Articles : Page 1 of 9
- Filter:
- Software
-
Open source adventures with... wait for it... Microsoft
Mar 1231Last week, Microsoft announced that it was going to open source the rest of the ASP.NET MVC Web stack. The core MVC framework has been open source for a long time now, but the other pieces around it are also now out in the wild. Not only that, but it's not what I call "big bang" open source, where you release the source with each version. No, they're actually committing in real time to a public repository. They're also taking contributions where it makes sense. If that weren't exciting enoug...
-
6 Ways To Avoid Mass Assignment in ASP.NET MVC
Mar 1212One of the scenarios that I always demonstrate during an ASP.NET MVC class is how to create a mass assignment vulnerability and then execute an over-posting attack. It is a mass assignment vulnerability that led to a severe problem on github last week. Let's say you have the following model. public class User { public string FirstName { get; set; } public bool IsAdmin { get; set; } } When you want to let a regular user change their first name, you give them the following form. @usin...
-
What Is The Spirit of Open Source?
Feb 1222In my last post, I attempted to make a distinction between Open Source and Open Source Software. Some folks took issue with the post and that’s great! I love a healthy debate. It’s an opportunity to learn. One minor request though. If you disagree with me, I do humbly ask that you read the whole post first before you go and rip me a new one. It was interesting to me that critics fell into two opposing camps. There were those who felt that it was was disingenuous for me to use the term “open ...
-
Open Source and Open Source Software Are Not The Same Things
Feb 1216It all started with an innocent tweet asking whether ASP.NET MVC 3 is “open source” or not? I jumped in with my usual answer, “of course it is!” The source code is released under the Ms-PL, a license recognized that the OSI legally reviewed to ensure it meets the Open Source Definition (OSD). The Free Software Foundation (FSF) recognizes it as a “free software license”1 making it not only OSS, but FOSS (Free and open source software) by that definition. Afterwards, a healthy debate ensued on...
-
Abstracting away issues of HttpContext from your ASP.NET MVC controllers
Feb 1203I've noticed that I write software in one of three modes: For myself: Shortcuts, less testing, not well-factored. For myself but in public: Mostly POP Forums, which I try to avoid letting it suck since others will use it and see the code. For sharing: Any day job or gig where others will use or maintain your code. You don't want to unleash crapsauce on others. I have to admit that second case isn't the most clean of endeavors. While I'm generally happy with the forum app and the feedba...
-
OSS and .NET Year In Review 2011
Dec 1126T’is the season for “Year in Review” and “Best of” blog posts. It’s a vain practice, to be sure. This is exactly why I’ve done it almost every year! After all, isn’t all blogging pure vanity? Sadly, I did miss a few years when my vanity could not overcome my laziness. This year I am changing it up a bit to look at the intersection of open source software and the .NET community in 2011. I think it’s been a banner year for OSS and .NET/Microsoft, and I think it’s only going to get better in 20...
-
Hello GitHub!
Dec 1107Hubot stache me. Well the poll results are in and you guys were very close! I was taken aback at the intensity of the interest in where I would end up. Seriously, I’m honored. But then I thought about it for a moment and figured, there must be a betting pool on this. These folks don’t care that much. Today is my first day as a GitHub employee! In other words, I am now a GitHubber, a Hubbernaut, a GitHubberati. Ok, I made that last one up. If you haven’t heard of GitHub, it’s a site that ...
-
Techniques for real-time client-server communication on the web (SignalR to the rescue)
Nov 1129When building web applications, you often face the fact that HTTP, the foundation of the web, is a request/response protocol. A client issues a request, a server handles this request and sends back a response. All the time, with no relation between the first request and subsequent requests. Also, since its request-based, there is no way to send messages from the server to the client without having the client create a request first. Today users expect that in their projects, sorry, experience...
-
Departures
Nov 1128It’s not every day you write this sort of blog post. And you hope it’s not something you do so often that you ever get good at it. I’m certainly sucking up a storm here. Just last month I hit my four year mark at Microsoft. I reflected on the sheer joy I experienced working with such smart people on cool projects. I’ve been very lucky and fortunate to be able to speak about these projects at many conferences, meeting so many interesting attendees. It’s been a real blast. Today, I write a d...
-
Repaving your PC: the easier way
Nov 1128It"s been a while since I had to repave my laptop. I have a Windows Home Server (WHS) at home which images my PC almost daily and allows restoring it to a given point in time in less than 30 minutes. Which is awesome! And which is how I usually restore my PC into a stable state. Over the past year some hardware changes have been made of which the most noteworthy is the replacement of the existing hard drive with an SSD. A great addition, and it was easy to restore as well: swap the disks and r...
