As I am implementing a small application framework for my current project that is using ASP.NET MVC and Knockout JavaScript library, I had to rethink the approach to using anti forgery tokens. Any forgery tokens in ASP.NET MVC are designed to prevent cross-site request forgery attacks. Cross site scripting is number 2 on list of …
Continue reading ‘Anti-forgery Tokens in ASP.NET MVC and Knockout’ »
I am trying to get up to speed with knockout.js. I am brining it into an MVC application. I am trying to reduce the amount of JavaScript our team has to write, especially in large, complicated screens. At the same time, I want to leverage the power of MVC views. Our application is using DataAnnotations, …
If you are not familiar with OWASP site, I highly encourage you take a look at it. I think everyone can learn something by reading this site. More specifically, I wanted to concentrate on one of the top 10 mistakes, Insecure Direct Object References. If you take a look at most of ASP.NET MVC sample …
Continue reading ‘Dealing with Direct Object References in ASP MVC’ »
I recently uncovered a little issue with using entry controls that use unobtrusive JavaScript validation inside jQuery accordion control. When an error is shown, the accordion does not resize as it should, thus some controls fall off the accordion surface. I got some feedback on ASP.NET forum from Bruce, and wrote a little function that …
In this post I wanted to describe a solution to a specific problem I recently encountered. The problem is as following. I have a class with a set of dependent properties, such as start and end date or minimum / maximum numbers. I want to implement both client and server side validation in an MVC …
Continue reading ‘Validating Dependent Fields in ASP.NET MVC’ »
In this post I want to summarize the tools and technologies that will be coming up in 2012 from Microsoft. All of these is public knowledge, but I wanted to outline the technologies that excite me the most. There are some conjectures and opinions of course, and some educated guesses. I am going to include …
In this blog I will describe my ideas on how to integrate SQL Server reports in ASP.NET MVC applications. I would like to have as seamless of an integration as possible given the constraints in place. For example, the only web based report viewer for SSRS is the one that has been shipping with Web …
In this post I am going to try to document the solution to the following problem. I would like to implement custom global error handling in my ASP.NET MVC application using entity framework to log errors into the database. Once the error is logged, I want to redirect the user to the custom page that …
Continue reading ‘Implementing Error Handling in ASP.NET MVC’ »
In this blog I am going to describe a pretty common problem that web applications have to deal with along with one way to solve this issue. Here is the issue at hand. Say, user pulled up an entry form and made some changes. Then the above mentioned user clicked browser back button, navigating away …
Continue reading ‘Detecting Pending Changes in ASP.NET MVC’ »
I am using jqGrid in my current project, and I already blogged prior on how impressed I am with the functionality available in this control. I am using it in ASP.NET MVC application, but it can be used in any web app. One of the key features is that it supports ajax based asynchronous server …