Thursday, 29 November 2007

XmlNode and how to add CDATA to it

All I needed to do was create via C# an XML file that included some CDATA sections:

<description><![CDATA[<P>hello world</P>]]></description>

After looking at the XmlDocument MSDN pages, it looked to be as simple as I had hoped. I ventured forth and created the following c#:

XmlNode itemDescription = doc.CreateNode("cdatasection", "description", "");
itemDescription.InnerText = post.PostedText;

But that code created this monstrosity:

<![CDATA[<P>hello world</P>]]> .... weird??!

After some experimenting I finally cracked it:

XmlNode itemDescription = doc.CreateElement("description");
XmlCDataSection cdata = doc.CreateCDataSection("<P>hello world</P>");
itemDescription.AppendChild(cdata);
item.AppendChild(itemDescription);

This code creates exactly what I need:

<description><![CDATA[<P>hello world</P>]]></description>

Hope this saves someone some time :)

Tuesday, 20 November 2007

HttpRequestValidationException

You may stumble across the following exception when working with inputing html through a form:

Exception type: HttpRequestValidationException Exception message: A potentially dangerous Request.Form value was detected from the client

This is .Net attempting to protect us from a potentially malicious input form value, which is sweet ...but sometimes unwanted. To avoid the exception being thrown you need to do two simple things:

1. Add the validateRequest page directive to the aspx page, and set to false OR to disable for your entire web application update your web.config:

<%@ Page language="c#" validateRequest="false" Codebehind="TestForm.aspx.cs" ... %>
... OR ...
<configuration>
 <system.web>
   <pages validaterequest="false">
 </system.web>
</configuration>

2. Manually diffuse any potentially malicous input form values in the code behind:

string formFieldValue = Server.HtmlEncode(Request[ "FormKeyValue"]);
string queryValue = Server.UrlEncode(Request.Query["QueryKeyValue"]);

All step 2 does is escape characters, e.g. < is replaced with &lt;

WARNING !!! If you don't validate the input data manually, like in step 2, you could leave your application vulnerable to cross site scripting or injection attacks. Infact, I recommend that you validate input data manually anyway, as the request validation performed by .Net isn't bullet proof

Friday, 16 November 2007

Web App Security - Top 5 Vulnerabilities You NEED to Know About

Security was a hot topic at TechEd Developers 2007 and I was keen to attend some of the talks related to Web App security in particular. A couple of talks conveyed well the importance of security and showed first hand a number of top vulnerabilities that web apps can be left open to. Below are what I think are the top 5 vulnerabililties you need to be aware of when developing web apps:

  1. Cross Site Scripting (XSS) : Takes user supplied data and sends to a browser without validation/encoding of the data [more info on cross site scripting].
  2. Injection Flaws : Again user supplied data is consumed typically as a query string (or any command/query input), tricking the app into running malicous/unwanted commands on data. This usually manifests as SQL injection [more info on inject flaws].
  3. Insecure Communications : Web apps not encrypting communications of a sensitive nature. Sensitive communication between client and server (i.e. for logging customers in) should force a https connection to protect the user from sniffers and man in the middle attacks (if certificate is signed) [more info on https].
  4. Improper Error Handling : The leaking of sensitive information as a result of an application error. For a .Net web app ensure customErrors in the web.config does NOT have the value Off on a live web server (default value is RemoteOnly) [more info on customErrors]
  5. Object Serving Handlers : Allowing users to manipulate a URL or form parameter to gain access to a restricted internal object such as a file, folder, database record, etc. [more info on object serving vulnerabilities]

A top community/site for all security concious web developers is the Open Web Applciation Security Project. I particularly like their top 10 project (10 most critical web application security flaws), which is a great place to spruce up your web app security awareness.

