tag:blogger.com,1999:blog-45779461634198706022024-03-29T02:56:37.578-07:00Sarvesh KushwahaIf at first you don't succeed, call it version 1.0Sarvesh Kushwahahttp://www.blogger.com/profile/00637015347460902643noreply@blogger.comBlogger53125tag:blogger.com,1999:blog-4577946163419870602.post-13747284225962815692017-02-12T01:54:00.000-08:002017-02-12T01:54:20.657-08:0010 Essentials C# keywords every .Net developer should know before attending an Interview #AspNetInterviewQuestionsSeries<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: left;">
<b>1. Var and/vs Dynamic</b><br />
<b><br /></b></div>
<div style="text-align: left;">
With<b> Var keyword properties / Methods /Operators etc are resolve at compile time.</b><br />
Var keyword is static typed and type cannot be change,Once you have assigned the type to var.<br />
<br />
<pre>var i = "abc";
i = 1 ; //you cannot assign it integer value once it has been marked as string
</pre>
<br />
<br />
With<b> Dynamic keyword properties / Methods /Operators etc are resolve at runtime.</b><br />
type can be change once it is already assigned.</div>
<div style="text-align: left;">
<br /></div>
<pre>dynamic i = "abc";
i = 1 ; //you can change the type in dynamic
Console.WriteLine(i.anything); //error will be given at runtime
</pre>
<b><br /></b>
<b>2. Const and ReadOnly</b><br />
<ol style="text-align: left;">
<li>Constants are evaluated at the compile-time, while the read-only variables are evaluated at the runtime. </li>
<li>Constants support only value-type variables, while read-only variables can hold reference type variables. </li>
<li>Constants should be used when the value is not changing during the runtime, and read-only variables are used mostly when their actual value is unknown before the runtime.</li>
</ol>
<div>
<br /></div>
<div>
<pre>static readonly string readonlystring; //you can levae it blank and can assign value at runtime,assign object to it
const string constring ="abc"; // you have to assign some value to const while declaring,you can assign ref type to const
</pre>
<br /></div>
<b>3. Checked and Unchecked keyword</b><br />
Checked keyword is to check integral arithmetic overflow.<br />
What will happen if you are assigning the greater value to your int than its maximum value?<br />
you will get the wrong result,to check above condition and throw airtmetic overflow use Checked keyword either in block () or in expression {} manner. <br />
<br />
<b><br /></b>
<br />
<pre>//checked block
int checkedk = int.MaxValue;
Console.WriteLine(checked(checkedk+ 20));
//checked expression
checked
{
int i = 10;
int i3 = 2147483647 + i;
Console.WriteLine(i3);
}
</pre>
<br />
unchecked keyword is just opposite of that it will not throw any exception. by default int ,byte are unchecked.<br />
<br />
<b>4. AS and IS keyword</b><br />
Both keywords are used for safe cast typing with lill diff in their working.<br />
<br />
<b>IS : </b><br />
checks whether the type of an given object is compatible with the new object type and returns Boolean type true or false.<br />
<br />
<b>AS:</b><br />
checks whether the type of an given object is compatible with the new object type and returns object if it is compatible or null if it isn't.<br />
<br />
<pre>person p = new person();
Men men = new Men();
Men m2 = p as Men;
Console.WriteLine(p is Men);
Console.WriteLine(men is person);
if(m2 !=null)
{
Console.WriteLine("m is person type");
}else
{
Console.WriteLine("m is not person type");
}
</pre>
<br />
<br />
<b>5. Volatile and Lock keyword</b><br />
volatile indicates that field can be modified by multiple thread. volatile keyword can be applied only to fields of class/struct.<br />
<br />
Lock keyword ensures that if one thread is accessed any object in lock block that will not be accessible by another thread, it will have to wait until that thread release the accessed object.<br />
<br />
<iframe frameborder="0" height="475" src="https://dotnetfiddle.net/Widget/QPKZcM" width="100%"></iframe>
<br />
<b><br /></b></div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com25tag:blogger.com,1999:blog-4577946163419870602.post-20195064111726152052017-01-29T02:07:00.000-08:002017-01-29T02:08:31.739-08:00What are Func, Predicate, Action delegates with Examples ? #AspNetInterviewQuestionsSeries<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
To learn Delegate you guys can refer my previous <a href="http://sarveshkushwaha.blogspot.in/2017/01/what-are-delegates-when-and-why-we-should-use-delegates.html">article</a>. In this article we will learn about what are Func, Predicate and Action Delegate. <br />
Keeping the power of delegates in the mind .Net Framework has introduced the predefined delegates which can be useful for a developer. .Net Framework has also used these predefined delegates at many places e.g LINQ.<br />
<br />
<b>Action Delegate: </b>As its name is ACTION this delegate ensures to performs actions and does not return anything. Action Delegate can take upto 16 parameters and returns nothing as they are void delegates and their primary task to perform some action. You can create Action in C# :<br />
<br />
<pre>// define action
Action<string> myAction;
// F12 definition will be of your action, it can go upto 16 parameters
public delegate void Action<in T>(T obj);
</pre>
</div>
<b> </b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-2pjL21cZmog/WI22TJhhmNI/AAAAAAAAJ9U/7gvSWqyOKwcFcUg5R9S4L8oEoxHHvkTrwCLcB/s1600/ActionDelegate.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="79" src="https://4.bp.blogspot.com/-2pjL21cZmog/WI22TJhhmNI/AAAAAAAAJ9U/7gvSWqyOKwcFcUg5R9S4L8oEoxHHvkTrwCLcB/s640/ActionDelegate.jpg" width="640" /></a></div>
<br />
<br />
Example : they are most commonly getting used in <span style="background-color: #cccccc;">List<T>.ForEach</span> like functions.<br />
<br />
<a name='more'></a><br />
<br />
<b>Func Delegate : </b>Once again remember its by name it is a function type delegate which will have a return type.<b> Func Delegate's last parameter determine its Output type</b>. <br />
<br />
<br />
<pre>//define func
Func<string, string > abc;
</pre>
<br />
Func can have maximum 16 input parameters and last parameter/single parameter will always be the output type o that delegate.<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-EuOZ_kN0ZjE/WI22pw_zQII/AAAAAAAAJ9Y/mrjZeUra4FsMltBr9tEjIajvm81xqr5VACLcB/s1600/FuncDelegate.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="60" src="https://4.bp.blogspot.com/-EuOZ_kN0ZjE/WI22pw_zQII/AAAAAAAAJ9Y/mrjZeUra4FsMltBr9tEjIajvm81xqr5VACLcB/s640/FuncDelegate.jpg" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
Example : Linq using func delegates in SELECT, WHERE , JOIN and more..<br />
<b><br /></b>
<b>Predicate Delegate : </b>We can say predicate is wrapper of func<T1, out Boolean> . Predicate takes only one parameter and returns Boolean as an output.<br />
<br />
<br />
<pre>//define predicate,predicate takes only one parameter
Predicate<string > abc;
</pre>
<br />
Example : Predicate is mostly used in List<T> for methods like FindAll and RemoveAll.<br />
<br />
How you can write your own Action,Func,Predicate delegate ,Running Code Example:<br />
<br />
<iframe frameborder="0" height="475" src="https://dotnetfiddle.net/Widget/xr1GZu" width="100%"></iframe>
Code In case .Net Fiddle not works :
<br />
<pre>using System;
public class Program
{
public static void Main()
{
// * Action Delegate *
Action<string> PerformActionDoNotReturn = new Action<string>(WriteInConsole);
// can be also called as PerformActionDoNotReturn.Invoke("asasasas");
PerformActionDoNotReturn("Yeah i am anAction");
// *Func Delegate*
Func<int int=""> PerformActionReturnMeSomething = new Func<int int="">(DoubleMyMoney);
Console.WriteLine(PerformActionReturnMeSomething(10000));
// *Predicate Delegate*
Predicate<object> checkStringType = new Predicate<object>(IsThisString);
Console.WriteLine(checkStringType(123));
Console.WriteLine(checkStringType("fddfd"));
}
static void WriteInConsole(string str)
{
Console.WriteLine(str);
}
static int DoubleMyMoney(int mymoney)
{
return mymoney * mymoney;
}
static bool IsThisString(object str)
{
return str is string ? true : false;
}
}
</pre>
<br />
Hope my this series will help somebody to get a job :) :) . Happy coding :)<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com3tag:blogger.com,1999:blog-4577946163419870602.post-3656047207333886012017-01-27T05:46:00.002-08:002017-01-27T05:51:39.940-08:00 What are Delegates ? When and why we should use Delegates in C# with example ? #AspNetInterviewQuestionsSeries<div dir="ltr" style="text-align: left;" trbidi="on">
<b>Delegates :</b><br />
<b><br /></b>
Delegate word in English defines that entrust (a task or responsibility) to another person.Same concept is follows in C# with some additional properties.<br />
<br />
<b>Delegates Overview :</b><br />
Delegates have the following properties:<br />
<br />
<ol style="text-align: left;">
<li>Delegates are similar to C++ function pointers, but are type safe. </li>
<li>Delegates allow <b>methods to be passed as parameters</b>. </li>
<li>Delegates can be used to define <b>callback </b>methods. </li>
<li>Delegates can be chained together; for example, multiple methods can be called on a single event. </li>
<li>Used as anonymous methods (inline code). </li>
</ol>
<br />
<a name='more'></a><br />
<br />
<div>
<br /></div>
<div>
Referenced from <a href="https://msdn.microsoft.com/en-us/library/ms173171.aspx" rel="nofollow" target="_blank">MSDN</a>. <b>Now Lets understand each statement by code</b> :<br />
<br />
<br /></div>
<iframe frameborder="0" height="675" src="https://dotnetfiddle.net/Widget/xr1GZu" width="100%"></iframe>
<br />
<div>
<br /></div>
<div style="text-align: left;">
1. <b>Delegates are similar to C++ function pointers, but are type safe.</b></div>
<pre>// below delgates definition ensures that when i call this delgate
//it should point to a function which has only one integer and as a function
//should not return anything
public delegate void MyTypeSafeDelegate(int intParam);
</pre>
<br />
So delegates in C# gives the guarantee to refer to the valid method with correct signature and parameters.<br />
<br />
<b>2. Delegates allow methods to be passed as parameters. </b><br />
<div>
<b><br /></b></div>
<div>
<b><br /></b>
<br />
<pre> //Point 2. Delegates allow methods to be passed as parameters.
