All ASP.NET MVC Forms Need To Include Html.AntiForgeryToken() For Security

image.png

Having recently been implementing many new form pages in ASP.NET MVC, I’ve found myself over and over again adding the following two things to every form. After Html.BeginForm() I Put @Html.AntiForgeryToken() Add the Attribute [ValidateAntiForgeryToken] To Every Post Action Method Before I was doing so much ASP.NET MVC, I would often see in Channel 9 videos, the presenter add the AntiForgeryToken() after the BeginForm() method on the cshtml razor page and say something like “you should always add this”.  I never saw them say “and don’t forget to add the attribute ValidateAntiForgeryToken to the controller POST method. Just to be clear, below is what I’m talking about: What this does is to make sure that the trusted … Continue Reading

Tuples In C#, A Useful Example

Background Last year I worked consulted with a company that had an engineer that used tuples in C# and tried to explain to me how they were useful.  To be honest, I never quite saw the value proposition (until today).  I remember he kept saying they were kind of like key value pairs but could go beyond that.  I remember those words but never internalized that. The Example My example is a simple one.  I’m currently working on providing data to an external application that will provide business intelligence (help with session selection) to the Silicon Valley Code Camp web site.  The data I’m providing is every mark of interest and plan to attend for every session ever given at code camp (that’s 220,000 … Continue Reading

Move Existing NodeJS Site To Windows Azure Websites

image.png

Background Mr Glen Block (formerly of Microsoft) has really good video he did while at the Sencha Conference in 2013 in Orlando on how to work with NodeJS as an Azure Web Site.  Azure Websites are a great way to easily spin up low cost web sites that can scale in a big way.  I will not go into all the details of the setup but will fork part of his discussion on how to take an existing azure web site and push it to node.  There are a couple interesting differences in my discussion that are particularly useful.   The value add here is I’m assuming you already have a Git repository For your node project that does not have the root as the NodeJS directory.  That is, in Glen’s talk he assume you are starting a node project from … Continue Reading

Commands (CLI) to remember for Azure, NodeJS and MongoDb

Having just started using Azure Web Sites with NodeJS and MongoDB I thought I’d blog several of the commands I use often (mostly for me to go back to).  Here is my short list NodeJS node server.js – starts node node –debug server.js – starts node and enables debugging (needs npm install –g node-inspector) npm install – installs all node packages in project MongoDb mongod – starts mongo daemon mongostat – shows stats while mongodb running mongotop – shows top mongo processes Windows Azure CLI npm install azure – so you can use azure command line (cli) npm install azure-cli –g azure site create mywebsite azure site list azure site start mywebsite azure site delete mywebsite azure site log … Continue Reading

Follow

Get every new post delivered to your Inbox

Join other followers: