iOS Safari Enhancement

I have run into an odd issue with iOS Safari on the iPad recently. In the current application I am working on, we have a list of items that can be dragged and dropped on the page. This works great with the mouse. However, I run into issues when I start throwing the touchstart, touchmove, and touchend events in.

The Problem

When a user starts to move their finger around on the iPad, normally this will cause the iPad to “pan” the window around (assuming there is area to scroll). Let’s say the page is long, though, so the window can scroll down.

Apple does not trigger any javascript events for this pan (see the document here). The window just scrolls around. However, if the user happens to touch on an item that is capturing events, one of two things can happen:

1. The touchmove event returns false (or calls preventDefault), in which case the window will not scroll up or down ever when a user swipes on one of those items.

2. The touchemove returns true, in which case the window may scroll up or down with, but if you are “dragging” the item, that will scroll as well.

I have created a jsFiddle here to show you what I mean. List 1 prevents the default behavior, whereas List 2 returns true and allows dragging and scrolling.

Neither of these is preferable.

The Solution

The issue is that I think iOS needs to provide a way of canceling the default pan behavior that a user initiates. I have opened up a bug report with Apple, so I will keep this article posted to in case of any update. Let’s hope they do.

I’m not sure why there really isn’t any way to control (from the browser) at least a way to cancel this event.

From a psuedo-code perspective, what I would like to do, is allow the user to scroll (pan) around the screen as long as the touch-and-hold event is less than say 500ms. In that case, I will return true (but I won’t move the dragged item). After 500ms, though, if the user is still moving around, I would cancel the scroll (pan) event, and then move the dragged item around.

Anyway, for now, we are making a small grab region on the item. However, I think it would be nice to fix this in the future.

How support has made me a better developer

Support… Sometimes it can feel like a fruitless job on the team. After all, as this blogger points out, you are essentially the customer service representative for the team. Customer service employees, however, not only deal with the compliments, they also deal with the bitter complaints as well. For this reason, I think developing solid, bullet-proof code is one of the best ways to ensure your team members spend more time developing, and less time putting out fires.

Things that have made me a better developer

A support role can not only improve your customer service skills, but I think it can also make you a better developer. Here are a few things I’ve learned over from my time doing support work.

Data sucks… Deal with it

Assume that any and all data sucks. Bad data is probably the number one cause of an incident to happen in production. Make sure that your code can deal with it.

Any time you are using an element that is passed in, make sure you are careful when using that object. For example, if you are calling a getter on an object that was passed into the method, make sure you check to see if that object is null before you call the getter.

Also, you think you got a web service response that matches a list of enums you have. Nope. You don’t. At some point, the service is going to add an enum. Are you prepared for that?

Log your data

Log any state information you might have about the current running thread. I cannot emphasize this enough. If you are using log files, and for many you probably are, log your state information. Often times, I see somebody throwing an exception where they could just log some informational data.

For example, if a user is selecting a book from a list of books, that would be a good time to state:

[INFO] [2014-12-23 04:34:34] [<session id>] Book1 has been selected by user1234

Another good thing I like to implement is a session logging feature. If it is a web application, I use Servlet Filters to inject a session ID into log4j. Take a look at log4j’s MDC feature for how that can work. Once you do that, any log message will have our session id (see above).

Code readability

Who cares if your code isn’t properly indented on a couple of lines? Right? Wrong. As a support person, I need to be able to read your code. If it’s unreadable, there’s a good chance I will not only get a headache, but that I will also miss something. Plus, in general, if you are sloppy about indentation, it just makes me wonder what other things in your code are sloppy as well.

Who cares if it’s not documented very well? Right? Wrong. Again, if you can’t document what your code does, then how are you writing it in the first place?


In conclusion, hopefully these things I have learned will help others improve there developer skills as much as they have helped me improve mine. In the brighter future, I see things like Akka and its Mailboxes feature being a great help for supporting applications, but I still feel like these few tiny bullet points will be important no matter what.

Angular and Node

Angular Bower GruntLately, I started playing around with Node.js and Yeoman to create an Angular.js application that used Bower for dependency management.

I really love this package. The setup is nice and easy, and I can have a new application up and running in minutes. Also, I love that Grunt.js will allow me to run a server to test out the application.

My next step is to get one of my old projects updated to this new tech stack. I plan to use MongoDB as a back end database as well. The coolest thing about this setup is that the JSON from the front end can go right into the database with little to no transformation at all.

Front-end application development just got a whole lot easier. Now, if only browsers could render HTML and CSS the same way, life would be grand.

