As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 11 years ago.
I am starting with web development. I looked at the URL design of a few websites, especially github and stack overflow.
A user page on github is of the form github.com/<username> (e.g. github.com/roma1n). This strikes me as requiring careful reservation of top-level identifiers, i.e. there cannot be a user explore in github, because github.com/explore shows a list of trending/interesting repositories. It also seems hard to extend once usernames that would make useful page names (e.g. latest, all) have been taken up by users.
Stackoverflow seems to go on the opposite route, where a user page is of the form stackoverflow.com/<numeric id>/<username>. This seems to add redundancy to the address, unless multiple users with the same nickname are allowed (e.g. to make life easier when identifying through other providers such as OpenId?).
What are the pros and cons of each solution, (and of the other obvious ones such as example.com/users/<numeric_id> or example.com/users/<nickname>)? Is there a current best practice or reasonable default?
I think your suggestion example.com/users/<nickname> is pretty reasonable. given a choice I'd pick this, becuase it's more memorable for users than an id, and it sidesteps the the users nickname problem. of course you're free to adopt any convention that fits your use case, so whatever works!
Related
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 9 years ago.
Do you have or know of an example that uses ACL-based security in an MVC app?
I don't specifically know of an example, but MVC is naturally very conducive to ACL. Assign an ACL (or two or three, etc.) to a model. The ACL can be constructed statically or dynamically depending on your needs. Store the ACL in a safe place (such as a secure database). Have the model provide methods to the view that allow it to display itself nicely based on the ACL. Have the model provide methods to the controller that allow it to be queried for permissions and supply credentials as needed to the model. Do not allow other modules of the app to access the ACL besides the model. This preserves the sanctity of MVC.
I recommend considering a role-based ACL instead of user-based, to allow for better scalability in the future in case your app needs it.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 9 years ago.
I have spent some time familiarizing myself with
rails (ruby),
django...and other things like zope and pylons/pyramid (python),
catalyst (perl)
but often find myself wanting to use
sinatra (ruby)
bottle...or flask...(python)
dancer...(perl)
I'm not entirely sure...when I'm about to start a new project, which I should use.
What should be the deciding factor that makes me switch from a micro framework to something more substantial. Is it just when I would otherwise have too much SQL to write? I think not, because if that were the case I could just use an ORM library/module.
My main issue is a fear of choosing something that other developers would not understand if someone else needed to fix the site at a later point in time. Still I am still not sure what should inform my opinion.
With miсro frameworks you have more freedom in the use of libraries, you can add what you think is right. In large frameworks such as Django and etc already much that is "screwed" and there are certain rules and best practices how best to write certain things.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I have a large number of user names and passwords - a different one for every website, service, ... To keep track of the information I have an iOS app that claims to store the information with RSA-256 encryption; it has the option of synchronizing the "vault" between different devices, so I can used either iPad or iPhone to access the information.
In essence, I "trust" the software provider that their claim that their software is secure is true. This means not only (1) that it's well written (no accidental security flaws), but also (2) that there is no "back door" that allows them to intercept or redirect my files during the synch operation - if they did, they would "have everything".
I wonder if there is a "best" way to address this issue. I can think of a few:
write your own. Guarantees (2), but not (1)
have an open source project, and let "the community" help with (1). Of course a malicious person might use the open source to find and exploit (rather than fix) a weakness
Third party certification of a provider's software. Now you have to trust the third party...
There may be a robust solution to this - but I don't know it. Many "related" questions appear to exist on SO, but I couldn't find one that really answered this.
Any takers?
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
Thought I would put this out there before I embark on my own research.
In a current MVC 4 app, I am looking for a way to track/audit visitors. I am looking for a way to:
Record a record on each site request.
Record will include things like logged in user, session id, requested page, page coming from, etc., etc.
Action methods will be decorated with an attribute to trigger the creation of that record, so we can specify exactly which action methods get logged.
Anyone attempted or heard of anything like this?
Thanks in advance for any replies.
An ActionFilter seems to be the way to go. I have an example of a similar requirement that I'd be willing to send you, let me know.
You should consider writing a base controller that all your controllers will inherit from and then do all the logging in there.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I am looking for a way to get the essence or the most important aspect of a webpage? If I provide a URL, is there any external service which can accomplish this? I am not looking for snap.com like service as it provides a snapshot.
I might be willing to even implement such a system on my own. For beginning I do not want to put excessive effort, but rather would love to able to get some basic results. Are there any thoughts on how I may approach this problem?
You can try Yahoo's Term extraction service
Update 02-May-2012
Yahoo has release a new Content Analysis Web service which will be replacing the Term extraction service. It can be invoked by syntactically sweet YQL as shown below
select * from contentanalysis.analyze where url='http://www.cnn.com/2011/11/11/world/europe/greece-main/index.html';
There is also AlchemyAPI which offers a weservice which may serve your purpose.
By snippet, do you mean like a quote that sums up the entire page you want to link to?
So if snap.com isn't a fancy, what about the entire page? For verbosity's sake? You could try out BackupURL if you want like a cache of the entire page of the site instead just a snapshot of a portion of it.