Non-existent support from Here for embedded browsers? - here-api

Apologies that this is a general question, however Here claims that posting on SO is means of support when tagging here-api.
This is a question I asked over 3 years ago, and have still not received a reply from them. I have also posed the same question on their Slack workspace, and have been ignored there as well, including when they answered someone elses question (and within the same day), and replied directly to their support person who ignored me when calling them out on their lack of support.
Other web-based APIs such as Google can interoperate with embedded browsers, so presumably the issue is with Here. Do other developers have the same issue, and if so, have they been ignored by Here as well?

Related

What are the typical use cases of MeteorJS? What are the essentials missing in Meteor.JS before it can be adopted into mainstream development?

Brief relevance of the question.
I am working on a project, which is my first tech start up. I found the framework very fascinating, but i am afraid that it would lead to troubles because of certain drawbacks that are not meeting my eye at the moment. I would appreciate the Stackoverflow community's perspective on it.
The Project i am planning will be function as a Question & Answer forum much like Quora or Stackoverflow for certain domain of professionals.
Meteor is appropriate for almost anything - that part of your question is a bit broad, but I refer you to the Meteor Trello roadmap for features that still need to be developed.
That said, I think that if you can develop anything using Rails/PHP/whatever, you can make it in Meteor and in 1/10 the time.

Is ESAPI.NET a dead project?

I've been recently tasked with leading an effort to improve our input (and output) validation with OWASP recommendations and PCI compliance in mind. In the process, I'm trying to assess the value of the ESAPI.NET project which does not appear to have seen any activity since the spring of '09 and as it stands is incomplete.
Does anyone have experience using or extending ESAPI.NET v0.2? Is it a good starting place today for building out an infrastructure to address the targeted vulnerabilities?
FYI: I am looking at MS AntiXSS which, of course, only addresses a portion of ESAPI's scope. We already do a good job with SQL injection though there are improvements we need to make.
(If someone wants to create an ESAPI tag, feel free. I don't have the mojo.)
Looks like there were a couple updates last week: http://code.google.com/p/owasp-esapi-dotnet/source/list
You might contact one of the project leads on that list to ask what's going on.
NOTE: 05/26/2012: the last update on that project was dec 4, 2010. Yes, it is dead.
It looks like ESAPI is dead period. There's nobody using it, there are no questions, no forums, no information, nothing. The listservs (what is this, 1996?) are barren too. The documentation is terrible and the samples in the swingset don't work (server that installs is HTTP not HTTPS, and no transactions can be made in HTTP mode).
Seems to be a dead end project.
The project itself seems dead there are however some people who maintain a github copy with several (minor?) additions...
https://github.com/haldiggs/owasp-esapi-dotnet
https://github.com/jstemerdink/owasp-esapi-dotnet

CDN: "Origin pull" service providers? [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Does anyone know of inexpensive "origin pull" CDN service providers.
The only provider that I've found that provides this are SimpleCDN and Akamai. Akamai is crazy expensive and SimpleCDN seems to change their business model daily, so I'm concerned with using them.
We use PantherExpress in "pull mode" (not sure they do anything else, really) and it's great. Also very competitively priced. They're now owned by CDNetworks; I haven't talked to their sales people at all so I don't know how much changed.
LimeLight were also much better priced than I expected when we were getting quotes; but they had this stupid "oh, a little more for this feature and extra for that feature" pricing where PE just gave me a simple price including all their features.
When we were evaluating EdgeCast was missing some of the features we needed, but I think they've caught up now.
We use 10-20Mbit/sec on the CDN to give you a ballpark.
Few other CDNs:
Edgecast
Highwind
Reflected Network
Afaik most of pay-as-go CDN providers, as CDN77.com or Maxcdn, has this feature as the simpliest and standard one. You can find more about Origin Pull providers also in discussion CDN: "Origin pull" service providers?.
As I'm using CDN77 I can confirm you that they are providing this without any problem, with 14 day free trial version, on about 50 or 60 PoPs.
I've used LimeLight with an origin pull model and it works quite well. The only issue is their edge network is constantly expanding so if you want to employ any kind of security for your content on the origin (i.e. firewall ACL's) it becomes a constant maintenance PITA. OTOH, if your content if wide open to the public then I would highly recommend them.
I don't know how cheap they are for a new customer. I guess it depends on how much traffic you are expecting (and ultimately how much money you will give them). My company does a fair amount of CDN business so we got really nice pricing, but YMMV.
Also, if you are a Rackspace customer you might be able to leverage their pricing - they use LL exclusively for their own content and for their cloud offerings (http://www.rackspacecloud.com/cloud_hosting_products/files).
Good Luck!
You might want to give VPS.net CDN a try:
https://www.vps.net/cdn-signup
According to their wiki they support "Origin Pull".
I don't work for them
I haven't used their service
but their pricing looks very competitive.