public delegate double MyFunctionDelegate(double intParam);
//using tradaional delgate way
public static double DoSomeComputaion(double x, MyFunctionDelegate f)
{
double h = 0.0000001;
return (f(x - h) + f(x)) ;
}
// using func delegate,last parameter of func is always an output from
// that function
public static double DoSomeComputaionUsingFunc(double x, Func<double double=""> f)
{
double h = 0.0000001;
return (f(x - h) + f(x)) ;
}
//this is the function which will be passed as parameter
public static double MyFunctionMethod(double x)
{
// Can add more complicated logic here
return x + 10;
}
</double></pre>
<br />
<b>3. Delegates can be used to define callback methods. </b><br />
Lets suppose we have two class and one class has a long running task and i want to notify another class the status of that long running task. In that case we can use callback with the help of delegate.<br />
<br />
To achieve this i have created two class i.e <span style="background-color: #cccccc;">Program </span>and <span style="background-color: #cccccc;">ClassA</span>. In <span style="background-color: #cccccc;">ClassA </span>i have a long running task and i want to notify the class <span style="background-color: #cccccc;">Program </span>about it. So Lets see the code now how we will achieve this :<br />
<br />
<br />
<pre>
//Point 3. Delegates can be used to define callback methods.
// Created a class with a long running task and want to notify the class
//Program about it.
public class classA
{
public delegate void DelCallback(string message);
public void LongrunningTask(DelCallback callbackmessageToProgramClass)
{
for(int i =0;i less than 10;i++)
{
callbackmessageToProgramClass(i.ToString());
}
}
}
//Point3. In class Program creating a void message to print message from callback
public static void DelegateCallBackPrintMethod(string message)
{
System.Console.WriteLine(message);
}
//Point3. call the long running task and get the info in this class
classA AOObj= new classA();
AOObj.LongrunningTask(DelegateCallBackPrintMethod);
</pre>
<br />
<b>4. Delegates can be chained together; for example, multiple methods can be called on a single event. </b><br />
<b><br /></b>
Lets suppose i have two methods and i want to call them on a single event in that case we can use delegates too. I have created two methods <span style="background-color: #cccccc;">addvalues </span>and <span style="background-color: #cccccc;">minusvalues </span>and i want to call them in single event. To chain in this way we call them Multicast delegate.<br />
<br />
<b>+= means Delegate.Combine();</b><br />
<b>-= means Delegate.Remove();</b><br />
<br />
Code:<br />
<br />
<br />
<pre>//point 4 . Delegates can be chained together;
//for example, multiple methods can be called on a single event.
public delegate int MultipleDelCall(int y,int z);
private int addValues(int y, int z)
{
return y + z;
}
private int minusValues(int y,int z)
{
return y - z;
}
//now call these methods by delegate, we can call them on dynamic condition as well
//Point 4 . Delegates can be chained together; for example, multiple methods can
// be called on a single event.
Program p = new Program();
MultipleDelCall dd = p.addValues;
Console.WriteLine(dd(3,4).ToString()); //calls p.addvalues
dd += p.minusValues;//dd += new d(p.n);
Console.WriteLine(dd(3,4).ToString()); //calls boths p.addvalues and p.minusvalues
dd -= p.addValues;
Console.WriteLine(dd(3,4).ToString()); // only calls p.minusvalues
</pre>
<br />
<b>5. Used as anonymous methods (inline code).</b><br />
we can think lambda expression as inline delegate method.<br />
<br />
Code:<br />
<pre>//Point 5.Used as anonymous methods (inline code).
IEnumerable<person> pResult = p.People.Where(z => z.LName=="Kushwaha");
//you can see delegate can be used inline anonmoyus method
IEnumerable<person> pResultDelegateWay = p.People.Where( delegate (Person X)
{
return X.LName == "Kushwaha";} }
//Point 5.Used as anonymous methods (inline code).
public class Person
{
public string FName{get;set;}
public string LName{get;set;}
}
List<person> People = new List<person>{
new Person{ FName = "Sarvesh", LName ="Kushwaha"},
new Person{ FName = "Love", LName ="Kushwaha"},
};
</person></person></person></person></pre>
<br />
<br />
<span class="post-icons" style="background: rgb(255 , 255 , 255); border: 0px; color: #333333; font-family: "helvetica neue" , "helvetica" , "arial" , sans-serif; font-size: 14px; font-style: normal; font-weight: 300; letter-spacing: normal; margin: 0px; padding: 0px; text-align: left; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; word-spacing: 0px;"></span>
<br />
<div class="entry-content" id="post-body-5947508115483574921" style="background: rgb(255, 255, 255); border: 0px; clear: both; color: #333333; font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; font-size: 14px; margin: 0px; padding: 0px; vertical-align: baseline;">
<div dir="ltr" style="background: transparent; border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;" trbidi="on">
Hope my this series will help somebody to get a job :) :) . Happy coding :) </div>
<div style="background: transparent; border: 0px; clear: both; margin: 0px; padding: 0px; vertical-align: baseline;">
</div>
<div style="background: transparent; border: 0px; line-height: 22px; margin-bottom: 1.625em; padding: 0px; vertical-align: baseline;">
</div>
</div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com2tag:blogger.com,1999:blog-4577946163419870602.post-25850442460288576642017-01-26T00:31:00.000-08:002017-01-27T07:34:42.440-08:00How to acess INTERNAL types and members into another assembly ? #AspNetInterviewQuestionsSeries<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
Lets learn about <span style="background-color: #cccccc;"><span style="background-color: #cccccc;">INTERNAL</span><span style="background-color: white;"> </span></span>keyword in C#. Basically <span style="background-color: #cccccc;"><span style="background-color: #cccccc;">INTERNAL</span><span style="background-color: white;"> </span></span><span style="background-color: white;">keyword is an access modifier which ensures that types and members within the same assembly. </span><br />
<span style="background-color: white;"><br /></span>
<b><span style="background-color: white;">But is there any way we can access the </span><span style="background-color: #cccccc;">INTERNAL</span></b><span style="background-color: white;"><b><span style="background-color: #cccccc;"> </span><span style="background-color: white;">type and members from another assembly? </span></b></span><br />
<span style="background-color: white;"><br /></span>
<span style="background-color: white;">yeah there is actually. We can use </span><span style="background-color: white;"> the </span><span style="background-color: #cccccc;"><span style="background-color: #cccccc;">INTERNALVISIBLETO</span><span style="background-color: white;"> </span></span><span style="background-color: white;">keyword into assmeblyinfo.cs or onto the class at namespace level using </span><span style="background-color: #cccccc;">System.Runtime.CompilerServices</span>.<br />
<br />
Lets Code :<br />
<br />
I have created two projects into a solution so we can have two diff assembly.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-MDEAQVWq5ik/WImejtAo4WI/AAAAAAAAJ80/TI2ImVFDWcoEnbRuG7yHnBTjzCIZH0SXwCLcB/s1600/TwoAssemblyWithInternalClassAndMember.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="342" src="https://1.bp.blogspot.com/-MDEAQVWq5ik/WImejtAo4WI/AAAAAAAAJ80/TI2ImVFDWcoEnbRuG7yHnBTjzCIZH0SXwCLcB/s640/TwoAssemblyWithInternalClassAndMember.jpg" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<a name='more'></a>as you can see above i have created an internal class and a internal member method.<br />
Code :<br />
<br />
<pre>namespace ConsoleApplication3
{
internal class Program
{
static void Main(string[] args)
{
}
internal static int calculateLength(string s)
{
return s.Length;
}
}
}
</pre>
<br />
now what i have done is added this <span style="background-color: #cccccc;">consoleapplication3 </span>assembly as a reference in my <span style="background-color: #cccccc;">consoleapplication1 </span>. But if i am trying to access the class program of <span style="background-color: #cccccc;">consoleapplication3 </span>in <span style="background-color: #cccccc;">consoleapplication1 </span>i receive a compile time error i.e "Program' is inaccessible due to its protection level" .<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-BOzrsYsYWDY/WImgodSy3lI/AAAAAAAAJ9E/GiX22yUccI0uRHI7vZmrJziSVqSeKIx3QCLcB/s1600/notaccesible.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://3.bp.blogspot.com/-BOzrsYsYWDY/WImgodSy3lI/AAAAAAAAJ9E/GiX22yUccI0uRHI7vZmrJziSVqSeKIx3QCLcB/s1600/notaccesible.jpg" /></a></div>
<br />
<br />
<br />
To access the internal class and its internal member we can use <span style="background-color: #cccccc;"><span style="background-color: #cccccc;">INTERNALVISIBLETO </span><span style="background-color: white;"> </span></span><span style="background-color: white;">as follows;</span><br />
<span style="background-color: white;"><br /></span>
<span style="background-color: white;"><b>Solution 1</b> : add </span><span style="background-color: #cccccc;"><span style="background-color: #cccccc;">INTERNALVISIBLETO </span><span style="background-color: white;"> </span></span><span style="background-color: white;">assemblyinfo.cs file </span><br />
<span style="background-color: white;"><br /></span>
<br />
<pre>using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
// General Information about an assembly is controlled through the following
// set of attributes. Change these attribute values to modify the information
// associated with an assembly.
