Marking GIFs as Favorites4:31 with Chris Ramacciotti
This video presents a code challenge of using all of your experience gained so far in Spring and Hibernate to implement the feature of marking and unmarking GIFs as favorites.
Git Command to Sync Your Code to the Start of this Video
git checkout -f s5v10
Using Github With This Course
You can complete this course entirely using code created by you on your local machine. However, if you choose to use the code I've made available to you, you have two options:
- Use the project files linked at the bottom of this page, or
- Use the Github repository I've made available (recommended)
If you choose the recommended option of using the Github repository, it can be found at
To utilize Github with this course, you can download the Github desktop client for your system or use the command line interface provided with Git.
Clone this repository to your machine using the Github desktop client, or using the following command:
git clone email@example.com:treehouse/giflib-hibernate.git
To update your local repository to match a video's starting point, you can use the
git checkout command in combination with the stage and video number. For example, to update your local repository to match the starting point of Stage 5, Video 4, you'd use the following:
git checkout -f s5v4
Notice the use of the -f option. This forces Git to override all local changes, so be aware: this will cause any changes you made to be lost.
Common Web App Attacks
We've come to the final feature we'll be implementing in this application. 0:00 And that is the marking and unmarking of GIFs as favorites. 0:03 It's important to note here that since our app doesn't have a user login capability, 0:07 that for now these will be global favorites. 0:11 And because you're having so 0:15 much fun with these coding challenges, I have one final challenge for you. 0:16 Implement this feature on your own. 0:21 Yep, that's right. 0:23 Really, this feature is all about adding the proper post form markup to 0:25 anywhere a GIF is displayed, as well as including a controller method to mark and 0:29 unmarked GIFs as favorites. 0:33 And you can redirect to another page, 0:36 like maybe the GIFs individual page after marking it as a favorite. 0:37 So, for one final time during this course, ready, set, code baby code! 0:42 Okay, for the markup you possibly already noticed the form was in the template for 0:50 you, in both the details and the index view for GIF entities. 0:54 Here is the form for the detail page, 0:59 it's got the th:action attribute with all the concatenation in place. 1:01 As well as a post method. 1:06 And the same for index. 1:08 Right here, we've got th:action and we've got the method as post. 1:11 And the URI looks good here as well. 1:16 Now let's move to the GIF controller to see how that toggle favorite method looks. 1:20 In this controllers favorite method I fetch the gifId 1:27 using the services findById method. 1:30 I had access to the gifId from the controller parameter here 1:33 that we captured by the URI path. 1:38 Now after I fetch this GIF entity in this line, 1:41 I use this service method here called toggleFavorite. 1:45 Now this service method didn't exist before, but 1:50 it seemed like something that was inherent enough to our application 1:53 that it would be useful to have in our service layer. 1:56 Not only for our web user interface here, but maybe for 1:59 a future API that's powered by the same service layer. 2:03 I didn't stick this in the Dao, though. 2:07 Because the Dao layer already accommodates the entity update as much as it needs to. 2:09 So I created a toggle favorite method in the service interface. 2:15 Let me open the GIF service. 2:19 Looks like I already have it open and right there. 2:23 So here is the toggle favorite method that I created in the gif service interface and 2:25 then if I flip to the implementation it's a fairly quick method. 2:30 So I take the GIF entity that I received as a parameter value and 2:34 I invert whatever comes back for the isFavorite method. 2:38 So I take the Boolean value if it's true, this will negate it to false. 2:44 And if it was false it will negate it to true. 2:49 And after I have flipped that value, that favorite field, I save that using the Dao. 2:52 Now back in the controller, another thing that I threw in here just to demonstrate 2:59 what you have access to is the HttpServletRequest. 3:03 If you throw this in as a parameter to a controller method, 3:08 it exposes all sorts of stuff related to the HTTP request including 3:13 all of its headers that you recall from the HTTP basics course. 3:17 One of the headers it exposes is what's called the referer header here. 3:23 Check the teachers notes for the misspelling on this. 3:29 This is actually the correct use. 3:31 Now this referer header allows you to see what URL the user or request or 3:34 was on when the HTTP request was made. 3:39 In essence, it allows us to see where this request came from. 3:42 So that in our case, I can send the browser right back there for the redirect. 3:45 And I did this because a user might mark a GIF as a favorite from the detail or 3:50 from the index view and this takes the browser back to wherever it came from. 3:54 Now word of warning about this and I do want to be clear about this warning. 3:59 Using a client specified value can be dangerous. 4:04 If the user's browser is compromised, 4:09 malicious software could set the referer to a malicious site. 4:12 And suddenly our application sends the user into a danger zone 4:17 simply when they mark or unmark a GIF as a favorite. 4:21 So be careful. 4:25 And again check the teacher's notes for common web application vulnerabilities. 4:27
You need to sign up for Treehouse in order to download course files.Sign up