Wednesday, 26 January 2011

Memory stream is not expandable

An upgrade to .Net 4 for an MVC app highlighted an issue with the MemoryStream class we were using in the framework. Seems that unless you use the default constructor, the stream cannot be expandable. If the stream expands you'll get a lovely System.NotSupportedException: Memory stream is not expandable error thrown at you like a ninja star. 

var ninjaStarStream = new MemoryStream(buffer); // Potential error
var fluffyStream = new MemoryStream(); // Stream is expandable :)

Consider yourself warned!

No comments:
Labels: ,

Monday, 10 January 2011

Monodroid

Now this looks interesting... .Net development for Android using Monodroid

I signed up to be put in the queue to be part of testing (so I can get the download), but some how stumbled upon the hidden download when browsing the site! #win

P.S. Does anyone want to but me a Nexus S?

No comments:
Labels: , ,

Firefox is King!

Internet Explorer loses its place as Europe's number one browser for the first time

...perhaps this will give Microsoft a kick up the arse!? Perhaps not.

IE's market share dropped to around 37.52 percent in December 2010 while Firefox's market share remained fairly consistent at 38.11 percent :)

No comments:
Labels: ,

Tuesday, 7 December 2010

Padding Oracle Crypto Attack (Update Released)

In case you missed it, you should by now all have updated your servers with the windows update to fix the Padding Oracle Crypto Attack:

Points worth noting:

  • You'll need to apply th fix to all your servers in the web farm as the encryption/decryption mechanism has changed.
  • Your users will have to log in again - forms auth tickets issued by your app prior to the update will no longer be valid.
1 comment:
Labels: , , ,

Catch-All MVC Route

A weird scenario may come up where you want all requests to an application routed to just one controller action in an ASP.Net MVC application, here's the catch-all route you'll need :) 

public static void RegisterRoutes(RouteCollection routes)
{
   routes.MapRoute(
      "Default", // Route name
      "{*catchall}", // URL with parameters
      new { controller = "Home", action = "Index" } // Parameter defaults
   );
}
1 comment:
Labels:

Monday, 25 October 2010

The specified request cannot be executed from current Application Pool (403.18)

So you've split your apps into seperate app pools in IIS, which works well for app isolation on your web server and all is well until you start getting 403 HTTP status responses (with a substatus in the IIS logs of 18). This error is a result of your application running your application and the custom error page you've configured within different app pools.

The solution?

I'm afraid you're going to have to edit the registry!!! So back it up first then create a registry key with the name IgnoreAppPoolForCustomErrors, of type DWORD and value 1 under the HKLM\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\ folder.

2 comments:
Labels: ,

Saturday, 23 October 2010

A potentially dangerous Request.Form value was detected from the client

You'll get this error from the .Net framework when it detects potentially harmful content in a web request submission. Want to disable this validation? Read on...

For normal ASP.Net Web forms apps you can disable request validation by setting validateRequest=false in the page directive (top of your aspx page) or in the configuration section.

For ASP.Net MVC apps add the [ValidateInput(false)] attribute to the appropriate controller action.

Be careful when turning off this value as you are making your site vulnerable by accepting potentially harmful input. You should explicitly validate your input in your code if you disable the built in .Net request validation.

4 comments:
Labels: , ,

Wednesday, 20 October 2010

Read an Embedded Resource Text File in C#

Here's a little snippet I use quite a lot in my test projects to read out an embedded resource text file as a string. The resourceName parameter is the full namespace of the resource, e.g. myproject.files.MyEmbeddedTextFile.txt 

internal string GetFromResources(string resourceName)
{
    Assembly assem = this.GetType().Assembly;
    using (Stream stream = assem.GetManifestResourceStream(resourceName))
    {
        using (var reader = new StreamReader(stream))
        {
            return reader.ReadToEnd();
        }
    }
}

P.S. You may want to add some error handling to the above ;)

3 comments:
Labels: ,

Monday, 27 September 2010

XML Character Support

One of the projects I'm working on heavily uses a ReST API and performs a lot of XML processing. Recently we've had some serialisation errors when processing some of the XML, resulting in a .Net error throwing:

System.InvalidOperationException: There is an error in XML document (1, XXX). ---> System.Xml.XmlException: XXX, hexadecimal value XXX, is an invalid character.

So I examined the XML payload and could see it contained a non-pritable/control character. I raised the case with the API developers but I found myself curious to find a definitive list of what characters are valid in XML documents. I soon found the Extensible Markup Language (XML) 1.0 Specification, which contained a section regarding the supported XML characters.

You can encode a massive range of characters in XML documents, but there are some non-pritable/control characters that are not supported. Legal non-pritable/control characters include tab (xx09), carriage return (xx0D) and line feed (xx0A). For printable characters it's the legal characters of Unicode and ISO/IEC 10646.

Useful Links

4 comments:
Labels: , ,
Subscribe to: Posts (Atom)