MS ASP.Net AJAX Cheat Sheets

Just stumbled across some concise and extremely helpful MS AJAX Javascript Library cheat sheets. Definitely worth a look if you work with AJAX in .Net, you'll soon wonder how you lived without them :)

Tuesday, 6 November 2007

TechEd Europe 2007 Keynote

Keynote Speech : As expected, there was the usual build up of upcoming Microsoft releases (VS 2008, Microsoft Expression, Silverlight, .Net framework 3.5 to name but a few) present in the opening speech, and although this was interesting, I felt most impressed with Somasegar's achievements and commitments to much needed MSDN improvements. Somasegar (who is VP of Microsoft's Developer Division incase you didn't know) seems to have a desire to create a real community for real developer input, making it a primary port of call for many rather than few.

Another thing I was impressed with was the newly introduced Software + Services Blueprints that contain a framework with source code access, guidance and tools that work with Visual Studio to enable you to easily build software + services solutions. Although many software companies have their own patterns etc for building software solutions, it seems like a great place to get your teeth into add-ins for Microsoft products (such as the first in the series of such blueprints: creating an Outlook 2007 add-in ). He has also now posted a blog entry related to his TechEd Europe keynote speech online which might be of interest to those not here in person.

Sunday, 4 November 2007

Microsoft TechEd Developers 2007 @ Barcelona

I’ve finally reached beautiful, vibrant and diverse Barcelona. With it’s remarkable two thousand years of history leave parts of this city like a grand scale museum, you can’t help but notice the drive for change and renovation also present here. A perfect setting perhaps to be given the opportunity of hundreds of learning activities, opportunities and resources of all varieties from the technology giant that is Microsoft @ TechEd Developers 2007 Conference.

I’m looking to focus on the Web Development areas of the conference mainly, although I'm open to any of the new technology developments that are on offer here, so watch this space over the next 5 days :)

Wednesday, 31 October 2007

EPiServer System.Security.SecurityException

On application start up you get : Server Error in '/' Application.. All subsequent requests are fine until the app is restarted. The actual error details : System.Security.SecurityException: Requested registry access is not allowed After browsing the forums, it seems to be a problem when you don't install episerver in the usual manner or it was installed without admin priviledges. A quick way to solve the problem is to create a quick console app with the following code:

static void Main(string[] args)
{
   System.Diagnostics.EventLog _eventLog = new System.Diagnostics.EventLog("Application", ".", "EPiServer Scheduler");
            
   _eventLog.WriteEntry( "Installed OK");
   _eventLog.Dispose();
}
Just run once with admin user and that should be it. To check it ran OK, look in event viewer > application and you should see a message there.


Thursday, 18 October 2007

Checking an assembly is strong named

A strong named assembly's identity consists of a simple text name, version number, and culture information (optional) - plus a public key and a digital signature.

  • Strong names guarantee name uniqueness by relying on unique key pairs
  • Strong names protect the version lineage of an assembly. A strong name can ensure that no one can produce a subsequent version of your assembly.
  • Strong names provide a strong integrity check. Passing the .NET Framework security checks guarantees that the contents of the assembly have not been changed since it was built.

If you want to add an assembly to the GAC but aren't sure if it is strong named (maybe because it is a third party library) - You can ensure that an assembly is globally unique quite easily:

1. Use the strong name tool which is part of the .Net framework tools in the .Net SDK.

sn -v assembly
2. Even easier - Using explorer, click and drag assembly into \windows\assembly directory. If you don't get a descriptive error message then the assembly was strong named and is now gac'd :)


Friday, 12 October 2007

Visual Studio Error List (HTML Errors)

Nothing annoys me more on a Friday afternoon than the Visual Studio Error List rearring its ugly head and popping up with errors (often irrelevant ones) about the HTML markup.

