September 2006 - Posts
SQL Injection attacks are really nasty security vulnerabilities, and something all web developers (regardless of platform, technology or data layer) need to make sure they understand and protect themselves against. Unfortunately developers too often neglect putting focused time on this - and leave their applications (and worse their customers) extremely vulnerable. Michael Sutton recently published a very sobering post about just how widespread this issue is on the public web. He built a C# client application that uses the Google Search API to look for sites vulnerable to SQL Injection Attacks. The steps to achieve this were simple: Look for sites that have querystring values (example: search for URLs with "id=" in the URL) Send a request to...
Heard on France Inter the other day about scientific research funding (didn't catch the names of the authors of these quotes though): "Ignorance will always be more expensive than research." "Electricity wasn't discovered by trying to improve the candle." Share this post: Email it! | bookmark it! | digg it! | reddit! Read More...
JavaScript is always the strange beast as far as comparisons are concerned. There are cases where the automatic contextual casting is not quite convenient. For example, we like to reliably return booleans from some of our methods, not null, not undefined and not some random object. Being able to say that this function will return a boolean is a Good Thing that the users of the API will appreciate when debugging. Anyway, I used to do this to coerce something to Boolean: something ? true : false Dave Reed just showed me a much more compact way of doing that: !!something Probably not the most readable thing in the world but I could get used to that, the same way I got used to return something || null ; when I want to coerce undefined into null...
Atlas has its first commercial control library . Component Art just went live with the new version of their excellent control library. All their controls now have a full client-side API built on top of the Microsoft AJAX Library . They all support UpdatePanel and persist their changes across synchronous and asynchronous postbacks. The library already has full online documentation and live samples . They are certainly setting the bar very high for other component developers. To think that they were able to do that even though we're not even in beta is just amazing and just show the level of excitement around the technology. It is an amazing library. Check it out: http://atlas.componentart.com Share this post: Email it! | bookmark it! | digg...
Thottam is asking folks to tell him about your experience with COM interop . I know many of you have a earful to tell him about how you love, learn to live with and at times hate ComInterop… Please take a few minutes to comment on his blog with those thoughts and if you are so inclined responded to his detailed set of questions… Thottam is right in the middle of figuring out where to take this feature so your feedback would be very timely… thanks Read More...
I blogged about the cool new .NET and ASP.NET Guidance Explorer that the Microsoft Patterns and Practices Team has been working on back in June. Since then the team has been hard at work and recently moved the project to be hosted on CodePlex. You can visit and join the project here . All source code for the Guidance Explorer UI (which is of course built using .NET and Windows Forms) can also now be downloaded for free from the CodePlex project site. The Guidance Explorer provides a database of recommendations and best practices for ASP.NET, ADO.NET, and the .NET Framework that you can easily filter and search. Particularly useful are some of the checklists you can easily follow for performance and security best practices prior to deployment...
The folks over at the NYTimes have released the beta of the NYTimes reader … a .NET Framework 3.0 based application that provides an amazingly rich experience for reading the newspaper… I have been on the internal pre-beta program for a while and I have found it great! A few weeks ago I actually read the newspaper end-to-end… I don’t think I have done that in 10+ years. The other thing I love about the app is that is it is ClickOnce deployed, meaning I get new app features regularly as they are released… This was very exciting (and scary for demos) during the pre-beta phase… and I expect somewhat regular updates to continue… I get these new updates with zero additional install work.. it just gets updated in place… Enjoy! Read More...
Do you have an ASP.NET AJAX (a.k.a. "Atlas") app, or are you working on one? Tell me about it! I have some upcoming opportunities to showcase great Atlas apps (either shipped or in development but close to shipping). If you have an application and you'd like to get some more exposure, please leave a comment here or send me email (my email address is on the right side of my blog) ASAP so you can be involved. I look forward to hearing from you! Read More...
I just noticed the VB folks created a great little WinForms control that gives you the VB6 style “print form” functionality… Looks pretty easy to use and can be used (via a DLL) in VB or C# projects. Enjoy… PrintForm Component 1.0 The PrintForm Component is designed to bring back the ability to easily print a Windows Form. With this new PrintForm component you can once again layout the Windows Form exactly as you want it and allow your users to print the form as a quick report. Oh, yea… they are looking for other suggestions as well… Read More...
Rick has a very extensive post on his blog about the state of Atlas today. It's a fair and complete look at what the technology is today and what it will become in the next few months. The post is a great read that I personally enjoyed a lot because Rick is hard to please and well, he seems to be mostly pleased (which doesn't mean that we don't have a lot to do before we release, working on that). http://west-wind.com/weblog/posts/7551.aspx Share this post: Email it! | bookmark it! | digg it! | reddit! Read More...
More Posts
Next page »