This Week in Spring - February 2nd, 2016

Engineering | Josh Long | February 02, 2016 | ...

Welcome to another installment of This Week in Spring! It's been a busy week for all of us on the Spring team, as you're about to see! I've just finished my presentation at the epic DevNexus show and now I'm off to visit customers in Hartford and Los Angeles before making my way to the epic ConFoo conference in Montreal, Canada. If you're in the area, be sure to ping me and say hi!

We've got a lot to cover, so let's get to it!

AngularJS - Escaping the Expression Sandbox for XSS

Engineering | Rob Winch | January 28, 2016 | ...

UPDATE: This is a summary of XSS without HTML: Client-Side Template Injection with AngularJS. Previously the citation was in the middle of the document and difficult to find. The goal of the summary is to present the exploit and a fix without all the nuances, not to claim the work as my own.

Introduction

AngularJS is a popular JavaScript framework that allows embedding expressions within double curly braces. For example, the expression 1+2={{1+2}} will render as 1+2=3.

This means that if the server echos out user input that contains double curly braces, the user can perform a XSS exploit using…

This Week in Spring - January 26th, 2016

Engineering | Josh Long | January 26, 2016 | ...

Welcome to another installation of This Week in Spring! Here we are, already staring at the second month of the year and, boy!, are things getting exciting! I'm about to start hitting the road again and I'd love to talk to you and your organization if you're near any of the following places and events in February:

Anyway, without further ado, let's get into it!

This Week in Spring - January 19th, 2016

Engineering | Josh Long | January 20, 2016 | ...

Welcome to another installment of This Week in Spring! What a week it's been! Last week saw me visit St. Louis to speak to some customers and deliver a talk at a meetup with my pal Mark Heckler

This Week in Spring - January 12th, 2016

Engineering | Josh Long | January 13, 2016 | ...

Welcome to another installation of This Week in Spring! Today, I spoke at the San Francisco JUG to a packed room and now I'm off to St. Louis for a day of customer meetings. Lots of great stuff to look at as we kick off the new year so let's get to it!

This Week in Spring - January 5th, 2016 (5th Anniversary Edition!)

Engineering | Josh Long | January 06, 2016 | ...

Welcome to another installment of This Week in Spring and welcome back from what I hope was a restive, fun new year!

This week, we mark the fifth anniversary of This Week in Spring which Adam Fitzgerald and I started (based on some discussion with Keith Donald in January 2011) fresh from the 2010 holidays.

Since then I've done my level-headed best to publish it every week (no exceptions! no missed weeks!) before midnight in Hawaii on Tuesday, every week, no matter what timezone I find myself in for that week! The world's a big place, so from the perspective of someone sitting in, say, New York City, it may seem sometimes like this blog goes up midday Monday (00:00AM in various Asian countries) or early morning Wednesday (23:59 in Hawaii) - that's a lot of variability! But I assure, you it's always

Testing Spring Cloud Projects

Engineering | Marcin Grzejszczak | January 04, 2016 | ...

Welcome to my first blog post as a Spring Cloud team member :)

It's been a month since I joined and it's worth to share some of the interesting things that took place during that time.

If you've been reading any of my posts at my Too Much Coding blog then you know that I'm crazy about two things - testing and microservices. Since all that I do at the moment is microservice related today's post will be about testing.

The Spring Cloud projects

When I joined Spring Cloud team I did a quick scan of the Github and it turned out that we have quite a few projects to govern including:

This Year in Spring - December 29, 2015

Engineering | Josh Long | December 29, 2015 | ...

Welcome to another installment of This Week in Spring where, with 2016 just around the corner, we'll look at some interesting news from the last week and we'll take a moment to review another amazing year in the Spring and Pivotal ecosystem.

Now let's look at an short-and-sweet list of the latest-and-greatest from the last week:

This Week in Spring - December 22, 2015

Engineering | Josh Long | December 22, 2015 | ...

Welcome to another installment of This Week in Spring! This week, many of us will be off for the Christmas holiday. If you celebrate, then let me wish you the Merriest of Christmases from our team. If you don't celebrate, we'll see you next week as we look at our annual This Year in Spring! and welcome 2016!

Holiday or not, there's a lot of great stuff to read this week so let's get to it!

  1. If you're using Spring Cloud Eureka and Jersey you may run into issues because Eureka itself uses Jersey 1.x where as Spring Boot's Jersey support is based on Jersey 1. Read how Aleksandar Stoisavljevic solved it

Get the Spring newsletter

Stay connected with the Spring newsletter

Subscribe

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all