Undertow CORS filter

Adding CORS headers to your Java-based REST server responses is more tricky than it needs to be. There seems to be an oversight in Java EE’s filter handling, because when the container is configured with container managed authorization and a user that is not (yet) authenticated attempts to access a protected resource, the container intercepts that request and sends a 401 response. That response does not have CORS headers, but for some reason cannot be filtered. Neither with a Jax-Rs ContainerResponseFilter, not with a plain servlet filter. A container-specific solution seems to be the only way to get the job done.

I created an Undertow filter to get this job done easily for JBoss Undertow based EE servers. These include JBoss AS/EAP, Wildfly and Wildfly Swarm. The Github project, which includes installation instructions, can be found here:

https://github.com/download/undertow-cors-filter

I am currently in the process of publishing this project to Maven Central. Update will follow soon!

Listing copyright info in each file

…is just silly.

I found a way to list it for each line!

public class HelloWorld {                  // © 2015-2016, Stijn de Witt
  public static void main(String... args){ // © 2015-2016, Stijn de Witt
    System.out.println("Hello, World!");   // © 2015-2017, Stijn de Witt
  }                                        // © 2015-2016, Stijn de Witt
}                                          // © 2015-2016, Stijn de Witt

(I changed the program twice, but due to using the clearly inferior method of tracking copyright per file, I’m not sure which lines changed in 2016)

Chrome doesn’t take no for an answer

And the series continues…

This time it’s Chrome. Chrome is an excellent browser, but some dialogs are weird… And some are not taking no for an answer.

The dialog below asks us whether we want to recover tabs that were opened before the browser crashed. Curiously there is only one button for us to answer…

chrome-doesnt-take-no-for-an-answer

Continue reading

11 transparent GIFs every webmaster should know

Transparent gifs. I hear you sigh as your mind wanders back in time, to days long gone, when there where only 2 browsers and both of them had layout quirks that demanded the use of transparent 1×1 pixels gifs. every. where.

11-transparent-gifs-every-webmaster-should-know

The return of the GIF

GIF was huge in the early days of the web. It was the one format that could be used to send images over slow connections and still have an acceptable page load time. It could do animations! And most of all, as web developers, we used them to artificially inflate our table cells so IE and Netscape would leave them as we intended them.

Then, some company claimed ownership of the format and people called for the banning of GIFs from the internet. Browsers grew up and the 1×1 transparent GIF faded away…

Or not?

Continue reading

WhatsApp doesn’t take no for an answer

I’m stretching the meaning of ‘doesn’t take no for an answer’ a bit here in order to make this post fit into the broader series of posts I’ve been making on this subject recently, but apart from the fact that this time the dialog does offer me the choice of ‘Never’, the dialog *forces* me to make this choice on it’s terms instead of mine.

Whatsapp-doesnt-take-no-for-an-answer

Continue reading

T-Mobile doesn’t take no for an answer

And the series continues. This time it’s T-Mobile.

The dutch consumer authority is investigating the telecoms provider for pushing the company’s ad platform onto the phones of its users, without giving them the option to decline, or even any warning beforehand. The investigation was requested (dutch) by the dutch consumer watchdog, de consumentenbond.

Continue reading