05Jul2015

Application Development: HTML5 build tools

Nowadays, HTML5 applications are complicated enough to treat them like something more than a set of static and dynamic pages. Web Application Development of client side solutions is a full process like any other software development. So, it needs some kind of build tool to process LESS or SASS sources of stylesheets, translate CoffeeScript, TypeScript or any other language that compiles into JavaScript, apply linters and run unit tests, join and minify the code. Automation of all these duties is a must-have practice of any professional team like Iflexion. There are already several approaches available and widely used.

Grunt

Grunt [http://gruntjs.com] was the first in a row of JavaScript build tools. It’s based on the set of tasks. Basically, grunt is a task runner. The tasks should be described in Gruntfile.js file as declarative configuration composed in JSON format. There are a lot of plugins to automate almost any set of actions. Grunt is based on node.js. Main module and its plugins are npm packages.

Read more
18Jun2015

Application Security: Cross-site scripting (XSS)

Professional web development standards are very high nowadays. It doesn’t matter how big your team or budget. Application Security is extremely important for project of any size. Huge software companies may even have separate departments working on security tasks only. There are manual code review of existing solutions, automation of scanning for well-known vulnerabilities by special tools, writing unit and integration tests, research the cases, implementation of modern approaches. On the other hand, if you are sole developer in your startup (or even single contributor at all), you have to spend some time playing this role as well.

Sources of the harmful code

Cross-site scripting or XSS is the most widely exploited security hole in Web. At first sight, it seems not very dangerous for Application Security, because there is no obvious way to harm the system or damage the data on the server side. Generally, the main goal of XSS attack is to execute custom JavaScript code in the browser of the user. To be executed, that code have to pass into the page in some way. There are 2 options for hacker to achieve it. First, and the most known, is saving JavaScript code as a part of Web 2.0 content on the server side provided by users of the service.

Read more
02Jun2015

SaaS: Docker as a container solution to reduce deployment costs

There are a lot of hype around containers as a new best technical approach for hosting, development, deployment and testing. Docker [https://www.docker.com] is the most popular container-based solution.

The problem

Nowadays, software developers have a wide range of programming languages, frameworks and other tools to be used to implement various solutions (static web site, web service, analytics database, background workers, queues, etc.). But wait, development is only half of the story. DevOps guy checks out the solution from the repo to deploy it on the server or just to test it on another machine. “Dependencies hell” and other pure technical issues may turn this process into very complicated quest with bunch of traps. On the other hand, there would be many target platforms for deployment (development PC or laptop, cloud hosting, domestic cluster, etc.). Each of platforms may have its own additional deployment and configuration steps. The problem is a huge number of cases (the cartesian product of two sets: development stacks and hosting platforms) both the software developer and the systems administrator have to care about.

Container is a solution

The idea is not absolutely new. In the middle of previous century the trucking industry had almost the same problem of 2 sets: different sizes and shapes of cargo and plenty of transportation approaches. Standard transport container was introduced as universal wrapper for any kind of goods. The trucking industry operates in terms of these standard containers. Software as a Service applies the same idea. Docker helps developer to pack any application with all its dependencies into container and be sure it can be runned anywhere. On the other hand, system administrator have to worry about container environment configuration only and be sure it can run any application within a container.

Read more
14May2015

Usability and UI design: Bootstrap

Any new idea needs rapid prototyping. In case of startup, it is both important to reduce costs and have done current development iteration as soon as possible. Generally, there are tools to help you move this way. Bootstrap [http://getbootstrap.com] is a must-have solution, when we are talking about fast web design and prototyping, but want to avoid wasting our time on standard Usability and UI design.

Framework

First of all, Twitter Bootstrap is a pure front-end HTML/CSS framework freely provided by Twitter team. It’s not a JavaScript library for coding on client side like jQuery or AngularJS. Main purpose of Bootstrap is providing nice professional look-and-feel out of the box for the most general use cases of modern web. You have to keep in mind all features to hold the project in cross-browser state, but it’s not a problem anymore for Usability and UI design. Bootstrap supports all modern browsers. The framework holds under control typography and basic HTML elements like headings, lists, tables, etc. Grid system is available out of the box. It allows to compose almost any web layout splitted into columns with sidebars, header and footer. There are ready to use standard components like drop-down menus, form elements, all kinds of buttons, image thumbnails and various text formatting cases.

Read more
21Apr2015

Media Content Distribution: HTTP/2 Architecture

A web surfing by the browser is the most valuable way Media Content Distribution provided around the World. Technically, this process is based on HTTP networking protocol. Actually, HTTP is treated as protocol of Internet. The industry is always in motion at line of new features and challenges, so HTTP protocol is waiting for its new second version. For now, HTTP/2 [https://github.com/http2/http2-spec] is approved by its creators and going to be accepted and published as RFC standard. HTTP/2 release will have huge impact on direction of many networking techniques and implementation approaches. It would be first sufficient change in Media Content Distribution since HTTP/1.1 release in 1999.

