Handling Files and Directories from your web applications. : Rockin J

Monday, October 06 2008

Using C#, VB.NET, and ASP.NET to get all files of directory and subdirectory. Simply illustration of working with files and directories in ASP.NET.

Cross-Site Scripting in ASP.NET : SandeepReddy Pasham

Thursday, October 02 2008

Cross-site scripting attacks exploit vulnerabilities in Web page validation by injecting client-side script code. The script code embeds itself in response data, which is sent back to an unsuspecting user. The user's browser then runs the script code. Because the browser downloads the script code from a trusted site, the browser has no way of recognizing that the code is not legitimate, and Microsoft Internet Explorer security zones provide no defense. Cross-site scripting attacks also work over HTTP and HTTPS (SSL) connections.

Support Voice: Using Virtual Path Providers : Parag Agarwal

Wednesday, October 01 2008

Hello and welcome back! My name is Parag Agarwal, a support engineer at Microsoft. This month we are going to discuss virtual path providers in Microsoft ASP.NET 2.0. This month, we will discuss how to extend ASP.NET by providing virtual access to content and files for compilation in ASP.NET 2.0. This feature can be used to create applications similar to Microsoft SharePoint Portal Server, where the content is stored in a database instead of on the physical file system. In this article, we will build a sample where the content of the requested Web form page is stored in a Microsoft SQL Server database...

Executing async task in asp.net : Andrea Colaci

Wednesday, October 01 2008

This article explores different ways to deal with long running tasks in Asp.net, leveraging PageAsyncTask and Asyncronous Delegates. If such a task must be initiated from an Asp.net web page, the thread that is serving the page request is bound to the task until it completes or a timeout occurs. Asp.net and .net framework offer different ways to address this issue, in the project used for this article, a sample page attempts to star a long running task in three different ways: 1. Synchronously simply starting the task and waiting for its completion 2. Asynchronously, using Page.RegisterAsyncTask...

File Denial : Steve C. Orr

Thursday, September 18 2008

A common web site requirement is the ability to share certain files with specific users. For example, customers who have purchased software or other digital assets from a web site should ideally be able to return to that site and re-download the file(s) any time they want. However, that user (and other users) must be prevented from downloading packages that they have not purchased. This article will not attempt to cover ASP.NET user authentication techniques since that topic is already thoroughly covered elsewhere. Instead this article will focus on how (and how not) to provide access to a file...

Using CLR to access .NET functions in SQL Server : Mark Smith

Sunday, September 14 2008

An example of how we can create a function in .NET and then use them in SQL Server. According to Microsoft, SQL Server 2005 significantly enhances the database programming model by hosting the Microsoft .NET Framework 2.0 Common Language Runtime (CLR). This enables developers to write procedures, triggers, and functions in any of the CLR languages, particularly Microsoft Visual C# .NET, Microsoft Visual Basic .NET, and Microsoft Visual C++....

ASP.NET Security [Part I] : Joydip Kanjilal

Saturday, September 13 2008

Security is one of the most important concerns in application software development. Building a robust security model is one of the most important factors that drive the success of application software. As far as security in ASP.NET is concerned, three terms come into my mind, i.e., Authentication, Authorization and Impersonation. Put simply, authentication authenticates the user’s credentials and authorization relates to the resources that an authenticated user has access to. This article is the first in a series of articles on ASP.NET security and discusses these concepts and their applicability...

Securing .NET code : Mark S. Rasmussen

Saturday, September 06 2008

When you write your code, compile it, and distribute the exe/dll's, is your source safe? We're not talking about protection against buffer overruns, SQL injection and various other code hacking techniques, we're talking protection of the source code itself, protection of intellectual properties. This article is the result of me touring the danish universities as a Microsoft Student Partner, giving lectures on the subject of securing code and intellectual properties in the realm of the .NET Framework....

Zero Config Dependency Injection : Castle Windsor Trunk Edition :

Tuesday, September 02 2008

This Framework Extension allows most of your registration/configuration in a dependency injection framework to be done 'automagically' when possible through declarative/AOP/Metadata driven rules and 'non-inference' based resolution of cases. For example, there are many instances where this will interrogate the run-time state of your app and make the correct decision on the registration of a component and/or resolution of a request for an implementation of a service. In other words, if you would like a property (say an autoproperty) to get injected with a Presenter (you are using the MVP pattern...

ASP.NET 2.0 - Safely Compile And Execute Source Code Dynamically : Robbe Morris

Tuesday, August 26 2008

You've probably run across all sorts of code samples for dynamically compiling and running source code in .NET 2.0. Fortunately, this is fairly easy in .NET. What I haven't yet seen covered is a safe way to do this in an ASP.NET environment. The biggest problem you run into is that each time you compile your code (even if you use the exact same attributes and settings) is that a new duplicate assembly is loaded into memory. So, you could easily wind up with thousands and thousands of duplicate assemblies floating around in memory on your server because there is no facility in .NET 2.0 to unload...