Group items tagged

I use Google Analytics for my web sites, you might use Mint or something else bespoke, but if you're using JavaScript to track those stats (as Google does), you're not capturing how many users you have that don't have JavaScript installed.

"Viewstate (ASP.NET) ASP.NET has an option to maintain your ViewState. The ViewState indicates the status of a page when submitted to the server. The status is defined through a hidden field placed on each page with a control. Viewstate can be used as a CSRF defense, as it is difficult for an attacker to forge a valid Viewstate. It is not impossible to forge a valid Viewstate since it is feasible that parameter values could be obtained or guessed by the attacker. However, if the current session ID is added to the ViewState, it then makes each Viewstate unique, and thus immune to CSRF. To use the ViewStateUserKey property within the Viewstate to protect against spoofed post backs. Add the following in the OnInit virtual method of the Page-derived class (This property must be set in the Page.Init event) protected override OnInit(EventArgs e) { base.OnInit(e); if (User.Identity.IsAuthenticated) ViewStateUserKey = Session.SessionID; } The following keys the Viewstate to an individual using a unique value of your choice. (Page.ViewStateUserKey) This must be applied in Page_Init because the key has to be provided to ASP.NET before Viewstate is loaded. This option has been available since ASP.NET 1.1. However, there are limitations on this mechanism. Such as, ViewState MACs are only checked on POSTback, so any other application requests not using postbacks will happily allow CSRF. "

Latest cool prototypes from Sitecore US lab Alex Shyba Solution Architect Sitecore Oct 19, 2011 Noon Pacific, 3:00 PM Eastern, 8:00 PM UK. Alex will be showing some of the latest Shared Source components that he has been working on. Alex Shyba has been with Sitecore for more than 6 years. His primary role is helping implementation partners in North America build successful solutions on Sitecore platform. Whenever he is not reading car magazines, Alex enjoys exploring dark corners of Sitecore by reading kernel code from Reflector and building cool prototypes. Alex maintains one of the oldest Sitecore blogs at http://sitecoreblog.alexshyba.com/ where he shares his ideas about ways to implement Sitecore and provides recommendations on various aspects of the product. You can connect with Alex on Twitter @alexshyba. Video from the presentation

.NET controls similar to Telerik

For MooTools

Mercurial is a modern, open source, distributed version control system, and a compelling upgrade from older systems like Subversion