Vikram Lakhotia Blog on Asp.Net, Dot Net, SQL, VIsual Studio, C# etc

Hi,

One of the new features in Asp.Net 4.0 is the inclusion of Code expressions which are HTML encoded by default. IN Asp.Net the code expression by default does not encode any text and hence it can leave the chance of Cross Site scripting attack.

In Asp.Net 4.0 we can now write expression which will get encoded by itself. For writing HTML encoded expression we need to use the following expression

Hi,

When a page is submitted, users can also script along with the post data. Also unauthorized postback could be triggered. The event validation mechanism reduces the risk of unauthorized postback requests and callbacks when the EnableEventValidation property is set to true. This would help and provide default level of protection against cross site scripting.

In the previous versions of Asp.Net request validation was turned on by default but the validation would only apply to the asp.net pages (aspx pages and their code behind). This means there is no validation for other files requested like css, image etc.

Hi,

One of the small but important change in the Asp.Net 4.0 is the change is the Encode methods. Now the HtmlEncode and UrlEncode methods in the HttpUtility and HttpServerUtility class respectively also encode the single quote (‘).

The HtmlEncode method encodes instances of the single quotation mark as "'".

The UrlEncode method encodes instances of the single quotation mark as "%27".

Vikram

Who sells the largest number of cameras in India?

Your guess is likely to be Sony, Canon or Nikon. The answer is: None of the above. The winner is Nokia, whose main line of business in India is not cameras but cellphones.

The reason is that cameras bundled with cellphones are outselling standalone cameras. Now, what prevents the cellphone from replacing the camera outright? Nothing at all.

Try this. Who runs the biggest music business in India? The answer is Airtel. By selling caller tunes (that play for 30 seconds) Airtel earns more than music companies do by selling albums.

Airtel is not in the music business. It is the mobile service provider with the largest subscriber base in India. That sort of a competitor is difficult to detect and even more difficult to beat. By the time you have identified him, he has already gone past you. But if you imagine that Nokia and Bharti (Airtel's parent) are breathing easy, you couldn't be further from the truth.

Hi,

Today Microsoft has released Visual Studio 2010 (VS 2010) RC for MSDN Subscriber. It will be available for the General people on RC on 10th February.

If you are an MSDN subscriber you can go ahead and download the bits right now from the link below.

http://msdn.microsoft.com/en-us/vstudio/dd582936.aspx

The early feedback on Twitter seems very good already about the performance. Do check it out.

Hi,

Many a times there is requirements for us to display text in multi-line in web pages. The first try that most of the people do is by giving a fixed width to the label. But this never works.

Height and Width works only for block level element. Label is an inline element and hence setting width does not work.

What you can instead do is use a textbox with CSS that will make it looks like a label. To do this we need to set the following properties.

Hi,

There are normally two ways to compare 2 objects. One by using == operator and by using the equals method. But these two are not same in the way they implements the comparison.

The difference is there in the type of object (reference type or value type)

Value Type