EMY

[Rune Back]

- What if my app uses a lot of local data, let's say 10 or 10s of Mb. Any suggestions of a database to use so that my app won't be slowed down?

- Everyone is used to pushing a button in order to download and install an app. How do I make an hml5 app downloadable that way?

- How reliable are the scramble programs on the market? - My app conists of around 250Kb JavaScript. Even though I myself get lost at times in the code, I would like to scramble both the code and the data.

- Let's say I have this function:

function init_ldb(fName) {

if (fName=="job") theLdbData = localStorage.jobs

else if (storageName=="cust") theLdbData = localStorage.customers

  else if (storageName=="prod") theLdbData = localStorage.products

   else ....

// ...

}

Is there any way of simplying this kind of like this:

function init_ldb(fName) {

theLdbData = localStorage.fName

// ...

}

​Appreciating any help.​

[Remi Grumeau]

Hi Rune,

If you have dozens of Mb of datas, then LocalStorage is a dead end. It has been designed to be a local cookie (aka not available server-side, so not sent in every http request). So just to store a string or two (username, json string of params, ...), not megabytes of text.

IndexedDb is the (only) right way to go. It’s a totally crappy over-engineered noSql beast, but that’s the only option we have nowdays...

Longer answer here : https://softwareengineering.stackexchange.com/a/219964

The install prompt is a new spec only available on Google Chrome. It uses a web manifest json file to do it. Then all the rest that makes a “progressive webapp” (PWA) is a set of new html5 features like service workers, push api, ...

For Safari (iOS), standalone mode still exists, but you have to implement this “add to homescreen” prompt yourself.

Scramblers? Are you looking for a way to minimize your JS/CSS file size or to really encrypt them?

What about eval() ? It’s pretty unpopular those days but surely doing the job.

Or you can just call localStorage as an array.

function init_ldb(fname){

  return (fname!=“”)?localStorage[fname].toString():null;

}

But then, “fname” must match your localStorage object name (customers, products, jobs,...)

Remi

--
You received this message because you are subscribed to the Google Groups "iPhoneWebDev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to iphonewebdev...@googlegroups.com.
To post to this group, send email to iphone...@googlegroups.com.
Visit this group at https://groups.google.com/group/iphonewebdev.
For more options, visit https://groups.google.com/d/optout.

[Rune Back]

Thank you, Remi!​

If you have dozens of Mb of datas, then LocalStorage is a dead end. It has been designed to be a local cookie (aka not available server-side, so not sent in every http request). So just to store a string or two (username, json string of params, ...), not megabytes of text.

IndexedDb is the (only) right way to go. It’s a totally crappy over-engineered noSql beast, but that’s the only option we have nowdays...

Longer answer here : https://softwareengineering.stackexchange.com/a/219964

​I've got Kb:s in my LDB now and no problem so far.​ - ​I couple of years ago I stumbled somewhere over a code of a simple local database, but I can't find it anymore.

The install prompt is a new spec only available on Google Chrome. It uses a web manifest json file to do it. Then all the rest that makes a “progressive webapp” (PWA) is a set of new html5 features like service workers, push api, ...

For Safari (iOS), standalone mode still exists, but you have to implement this “add to homescreen” prompt yourself.

​We need to find a better way - really easy for the user.

​

Scramblers? Are you looking for a way to minimize your JS/CSS file size or to really encrypt them?

​Encryption. Encyption of especially the code but also the database.

​

What about eval() ? It’s pretty unpopular those days but surely doing the job.

Or you can just call localStorage as an array.

function init_ldb(fname){

  return (fname!=“”)?localStorage[fname].toString():null;

}

But then, “fname” must match your localStorage object name (customers, products, jobs,...)

​Hmmmm... interesting...great! I'll try that.

I handle the LDBs a strings, and then split them with ("fileEnd" in the communication with the server) "postEnd" and "fieldEnd". Getting them back into one string for each data file is a peace of cake.

