by bill-s, 2019-02-13T07:17:07.555Z
1. Broken authentication and session management
2. Sensitive Data Exposure & Audit trail
3. Cross-Site Scripting (XSS) attacks
4. Malicious File Upload
5. Security Misconfiguration (Error Handling Must Setup Custom Error Page)
6. Version Discloser
7. Cross-Site Request Forgery (CSRF)
8. XML External Entities (XXE)
9. Insecure Deserialization
10. SQL Injection Attack
by bill-s, 2019-02-11T08:12:19.694Z
In this benchmark test, we compare three web application servers—Go, Node, and Elixir (Cowboy)—by subjecting each to a synthetic workload, first with 10k, and later with 100k connections.
by bill-s, 2019-02-11T08:11:24.720Z
I've been using ILMerge and various hacks to merge/squish executables together for well over 12 years. The .NET community has long toyed with the idea of a single self-contained EXE that would "just work." No need to copy a folder, no need to install anything. Just a single EXE.
by bill-s, 2019-02-11T08:16:07.853Z
You start developing an ASP.NET Core application to run it in Kubernetes and suddenly you find yourself creating a docker file, building an image, pushing the image to a registry, creating both a deployment and a service definition for Kubernetes and you wonder if there is a tool out there to help you streamline the whole process.
by bill-s, 2019-02-11T08:18:04.529Z
by ThomasArdal, 2019-02-13T08:40:38.008Z
This post will show you how to utilize ASP.NET Core to specify individual settings per developer in your team, using appsettings and environment variables.
by dnwuHJij0jJ9Q, 2019-02-13T15:10:34.050Z
Video interview of Anders Hejlsberg
by bill-s, 2019-02-11T08:20:38.398Z
In this third and last post of the series on handling AtomicPay's webhook, I will show you how to prepare your Azure Function to send push notifications (using Android as an exemplary receiver).
by bill-s, 2019-02-14T06:15:11.486Z
As most developers would know, debugging is one of those tasks which can make life a whole lot easier when trying to identify that mind boggling issue occurring in code. For some time now the Serverless Framework has had the ability to locally invoke Lambda Functions written in NodeJS, Python, Java and Ruby or run them locally using the serverless-offline plugin (and a number of variants such as the one for Python). To date, this has seemed extremely difficult for .NET Core developers to do. Myself and other developers I know of who write in .NET have resorted to just logging everything to console, building and deploying to AWS to see what is going wrong.
by bill-s, 2019-02-14T21:29:50.683Z
Microsoft is holding a day-long, virtual launch event for the next major version of its developer platform, Visual Studio 2019, on April 2. Microsoft plans to highlight how the 2019 release can improve developer productivity and take advantage of (what else?) AI features, according to the Visual Studio 2019 launch page.
by bill-s, 2019-02-11T08:14:41.201Z
This post follows on somewhat from my recent posts on running async startup tasks in ASP.NET Core. Rather than discuss a general approach to running startup tasks, this post discusses an example of a startup task that was suggested by Ruben Bartelink. It describes an interesting way to try to reduce the latencies seen by apps when they've just started, by pre-building all the singletons registered with the DI container.
by cezarypiatek, 2019-02-11T22:13:13.583Z
In the early days of dotnet core, there was an attempt of changing the C# project file format. The old “csproj” based on XML format was replaced with .xproj/project.json. However, after releasing dotnet core 1.0 the authors decided to get back to XML file. The format stayed the same but the specification went through a major change. With the new schema, a lot of improvements come into .net development and they are not restricted only to dotnet core projects.
by bill-s, 2019-02-11T08:22:12.348Z
The second preview of Visual Studio 2019 is now available for download. This release contains a number of improvements and additions to the core experience and different development areas, many of which are a result of your direct feedback. As always, you can check out the release notes for more details or read on for the highlights.
by bill-s, 2019-02-11T08:18:41.043Z
Of course the dependency might not be so explicit. You could have a test that calls into code, that calls some other code, and the other code needs an environment variable. Or, maybe you have a script or tool that needs an environment variable. The question is - how do you setup environment variables in a DevOps pipeline?
The answer is easy - when a pipeline executes, Azure will place all pipeline variables into environment variables, so any tools, scripts, tasks, or processes you run as part of the build can access parameters through the environment
by bill-s, 2019-02-11T08:17:14.968Z
It has been a little over 7 years since I left my day job at Canon crafting wonderful printer workflow management software, to dive into the world of mobile development. At the time it was an extremely tough decision because I had been only working on desktop Windows Forms and WPF applications, and this change meant entering a whole new unknown world of platforms that I didn't know much about. This move was not only changing my main day job, but also the city that I lived in with a fresh start in Seattle. At the time I didn't know what I was in for since the change in my career and living situation was so drastic. I was so lucky to have had the option to explore cross-platform technologies which is what led me to find Xamarin. Finding this single piece of technology completely shifted and revolutionized my entire life as a developer. I thought what time is better than now to reflect back on my love for this technology that put me where I am today.