Tales from the Evil Empire

Bertrand Le Roy's blog


Bertrand Le Roy

BoudinFatal's Gamercard

Tales from the Evil Empire - Blogged

Blogs I read

My other stuff


June 2008 - Posts

New tools to prevent SQL injection attacks

I've blogged in the past about injection attacks. Microsoft publishes additional new tools to detect and protect against injection attacks. The first tool, developed by HP, crawls web sites to automatically detect possible attacks, the second blocks dangerous requests from being executed, and the last one analyzes code to look for dangerous practice.


Generating thumbnails in ASP.NET (DotNetSlackers)

I just published a new article on DotNetSlackers. The post is about generating scalable and secure image thumbnails.


Posted: Jun 20 2008, 04:06 PM by Bertrand Le Roy | with 2 comment(s) |
Filed under: , ,
ASP.NET Ajax client-side templates and declarative markup article in MSDN Magazine

I wrote a short column in Dino Esposito's latest MSDN Magazine article to introduce two new features that we will ship with the next version of ASP.NET Ajax. The features will enable you to declaratively instantiate client-side components and to build data-driven HTML from simple templates.


Ajax charting

Miljan from ComponentArt announces the 2008 release of their charting engine. It's a really interesting engine for Ajax developers because it has a full client-side object model. Check it out.

ComponentArt Charting


Script reference profiler

ASP.NET Ajax 3.5 SP1 contains a new feature that enables the application developer to combine scripts in order to reduce the number of downloaded files. But in order to do that, the developer must have a way of discovering what scripts are being used in a page or application.

To make that easier, I've developed a small control that you can drop onto a page and that will render out the list of script references that are being used by the page. It is then easy to copy and paste that list into the CombinedScripts property of the script manager and combine all those references into one.

The control also renders two links that enable the developer to download the debug and release versions of the combined scripts. Those scripts can be downloaded, copied into the site and used with the Path property on CombinedScripts. This enables better server performance than the plain automatic combination that ScriptResource.axd performs, but it also means you need to re-generate that file every time any of the scripts change.

The project to build the control can be downloaded as part of the ASP.NET CodePlex project:

UPDATE: the component can also be downloaded in binary form from here:

Script combining screen cast

I recorded a 5 minute screencast that shows how to use the new script combining feature in ASP.NET Ajax 3.5 SP1:

Late notice: speaking in Montreal tonight

I'll switch to French for this post as the talk will be in French.

Je parlerai ce soir devant le groupe d'usagers de .NET de Montreal à partir de six heures dans les locaux de Microsoft. Je parlerai de Visual Studio 2008 (et SP1), d'ASP.NET Ajax et du toolkit s'il reste du temps.

Venez nombreux!

UPDATE: merci à tous ceux qui se sont déplacés, et grand merci au groupe d'usagers, à Dominic Sévigny, Guy Barrette et RunAtServer pour leur accueil.

More Posts