Search Results for "Joseph Tonski"


Cloud Development with Microservices in Azure

Cloud development sometimes winds up looking a lot like traditional application development and hosting. Developers can create large, monolithic, web applications and deploy them to a virtual machine or app service. In that sense, transitioning to Azure can be simple for most developers. However, to make best use of Azure, developers need to start thinking differently. Developers need to start thinking about their software architecture in terms of microservices.
What are microservices?
Microservices are a software architecture style in which applications are composed of small, independent modules that communicate with each other using well-defined API contracts. These service modules are highly decoupled building blocks that serve a small single purpose function. The benefit of microservices architecture is that it makes development and scaling of applications easier. A microservices architecture also makes collaboration between autonomous teams easier and can enable them to bring…

a new ASP.NET Core Web Application

Creating Secure AJAX HTML Forms in ASP.NET Core MVC, Part 2: Preventing Cross-Site Request Forgery Attacks

In Part 1 of this two-part series, I showed you how to secure HTML forms from XSS and SQL Injection attacks by implementing client-side and server-side validation. In Part 2, I will show you how to build an HTML form that submits using AJAX and how to protect it from Cross-Site Request Forgery attacks.
HTML forms are one of the most common ways for a web application to accept user input. However, in this modern age, it is best practice not to reload the page whenever an HTML form is submitted. AJAX is one tool we can use to submit a form and provide feedback to the user without reloading a page. Implementing your application this way comes with inherent security concerns. One of those concerns is Cross-Site Request Forgery Attacks. This type of attack can be carried out on virtually…

Creating Secure AJAX HTML Forms in ASP.NET Core MVC, Part I: Client-Side and Server-Side Validation

In this two-part series, I will show you how to create a secure form that submits using Ajax. In part one of this series, we will create an HTML form and secure it from XSS and SQL Injection by validating user input through client-side and server-side validation.
Most modern websites have a need to take in information from a user. This is commonly done through HTML forms; the user enters information into form fields and the website submits an HTTP POST request to the server. The server can then use this information and/or store it to meet a wide variety of business needs. However, allowing any information from any source can prove disastrous for a system and is commonly the point of attack for malicious parties. SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) are common ways a malicious…


Streamlining ELMAH With A Logging Platform in ASP.NET

Logging and tracing are both critical components of enterprise software development. And yet they are often overlooked or otherwise treated as an afterthought. However, as any programmer worth his or her salt will tell you, proper logging and tracing saves countless hours and headaches when it comes to tracking down bugs in a production environment. To serve these needs, there are numerous logging frameworks to choose from. In this article I am going to explore two popular frameworks and how to best use them together as a comprehensive logging and tracing solution.
Before we begin, let’s define the difference between logging and tracing. Logging is the broad process of recording events that occur in a running software program. The resulting logs include any information about these events that the developer deems necessary. Tracing, on the other hand, is a more specialized…