MSIE Launch Browser Windows in a Separate Process…

This is often troublesome. and occasionally occurs in newer versions of MSIE. This option in MSIE4 and later specifies whether a new process is created for each instance of Internet Explorer that you start. With this setting disabled, all instances of Internet Explorer and Windows Explorer that you start are run in the same process. When you enable this setting, you can prevent one instance of Internet Explorer or Windows Explorer from effecting other instances if it stops responding (hangs); however, if you enable this setting, additional resources are consumed and Internet Explorer’s performance may be affected.

Generally, this option is available on the Internet Control Panel, Advanced tab, but sometimes it isn’t visible. If this is the case, a simple registry change can manually control it.

WARNING: this is a registry change, so please be careful!

  • HKEY_LOCAL_MACHINE/software/microsoft/windows/currentversion/explorer/BrowseNewProcess
  • HKEY_CURRENT_USER/software/microsoft/windows/currentversion/explorer/BrowseNewProcess

BrowseNewProcess = Yes

References:

Cheers.

Mozilla networking configuration

Here’s another, albeit awkward configuration change for Mozilla Firefox for networking.

Enter about:config in the URL of the browser and manipulate the following,  I’ve shown the defaults in parethesis to aid in reverting them if you encounter problems.

network.http.pipelining=true (def:false)
network.http.proxy.pipelining (def:false – only required if you use proxies that support)
network.http.pipelining.maxrequests=8 (def:4, max is 8)

References:

Cheers!

WOT – Website reputation

Previously I discussed the McAfee SiteAdvisor plugin. Another similar project is WOT.

The differences with it are as follows:

  1. Instead of a centralized service, WOT is democratic. As such, the result is based on the feedback of any user that takes the time to rate a given website.
  2. WOT is available for Firefox and MSIE.

Since this coexists well within the browser, there’s no reason you can’t use both!

References:

Happy surfing!

Business Jargon – aka Office speak for the cubicle constrained!

I saw this article today and realized just how much of this language has become my own…. I really need to just “get a life” 🙂

http://dumblittleman.blogspot.com/2007/01/business-jargon-dictionary.html

For more, see the following:

Like acronyms…. see these:

Personally, i’m into Demotivators….

Now get back to your cubicle and code, you hippie!

McAfee SiteAdvisor

This is a great free plugin for Firefox and MSIE. After installation of the plugin, web links particularly in search engines like Google will contain an image/icon displaying a level of trust as well as some basic information about the website.

As a website owner, it is recommended that you add your site. To do so, you must first prove that you can publish content on the website. This is accomplished by submitting a form, after which you are given a filename (typically the domain with a ‘randomized’ hashcode) to create on your website.

NOTE: when doing this you must also insure that your website generates proper “404 Not Found” HTTP errors for non-existent files, as the verification process also tests that scenario.

Once listed, McAfee will scan your website for vulnerable downloads, reviews, related (linked) websites, as well as track outbound email (possible SPAM) generating from your domain.

References:

Here’s to a safer online experience.

MSIE6 javascript memory leaks

Argh…. yet again, this crappy product has another bug that developers must work around!

It seems that Microsoft doesn’t release memory to javascript objects from memory when created on a page… even when the page is unloaded.

Let’s think about this one for a second, why would you want to keep a javascript variable or DOM reference in memory after the user has navigated away from that page? This violates the stateless paradigm that web applications generally work with, besides… how would a developer be able to get that information (memory) back on the next page anyways? Perhaps, it was some genious that tried to keep state in javascript when the ‘BACK’ button was pressed… we’ll probably never know.

There’s a great quote I found while researching this…

“IE has an issue where it leaks memory when a circular reference is created between a COM object and a javascript object. In IE, the DOM is implemented via COM ….. This memory is not reclaimed until the browser closes. The simplest solution is to pretend there is no garbage collector for objects and make sure you always clean-up after yourself.”

References:

Microsoft ‘chimes in’:

Tools to help:

Cheers!

Automated Java code review tools

I recently found out about ‘static analysis’ of Java code. I’ve found two of these tools that are both free and easy to use. Both provide review of java bytecode and look for common development errors and inefficiencies…
FindBugs is based on the concept of bug patterns. A bug pattern is a code idiom that is often an error. Bug patterns arise for a variety of reasons:

  • Difficult language features
  • Misunderstood API methods
  • Misunderstood invariants when code is modified during maintenance
  • Garden variety mistakes: typos, use of the wrong boolean operator

PMD scans Java source code and looks for potential problems like:

  • Possible bugs – empty try/catch/finally/switch statements
  • Dead code – unused local variables, parameters and private methods
  • Suboptimal code – wasteful String/StringBuffer usage
  • Overcomplicated expressions – unnecessary if statements, for loops that could be while loops
  • Duplicate code – copied/pasted code means copied/pasted bugs

Both integrate easily within Eclipse based (and other IDE’s) is typically done with the use of a simple plugin.

FindBugs can also run as a Java WebStart (JNLP) application, however a different UI is shown for JRE 1.4 vs. 1.5 and above (look out!).
More information:

While no tool can identify all problems, these will help you find some troublesome problems and give you areas to take a deeper look at.