So after playing about with settings and poking around the interweb I found you can either just close all the HTML (or aspx) files you are working on (as it only critises open document's markup) or you can tell Visual Studio to ignore the errors by unchecking:

Tools > Options > Text Editor > HTML > Validation > Show errors

Please, no comments about using the correct validation target, actually fixing the errors or conforming to how Visual Studio wants me to do everything - it's my party and I'll do what I want :P


Wednesday, 10 October 2007

EPiServer Friendly URLS

When integrating our existing Esendex site with EPiServer and deploying onto different web servers we had some issues with friendly URLs. For friendly URLs to work when putting the web site on your different servers you need to ensure the following:
  • Friendly URL option is enabled in your site config
    <add key="EPfEnableFriendlyUrl" value="true"/>
  • The IIS custom 404 error page needs to point to the site URL /Util/Notfound.aspx. EPiServer then checks if the URL requested exists as a friendly URL, and displays the page if it does.
  • The friendly URL httpmodule in the web.config file also needs to be declared.
    <add name="FriendlyUrl" type="EPiServer.Util.FriendlyUrlModule, EPiServer"/>
One problem with this is that if the page is not found, the built-in error page is shown. EPiCode, a EPiServer research project has a module BVNetwork.404Handler that can help with this and also provide redirection functionality too - something we found very useful. Features at a glance:
  • Custom FileNotFound page to replace the built-in error page
  • A powerful CustomRedirects module thats extends the built-in ShortCurUrl function
  • An admin plugin that shows all the CustomRedirects defined
  • FallBack url handling that allows all 404 requests to be redirected to a back-end server only if the url exists on that server

EPiServer Logging & Tail

Any decent developer will know the importance of logging on development machines and in a live environment, so it is worth spending the time setting it up correctly. To get logging initally is easy in EPiServer. just create file in the EPiServer web site directory called EPiServerLog.config and add the following to it to log everything to a file:
<?xml version="1.0" encoding="utf-8" ?>
<log4net>
  <appender name="FileAppender" type="log4net.Appender.RollingFileAppender">
    <file value="d:\\logs\\Error-log.txt" />
    <appendToFile value="true" />
    <rollingStyle value="Date" />
    <layout type="log4net.Layout.PatternLayout">
      <param name="ConversionPattern" value="%d\t%X{siteid}\t%m%n" />
    </layout>
  </appender>
  <root>
    <level value="ALL" />
    <appender-ref ref="FileAppender" />
  </root>
</log4net>
EPiServer provide a useful article 'Logging in EPiServer' and you can also get more indepth info on log4net and logging to other mediums (such as email) on the log4net site.

Watching log files

If you have nothing better to do than watching log files then Tail for Win32 is perfect for the job. Tail for Win32 is used to monitor changes to files; displaying the changed lines in realtime. This makes Tail ideal for watching log files - and it's free too!

Friday, 7 September 2007

Your site has been EPiServed!

Why EPiServer? I was asked to test out a 3rd party CMS system to replace our internal CMS implementation. The CMS system being tested was from a Swedish company called EPiServer. Whilst they are currently working on and releasing betas of a new .Net 3 version of there system EPiServer 5, we decided to test out the more established and supported 4.6X version.

EPiServer 4.61

EPiServer seemed to be able to perform what we need it to and then some. The trick with making the most out of EPiServer is knowing exactly what it has to use before starting, to aviod wasting development time making your own controls/functions when EPiServer has alot of standard web related capabilities bundled in. Although it does make life easier than working on your own custom CMS system when we have 'proper' development work to do, it involved a steep learing curve initially. It may even be worth signing up for one of the EPiServer dev courses they have available througout europe.

What I liked

EPiServer is a web based framework; the edit and admin sections were web app based (although optimised for IE), meaning no software installation is required, it can be edited and managed all through a web browser. A decent WYSIWYG editor; which is a big boost for non development team members when they are creating/editing pages and the media content within them. Quick and easy viewing of entire pages. Mirroring of sites to other servers. Friendly URLs; these help to make URLs search engine optimised and also more user friendly, rather than ugly query strings (i.e. template3.aspx?id=32434f3fds3 ). XForms; which are for editors to create forms, and developers to customize form behaviour and appearance. Useful for blogs and comments. Globalisation Support; support for different langauages with essential fallback support.

