Monday, March 19, 2012

All user input is evil: Microsoft Web Protection Library

This application is something that should be under the belt of all web developers. I'm surprised that this library is not already bundled into ASP.NET MVC, which shows how little developers worry about securing an application. The good news is that there's a NuGet package already available.

If you're not sure what the AntiXSS library is, you should go and download it right now. It provides functions to sanitize user input, including but not limited to HTML and Javascript. The bad news is that you probably won't find a lot of documentation about it, but that's just because the library is really easy to use. Check it out here.

Sunday, March 18, 2012

SQL Azure: Invalid object name 'sys.configurations'

This is a rather dumb error. I am able to connect to SQL Azure from SQL Server Management Studio in my work computer but not from my home computer. But if I connect to it from a query window in my home computer it works!

I'm guessing it has to do with the SSMS version or with Object Explorer. It's better not to waste time with these errors because you'll probably end up uninstalling the software (and spend a bunch of time on that) to make it work.

This thread helped me

Saturday, March 17, 2012

Failed to start Storage Emulator: the SQL Server instance ‘localhost\SQLExpress’ could not be found

I wonder why when you follow a tutorial there are always errors in the process which are not mentioned in the tutorial. It happened to me when following a Windows Azure "Hello, World" tutorial. This error is simple to solve though, just do this:

1) Open a command window and go to C:\Program Files\Windows Azure Emulator\emulator\devstore
2) Execute dsinit /server:localhost

In my case I don't use SQL Express, so I had to run the command above to point the Emulator to SQL Server.

Tuesday, March 6, 2012

Scaling guidlines from StackOverflow

If you build software using Microsoft technologies you might want to read this article. It outlines a set of lessons learned from StackOverflow on how to scale software and hardware.

One thing that is not clear to me is how to put a database in memory. In fact, it doesn't sound possible for SQL Server... I wonder what Jeff and Joel meant when they wrote that.