Geeks With Blogs

News profile for Aligned at Stack Overflow, Q&A for professional and enthusiast programmers
"free in Christ Jesus from the law of sin and death." Romans 8:2 (ESV) Check out the Falling Plates video on YouTube.
more about the Gospel
And then listen to Francis Chan speaking at LifeLight in SD.

Donate Bitcoins

Check out Elapser from T3rse!

Programming and Learning from SD WebApi
Securing WebAPI and stopping CSRF requests
I just read this article in the June MSDN magazine by Peter Vogel and thought it needed to be highlighted. If you're using WebAPI you should think about Cross-Site Request Forgeries. It also applies to the 70-487 test. "ASP.NET doesn’t automatically protect you against Cross-Site Request Forgery (CSRF/XSRF) attacks (more on that later)." "When a user accesses an ASP.NET site using Forms Authentication, ASP.NET generates a cookie that stipulates the user is authenticated. The browser will continue ......

Posted On Monday, June 10, 2013 10:43 AM

Faking the WebApi User
I needed to unit test a WebAPI call in my MVC 4 application that checks the user's role. I'm doing this in my MVC controllers with the following code using FakeItEasy (I should do a post on that sometime): this.UserPrincipalFake = A.Fake<IPrincipal>(); A.CallTo(() => this.UserPrincipalFake.Iden... A.CallTo(() => this.UserPrincipalFake.Iden... this.HttpContextBaseFake = A.Fake<HttpContextBase&g... this.HttpContextBaseFake.User ......

Posted On Wednesday, June 5, 2013 10:29 AM

Copyright © Aligned | Powered by: | Join free