Notes From My Basement

Via Jeff Attwood's post, in summary (because his posts tend to be very, hmm, thorough):

The primary improvement here is that we're only accepting a whitelist of known good URL characters. Allowing arbitrary random characters in URLs is setting yourself up for XSS exploits, and I can tell you that from personal experience. Don't do it!

We only allow certain characters to "end" the URL. Ending a URL in common punctuation marks like period, exclamation point, semicolon, etc means those characters will be considered end-of-hyperlink characters and not included in the URL.

Parens, if present, are allowed in the URL -- and we absorb the leading paren, if it is there, too.

The regular expression is:

\(?\bhttp://[-A-Za-z0-9+&@#/%?=~_()|!:,.;]*[-A-Za-z0-9+&@#/%=~_()|]

Tags: regex, coding

Via a dear friend of mine, this gem was made available for my enjoyment in all coincidence written the day of my birthday, and since being selfish is not in my nature I decided to share it with the five of you (literally).

Tags: funny, coding

I love these as a quick, hands on way (my favorite) to get up to speed with skills and technology you may otherwise miss or take longer to catch up to.

Here is the training kit from the horse’s mouth:

The .NET Framework 3.5 Enhancements Training Kit includes presentations, hands-on labs, demos, and event materials. This content is designed to help you learn how to utilize the .NET 3.5 Enhancement features including: ASP.NET MVC, ASP.NET Dynamic Data, ASP.NET AJAX History, ASP.NET Routing, ADO.NET Data Services, ADO.NET Entity Framework, WCF 3.5 SP1, and the .NET Framework Client Profile.

Download the kit from here.

Tags: .net, c#, training, wcf, wpf, asp.net, free

I recently came across Microsoft StyleCop, that analyzes the code, within the IDE for style.  This includes things like naming conventions, formatting and other matters of visual appeal.  It differs from FxCop in that it doesn’t check for use patterns, it simply checks style. 

I’ve been looking at this tool in order to implement it at work, where we have a pretty consistent and adhered to coding standard, who’s style enforcement could be done by a tool and save some people some time.

In any case, I am sure most of you are familiar with it but I deemed it worth noting, writing about and referencing.

The team’s blog is a great resource for help, release announcements, and general information about the tool.

The tool itself is available here in its latest 4.3 release. 

Tags: c#, visual studio, .net, coding, free

Me and my addiction to books, especially FREE books.  Sorry.

Go to the Microsoft SQL Server 2008 Learning Portal, click on Special offers (or scroll down a bit), and follow the link.

Via the author's blog post.

Tags: free, books

Draft version, PDF delivered, Free.  I don't need to "sell it" to you do I?

DSA Book

Tags: free, books

I'll never tire of watching and being blown away by the technology available on the Microsoft Surface platform.  The application demoed is a WPF (official WPF site) application for the healthcare industry.

This is a quick 5 minute video worth every second.

Tags: wpf, frameworks, graphics, windows client

Quick note to link to the training kit released with the advent of .NET 3.5 SP1.

Complete kit with presentation & events materials, hands on labs and demos on:

• ASP.NET MVC
• ASP.NET Dynamic Data
• ASP.NET AJAX History
• ASP.NET Routing
• ADO.NET Data Services
• ADO.NET Entity Framework
• WCF 3.5 SP1
• .NET Framework Client Profile

Tags: .net, training, asp.net, links, tools, free

One feature in Visual Studio 2008 I found myself using frequently is this:

Right Click on the project in your project explorer, and the next to last option in the context menu is...

When building systems made up of many components that need to be "shuffled" around, from and to many solutions, across different locations for different reasons, it becomes a handy tool.

Tags: visual studio, .net

Just now, about an hour ago or so, I noticed my blog was down... i.e. ugly nasty ASP.NET yellow screen.  So I set out to quickly investigate and determine the root cause of the problem, and that I did.

Suddenly, for now reason at all.. literally.. I was getting a "Input string was not in a correct format." error

Nothing changed, nothing, nothing... unless my system was somewhat compromised... so WTF??

My temporary solution was to disable that extension (by moving the .cs file out of the extensions folder in the App_code directory, out to another folder).

I will need to further dig into this, unless it is something so evident that I am missing and that my currently fried brain is not processing correctly.

Tags: troubleshooting, blogengine.net, c#