It may seem a tricky task to create a Chrome extension with TypeScript and Angular 4 but it turns out to be relatively simple. The advantage is that you gain the modularity of Angular and the object-oriented programming experience with strong typing of Typescript. Jacub explains how it is done.… Read more
Although configuration data kept in a user profile folder is reasonably secure for development work, all bets are off once it gets saved with the project. Passwords in source code are always wrong. 'User Secrets' can help but are only intended for development work. There are plenty of ways of ensuring that such things as connection strings with passwords or API keys are properly encrypted or protected. Dino Esposito explains.… Read more
Angular is a great way of creating single-page applications that are easily testable, and have Dependency Injection and Separation of Concerns built-in with the framework. However, it faces you with having to make architectural choices and the best choice depends on the needs of the project, the team's expertise, and the deadlines. So how do you get started, and which is the right path for your particular application?… Read more
When designing web applications, it is a good idea to be cautious about the way you handle the time of day and calendar. It can get complicated when you have servers in different time zones and the user of the time-sensitive application may, or may not, want his local time, including daylight-saving adjustments, to be assumed. Problems pop up unexpectedly, so maybe it is better to tackle the issue up-front. Dino Esposito explains.… Read more
How can you ensure that passwords conform to a policy, even if they are used for connecting applications to databases? Absolving them from the policy is a security risk and you don't want to trouble the users with password changes. Dennes Torres shows how to manage application users’ passwords in Entity Framework; so that no one, not even the database and IT administrators, knows the current password.… Read more
The C++/CLI is a dialect of C++ that is designed to work with the Common Language Infrastructure (CLI). It is a replacement for 'Managed C++' and makes every feature of the CLI easily accessible from C++. Mircea demonstrates the architecture that is involved in a C++/CLI wrapper that allows you to use both managed and unmanaged code, and to provide the choice of controlling memory directly.… Read more
When your application is running slowly, the reflex action is to blame the database queries. It is certainly true that some of the more extravagant delays can be fairly blamed on a missing index or unnecessary locking, but there are other potential villains in the drama, including the network and the application itself. Dan Turner points out that you could save a lot of time and money by working out for sure where the problems lie before diving into the detail.… Read more
Tuples have many uses in languages like F# and Python; they underlie relational theory. The .NET support for tuples seems rather limp by comparison. Why is this, and what are the obvious uses for tuples in C#? Tom Fischer takes on the cause of C# tuples and tackles the 'what', 'why' and 'when'. He makes the case for using them, while explaining the tribulations of the .NET implementation in the past.… Read more
Python is new to SQL Server 2017. It is intended primarily to allow the use of Python-based machine-learning within SQL Server, but it can be used for far more than this, with any Python libraries or Frameworks. To provide an example of what is possible, Hitendra shows how to use the feature securely to provide intelligent application caching, where SQL Server can automatically indicate when data changes to trigger a cache refresh. … Read more
Entity Framework (EF) is designed to work with a variety of data sources. Although this presents many advantages, there is a downside that many of the special features of a data source such as SQL Server are off-limits. Query Hints are an example: though often misused, they are occasionally important. Dennes Torres shows how you can use these in EF, using a command interceptor that will allow you to use any query hint with SQL Server.… Read more
Encrypting web.config elements is a good security feature. Web.Config elements can include passwords and important keys that we need to protect.Encrypting web.config elements is a good security feature. Web.Config elements can include passwords and important keys that we need to protect. There are several methods to encrypt the web.config: Using a command line statement Using … Read more
SQLCLR is now considered a robust solution to the few niche requirements that can't be met by the built-in features of SQL Server. Amongst the legitimate reasons for avoiding SQLCLR, there is the fear of getting bogged down in code with special requirements that is difficult to debug. Darko takes a real example, extending the features of sp_send_dbmail, to demonstrate that there need be few terrors in SQLCLR.
… Read more
Hackers use the cross-site request forgery technique to grab the identity and privileges of legitimate authenticated users of a site to then perform any action that the victims have rights for. Without a way to detect this, the site will have no way to distinguish between a forged and legitimate request, ASP.NET has a robust defense if you remember to implement it, and Core introduces some other ways to ensure that this forgery can't succeed. … Read more
The danger of Cross-Site Scripting (XSS) has to be dealt with in any web application. You do this by validating the input from all possible channels. by constraining it in terms of its range, type and length, and by encoding the output from views. ASP.NET has some built-in validation of requests that can be extended to make it more effective, but this approach has changed with ASP.NET Core to place the onus on the application developers to provide the middleware to perform effective validation that is fine-tuned to the application. Dino Esposito explains.… Read more
The OpenAPI ‘Swagger’ Specification defines a protocol that allows applications to discover, and generate documentation of methods, parameters and models of REST APIs, This provides a way for any software to identify the features of a REST API. It does for REST APIs what WSDL (Web Service Description Language) did for web services. Visual Studio now provides it to support proxy creation for REST APIs, as Dennes Torres explains.… Read more
Because of its obvious importance in coordinating the MVC application, we tend to be wary of being too adventurous with it, but there are some interesting features that can sometimes be exploited to provide for less common requirements. The controller in ASP.NET MVC core, for example, can be a plain-old C# class (POCO), making it easier to create file-based content on the fly. The DefaultControllerFactory class can be changed, and you can override the GetControllerType method with a custom factory to give you localized routes and URLs. Dino explores some of the interesting internals of ASP.NET MVC controllers… Read more
Before you report your conclusions about your data, have you checked whether your 'actionable' figures occurred by chance? The Kruskal-Wallis test is a safe way of determining whether samples come from the same population, because it is simple and doesn't rely on a normal distribution in the population. This allows you a measure of confidence that your results are 'significant'. Phil Factor explains how to do it.… Read more
PowerShell is a scripting language, and like all scripting languages it struggles to perform well with rapid iterative processes such as aggregation. It isn't well-known that PowerShell can use LINQ for many of those tasks which would otherwise use iteration, though somewhat awkwardly. However, some of the speed improvements you can get are startling. To get you well started, Michael explains every LINQ function , gives you example code in C#, The PowerShell way of getting the result, and finally Powershell's use of LINQ. This article could change the way you use PowerShell.… Read more
LINQ is best learned from examples, but few LINQ resources supply, along with the code, pictures that illustrate what each associated LINQ operator in the code is doing. This article is a visual index of all LINQ operators, that explain clearly with code and illustrations what even the most arcane LINQ operators actually do. To increase your enlightenment, it is accompanied with a reference chart to provide even more detail. Michael Sorens is, with these two articles, determined to persuade you of the power of LINQ.… Read more
Here is a handy wallchart that condenses the information contained in our article 'The Visual LINQ Lexicon' even further, but which adds some more technical specs that allow you, for example, to see at a glance which operators use deferred execution and which use immediate execution. You can use it to see what operators use lambda syntax and which ones are available in query syntax. You can see all the other key properties of all the LINQ operators, even including even how much of a sequence a given operator actually consumes. Click here to download the PDF version of the reference chart: … Read more
