Monthly Archives: October 2003

Cross site scripting: removing meta-characters from user-supplied data in CGI scripts using C#, Java and ASP

Ran into some issues with cross site scripting attacks today. CERT® has an excellent article that show exactly how you should be filtering input from forms. Specifically, it mentions that just filtering *certain* characters in user supplied input isn’t good … Continue reading

Posted in .NET | 6 Comments

Lightweight Languages Workshop at MIT

Fun stuff going on at MIT in a couple days: “LL3 will be an intense, exciting, one-day forum bringing together the best programming language implementors and researchers, from both academia and industry, to exchange ideas and information, to challenge one … Continue reading

Posted in Software Development | Leave a comment

The intricacies of HTTP

I’ve been working on a small piece of C# software this week that posts data to an HTTP server (which handles credit card processing), parses the results and then returns the results to a C# client. Pretty easy to do, … Continue reading

Posted in .NET, Software Development | 11 Comments

Logging in C#: enumerations, thread-safe StreamWriter

Joe gave me some great feedback on the C# logging utility I wrote about a couple months ago. Per his suggestions, I modified it in the following ways: 1) Instead of using public static int variables as levels, I added … Continue reading

Posted in .NET, Software Development | 6 Comments

Fail-Safe Amazon Image… using Java, C# & ColdFusion

Paul of fame (and the fabulous SnapGallery tool) wrote an article for the O’Reilly Network recently that (I think) was an excerpt of his recently released book “Amazon Hacks“. Anyway, he shows how you can check to see if … Continue reading

Posted in .NET, ColdFusion, J2EE, Software Development | Leave a comment

Command Line Tab Completion in Windows NT/2000

This is an old trick for people used to bash on *nix machine, but noted here so that I remember to do it on every machine I use: HKEY_LOCAL_MACHINE/Software/Microsoft/Command Processor Change the value of the CompletionChar key to 9.

Posted in Software Development | 2 Comments

Custom string formatting in C#

Formatting strings for output into various mediums is always a fun… err.. required task. Every language does it differently. C# overloads the ToString() method to format a string using this syntax: Console.WriteLine(MyDouble.ToString(“C”)); where “C” is a format specifier specifically for … Continue reading

Posted in .NET | 7 Comments

Java UI icons

Sun has a graphics repository with “… graphics have been designed specifically for use with the Java look and feel.” You can download them for free here: [via: cadenhead

Posted in J2EE | 1 Comment

Spidering Hacks

I fielded a couple questions this week about search engine safe URL’s both of them along of the lines of a) how do you create them? and b) are they even worth it? I’m written about how you can create … Continue reading

Posted in Books, Software Development | Leave a comment

Martin Fowler @ NEJUG: Software Design in the Twenty-first Century

I attended the NEJUG meeting in Lowell last week that Martin Fowler spoke at. I was the guy in the back furiously typing notes, which I’m presenting for your pleasure here, revised and polished. Martin started out by saying that … Continue reading

Posted in Software Development | Leave a comment