Who is responsible to look into client reported issues [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
In our organisation we deliver products to different product lines depending on the requirements. in short the same application is customised according to customer requirements and delivered. After deploying the application sometimes we got some issues logged by client.
My question comes here. who is responsible to look into the issues and solve it
Programmers
Testers
Management is asking Testers to have a look into the issues and solve them. But the testers don't have the chance to look into the code. is it feasible to ask the testers to go for the issue resolution and end up wasting time doing nothing thus delaying the solution to the customers.
I would normally expect management to look through the issues every so often (say, every week), and allocate depending on schedules, severity, forthcoming releases etc. Some questions are:
is it an issue a bug, a feature request etc.?
does it prevent your client from working with your tool ?
is it impacted by forthcoming work (e.g. will a new feature remove the feature causing the issue) ?
I don't believe you can resolve these issues in isolation. It requires project managers etc. with awareness of project direction and programmers with awareness of the codebase to work together to determine how/when issues should be addressed, and their impact on other work streams.
Initially you should have a support department that does triage on all newly added issues. They should be empowered and informed enough to decide whether this is a non-issue, whether there's a work-around or whether they don't know. If it's the latter then it should be elevated to programmers.
You might also want to include the testers in the chain if the support guys are unable to produce an adequate 'how to reproduce the problem' document for the programmers.
The way it works at our company is that the testers are asked to verify the client's issue, i.e. trying to reproduce it and document the steps taken to reproduce it. Then it gets logged as an official bug and assigned to a developer who can retake the tester's steps and hopefully fix the bug.
Testers can identify an issue. How can they resolve the same? Only the developer will be able to do it. Looks really strange where a tester is asked to resolve the issue.
Who deals with the clients? Liasing with clients is not a task normally associated with the technical staff.
You should have someone whose role it is to speak to the customers, find out exactly what the issue is and how the client would like it resolved so that it may be passed onto the most relevant person to address the issue.
I would say the logical way to do it is:
Testers should try to reproduce the problem and identify its source
Report the problem with steps to reproduce it to the programmers
It's not common usage to let testers solve the issues as the programmers won't get the feedback they need to avoid the issues in the future.
Testers - verify that the problem exists.
Programmers - solve the problem.
In between there is another part to this, which is "gather information about the problem". Usually this is a split between testers and programmers; exactly how balanced that load is depends on the team.
If you don't have the code, you can't fix bugs. It's as simple as that. At the very most you could fix configuration errors, but if the misconfiguration was caused by the program that's a short-term fix.

Distributed Cache/Session where should I turn? [closed]

As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I am currently looking at a distributed cache solution.
If money was not an issue, which would you recommend?
www.scaleoutsoftware.com
ncache
memcacheddotnet
MS Velocity
Out of your selection I've only ever attempted to use memcached, and even then it wasn't the C#/.NET libraries.
However memcached technology is fairly well proven, just look at the sites that use it:
...The system is used by several very large, well-known sites including YouTube, LiveJournal, Slashdot, Wikipedia, SourceForge, ShowClix, GameFAQs, Facebook, Digg, Twitter, Fotolog, BoardGameGeek, NYTimes.com, deviantART, Jamendo, Kayak, VxV, ThePirateBay and Netlog.
I don't really see a reason to look at the other solution's.
Good Luck,
Brian G.
One thing that people typically forget when evaluating solutions is dedicated support.
If you go with memcached then you'll get none, because you're using completely open source software that is not backed by any vendor. Yes, the core platform is well tested by virtue of age, but the C# client libraries are probably much less so. And yes, you'll probably get some help on forums and the like, but there is no guarantee responses will be fast, and no guarantee you'll get any responses at all.
I don't know what the support for NCache or the ScaleOut cache is like, but it's something that's worth finding out before choosing them. I've dealt with many companies for support over the last few years and the support is often outsourced to people who don't even work at the company (with no chance of getting to the people who do) and this means no chance of getting quality of timely support. On the other hand I've also dealt with companies who'll escalate serious issues to the right people, fix important issues very fast, and ship you a personal patch.
One of those companies is Microsoft, which is one of the reasons that we use their software as our platform. If you have a production issue, then you can rely on their support. So my inclination would be to go with Velocity largely on this basis.
Possible the most important thing though, whichever cache you choose, is to abstract it behind your own interface (e.g. ICache) which will allow you to evaluate a number of them without holding up the rest of the development process. This means that even if your initial decision turns out not to work for you, you can switch it without breaking much of the application.
(Note: I'm assuming here that all caches have sufficient features to support what you need from them, and that all caches have sufficient and broadly similar performance. This may not be a valid assumption, in which case you'll need to provide more detail in your question as to why it isn't).
You could also add Oracle Coherence to your list. It has both .NET and Java APIs.
From microsoft : App fabric
Commerical : NCache
Open source : RIAK
We tried a couple in the end we use the SQL session provider for asp.net/mvc yes there is the overhead of the connection to the DB but our DB server is very fast and the web farm has loads of capacity so not an issue.
Very interested in RIAK has .net client and used by Yahoo - can be scaled to many manu server

Resources