XSS Sanitizer Plugin (v0.2) released

Well, after shamefully waiting over a year to do any kind of updates to this plugin, I’ve finally made some changes and merged in pull requests from others.

Next steps are going to be fix some of the issues. Some great suggestions have come up in the Issues area on Github. In fact, I plan on releasing a patch later today.

I chose version 0.2 after some long debate with myself (Hello, me). I don’t really want to call this a 1.0 release quite yet. I think some things like not being able to override the file as well as not enough unit tests make this still a beta plugin. I’d love to know if others are using it, too. If so, and people are having success, then maybe a 1.0 release is in order. Until then, there’s still some work left to do.

Apple iPhone 5s Thumbprint Scanner

Not to gripe about an obvious issue, but I’m as equally unimpressed with the thumbprint scanner on the new Apple iPhone 5s as I am impressed.

I’m impressed when it works. I think “Wow! That is cool.”

However, the scanner seems to only work about 50% of the time for me.

I’ve added my thumbprint numerous times in the settings. And at first, it works great. After some time, though, it starts to degrade.

I think there’s two problems, though. First, I live in a cold climate and my hands get very dry in the winter time. If I look at my finger tips, the skin is dry and flakey. I think this starts to confuse the scanner (not surprisingly).

Second, I think if any kind of oily residue starts to build up on the scanner, it will stop working. I still need to test this, but right now, my fingers are too dry to do so.

Anyway, cool idea. Very useful. It would be nice if it were more reliable, though. Maybe Apple needs more beta testers in the Minnesota, though. 🙂

How to fix Parallels Desktop from hanging on startup

Recently, Parallels Desktop did not shut down correctly for me. When I went to start it back up, it just sat there with a spinning wheel, and a message saying “suspending.”

I did finally resolve the issue. Here’s how I did it.

1) Quit Parallels.

2) Open up the Activity Monitor. On a Mac, this is Utilities > Activity Monitor.

3) In the list of processes, look for one named “prl_vm_app”. Select it.

4) Click the Quit Process button in the upper left. Choose to Force Quit at the prompt.

You should be able to start up Parallels Desktop again.

Removing a Stripped Stainless Steel Screw

Well, if you made the mistake of putting decking down with stainless steel screws like I did, you may have run into this issue before. Either you didn’t drill a decent pilot hole, or it was getting to be too hot, and you were in a rush, it doesn’t matter. The bottom line is that you now have a completely stripped stainless steel screw head staring you right in the face.

After giving up with the hacksaw (because I realized that would just leave a dead screw in the wood, I decided to use an old flathead screwdriver bit. I held the bit on the head of the screw and pounded it into the screw a few times with a hammer.

After the bit was into the screw, I slowly turned it out.

Stainless steel screw head


I finally built a sandbox for the kids (just in time for winter, right?). I’ve been meaning to all summer, and planned to do it as soon as our landscaping was done in the back yard.

It took longer than I thought to finish up the landscaping, and after that, there were a few other more pressing projects. But, the bottom line is that it’s done.

I got the plans from the Home Depot website. It cost about $85 for the materials, which I realize is complete overkill for a sandbox. However, I wanted to have at least one thing in the back yard that wasn’t a plastic monstrosity, even if they only use it a few times.

Actually, I’m sure it will be worth it. The kids love to play in the sand. Anyway, here are some pictures of the process.

Prepping the base

Building walls

Adding pavers for edging

Fixed bench



XSS Sanitizer Grails Plugin

Well, earlier this week I published my first Grails plugin. I’m hoping that people will find it useful to add a general security plugin to parse out, and prevent XSS attacks on their website. It’s a long way from being done, but I think it’s a good start.

It uses OWASP’s ESAPI to strip out any unwanted script, iframe, and img tags that come in on the request. It also has the added benefit of doing this in a Java filter (in case you access the request via the HttpRequest) and the Grails “params” attribute.

Next steps are to write tests for each of the potential hacks on to make sure they all pass. Plus, in my opinion, this is just a general replace of all values. There are potentially times when you might want to submit something that falls into one of these categories, and you feel that it’s safe to not have to filter it. So, I’d like to allow users to be able to annotate methods to allow/disallow the filter to run give a certain action.

Here’s a link to the source code:

If you would like to install it, just type:

grails install-plugin xss-sanitizer

If you are interested in contributing, please let me know. I’d love to have some collaboration.


While visiting Pennsylvania recently, we found little salamanders like this one. They were a nice, bright orange.

We were just outside the Allegheny National Forest.

pennsylvania chameleon

Pennsylvanian Salamander

Post Navigation