7 – Mobile application version

I’ve created a website in Drupal 7. My client would like an app version of the website. I’m looking at DrupalGap. Is this the best way to do this.

If I use a function like DrupalGap do I need to reconstruct all the page for the app or will it pull through the pages from the website?

how to handle multiple request in django web application?

how to handle multiple request in Django web application? How to make server to handle multiple request in production environment.

failover – How to Fail-over of MYSQL 8.0 on Red Hat Cluster without Application to Re-login & avoiding service interruption

Getting the error after every fail-over test case is run :- host is blocked because of many connection errors . We need to login back again to database and use Flush Host command to allow new connection to the database ,but this disrupts the ongoing services and defeats the whole purpose of HA .We have bought Red Hat HA Add-on licenses to create the Cluster on which MYSQL 8.0 DB has been installed . App connects to the DB via a VIP and during any DB transaction if we test the Cluster node Fail-over ,it disrupts the ongoing App jobs . Tried using Connection Time-out set to 30 secs (by this time the fail-over completes and DB resources successfully move to the second node ) and setting Connection life-cycle to 10 sec on the connection string ,but same behaviour .Set the SET GLOBAL max_connect_errors=10000 as well . Please suggest a way forward .

javascript – How Do I Display My React Application on the LocalHost after making revisions?

Good evening,

I have been learning Front End Web Development with React through Coursera.org. While I have part of one foot inside the door with the knowledge of web design I acquired previously through Coursera.org, React is all new to me.

Somehow through a lot of trial and error and watching over and over again the videos of the lectures on how to install the react app, I managed to display the react app at the beginning. But the webpage was blank it did not have any design or text in it. Once I started to add the code that the professor was providing us in the videos, everytime I saved the changes and checked the localhost, it kept displaying an error page. When I completed the first assignment, of course the my React app was not displaying, but I passed the assignment.

Now I am on my second assignment and I need to see if what my professor wants me to display on the React app through the instructions given displays. I need to see whether the code that I research and the revisions that will make as a result of the research is correct. Right now I feel I am blinded because i cannot see if whatever code I try works.

What I am planning to do for this Assignment 2 is go over the lectures prior to Assignment 1 so that I can try to reinstall the app and also pin point what is wrong with the code I submitted in Assignment 1. But also I can only assume that I must have made a lot of mistakes copying the code the professor gave me in the videos from the first week of lessons.

Right now, I do not have a working React App.

Any suggestions are greatly appreciated.

Millie

tls – Prevent users from easily changing the backend API URL of a desktop application

When developing a desktop application that connects to a backend server with an SSL protected HTTP API, is it considered a good security practice to prevent users from easily changing the backend URL?
Is it considered a good security practice to prevent users from easily changing the backend URL of a desktop application that connects to a backend server with an SSL protected HTTP API

One concern is that malicious users could just point the URL to a test server and reverse engineer the protocol.
On the other hand, it should be relatively easy to decrypt the communication with the original SSL protected API backend using wireshark or fiddler.

In summary, is it worthwhile, or best practice, to try to prevent users from easily changing the backend URL?

What to process in a Kafka broker vs in a Kafka Streams client application?

Using Kafka I understand that it makes little sense to simply pass events in and out of a Kafka cluster, and that the real benefit comes when doing some processing in the events received in the cluster. So there is processing that can be done in the cluster itself.

Using Kafka Streams we can do some processing too, but this time it is done in the client application itself, not in the cluster.

So what sort of processing should be done in the cluster and what sort in the client application ?

web application – Path traversal limited

I trying to pentest website. I know that there are files named “file1” and “file2”. The server is nginx.

So I did this test:

  1. http://example.com/file1..%2ffile2 => 404

  2. http://example.com/file1..%2f..%2ffile2 => 200 and it showed me file2, so it worked!

After this test I assume that the website is vulnerable.

So I did this test:

  1. http://example.com/file1..%2f..%2f..%2f => 400

  2. http://example.com/file1..%2f..%2f..%2fetc/passwd => 400

  3. I tried windows files and linux files…so I did a lot of tests.

As it shows above, I am not able to get files from outside of the web root.

Is this considered vulnerable to path traversal even if I am not able to get any files from outside of the web root?

vulnerability – How to save .Net Application from TOCTOU

Just read about TOCTOU vulnerability and upon examinnig my application was doing the same as upon login all his roles are fetched then saved in session so that user will have access to all these roles until he log out and login again , Please let me know what would be the efficient method to remove
any role real time so that he will no longer be able to access.

Thanks

“Set up timeout session for users in Superset Application”

We set up the superset application and we are trying to achieve the application UI timeout session for the users. In config.py file we setup “PERMANENT_SESSION_LIFETIME = 60” for one minute but session timeout for users is not working. The logout for users is not happening automatically and also if we refresh the superset application UI page, again it is logging directly without prompting login page.

These are the timeout session values we passed in config file.
SUPERSET_WEBSERVER_TIMEOUT = 60
PERMANENT_SESSION_LIFETIME = 60

SQLLAB_TIMEOUT = 30

Please help us to fix the timeout session.

development – Bitcoin library vs script to develop application

I’m curious about the development of application of Identity management in Blockchain platform, but I’m a bit confused about the technologies to use.

In short words, when is more convenient to develop an application coding in script and when is it better to use a high-level library like BitcoinJ or a service as Blockchain.info API?

I’m a Java developer and I’m more confortable using a Java Library like bitcoinJ, but I don’t understand if, in this way, I can lose something in performance or expressivity or “semantic power” in regard to most raw-level scripting system of Bitcoin (that is a kind of assembler).

Thanks you in advance