jQuery, Security and Web Services

jQuery, Security and Web Services - Oh My!

It's going to be a hectic couple of weeks for me, as I get ready to head to Utah this weekend for the annual UTOUG Training Days conference next week. I love Salt Lake City, and the UTOUG conference is just the right size - not too large, but large enough that most of the rooms are full of attendees.

This year, I've got three slots, each as different as the next:

jQuery & APEX Primer

This session is aimed at the APEX developer who has just never had the time to get into the details of jQuery. It starts with an overview of the basics, and then proceeds to demonstrate these concepts using a simple HTML page. After that, it will show some more practical examples of how jQuery can work in an APEX application.

Secure Your APEX Applications with APEX-SERT

Security is as important as ever, and this session will show you how APEX-SERT - a free, open source tool - can be integrated into your development process. Once installed, APEX-SERT is instantly available to any and all workspace developers. Evaluations can also be scheduled to run daily, so your application is constantly being checked for potential threats.

GET POST ORDS JSON: Web Services for APEX Decoded

Lastly, web services are also one of the things that APEX developers may not have a lot of experience with. They are becoming more and more critical in modern web development, and it's a matter of when you'll need to learn them, not if. This session covers the basics then walks through how to take a standard APEX form and modify it to use web services instead of the built-in DML processes.

If that wasn't enough, I'll also be a part of the APEX panel on Tuesday - but will likely have to bail out a bit early to make my flights back home.

The full schedule can be found here: http://www.utoug.org/Schedule

See you in SLC!

Comments

Custom Export to CSV

It's been a while since I've updated my blog. I've been quite busy lately, and just have not had the time that I used to. We're expecting our 1st child in just a few short weeks now, so most of my free time has been spent learning Lamaze breathing, making the weekly run to Babies R Us, and relocating my office from the larger room upstairs to the smaller one downstairs - which I do happen to like MUCH more than I had anticipated. I have everything I need within a short walk - a bathroom, beer fridge, and 52" HD TV. I only need to go upstairs to eat and sleep now, but alas, this will all change soon... Recently, I was asked if you could change the way Export to CSV in ApEx works. The short answer is, of course, no. But it's not too difficult to "roll your own" CSV export procedure. Why would you want to do this? Well, the customer's requirement was to manipulate some data when the Export link was clicked, and then export it to CSV in a forma

Refreshing PL/SQL Regions in APEX

If you've been using APEX long enough, you've probably used a PL/SQL Region to render some sort of HTML that the APEX built-in components simply can't handle. Perhaps a complex chart or region that has a lot of custom content and/or layout. While best practices may be to use an APEX component, or if not, build a plugin, we all know that sometimes reality doesn't give us that kind of time or flexibility. While the PL/SQL Region is quite powerful, it still lacks a key feature: the ability to be refreshed by a Dynamic Action. This is true even in APEX 5. Fortunately, there's a simple workaround that only requires a small change to your code: change your procedure to a function and call it from a Classic Report region. In changing your procedure to a function, you'll likely only need to make one type of change: converting and htp.prn calls to instead populate and return a variable at the end of the function. Most, if not all of the rest of the code can rem

Logging APEX Report Downloads

A customer recently asked how APEX could track who clicked “download” from an Interactive Grid. After some quick searching of the logs, I realized that APEX simply does not record this type of activity, aside from a simple page view type of “AJAX” entry. This was not specific enough, and of course, led to the next question - can we prevent users from downloading data from a grid entirely? I knew that any Javascript-based solution would fall short of their security requirements, since it is trivial to reconstruct the URL pattern required to initiate a download, even if the Javascript had removed the option from the menu. Thus, I had to consider a PL/SQL-based approach - one that could not be bypassed by a malicious end user. To solve this problem, I turned to APEX’s Initialization PL/SQL Code parameter. Any PL/SQL code entered in this region will be executed before any other APEX-related process. Thus, it is literally the first place that a developer can interact with an APEX p

Scott Spendolini's Blog

Search This Blog