Articles : Page 1 of 2
-
Wishful Thinking: Why can't HTML fix Script Attacks at the Source?
Apr 1215The Web can be an evil place, especially if you're a Web Developer blissfully unaware of Cross Site Script Attacks (XSS). Even if you are aware of XSS in all of its insidious forms, it's extremely complex to deal with all the issues if you're taking user input and you're actually allowing users to post raw HTML into an application. I'm dealing with this again today in a Web application where legacy data contains raw HTML that has to be displayed and users ask for the ability to use raw HTML as...
-
Using the HTML5 <input type="file" multiple="multiple"> Tag in ASP.NET
Mar 1206Per HTML5 spec the <input type="file" /> tag allows for multiple files to be picked from a single File upload button. This is actually a very subtle change that's very useful as it makes it much easier to send multiple files to the server without using complex uploader controls. Please understand though, that even though you can send multiple files using the <input type="file" /> tag, the process of how those files are sent hasn't really changed - there's still no progress information or oth...
-
Scott Hanselman's 2011 Ultimate Developer and Power Users Tool List for Windows
Dec 1101Everyone collects utilities, and most folks have a list of a few that they feel are indispensable. Here's mine. Each has a distinct purpose, and I probably touch each at least a few times a week. For me, util means utilitarian and it means don't clutter my tray. If it saves me time, and seamlessly integrates with my life, it's the bomb. Many/most are free some aren't. Those that aren't free are very likely worth your 30-day trial, and perhaps your money. Here are most of the contents of my ...
-
Microsoft dev stack vNext from Build
Sep 1115Unless you are living under a rock, you have probably heard that two days ago, at Build, Microsoft unveiled the new version of Windows, named Windows 8. Windows 8 This is revolutionary both from the consumers’ and developers’ perspectives. The UI is deeply based on the concept of the tiles of Windows Phone 7.5 “mango” and the Metro design language, and the API are now allowing applications to be written either in C#/C++ and the usual .NET/Win32, or using WinRT, basically an Object Oriented v...
-
Summer time learning: Getting started with Node.js
Aug 1131It is now a consolidate tradition for me to publish, during summer time, a list of the books I liked reading or that I bought and are sitting on my shelves (or, lately, more and more on my iPad) waiting to be read. In the last years these lists contained .NET and development methodologies books and web development books (jQuery and JavaScript). The topics of the book in this year’s list are a bit different. There will still be a bit of web development on .NET, but due to the nature of the pr...
-
The history of ASP.NET MVC, so far
Jun 1129This post is a mile high overview of the history of ASP.NET MVC, the features it brought with the various versions and the extensibility points introduced. I am starting to work on both a series of webcasts and articles and I was doing some preparatory work, collecting information on the various features and extensibility points that got into the various (official) releases of ASP.NET MVC, so I thought it could have been useful to share my little summary. There have been 3 major official r...
-
Announcing the Web Standards Update - HTML5 Support for the Visual Studio 2010 Editor
Jun 1115Folks have been asking When will VS2010 support HTML5? I've been saying, jokingly, that the answer is yesterday as there's nothing keeping you from creating HTML5 in Visual Studio or ASP.NET today. However, there's no intellisense and there's lots of squiggly lines that make people uncomfortable. Combine all that with the fact that HTML5 is a moving target, and it's unclear. We've said before that the next version of Visual Studio will have better support HTML5, but what about today? Today,...
-
ASP.NET MVC 3 Tools Update
May 1104Three weeks ago we held our MIX 2011 conference in Las Vegas. MIX is one of my favorite events of the year, and the conference always has a ton of great content and announcements. All of the keynotes and breakout sessions from the event can be watched online for free here. I’ll be doing a few posts in the upcoming weeks that also cover some highlights from it. ASP.NET MVC 3 Tools Update One of the announcements I made in my Day 1 keynote was the release of an ASP.NET MVC 3 Tools Update. Thi...
-
Mix 11 - Web Platform and Tools Keynote Demo Script
Apr 1113It's Day 1 of the Mix 11 conference here in Las Vegas. I work for the Web Platform and Tools (that's ASP.NET, IIS, IIS Media, etc) group and I did the Web Platform demos for Scott Guthrie's part of the keynote. A lot of people in Dev and QA worked hard all year long to make some fun and cool products and as the designated talking head, I had just 16 minutes to make all of them (people + products) look good. I hope I did them all justice. We built a backend and a front end for Rob and my sie...
-
Changing Base Type Of A Razor View
Feb 1121Within a Razor view, you have access to a base set of properties (such as Html, Url, Ajax, etc.) each of which provides methods you can use within the view. For example, in the following view, we use the Html property to access the TextBox method. @Html.TextBox("SomeProperty") Html is a property of type HtmlHelper and there are a large number of useful extension methods that hang off this type, such as TextBox. But where did the Html property come from? It’s a property of System.We...
- 1
- 2
