By need

By role

Dino Esposito

Dino Esposito has authored more than 20 books and 1,000 articles in his 25-year career. Author of “The Sabbatical Break,” a theatrical-style show, Esposito is busy writing software for a greener world as the digital strategist at BaxEnergy. Follow him on Twitter: @despos.
17 November 2017
17 November 2017

ASP.NET Core Tag Helpers for Bootstrap

1
6
The ASP.NET Core tag helpers improve on the HTML templated helpers in ASP.NET MVC 5. ASP.NET Core comes with some useful stock tag helpers for common tasks such as creating custom elements or extending existing HTML elements, but their use can be extended to making a framework such as Bootstrap easier to work with. Dino shows how helpers are used, and demonstrates a Bootstrap Modal Tag Helper… Read more
1
6
31 October 2017
31 October 2017

The Secrets of ASP.NET Core User Secrets

0
8
Although configuration data kept in a user profile folder is reasonably secure for development work, all bets are off once it gets saved with the project. Passwords in source code are always wrong. 'User Secrets' can help but are only intended for development work. There are plenty of ways of ensuring that such things as connection strings with passwords or API keys are properly encrypted or protected. Dino Esposito explains.… Read more
0
8
19 September 2017
19 September 2017

Abstracting System Time in ASP.NET Applications

22
16
When designing web applications, it is a good idea to be cautious about the way you handle the time of day and calendar. It can get complicated when you have servers in different time zones and the user of the time-sensitive application may, or may not, want his local time, including daylight-saving adjustments, to be assumed. Problems pop up unexpectedly, so maybe it is better to tackle the issue up-front. Dino Esposito explains.… Read more
22
16
17 July 2017
17 July 2017

Anti-Forgery Validation in ASP.NET Core

7
11
Hackers use the cross-site request forgery technique to grab the identity and privileges of legitimate authenticated users of a site to then perform any action that the victims have rights for. Without a way to detect this, the site will have no way to distinguish between a forged and legitimate request, ASP.NET has a robust defense if you remember to implement it, and Core introduces some other ways to ensure that this forgery can't succeed. … Read more
7
11
05 July 2017
05 July 2017

Revisiting Script Injection in ASP.NET

1
9
The danger of Cross-Site Scripting (XSS) has to be dealt with in any web application. You do this by validating the input from all possible channels. by constraining it in terms of its range, type and length, and by encoding the output from views. ASP.NET has some built-in validation of requests that can be extended to make it more effective, but this approach has changed with ASP.NET Core to place the onus on the application developers to provide the middleware to perform effective validation that is fine-tuned to the application. Dino Esposito explains.… Read more
1
9
08 June 2017
08 June 2017

Control the Controller in ASP.NET MVC

5
11
Because of its obvious importance in coordinating the MVC application, we tend to be wary of being too adventurous with it, but there are some interesting features that can sometimes be exploited to provide for less common requirements. The controller in ASP.NET MVC core, for example, can be a plain-old C# class (POCO), making it easier to create file-based content on the fly. The DefaultControllerFactory class can be changed, and you can override the GetControllerType method with a custom factory to give you localized routes and URLs. Dino explores some of the interesting internals of ASP.NET MVC controllers… Read more
5
11
25 April 2017
25 April 2017

Improvements to Model Binding in ASP.NET Core

5
24
Model Binding has been a popular feature of ASP.NET MVC, but has, before now, had some minor restrictions. ASP.NET Core now has enhanced model binding: If a value passed via routes, posted data, or query strings couldn't be bound appropriately, it forced a global exception. Now, there are a number of ways of providing a more graceful reaction to incorrect data. You can now force the binding to a given source or create new sources for binding to. Dino Esposito explains.… Read more
5
24
27 March 2017
27 March 2017

Model Binding in ASP.NET Core

5
24
Model binders work under the covers in ASP.Net MVC to provide the data for the action methods on a controller class. This data is held by the incoming HTTP request embedded into POST-ed form values, and maybe even the URL itself. Much magic is performed to get this right and, with some care, you can ensure that you can bind to object data, arrays and collections, as well as providing default values.… Read more
5
24