It took forever, but I’ve finally how to stop Tomcat adding a Pragma: no-cache header to any resources in a secure context. You need to set disableProxyCaching to false, so if you’re using basic authentication you need a valve like:

<Valve className="org.apache.catalina.authenticator.BasicAuthenticator"
  disableProxyCaching="false" />

That needs to go within the definition for your web-app. So, within the META-INF (some sources say within WEB-INF?) create a context.xml file like:

<Context>
<Valve className="org.apache.catalina.authenticator.BasicAuthenticator"
  disableProxyCaching="false" />
</Context>

I found deploying as a WAR didn’t work (it seemed to ignore the context.xml), but deploying the exploded files did work and that’s fine by me.

Apparently Sun has finally decided to give some love to the Swing text APIs with the addition of a removeElement method. What the linked article fails to mention is that in the particular example given, you can remove the list item with a simple document.remove(e.getStartOffset(), e.getEndOffset() - e.getStartOffset());

When you get into trouble with the swing text apis is when there are two elements that start and end at the same point – ie: a list as the only child of a table cell:

I’ve spent a fair bit of time writing articles for LiveWorks! lately – posting weekly isn’t as easy as it seems, particularly when you have three weeks leave coming up. Most of the articles include some kind of code, be it JavaScript or Java and an explanation of what the code does, why it does it and how you might use those techniques in other ways. As I go through writing the article trying to explain my code it really highlights how nonsensical my original design decisions are. Even when I’ve gone back over code and carefully refactored it to be clear, when I come to write the article I almost always rearrange things again.

For quite a while we’ve lamented the lack of whiteboards in our office and talked about getting some in. A week or two ago Brett actually arranged it and so I’ve wound up with a lovely big whiteboard above my desk that I happily draw all over. I’ve always been a big fan of whiteboards for problem solving or brain storming sessions, even if I’m working alone. Something about the big open space and ease of erasure makes it so much better than paper.

I discovered one of our client’s company blogs1 tonight because they mentioned they’d just upgraded to EditLive! 6. Reading through the backlog I discovered they’ve found a clever way to reduce the impact of form spam that I hadn’t come across before2 – only accept the submission if it uses multipart/form-encoding not just a plain post. Like most techniques it won’t work if everyone does it but it’s another interesting way to differentiate.

When an engineer can reproduce a bug they get excited because it means they can be sure to fix it.

When a manager can reproduce a bug they get annoyed because it means they keep running into it.

This is currently the most frustrating part of the transition from engineer to manager. I have in fact submitted a patch on one occasion – it was rejected because it didn’t have tests. Sigh.

One of the challenging practices in XP is daily deployment – it requires your development team to have a very low defect rate and completely automated build and deployment tools. In an off the shelf software scenario it has the additional challenge that you can’t actually get your customers to upgrade every day.

At Ephox we’ve adhered to this practice pretty well in the past by automatically deploying builds to all our internal systems, including our corporate wiki, website CMS and even this blog. Of course, that’s still just a small subset of the kind of environments that we’re actually used in and it’s not actually getting out to real customers. To take the next logical step, we need to make those builds available to any customers who feel like checking out what’s new – maybe not every day, but between all our customers hopefully regularly enough to give us good feedback.

It turns out the root cause of the problems I was seeing with Safari on Windows is that it simply doesn’t support signed applets. That’s pretty sad really. Apple seem to have implemented their own Java plugin instead of using the one that Sun provides (they’re using the Sun JRE via their plugin) and of course it’s missing most of the features you’d want from a Java plugin.

I’ll report it to Apple officially just as soon as someone fixes the bug reporter – it’s currently down. Perhaps there are too many people logging bugs against the new Safari and Leopard builds….

So Apple have released Safari for Windows – really no idea why, but they have. Sadly, just like on Mac it has terrible JavaScript and Java debugging support. In fact, it’s worse on Windows than on Mac – anyone know how to turn the debug menu on? Anyone know how to get a Java console to appear?

I’d really, really like to make things work with it but all I can do at the moment is randomly guess at the source of problems.

The antileech plugin so far has done nothing towards actually blocking content and frankly doesn’t really show a lot of promise that it ever will, however it has been interesting seeing where my content pops up. One that looks rather odd to me is dcomments.com. Frankly it looks just like a splog but it doesn’t have any ads or links out to other sites. It does however republish all my content without any extra comments and has the absolute minimum of linkage back to symphonious.net. In fact, regularly through the site the term “Symphonious” is used but linked to their version of the content – the only link back is labelled “Original article here”, right about an Add Comment button.

I suppose I should be happy but I’m not sure I am. It appears that my blog has moved from the insignificant long tail to the worth spamming and leeching long tail. Like every blog, I’ve always seen comment spam coming in, but I’m not seeing targeted comment spam picking out the posts with the best page rank and focussing on them. I’m also suddenly seeing splogs leeching my content.

Apparently someone told bloggers that adding pictures to your posts helps make things easier to read. Unfortunately, what they forgot to mention is that the pictures should actually be part of the message or at least tangentially related. Take for instance this post by Joel Spolsky about UI design and alarm clocks. Scattered through the article are pictures of random buildings, including for some unknown reason one with a sign reading “Cemetery for Soldiers’ Dogs”. Wouldn’t pictures of alarm clocks make more sense? What about a frustrated old woman? A sleep deprived man? All these things would actually relate to the content and perhaps enhance the message the post is trying to make. Buildings however only distract from the actual message – particularly quizzical things like a cemetery for soldiers’ dogs.