January 2007 Blog Posts
I'm currently doing the same code for my CardSpace presentation at WebDD this Saturday (I have five days to go, believe me this is well prepared to some presentations I've done) and I've noticed there's a lack of branding around CardSpace. One of CardSpace's advantages over, say, OpenID, is that it presents a consistent user interface in the form of the client identity selector but there are no graphics or suggested styles for login pages that utilise it.
Kim Cameron's blog uses a picture of Elastagirl and asks you to login using an "Info Card", the Microsoft CardSpace sandbox uses a gray...
Acronym soup time. For the past 3 weeks I've been working in Edinburgh attempting to write a user friendly menu program for a major company's build process. The company uses WinPE, a stripped down version of Windows XP which allows users interaction. Eventually the process hands off to SMS which installs the operating system and the ancillary applications. The requirement for the menu program was a wizard like system which prompts the user for the build requirements, pulling the options from a database and then writes a single record to a database. Simple enough, even when constrained to an HTA;...
I've been having some problems in IE lately after "developing" the current skin for subtext; when it scrolled text would get lost. An email from a product manager in Microsoft Scotland who was running my engagement up there for the last three weeks give me the kick up the backside I needed. Basically when I scrolled up or down text would get lost; anything from the bottom half of a line to whole paragraphs and more, for example; It turns out (surprise) to be an IE bug. After posting a plea on channel9 for help; IE didn't cope well with...
This month I've been doing some work in WinPE. For those that don't know what it is it's a stripped down version of Windows for Preinstallation Environment(s). It provides a bootable CD (or RIS image delivered over the network when a bare metal machine is booted, assuming it supports PXE). The environment is rather limited, but can be built to support Windows Shell Scripts, ADO and HTA. The client requirement was to write an HTA menu program which would write a bunch of database entries which would then be picked up by their existing SMS based installation environment. Setting...
BarCamp2 London has been announced. For those who've never heard of a BarCamp think of it as a geek anarchist conference. There's no agenda. There's no real plan. Turn up on the 17th of February, sleep over somewhere till the 18th with your laptop and signup to present on the day. And maybe people will come over and hear you speak. Maybe not.
How useful will it be? Well unfortunately you can't see any of the presentations from the last event; there's no pointers to them. Will you get a good reception if you want to wander off piste into talking about non-FOSS stuff? Will...
The nxtgenug crew have grabbing Denis Cruz again for a couple of two day training courses, March in Leamington Spa and April in London. Having sat on the panel with Denis during the Ed Gibson road shows and having seen him at various DeveloperDays I can't recommend him enough (even if Dave thought we were both about to punch either other during the panel discussion <g>). He's insanely passionate about security and scarily knowledgeable. The course aims to cover such topics as Security Principles, .NET Framework Architecture, Threat Modeling, Discovering Vulnerabilities, Penetration Testing Techniques and Secure Coding Techniques. If he...
WebDD registration is now open; you can register online here.
One of the things I try to hammer home in my presentation is you should never emit user input without making it safe. The HttpUtility class provides developers with two main methods for this, HtmlEncode and UrlEncode. HtmlEncode will take a string and escape it so that it is safely displayable on screen, removing the risk of Cross Site Scripting attacks. UrlEncode takes a string and escapes it to a format suitable for use in a URL and is usually used to encode query values, escaping such characters as = and & into their encoded values; but what happens...
The next meeting of the nxtgenug Oxford branch covers "Object Orientation";
Have we got object-orientation all wrong? "Object Thinking" (ISBN 0-7356-1965-4) by David West asserts that we have. Alan Dean explores this assertion, and demonstrates self-describing objects / self-evaluating rules with code examples.
The meeting will be held at the Research Machines offices, Abingdon on January 17th. If you want to attend please register and sign up on the nxtgenug web site. As a bonus we've finally gotten Dave Oliver to do some real work and he will be presenting a nugget on some of the BI tools that come with SQL...
Phil Winstanley announced that the WebDD Backnetwork Registration is open. It might give you something to do whilst you wait for general registration to open (although if you hunt around you might find that a particular UK mailing list already has the registration URI. As a speaker I received my invitation to the Backnetwork last night. I will freely admit I went "huh". Basically it's a social networking site (yes, I can see you roll your eyes from here) especially for the even. It crawls technorati and flickr looking for posts tagged with WebDD. It makes a lot of things available in microformats, which will...
Not content with having DeveloperDay twice a year at no cost there's now a new UK event, WebDD. Like DDD it's free, held on a Saturday at Microsoft, the 3rd of February to be precise. This free conference features some rather stunning speakers including ASP.NET's very own Scott Guthrie, Dave Verwer of the Ruby world and two guys from Telerik, Hristo Deshev and Zhivko Dimitrov. Oh, and me. Again. (Yes, my name isn't spelt right on the speaker list yet, but frankly the idea of meeting Scott Guthrie overshadows that by a long shot! [edit] five minutes and it's fixed, heh.) The...
Word 2007 gives you the option to publish your documents to your blog. Unfortunately subtext isn't one of the listed providers given in the account setup process. In order to setup subtext you need to choose "Other" from the drop down and enter the details for your blog.
Subtext publishing is done through the MetaWebLog API and, starting with version 1.9, supports the uploading of embedded images through the newMediaObject method of that API (although for some reason Word 2007 doesn't seem to like doing this at all). This just leaves you, the user, to work out what the...
So I'm now hosting on a US server which is, of course, configured for US date formats, number formats etc. Whilst subtext has the option to set a culture it, err, doesn't work. Of course being open source (BSD licensed, so you can do what you want with it) the code is available, but there is a lazy way whilst you wait for 2.0 to arrive. Open up your web.config file and look for the system.web section. Near the top you should see<globalization culture="en-US" requestEncoding="utf-8" responseEncoding="utf-8" />
Simply change the culture to the one you desire (en-GB in my...
One of the difficulties I had in migrating was that all my URIs would change. Hopefully I've gotten everything redirecting; I ended up writing a couple of ASPX files to do it. However when I uploaded them and tried them out all I got was the blog home page.After much puzzling I gave up and emailed the subtext dev list and Steve Harman provided the answer. Subtext implements a bunch of ASP.NET HTTP Modules and Handlers. These bits of code sit in the HTTP request pipeline and process incoming requests, flowing through all the HTTP Modules before ending up with...