Standard

HTTP/2 is based on Google’s SPDY protocol. As you can see, there is one more Google’s technology appears modern enough to be used as standard of future. HTTP/2 is a binary protocol instead of text HTTP/1.1. There is much better performance produced by changes in architecture: header compression, multiplexing requests, requests priorities, proactive push-responses from servers side. It supports IPv4, IPv6 and NAT. There are modern security approaches. Firefox and Chrome already have HTTP/2 support in special mode. To test new protocol you need to install HTTP/2 server. There are several server side implementations by Akamai, Google, Twitter and open source.

Read more
02Apr2015

iOS Development: Apple Watch

Category: iOS development

Apple Watch (aka iWatch) has been gone on sale. There is a huge hype around this product. Keep in mind, several years ago Apple completely changed our idea about mobile phone. Their revolutionary approaches and just the best design kicked the competitors out. This year Apple is trying to reinvent another well-known thing — a watch. There is not less ambitious idea to show the world what is the watch of XXI century. There are a lot of new opportunities in iOS Development at line of new product. Simple (sport) model costs about 300 USD.

Communication

You can feel full power of Apple Watch as a campaign device for iPhone to extend general usability for social software solutions. What we usually do to check just received new incoming message? Get the device of the pocket, unlock it, tap the button to open the message. In case of Apple Watch it needs just raise your wrist to browse the message, then lower a hand to dismiss it. A reply may be sent as a pure voice or recognized text, plus simple animation to express some emotion state.

Read more
27Mar2015

Content Management: Speed up page loading

Nowadays, search engines impose much more strong requirements for web sites to be ranked on top positions or even be parsed at all. Fast rise of mobile market pushed sites to be responsive to all kinds of screen widths and input schemas. But it’s not just about support mobile devices. For any Content Management system there is very important to load the pages as fast as possible. It’s not a recommendation anymore, but rather a rule. Google and other search engines may ignore your cool web site with a bunch of modern features just because it’s too slow.

Check loading speed online

First of all, check how fast is your page loading by Google’s PageSpeed test [https://developers.google.com/speed/pagespeed/insights/]. After several seconds you’ve got pretty complete report about issues at line of loading speed and suggestions how to improve it. If you receive green checks, congratulations, you are doing Content Management in right way. As it’s a Google’s service, so we can look at this list of points as optimization plan for Google Search Engine. On the other hand, the issues and methods to solve them are common for any search engine and for user experience as a whole. There are two separated modes (workflows) of analysis: for regular usage via PC’s browser and exploring on mobile devices like smartphones.

Read more
09Mar2015

Java Development: Spark as a lightweight web framework in Java world

There are several powerful technological stacks available to create any kind of web application from a set of microservices with REST API to huge enterprise solutions. They a based on appropriate programming language as a platform, like Java, C#.NET, Python, PHP, etc. All those web development platforms are completely separated. They are rather linked and even much more than you ever imagine. Trends are popular in one platform found their mirror in another and vice versa. That’s mostly because of enthusiastic activity of multi-platforms software developers. E.g., a lot of Java Development packages and approaches are converted into their C#.NET clones almost one-to-one with adding a .NET suffix.

Micro-frameworks

Another example of multi-platform web development approach is micro frameworks. These are very light MVC frameworks that provides basic web application functionality out of the box. On the other hand, they need minimal code and development efforts as a whole to implement and launch ready to use application. PHP has Slim, Limonade, Lumen, Flight, Silex. Sinatra is the most popular Ruby micro-framework. Flask is for Python stack. For Java Development there is a Spark [http://sparkjava.com/].

Read more
22Feb2015

SaaS: Trends in Cloud Development

Nowadays, there is no so huge hype around cloud computing as it was several years ago. On the other hand, cloud development is a robust part of IT industry with its own history and trends. For now, Software as a Service is not just about launching the code in the cloud and scale it in real time. Most Cloud users deploy code weekly or even daily, there are questions on Testing/QA processes, Production/Deployment workflows and more strong software security approaches. Elasticity of cloud structure the key factor to implement Big Data project in the cloud, as well as, storage, analytics and batch processing application. Large companies want more control on their Software as a Service solutions. They can build their own cloud infrastructure based on one of open source solutions. Small teams rather use well-known public clouds.

Cloud development principles

A lot of projects are moving to the cloud these days. Developers face a common set of challenges. There are basic principles to achieve the best results. Document architecture and deployment infrastructure. Designed solution should be highly cohesive and loosely coupled.

Read more
13Feb2015

iOS Development: iOS 8 APIs

Category: iOS development

New 8-th major version of iOS platform [https://www.apple.com/ios/] was officially released a couple of months ago. Anyway, it’s the biggest event for Iflexion iOS Developers. For now it’s installed on 78% of all apple devices. So huge percentage allows us to talk about it as a standard. Let’s research it’s new cool features and API.

Auto Layout

Before this update, iOS Development workflow pushes software developers to compose UI in one or two modes: portrait and landscape. Now, Auto Layout is a new approach to design in more universal and robust way. The main idea is to describe layout as a set of relations between UI elements. Such scheme is suitable for iPhone and iPad, portrait and landscape. As you can see, it is completely different approach. Look into it as soon as possible.

Read more
Pages:1234510...Last »