Articles : Page 1 of 3
-
Wishful Thinking: Why can't HTML fix Script Attacks at the Source?
Apr 1215The Web can be an evil place, especially if you're a Web Developer blissfully unaware of Cross Site Script Attacks (XSS). Even if you are aware of XSS in all of its insidious forms, it's extremely complex to deal with all the issues if you're taking user input and you're actually allowing users to post raw HTML into an application. I'm dealing with this again today in a Web application where legacy data contains raw HTML that has to be displayed and users ask for the ability to use raw HTML as...
-
Using the HTML5 <input type="file" multiple="multiple"> Tag in ASP.NET
Mar 1206Per HTML5 spec the <input type="file" /> tag allows for multiple files to be picked from a single File upload button. This is actually a very subtle change that's very useful as it makes it much easier to send multiple files to the server without using complex uploader controls. Please understand though, that even though you can send multiple files using the <input type="file" /> tag, the process of how those files are sent hasn't really changed - there's still no progress information or oth...
-
Introducing Wijmo, a feature-packed jQueryUI based widget library
Feb 1229Lately I have been evaluating a few JavaScript based UI libraries for both my projects at work and to use for a new version of the bike climbs site called 39x27.com: it was quite nice to see that almost all component vendors are now embracing, some more than others, JavaScript together with the more traditional Web Controls for ASP.NET Web Forms. In this post I’m going to briefly cover the reasons why I ended up choosing Wijmo, and then I’m giving a quick introduction on the set of widgets ...
-
TechDays Belgium 2012: a look at interesting sessions
Jan 1231TechDays 2012 Belgium is just 2 weeks away, and it’s time to have a look at the agenda and decide which of the sessions to attend. My highlights are: A Look at ASP.NET MVC 4 - Scott Guthrie MVVM Applied: From Silverlight to Windows Phone to Windows 8 - Laurent Bugnion SignalR. Code, not toothpaste - Maarten Balliauw Building rich Single Page Applications (SPAs) for desktop, mobile, and tablet with ASP.NET MVC 4 - Steve Sanderson But filling in all the slots was a tough decision, esp...
-
Changing the default HTML Templates to HTML5 in Visual Studio
Dec 1123If you're using Visual Studio 2010 to create Web applications, you probably have found out that the default Web templates for ASP.NET Web Forms and Master pages and plain HTML pages all create HTML 4 XHTML headers like this: <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="$fileinputname$.aspx.cs" Inherits="$rootnamespace$.$classname$" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w...
-
UGIALT.net conf sessions are published
Dec 1111The voting for the UGIALT.net conference just ended, and just in time for the opening of the registration at noon we published, on the new web site the list of the 19 sessions chosen by the more than 180 voters: Perché a fare i preventivi facciamo così schifo? (Cristiano Rastelli) DDD Brutto Sporco e Cattivo (Alberto Brandolini) Organize your chickens: NuGet for the enterprise (Xavier Decoster) SignalR. Code, not toothpaste. Using SignalR for realtime client/server communication (Maarten ...
-
New ASP.NET website launched
Dec 1102A few weeks ago we introduced a beta of a freshly designed http://asp.net website. Today we launched it. Jon, myself, and the team that manages the site took lots of your feedback (lots from the comments of the Beta Blog Post) and did our best to incorporate as much as we could. This is just the start, and we've got lots of plans for the future including responsive design, more text content, localization, more HTML 5, HD Video, closed captioning and lots more. It is a big site with a thousa...
-
Scott Hanselman's 2011 Ultimate Developer and Power Users Tool List for Windows
Dec 1101Everyone collects utilities, and most folks have a list of a few that they feel are indispensable. Here's mine. Each has a distinct purpose, and I probably touch each at least a few times a week. For me, util means utilitarian and it means don't clutter my tray. If it saves me time, and seamlessly integrates with my life, it's the bomb. Many/most are free some aren't. Those that aren't free are very likely worth your 30-day trial, and perhaps your money. Here are most of the contents of my ...
-
Techniques for real-time client-server communication on the web (SignalR to the rescue)
Nov 1129When building web applications, you often face the fact that HTTP, the foundation of the web, is a request/response protocol. A client issues a request, a server handles this request and sends back a response. All the time, with no relation between the first request and subsequent requests. Also, since its request-based, there is no way to send messages from the server to the client without having the client create a request first. Today users expect that in their projects, sorry, experience...
-
Modernizr.js
Oct 1106Modernizr.js is a little library that will help "modernize" old browsers. As an example, let's say you create a new ASP.NET MVC 3 application with the "Use HTML 5 semantic markup" checkbox selected. If you peek into the layout view for the app, you'll find the following markup: <nav> <ul id="menu"> <li>@Html.ActionLink("Home", "Index", "Home")</li> <li>@Html.ActionLink("About", "About", "Home")</li> </ul> </nav> The nav element represents a section with navigation links, and is a new e...
