So I have a few misunderstandings on the names STATE TRANSFER
in REPRESENTATIONAL STATE TRANSFER
- Is state transfer
means transferring representations of a resource which is there in a server at a current instance of time?
Example: Consider a client requested the current share price of some X company
by hitting /XCompanyPrice
URI and at the current instance of time in the server the share price of the company x is 2 USD and that is called the current state of the resource and that resource state may change is what we can say? and that is what STATE means in the acronym REPRESENTATIONAL STATE TRANSFER
?
OR
- Few people are saying STATE TRANSFER in the acronym means when we click on links the state of the application changes from one page to another page because of information may change for /about
& /contact
page
OR
- Few people are saying that when client access an image let's say: /image
the format of an image may be in BLOB at DB, but the format of an image will be an understandable way to the client is nothing but STATE TRANSFER
in the acronym REPRESENTATIONAL STATE TRANSFER
Which is correct one in terms of REPRESENTATIONAL STATE TRANSFER
So, the names state transfer
in REPRESENTATIONAL STATE TRANSFER
is saying the state of that application changes by data
or Transferring representations of resource which is there at the current time????
Please help.
I keep seeing the term REST and RESTful used when doing web dev but I haven't found a simple answer to what it actually means and when it should be used.
No matter how much I read about it, I still don't understand it.
Hi everyone, I have a question about REST: Let's say I want to setup REST-based URLs for my car site and need to add a search page. How would the URL be structured to handle a query of "ford" from the user with an optional option of a date range?
Option #1:
www.mysite.com/search/ford/01-01-2013/02-01-2013
Option #2:
www.mysite.com/search?text=ford&from=01-01-2013&to=02-01-2013
Option #2 seems correct to me, but it seems that other people disagree and think that Option #1 is correct. What do you guys think? Thanks!
http://en.wikipedia.org/wiki/Representational_state_transfer
PyCasbin
[Build Status](https://www.travis-ci.com/casbin/pycasbin)
News: still worry about how to write the correct Casbin policy? Casbin online editor is coming to help! Try it at: http://casbin.org/editor/
Casbin is a powerful and efficient open-source access control library for Python projects. It provides support for enforcing authorization based on various access control models.
All the languages supported by Casbin:
 |
 |
 |
 |
|---|---|---|---|
| Casbin | jCasbin | node-Casbin | PHP-Casbin |
| production-ready | production-ready | production-ready | production-ready |
 |
 |
 |
 |
|---|---|---|---|
| PyCasbin | Casbin.NET | Casbin-CPP | Casbin-RS |
| production-ready | production-ready | beta-test | production-ready |
Table of contents
- [Supp
We're experiencing almost complete loss of services for Outlook and Teams across the business.
It didn't affect us too bad a couple of days ago because it was overnight (UK) but this is right at the start of the day. Going to be a fun one!
Laptops and desktop Outlook client on the way!
Microsoft Service Message for Exchange:
We're looking into a potential problem
StatusService degradation
User impactUsers may be unable to access Exchange Online using multiple protocols.
Latest message View history
Title: Users can't access Exchange Online User Impact: Users may be unable to access Exchange Online using multiple protocols. More info: This issue primarily affects Outlook on the web, though some users may also experience problems with Outlook desktop and mobile devices. Users may also be unable to utilize some features that rely on Representational state transfer (REST) functionality. Users able to authenticate to Exchange may experience delays sending and receiving email. Current status: We're evaluating recent changes within the affected infrastructure to determine if any additional factors could be contributing to the issue. Scope of impact: This issue could potentially affect any of your users intermittently if they are routed through the affected infrastructure. Next update by: Thursday, October 1, 2020, 9:30 PM (8:30 PM UTC)
Microsoft Service Message for Teams:
Title: Users may see problems with the Microsoft Teams service User Impact: Users may experience issues with the Microsoft Teams service. More info: Some examples of impact include: Problems with RSVP functions, some calendar functions, updating profile pictures, accessing the assignments tab, searches, and updating mailbox settings. Current status: Our investigation indicates that a portion of infrastructure supporting Microsoft Team functionality is performing below the expected service thresholds. We're working to reroute connections to alternate infrastructure to remediate impact. Scope of impact: This issue could potentially affect any of your users intermittently if they are routed through the affected infrastructure. Start time: Thursday, October 1, 2020, 5:40 AM (4:40 AM UTC) Root cause: A portion of infrastructure supporting Microsoft Teams functionality is performing below the expected service threshold. Next update by: Thursday, October 1, 2020, 9:00 AM (8:00 AM UTC)
10:06AM Update on Exchange services
Current status: Further analysi
... keep reading on reddit β‘TL;DR
This article explores modern honeypots that leverage containerization by walking through the design of a high-interaction honeypot that can use arbitrary Docker containers to lure malicious attacks.
