Blog(RSS)

Building a Semantic Recommendation Engine: the Sequel

by Michael Malgeri
Use social media to improve recommendations

Postman Test Scripting with XML

by Bob Starbird
As a MarkLogic developer, I often use Postman to send requests to the MarkLogic server. MarkLogic Server can fit into an architecture in a variety of ways. One way is as an Operational Data Hub. As an ODH it receives data from many data sources and stores them in a single accessible hub. MarkLogic's multi-model databases leverage the inherent structure of the data being stored. It provides native storage for JSON, XML, RDF, geospatial, and large binaries so it can easily consume and produce both JSON and XML. When integrating data from silos, the source data format can be preserved or transformed. Often these services are exposed as REST endpoints for an application tier. In order to test these services I often use Postman. I had been working with Postman interactively testing endpoints with individual requests and getting responses. The new Postman app also supports collections of tests that can be run as a suite. I needed to test the web services of an application with REST endpoints and X ...

Query Isolation Process

by Tyler Replogle
You know something is running slowly on MarkLogic, but you are not sure what is running slow or what to do about it. This blog post should help you through the first steps of fixing a performance issue, by isolating the query or set of queries that are the problem.

CSRF Attack Application Protection

by Scott Brooks
Cross-site scripting attacks are becoming more and more popular amongst hackers. According to the annual OWASP Foundation Top 10 report XSS (Cross-site scripting) and CSRF (Cross-site request forgery) attacks both remain in the high on this list (#3 & #6). Since cybercrime is on the rise, it is imperative for organizations to secure their web applications from these types of attacks. What is CSRF? OWASP CSRF definition: CSRF is a type of attack that occurs when a malicious web site, email, blog, instant message, or program causes a user’s web browser to perform an unwanted action on a trusted site for which the user is currently authenticated. The impact of a successful CSRF attack is limited to the capabilities exposed by the vulnerable application. For example, this attack could result in a transfer of funds, changing a password, or purchasing an item in the user's context. In effect, CSRF attacks are used by an attacker to make a target system perform a function via the target's brows ...

How to Find and Control Access to PII

by Caio Milani
How do you find and control access to Personally Identifiable Information and sensitive information in a MarkLogic database?