What I didn't like

We found a couple of issues during development and staging, this quickly showed a slow support service from the EPiServer support desk. It also seemed difficult to get a telephone number from a more technical support team member as they want to do communicate entirely via email. Bugs and slow support; we found a couple of bugs whilst working with the EPiServer framework and found a slow support service initially from the EPiServer support desk (although they are helpful when they do get a chance to respond). Due to the EPiServer framework not being open source we couldn't easyily figure out the problem, but managed to figure the problem out for ourselves (before EPiServer could get back to us) with a little help from a .Net CLR reflector and SQL profiler. Our new EPiServer powered site is now live so take a peek for yourselves!

Monday, 13 August 2007

Multiple Websites In Windows XP Pro & IIS

Problem : You would like to create a new virtual site in IIS 5.1 on Windows XP Pro rather than a virtual directory. For example, you may want to do this when creating a site as a virtual directory is causing you problems with path offsets when referring to itself with absolute or relative paths. Surprisingly you find you can't add a virtual site through the IIS GUI - which is different to Windows 2000 and Windows Server 2003. So much for XP Pro being the all round development OS it was initially claimed to be! Solution : Whilst you can't add virtual servers through the GUI, Microsoft hasn't removed the functionality completely. You can create a virtual server through the following process using the command line. 1. Open command prompt and browse to the \Inetpub\AdminScripts directory 2. Create the new virtual server by typing:
   adsutil.vbs CREATE_VSERV W3SVC/i
where i is 'the number of virtual servers you currently have plus 1'. So if you only have the Default Web Site, enter:
   adsutil.vbs CREATE_VSERV W3SVC/2
* If you get prompted about wscripts & cscripts run the file as a cscript. 3. You can now use the IIS GUI to setup your new site!

More Info...

adsutil.vbs help

For more options with the adsutil.vbs script visit the Command-line Tools Included in IIS page or just type:
   adsutil.vbs help

Deleting a Virtual Server

To delete a virtual web site:
   adsutil.vbs DELETE W3SVC/i
where i is the number of the virtual server you wish to delete.

CScript VS WScript

CScript runs entirely in the command line and is ideal for non-interactive scripts. WScript has a Windows interface for user interaction.

Sunday, 15 July 2007

.Net Photo Gallery Control (PhotoHandler)

I had a quick Google for a .Net control or library for creating an online photo album easily - and therefore save me some time in writing my own. I then found a reference on ScottGu's blog about a PhotoHandler, which is a little project of Bertrand Le Roy. It is basically one C# code file that can be used as a control on a page or you can just browse to the file itself and it will display the folders and images in the current directory. The best thing about it is the simple setup and you can just ftp some image folders onto your server and the control will just display it all for you - no need to update any aspx/content pages. Download the source from the projects PhotoHandler CodePlex pages. You'll notice a samples directory - these pages use the handler as a control which is how I like to use it. Useful points on PhotoHandler usage: Get the required MetaDataExtractor library and pop it in your web apps bin directory. Also, make sure you get version V2.2.2d - otherwise you'll get a The type or namespace name 'Directory' does not exist in the namespace 'com.drew.metadata' (are you missing an assembly reference?) error. If you are using the control in a sub directory of your site then yo need to set the HandlerUrl property on the control or you'll get no images or thumbnails displayed. If you want to hide some folders from the album viewer you can make a mod to the control. On line 1648 where the code checks for a few common .net directories:
if (dir.StartsWith("_vti_") || dir.StartsWith("app_") ||
    (dir == "bin") || (dir == "aspnet_client")) 
{
   continue;
}
Change this to :
if (IsHiddenFolder(dir)) 
{
    continue;
}
Add the two helper methods:
// Checks a string[] to see if the folder should be omitted
private bool IsHiddenFolder(string directoryName)
{
    if (directoryName.StartsWith("_vti_") || directoryName.StartsWith("app_") )
    {
        return true;
    }

