January 2007 - Posts
Some users have run into an issue when hosting ASP.NET Ajax applications in a frame or iframe that's in a different domain from the top-level window. If you try to do that and browse to the page using IE, you'll receive an "access denied" error client-side any time a DOM event is raised in the frame. The code that's responsible for that is Sys.UI.getLocation . This is a tricky piece of code that determines the pixel coordinates of a DOM element relative to the top-left corner of the page, so that an absolutely positioned child of the body using these coordinates would exactly cover the element you measured. This is useful for drag & drop, popup scenarios like auto-complete and when an event is raised to get mouse coordinates...
A while ago, Jaime Rodriguez, a coworker of mine posted about how to use ASP.NET AJAX from a Vista Sidebar Gadget . That was on a Beta version of ASP.NET AJAX (which was then called "Atlas"). Since then, it's gotten even easier, so I thought I'd write up a quick hello world gadget. As an added bonus, I'll also show how to use a PHP backend, based on PHP for Microsoft AJAX Library . What we'll make We'll make a sidebar gadget with a textbox and a button. The user types their name in the textbox and clicks the button. When the button is clicked, the name in the textbox is sent to the web server, and the web server replies with "Hello, <name>!" (where <name> is the name of the user). Quite frankly, I believe this sidebar gadget will...
Molly I'm really excited about the announcement we made on the IE Blog earlier today. Molly Holzschlag has joined forces with the IE team. I think this is a great win for the web design world, Moll and Microsoft. When Molly and I first started talking about what her role would entail, I explained to her I wanted to hire Molly, not "Microsoft Molly", but Molly. She isn't going out and pimping things, and she's not going to be telling you things she doesn't believe in, she still be out working to make the web a happier place for all web designers and developers to be. When we first brought Molly on, she and I worked and tried to come up with a good set of projects for her to work on. As you might have read on the IE Blog, there are two major components...
As promised, the source code for all of ASP.NET AJAX has been released. I'd recommend reading ScottGu's blog post about it . Read More...
Joe Stagner from Microsoft has been doing some presentations on security with ASP.NET AJAX along with Billy Hoffmand and Caleb Sima of SPI Dynamics. Go to Joe's blog to get links to the webcasts. I'm watching the latest now: How Hackers Reverse Engineer and Exploit an ASP.NET AJAX Application , and I'm pretty disappointed. Maybe I have too strict a definition of security. Security non-issues The webcast covers the JavaScript proxies that ASP.NET AJAX generates for you, claiming that exposing metadata about the functions and parameters this way is a problem. If your application is vulnerable when an attacker can see the names of the functions and parameters in your web services, then it was already vulnerable. Obscurity is not security. The example...
As I mentioned last week when ASP.NET AJAX 1.0 shipped , we are publishing the full source code to the ASP.NET AJAX product. This includes the source to the server-side ASP.NET integration (including the UpdatePanel, UpdateProgress, and ScriptManager controls, as well as the source to the Network Serialization code). The client-side ASP.NET AJAX JavaScript library (which we also call the "Microsoft AJAX Library") is being released under the Microsoft Permissive License (Ms-PL) . This grants developers the right to freely customize/modify the library, as well as to redistribute the derivative versions of the JavaScript library for both commercial and non-commercial purposes. The code for the server-side ASP.NET AJAX 1.0 implementation was released...
I just got a copy of Brian Noyes book on ClickOnce Smart Client Deployment with ClickOnce: Deploying Windows Forms Applications with ClickOnce While I have not had a chance to dig into it yet, I did ask around the team and a bunch of folks on the WinForms and ClickOnce product teams reviewed it and provided feedback. They all said it was an excellent source of detailed and real world information. Have any of you looked at it? What do you think? Read More...
Rico is doing some very interesting work to get some sort of idea about the allocation overhead of using different parts of the .NET Framework. As he says, this is a fairly rough approximation done just with static analysis, but it does give you something to chew on. Rico starts by focusing on making a good hashcode function… I thought I'd look at properties. As you know the Framework Design Guidelines encourages you to make simple properties that are logically just fields . There is a reasonable assumption that the get accessor of a property would not have to allocate any data. The good news is the vast majority of these had 0 or 1 allocation. The thing to watch out for is that some of the worst offenders are properties, with 15 with a score...
One of my goals this year is to use video more with my blog. My theory is that video is often a better medium than text to walkthrough how something works, and can also help you avoid the tedium of reading though some of my really long blog posts... :-) Over the next few months I'm going to try and create a new video every other week or so on various topics. Many of these videos are going to involve first looks at some of the new features coming with Visual Studio "Orcas", which is our new release that will ship later this year. For today's video I decided to focus on introducing LINQ - which I think is one of the most exciting features coming with "Orcas". At a high-level, LINQ makes the concept of query a first class programming concept within...
I just saw a review from Ross Dargan on the Framework Design Guidelines … He lists his favorite quote… I am glad you like the "color" in the book Ross! Favourite Quote: Brad Abrams, page 134. Why did we decide to use "raised" rather than "fired?" Well, we certainly have some prior art on our side on this one, but we also felt like fire was too negative a term. After all, you fire a gun or you fire an employee. Raise sounds more peaceful. What is your favorite quote? Read More...
More Posts
Next page »