Unit Testing Security Example

code tdd suggest edit

This is a simple little demonstration of how to write unit tests to test out a specific role based permission issue using NUnit/MbUnit and Rhino Mocks.

Read More

Test Secure Class Instantiation Helper Method

code tdd suggest edit

This is a quick follow-up to my last post. That seemed like such a common test situation I figured I’d write a quick generic method for encapsulating those two tests.

Read More

Urgent: Subtext Security Patch

personal suggest edit

UPDATE: We released Subtext 2.0 which also includes the fix for this vulnerability among many other bug fixes.

Read More

The Security Patch Dilemma For Scripting And VM Based Languages

security suggest edit

In his book, Producing Open Source Software, Karl Fogel gives sage advice on running an open source project. The section on how to deal with a security vulnerability was particularly interesting to me last night.

Read More

Buy Our Book And Become An ASP.NET Bad Ass

41XDcuGaQrL._AA240_ Remember the book I mentioned that I was writing along with a few colleagues? Well it is finally available for pre-order on Amazon.com!

Read More

Why Is Microsoft Removing My MVP Status?

work microsoft suggest edit

It was only two and a half months ago when I wrote about receiving my Microsoft MVP award. I was quite honored to receive this award.

Read More

Conditional Compilation Constants and ASP.NET

aspnet suggest edit

UPDATE: K. Scott Allen got to the root of the problem. It turns out it was an issue of precedence. Compiler options are not additive. Specifying options in @Page override those in web.config. Read his post to find out more.

Read More

Build a Custom Open Source Search Index

oss suggest edit

Here’s a little plug for something we’ve been working hard at over at Koders. Everyone knows that if you want to find open source code, you go to http://www.koders.com/ (it recently got a minor new facelift so check it out). That’s my area of responsibility here. However, after many many months of hard work, we released Koders Pro Edition 1.0 this week. I helped a bit with this, but it’s mostly due to the hard work of the rest of the team that this is out there, especially Ben, the product manager for Pro.

Read More

Honeypot Captcha

I was thinking about alternative ways to block comment spam the other day and it occurred to me that there’s potentially a simpler solution than the Invisible Captcha approach I wrote about.

Read More

Five Years Of Good Loving

personal suggest edit

Akumi-Phil-Cody Today my wife and I celebrate our fifth anniversary of being legally married. If you’ve read my blog long enough, you might have seen this post which suggests we were married June 14, not September 12.

Read More

Last Night A Doctor Saved My Nut

Last night I nearly lost a dear friend of mine. Now this is the sort of story most men, myself included, would understandably want keep to themselves. Although this deviates from my normal content, I feel a duty to tell all in this age of transparency because while I was in the middle of the ordeal, I turned to Google for help and didn’t find the information I needed. I write this in the hopes it helps some unfortunate guy in the future.

Read More

IHttpContext And Other Interfaces For Your Duck Typing Benefit

code suggest edit

Not too long ago I wrote a blog post on some of the benefits of Duck Typing for C# developers. In that post I wrote up a simplified code sample demonstrating how you can cast the HttpContext to an interface you create called IHttpContext, for lack of a better name.

Read More

Should Microsoft Really Bundle Open Source Software?

oss microsoft suggest edit

Ayende recently wrote about Microsoft’s “annoying” tendency to duplicate the efforts of perfectly capable Open Source Software already in existence. In the post, he references this post by Scott Bellware which lists several cases in which Microsoft duplicated the efforts of OSS software.

Read More

Don't Be a Validation Nazi

code regex suggest edit

In my last post, I wrote about how most email validation routines are too strict when compared against what is allowed by the RFC. Initially I dismissed this phenomena as the result of ignorance of the RFC or inability to understand it, as I had trouble understanding it myself.

Read More

I Knew How To Validate An Email Address Until I Read The RFC

Raise your hand if you know how to validate an email address. For those of you with your hand in the air, put it down quickly before someone sees you. It’s an odd sight to see someone sitting alone at the keyboard raising his or her hand. I was speaking metaphorically.

Read More

How Duck Typing Benefits C# Developers

David Meyer recently published a .NET class library that enables duck typing (also sometimes incorrectly described as Latent Typing as Ian Griffiths explains in his campaign to disabuse that notion) for .NET languages.

Read More

My Latest Addiction Is Line Rider

personal suggest edit

Not too long ago, Jeff Atwood lowered the overall productivity of software developers everywhere when he wrote about Desktop Tower Defense, a game that he calls fiendishly addictive.

Read More

Speed Up Your Pages And Improve Your YSlow Score With The Coral Content Distribution Network

UPDATE: Using Coral CDN to serve up my images and stylesheets ended up being a mistake and actually slowed down my site. I’d recommend using Amazon S3 instead if you need high bandwidth fast serving of static content. Coral CDN is probably better for cases when you want to serve up a large file (mp3, mpeg, etc…) and save on your bandwidth usage. It doesn’t seem ready to be a general purpose CDN for speeding up your site. I’ll add the ability to this code to use S3. In the meanwhile, this code is still useful by simply restricting the extensions in the config file to perhaps this list “mpg,mp3,mpeg,wmv,avi,zip”. Hat tip to Jon Galloway for pointing that out.

Read More

Write Plugins Easily Using The Dynamic Template Plugin For Windows Live Writer

blogging suggest edit

Joe Cheng, member of the Windows Live Writer team, just unveiled his first publicly available Windows Live Writer plugin…

Read More

My .NET Rocks Interview Is Now Up

Run, don’t walk, over to .NET Rocks and download their interview with yours truly (as in me, not any other yours truly).

Read More