Hello, I'm Jason
I live with my family in the rolling hills of Northeastern Pennsylvania. I'm a web developer by trade, but have broad experience in various business areas. Want to know more about me?
I just finished reading a post by Julie Lerman about “Fake AJAX” better known as FAJAX and couldn’t stop laughing. I know exactly what she means. If I counted the number of times users have asked me why does my page go blank when I click a button…Read More
I came across a blog entry by Rich Strahl about adding stylesheets to ASP.NET 2.0 web pages. The way Rick explained it is that he’d recommend a
contentplaceholder in the header section of a
MasterPage and to set the properties there. That’s just fine and dandy if the content you’d like to set is in a
MasterPage to Page setup. However, you can easily set the header information programmatically in 2.0 by accessing the new Header class. Here is an example of how to do this:
1 2 3 4 5 6 7 8 9 10 11 12 13 Dim KeywordsHtmlMeta as new HtmlMeta KeywordsHtmlMeta.Name = "Keywords" KeywordsHtmlMeta.Content = "ASP.NET, Blog, Jason, Gaylord" Page.Header.Controls.Add(KeywordsHtmlMeta) Dim CSSHtmlLink as new HtmlLink CSSHtmlLink.href="~/style.css" CSSHtmlLink.Attributes.Add("rel", "Stylesheet") CSSHtmlLink.Attributes.Add("type", "text/css") CSSHtmlLink.Attributes.Add("media", "all") Page.Header.Controls.Add(CSSHtmlLink)
I was checking my website stats earlier today and noticed that Oracle was sending traffic to my site. Apparently, my site is listed in their documentation at [http://www.oracle.com/technology/products/jdev/htdocs/10.1.3.0.3/readme.html]http://www.oracle.com/technology/products/jdev/htdocs/10.1.3.0.3/readme.html). According to their site, I’m using technology that’s far too advanced for their [jdeveloper web service data control]http://www.oracle.com/technology/products/jdev/htdocs/10.1.3.0.3/readme.html#url2).Read More
Last night at our .NET Valley event, we discussed security. The conversation started with an open ended question by Microsoft TechNet Presenter, Mike Murphy, asking “How do you know if you’ve been hacked?” Many of the IT Professionals gave their answer and then one of the developers there gave the answer “Besides event logs, I’m not sure.” This was a great answer. Reason is, most developers aren’t sure how to detect hackers. I won’t go into things you can look for here, but rather point out that developers know what to do to prevent hacking. The problem that we all agreed on last night is that everyone needs to be on the same page. Meaning, developers have to chat with dba’s, network admins have to discuss upgrades with developers, etc. Probably the biggest gap is that non-IT employees have to understand why IT spends money on security and the implications it can have on the business. Since 9/11, many companies have implemented disaster recovery plans which is great. However, many of these plans don’t include disasters such as the backup jobs becoming corrupt (see DotNetValley.com for more info on this one) or data being leaked (Veteran Affair incident last week). Even more common than these two incidents are things such as using impersonation to impersonate the account Administrator, requiring applications have Full Trust in .NET, leaving the sa username enabled on a SQL box with a blank password, and using weak password on “face” applications (ie: websites, web services, etc). As developers, we need to ensure that our methodology or development process includes full testing for security because in many of these cases, an intrusion detection system (IDS) cannot recognize these issues.
<ramble end="true" />
I’m not sure who came up with this idea but apparently Microsoft is working with a few other companies such as Lenovo and Intel to create a Pay as You Go service for PCs. This new service is called FlexGo. There are a few ways that FlexGo would work. What do you think about this type of service?Read More
Little did I realize yesterday that when I posted the blog entry about the Microsoft Word exploit that this exploit does in fact affect other applications. In our organization one of our departments utilizes an application that uses Word for reporting capabilities. Since it merges data from a Pervasive SQL database, the easiest way for them to setup the reporting capabilities was by creating a macro library. However, the library needs access to things such as a network share, folder structures, and file permissions. So, these users needed Word’s macro security set to low. If we force all users to use MS Word in safe mode, these macros will not run. I wonder what other apps are affected? I didn’t try running safe mode yet with Microsoft Small Business Accounting, but I wonder if the Word reporting works in safe mode with SBA? SBA uses smart documents.Read More
One of the items on my list of things to do was to create a vsi file for easy installation of a custom snippet library we had created. Since I never had to create a VSI file before and I remember that some ASPInsiders questioned the VSI file back around Beta 1 because there were some issues, I really wasn’t sure how easy it would be to create one. Then I found a great tutorial on MSDN called How to: Package Community Components to Use the Visual Studio Content Installer. It’s definitely a great resource to build VSI’s.Read More
Microsoft Word was found to have a vulnerability by allowing remote execution of code. Although a patch is on the horizon, Microsoft is recommending that you run Microsoft Word in safe mode and disable Outlook from using Microsoft Word as the email editor. For more information, click on the link above.Read More