Ways to overcome the same-origin policy browser restriction

One of my friend asked me yesterday what are the different ways of overcoming the same-orgin policy restriction in browsers. I have given the answer and thought that it might be worth sharing it..

• The Web page request data from the Web server it originates from, and to have the Web server behave as a proxy relaying the request to the actual third-party servers. Although widely used, this technique isn't scalable
• Use frame elements to create new areas in the current Web page, and to fetch any third-party content using GET requests. After being fetched, however, the content in the frames would be subject to the same-origin policy limitations
• Insert a dynamic script element in the Web page, one whose source is pointing to the service URL in the other domain and gets the data in the script itself. When the script loads, it executes. It works because the same-origin policy doesn't prevent dynamic script insertions and treats the scripts as if they were loaded from the domain that provided the Web page

Showing Text Vertically Aligned In The Browser

Recently in one of the projects we did have a requirement to show the terms & conditions in a vertically aligned format while all other contents in the page has to display in horizontally aligned format.

The solution that we have found out, works well with all the IE versions from 6 onwards and all the Mozilla versions from 3.1 onwards.

The following HTML content will do the job

<head>
<style>
.notrans {
width: 300px;
border:4px solid #ff0000;
}

.trans {
width: 300px;
border:4px solid #ff0000;
-webkit-transform: rotate(-90deg);
-moz-transform: rotate(-90deg);
filter: progid:DXImageTransform.Microsoft.BasicImage(rotation=3);
}
</style>
</head>
<body>
<div class="notrans">An element without translation</div>
<br /><br />
<div class="trans">An element translated horizontally by 100px</div>
</body>

Precompiling JSP Files in WCS

Expand the enterprise application archive using the following command. WAS_installdir/bin/EARExpander -ear /mytmp/WC_instance.ear -operationDir /mytmp/WC_instance.expanded.ear -operation expand -expansionFlags war

· Change the JSP Engine parameters. You want to ensure that the JSP engine will not compile any JSP files for the Stores Web module at run time. This ensures that your precompiled JSP files from the WEB-INF directory is used.

o Open /mytmp/WC_instance.expanded.ear/Stores.war/ibm-web-ext.xmi in a text editor.

o Add the following line before the line

</webappext:WebAppExtension>

< xmi:id="JSPAttribute_2" name="disableJspRuntimeCompilation"

value="true"/>>

Ensure that the xmi:id of the new line is unique within the file.

o Run the JSP batch compiler using the command WAS_installDir/bin/JspBatchCompiler -ear.path /mytmp/WC_jbweb1.expanded.ear -webmodule.name Stores.war -compileToWebInf true

o Since you disabled runtime compilation in Step 3, you must review the log to ensure that all JSP files compiled without error. If some JSP files are not compiled, correct the error and run the compilation step again

Long Name Directory Delete in Windows

Recently one of the tool have created a long directory structure in our Windows 2003 server machine. When we were trying to delete the path via explorer windows was not allowing us to do so. We have tried it through dos with rd /S option still it is not allowing us. We just went inside the leaf directory and try to delete all the files in the leaf directory, we got a message saying that "the file name or extension is too long". We have googled and find out the command to remove the directory that is too long(basically bigger than MAX_PATH=260). The solution is to give a fully qualified file name via giving \\?\fullpath. So actually if you want to remove a directory named C:\ab which contain a subfolder tree that is having a path that violate the above condition you could give the following command
rd /S \\?\C:\ab

Blank page encountered in IE when accessing WebSphere Commerce Accelerator

While accessing the Websphere commerce accelarator in IE as a https request, I got a blank page. I was wondering why it was giving a blank page. Firefox and Google chrome was showing the page properly though. After some research I have found out the firefox and goolge chrome ask to add the https sites to the trusted site list while accessing the site itself and IE is not doing so. So to correctly get the commerce accelarator page in IE we need to add the site in the list of trusted site using the menu option Tools -> Internet Options -> Security -> Trusted Sites

Retrieving Merchant Key From Websphere Commerce

While installing the websphere commerce server you normally provide the merchant key and that key will be used for enrypting and decrypting different values in the system. When we want to directly encrypt the value using the wcs utilities we have to provide the merchant key and if we forget the merchant key we can directly get it from the server using the following methods

• Call the method com.ibm.commerce.server.ConfigProperties.singleton().getMerchantKey()
• or Call the method com.ibm.commerce.server.WcsApp.configProperties.getMerchantKey()

The above methods are there in WCS6. WCS7 on wards you have to use the following

com.ibm.commerce.util.nc_crypt.decrypt(ConfigProperties.singleton().getValue("Instance/MerchantKey")

Change User Password in WCS

In some situations you might forget the password of a particular user in wcs and you would like to set a new password to that user. Actually the password is stored in the database in the encrypted format and the encryption keys used are the merchant key and the SALT column value in the USERREG table for the corresponding user. We can change the password using the following way

Using wcs_password utility

Go to bin folder of the WCS server and supply the command

wcs_password

The command generate the password in the encrypted format and printout in the console.

Copy the encrypted password from the console and directly update the USERREG table's LOGONPASSWORD column with the generated value and update the SALT column value with the SALT value you have given in the above command

Direct Database Update

This method can be done only if you know atleast one user's password. We have to copy the LOGONPASSWORD column and SALT column of the known user to the the unknown user

Changing Merchant Key Value in WCS

There will be lot of occasions come during your life with WCS where you want to change the merchant key. The possbile reasons are

• Because of security reasons the organization decide to change the merchant key on a regular interval
• While doing enhancement to the production site. You will be in a position to migrate the data from existing production server to the new production server. For smoother data migration the requirement is that both the servers should be having same merchant key

The steps for doing the merchant key change are given below

• Run the following command where demo is the instance name and "1234567890abcdef" is the current merchant key

  MigrateEncryptedInfo db2 demo 4 5000 1234567890abcdef abcdef1234567890

• Run the command to update the server with the data "config_ant.bat -DinstanceName= demo UpdateEAR"
• Restart the server

Now check the merchant key via mentioning the steps mentioned in the article Retrieving Merchant Key From Websphere Commerce. You will see the new merchant key

Not able to create the certificate request (CSR) with key siz 2048 in IBM HTTP Server V6.0

Recently one of our client try to put a 2048 certificate in their http server and they have only findout the option to put 1024 & 512 size certificates. Basically IBM HTTP server is showing only these two options while trying to create a certificate request. The reason is by default, the iKeyman utility uses the Java 1.4 version of the gskikm.jar file installed with IBM HTTP Server V6.0 and that does not support the 2048 size. So the solution is to replace it.

Please find the below link from IBM for more information

http://www-01.ibm.com/support/docview.wss?uid=swg21421447