    if (!isHiddenListLoaded)
    {
        LoadHiddenFolderList();
    }

    for (int i = 0; i < hiddenList.Length; i++)
    {
        if( hiddenList[i].ToLower() == directoryName)
        {
            return true;   
        }
    }

    return false;
}

// Loads a string[] from a text file
private void LoadHiddenFolderList()
{
    using (StreamReader reader = new StreamReader(Server.MapPath("HiddenList.txt")))
    {
        ArrayList lines = new ArrayList();

        while (reader.Peek() != -1)
        {
            lines.Add(reader.ReadLine().Trim());
        }

        hiddenList = lines.ToArray(typeof(string)) as string[];
    }

    isHiddenListLoaded = true;
}
Finally, put the text file with directories (one per line) to omit as HiddenList.txt in the same location as the control and add two static variables to the class required by the helper methods:
private static bool isHiddenListLoaded;
private static string[] hiddenList;
Goodluck :)

Monday, 9 July 2007

WML / WAP page won't display (WML debugging)

WML / WAP browsers tend to keel over and die if they encounter anything they don't like. If your WML / WAP browser isn't displaying your page then check the following: 1. Ensure the WML is well formed and valid, there is a W3 Schools WML validator you may find very handy. 2. WML / WAP browsers refuse to work if the content type you are returning in the HTTP 200 response isn't Content-Type: text/vnd.wap.wml, so ensure this is the case by logging or sniffing the communication (Ethereal is my weapon of choice). 3. The most strange behaviour I've seen is a WAP browser not displaying anything because the file extension of the file being displayed isn't .wml !!!

Friday, 6 July 2007

Detecting a Mobile / WAP Browser in code (using User-Agent)

I recently got a task to create a simple terms and conditions page that would be sent in a link via our SMS API as a SMS or WAP Push message. The idea being that the phone can browse to the URL via the WAP browser or alternatively use a browser on their PC or MAC. I wanted some sort of simple switch, to display a WAP WML page for a mobile browser or a full html page for a PC or MAC browser. I had a quick look at the HTTPRequest class and found a Request.Browser.IsMobileDevice bool flag. This would be perfect... if it worked! Having tested the flag with several makes and models of phone, it seemed to only work on a selection. After doing a bit of an investigation I found that all the mobile browsers I tested with had similar user-agent values ( Request.Headers["User-Agent"] ). They all contained a value "MIDP", e.g. Nokia6230i/2.0 (03.25) Profile/MIDP-2.0 Configuration/CLDC-1.1. As you can see, we can also grab the device model and manufacturer from the user-agent also. MIDP, or Mobile Information Device Profile. MIDP, combined with the Connected Limited Device Configuration (CLDC), is the Java runtime environment for today's mobile information devices (MIDs) such as phones and entry level PDAs. I found a useful MIDP device list at Club Java. Searching for midp in the user-agent should work pretty well as far as my tests show. And you can also check for additional values supplied in the HTTP request to ensure the redirection works when required. .Net code sample:
bool isWMLBrowser = false;
if (Request.Headers["User-Agent"] != null)
{
   isWMLBrowser 
         = Request.Headers["User-Agent"].ToLower().Contains("midp");
}

if (!isWMLBrowser)
{
   // Redirect to HTML page
}
else
{
   // Redirect to WML WAP page
}
Any one else have any other bright ideas?

Monday, 2 July 2007

Web page content / Dummy web text (Lorem Ipsum)

Whilst working on implementing a new design for the Esendex site I wanted to see what the layout looked like with content in place. I also wanted to use text that didn't distract me or other colleagues working on the design (i.e. not repeat 'hello world' 100 times), so I needed to make it look like readable English but not be :) I wondered if there was some sort of latin text generator similar to the dummy text used in the printing and type-setting industry? Google took me straight to a great site called www.lipsum.com, which is apparently the first correct content generator of this type on the web. Very handy :)

Friday, 15 June 2007

New Web Browser War Looming?

