Spaces is new in Leopard bringing virtual desktops to the masses. Leopard gives you a number of ways to switch between spaces including a menu-item drop down and configurable keyboard shortcuts.
To move a window to another space you drag it to the edge of the screen and wait a moment but curiously you canβt use this great technique without a window to switch!
HTML, SQL and XSS injection vulnerabilities arenβt new but they are still largely ignored by developers.
My first encounter with these issues was in 1999 whilst writing an extranet e-commerce web site. Back then the ASP fix consisted of Server.HtmlEncode for all output and a Replace("'", """")Replace("'", """") for strings heading to SQL (other types headed there via CInt/CLong/CDate and I wasnβt aware of parametrized queries).
It has been one week since I picked up my new MacBook Pro 17β³ to replace my aging first-generation 15β³ model.
My initial concern was that the size and weight would be unwieldy after 4 years of lugging around a 15β³ MacBook Pro and a prior to that a Titanium PowerBook G4. The actual problem was that my trusty Samsonite Trunk & Co. backpack could not accommodate it and that Iβd have to hope Santa would deliver something a little bigger. Being properly kitted up might reveal if the dimensions and weight are uncomfortable so expect an update once Iβve travelled with the beast.
If you donβt encode data when using any of the following methods to output to HTML your application could be compromised by unexpected HTML turning up in the page and modifying everything from formatting though to capturing and interfering with form data via remote scripts (XSS). Such vulnerabilities are incredibly dangerous.
Using MonoRail or Microsoftβs MVC does not make you automatically immune β use {! }{! } in MonoRailβs Brail engine and the HtmlHelpers in Microsoftβs MVC to ensure correct encoding.
Part of my job involves revising our SQL Server architecture. My plan includes the addition of a read-only reporting SQL pair for non-critical inquiries and reports. This allows the heavy and unpredictable load from reporting away from from the primary SQL pair responsible for critical operations (shipping orders).
We utilized SQL Serverβs publisher-subscriber replication on the required databases which, given their legacy nature, had some cross-database dependencies that were added without due consideration.
Hello Damien
You have received this email as a customer of our sister company, Friends Reunited.
The first public preview of Microsoftβs ASP.NET MVC (model view controller) framework is now available.
Download ASP.NET 3.5 Extensions (EXE) (3.7 MB)
A few years ago I believed that HTML and SQL injection vulnerabilities were headed for extinction. Thanks to object-relational mapping tools SQL injection continues to die but HTML and script injection vulnerabilities are as popular as ever.
Part of the problem stems from the βback-to-basicsβ approach to rendering web pages, throwing out classes and controls for string-based libraries (primitive obsession) and helpers which do not encode HTML or even offer a concise simple syntax to do so.
Wake up every morning to your iTunes playlist without the danger of an app launching it and having a problem/update pending that prevents you getting to work on time.
Alarm Clock 2 also includes Timers (great for a quick 20 minute power nap) and Stopwatches alongside the normal one-off or regular scheduled alarm that will bring both you and your machine out of sleep ready for that early-morning email check.
I just got the opportunity to try out the latest version of VMware and thought Iβd do a quick Windows Experience Index on Boot Camp, Parallels and VMware to see what the performance is like before my new MacBook Pro 17β³ arrives (hopefully on Friday!)
When I installed Leopard on my machine I took the opportunity to carve out a dedicated 20GB partition again to put a fresh install of Vista on. As well as being able to boot natively this also now means I can run my single Windows partition switching between native, Parallels or VMware at will which admittedly drives Windows Activation crazy.