Introduction
While honeypots have been around for a very long time, this article will attempt to provide a fresh look at how containerization has affected the way we use honeypots in containerized environments today. Admittedly, I haven't explored this topic since 2005. So, while researching for something to implement that would be equally valuable and interesting, I ran into at least half a dozen false starts. I assumed that, like every other area of computing, advanced honeypot systems would abound in the open-source community. But, I suppose I underestimated both the esoteric nature of the subject, as well as its well guarded commercial viability.
A lot has changed since 2005, but a lot has remained the same. A honeypot is not a complicated concept; it's a system or service that intentionally exposes itself to attackers so that they can be detected as somebody tries to break in. Different than an intrusion detection system, a honeypot can be something as simple as a few lines of code that disguises itself to be a vulnerable open port on a system, or it can be something as advanced as a full-blown operating system with a secret logging system that analyzes patterns of behavior.
However, as developers and systems experts incorporate containerization into their designs, many of the traditional approaches to using honeypots become far less effective. In 2005, deploying a honeypot was often done once, usually placed somewhere easily accessible to the rest of the network. But with containerized systems, because of their isolation from networks and other services, deploying a honeypot, in the same way, becomes useless.
While developers are technically savvy, it is often the case that they aren't security literate. Even if they are, it's common to prioritize convenience. This makes securing Docker an even more critical part of a security minded DevOps professional. The same could be said for overburdened systems administrators that take a deemphasized approach to security in an effort to get the job done quickly.
Much of the problem stems from the fact that developers often have a very high level of access to computing resources within the company. Systems administrators, by necessity, have an even higher level of access than developers. Not only do
... keep reading on reddit β‘I'm trying to fathom what contexts dictate the type of Content-Type is tied to a response.
Some takeaways from reading this...https://stackoverflow.blog/2020/03/02/best-practices-for-rest-api-design/
>REST APIs should accept JSON for request payload and also send responses to JSON.
>To make sure that when our REST API app responds with JSON that clients interpret it as such, we should set Content-Type in the response header to application/json after the request is made.
>The only exception is if weβre trying to send and receive files between client and server. Then we need to handle file responses and send form data from client to server.
and scanning this...https://en.wikipedia.org/wiki/Representational_state_transfer
>In a RESTful Web service, requests made to a resource's URI will elicit a response with a payload formatted in HTML, XML, JSON, or some other format.
From there I went on to briefly read up on MIME types...https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types
Referring back to the Stack Overflow and Wikipedia resources, I wanted to know if I'm understanding things correctly? If a client requests a resource with a URL that points to a webpage (or any other text-based format), would the response return a Content-Type: text/html then?
Then the same would apply to images, videos, audio, form data, etc.? I would create responses with those MIME types attached to the Content-Type. That appears to support what was written in the Wikipedia article.
So it appears that each resource has it's own MIME type, but what are specific cases where JSON is sent where the MIME type is application/json?
"What's the difference between a REST API and a RESTful one? ... The short answer is that REST stands for Representational State Transfer. It's an architectural pattern for creating web services. A RESTful service is one that implements that pattern." src
REpresentational State Transfer in short REST is web standard based architecture that mainly uses HTTP Protocol.Β In the RESTful architecture, Server simply provides access to the resources and client accesses them using HTTP protocol. In this article, we will buildΒ RESTful API using Node.js
https://www.opencodez.com/javascript/build-restful-api-using-node-js.htm
I have been spending a day Googling and reading into this but I am not 100% clear. I have read posts that contrast http with ftp and I've read other posts that talk about how RESTful apis handle token based authentication and shopping carts (where what does the name "Representational State Transfer" itself mean was the original question I was trying to answer for myself)
What I've come to understand in the shortest terms possible is that a stateless web application defers remembering anything about the client to long term storage, a backend database. That's it. In the grand scope, there is still a client "state" it just is not held on to by the server itself in volatile memory.
Am I spot in or is there something more I'm missing..?
When you are thinking about API (Application programming interface) architectures, it is common to compare SOAP vs REST. Both are the most common API paradigms. In spite of the fact that the two are quite similar but they are different technologies and are not compared on a granular level. The question is, Why? Because SOAP is a protocol and REST is an architectural style. A REST API can use the SOAP protocol, similar to that it can use HTTP. So, they will be bundled differently, function differently and be used in different scenarios. Let us see, SOAP and REST one by one.
What Is An API?
An API is a part of software that plugs one application directly into the data and services of another by granting it access to specific parts of a server. APIs allows two parts of software to communicate. Theyβre the reason for everything we do on mobile, and also allow us to streamline IT architectures, power savvier marketing efforts, and make easier to share data sets. Similar to other software, APIβs can be pretty straightforward and also there different ways to program one with different attributes that are better for your application. Also, with more built-in features comes more overheadβsomething weβll see when we look at what SOAP has to offer.