Being a .Net developer I use Microsoft IE 7 to develop my web applications. However, Mozilla Firefox is my preferred choice to browse the web. I was interested to see that Apple released Safari for the Windows OS and even more interestingly, it was reportedly downloaded more than a million times in the first 48 hours of its release! Which I think you'll agree, is not bad by any one's standards? It claims to be the fastest and best browser available, and having had a little go I have to say I'm impressed. The specs and download can be found at the Apple Safari site, and there is also a decent Safari Developer area. Remember it is only a Beta release but if the SnapBack and Resizable Text Fields features (not forgetting the performance too) are anything to go by, then there looks like a new strong contender to the heavyweight PC web browser category. ...I wonder what Bill G has to say about that?

More Info

W3Schools has a decent browser stats page that may interest you.

Tuesday, 22 May 2007

Using code in your blogs (blogger.com)

Not sure if everyone is aware of this, but the easiest way to blog code snippets in html on blogger.com is to put the code between <pre> tags, this applies a coding style and preserves whitespace (so you don't have to use &nbsp;). So to get this:
public void Go
{
   // TODO : Do some work    
}
Blog with the following html:
<pre>
public void Go
{
   // TODO : Do some work    
}
</pre>
Remember if you are using <tags> you need to use &lt; as the opening tag bracket otherwise the tag will be omitted (because the browser tries to parse it). Happy blogging! :)

Cannot create/shadow copy when that file already exists

The .Net Framework has a feature called Shadow Copy. Shadow copy is enabled on every appdomain created by ASP.NET by default. By default assemblies loaded will be copied to a shadow copy cache directory, and will be used from that location. Why does ASP.Net do this? So the original file is not locked and can be modified. An interesting error I have ran into intermittently when running ASP.Net apps with the debugger is 'Cannot create/shadow copy when that file already exists' I'm still not sure why this happens only on occasion, as I can often clean my solution, then reload a web app and it will work fine then. But if you are getting it frequently enough for it to affect your work, you can add the following to your app's web.config or the master .Net web.config:
<system.web>
   <hostingEnvironment shadowCopyBinAssemblies="false" />
</system.web>

Tuesday, 15 May 2007

Storing ViewState into Session

HTTP requests and responses are inherently stateless. To maintain state between HTTP requests, ASP.NET server pages can store Page state. This state, called ViewState, consists of page and control settings and data that make the page and controls appear as if they are the same ones that the user saw and interacted with on their last round trip to the page. Why would you want to store ViewState into session? 1)You have a page using lots of panels/controls resulting in a large viewstate, which is affecting perforrmace during postbacks. 2)You are serving pages to small devices that have limited client-side resources or use a markup language that does not support a hidden field element. Several mechanisms exist to store ViewState between successive requests to the same page, the abstract PageStatePersister class represents the base class for these state storage mechanisms in .Net 2. By default HiddenFieldPageStatePersister is used to keep ViewState in a hidden input element, __VIEWSTATE, which is way .Net 1/1.1 worked. To use a different mechanism, such as the bundled SessionPageStatePersister (which stores page state into session), just override the System.Web.UI.Page PageStatePersister property:
protected override PageStatePersister PageStatePersister
{
   get
   {
      return new SessionPageStatePersister(this);
   }
}
More on ViewState It is worth mentioning that you may want to look into using PageAdapters instead of overriding the System.Web.UI.Page PageStatePersister property, the MSDN PageAdapter page will get you started :) A good ViewState page that explains everything clearly is on Dave Reed's blog site. A handy ViewState decoder tool by Vasudevan Deepak Kumar. Technorati Profile

