Tel Map

Current blog entries

2018-11-29 | JavaEE |

Basic Authentication Omnifaces CombinedResourceHandler Internet Explorer Not Working

For a testing platform, we a have a typical basic authentication in front of our actual platform. The application server is a WildFly 14 with PrimeFaces as the frontend framework. In order for every JavaScript file not being downloaded separately, we also… more

2018-11-16 | Java |

Primefaces Line Chart – Browser Out Of Memory Crash

This blog post solves an error I encountered while trying to display some data in a PrimeFaces line chart graph (Version 6.2). Each time I opened the page with the graph, the Browser crashed with an “Out of Memory” message in the… more

2018-06-28 | Java |

Saxon HE External Entity Processing ( XXE )

In this article I will describe how to prevent Saxon from parsing external entities to avoid XXE attacks. Basically you should be very careful when parsing XML files from untrusted sources. Otherwise this can lead to serious security issues.

2018-04-06 | JavaEE |

PrimeFaces Expression Language Remote Code Execution Fix

This post describes how to fix the PrimeFaces Expression Language Remote Code Execution bug (CVE-2017-1000486) when an update to the latest / fixed PrimeFaces version is not easily possible. This solution also needs no patching of the PrimeFaces library itself. The preferred /… more

2018-03-12 | Angular |

Angular 5 HttpClient File Download with Authentication

This article describes how a typical browser file download can be triggered using the Angular HttpClient. Typically you can simply introduce a link to the endpoint of the file download into the page and this will work just fine. However, if you… more

2018-02-21 | Angular |

Angular 5 HttpInterceptor – Add Bearer Token to HttpClient Requests

In this article I will describe how to add a Http Authentication Bearer token to each request done from Angular via HttpClient by implementing a Angular 5 HttpInterceptor. This way the bearer token has not be added to each request separately while doing… more

2017-11-20 | JavaScript |

Aurelia – validation of dependent inputs

Form validation in Aurelia is actually pretty nice. You can configure the validation rules in a chainable api and add multiple rules to single fields. However there is a problem if you want to trigger the validation of an input when another… more

2017-11-18 | Linux |

Changing the Timezone in Debian 9 (Stretch)

Since the release of the newest Debian version 9 (Codename “Stretch”) in June 2017, most system administrators using this distribution will upgrade their systems eventually. One of the changes in the new version that first caught my eye, is that you can’t… more

2017-10-10 | ASP .NET |

ASP.NET Core 2.0 Disable Authentication in Development Environment

This article describes how to disable authentication for ASP.NET Core 2.0. ASP.NET Core JWT Authentication I have some Rest API which I want to protect via JwtBearer token in production e.g.

  However in order to test the API, for development I… more

2017-08-10 | Java |

JSF ViewState Hack Attempt: java.lang.StringIndexOutOfBoundsException: String index out of range: -1 – com.sun.faces.renderkit.ServerSideStateHelper.getState (ServerSideStateHelper.java:313)

Hack Attempt on JSF ViewState This article explains why the error java.lang.StringIndexOutOfBoundsException: String index out of range: -1 in the class ServerSideStateHelper in the method getState (313) might be someone trying to hack your application server. It is getting quite technical in here… but… more

This website uses cookies. By continuing to use the website, you agree to the use of cookies. For more information about cookies, please see our privacy policy.