[assembly: AssemblyTitle("ConsoleApplication3")]
[assembly: AssemblyDescription("")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("")]
[assembly: AssemblyProduct("ConsoleApplication3")]
[assembly: AssemblyCopyright("Copyright © 2017")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]
[assembly: InternalsVisibleTo("ConsoleApplication1")]
</pre>
<span style="background-color: white;"><br /></span>
<span style="background-color: white;"><br /></span>
<br />
<b>Solution 2</b> : Add it at namespace level in class <span style="color: blue; font-family: "consolas"; font-size: 13px;">using</span><span style="background-color: white; font-family: "consolas"; font-size: 13px;"> System.Runtime.CompilerServices;</span><br />
<span style="background-color: white; font-family: "consolas"; font-size: 13px;"><br /></span>
<br />
<pre>using System.Runtime.CompilerServices;
[assembly: InternalsVisibleTo("ConsoleApplication1")]
namespace ConsoleApplication3
{
internal class Program
{
static void Main(string[] args)
{
}
internal static int calculateLength(string s)
{
return s.Length;
}
}
}
</pre>
<b>Solution 3</b> : We can use reflection to achieve this :<br />
<br /></div>
<pre>using System;
using System.Linq;
using System.Reflection;
namespace ConsoleApplication1
{
class Program
{
static void Main(string[] args)
{
var type = Assembly.Load("ConsoleApplication3").GetTypes().First(x => x.Name.Equals("Program", StringComparison.Ordinal));
var methods = type.GetMethods();
MethodInfo dynMethod = type.GetMethod("calculateLength", BindingFlags.NonPublic | BindingFlags.Static);
dynamic result = null;
if (dynMethod != null)
{
ParameterInfo[] parameters = dynMethod.GetParameters();
object classInstance = Activator.CreateInstance(type, null);
object[] parametersArray = new object[] { "Hello" };
result = dynMethod.Invoke(classInstance, parameters.Length == 0 ? null : parametersArray );
}
// int a = ConsoleApplication3.Program.calculateLength("gfgfgffg");
Console.ReadLine();
}
}
}
</pre>
<div>
<br />
I think we should use this <span style="background-color: #cccccc;">INTERNALVISIBLETO </span>attribute when we have to create unit test assemblies that are allowed to call internal members of internal assemblies to be tested.</div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com1tag:blogger.com,1999:blog-4577946163419870602.post-59475081154835749212017-01-21T04:08:00.000-08:002017-01-26T02:19:31.534-08:00How to implement only few signature of an Interface ? #AspNetInterviewQuestionsSeries<div dir="ltr" style="text-align: left;" trbidi="on">
lets make this question situational :) .An interviewer can ask you like this : <br />
<b><br /></b>
<br />
<div style="text-align: left;">
<b>
Lets suppose i am having an <span style="font-size: small; font-weight: normal;">Interface </span>and this <span style="font-size: small; font-weight: normal;">Interface </span>consisting five methods signatures.This <span style="font-size: small; font-weight: normal;">Interface </span>is already being consumed by our thousand of customer and now new customer came and asked that we need only three method inside that. what will you do to resolve this situation or what will you suggest to your customer ?</b> </div>
<div style="text-align: left;">
<br /></div>
Possible solutions are to this situation are as follows :<br />
<br />
<ol style="text-align: left;">
<li>Implement that Interface using an Abstract class and mark those methods as abstract which you don't want to implement.</li>
<li>If class should be concrete then you can implement rest of the functions and throw exceptions like <span style="background-color: #999999;">NotImplementedException </span>or <span style="background-color: #999999;">NotSupportedException</span><span style="background-color: white;"> .</span></li>
<li><span style="background-color: white;">Last you can segregate that Interface further into two interface and implement those in class.But then in above scenario it will become a tough situation.</span></li>
</ol>
<div>
<br />
<a name='more'></a>Below is the running example :</div>
<div>
<br />
<iframe frameborder="0" height="475" src="https://dotnetfiddle.net/Widget/Avfr52" width="100%"></iframe><br />
<br />
Code Text :<br />
<br />
<br />
<pre>using System;
public class Program
{
public static void Main()
{
ConcreteClass C = new ConcreteClass();
C.DoSomethingElse3();
}
public interface Iinterface
{
void DoSomething();
void DoSomethingElse();
void DoSomethingElse1();
//customer dont want to implemnet below ones
void DoSomethingElse2();
void DoSomethingElse3();
}
//Solution 1 : create an abstract class
public abstract class MyClass: Iinterface
{
public void DoSomething(){}
public void DoSomethingElse(){}
public void DoSomethingElse1(){}
// Mark those Abstract which you dont want to implement
public abstract void DoSomethingElse2();
public abstract void DoSomethingElse3();
}
//Solution 2 : Use these keywords NotImplementedException/NotSupportedException
public class ConcreteClass : Iinterface
{
public void DoSomething(){}
public void DoSomethingElse(){}
public void DoSomethingElse1(){}
// keywords NotImplementedException/NotSupportedException
public void DoSomethingElse2()
{
throw new NotSupportedException();
}
public void DoSomethingElse3()
{
throw new NotImplementedException();
}
}
// Solution 3 : Segregate interface into logical units this should how we design our application in the beginning,
}
</pre>
</div>
Hope my this series will help somebody to get a job :) :) . Happy coding :) </div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com0tag:blogger.com,1999:blog-4577946163419870602.post-85755796387443544572017-01-20T22:34:00.000-08:002017-01-21T03:19:23.881-08:00How you can limit a class to create only two instances ? #AspNetInterviewQuestionsSeries<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 style="text-align: left;">
How you can limit a class to create only two(n) instances ?</h2>
<br />
This is one of my favorite question in an interview.So before watching the answer take a minute and think how you can create a such class .. tough ? Ahan its very easy.<br />
<br />
<b> Answer : </b>The basic idea is create a static property and increment that in constructor every time you are creating an object of that class. And throw an exception when that count is greater than two.<br />
<br />
next question which can be ask is :<br />
<a name='more'></a><br />
<h3 style="text-align: left;">
How you will decrement the count of that property when object is disposed ? Is it thread safe ?</h3>
<div>
<b>Answer :</b> you will use destructor for that and decrement the count there. Additionally to make it thread safe we can use LOCK keyword or INTERLOCKED keyword.<br />
<br />
Below is the running example :</div>
<br />
<iframe frameborder="0" height="475" src="https://dotnetfiddle.net/Widget/P06s9r" width="100%"></iframe>
<br />
<br />
<b>Code Text :</b><br />
<br />
<pre>using System;
using System.Threading;
public class Program
{
public static void Main()
{
TwoInstance T1 = new TwoInstance();
TwoInstance T2 = new TwoInstance();
TwoInstance T3 = new TwoInstance(); // this will throw an error :)
}
public class TwoInstance
{
private static int countInstances=1;
//*if you want to get the count outside then make it
//public or create a static int method which will return this property*
public TwoInstance()
{
Console.WriteLine("Instance" + countInstances + "Created");
// countInstances++; *this is the basic thing which came
// into my mind at the time of iterview but this is not thread safe*
Interlocked.Increment(ref countInstances);
// thread safe way to increment the counter or we can use LOCK keyword
if(countInstances>=3)
{
throw new Exception("You cannot create more then two object");
}
}
~TwoInstance()
{
Interlocked.Decrement(ref countInstances);
}
}
}
</pre>
Hope my this series will help somebody to get a job :) :) . Happy coding :) </div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com1tag:blogger.com,1999:blog-4577946163419870602.post-4405942698293256442016-01-17T04:20:00.003-08:002016-01-17T04:28:56.139-08:00Angular.js for ASP.NET MVC Developers-Basics (Architecture goals and Components)<div dir="ltr" style="text-align: left;" trbidi="on">
<h3 style="text-align: left;">
Angular.Js architecural goals: </h3>
Following is the self explanotry pic :<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-EQYY6iLIfSw/VptWUqwfCWI/AAAAAAAAA3s/1LvyWip8Xgk/s1600/Angular2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="358" rel="lytebox" src="http://3.bp.blogspot.com/-EQYY6iLIfSw/VptWUqwfCWI/AAAAAAAAA3s/1LvyWip8Xgk/s640/Angular2.jpg" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<a name='more'></a><br />
<br />
<ol style="text-align: left;">
<li><b>Two way Binding : </b>two way binding is basically when </li>
<ul>
<li>view changes it updates model .</li>
<li>model updates it changes view and so on.</li>
</ul>
<li><b>Dirty Checking: </b> Angular defines a concept of a so called digest cycle. This cycle can be considered as a loop, during which Angular checks if there are any changes to all the variables watched by all the $scopes. So if you have $scope.myVar defined in your controller and this variable was marked for being watched, then you are explicitly telling Angular to monitor the changes on myVar in each iteration of the loop. Refernced from stackoverflow.</li>
<li><b>Dependcy Injection : </b>Encapsulate the code and made code more unit testable.</li>
</ol>
<div>
<br /></div>
<h3 style="text-align: left;">
Angular Components:</h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-zwjaiG48u9A/VpuEV2wfOGI/AAAAAAAAA34/-zM6Yy_9uUk/s1600/Angular3.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;" rel="lytebox"><img border="0" height="358" src="http://4.bp.blogspot.com/-zwjaiG48u9A/VpuEV2wfOGI/AAAAAAAAA34/-zM6Yy_9uUk/s640/Angular3.jpg" width="640" /></a></div>
<div>
<br /></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Thanks for reading this blog post.<br />
<br />
<h3 style="text-align: left;">
Interview Questions on Angular from this blog post:</h3>
<br />
<ol style="text-align: left;">
<li>What is two way binding in Angular.js ?</li>
<li>What is role of Controller ?</li>
<li>Where should we put the business logic in Angular.js ?</li>
<li>What is Dirty Checking in Angular.js ?</li>
</ol>
<br />
<br />
Once again i try to follow the approach write less , learn more !!!! :) :) </div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com13tag:blogger.com,1999:blog-4577946163419870602.post-26876065185935780602015-11-13T02:51:00.000-08:002016-01-16T23:13:27.586-08:00Angular.js for ASP.NET MVC Developers- Basics<div dir="ltr" style="text-align: left;" trbidi="on">