What Is SOAP?
SOAP (Simple Object Access Protocol) is its own protocol. It is a more complex by defining more standards than REST things like security and how messages are sent. These built-in standards do carry a bit more overhead, but can be a deciding factor for organizations that require more comprehensive features in the way of security, transactions, and ACID (Atomicity, Consistency, Isolation, Durability) compliance. For this comparison, we should bring up that a significant number of the reasons SOAP is a decent decision once in a while applying to web services scenarios, which makes it increasingly perfect for big business type circumstances. Reasons you might need to build an application with a SOAP API incorporate more elevated amounts of security (e.g., a mobile application interfacing with a bank), informing applications that need solid correspondence, or ACID consistency.
- SOAP has tighter security- WS- Security, in addition to SSL support, is a built-in standard that gives SOAP some more enterprise- level security features, if you have a requirement for them.
- **Successful/ retry logic for reliable
Official website οΌhttps://casbin.org/
githubοΌhttps://github.com/casbin/casbin
Casbin is a powerful and efficient open-source access control library for Golang projects. It provides support for enforcing authorization based on various access control models.
All the languages supported by Casbin:
https://preview.redd.it/lsdux367iw261.png?width=1716&format=png&auto=webp&s=d2b3420f3fbcc688553b434a8fd44b7e2bca0813
Supported modelsοΌ
- ACL (Access Control List)
- ACL with superuser
- ACL without users: especially useful for systems that don't have authentication or user log-ins.
- ACL without resources: some scenarios may target for a type of resources instead of an individual resource by using permissions like write-article, read-log. It doesn't control the access to a specific article or log.
- RBAC (Role-Based Access Control)
- RBAC with resource roles: both users and resources can have roles (or groups) at the same time.
- RBAC with domains/tenants: users can have different role sets for different domains/tenants.
- ABAC (Attribute-Based Access Control): syntax sugar like resource.Owner
can be used to get the attribute for a resource. - RESTful: supports paths like /res/*, /res/:id and HTTP methods like GET, POST, PUT, DELETE.
- Deny-override: both allow and deny authorizations are supported, deny overrides the allow.
- Priority: the policy rules can be prioritized like firewall rules.
See the website for more details.
After waiting for 3 hours for a stalled mailbox move I've seen this:
>Title: Users can't access Exchange Online User
>
>Impact: Users may be unable to access Exchange Online using multiple protocols.
>
>More info: This issue primarily affects Outlook on the web, though some users may also experience problems with Outlook desktop and mobile devices. Users may also be unable to utilize some features that rely on Representational state transfer (REST) functionality. Users able to connect to Exchange may experience delays sending and receiving email. Current status: Our traffic-management optimization procedures are still ongoing as we work to remediate impact for the remaining affected users.
>
>Scope of impact: This issue could potentially affect any of your users intermittently if they are routed through the affected infrastructure.
>
>Start time: Thursday, October 1, 2020, at 4:52 AM UTC
>
>Preliminary root cause:
>
>root cause: A recent configuration update to the components that route user requests caused impact to specific features and services that utilize the Representational state transfer (REST) functionality within Microsoft 365. Next update by: Thursday, October 1, 2020, at 4:00 PM UTC
I'm starting regretting this move
Users can't access Exchange Online
EX223208, Exchange Online, Last updated: October 1, 2020 9:24 AM
Start time: October 1, 2020 6:52 AM
Status
Service degradation
User impact
Users may be unable to access Exchange Online using multiple protocols.
Are you experiencing this issue?
Is this post helpful?
Latest message View history
Title: Users can't access Exchange Online User Impact: Users may be unable to access Exchange Online using multiple protocols. More info: This issue primarily affects Outlook on the web, though some users may also experience problems with Outlook desktop and mobile devices. Users may also be unable to utilize some features that rely on Representational state transfer (REST) functionality. Users able to authenticate to Exchange may experience delays sending and receiving email. Current status: We're evaluating recent changes within the affected infrastructure to determine if any additional factors could be contributing to the issue. Scope of impact: This issue could potentially affect any of your users intermittently if they are routed through the affected infrastructure. Next update by: Thursday, October 1, 2020, 10:30 PM (8:30 PM UTC)
REpresentational State Transfer in short REST is web standard based architecture that mainly uses HTTP Protocol.Β In the RESTful architecture, Server simply provides access to the resources and client accesses them using HTTP protocol.
In this article, we will buildΒ RESTful API using Node.js
https://www.opencodez.com/javascript/build-restful-api-using-node-js.htm
REpresentational State Transfer in short REST is web standard based architecture that mainly uses HTTP Protocol.Β In the RESTful architecture, Server simply provides access to the resources and client accesses them using HTTP protocol.
In this article, we will buildΒ RESTful API using Node.js
https://www.opencodez.com/javascript/build-restful-api-using-node-js.htm
