Thursday 16 January 2014

Content security policy presentation

Excellent talk on the features available for protecting your site against XSS. 





Wednesday 14 August 2013

Productivity Power Tools 2012

One of my favourite extensions in Visual Studio 2012 for the price conscience is Productivity Power Tools 2012.


There are many features which come with Productivity Power Tools 2012 (aka free mini resharper), however one of my favourite features is the new solution wide Remove and Sort.

Remove and Sort is a feature I use constantly on a per class level to remove unwanted using directives and sort them by System first.

Now this can be achieved by right clicking on the solution and then selecting -> remove and sort


Another cool feature is the new Edit Project File as opposed to unload -> edit project file. Quite a minor feature but still worth a mention.

Thursday 18 July 2013

Deploying with Visual Studio 2012 (and Visual Studio 2010)

Publish Profiles


The key to this publish dilemma is Publish Profiles, Using these will change your life forever.

Step 1. - Creating a Publish Profile


These can be created manually but the easiest way is to use the publish wizard in Visual Studio 2012.

Right click on the project you want published and select publish.


You will need to actually publish the project in order for the Publish Profile to be created (that sucks!). Once you've published whether it worked or not there should be a publish profile saved in the properties folder underneath the published project:


Check that in to your source control so that is can be available on the build server.

Step 2. - Automating the deployment


Ok, so now you have to prepare the command line arguments to run against msbuild. The following should be sufficient:

msbuild.exe
/p:publishUrl=LOCATION_OF_WHERE_YOU_WANT_YOUR_STUFF_DEPLOYED
/p:DeployOnBuild=true /p:PublishProfile=NAME_OF_PUBLISH_PROFILE.pubxml
/p:Configuration=Release 
//the configuration property can be a custom configuration in order to apply web.config transformations

Notes

The publish profile can be created manually if you are using Visual Studio 2010; as long as the publish profile file is saved in the correct location all should be good.
I have tested this against web applications that publish vis FTP and it works fine!

References

Tuesday 28 May 2013

JQuery Brazilian Portuguese DatePicker

JQuery has a lot of plugins and add-ons which allow you to achieve some powerful customisations.

One such plugin is the JQuery localisation feature which allows you to customise the datepicker depending on the local, i.e. the Country and/or Language.

Firstly you need to include the modified JQuery datepicker javascript file with the following name: jquery.ui.datepicker-xx-XX.js, where 'xx-XX' represents the specific culture, e.g. jquery.ui.datepicker-pt-BR.js.

Then inside that jquery.ui.datepicker-pt-BR.js file you need to insert your culture specific translations, Brazilian Portuguese is below:

jQuery(function ($) {
  $.datepicker.regional['pt-BR'] = {
  closeText: 'Fechar',
  prevText: 'Anter',
  nextText: 'Próx',
  currentText: 'Hoje',
  monthNames: ['Janeiro', 'Fevereiro', 'Março', 'Abril', 'Maio', 'Junho',
  'Julho', 'Agosto', 'Setembro', 'Outubro', 'Novembro', 'Dezembro'],
  monthNamesShort: ['Jan', 'Fev', 'Mar', 'Abr', 'Mai', 'Jun','Jul', 'Ago', 'Set', 'Out', 'Nov', 'Dez'],
  dayNames: ['Domingo', 'Segunda', 'Terça', 'Quarta', 'Quinta', 'Sexta', 'Sábado'],
  dayNamesShort: ['Dom', 'Seg', 'Ter', 'Qua', 'Qui', 'Sex', 'Sáb'],
  dayNamesMin: ['D', 'S', 'T', 'Q', 'Q', 'S', 'S'],
  weekHeader: 'Sem',
  dateFormat: 'dd/mm/yy',
  firstDay: 0,
  isRTL: false,
  showMonthAfterYear: false,
  yearSuffix: ''
 };
});
And reference that file in your script tags:
<script src="/Scripts/jquery.ui.datepicker-pt-BR.js" ></script>

Use the following code to attach the localised datepicker to a text box.

<input type="text" name="DateOfBirth" id="DateOfBirth"/>

<script> 
  $(function () {
        var culture = 'pt-BR';
        $.datepicker.setDefaults( $.datepicker.regional[ culture ] );
        $("#DateOfBirth").datepicker({
             dateFormat: 'dd/mm/yy',
             yearRange: '1920:2013',
             maxDate: '+0M +0D',
             changeMonth: true,
             changeYear: true
        });
});
</script>

Saturday 16 February 2013

Working with OAuth 2.0


OAuth 2.0 is a protocol (set of rules) which allows you to access a user's personal information without having to know their user credentials, i.e. username or password.

This is quite significant considering all of the issues surrounding security with user authentication, e.g. SSL, certificates, storage encryption etc.

What this means is you could access a person's Gmail account given just their permission.



[Screen shot taken from https://developers.google.com/oauthplayground/]

How it works?

There are various processes involved in the OAuth 2.0 protocol, but the most common is the Authorisation Code Grant Flow.


The Authorisation Code Grant Flow allows a program to gain access to a user's personal information by access of a authorisation token.


The process works as follows:

1. The program/application requests an authorisation token from their chosen provider along with what they want to access, e.g. the program might say, "can i please have an authorisation token Google for Billy's Gmail account?"

2. Billy then has to approved that request by simply saying "yes" or "no".

3. Assuming Billy said "yes" then the program/application is issued with an authorisation token from the provider
(Google).

4. The program/application can then exchange this for an access token which is actually what is needed to access Billy's Gmail account. With that token the program/application can then read Billy's Gmail account.


The access token expires about every hour so the program/application will need to make sure that they request a new one!


