Back-End Development

Large scale data breaches and critical security vulnerabilities have companies thinking about security more than ever.  Many developers are familiar with the OWASP top 10 (https://owasp.org/www-project-top-ten/).  There are already many resources on generic mitigation for these vulnerabilities.  So instead, in this series, I will cover security issues and mitigations specific to AEM.  Here I will […]

Large scale data breaches and critical security vulnerabilities have companies thinking about security more than ever.  Many developers are familiar with the OWASP top 10 (https://owasp.org/www-project-top-ten/) and there are already many resources on generic mitigation for these vulnerabilities.  Instead in this series, I cover security issues and mitigations specific to AEM.  Today’s topic is Denial […]

Large scale data breaches and critical security vulnerabilities have companies thinking about security more than ever.  Many developers are familiar with the OWASP top 10 (https://owasp.org/www-project-top-ten/) and there are already many resources on generic mitigation for these vulnerabilities.  Instead in this series, I cover security issues and mitigations specific to AEM.  Today’s topic is Sling […]

Working with a headless website setup sometimes can be challenging. For example, if you insert an image directly into the TinyMCE text editor sometimes (it depends on a lot of factors) you can see the relative path to the server storage where the image is saved. But because it’s a headless setup, the front end […]

Large scale data breaches and critical security vulnerabilities have companies thinking about security more than ever.  Many developers are familiar with the OWASP top 10 (https://owasp.org/www-project-top-ten/) and there are already many resources on generic mitigation for these vulnerabilities.  Instead in this series, I cover security issues and mitigations specific to AEM. XSS and AntiSamy As […]

A tool for Testing Web Services, including SOAP, RESTful, and HTTP-based services, is called SoapUI. With a commercial partner called ReadyAPI that offers further capabilities for businesses with mission-critical Web Services, SoapUI is an Open Source, totally Free solution. The de facto standard for API Service Testing is SoapUI, which has been downloaded more than […]

Creating inclusive and multilingual websites is complex but not without its benefits, especially to multilingual web users with disabilities. In Megan Jensen’s ‘kick off post’ on cultural inclusion she notes that “Undertaking a global multilingual website can be an intimidating and overwhelming project but it doesn’t have to be.” We’ve outlined specific ways to deliver […]

The task at hand At some point as a developer, you might need to combine multiple Sitecore Media Library items into a compressed ZIP and deliver it on the fly to the end-user. In my use case, I had a client that wanted to build out an asset library for the press to use when […]

What is a headless CMS? A headless CMS is a back-end only content management system (CMS) built from the ground up as a content repository that makes content accessible via a RESTful API or GraphQL API for display on any device. The term “headless” comes from the concept of chopping the “head” (the front end, i.e. the […]

Spring boot with ES Java API Client to Build and Execute Queries in Elasticsearch. Prerequisites: Knowledge in Java, Spring boot, Elasticsearch, Kibana. Concept: The purpose of this blog is to present an idea for connecting, constructing queries, and querying Elasticsearch through Java applications. What is Elasticsearch? Elasticsearch is a distributed, free and open search and […]

In the Optimizely CMS world, we see GUIDs everywhere. They are unique identifiers for content types and more. As part of Optimizely CMS development, developers are advised to always specify GUIDs in their Content-Type declarations. If one isn’t specified, the DB assigns one dynamically when saving the Content-type. A big reason for this is that […]

I had a bug in a TM1 application recently that was very difficult to track down, and it was because I didn’t understand the different ways that TM1 might respond to vague or incorrect MDX expressions.  MDX makes some unexpected assumptions. Take the following simplified example cube: Let’s say that I have an active form […]