Simon Palmer’s blog

December 16, 2008

Firefox, here’s your chance

Filed under: Uncategorized — simonpalmer @ 12:40 pm

Looks like someone has publicly been bold enough to recommend what many of the technorati did a long time ago, namely ditch IE. This news ought to be the final straw for the ubiquitous browser. It has been the Typhoid Mary for the majority of serious viruses and annoying malware attacks that I have had the misfortune to have witnessed over the last few years.

When friends notice that I use Firefox I am aften asked why. I could once dribble on about the Mozilla browser code base being superior, sticking to standards, not trying to impose proprietary things on unsuspecting users, openness and competition, and even once tabbed browsing and a host of little usability features. But at the end I wound up with a very unconvincing it’s just better.

Now I have a better answer.

So Firefox, this is your big chance. It is possible to imagine a scenario where a few corporations say, “look, we are fed up with constantly having to patch users computers with IE security fixes. The automatic updates are a nightmare and are responsible for the gradual slide in to inoperability of Windows itself. Let’s just do one last upgrade over to Firefox and switch IE off for good”.

A couple of those in the press – maybe a public sector institution or two – and suddenly a tide of interest in Firefox will follow.

I’m sure the clever folks at Firefox are way ahead of me, so here’s hoping that they have some canny marketing around this once in a lifetime opportunity. They couldn’t have written a better script for the demise of the incumbent Gorilla.

December 15, 2008

Shirlock Holmes and the case of the broken API

Filed under: Uncategorized — simonpalmer @ 9:43 pm

I’ve been adding integration points between my apps and for the last couple of years and I think that it is cool that you can create mashups with a real piece of a company’s operational infrastructure. There’s no doubt that having their API available publicly across the web affords me some very intriguing opportunities in terms of value added application creation.

And, I have also managed to almost completely remove the need for any Administration interface in my application because I can devolve the data acquisition tasks to my users – even though they aren’t the most patient or technically able crowd. This makes a great story, and a much simpler solution.

I have grand visions of supplanting the entire user experience piece by piece by building it into process driven appealing interfaces that people will enjoy interacting with and are designed to fit in with people’s day to day activity – rather than the reverse. But that’s naked ambition. I’ll get there, but it’ll take me a while.

And meanwhile I have the sticky issue of suddenly being unable to access their API at all through the front door due to a bug which they must have introduced with a recent change to the cross domain security policy they enforce.

My particular situation may be reasonably unique in that I am writing Flex interfaces and hosting them on my own servers, i.e. I am not using the platform, nor visualforce or anything like that, I am standing on my own little planet and relying on then keeping the radio on at their end so I can continue talking to them.

Just recently they changed channels. All of a sudden access to their app from outside stopped working from within my app. After posting on the developer boards (here and here) I spent a frustrating couple of weeks in complete darkness. I even posted on StackOverflow (here and here), but (predictably) didn’t really get what I needed.

So, I dug out my curly pipe, put my deerstalker and cape on and turned detective.  I followed a few of the responders links back to their blogs and posted questions there to see if they would divulge the names of their contacts to me. At the same time I trawled the open source code I use for the Flex / bridge looking for any unsuspecting email addresses embedded in code headers. Sure enough I found some.

After about a week of sending out my messages in bottles, all of a sudden I got lucky and was put in touch with a support engineer and one of the original developers on the flex interface.

From that point on it was just a matter of proving that the issue was not just me being stupid and to create a test case which was reproducible outside my software. Thanks to James Ward’s I could show that me and all my users hadn’t just forgotten our passwords and security tokens in some mass amnesia event, but there genuinely was a problem.

Turns out that they did introduce an issue which means that if you connect to the API through the www front door you will get bounced because it cannot resolve you to your designated server (you have a designated server because they balance traffic load by providing affinity between accounts and servers at their end).

The workround I have had to implement until they fix the issue is to get my users to provide the server that they are attached to. This is a *horrible* thing to ask them to do as it makes me and my software look techy and klunky and if they get it wrong it fails and I look buggy and… sigh. Fortunately all they need to do to get their server is log in to directly and they can see it in their browser address bar, but even so, it is a horrible experience and exactly the opposite of the carefully crafted non-technical image I am trying to present.

As for a fix; now that has acknowledged there is a problem – which they did very graciously, I add – I don’t have a way of tracking it. And I think this is the most frustrating part of all. Unless you are really in the family it is hard to get much traction with them developer to developer. I think that if they really want their platform to take off they are going to have to move a long way towards the immediacy that you get from an open source developers forum trying to do the same thing.

Actually, at the end of the day, I think that they are likely to fail in their aspirations to make the platform the operating system of the enterprise web future precisely because they are not culturally disposed to the mindset of openness and freedom that is relied upon by developers.  And that will turn developers off. Until that changes they’ll remain an expensive clique.

As for me tracking my issue, I am supposed to contact my partner representative (a person I have never had any contact with and from the spam I get has changed 9 times since I started working with their API) and get a tracking number. It would have been a lot easier for me if the support person I was talking to could have done that, but hey, that’s all part of what have to learn before they get it right.

Meanwhile I check daily in case they have done it yet.

Try it yourself if you have a account, I have posted details and instructions here.

Blog at