Here is a link to the OAuth 2.0 Java library I wrote, which should explain the process in a bit more detail :)

Thursday 20 December 2012

Working with Team Foundation Service

I'm up and running now with Team Foundation Server Service, and I can say that I'm quite impressed. http://tfs.visualstudio.com/en-us/ I've set up a continuous integration environment at https://mackolicious.visualstudio.com/ Where I've already added two projects
There's a lot of basic functionality such as, backlog/user story generation, typical agile 'swim lanes' (to-do, in-progress, done), burndown, code/check-in history etc. My overview (dashboard) looks like this:
As you can see by adding in the capacity of the team and the sprint's dates, TFS is able to calculate burndown metrics, cool! I'm still playing around with the piece of kit! I've already added an application using Eclipse and one using Visual Studio and so far so good.

Sunday 25 November 2012

Release Management and Release Processes

In my experience as a developer I have observed various release processes that are used to get code to production.

In my opinion the most effective and efficient release process within an Agile environment is one that is automated and is controlled by either a QA (Quality Assurance) Tester or a PO (Product Owner). Both these individuals have a strong understand of the acceptance criteria and customer requirements, hence they would be best suited to deploy a piece of code to production.

I believe the entire process should be automated including rollbacks and configuration changes and should be as seamless as just clicking a button.

The steps should be as follows:
1. Developer finishes work and deploys to a test environment
2. QA signs off work according to COA (conditions of acceptance) and deploys to an intermediate environment, e.g. hidden live, stage (whatever)
3. The QA and PO then review the work again on the intermediate environment and deploy directly to production


That entire process could take less than an hour! Meaning work developed at the start of the day could be in production by the end :)

Friday 28 September 2012

System.IO.FileNotFoundException: Could not load file or assembly 'Missing.Assembly.dll, Version=1.0.20.15800, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The system cannot find the file specified

Have you ever seen a error like the one below: System.IO.FileNotFoundException: Could not load file or assembly 'Missing.Assembly.dll, Version=1.0.20.15800, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The system cannot find the file specified The first thing to think is Ahhhhhhh! I have all the references what is going on??! Don't panic here's a few steps to diagnosing this issue, and hopefully resolving it. STEP 1. Make sure you can debug the code and ascertain which assembly is throwing the exception. STEP 2. Once you know which assembly is complaining about the missing DLL you then need to find the corresponding project and check that project's references:
If the reference that is in the exception exists then move on to STEP 3. STEP 3. If the reference exists then you need to look a little deeper, into the second part of the exception or one of its dependencies. This is key, what this means is that Missing.Assembly.dll is referencing an assembly you're not (FACT). What you need to do is ascertain exactly which assembly it is referencing and which version it is referencing. This is actually quite tricky for large projects but the easiest way to find out is by looking at where the exception occured (i.e. the line of code) and what that particular piece of code needs to work in terms of references. Do this by looking at the using statements:
Good luck :) Any questions?

Monday 27 August 2012

Upgrading to Windows 8

Bonjour Amigos, Just upgraded to Windows 8 Pro on the following machine: (Just look at the spec)
It was a very seamless and easy installing, however my version of Kaspersky had to be un-installed as it was not compatible with Windows 8, apart from that everything else worked fine. At first it was difficult to use as navigating around the desktop (app) without a start icon is confusing...
Whenever you press the start key you are redirected to the new Windows start screen! It can be quite confusing at first but intuitive minds can get used to it quickly. For example, if you wanted to search for an application or file, you carry out the same action you would on Windows 7 START + "app name", however it looks completely different:
This concludes my analysis for upgrading to Windows 8, just to summarise I would recommend upgrading!

Monday 2 July 2012

Using ADO.NET to connect to a custom DB provider

Using ADO.NET is a great way to connect to data provider that exists outside the .NET framework to connect to a database. There are many data providers out there, MySQL,PostgreSQL, FlySpeed etc. which are in commercial use but are not neccesaraly that popular. It can be difficult sometimes create a DAL for a custom database architecture. Fortunately we have ADO.NET along with DbProviderFactory class which allows any custom DB provider to connect to the .NET CLR and allow developers to write custom execution queries against the database. When using these custom DB providers you need to update your application configuration file so that the .NET runtime has knowledge of the DbProviderFactory that you intend on using, if you check your machine.config (C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Config) for .NET v4.0 you'll should see the following entries:

<section name="system.data" type="System.Data.Common.DbProviderFactoriesConfigurationHandler, System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />



<DbProviderFactories>       
     <add name="Microsoft SQL Server Compact Data Provider" invariant="System.Data.SqlServerCe.3.5" description=".NET Framework Data Provider for Microsoft SQL Server Compact" type="System.Data.SqlServerCe.SqlCeProviderFactory, System.Data.SqlServerCe, Version=3.5.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />
         
    <add name="Microsoft SQL Server Compact Data Provider 4.0" invariant="System.Data.SqlServerCe.4.0" description=".NET Framework Data Provider for Microsoft SQL Server Compact" type="System.Data.SqlServerCe.SqlCeProviderFactory, System.Data.SqlServerCe, Version=4.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />   
    
    <add name="MySQL Data Provider" invariant="MySql.Data.MySqlClient" description=".Net Framework Data Provider for MySQL" type="MySql.Data.MySqlClient.MySqlClientFactory, MySql.Data, Version=6.3.6.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" />     
</DbProviderFactories> 

These are the default factories that cone with the .NET framework, however if you want to introduce your own custom factory you can just add an entry. Depending on whether you want your factory to be available across applications or not you could add the entry to your local application/web configuration file.