Fiuuuuuuuu After a long time I am again thinking to write a series.This time most popular JS library i.e angular.js for asp.net MVC developers.<br />
Being an ASP.NET developer, I didn't find many resources on the internet for angular.js with AS.NET MVC.In this First blog, I will Introduce the angular.js for ASP.NET MVC guys.<br />
<br />
<h3 style="text-align: left;">
What is Angular.js?</h3>
<div>
<br /></div>
AngularJS is a client-side MVW(W stands for whatever) or MV* framework written in JavaScript. It runs in a web browser and greatly helps us (developers) to write modern, single-page, AJAX-style<br />
web applications.<br />
We can angular.js is an <b>opinionated framework or software</b> which tells or suggest us how to solve a problem in an efficient manner.Although there can be many solutions to a problem but angular feature specifications tells to do them in an efficient manner.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-g5PWXygDFSk/VkW0mRM2HJI/AAAAAAAAA3E/O0KRKYyJQeE/s1600/Angular1.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="362" src="http://3.bp.blogspot.com/-g5PWXygDFSk/VkW0mRM2HJI/AAAAAAAAA3E/O0KRKYyJQeE/s640/Angular1.jpg" width="640" /></a></div>
<br />
<br />
<a name='more'></a><br />
<br />
<h3>
Why an ASP.NET MVC Developer should use it?</h3>
<div>
MVC developer has to write to much code on the client side as well.But why angular when we are already doing well with jQuery, knockout, kendoUi.</div>
<div>
</div>
<div>
Following are the reasons why a developer should use Angular.js</div>
<div>
<br />
<ul style="text-align: left;">
<li><b>Two-way data binding</b> at client side (Knockout can be used, for jQuery we will have to write too much code in comparison to angular)</li>
</ul>
<br />
<ul style="text-align: left;">
<li>Declarative way to write code (knockout can be used as well) <a href="http://jsfiddle.net/sarveshkushwaha/75m7e/1488/">Fiddle</a></li>
</ul>
<pre> <tr ng:repeat="<b>item in invoice.items</b>">
<td><input type="text" ng:model="<b>item.description</b>"class="input-small"></td>
<td><input type="number" ng:model="<b>item.qty</b>" ng:required class="input-mini"></td>
<td><input type="number" ng:model="<b>item.cost</b>" ng:required class="input-mini"></td>
<td>{{item.qty * item.cost | currency}}</td>
<td>
[<a href ng:click="removeItem($index)">X</a>]
</td>
</tr>
<tr></pre>
</div>
<div>
<br />
<br />
<ul style="text-align: left;">
<li>The Well managed way to write the code at client side</li>
<li><b>Testing</b> was the main concern for angular.js , We can do unit testing and end to end testing using their KARMA tool which was specially designed for angular (known as testacular as well)</li>
<li> HTML Templating</li>
<li>currency formatting</li>
<li>pluralization</li>
<li>reusable controls (By creating HTML Directives)</li>
<li>RESTful API handling</li>
<li>AJAX handling</li>
<li>modularization</li>
<li>dependency injection</li>
</ul>
<ol style="text-align: left;"></ol>
<ol style="text-align: left;"></ol>
<ol style="text-align: left;"></ol>
<ol style="text-align: left;"></ol>
<ol style="text-align: left;"></ol>
<ol style="text-align: left;"></ol>
<ol style="text-align: left;"></ol>
<ol style="text-align: left;"></ol>
Will elaborate each point in my coming blogs. :) :)<br />
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com43tag:blogger.com,1999:blog-4577946163419870602.post-43237783562047673832015-07-05T09:49:00.001-07:002015-07-05T09:49:07.036-07:00Learn Bootstrap in 15 minutes<div dir="ltr" style="text-align: left;" trbidi="on">
<iframe allowfullscreen="" frameborder="0" height="455" marginheight="0" marginwidth="0" scrolling="no" src="//www.slideshare.net/slideshow/embed_code/key/jyrey1O45Dr2Fp" style="border-width: 1px; border: 1px solid #CCC; margin-bottom: 5px; max-width: 100%;" width="600"> </iframe> <br />
<div style="margin-bottom: 5px;">
<strong> <a href="https://www.slideshare.net/SarveshKushwaha/bootstrap-50185125" target="_blank" title="Bootstrap">Bootstrap</a> </strong> from <strong><a href="https://www.slideshare.net/SarveshKushwaha" target="_blank">Sarvesh Kushwaha</a></strong> </div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com1tag:blogger.com,1999:blog-4577946163419870602.post-10220392455777216042015-03-29T09:33:00.001-07:002015-03-29T09:33:56.689-07:00JavaScript For C# Developer<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
This Presentation depicts JavaScript concept for Csharp developer.It helps to understand the concepts of JavaScript resembling/differentiate them with C# concepts.<br />
<div>
<br /></div>
It took one week to complete the fundamental concepts of angular.Js, but it took more than one month to understand the concepts of javascript and relate it to C#.<br />
<br />
So here it is:<br />
<iframe allowfullscreen="" frameborder="0" height="525" marginheight="0" marginwidth="0" scrolling="no" src="//www.slideshare.net/slideshow/embed_code/46418606" style="border-width: 1px; border: 1px solid #CCC; margin-bottom: 5px; max-width: 100%;" width="605"> </iframe> <br />
<div style="margin-bottom: 5px;">
<strong> <a href="https://www.slideshare.net/SarveshKushwaha/javascriptforcsharp-developer" target="_blank" title="JavaScript For CSharp Developer">JavaScript For CSharp Developer</a> </strong> from <strong><a href="https://www.slideshare.net/SarveshKushwaha" target="_blank">Sarvesh Kushwaha</a></strong> </div>
<br />
<br /></div>
Sarvesh Kushwahahttp://www.blogger.com/profile/00637015347460902643noreply@blogger.com1tag:blogger.com,1999:blog-4577946163419870602.post-15429146025664443002015-01-03T21:55:00.001-08:002015-01-03T21:55:31.722-08:00Hack proof your asp.net applications from Session Hijacking<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 style="text-align: left;">
Introduction:</h2>
<div>
<div style="text-align: left;">
<span style="color: #444444;"><span style="background-color: white; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 19.6000003814697px;">This article </span></span><span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="font-size: 14px; line-height: 19.6000003814697px;">is the Part-6 of my series Hack Proof your asp.net and asp.net mvc applications. In this article, I will describe what exactly Session Hijacking (Man-in the-middle-attack) is and how a hacker exploits it and how we can prevent Session Hijacking attack in asp.net applications.</span></span></div>
<div style="text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="font-size: 14px; line-height: 19.6000003814697px;"><br /></span></span></div>
</div>
<h2 style="text-align: left;">
Background:</h2>
<div>
<div style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">
<div style="background-attachment: initial; background-clip: initial; background-color: white; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 19.6000003814697px; margin: 0px; padding: 0px; vertical-align: baseline;">
You can read previous article of this series from below links :</div>
<div style="background-color: white; color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 19.6000003814697px;">
<br /></div>
<div style="background-color: white; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">
<ol style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; font-size: 14px; line-height: 19.6000003814697px; list-style-image: initial; list-style-position: initial; margin: 0px 0px 1.625em 2.5em; padding: 0px; vertical-align: baseline;">
<li style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #333333; font-family: 'Segoe UI', Arial, sans-serif; margin: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.codeproject.com/Articles/604268/Hack-Proof-Your-ASP-NET-Applications-From-SQL-Inje" style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #726763; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 24px; margin: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank" title="SQLInjection"><span style="background: transparent; border: 0px; color: #3d85c6; margin: 0px; padding: 0px; vertical-align: baseline;">Secure your ASP.NET applications from SQL Injection</span></a></li>
<li style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #333333; font-family: 'Segoe UI', Arial, sans-serif; margin: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.codeproject.com/Articles/617043/Hack-Proof-Your-ASP-NET-Application-From-Cross-Sit" style="background: transparent; border: 0px; color: #726763; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 24px; margin: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;"><span style="background: transparent; border: 0px; color: #3d85c6; margin: 0px; padding: 0px; vertical-align: baseline;">Secure your ASP.NET applications from XSS Attack</span></a></li>
<li style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #333333; font-family: 'Segoe UI', Arial, sans-serif; margin: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.codeproject.com/Articles/686881/Hack-Proof-Your-ASP-NET-Applica" style="background: transparent; border: 0px; color: #726763; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 24px; margin: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank"><span style="background: transparent; border: 0px; color: #3d85c6; margin: 0px; padding: 0px; vertical-align: baseline;">Secure your ASP.NET applications from CSRF Attack</span></a></li>
<li style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #333333; font-family: 'Segoe UI', Arial, sans-serif; margin: 0px; padding: 0px; vertical-align: baseline;"><span style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #3d85c6; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 24px; margin: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;"><a href="http://www.codeproject.com/Articles/783229/Hack-proof-your-ASP-NET-applications-from-Sensitiv" target="_blank">Secure your ASP.NET applications from Sensitive Data Exposure and Information Leakage</a></span></li>
<li style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #333333; font-family: 'Segoe UI', Arial, sans-serif; margin: 0px; padding: 0px; vertical-align: baseline;"><span style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #3d85c6; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 24px; margin: 0px; padding: 0px; vertical-align: baseline;"><a href="http://sarveshkushwaha.blogspot.in/2014/10/hack-proof-your-javascript-using-obfuscation-asp-net.html" target="_blank">Secure your Javascript using Javascript Obfuscation in asp.net applications</a></span></li>
