Radical Development

Technical Without the Technicalities

How To Defend Against Cross Site Scripting With Microsoft .NET 4.5 AntiXss

| 0 comments

One of the most common threats to websites is cross site scripting (XSS) which is the idea that a malicious user is attempting to load content into your website. Examples include JavaScript and HTML. This attack is carried out typically via a form input or query string. XSS can result in very nasty results which include content modification or worse hijacking user account information. If you’re asking yourself how you can possibly reduce the likelihood of this threat, the answer is simple. Encode and never trust user input under any circumstance. It is not that all users are attackers, but … Continue reading

August 2012: .NET SQL Server Database Code Snippets

| 0 comments

How many times have you looked for a piece of code you’ve written in the past? You probably search high and low on your hard drive, scouring through past projects and code files. Or maybe you’ve tried searching your source code control repository with unsuccessful results. How much time do you waste looking for a particular routine only to not find it, which then causes you to rewrite the routine all over again? Let’s face it, as developers we beg, borrow, and steal as much code as we can in order to get our jobs done as quickly as possible. … Continue reading

Find And Address Security Vulnerabilities With Tenable Nessus

| 0 comments

Have you ever really stopped for a moment to consider just how vulnerable you are every time you turn on your computer? If your answer is no, I implore you to take security seriously as the threat is real and the reality is it is not difficult at all for the black hat (attacker) to find a vulnerability on your end and possible then exploit that vulnerability. HP’s 2011 Top Cyber Security Risks Report states that while vulnerabilities are down over recent years roughly 24% of recent vulnerabilities were classified as critical. The percentage is important because even though vulnerabilities … Continue reading

Series DropDownList: Cascading DropDownList

| 0 comments

This is the second article on the subject of DropDownList. If for any reason you missed the earlier post titled Series DropDownList: Binding XML Data to a DropDownList, I would recommend that you take the time and read that post as well. In part two of this series I will focus on accomplishing cascading selections with your DropDownList. Since the bulk of the work was accomplished in DropDownList: Binding XML Data to a DropDownList we will pick up from there. Web Form Here we will incorporate a small change from the previous example. Notice that in this example I have … Continue reading

Series DropDownList: Binding XML Data to a DropDownList

| 0 comments

Who doesn’t love XML? Extensible Markup Language (XML) is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards.  The design goals of XML emphasize simplicity, generality, and usability over the Internet. It is a textual data format with strong support via Unicode for the languages of the world. Although the design of XML focuses on documents, it is widely used for the representation of arbitrary data structures, … Continue reading

Security and the ASP.NET View State

| 0 comments

Many of you who work with Microsoft .NET are aware of the View State and for those of you who are just getting started with .NET please take the time to read the ASP.NET View State Overview over on the Microsoft Developer Network (MSDN). While the viewstate is necessary, it does not come without security concerns that you should understand and what you can do to mitigate the risks. The viewstate is a repository in an ASP.NET page that can store values that have to be retained during postback. The page framework uses view state to persist control settings between … Continue reading

Microsoft Enterprise Library: Caching Application Block

| 0 comments

This is a a second article on the topic of the Microsoft Enterprise Library. If you have not read the previous article titled Microsoft Enterprise Library: Data Access Application Block, I recommend you do so. Introduction to the Caching Application Block The Enterprise Library Caching Application Block lets developers incorporate a local cache in their applications. It supports both an in-memory cache and, optionally, a backing store that can either be the database store or isolated storage. The Caching Application Block can be used without modification; it provides all the functionality needed to retrieve, add, and remove cached data. Configurable … Continue reading