Friday, 11 May 2007

Get going with AJAX in .Net

I started to look into AJAX in 2006 and then didn't get a chance play with the AJAX technologies properly until today. I noticed that there had been some updates to the original AJAX toolkit so I decided to remove everything AJAX and start again from scratch - here's some easy steps to get you going. (Downloads can be found @ ASP.net AJAX site) Step 1) Install AJAX Extensions 1.0 This download installs the framework for developing and running AJAX-style applications with either server-centric or client-centric development models and is fully supported by Microsoft. Step 2) Install ASP.NET AJAX Control Toolkit The ASP.NET AJAX Control Toolkit is a shared-source community project consisting of samples and components that make it easier than ever to work with AJAX-enabled controls and extenders. The source download includes a great sample site. So download the source zip file and extract the contents to somewhere logical, I placed mine with the extensions files from step 1 (Microsoft ASP.NET\ASP.NET 2.0 AJAX Extensions\AJAXControlToolKit). If you open the solution and view the sample web site it contains a wealth of info on the controls available with great examples. Step 3) Setup Visual Studio for easy access The best way to start playing is to open visual studio, add a new AJAX enabled web application. Because the control toolkit isn't installed with an msi (installer) but is just an assembly, the tools won't appear automatically on your toolbox like the fundamental AJAX items. So right click and add tab for the AJAX controls, call it something like AJAX Controls Toolkit. Add the controls to the tab by right clicking the tab, click choose items, then browse to the AJAX Controls Toolkit Assembly. Step 4) Go wild!!! You can now go wild adding the AJAX controls and extenders. Go to the Asp.net Ajax site for some get getting started guides.

Thursday, 10 May 2007

Using Bind Monitor (FUSLOGVW.exe)

Don't you just hate it when you've done all the development work and you are finally deploying the release onto a server and BANG! It doesn't work, you have some sort of assembly loading exception/file not found exception?

All of us (yes even you) have had assembly binding issues on our server and development machines, but not many of us know about or make use of the Bind Monitor (FUSLOGVW.exe) bundled in the .Net SDK. The tool is useful because depending on the options selected, it can log binds occurring between assemblies - including bind failures and their associated details.

The Bind monitor can be found at \Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin\FUSLOGVW.exe so it is useful to add this as an external tool using Tools > External Tools. Now you can access it easily in Visual Studio at Tools > Bind Monitor OR if you are trying to find out the issue on a server machine without the developer environment installed then just copy the file from a development machine (\Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin\FUSLOGVW.exe) to the server.

Tips for Bind Monitor < V2

Firstly click on Log Failures. Next, if this is an ASP.NET or .NET Windows service app, select the Custom Option and using regedit, set HKLM\Software\Microsoft\Fusion\LogPath to point to a directory that exists (c:\temp\binds\?). To log all binds, not just failures, set HKLM\Software\Microsoft\Fusion\ForceLog as a DWORD value to 1.

Tips for Bind Monitor V2

You can sometimes get an issue when not using Enable custom log path (the default locations is the internet explorer Temporary Files cache). So I usually turn that on and point it at a log/temp directory.

To log bind failures for satellite assemblies, you need to do a little fix by adding a HKLM\Software\Microsoft\Fusion\LogResourceBinds registry value to 1 (the value is a DWORD) - this also seems to fix some other problems, so I strongly recommend it.

More Info?

The MSDN page for the Bind Monitor can be found here Bind Monitor - FUSLOGVW.exe.

Fusion is the technology used for loading assemblies in .Net and there is a great site with a Fusion Workshop covering all aspects of the technology.

There is a great wiki page on .NET Assemblies which is useful for anyone that has some queries on assembly basics and is too scared to ask?!

Monday, 16 April 2007

And so it begins...

I've finally gotten around to posting my first public statement into the blogosphere! Woohoo! Hopefully I'll get some useful posts on here starting this week. Not sure what I'm going to blog exactly but I imagine it will mostly involve web application development in the .Net framework, CSS, Javascript, (X)HTML, and maybe some PHP and Perl (but hopefully not too much Perl :P).