Phil Scott's WebLog

With the go-live of ASP.NET 2.0, I've been actually using it at a level of more than "ooh, pretty new feature." I'm kinda of a standards nerd, so naturally I've been messing around with the XHTML output and making sure I like what I'm seeing.  So far, so good. But I ran my page against the W3C's validator and it freaked out, complaining about form tags having names and the such. So I take a look at the source, and it looks good to me. So I go back to the validator, and run it one more time, this time enabling "Show Source." Ah, there's the problem. ASP.NET thinks that the validator is some ghetto browser from 1996 so it is sending it invalid markup.

Hmmm, I forget how the box model is supposed to do things in CSS, but this seems a little off to me.  What I had was a div tag with a width of 500px.  Within that I have a nested div with a margin of 25px.  I WAS trying to avoid having to do a box model hack to make sure things look OK in IE 5.x. 

So everything is hunky dory until I take this layout and put it into a masterpage in VS2005.  I drop the ContentPlaceHolder and suddenly my 500px div is 550px large.  It seems VS2005 is trying to figure out how wide to make the ContentPlaceHolder "container," and forgetting about the margins (or padding (or borders)).  This also happens when you have a panel or anything else set to a width of 100%.  So it is just pushing it wider.  And since I'm using floats to do the layout, in VS2005 it is pushing my sidebar down because it is too wide to fit into the container.  IE 6.0 and Firefox seem to be getting this "right," but honestly I'm not too sure when Firefox is immulating bugs in IE or when IE is in compliance mode anymore.

I'm leaning towards bug.  If anyone is curious, here's the fancy code that is screwing stuff up:

        <div style="width: 500px">
            <div style="padding: 25px; background-color: Orange; border: solid 1px black">
                <asp:Panel runat="server" ID="test" style="width:100%">
                    jyeretjetjetj</asp:Panel>
            </div>
        </div>
        <div style="width: 500px; border: solid 1px black">
            another 500px div
        </div>

Take out the panel and just put normal text (or even just a div with width=100%) and it displays fine.

So, bug or not?

Even though ASP.NET has been out for quite some time, it still tickles me to see sites with an aspx extension.  I recently checked out one of my favorite bar's site, O'Shea's Irish Pub here in Louisville, and was surprised to see it was running ASP.NET on Windows 2003. 

I'm sure you've seen the new Anti-Spyware tool from Microsoft, so I'll spare you the elevator pitch.

What I want to know is what brainiac decided that to install the thing you might want to either install an ActiveX control, or download an EXE file an execute it to continue? Um, isn't this crap the reason 99.9999% spyware gets installed?  Shouldn't that type of behavior be discouraged?  I was hoping that when I clicked next I'd get a screen saying "YOU FOOL!  You could have just installed something that is reporting your bank password to some crazy guy in Canada!  Don't do that crap, and maybe you wouldn't need to install this tool, moron."  But no, it actually popped up a file for me to execute (I'm running Firefox, I assume it would be an ActiveX control for IE).  FANtastic. 

 Thankfully, you can skip that step and just download the thing.  The irony of this product just gets deeper and deeper. 

We've had a lot of success using Ben Lowery's HttpCompression module in regards to cutting down our bandwidth on text intensive pages.  The only problem we've had with using the compression module has been with existing pages that were using Response.Flush (it would throw up the "Server cannot append header after HTTP headers have been sent" exception) .  Well, no problem, right?  Ben's excellent module supports the ability to exclude paths in web.config.  And this solution works great on our test machines.  The problem was that when we went live, everything broke in regards to excluding paths.  It would start throwing the "Server cannot append header after HTTP headers have been sent" all over again.

Firefox 1.0 has been released today.  Good times.  Right now the link is being hammered, but some peeps at slashdot have posted mirrors.  Btw, here's the default homepage when you install Firefox - hosted on google.com.  Interesting...

I just accidently went to MSDN in IE, and wow!  I say accidently because normally I'm running Firefox and MSDN used to be all jacked up in non-IE browsers.  So, I just got in the habit of using IE for MSDN.  But, my habit slipped and I hit the MSDN page in Firefox.  I had to actually checked to see what browser I was using because I was so surprised to see the MSDN logo, and the bullet points not do crazy stuff.  Good times, good times.

If you haven't checked out the Metasploit Framework yet, check it out.  If you haven't heard of the thing, it's basically a tool for testing exploit code.  But it comes with a bunch of exploits and payloads set up and ready to be ran against machines.  I'm far from a hax0r, but I was able to open up a VNC connection to some random machine in my classroom that hadn't been patched in the last few weeks.  Very impressive.