Another question.

I use GET or POST in the communication between the app and the server. It happens that the server points out that my URL is too long (I don't remember if it is using GET or POST or both). This happens particularly when I have a report (it may consist of several pages) in my app​ and want to send it (via the server) to my email box. (As soon as I get the info to the server I have a

​ ​

simple 

php script that takes care of the emailing.)

Any suggestions?

thanks,

Rune

[Remi Grumeau]

​I've got Kb:s in my LDB now and no problem so far.​ - ​I couple of years ago I stumbled somewhere over a code of a simple local database, but I can't find it anymore.

Less than a Mb you should be fine.

Mozilla LocalForage ?

The install prompt is a new spec only available on Google Chrome. It uses a web manifest json file to do it. Then all the rest that makes a “progressive webapp” (PWA) is a set of new html5 features like service workers, push api, ...

For Safari (iOS), standalone mode still exists, but you have to implement this “add to homescreen” prompt yourself.

​We need to find a better way - really easy for the user.

Chrome’s Web Manifest is the easiest way to go then. You need https for that btw.

​

Scramblers? Are you looking for a way to minimize your JS/CSS file size or to really encrypt them?

​Encryption. Encyption of especially the code but also the database.

Code & data encryption is two very different things. First should rely to some serverside mechanisms. Second is something you should code. Basic way is to encrypt & decrypt based on user´s credentials. This means at some point you need a login screen.

Note that both will come with some performance cost.

​

What about eval() ? It’s pretty unpopular those days but surely doing the job.

Or you can just call localStorage as an array.

function init_ldb(fname){

  return (fname!=“”)?localStorage[fname].toString():null;

}

But then, “fname” must match your localStorage object name (customers, products, jobs,...)

​Hmmmm... interesting...great! I'll try that.

I handle the LDBs a strings, and then split them with ("fileEnd" in the communication with the server) "postEnd" and "fieldEnd". Getting them back into one string for each data file is a peace of cake.

Not sure i get it but if this works for you, fine :)

Another question.

I use GET or POST in the communication between the app and the server. It happens that the server points out that my URL is too long (I don't remember if it is using GET or POST or both). This happens particularly when I have a report (it may consist of several pages) in my app​ and want to send it (via the server) to my email box. (As soon as I get the info to the server I have a

​ ​

simple 

php script that takes care of the emailing.)

Any suggestions?

No limitations on POST except server side conf. Mostly 2mb by default btw. 

You should definitely use POST anytime.

A GET request will hit the 2kb limitation, with other issues like special chars encoding, req cache & others...

Remi

[Rune Back]

Remi!

​I've got Kb:s in my LDB now and no problem so far.​ - ​I couple of years ago I stumbled somewhere over a code of a simple local database, but I can't find it anymore.

Less than a Mb you should be fine.

​Great! - I had been wondering/worring about what would happen with the LBD ​growing and when the customer would be reaching the limit. I can check that it won't grow bigger than ex. 1Mb and then start sending the rest to the server to be stored, no problem, but it would be too easy, too dull and wouldn't react to devices that are getting bigger, more intelligent and faster for each year. - What if I would check how long a time it takes to read/write a file in the LDB? It should be possible? Measuring the responce time in 1/1000 secs??

 

Mozilla LocalForage ?

​Don't know. I'll look into it... maybe... if I haven't already found the solution.:)

​

The install prompt is a new spec only available on Google Chrome. It uses a web manifest json file to do it. Then all the rest that makes a “progressive webapp” (PWA) is a set of new html5 features like service workers, push api, ...

For Safari (iOS), standalone mode still exists, but you have to implement this “add to homescreen” prompt yourself.

​We need to find a better way - really easy for the user.

Chrome’s Web Manifest is the easiest way to go then. You need https for that btw.

​GREAT! (Yea, I found out about the neeed of SSL the hard way.)​

 

Scramblers? Are you looking for a way to minimize your JS/CSS file size or to really encrypt them?