</ol>
<div>
<a name='more'></a><br /></div>
<h2 style="text-align: left;">
Session Hijacking :</h2>
</div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">Before explaining session hijacking i want to tell how asp.net do session management.Whenever a new session is created a cookie is generated for that user , this cookie becomes the session ID , so all the request can serve using that session ID.</span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">If somehow a hacker can sniff or steal the session id he can forge the request as a valid user (i.e impersonate as you) .</span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div class="separator" style="background-color: white; clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-nU9H6Ho8OpxdHIv6zm2VrM-ibaF_nAgFOoohR0GQ1rLhG_C4kNkxtBtaVvjHmC1EWZaLb9FdOhCAumzN3m4KTpeZSNe-5K84KU5wkIChTrC5koCtIo1tYpfGeXl1b8FWwifPscexKV0/s1600/SessionHijacking.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-nU9H6Ho8OpxdHIv6zm2VrM-ibaF_nAgFOoohR0GQ1rLhG_C4kNkxtBtaVvjHmC1EWZaLb9FdOhCAumzN3m4KTpeZSNe-5K84KU5wkIChTrC5koCtIo1tYpfGeXl1b8FWwifPscexKV0/s1600/SessionHijacking.jpg" height="348" width="640" /></a></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">Impact of session hijacking is Severe , he can do anything what a Authentic user allowed to do on any website.</span></div>
<div style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<h2 style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">How is it Exploited :</span></h2>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">Below are some ways , How to Session ID can be attacked :</span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"></span><br />
<div>
<ol style="text-align: left;"><span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
<li>Sniffing of session on less secure network,</li>
<li>Man in the middle attack (Any proxy configuration installed on system example : See your traffic easily on fiddler),</li>
<li>Stealing from Victim machine,</li>
<li>alert cookie using XSS attack,</li>
<li>if url based session is used ,Simply copy and paste session ID from url.</li>
</span></ol>
</div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
</span>
<br />
<h4>
<span style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
Demo for Asp.net Application :</span></h4>
<b><span style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
</span>
</b><br />
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">To Demonstrate Session Hijacking I am using two different browsers (Chrome and Mozilla)</span></div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
</span>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">different programs with different session.Note : Normally this attack occurs on different machines.</span></div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
<div>
<br /></div>
<div>
<b>User logged into chrome and generated the Session ID : (Chrome in my case)</b></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEif-A9LxuIkn5gj-AtRq_e7N2gRnLfQBnVtEie9LdEXRB6W_5Np40S0wE3UN04tSIzu13n5Xx4U2EFcwiRcYpHGQULKJyBIlbZ0IwlE-WHI_rzM_gQkU9nkoaqDYI1P6w-dCfpWWAhy2oU/s1600/Chrome1SH.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEif-A9LxuIkn5gj-AtRq_e7N2gRnLfQBnVtEie9LdEXRB6W_5Np40S0wE3UN04tSIzu13n5Xx4U2EFcwiRcYpHGQULKJyBIlbZ0IwlE-WHI_rzM_gQkU9nkoaqDYI1P6w-dCfpWWAhy2oU/s1600/Chrome1SH.jpg" height="306" width="640" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<b> Attacker sniffed your session ID : (Mozilla)</b></div>
<div>
</div>
<div>
Attacker now logging into another machine and used your session ID :</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIykJvEshDdAuShngK1oOVjvq5pigSJWVfNDoiz8exOWg8Z55JIbjlViDUsz4irZ0WHaRZxmZRbxzqExIx-LzFeaL2_hchgkI5SmOTQ9PEeWqPF0cZGyTWByUKfA3TTgnPy08_PfTIjmc/s1600/MozillaSH.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIykJvEshDdAuShngK1oOVjvq5pigSJWVfNDoiz8exOWg8Z55JIbjlViDUsz4irZ0WHaRZxmZRbxzqExIx-LzFeaL2_hchgkI5SmOTQ9PEeWqPF0cZGyTWByUKfA3TTgnPy08_PfTIjmc/s1600/MozillaSH.jpg" height="570" width="640" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
</span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"></span><br />
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><b>Result :</b></span></div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
</span>
<br />
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><b><br /></b></span></div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
</span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYmrivpaph6_wBvAJGDGyqJHc5iQv1K2enBjZpsAGas51aKYOvQ71E7E3guzyy1gwWoGAkgAzWan7z7Cx36QLChJppZauSehOhoqgl8K5kXRw45BG2iwbISz70-eoEHQjoOKrPWNXQAY0/s1600/MozillaFinal.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYmrivpaph6_wBvAJGDGyqJHc5iQv1K2enBjZpsAGas51aKYOvQ71E7E3guzyy1gwWoGAkgAzWan7z7Cx36QLChJppZauSehOhoqgl8K5kXRw45BG2iwbISz70-eoEHQjoOKrPWNXQAY0/s1600/MozillaFinal.jpg" height="306" width="640" /></a></span></div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
</span>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><b><br /></b></span></div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">
<div>
<br /></div>
</span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">and you know the consequences of the Session Hijacking.</span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<h2 style="background-color: white; text-align: left;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">How to prevent Session Hijacking :</span></h2>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">Following are the ways of Preventing session Hijacking in asp.net applications :</span></div>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div>
<span style="background-color: white; color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><b>1. </b>The idea basically Generate the hashkey</span><span style="background-color: white; color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"> which contains the Browser Detail , Browser Version, Browser platform, User Identity, IP address (Additionally/Optional).</span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">And validate this hash key for every Get and POST request.</span></div>
<div style="background-color: white;">
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span></div>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;">For that you can use Global.asax </span><span style="background-color: #999999;"><i>Application_BeginRequest</i><i> </i></span><span style="background-color: white;">and </span><span style="background-color: #999999;"><i>Application_EndRequest</i><i> </i></span><i style="background-color: white;">, </i><span style="background-color: white;">Or </span><span style="background-color: #999999;"><i>Application_AcquireRequestState</i><i> </i></span><i style="background-color: white;">.</i></span></div>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><i style="background-color: white;"><br /></i></span></div>
<div>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;">In My Demo i am using the Begin and End request methods of global.asax.</span></span></div>
</div>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;"><br /></span></span></div>
<div>
<b><span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;">In </span></span><i style="background-color: #999999; color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">Application_BeginRequest</i><i style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><span style="background-color: #999999;"> </span>:</i></b></div>
<div>
<i style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><br /></i></div>
<div>
<b style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">Step1: </b><span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">Check if its a new session or not , if not then do the further checks</span></div>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><b>Step2:</b> Retrieve the value of <span style="background-color: #999999;">ASP.NET_SessionID</span> </span></div>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><b>Step3: </b>Generate the Hash Key for this POST/GET request and match with Previous </span><span style="background-color: #999999; color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">ASP.NET_SessionID</span><span style="background-color: white; color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"> </span><br />
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><b>Step4</b>: If Valid request the remove the Overhead you have added in </span><span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><span style="background-color: #999999;">ASP.NET_SessionID </span>like (IP address , BrowserVersion , Browser Platform ) so application can work smoothly.</span></div>
<div>
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><br /></span></div>
<pre>protected void Application_BeginRequest(object sender, EventArgs e)
{
//Check If it is a new session or not , if not then do the further checks
if (Request.Cookies["ASP.NET_SessionId"] != null && Request.Cookies["ASP.NET_SessionId"].Value != null)
{
string newSessionID = Request.Cookies["ASP.NET_SessionID"].Value;
//Check the valid length of your Generated Session ID
if (newSessionID.Length <= 24)
{
//Log the attack details here
Response.Cookies["TriedTohack"].Value = "True";
throw new HttpException("Invalid Request");
}
//Genrate Hash key for this User,Browser and machine and match with the Entered NewSessionID
if (GenerateHashKey() != newSessionID.Substring(24))
{
//Log the attack details here
Response.Cookies["TriedTohack"].Value = "True";
throw new HttpException("Invalid Request");
}
//Use the default one so application will work as usual//ASP.NET_SessionId
Request.Cookies["ASP.NET_SessionId"].Value = Request.Cookies["ASP.NET_SessionId"].Value.Substring(0, 24);
}
} </pre>
<div>
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><br /></span>
<b><span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">In </span><i><span style="background-color: #999999; color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">Application_EndRequest</span><span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"> </span></i><i style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">:</i></b></div>
<div>
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">Just Add again the hash-key and pass to the browser.</span><br />
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><br /></span></div>
<pre>protected void Application_EndRequest(object sender, EventArgs e)
{
//Pass the custom Session ID to the browser.
if (Response.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = Request.Cookies["ASP.NET_SessionId"].Value + GenerateHashKey();
}
}</pre>
<div>
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><br /></span></div>
<div>
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;">To Generate Hash-key add this function in your global.asax :</span><br />
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><br /></span></div>
<pre> private string GenerateHashKey()
{
StringBuilder myStr = new StringBuilder();
myStr.Append(Request.Browser.Browser);
myStr.Append(Request.Browser.Platform);
myStr.Append(Request.Browser.MajorVersion);
myStr.Append(Request.Browser.MinorVersion);
//myStr.Append(Request.LogonUserIdentity.User.Value);
SHA1 sha = new SHA1CryptoServiceProvider();
byte[] hashdata = sha.ComputeHash(Encoding.UTF8.GetBytes(myStr.ToString()));
return Convert.ToBase64String(hashdata);
}</pre>
<div>
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><br /></span></div>
<div>
<span style="color: #444444; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;"><br /></span></div>
<div>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;"><b>2. Another way of preventing the Session Hijacking force SSL to the entire website and make sure cookies are flagged as secure.</b></span></span><br />
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;"><b>3. Remove your Session Id and Expire the session at the time of log out.</b></span></span><br />
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;"><b><br /></b></span></span>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;">Example : In log out page add this to load of that page </span></span><br />
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;"><br /></span></span>
<br />
<pre> Session.Abandon(); // Session Expire but cookie do exist
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddDays(-30); //Delete the cookie</pre>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;"><br /></span></span>
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;"><br /></span></span><br />
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;">Download this application from my GIT Repository :</span></span><br />
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="background-color: white;"><a href="https://github.com/sarveshkushwaha/SessionHijackingPreventionAspNet">https://github.com/sarveshkushwaha/SessionHijackingPreventionAspNet</a></span></span><br />
<span style="color: #444444; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br /></span>
<h2>
References and Further Readings: </h2>
</div>
<div>
<a href="http://stackoverflow.com/questions/22880/what-is-the-best-way-to-prevent-session-hijacking" rel="nofollow" target="_blank">http://stackoverflow.com/questions/22880/what-is-the-best-way-to-prevent-session-hijacking</a></div>
<div>
<a href="https://asafaweb.com/">https://asafaweb.com/</a></div>
<div>
<a href="http://dotnet.dzone.com/articles/aspnet-session-hijacking">http://dotnet.dzone.com/articles/aspnet-session-hijacking</a></div>
<div>
<br /></div>
<div>
<br /></div>
<div style="background-attachment: initial; background-clip: initial; background-color: white; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 19.6000003814697px; margin: 0px; padding: 0px; vertical-align: baseline;">
<ol style="background: transparent; border: 0px; list-style-image: initial; list-style-position: initial; margin: 0px 0px 1.625em 2.5em; padding: 0px; vertical-align: baseline;"></ol>
</div>
</div>
<h2 style="background: rgb(255, 255, 255); border: 0px; clear: both; color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; font-weight: 500; line-height: 24px; margin: 0px 0px 10px; padding: 0px; position: relative; vertical-align: baseline;">
<ol style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; font-size: 14px; line-height: 19.6000003814697px; list-style-image: initial; list-style-position: initial; margin: 0px 0px 1.625em 2.5em; padding: 0px; vertical-align: baseline;"></ol>
</h2>
</div>
</div>
Sarvesh Kushwahahttp://www.blogger.com/profile/00637015347460902643noreply@blogger.com0tag:blogger.com,1999:blog-4577946163419870602.post-86345732344450801722014-10-15T11:33:00.000-07:002014-10-15T21:26:25.335-07:00Hack proof your Javascript using javascript Obfuscation in ASP.NET applications<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 style="text-align: left;">
<b>Introduction:</b></h2>
<div>
<span style="color: #444444;">This article is the Part-5 Article of my series Hack Proof your asp.net and asp.net mvc applications.</span></div>
<div>
<span style="color: #444444;">In this article i will describe how to obfuscate your JavaScript code (Your written business logic in JavaScript or those JavaScript libraries you don't want to expose to others) in asp.net application with visual studio.</span></div>
<h2 style="text-align: left;">
Background :</h2>
<div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 19.6000003814697px; margin: 0px; padding: 0px; vertical-align: baseline;">
You can read previous article of this series from below links :</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 19.6000003814697px; margin: 0px; padding: 0px; vertical-align: baseline;">
<ol style="background: transparent; border: 0px; list-style-image: initial; list-style-position: initial; margin: 0px 0px 1.625em 2.5em; padding: 0px; vertical-align: baseline;"></ol>
</div>
</div>
<h2 style="text-align: left;">
<ol style="background: rgb(255, 255, 255); border: 0px; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; font-weight: 300; line-height: 19.6000003814697px; list-style-image: initial; list-style-position: initial; margin: 0px 0px 1.625em 2.5em; padding: 0px; vertical-align: baseline;">
<li style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; font-family: 'Segoe UI', Arial, sans-serif; margin: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.codeproject.com/Articles/604268/Hack-Proof-Your-ASP-NET-Applications-From-SQL-Inje" style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; margin: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank" title="SQLInjection"><span style="color: #3d85c6;">Secure your ASP.NET applications from SQL Injection</span></a></li>
<li style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; font-family: 'Segoe UI', Arial, sans-serif; margin: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.codeproject.com/Articles/617043/Hack-Proof-Your-ASP-NET-Application-From-Cross-Sit" style="background: transparent; border: 0px; margin: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;"><span style="color: #3d85c6;">Secure your ASP.NET applications from XSS Attack</span></a></li>
<li style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; font-family: 'Segoe UI', Arial, sans-serif; margin: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.codeproject.com/Articles/686881/Hack-Proof-Your-ASP-NET-Applica" style="background: transparent; border: 0px; margin: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank"><span style="color: #3d85c6;">Secure your ASP.NET applications from CSRF Attack</span></a></li>
<li style="background-attachment: initial; background-clip: initial; background-color: transparent; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; font-family: 'Segoe UI', Arial, sans-serif; margin: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.codeproject.com/Articles/783229/Hack-proof-your-ASP-NET-applications-from-Sensitiv" target="_blank"><span style="color: #3d85c6;">Secure your ASP.NET applications from Sensitive Data Exposure and Information Leakage</span></a></li>
</ol>
</h2>
<h2 style="text-align: left;">
<b><a name='more'></a>Obfuscation :</b></h2>
<div>
<span style="color: #444444;">Obfuscation is the process which involves the process to convert your code to a equivalent or specific format such that it becomes difficult to understand and difficult to reverse engineering.</span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;">Confustion b/w </span><span style="color: #444444;"> Minification of JavaScript and Obfuscation of </span><span style="color: #444444;">JavaScript</span><span style="color: #444444;"> </span><span style="color: #444444;">files:</span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;">Minification is the process to remove the unnecessary spaces from a file where as obfuscation is the process to make code difficult to understand.</span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><b>Minification :</b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-Zn-jadZTEiQ/VD1bnfP8aCI/AAAAAAAAAyI/BpAv6xUWW40/s1600/Minification.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-Zn-jadZTEiQ/VD1bnfP8aCI/AAAAAAAAAyI/BpAv6xUWW40/s1600/Minification.jpg" height="358" width="640" /></a></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
Above picture is from my article : <a href="http://sarveshkushwaha.blogspot.in/2013/10/tips-tricks-for-asp-net-performance.html" target="_blank">Tips and Tricks for Faster Asp.NET and Asp.net MVC applications</a></div>
<div>
<br /></div>
<div>
<b>Obfuscation :</b></div>
<div>
<b><br /></b></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-7uSLPA96Eq4/VD1gUY7vcGI/AAAAAAAAAyU/d-A2OFYF-f8/s1600/Obfuscation.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-7uSLPA96Eq4/VD1gUY7vcGI/AAAAAAAAAyU/d-A2OFYF-f8/s1600/Obfuscation.jpg" height="424" width="640" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<h2 style="text-align: left;">
<b>W</b><b>hy we need Obfuscation:</b></h2>
<div style="text-align: left;">
<span style="color: #444444;">Code obfuscation scrambles the symbols, code of a program, rendering it diificult to understand while at the same time preserving the program's functionality.</span></div>
<div style="text-align: left;">
<span style="color: #444444;">we can do obfuscation of .NET assemblies and JAVA Code and Javascripts.In this article i am just covering Javascript and obfuscation is not limited to source code , you can useit for your data too and in real life :P :P :D .</span></div>
<div style="text-align: left;">
<span style="color: #444444;"><br /></span></div>
<div style="text-align: left;">
<b>Benefits of Obfuscation : </b></div>
<br />
<ol style="text-align: left;">
<li><span style="color: #444444;"> Protection of intellectual property(Your own written code)</span></li>
<li><span style="color: #444444;"> Reduced security threats(By Pervention of the code exposure in a descriptive manner)</span></li>
<li><span style="color: #444444;"> Reduced size of the file(Minification and shorten the variables name)</span></li>
<li><span style="color: #444444;"> No network delays</span></li>
</ol>
<h2 style="text-align: left;">
How to apply JavaScript Obfuscation in ASP.NET Application:</h2>
<div>
Prerequisite :</div>
<div>
<ol style="text-align: left;">
<li>Visual Studio 2010 , 2012 , 2013 </li>
<li>Asp.Net framework 4 and 4.5 and above (whenever will come)</li>
<li>Obviously a ASP.NET and ASP.NET MVC application</li>
</ol>
<div>
in my case i am using VS 2012 and asp.net framework 4.5.<br />
<br />
<b>Step 1: Install <a href="https://bundletransformer.codeplex.com/" rel="nofollow" target="_blank">Bundle Transformer</a> nuget package </b><br />
Using package manager console install this Bundle Transformer.<br />
Go To Tools > Library package manager > Package manager console<br />
<br /></div>
