Dino Esposito

Dino Esposito has authored more than 20 books and 1,000 articles in his 25-year career. Author of “The Sabbatical Break,” a theatrical-style show, Esposito is busy writing software for a greener world as the digital strategist at BaxEnergy. Follow him on Twitter: @despos.

Follow Dino Esposito via
19 September 2017
19 September 2017

Abstracting System Time in ASP.NET Applications

0
17
When designing web applications, it is a good idea to be cautious about the way you handle the time of day and calendar. It can get complicated when you have servers in different time zones and the user of the time-sensitive application may, or may not, want his local time, including daylight-saving adjustments, to be assumed. Problems pop up unexpectedly, so maybe it is better to tackle the issue up-front. Dino Esposito explains.… Read more
0
17
17 July 2017
17 July 2017

Anti-Forgery Validation in ASP.NET Core

0
17
Hackers use the cross-site request forgery technique to grab the identity and privileges of legitimate authenticated users of a site to then perform any action that the victims have rights for. Without a way to detect this, the site will have no way to distinguish between a forged and legitimate request, ASP.NET has a robust defense if you remember to implement it, and Core introduces some other ways to ensure that this forgery can't succeed. … Read more
0
17
05 July 2017
05 July 2017

Revisiting Script Injection in ASP.NET

0
12
The danger of Cross-Site Scripting (XSS) has to be dealt with in any web application. You do this by validating the input from all possible channels. by constraining it in terms of its range, type and length, and by encoding the output from views. ASP.NET has some built-in validation of requests that can be extended to make it more effective, but this approach has changed with ASP.NET Core to place the onus on the application developers to provide the middleware to perform effective validation that is fine-tuned to the application. Dino Esposito explains.… Read more
0
12
08 June 2017
08 June 2017

Control the Controller in ASP.NET MVC

0
13
Because of its obvious importance in coordinating the MVC application, we tend to be wary of being too adventurous with it, but there are some interesting features that can sometimes be exploited to provide for less common requirements. The controller in ASP.NET MVC core, for example, can be a plain-old C# class (POCO), making it easier to create file-based content on the fly. The DefaultControllerFactory class can be changed, and you can override the GetControllerType method with a custom factory to give you localized routes and URLs. Dino explores some of the interesting internals of ASP.NET MVC controllers… Read more
0
13
25 April 2017
25 April 2017

Improvements to Model Binding in ASP.NET Core

0
29
Model Binding has been a popular feature of ASP.NET MVC, but has, before now, had some minor restrictions. ASP.NET Core now has enhanced model binding: If a value passed via routes, posted data, or query strings couldn't be bound appropriately, it forced a global exception. Now, there are a number of ways of providing a more graceful reaction to incorrect data. You can now force the binding to a given source or create new sources for binding to. Dino Esposito explains.… Read more
0
29
27 March 2017
27 March 2017

Model Binding in ASP.NET Core

0
39
Model binders work under the covers in ASP.Net MVC to provide the data for the action methods on a controller class. This data is held by the incoming HTTP request embedded into POST-ed form values, and maybe even the URL itself. Much magic is performed to get this right and, with some care, you can ensure that you can bind to object data, arrays and collections, as well as providing default values.… Read more
0
39
14 February 2017
14 February 2017

The Common Problems of Data Grids

0
9
Data grids are easy to do in HTML, and if we want anything complicated in terms of scrolling, locking and data entry, we usually shrug and buy a component to do it. However, there is a lot to be said for the approach of creating tables using a basic JavaScript platform such as jQuery, perhaps using a plugin which you can then customise. Dino talks you through this approach, showing how to take the DataTables plugin and implement locked columns, on-demand paging and filtering.… Read more
0
9
14 December 2016
14 December 2016

Pragmatic Web Error Handling in ASP.NET MVC

0
29
There is a pragmatic approach to error handling in ASP.NET MVC. This is the idea of recovering gracefully from those unhandled exception errors where remedial action cannot be taken under the current context, by passing control to a specified URL that is designed to deal with a particular category of application-specific error. Dino Esposito elaborates on a pattern that prevents unhandled exceptions from bubbling up well beyond the intended sco… Read more
0
29
16 September 2016
16 September 2016

Multi-Step Input Forms in ASP.NET MVC

0
74
It is a common problem with a web page that a form is too complex to fit easily on the page. You can, of course, rely on the scrollbar, but it soon becomes a daunting and erratic process for the poor user. Wizards, that allow you to guide the user through a process, are great but take time to set up. Is there a simple solution for those occasions where there is too much data-entry for a form but a full wizard seems like overkill?… Read more
0
74
25 August 2016
25 August 2016

Taking Pictures from HTML

0
31
Sometimes a request from a user who doesn't appreciate the limitations of the technology can jolt you into discovering that an application feature that was, until recently, difficult to achieve is suddenly relatively easy. Dino was asked to allow the user to take photographs and associate them with an item of work. After he'd recovered from the shock, he decided that it was achievable, and now describes how he went on and did it.… Read more
0
31
18 July 2016
18 July 2016

Accepting Dates in Web Pages

0
4
Surely, not much could be simpler than using the HTML INPUT element? Actually, it was always a trouble for dates, what with having to check dates for validity and coping with all the languages and conventions. Now with HTML5, the 'date' type, and so many date-pickers that are either built-in or part of frameworks, it can become a complex decision about how you best deal with date input. Dino explains the issues of inputting dates into web applications.… Read more
0
4
20 June 2016
20 June 2016

Crossing the Site Domain with JavaScript

0
19
Browsers try to prevent a range of malicious attacks by preventing content being accessed by a web page from a different domain to the one that the page was fetched from. If you have a legitimate need to do this, it is a bad idea to disable this method of defence: Instead, there are more legitimate and safer ways of performing cross-domain JavaScript calls such as JSONP or Cross-Origin Resource Sharing, as Dino explains.… Read more
0
19
24 May 2016
24 May 2016

The Plain Simple Password Page Not So Simple Anymore

0
19
The requirements for the management of passwords have become far more complex over the past few years in response to the increasing sophistication of security breaches. Nowadays, you need to provide a range of features such as hashing, routine change of passwords, preventiion of repeat passwords, email confirmation, auto-generation of random passwords and password quality checks. Dino Esposito explains.… Read more
0
19
13 April 2016
13 April 2016

ASP.NET Core: A More Realistic Starter Kit

0
37
ASP.NET Core is a fascinating platform with many good ideas, but in its present form (RC1)there is a culture shock for experienced ASP.NET developers to experience the effort involved in porting a realistic application. There is an obvious advantage in being able to host an application on any web server, but is this enough to compensate for losing the convenience of an integrated pipeline?… Read more
0
37
16 March 2016
16 March 2016

Posting Form Content via JavaScript

0
13
Web-based applications run smoother if instead of using the traditional form method, they use JavaScript to post data to the server and to update the user interface after posting data: It also makes it easier to keep POST and GET actions separated. SignalR makes it even slicker; it can even update multiple pages at the same time. Is it time to use JavaScript to post data rather than posting via the browser the traditional way?… Read more
0
13
16 February 2016
16 February 2016

Keeping POST and GET Separated

0
21
The occasional problems that you can get with POST and GET are typical of the difficulties of separating any command and query operations. This separation is tricky to achieve, at least in ASP.NET MVC. Dino suggests some ways of avoiding errors and minimising the confusing warning messages.… Read more
0
21