Website Security Presentation

At my place of work, we have “Thursday Tech Talks” that take place every Thursday afternoon over lunch.  The talks vary in subject matter, ranging from specific technologies through to more general subjects that are relevant to software development and IT in general.  Sandwiches and Muffins are kindly provided by the company so the talks are very well attended - who doesn’t want free sandwiches and muffins? Smile

 

The talks are given by members of staff, and each staff member can offer to talk about a subject that interests them on a company-wide Trello board that we have for just this purpose.  The Trello entries are then voted upon by other staff members, and every week, the person with the highest votes gets to give a presentation to other members of the company who wish to attend.

 

Well, this past week, it was my turn.  I’d opted to give a talk on Website Security and general security concepts and goals.  We had quite a large turn out for what was my very first time presenting (No pressure then!), and it was both flattering and petrifying giving my inaugural presentation to such a large audience, but it was also very exciting to do.

 

As mentioned at the talk, I’m making my slides and notes available for all to view and download.  I’ve used Google Docs Presentations (surprisingly good these days!) for the slides and notes, so they’re viewable online by visiting the following link:

 

Website Security Presentation – Slides & Notes

 

The entire presentation can be downloaded in a variety of formats (PDF, PPTX (Microsoft PowerPoint) etc.) by going to the

File > Download As menu.

 

Enjoy!

JavaScript / jQuery IntelliSense in Visual Studio 2012

I blogged a while ago about a rather ugly and hacky way in which you could get the goodness of jQuery (and general JavaScript) IntelliSense in the Razor editor in Visual Studio 2010’s IDE.

 

This basically involved placing code similar to the following into every MVC view where you wanted IntelliSense to show up:

 

@* Stupid hack to get jQuery intellisense to work in the VS2010 IDE! *@
@if (false)
{
   <script src="../../Scripts/jquery-1.6.2-vsdoc.js" type="text/javascript"></script>
}

 

Well, since the release of Visual Studio 11 Beta, and the recent release of Visual Studio 2012 RC (Visual Studio 2012 is now the formal name of Visual Studio 11) we now no longer have to perform the above hack and clutter up our MVC views in order to enjoy the benefits of IntelliSense.

 

In Visual Studio 2012 (hereafter referred to as VS2012) this has been achieved by allowing an additional file to be placed within the solution/project which will contain a list of “references” to other JavaScript files that all MVC views will reference and honour.

 

The first step to configuring this is to open up VS2012’s Options dialog by selecting TOOLS > OPTIONS from the main menu bar:

 

image

 

Once there, you’ll want to navigate to the Text Editor > JavaScript > IntelliSense > References options:

 

image

 

The first thing to change here, is to select Implicit (Web) from the Reference Group drop-down list.  Doing this shows the list of references and included files within the Implicit (Web) group, as shown below the drop-down. Implicit (Web) includes a number of .js files that are included with VS2012 itself (and are located within your VS2012 install folder), but it also includes the following, project-specific entry:

 

~/Scripts/_references.js

 

Of course, this is all configurable, so you can easily add your own file in here in your own specific location or change the pre-defined _references.js, but since ASP.NET MVC is based around convention over configuration, let’s leave the default as it is!  Click OK and close the options dialog.

 

Now, what’s happened so far is that as part of the pre-defined Implicit (Web) reference group, VS2012 will look for a file called _references.js within a web project’s ~/Scripts/ folder (the ~/ implying the root of our web application) and use the references that are defined within that file as other files that should be referenced from within each of our MVC views automatically.

 

So, the next step is to add this file to one of our MVC projects in the relevant location, namely the ~/Scripts/ folder.  Right-click on the Scripts folder and select Add > New Item:

 

image

 

Once the Add New Item dialog is displayed, we can add a new JavaScript File, making sure that we name the file exactly as the default pre-defined Implicit (Web) reference group expects the file to be named:

 

image

 

 

The format of the _references.js file follows the JScript Comments Reference format that has been in Visual Studio since VS2008.  It’s shown below:

 

/// <reference path=”path to file to include” />

 

You can add as many or as few “references” within the _references.js file that you need.  Bear in mind, though, that the more files you add in here, the more it may negatively impact the performance of the editor/IDE as it’ll have far more files that it has to load and parse in order to determine what IntelliSense should be displayed.   A sample _references.js file is shown below:

 

image

 

The format/syntax of the references within this file can take a number of forms.  You can directly reference other JavaScript files without needing a path if they’re in the same folder as the _references.js file (as the example above shows):

 

/// <reference path="jquery-1.6.3.js" />

 

You can use relative paths which are relative from the folder where the _references.js file is located:

 

/// <reference path="SubfolderTest/jquery-1.6.3.js" />

 

And you can also use paths that are relative to your web project’s “root” folder by using the special ASP.NET ~ (tilde) syntax:

 

/// <reference path="~/Scripts/SubfolderTest/jquery-1.6.3.js" />

 

Once this is configured and saved, you will now have lovely IntelliSense within your MVC Views without needing additional hacky script references from within the view itself.  See the screen shot below:

 

image

 

Yep, that’s the entirety of the view that you can see there (no @if(false) nonsense!), and that’s lovely jQuery IntelliSense being displayed as soon as you start typing $( !

 

Update (10/Feb/2013): Changed the screenshots to use a nicer elliptical highlighting and tweaked some references ever-so-slightly (i.e. change jQuery from 1.6.2 to 1.6.3)

I’m now an MCPD!

MCPD-RGBEver since I passed my MCTS exam back in December last year, I’ve been hard at work doing further study and practice to attempt to pass the follow-up exam 70-576: PRO: Designing and Developing Microsoft SharePoint 2010 Applications.

 

Well, I finally took that exam earlier this week and I’m pleased to report that I’ve passed!  Once again, I managed to get 100% on the exam, although I really don’t know how I achieved such a high percentage score this time around as I was convinced I’d got answers to some of the questions wrong!  Again, I’m over the moon with my result!

 

Passing this exam has now earned me the distinguished certification of:

Microsoft Certified Professional Developer – SharePoint Developer 2010

 

In taking these two exams within the last couple of months, it seems I’ve stirred something inside of me that quite likes the idea of acquiring further Microsoft Certification.  For now, though, I think I’ll take a little break from the intense study that I’ve done of the SharePoint platform, although I’ll still be using SharePoint 2010 quite frequently.  I seem to have amassed a fair sized collection of other tech books in the intervening period that I really need to get on with reading!