​Encryption. Encyption of especially the code but also the database.

Code & data encryption is two very different things. First should rely to some serverside mechanisms.

​Yes, of course, code and data encryption are different things. - ​

​Google used to have http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js which I used for encrypting the LDB. I think I can find/do something similar and hide it (the key) as well as possible in my code.​

What about Google Closure Compiler (https://developers.google.com/closure/compiler/?csw=1). Any experience of that?

 

Second is something you should code. Basic way is to encrypt & decrypt based on user´s credentials. This means at some point you need a login screen.

​User's credentials? - Do you mean username and password (and 40 alfanumeric user Id which is for internal use only)​?

Login screen? - Yes, I use a login screen. And the user's email address is also verified, since he/she with a click is able to send a report to his/her email address.

 

Note that both will come with some performance cost.

​Great you mention that. I however use the server very little. Insteda I use almost completely the local device.

 

​

What about eval() ? It’s pretty unpopular those days but surely doing the job.

Or you can just call localStorage as an array.

function init_ldb(fname){

  return (fname!=“”)?localStorage[fname].toString():null;

}

But then, “fname” must match your localStorage object name (customers, products, jobs,...)

​Hmmmm... interesting...great! I'll try that.

I handle the LDBs a strings, and then split them with ("fileEnd" in the communication with the server) "postEnd" and "fieldEnd". Getting them back into one string for each data file is a peace of cake.

Not sure i get it but if this works for you, fine :)

​fileEnd, postEnd and fieldEnd are special charachters of your own choice, but you need to ensure that the user can't insert them even by mistake.

​​

Another question.

I use GET or POST in the communication between the app and the server. It happens that the server points out that my URL is too long (I don't remember if it is using GET or POST or both). This happens particularly when I have a report (it may consist of several pages) in my app​ and want to send it (via the server) to my email box. (As soon as I get the info to the server I have a

​ ​

simple 

php script that takes care of the emailing.)

Any suggestions?

No limitations on POST except server side conf. Mostly 2mb by default btw. 

You should definitely use POST anytime.

A GET request will hit the 2kb limitation, with other issues like special chars encoding, req cache & others...

​I use GET when I'm checking the code and afterwards I use POST.​

Thanks a million!

Rune

[Remi Grumeau]

​I've got Kb:s in my LDB now and no problem so far.​ - ​I couple of years ago I stumbled somewhere over a code of a simple local database, but I can't find it anymore.

Less than a Mb you should be fine.

​Great! - I had been wondering/worring about what would happen with the LBD ​growing and when the customer would be reaching the limit. I can check that it won't grow bigger than ex. 1Mb and then start sending the rest to the server to be stored, no problem, but it would be too easy, too dull and wouldn't react to devices that are getting bigger, more intelligent and faster for each year. - What if I would check how long a time it takes to read/write a file in the LDB? It should be possible? Measuring the responce time in 1/1000 secs??

AFAIR localStorage is limited to 5mb per domain name. subdomain excluded.

localStorage is said to be slow, but i never had too much problems with it. Never try to deal with Mb of datas in it btw...

 

 

Mozilla LocalForage ?

​Don't know. I'll look into it... maybe... if I haven't already found the solution.:)

It used to be a solution years ago. Splitting datas into multiple cookies if localStorage wasn't supported for ex.

Not sure it's still revenant nowadays, localStorage is pretty well supported.

 

​

The install prompt is a new spec only available on Google Chrome. It uses a web manifest json file to do it. Then all the rest that makes a “progressive webapp” (PWA) is a set of new html5 features like service workers, push api, ...

For Safari (iOS), standalone mode still exists, but you have to implement this “add to homescreen” prompt yourself.

​We need to find a better way - really easy for the user.

Chrome’s Web Manifest is the easiest way to go then. You need https for that btw.

