JXTA update from James Todd

James Todd, who works on the JXTA engineering team at Sun, blogged about the JXTA roundtable held just recently in San Francisco. Some interesting projects are going on in the JXTA community:

P2PSockets: “The Peer-to-Peer Sockets Project reimplements Java’s standard Socket, ServerSocket, and InetAddress classes to work on a peer-to-peer network rather than on the standard TCP/IP network.” — This project is especially interesting in light of the things that Verisign is doing. P2PSockets could potentially be used to create an alternative peer-to-peer domain name system (which would probably have a host of it’s own problems.)

Paperairplane: “… a Mozilla plugin that empowers people to easily create collaborative communities without setting up servers or spending money. It does this by integrating a web server into the browser itself, including tools to create collaborative online communities that are stored on the machine. Web sites are stored locally on a user’s machine. A peer-to-peer network is created between all of the Paper Airplane nodes that are running in order to resolve domain names, reach normally unreachable peers due to firewalls or NAT devices, and to replicate content.

JNGI [pdf]: “The JNGI project is a framework for distributing applications among JXTA peer groups by implementing a classic Worker/Task pattern.

ASP.NET Request Validation – Preventing Script Attacks

Yesterday I was working with self posting form that contained html characters as of a content management implementation using ASP.NET and I came across an error message I’d not seen from any application server. It said:

“A potentially dangerous Request.Form value was detected from the client..”

In short, as of ASP.NET 1.1, Microsoft is by default not allowing clients to post client script code or HTML to a form. As a developer, you have to either explicitly allow it for a page by including this:

<%@ Page validateRequest=”false” %>

in your ASP.NET page or by turning it off sitewide in the web.config file:

<configuration>
  <system.web>
    <pages validateRequest=”false” />
  </system.web>
</configuration>

Automatic request validation, in my humble opinion, is pretty nice. Way to go Microsoft. You can read more about this feature on the official ASP.NET site.

Open Source Flash Remoting: OpenAMF

I found this link on the flash emerging issues document (could they have come up with a more trendy name for the list of latest bugs? I think not) via JD. Anyway, the interesting parts of that review of Flash 2004 were the links at the end, specifically the link to OpenAMF. OpenAMF is an open-source J2EE implementation of Flash Remoting and although I’ve not used it yet, according the gentleman who is writing the Flash Remoting book for Oreilly, it has even more features than the version that Macromedia sells. I’ll try to check it out soon.

Mobile Usability: How Nokia Changed the Face of the Mobile Phone

This book slapped me in the face last night as I was walking through the computer books section of B&N: Mobile Usability: How Nokia Changed the Face of the Mobile Phone. As described on Amazon, the book “.. explains the philosophies and working methods by which Nokia revolutionized product usability, written by current and former Nokia employees. Includes practical guidance on how to provide maximum usability to all end-users.” Looks like a great read for mobile device software designers and programmers.

Google IM Bots

I picked up the Google Hacks book tonight at the brick and mortar B&N. Hack #85 talks about googlematic, which lets you search google through your IM client. Turns out this has been a done a couple times (YIMGoogle, AOGoogle) but I can’t find any that are online.

Googlematic is offline right now because it became too popular, which resulted in the bot exceeding the number of searches allowed by google through the Google Web APIs. Matt, the guy who wrote it, was cool enough to release the source to it though, which you can download here.