Happy reviewing and fixing.

Installing Perl CGI on Apache (for Windows)

Installing Perl on a Win32 installation of Apache is trivial. Just a few short years ago (roughly the year 2000) most commercial website still ran large amounts of Perl code. Several open-source projects like BugZilla still rely on this powerful scripting language.

Here’s a few simple steps and advice to consider when the need comes to add this feature to your installation.

  1. Download Perl for Win32 – ActiveState Perl is the standard distribution to use, and installation is a snap.URL = http://www.activestate.com/Products/ActivePerl/a) Get the MSI file version as it’s executable (the AS version is a ZIP file for manual installs)

    b) The default path it chooses is “C:\Perl”, I advise that you use “c:\usr” instead as it makes it easier to port programs to and from UNIX/LINUX.

    c) The MSI installer takes care of the PATH file settings, so you should have no other work for installation.

  2. Modify the Apache httpd.conf file to enable (uncomment or add the following lines).

    AddHandler cgi-script .cgi
    AddHandler cgi-script .pl

  3. Restart Windows to ensure that the new configuration is available to the operating system.
  4. Test your install…a) Create a new file on the server named /cgi-bin/hello.pl with the following content:

    #!/usr/bin/perl
    print “Content-type:text/html\n\n”;
    print “hello world”;

    b) Start (or restart) the Apache service.

    c) Access the file in the browser, example:

    URL = http://localhost/cgi-bin/hello.pl

    d) If everything works, you should see the words “hello world”, otherwise, if you see the source code or ‘500 Server Error’ then the config has a problem.

Happy Scripting.

Custom JavaScript error notification

Debugging JavaScript errors is a time-consuming effort requiring keen eyes and a sharp mind.

MSIE typically only gives a cryptic ‘Object Expected’ error message and little more (even with the Microsoft Script Debugger installed!).

Some tools like FireBug and the Venkman debugger (both for Mozilla/Firefox) help in this matter, but often it helps to have an alert when an issue occurs.

Here’s a simple implementation that I’ve found useful…

[script type=”text/javascript”]
window.onerror=myErrorHandler;

function myErrorHandler(msg,url,l){
var txt=”There was an error on this page.\n”;
txt+=”Error: ” + msg + “\n”;
txt+=”URL: ” + url + “\n”;
txt+=”Line: ” + l + “\n\n”;
txt+=”Click OK to continue.\n\n”;
alert(txt); return true; }
[/script]

REFERENCES:

That’s it….

java.policy file

While it’s not preferred or even ‘secure’, sometimes the need arises to ‘open’ up the Java security model.   Fortunately this is an easy task.

This is located in a file named ‘java.policy’ in the “JRE/lib/security” folder.

Default file (from JRE 1.5.0.x) resembles the following…

// Standard extensions get all permissions by default

grant codeBase “file:${{java.ext.dirs}}/*” {
permission java.security.AllPermission;
};

// default permissions granted to all domains

grant {
// Allows any thread to stop itself using the java.lang.Thread.stop()
// method that takes no argument.
// Note that this permission is granted by default only to remain
// backwards compatible.
// It is strongly recommended that you either remove this permission
// from this policy file or further restrict it to code sources
// that you specify, because Thread.stop() is potentially unsafe.
// See “http://java.sun.com/notes” for more information.
permission java.lang.RuntimePermission “stopThread”;

// allows anyone to listen on un-privileged ports
permission java.net.SocketPermission “localhost:1024-“, “listen”;

// “standard” properies that can be read by anyone

permission java.util.PropertyPermission “java.version”, “read”;
permission java.util.PropertyPermission “java.vendor”, “read”;
permission java.util.PropertyPermission “java.vendor.url”, “read”;
permission java.util.PropertyPermission “java.class.version”, “read”;
permission java.util.PropertyPermission “os.name”, “read”;
permission java.util.PropertyPermission “os.version”, “read”;
permission java.util.PropertyPermission “os.arch”, “read”;
permission java.util.PropertyPermission “file.separator”, “read”;
permission java.util.PropertyPermission “path.separator”, “read”;
permission java.util.PropertyPermission “line.separator”, “read”;

permission java.util.PropertyPermission “java.specification.version”, “read”;
permission java.util.PropertyPermission “java.specification.vendor”, “read”;
permission java.util.PropertyPermission “java.specification.name”, “read”;

permission java.util.PropertyPermission “java.vm.specification.version”, “read”;
permission java.util.PropertyPermission “java.vm.specification.vendor”, “read”;
permission java.util.PropertyPermission “java.vm.specification.name”, “read”;
permission java.util.PropertyPermission “java.vm.version”, “read”;
permission java.util.PropertyPermission “java.vm.vendor”, “read”;
permission java.util.PropertyPermission “java.vm.name”, “read”;
};

The replacement to remove all restrictions…

grant {
permission java.security.AllPermission;
};

Just be sure to restore your settings back to ‘normal’ before visiting any untrusted websites or java applications.