tag:blogger.com,1999:blog-21122514.post7382250739746475033..comments2024-03-23T11:05:13.046+01:00Comments on Dimitri Gielis Blog (Oracle Application Express - APEX): Please, use HTTPS for your APEX appsDimitri Gielishttp://www.blogger.com/profile/16295721159626839167noreply@blogger.comBlogger14125tag:blogger.com,1999:blog-21122514.post-19472910308582613252022-03-25T03:07:44.481+01:002022-03-25T03:07:44.481+01:00I am using APEX 5.1.4, ORDS and TOMCAT, still i do...I am using APEX 5.1.4, ORDS and TOMCAT, still i don't understand how to get HTTPS ?Fahdhttps://www.blogger.com/profile/07830276367604018761noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-85194886133127379112021-12-22T11:14:30.124+01:002021-12-22T11:14:30.124+01:00Very interesting article.Very interesting article.Roger Adamshttps://www.deyaarpm.com/en/noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-90991878050334942182021-08-30T05:42:25.140+02:002021-08-30T05:42:25.140+02:00Hi Dimittri,
How do we config ords for multiple-d...Hi Dimittri,<br /><br />How do we config ords for multiple-domain with letsencrypt?thanhtu88https://www.blogger.com/profile/12197208218058239914noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-75239778554143282412021-03-01T13:45:07.426+01:002021-03-01T13:45:07.426+01:00Great post - thank you.Great post - thank you.Driven propertyhttps://www.drivenproperties.ae/noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-35486921320482589672018-04-03T17:30:07.130+02:002018-04-03T17:30:07.130+02:00Hi Tolis,
You would need to put the file on your ...Hi Tolis,<br /><br />You would need to put the file on your webserver.<br />And then in your page you reference the file on the webserver.<br /><br />Hope that helps,<br />DimitriDimitri Gielishttps://www.blogger.com/profile/16295721159626839167noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-82564048878882896792018-03-29T20:03:59.979+02:002018-03-29T20:03:59.979+02:00Hello,
I was wondering how can we implement the s...Hello,<br /><br />I was wondering how can we implement the service worker in an APEX application. Where should we upload the service-worker.js file and what scope should we give in the JavaScript function at the registration of the worker.<br /><br />Thanks a lot!<br /><br />Regards,<br />Tolis.Tolis I.https://www.blogger.com/profile/17370128364899737853noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-17750163747507539622018-03-29T20:01:36.034+02:002018-03-29T20:01:36.034+02:00Hello,
I was wondering how can someone add a servi...Hello,<br />I was wondering how can someone add a service worker in an APEX application. I tried to implement them by uploading the service worker .js file in Static Workspace Files and adding the service worker registration code by referencing the .js file with #WORKSPACE_IMAGES#service-worker.js and set the scope at './#WORKSPACE_IMAGES#' but it didn't work. I get a 404 error saying that the resource file couldn't be found. How can we implement the service worker in APEX?<br /><br />Thanks a lot!Tolis I.https://www.blogger.com/profile/17370128364899737853noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-6609234102412781972018-01-10T11:15:46.806+01:002018-01-10T11:15:46.806+01:00Hi but it is working with the apex listener ?
I ha...Hi but it is working with the apex listener ?<br />I have apex 5 on 12g with a apex lister<br />regards SteffenAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-21122514.post-6440954998303622692016-07-18T16:05:08.779+02:002016-07-18T16:05:08.779+02:00Great post - thank you. Off to investigate LetsEnc...Great post - thank you. Off to investigate LetsEncrypt...Karenhttps://www.blogger.com/profile/10849355472384661874noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-55330603149524539912016-05-31T07:32:58.887+02:002016-05-31T07:32:58.887+02:00Great article.
A couple years ago I bought an SSL...Great article.<br /><br />A couple years ago I bought an SSL cert to protect my domain, and in order to use it I had to change all my subdomains (e.g. app1.jk64.com) into paths underneath the main domain (e.g. jk64.com/app1).<br /><br />With LetsEncrypt, I can now serve all my clients on whatever domain they want - whether app1.jk64.com or app1.clientsdomain.org or whatever.Jeffrey Kemphttps://www.blogger.com/profile/04255101699328756710noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-65783108525706144672016-05-26T18:10:37.081+02:002016-05-26T18:10:37.081+02:00This is an APEX based public website with green HT...This is an APEX based public website with green HTTPS bar. <br /><a href="https://famproperties.com/" rel="nofollow"> famproperties.com </a>Apex Workhttps://www.blogger.com/profile/05784747504353176367noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-47070794176050948612016-05-26T13:39:06.991+02:002016-05-26T13:39:06.991+02:00Hi Tim,
Thanks for the comment and addition.
May...Hi Tim,<br /><br />Thanks for the comment and addition.<br /><br />Maybe the title of the post is confusing; what I meant is make sure you do HTTPS regardless where you configure SSL when exposing your APEX apps. I didn't go into the architectural part and as you describe, you have choices there.<br />In fact my architecture for the sites I listed in the post all are fronted with an Apache Reverse proxy and some even with another load balancer. So it's Load Balancer (optional) - Apache Reverse Proxy - Tomcat/ORDS - DB :)<br />(see also http://dgielis.blogspot.be/2015/01/preparing-architecture-for-apex-50.html)<br /><br />Thanks again,<br />Dimitri<br />Dimitri Gielishttps://www.blogger.com/profile/16295721159626839167noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-54093156174813936272016-05-26T10:14:09.778+02:002016-05-26T10:14:09.778+02:00The chances are you are going to front your produc...The chances are you are going to front your production application with a reverse proxy or load balancer (which provides reverse proxy functionality). When I say "reverse proxy" in the following sentences, I mean "reverse proxy or load balancer". In both cases, these can provide your SSL termination, so this gives you a couple of options. <br /><br />1) Don't bother encrypting APEX. Interaction between the client and reverse proxy is encrypted, but internal communication between your reverse proxy and APEX is not encrypted. The reverse proxy is providing your SSL termination.<br /><br />2) Encrypt APEX. Still do your main SSL termination at the reverse proxy, then re-encrypt so the internal comms between the reverse proxy and APEX is encrypted.<br /><br />By choice, I would never make an app server publicly accessible. Your typical load balancer can cope with massive throughput of traffic. They usually have full proxy capabilities. What's more, they can help protect against attacks (including DDoS) in a number of ways. Exposing something like WebLogic, Tomcat to the world is a disaster waiting to happen. :)<br /><br />Cheers<br /><br />Tim...Tim...https://www.blogger.com/profile/17721555946005999179noreply@blogger.comtag:blogger.com,1999:blog-21122514.post-59376804434438381402016-05-26T01:12:29.071+02:002016-05-26T01:12:29.071+02:00Great post. I didn't know about letsencrypt. I...Great post. I didn't know about letsencrypt. I'll definitely check it out.Anonymousnoreply@blogger.com