ASP.NET session hijacking with Google and ELMAH(www.troyhunt.com)

submitted by troyhunt(831) 4 months, 17 days ago

ELMAH is one those libraries which is both beautiful in its simplicity yet powerful in what it allows you to do. Combine the power of ELMAH with the convenience of NuGet and you can be up and running with absolutely invaluable error logging and handling in literally a couple of minutes. Yet, as the old adage goes, with great power comes great responsibility and if you’re not responsible with how you implement ELMAH, you’re also only a couple of minutes away from making session hijacking of your ASP.NET app – and many other exploits – very, very easy. read more...

1 comment |category: Security |Views: 267

tags: Security another

.Net's Sort Is Not Secure. Don't Use It. Here's a better one.(zimbry.blogspot.com)

submitted by pwhe23(972) 4 months, 21 days ago

.Net's Array.Sort (up to at least version 4.0) has serious weaknesses read more...

1 comment |category: Tips & Tricks |Views: 561

tags: Tips another

A Monadic Pratt Parser in F#(matthewmanela.com)

submitted by jemts(591) 4 months, 28 days ago

A blog post detailing the creation of a monadic pratt parser implemented in F#. Demonstrates the combination of Pratt parsing with parser combinators. read more...

2 comments |category: F# |Views: 82

tags: F# another

5 Ways That Postsharp Can SOLIDify Your Code: Logging and Auditing (www.sharpcrafters.com)

submitted by gfraiteur(988) 1 year, 2 months ago

Matt Groves's journey through the top 5 aspects inevitably meets logging and auditing. But rather than staying at the "Hello, world" level, Matt explains how the aspect can be optimized for performance, and shows how the aspect optimizer, a feature of the professional edition of PostSharp, makes the difference. read more...

add a comment |category: C# |Views: 279

tags: C# another

5 Ways That Postsharp Can SOLIDify Your Code: Caching(www.sharpcrafters.com)

submitted by mgroves(260) 1 year, 3 months ago

Sometimes there's just no way to speed up an operation. Maybe it's dependent on a service that's on some external web server, or maybe it's a very processor intensive operation, or maybe it's fast by itself, but a bunch of concurrent requests would suck up all your resources. There are lots of reasons to use caching. PostSharp itself doesn't provide a caching framework for you (again, PostSharp isn't reinventing the wheel, it's just making it easier to use), but it does provide you with a way to (surprise) reduce boilerplate code, stop repeating yourself, and separate concerns into their own classes. read more...

1 comment |category: Patterns |Views: 335

tags: Patterns another

5 Ways Postsharp Can SOLIDify Your Code: Lazy Loading of Dependencies(www.sharpcrafters.com)

submitted by gfraiteur(988) 1 year, 3 months ago

Matthew Groves discusses how combining aspect-oriented programming and a service locator can provide an attractive alternative to dependency injection containers. Dependencies are loaded lazily when a property or field is first fetched, and there's no reference to the service locator in source code. read more...

add a comment |category: Patterns |Views: 363

tags: Patterns another

Lucene.Net needs your help (or it will die)(codeclimber.net.nz)

submitted by simonech(10.1k) 1 year, 6 months ago

The Apache Foundation wants to kill Lucene.net. If you use it please chime in and help. This post explains a bit more in detail why this is happening read more...

add a comment |category: Open Source |Views: 929

tags: OpenSource another

The Scrum Compliance(agileanarchy.wordpress.com)

submitted by CraigStuntz(438) 1 year, 7 months ago

Former Scrum Alliance Creative Director resigns, renounces certifications, and calls for complete overhaul of the organization. read more...

add a comment |category: Other |Views: 7

tags: Scrum another

ASP.NET MVC, session and concurrent requests: not what you’d expect(blog.whiletrue.com)

submitted by bh213(255) 1 year, 7 months ago

ASP.NET Session handling causes problems when single session is accessed from more than one request (such as AJAX requests). read more...

1 comment |category: MVC |Views: 307

tags: ASP.NET MVC Session another

OpenID for ASP.NET MVC, A Quick Setup(andrewblogs.com)

submitted by beckelmw(2755) 1 year, 8 months ago

If you need to get your ASP.NET MVC website setup with some basic OpenID Authentication, I can help get you started. All you need is a DLL, a view, and two controller actions. read more...

add a comment |category: MVC |Views: 228

tags: MVC another

ASP.NET and the Padding Oracle Attack: Wrap-up(securitythroughabsurdity.com)

submitted by j.monty(1868) 1 year, 8 months ago

Based on the news that was released at the time, it appeared that this vulnerability was just an issue AES. It turns out that this was false and that that this attack works against ANY BLOCK CIPHER meaning 3DES was also vulnerable. This wrap-up links to some mitigation techniques and also discusses how to protect against padding oracle attacks using Digital Signatures. read more...

3 comments |category: Security |Views: 338

tags: Security another

Getting Started with Code Contracts in VS2010(stevesmithblog.com)

submitted by threenine39(329) 1 year, 8 months ago

A good overview of the coding by contracts in visual studio read more...

9 comments |category: Visual Studio |Views: 358

tags: VisualStudio another

Overriding a .svc Request With Routing(haacked.com)

submitted by SuprotimAgarwal(715) 1 year, 8 months ago

One useful feature of routing in ASP.NET is that requests for files that exist on disk are ignored by routing. Thus requests for static files and for .aspx and .svc files don’t run through the routing system. read more...

add a comment |category: MVC |Views: 65

tags: MVC another

Creating your own ModelMetadataProvider to handle custom attributes(buildstarted.com)

submitted by Morder(280) 1 year, 8 months ago

In this post we're going to create our own metadataprovider for mvc to handle our custom attributes or other situations. read more...

add a comment |category: C# |Views: 175

tags: C# another

Unit Testing Html Helpers for ASP.NET MVC(blogs.teamb.com)

submitted by CraigStuntz(438) 1 year, 8 months ago

How to write unit tests for HTML helpers (which might use HttpContext or ViewContext) without needing a mocking framework. read more...

add a comment |category: MVC |Views: 40

tags: MVC UnitTesting another

How to Enable Client Side Validation in ASP.NET MVC 2(blogs.microsoft.co.il)

submitted by gilf(2139) 1 year, 8 months ago

Last night I was teaching MVC framework as part of an ASP.NET course. One of the things that I showed the students was how to use data annotations for server side validation. I got a question about how to enable client side validation in MVC 2 and decided to write about it in a post. So here it goes… read more...

add a comment |category: ASP.NET |Views: 181

tags: ASP.NET another