<pre><span style="font-family: Tahoma, sans-serif;"><span style="font-size: 15px; line-height: 21.2999992370605px;">Install-Package BundleTransformer.UglifyJs</span></span></pre>
<br />
BundleTransformer contains many minifiers , but we are here going to cover only Uglify to achieve Obfuscation.For more details about BundleTrasformer Minifiers , Translators and Postprocessors visit <a href="https://bundletransformer.codeplex.com/">https://bundletransformer.codeplex.com/</a>.</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-NEfA0IkV-0k/VD6ngb7KMbI/AAAAAAAAAyk/z6gAMoMoAQQ/s1600/Package-manager-console.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-NEfA0IkV-0k/VD6ngb7KMbI/AAAAAAAAAyk/z6gAMoMoAQQ/s1600/Package-manager-console.jpg" height="246" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
After Installation it will pop up a readme.txt which will describe further details to proceed.<br />
<br />
<b>Step 2 : <span style="background-color: white; font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;">Install-Package JavaScriptEngineSwitcher.Msie</span></b><br />
<span style="background-color: white; font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;">using the same package manager console install the </span><span style="background-color: white; font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;">JavaScriptEngineSwitcher.Msie.</span><span style="font-family: Tahoma, sans-serif;"><span style="font-size: 15px; line-height: 21.2999992370605px;">As a JS-engine BundleTransformer use the JavaScript Engine Switcher library . For correct </span></span><span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;">working of this module is recommended to install one of the following </span><span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;">NuGet packages: JavaScriptEngineSwitcher.Msie or </span><span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;">JavaScriptEngineSwitcher.V8.</span><br />
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<br />
<pre>Install-Package JavaScriptEngineSwitcher.Msie</pre>
<pre></pre>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-HTSMRBb2xGY/VD6qg6S0PUI/AAAAAAAAAyw/spqDWuN_Lk4/s1600/Package-manager-console1.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-HTSMRBb2xGY/VD6qg6S0PUI/AAAAAAAAAyw/spqDWuN_Lk4/s1600/Package-manager-console1.jpg" height="248" width="640" /></a></div>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><br /></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b>Step 3 : Do the Web.Config Setting for uglify</b></span><br />
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;">When you installed the bundletransformer its automatically have created a node </span><span style="font-family: Tahoma, sans-serif;"><span style="font-size: 15px; line-height: 21.2999992370605px;"><bundleTransformer> .Under this node add the following configuration code for uglify.</span></span><br />
<span style="font-family: Tahoma, sans-serif;"><span style="font-size: 15px; line-height: 21.2999992370605px;"><br /></span></span>
<br />
<pre> <uglify>
<js screwIe8="false" severity="0">
<parsing strict="false" />
<compression compress="true" sequences="true" propertiesDotNotation="true"
deadCode="true" dropDebugger="true" unsafe="false"
conditionals="true" comparisons="true" evaluate="true"
booleans="true" loops="true" unused="true"
hoistFunctions="true" keepFunctionArgs="false" hoistVars="false"
ifReturn="true" joinVars="true" cascade="true"
globalDefinitions="" pureGetters="false" pureFunctions=""
dropConsole="false" angular="false" />
<mangling mangle="true" except="" eval="false"
sort="false" topLevel="false" />
<codeGeneration beautify="false" indentLevel="4" indentStart="0"
quoteKeys="false" spaceColon="true" asciiOnly="false"
inlineScript="false" width="80" maxLineLength="32000"
bracketize="false" semicolons="true"
comments="false" preserveLine="false"
unescapeRegexps="false" />
</js>
<jsEngine name="MsieJsEngine" />
</uglify></pre>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-5nCH7el06PA/VD6woWKflMI/AAAAAAAAAzA/n7beKiqYJ9s/s1600/WebConfigSettingForUglify.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-5nCH7el06PA/VD6woWKflMI/AAAAAAAAAzA/n7beKiqYJ9s/s1600/WebConfigSettingForUglify.jpg" height="374" width="640" /></a></div>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span>
<span style="font-family: Tahoma, sans-serif; font-size: 15px; line-height: 21.2999992370605px;"><b><br /></b></span><span style="font-family: Tahoma, sans-serif;"><span style="font-size: 15px; line-height: 21.2999992370605px;">If you will see i have added name="MsieJsEngine" under <uglify> node of <JsEngine> .Yo can use JavaScriptEngineSwitcher.V8 also.</span></span><br />
<br />
<span style="font-family: Tahoma, sans-serif;"><span style="font-size: 15px; line-height: 21.2999992370605px;"><b>Step 4 - Modify the BundleConfig</b></span></span><br />
When you create a new web form application or MVC application , asp.net framework 4.5 templates automatically create a folder App_Start for code that runs on application startup.<br />
<br />
Folder App_Start > BundleConfig<br />
<br />
1. Add following namespaces<br />
<pre>using BundleTransformer.Core.Builders;
using BundleTransformer.Core.Orderers;
using BundleTransformer.Core.Resolvers;
using BundleTransformer.Core.Transformers;</pre>
<br />
2. Initialize Script and Style transformer , nullbuilder and nullorder class<br />
<br />
<pre>//This setting is used when if you have specfied the path Using System.web.Optimization.bundle.Cdnpath then it will try to fetch data from there first
bundles.UseCdn = true;
//NullBuilder class is responsible for prevention of early applying of the item transformations and combining of code.
var nullBuilder = new NullBuilder();
//StyleTransformer and ScriptTransformer classes produce processing of stylesheets and scripts.
var styleTransformer = new StyleTransformer();
var scriptTransformer = new ScriptTransformer();
//NullOrderer class disables the built-in sorting mechanism and save assets sorted in the order they are declared.
var nullOrderer = new NullOrderer();
</pre>
<br />
3. create your own ScriptBundle to which you want to Obfuscate<br />
<br />
<pre>//create your own scriptbundle
var scriptbundleToObfuscate = new Bundle("~/bundles/WebFormsJs");
scriptbundleToObfuscate.Include("~/Scripts/WebForms/WebForms.js",
"~/Scripts/WebForms/WebUIValidation.js",
"~/Scripts/WebForms/MenuStandards.js",
"~/Scripts/WebForms/Focus.js",
"~/Scripts/WebForms/GridView.js",
"~/Scripts/WebForms/DetailsView.js",
"~/Scripts/WebForms/TreeView.js",
"~/Scripts/WebForms/WebParts.js");
scriptbundleToObfuscate.Builder = nullBuilder;
scriptbundleToObfuscate.Transforms.Add(scriptTransformer);
scriptbundleToObfuscate.Orderer = nullOrderer;
bundles.Add(scriptbundleToObfuscate);</pre>
<br />
For Demo purpose i am using the WebForms.js and the bundle for the same which is created by VisualStudio Automatically.<br />
<br />
4. Enableoptimization True to see the result.<br />
<pre>BundleTable.EnableOptimizations = true;
</pre>
<br />
Make it false at the time of development so it will not bundle , minify and obfuscate the JS files.Never forget to make it True before publishing the application.<br />
<br />
<b>Final Step : .Include the bundle in your application and See the results: </b><br />
<br />
Asp.Net Web forms :<br />
<br />
<pre><%: Scripts.Render("~/bundles/WebFormsJs") %></pre>
<br />
Asp.Net MVC :<br />
<br />
<pre> @Scripts.Render("~/bundles/WebFormsJs")</pre>
<br />
<b>Before Obfuscation :</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-xRGzbj4i5V0/VD6309XhZKI/AAAAAAAAAzQ/F-ij4KBBPTY/s1600/BeforeObfuscation.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-xRGzbj4i5V0/VD6309XhZKI/AAAAAAAAAzQ/F-ij4KBBPTY/s1600/BeforeObfuscation.jpg" height="162" width="640" /></a></div>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b>After Obfuscation :</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-r4uzKOWzeXc/VD64B0LdA5I/AAAAAAAAAzY/TebQz0igWF4/s1600/AfterObfuscation.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-r4uzKOWzeXc/VD64B0LdA5I/AAAAAAAAAzY/TebQz0igWF4/s1600/AfterObfuscation.jpg" height="170" width="640" /></a></div>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b>yay :) :) ...</b><br />
<b><br /></b>
<b><br /></b>
<b>Thanks for reading this article.For code Verification and if you are facing issue in Configuration you can download and see the code from here : <a href="https://github.com/sarveshkushwaha/JavaScriptObfuscationInAspNET">https://github.com/sarveshkushwaha/JavaScriptObfuscationInAspNET</a></b><br />
<b><br /></b>
<b><br /></b>
<b>References and further readings: </b><br />
<div>
<a href="https://bundletransformer.codeplex.com/wikipage?title=Bundle%20Transformer%201.9.24">https://bundletransformer.codeplex.com/wikipage?title=Bundle%20Transformer%201.9.24</a></div>
<div>
<a href="http://www.mcpressonline.com/security/general/protect-your-intellectual-property-using-obfuscation.html">http://www.mcpressonline.com/security/general/protect-your-intellectual-property-using-obfuscation.html</a></div>
<b><br /></b>
<b>Another Search Terms for the same article :</b><br />
<h3 style="text-align: left;">
<ul style="text-align: left;">
<li><b>JavaScript Obfuscation in ASP.NET and ASP.NET MVC application</b></li>
<li><b>How to use BundleTransformer.UglifyJs with Visual Studio Nuget</b></li>
<li><b>Hack proof your Javascript using javascript Obfuscation in ASP.NET applications</b></li>
</ul>
</h3>
<div>
<b><br /></b></div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com16tag:blogger.com,1999:blog-4577946163419870602.post-17553545928730809402014-09-18T11:11:00.002-07:002014-09-18T11:11:37.601-07:00Use Git with Visual Studio 2012 and 2013<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 style="text-align: left;">
What is GIT ?</h2>
<div>
i found the best definition of Git on Visual Studio itself , here it is :</div>
<div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-H4j3vl1u8CM/VBr2zk_51bI/AAAAAAAAAwQ/NBBgcbyH4pc/s1600/GITDefination.JPG" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-H4j3vl1u8CM/VBr2zk_51bI/AAAAAAAAAwQ/NBBgcbyH4pc/s1600/GITDefination.JPG" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br />
<a name='more'></a><br />
<br />
Git is free and open source distributed version control system which handles small and large project very efficiently.<b>Code posted using free account will be publicly available , for private repository you will have to buy paid plans of github.</b><br />
<h3 style="text-align: left;">
Git has following features :</h3>
</div>
<div>
<ul style="text-align: left;">
<li>Repository for your project</li>
<li>Issues tracker for project</li>
<li>Code review with code commenting and code highlighting</li>
<li>Use Git Everywhere Desktop , On Web , mobile devices</li>
<li>Good Documentation</li>
<li>Easy to publish and host website using <a href="https://pages.github.com/" rel="nofollow" target="_blank">GIT HUB PAGES</a>.</li>
<li>Version Controlling.</li>
</ul>
</div>
<h2 style="text-align: left;">
Integration Git with Visual Studio :</h2>
<div>
For visual studio 2012 Git comes as an extension tool . you can download that tool from here : <a href="http://visualstudiogallery.msdn.microsoft.com/abafc7d6-dcaa-40f4-8a5e-d6724bdb980c" rel="nofollow" target="_blank">DOWNLOAD</a><br />
<br />