​GREAT! (Yea, I found out about the neeed of SSL the hard way.)​

Let's Encrypt gives them for free anyway.

Hosting companies like OVH even set them by default on their shared hosting plans btw.

 

Scramblers? Are you looking for a way to minimize your JS/CSS file size or to really encrypt them?

​Encryption. Encyption of especially the code but also the database.

Code & data encryption is two very different things. First should rely to some serverside mechanisms.

​Yes, of course, code and data encryption are different things. - ​

​Google used to have http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js which I used for encrypting the LDB. I think I can find/do something similar and hide it (the key) as well as possible in my code.​ 

What about Google Closure Compiler (https://developers.google.com/closure/compiler/?csw=1). Any experience of that?

Nope.

On first look, this looks like more as a JS Minifier than a real obfuscator. 

Which is fine, but i'm not sure this is really what you are looking for.

 

 

Second is something you should code. Basic way is to encrypt & decrypt based on user´s credentials. This means at some point you need a login screen.

​User's credentials? - Do you mean username and password (and 40 alfanumeric user Id which is for internal use only)​?

Login screen? - Yes, I use a login screen. And the user's email address is also verified, since he/she with a click is able to send a report to his/her email address.

Key should be set by the user on login.

Never stored in your code. If you store the decryption key in the code, then don't bother encrypt data.

ex: https://remi-grumeau.com/lab/cryptojs.html

 

 

Note that both will come with some performance cost.

​Great you mention that. I however use the server very little. Insteda I use almost completely the local device.

I was referring to client side (local) performance :) (and at some point, battery usage).

 

​I use GET when I'm checking the code and afterwards I use POST.​

GET comes with url encoding issues you won't have with POST. POST can also integrate file binary (file upload) GET cannot.

 

Thanks a million!

Rune

You're welcome!

That's what those list are there for :)

Remi

--
You received this message because you are subscribed to the Google Groups "iPhoneWebDev" group.

To unsubscribe from this group and stop receiving emails from it, send an email to iphonewebdev+unsubscribe@googlegroups.com.

[Rune Back]

Hi again! 

​​

Key should be set by the user on login.

Never stored in your code. If you store the decryption key in the code, then don't bother encrypt data.

​This rose a lot of questions, until I checked your link below. (I haven't checked the code as yet.) So you use the password as the key AND you don't store the password locally, at least not locally. - Right?

​

 

ex: https://remi-grumeau.com/lab/cryptojs.html

 

 

Note that both will come with some performance cost.

​Great you mention that. I however use the server very little. Insteda I use almost completely the local device.

I was referring to client side (local) performance :) (and at some point, battery usage).

Thanks for the specification!

​

GET comes with url encoding issues you won't have with POST. POST can also integrate file binary (file upload) GET cannot.

​Interesting. Do you mean I can pass ex spaces as such with POST?​!? (I started out with GET, and found a work around, and never thought of the matter when I changed to POST)

​Regards

Rune​

[Remi Grumeau]

​This rose a lot of questions, until I checked your link below. (I haven't checked the code as yet.) So you use the password as the key AND you don't store the password locally, at least not locally. - Right?

At very worse, you can store a hash of the password locally, and compare this hash with the hash of the submitted password to login offline.

ex: https://remi-grumeau.com/lab/cryptojs.html

 

 

Note that both will come with some performance cost.

​Great you mention that. I however use the server very little. Insteda I use almost completely the local device.

I was referring to client side (local) performance :) (and at some point, battery usage).

Thanks for the specification!

​

GET comes with url encoding issues you won't have with POST. POST can also integrate file binary (file upload) GET cannot.

​Interesting. Do you mean I can pass ex spaces as such with POST?​!? (I started out with GET, and found a work around, and never thought of the matter when I changed to POST)

You can pass whatever you want in both, but GET = url. So a space with be converted to %20 for ex. All server side languages comes with a method to url decode (urldecode() in php). Won’t have those kind of issues with POST.

Remi