HTTP Mailbox - Asynchronous RESTful Communication

We describe HTTP Mailbox, a mechanism to enable RESTful HTTP communication in an asynchronous mode with a full range of HTTP methods otherwise unavailable to standard clients and servers. HTTP Mailbox allows for broadcast and multicast semantics via HTTP. We evaluate a reference implementation using ApacheBench (a server stress testing tool) demonstrating high throughput (on 1,000 concurrent requests) and a systemic error rate of 0.01%. Finally, we demonstrate our HTTP Mailbox implementation in a human assisted web preservation application called "Preserve Me".Comment: 13 pages, 6 figures, 8 code blocks, 3 equations, and 3 table

Undercurrents – A Computer-Based Gameplay Tool to Support Tabletop Roleplaying

This paper introduces Undercurrents, a computer-based gameplay tool for providing additional communication and media streams during tabletop roleplaying sessions. Based upon a client-server architecture, the system is intended to unobtrusively support secret communication, timing of audio and visual presentations to game events, and real-time documentation of the game session. Potential end users have been involved in the development and the paper provides details on the full design process

HTTP Mailbox - Asynchronous Restful Communication

Traditionally, general web services used only the GET and POST methods of HTTP while several other HTTP methods like PUT, PATCH, and DELETE were rarely utilized. Additionally, the Web was mainly navigated by humans using web browsers and clicking on hyperlinks or submitting HTML forms. Clicking on a link is always a GET request while HTML forms only allow GET and POST methods. Recently, several web frameworks/libraries have started supporting RESTful web services through APIs. To support HTTP methods other than GET and POST in browsers, these frameworks have used hidden HTML form fields as a workaround to convey the desired HTTP method to the server application. In such cases, the web server is unaware of the intended HTTP method because it receives the request as POST. Middleware between the web server and the application may override the HTTP method based on special hidden form field values. Unavailability of the servers is another factor that affects the communication. Because of the stateless and synchronous nature of HTTP, a client must wait for the server to be available to perform the task and respond to the request. Browser-based communication also suffers from cross-origin restrictions for security reasons. We describe HTTP Mailbox, a mechanism to enable RESTful HTTP communication in an asynchronous mode with a full range of HTTP methods otherwise unavailable to standard clients and servers. HTTP Mailbox also allows for multicast semantics via HTTP. We evaluate a reference implementation using ApacheBench (a server stress testing tool) demonstrating high throughput (on 1,000 concurrent requests) and a systemic error rate of 0.01%. Finally, we demonstrate our HTTP Mailbox implementation in a human-assisted Web preservation application called “Preserve Me! and a visualization application called Preserve Me! Viz

Web collaboration for software engineering

Tese de mestrado integrado. Engenharia Informática e Computação. Faculdade de Engenharia. Universidade do Porto. 200

SafeWeb: A Middleware for Securing Ruby-Based Web Applications

Web applications in many domains such as healthcare and finance must process sensitive data, while complying with legal policies regarding the release of different classes of data to different parties. Currently, software bugs may lead to irreversible disclosure of confidential data in multi-tier web applications. An open challenge is how developers can guarantee these web applications only ever release sensitive data to authorised users without costly, recurring security audits. Our solution is to provide a trusted middleware that acts as a “safety net” to event-based enterprise web applications by preventing harmful data disclosure before it happens. We describe the design and implementation of SafeWeb, a Ruby-based middleware that associates data with security labels and transparently tracks their propagation at different granularities across a multi-tier web architecture with storage and complex event processing. For efficiency, maintainability and ease-of-use, SafeWeb exploits the dynamic features of the Ruby programming language to achieve label propagation and data flow enforcement. We evaluate SafeWeb by reporting our experience of implementing a web-based cancer treatment application and deploying it as part of the UK National Health Service (NHS)

Cross-Browser Document Capture System

Veebilehte kuvatakse harva täpselt samasugusena erinevates brauseri ja operatsioonisüsteemi kombinatsioonides. Sellel on mitmeid põhjuseid: veebistandardite tõlgendamine brauseri poolt, brauseri visualiseerimismootor, operatsioonisüsteemi vaikefondid, brauserisse installeeritud pistikprogrammid, ekraani eraldusvõime jms. Nende erinevuste tähelepanuta jätmine võib tekitada probleeme veebilehe kujunduses, mille tagajärjeks on klientide kaotamine. Veebidisaineritele võib tunduda veebilehtede testimine mitmes brauseris tavapärase praktikana, et leida brauseritevahelised kujunduse probleemid. Katsed näitavad, et visuaalsete erinevuste käsitsi leidmine on tülikas ja kohmakas ülesanne. Seda teades on meie meeskonna liige loonud algoritmi, mis on osutunud inimestega võrreldes märkimisväärselt kiiremaks ja täpsemaks kujunduses vigade leidmisel. Algoritm töötab selliselt, et veebilehest tehtud aluspilti (tarkvara testimise mõistes oraaklit) võrreldakse samast veebilehest teiste brauseritega tehtud piltidega, leides nendes paigutuse erinevusi, mida ka inimsilm arvestaks väärana. Käesolev töö keskendub probleemile, kuidas eelnevalt mainitud algoritmile sisendit luua. Töö annab valikulise ülevaate olemasolevatest lahendustest ja teenustest, mis tagastavad veebilehe sisu pildi kujul, ning võimalusel mõõdab nende jõudlust. Tuvastatakse nimekiri nõuetest, mis on vajalikud mitmeplatvormilise veebidokumentide pildistamise lahenduse kommertsialiseerimiseks. Seejärel tutvustab töö kiiret ja mitmeplatvormilist meetodit veebilehe täispikkuses pildistamiseks ning annab ülevaate skaleeritava arhitektuuriga veebiteenusest, mis pildistab veebilehti virtuaalsetes ja füüsilistes masinates ning erinevates brauserites ja operatsioonisüsteemides.A web page is seldom displayed in the exact same manner in different browser and operating system combinations. There are several reasons for different rendering outcomes: interpretation of web standards by the browser, the browser's rendering engine, available fonts in the operating system, plugins installed in the browser, screen resolution etc. Neglecting to consider these differences as a web designer may lead to webpage layout issues that result in lost customers. Web designers might consider it common practice to test webpages on several browsers to eliminate cross-browser layout issues. Experiments show that finding visual differences is a dull and cumbersome task for people. Knowing this, another member working at Browserbite has created an algorithm that has proved to be much faster and more accurate at finding layout issues compared to humans. The algorithm works by comparing a baseline (oracle in software testing terms) webpage in image form to other image captures of the same webpage in different browsers, finding differences in layout and position that a human might consider erroneous. This thesis concentrates on the problem of creating the input to the aforementioned algorithm. A selective overview of existing solutions and services for webpage capture and automation is given, measuring their performance where possible. A list of requirements are established for a cross-platform capture solution to be commercialized. A fast and cross-platform method of capturing full webpages is then introduced, and an overview of a scalable Software-as-a-Service system implemented for cross-browser and cross-platform capture in several virtual and physical machines asynchronously is given