場合、条件によっては、発見者はパッチの投稿も、バグの報告もできず、そのバグの情報は永遠にお蔵入りになるので…

ISO/IEC 12207 (JIS X 0160:2012) ソフトウェア構成管理プロセスのうちバージョン管理システム、GitHub/GitLab/etc、git-flow/GitHub Flowでカバーできる内容

(In English: What can you do for ISO/IEC 12207 (JIS X 0160:2012) Software Configuration Management Process with VCSs, GitHub/GitLab/etc, and git-flow/GitHub Flow) ISO/IEC 12207 (JIS X 0160:2012)では、ソフトウェア開発におけるソフトウェア構…