Articles : Page 1 of 1
-
Wishful Thinking: Why can't HTML fix Script Attacks at the Source?
Apr 1215The Web can be an evil place, especially if you're a Web Developer blissfully unaware of Cross Site Script Attacks (XSS). Even if you are aware of XSS in all of its insidious forms, it's extremely complex to deal with all the issues if you're taking user input and you're actually allowing users to post raw HTML into an application. I'm dealing with this again today in a Web application where legacy data contains raw HTML that has to be displayed and users ask for the ability to use raw HTML as...
-
Rebuilding CoasterBuzz, Part II: Hot data objects
Mar 1219This is the second post, originally from my personal blog, in a series about rebuilding one of my Web sites, which has been around for 12 years. More: Part I: Evolution, and death to WCF After the rush to get moving on stuff, I temporarily lost interest. I went almost two weeks without touching the project, in part because the next thing on my backlog was doing up a bunch of administrative pages. So boring. Unfortunately, because most of the site's content is user-generated, you need some...
-
Using the West Wind Web Toolkit to set up AJAX and REST Services
Nov 1103I frequently get questions about which option to use for creating AJAX and REST backends for ASP.NET applications. There are many solutions out there to do this actually, but when I have a choice - not surprisingly - I fall back to my own tools in the West Wind West Wind Web Toolkit. I've talked a bunch about the 'in-the-box' solutions in the past so for a change in this post I'll talk about the tools that I use in my own and customer applications to handle AJAX and REST based access to servic...
-
NuGet Package of Week #11 - ImageResizer enables clean, clear image resizing in ASP.NET
Oct 1131The Backstory: I was thinking since the NuGet .NET package management site is starting to fill up that I should start looking for gems (no pun intended) in there. You know, really useful stuff that folks might otherwise not find. I'll look for mostly open source projects, ones I think are really useful. I'll look at how they built their NuGet packages, if there's anything interesting about the way the designed the out of the box experience (and anything they could do to make it better) as wel...
-
NuGet Package of Week #11 - ImageResizer enables clean ,clear image resizing in ASP.NET
Oct 1131The Backstory: I was thinking since the NuGet .NET package management site is starting to fill up that I should start looking for gems (no pun intended) in there. You know, really useful stuff that folks might otherwise not find. I'll look for mostly open source projects, ones I think are really useful. I'll look at how they built their NuGet packages, if there's anything interesting about the way the designed the out of the box experience (and anything they could do to make it better) as wel...
-
Web Forms Model Binding Part 3: Updating and Validation (ASP.NET 4.5 Series)
Oct 1131This is the fifth in a series of blog posts I’m doing on ASP.NET 4.5. The next releases of .NET and Visual Studio include a ton of great new features and capabilities. With ASP.NET 4.5 you’ll see a bunch of really nice improvements with both Web Forms and MVC – as well as in the core ASP.NET base foundation that both are built upon. Today’s post is the third of three posts in the series that talk about the new Model Binding support coming to Web Forms. Model Binding is an extension of the ...
-
Microsoft dev stack vNext from Build
Sep 1115Unless you are living under a rock, you have probably heard that two days ago, at Build, Microsoft unveiled the new version of Windows, named Windows 8. Windows 8 This is revolutionary both from the consumers’ and developers’ perspectives. The UI is deeply based on the concept of the tiles of Windows Phone 7.5 “mango” and the Metro design language, and the API are now allowing applications to be written either in C#/C++ and the usual .NET/Win32, or using WinRT, basically an Object Oriented v...
-
Summer time learning: Getting started with Node.js
Aug 1131It is now a consolidate tradition for me to publish, during summer time, a list of the books I liked reading or that I bought and are sitting on my shelves (or, lately, more and more on my iPad) waiting to be read. In the last years these lists contained .NET and development methodologies books and web development books (jQuery and JavaScript). The topics of the book in this year’s list are a bit different. There will still be a bit of web development on .NET, but due to the nature of the pr...
-
NuGet Package of the Week #9 - ASP.NET MiniProfiler from StackExchange rocks your world
Jul 1122I LOVE great debugging tools. Anything that makes it easier for me to make a site correct and fast is glorious. I've talked about Glimpse, an excellent firebug-like debugger for ASP.NET MVC, and I've talked about ELMAH, and amazing logger and error handler. Now the triad is complete with MiniProfiler, my Package of the Week #9. Yes, #9. I'm counting System.Web.Providers as #8, so phooey. ;) Hey, have you implemented the NuGet Action Plan? Get on it, it'll take only 5 minutes: NuGet Action...
-
Great Free Video Training on ASP.NET Web Forms and ASP.NET MVC
May 1116We’ve recently published some great end-to-end ASP.NET video training courses on the http://asp.net web-site. Created by Pluralsight (a great .NET training company), these video courses are available free of charge and provide a great way to learn (or brush-up your knowledge of) ASP.NET Web Forms 4 and ASP.NET MVC 3. Each course is taught by a single trainer, and provides a nice end-to-end curriculum (from basic concepts to working with the new Entity Framework “code first” model to securit...
- 1
