Tech Tips, Tricks & Trivia

When I'm asked for learning resources on ASP.NET 2.0, I recommend the Essential ASP.NET 2.0 MSDN Webcast series (Level 200) by Fritz Onion . The 15 part series that was conducted in 2005 covers a breadth of topics in video sessions of roughly 45 minutes. The videos are freely downloadable but require registration. The slides (in PDF format), demos & labs related to the sessions are available from Fritz Onion's Webcasts page . This series is also good, inexpensive training material for organizations that need to educate novice Web developers on ASP.NET 2.0. With a projector, popcorn (optional) & an experienced developer as a moderator to respond to impromptu questions that may come up, an enjoyable & engaging training can be conducted. The following topics are covered - Introduction to ASP.NET 2.0 ASP.NET 2.0 Architecture New Code-Behind tool Page Lifecycle Compilation Special Compilation Directories - App_code, App_GlobalResources, App_Data etc Master pages, Theme

"whenever you allow a user to upload a document that is saved to a web accessible folder, and then you allow others to visit that document directly through their browser, there exists the possibility that a nefarious user will upload a script file so that they can execute code when the file is visited through a browser." [ Scott Mitchell ] Counter-Measure: configure IIS so as not to allow script execution on the folder (and subfolders) where files are uploaded. " A nefarious user could .. upload a HTML file for an XSS or phishing attack, stealing your authenticated users' sessions and cookies or worse." [ Ryan ] Counter-Measure: have a whitelist of content types and file extensions. "Denial of service is one of the threats that you need to consider while implementing file upload functionality in your web application. If a user uploads a huge file, it will clog the network and consume server’s memory." [ Varun, ACE Team ] Counter-Measure: By setti

Use the free open-source online service - Browsershots . Browsershots makes screenshots of your web design in different browsers. All you need to do is specify for which of the 40 browsers on Linux, 12 browsers on Windows & 4 browsers on Mac OS you want your screenshots and submit your web address. You can optionally configure settings like screen size, color depth, Javascript/Java/Flash support on the browsers you want to test for. These requests are queued & processed by a number of distributed computers. The estimated time range is specified and you can reload or bookmark the page to view the generated screenshots. Browsrcamp is yet another useful service that I have tried & liked. It lets you test the compatibility of your design with Mac OS X browsers. If you just have to test a few pages, these online services obviate the need for purchasing costly hardware.

A Sitemap is an XML file that lists URLs for a site along with additional metadata about each URL (when it was last updated, how often it usually changes, and how important it is, relative to other URLs in the site) so that search engines can more intelligently crawl the site. Sitemap Protocol is supported by Google, Yahoo!, and Microsoft . Using the Sitemap Protocol does not guarantee that web pages are included in search engines, but provides hints for web crawlers to do a better job of crawling your site. Once you have created your Sitemap, you can let search engines know about it by submitting directly to them, pinging them, or adding the Sitemap location to your robots.txt file. Sitemap files must use UTF-8 encoding Sitemaps should be no larger than 10MB in length when uncompressed and can contain a maximum of 50,000 URLs. The Sitemap defined by sitemaps.org is different from ASP.NET Site map ( web.sitemap ) It is possible to convert a ASP.NET 2.0 site-map to a sitemaps.org

I feel participating in technical forums is a good way to quiz one’s knowledge. I ran into a nice posting about ASP.NET server tags on ASP.NET Forums recently. Here is a quick reference of all the ASP.NET server tags with relevant links to MSDN: <% %> - Represents an embedded code block that executes during the page's render phase. The code in the block can execute programming statements and call functions in the current page class. <%= %> - Short cut for Response.Write statement. <%# %> - Used with data-binding expressions <%$ %> - The dollar sign ($) indicates to ASP.NET that an expression follows. The expression prefix (<%$ expressionPrefix: expressionValue %> ) defines the type of expression, such as AppSettings, ConnectionStrings, or Resources. Following the colon (:) is the actual expression value that ASP.NET will resolve. <%-- --%> - Used for Server-Side Comments. <%@ %> - Represents a directive block. The ASP.NET page fr

I found it intriguing that Toad for MySQL requires .NET Framework 2.0 as a minimum software requirement .

I often feel tricked after clicking a link that does not indicate it's a PDF & I'm whisked away . It's distracting and also frustating when you realise that the material you have downloaded is not even useful. I feel a PDF should be offered through a website mainly when it's purpose is for it to be preserved offline or to provide well-formatted content which is not possible to be shown through HTML due to browser inadequacies. I think it's good netiquette for publishers to indicate explicitly to readers when there is a hyperlink to an non-HTML file format like PDF by labelling links . I love the PDF / Word to HTML conversion feature that Google Search & GMail offer with the “View as HTML” link whenever you encounter a PDF or Word file in search results or in email attachments. I noticed that unlike most file-format-conversion-service providers ( thanks Amit ) which require users to upload PDF files they want to convert, some like the SamurajData service all

Steve Souders , Chief Performance Yahoo! has shared his key learnings on improving front-end performance in the book High Performance Web Sites . These are based on his experience leading the Exceptional Performance group at Yahoo!. Excerpts from the book are available at Yahoo! Developer Network. Here's a quick list of his very practical & useful recommendations: Make Fewer HTTP Requests Use a Content Delivery Network (CDN) to reduce network hops Add an Expires Header to make page components cacheable Gzip page components Put Stylesheets at the Top Put Scripts at the Bottom Avoid CSS Expressions Make JavaScript and CSS External, especially those which are re-used across pages. Reduce DNS Lookups by using Keep-Alive and fewer domains Minify JavaScript with a Compressor . Avoid Redirects Remove Duplicate Scripts Reconfigure or remove ETags Make Ajax Cacheable Related links: Profiling JavaScript With Ajax View Fiddler PowerToy - Part 2: HTTP Performance High Performance DHTML