For Visual Studio 2013 Git is included by default.<br />
<br />
<h2 style="text-align: left;">
Using Git with Visual Studio :</h2>
</div>
<div>
<b>Step1:</b> <b>Choose GIT as Source Control :</b><br />
<br />
After Installing Git extension for Visual Studio ,whenever you will create a new project it will ask you to check "<b>Add to source control</b>" check that property.</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.blogger.com/blogger.g?blogID=4577946163419870602" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-7SPbBXBth64/VBr87iz7L4I/AAAAAAAAAwg/23MSXmD6CbM/s1600/GITStep1.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-7SPbBXBth64/VBr87iz7L4I/AAAAAAAAAwg/23MSXmD6CbM/s1600/GITStep1.jpg" height="404" width="640" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
After that it will ask to choose source control as shown in Figure 1.Choose git it will create a local repository.</div>
<div>
<br /></div>
<div>
<b>Step2: Open Team Explorer : </b><br />
<br />
View > Team Explorer<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-oSlZZjex24c/VBsNZm6znnI/AAAAAAAAAww/2Jn-_R_EUQk/s1600/GITTeamExplorer.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-oSlZZjex24c/VBsNZm6znnI/AAAAAAAAAww/2Jn-_R_EUQk/s1600/GITTeamExplorer.jpg" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<b>Step3: Apply Git Setting :</b><br />
<b><br /></b>
If you have user on github website then add the same credentials here otherwise Create a user on Github website then do the Setting.<br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-4itEBLNXHWQ/VBsOi1kEC6I/AAAAAAAAAw4/QeFtkX-IfOA/s1600/GITSetting.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-4itEBLNXHWQ/VBsOi1kEC6I/AAAAAAAAAw4/QeFtkX-IfOA/s1600/GITSetting.jpg" /></a></div>
<b><br /></b></div>
<div>
<br /></div>
<div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<b>Step4: Create a Repository on Git hub :</b><br />
<b><br /></b>
Login with your credentials on <a href="http://github.com/">http://github.com</a> and create a repository so you can map your Visual Studio Project.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-jIOPP-Qhg1A/VBsUEmWastI/AAAAAAAAAxI/DriD_O8XlU8/s1600/CreateGITRepo.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-jIOPP-Qhg1A/VBsUEmWastI/AAAAAAAAAxI/DriD_O8XlU8/s1600/CreateGITRepo.jpg" height="362" width="640" /></a></div>
<br />
<b>Step5 : Publish your project to Remote Repository :</b><br />
<b><br /></b>
From screen Team Explorer click on <b>Commits </b>under <b>Changes tab.</b>Following screen will appear:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-NVdkQ7NPZHY/VBsYDjRAsMI/AAAAAAAAAxU/YEcZ6ut1z3k/s1600/PublishGitRepo.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-NVdkQ7NPZHY/VBsYDjRAsMI/AAAAAAAAAxU/YEcZ6ut1z3k/s1600/PublishGitRepo.jpg" /></a></div>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<br />
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
Give URL of repository you have created on github website and click on publish.Then Move to Home Screen and Give Commit Comment and Click on Commit.Come on <b>Commits </b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-LLt4CAzZ5Xw/VBsafNw_9GI/AAAAAAAAAxo/UIZInK7Zv2s/s1600/PushChangesToUpload.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-LLt4CAzZ5Xw/VBsafNw_9GI/AAAAAAAAAxo/UIZInK7Zv2s/s1600/PushChangesToUpload.jpg" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Click On Push and your project will get uploaded. :) :) :)<br />
Go on URL you will find your project there .<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-U7wpyXB_9Sc/VBsbxai9QgI/AAAAAAAAAx0/ZqrY49JuAvU/s1600/RemoteRepo.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-U7wpyXB_9Sc/VBsbxai9QgI/AAAAAAAAAx0/ZqrY49JuAvU/s1600/RemoteRepo.jpg" height="318" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
This is just a basic article which describe how to use Git with Visual studio and upload your project to guthub. Github provides many features which will be covered in my upcoming articles :) .<br />
<br />
<h2 style="text-align: left;">
References and Further Readings :</h2>
<div>
<a href="http://blogs.msdn.com/b/visualstudioalm/archive/2013/02/06/set-up-connect-and-publish-using-visual-studio-with-git.aspx" rel="nofollow" target="_blank">Create, Connect, and Publish using Visual Studio with Git</a></div>
<div>
<a href="http://msdn.microsoft.com/en-in/library/hh850437.aspx" rel="nofollow" target="_blank">Use Visual Studio with Git</a></div>
<div>
<a href="http://msdn.microsoft.com/en-in/library/hh850445.aspx" rel="nofollow" target="_blank">Set up Git on your dev machine (configure, create, clone, add)</a></div>
<br />
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com0tag:blogger.com,1999:blog-4577946163419870602.post-21969017803337830262014-08-24T00:46:00.000-07:002014-08-24T00:48:23.639-07:00Application Initialization in IIS 7.5 and IIS 8<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 style="text-align: left;">
Why we need Application initialization ?</h2>
<div style="text-align: left;">
On first HTTP requests asp.net applications both asp.net web forms and asp.net mvc application requires initialization tasks and "warm up" tasks (Startup processing , generating contents) etc.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<b>Application initialization </b>proactively loads and initialize all the dependencies like database connection , compilation of asp.net code and loading of assemblies etc...</div>
<div style="text-align: left;">
<br /></div>
<h2 style="text-align: left;">
Benefits of Application initialization :</h2>
<div>
<ul style="text-align: left;">
<li>its decreases the first response time by preloading the application</li>
<li>Can set a static page to increase the user experience while application is initializing</li>
<li>Provides overlapped process recycling </li>
</ul>
<div>
<b></b><br />
<a name='more'></a><b><br /></b>
<b>How to install Application initialization module :</b></div>
<div>
For IIS 8.0 its a built-in functionality , even though some sub-features you will have to add.</div>
</div>
<div>
For IIS 7.5 you need to install application initialization module. <a href="http://www.iis.net/downloads/microsoft/application-initialization#additionalDownloads" rel="nofollow" target="_blank">Dowlonad LINK</a></div>
<div>
Or you can install this module from web platform installer.</div>
<div>
<br /></div>
<div>
<b>Launch Web platform installer > Find "Application Initialization" > Add and Install</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-mFZTASUNZrE/U_l9CPFE3TI/AAAAAAAAAuM/u23bxcXUDfI/s1600/ApplicationInitialization.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-mFZTASUNZrE/U_l9CPFE3TI/AAAAAAAAAuM/u23bxcXUDfI/s1600/ApplicationInitialization.jpg" height="121" width="640" /></a></div>
<b><br /></b>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div style="text-align: left;">
<br />
<br />
<br />
After installation you have to configure this at two level Either at machine level for an application pool or at application level :<br />
<br />
<b>Step 1 :</b><br />
First you will have to add this <b>startMode="AlwaysRunning"</b> for the application pool you always want running<b> </b>in your applicationhost.config which is at palace <span style="background-color: white; color: #505151; font-family: Arial; font-size: 14px; line-height: 21px;">C:\Windows\System32\inetsrv\config\applicationHost.config .</span><br />
<span style="background-color: white; color: #505151; font-family: Arial; font-size: 14px; line-height: 21px;"><br /></span>
<b><br /></b>
<br />
<pre> <applicationPools>
<add name="DefaultAppPool" startMode="AlwaysRunning" managedRuntimeVersion="v4.0" />
</applicationPools></pre>
<br />
<b>Step 2:</b><br />
<b><br /></b>
After that you will have to add the following attribute <b>preloadEnabled="true"</b> in<b> applicationhost.config</b> for an application. <b>PreloadEnable </b>sends fake requests to application when the application pools starts up.<br />
<br />
<pre><application path="/Mvcmovie" applicationPool="DefaultAppPool" preloadEnabled="true">
<virtualDirectory path="/" physicalPath="C:\inetpub\wwwroot\Mvcmovie" />
</application>
</pre>
<br />
After using Step1 and Step2 , whenever the Server/Machine get restart IIS ensures the application pool is running and fake request are being sent to the application .
<br />
<br />
<h2 style="text-align: left;">
ASP.NET 4.0 "Auto Start" Feature :</h2>
A single IIS application worker process can host multiple website , you can specify a particular application to which you want to auto start when the worker process loads.By adding this attribute <b>serviceAutoStartEnabled="true".</b><br />
<b><br /></b>
<br />
<pre> <application path="/Mvcmovie" applicationPool="DefaultAppPool" preloadEnabled="true" serviceAutoStartEnabled="true">
<virtualDirectory path="/" physicalPath="C:\inetpub\wwwroot\Mvcmovie" />
</application>
</pre>
<br />
<br />
By using above configuration you will definitely enhance the initial loading time of asp.net applications.<br />
<br />
<h2 style="text-align: left;">
References and further readings :</h2>
<div>
<a href="http://www.iis.net/learn/get-started/whats-new-in-iis-8/iis-80-application-initialization" rel="nofollow" target="_blank">Application Initialization </a></div>
<div>
<a href="http://weblogs.asp.net/scottgu/auto-start-asp-net-applications-vs-2010-and-net-4-0-series" rel="nofollow" target="_blank">Auto-Start ASP.NET Applications</a></div>
<br />
<br />
Thanks For reading this article. :) :) </div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com1tag:blogger.com,1999:blog-4577946163419870602.post-39083198007761575792014-08-22T23:23:00.000-07:002014-08-23T08:23:14.904-07:00ASP.NET Precompilation for Deployment<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 style="text-align: left;">
Benefits of Precompilation in ASP.NET:</h2>
<ul style="text-align: left;">
<li><span style="color: #444444;">Initial response of application will be faster for users, because code and files will not have to be compiled at the first time any user requested.</span></li>
<li><span style="color: #444444;">We can ensure error free application at compile time</span></li>
<li><span style="color: #444444;">From security concern people who have access to production server cannot see the source code and cannot make the changes(if you have chose the option of not updatable at the time of publish).</span></li>
<li><span style="color: #444444;">Large websites must use this precompilation.</span></li>
</ul>
<div>
<span style="color: #444444;"></span><br />
<a name='more'></a><span style="color: #444444;"><br /></span></div>
<h2 style="text-align: left;">
How to enable precompilation for deployment :</h2>
<div>
<span style="color: #444444;">At the time of publishing any asp.net application in the publish web wizard on the menu of Setting we can enable this precompilation : (Using Visual Studio 2012)</span></div>
<div>
<span style="color: #444444;">Steps :</span></div>
<div>
<span style="color: #444444;"></span><br />
<div>
<ul style="text-align: left;"><span style="color: #444444;">
<li>In Visual Studio, open a web application project.</li>
<li>Right click the project name in Solution Explorer, and then choose Publish.</li>
<li>Select the Settings tab and check precopile during publishing.</li>
<li>Click Configure for advanced setting of precompilation.</li>
</span></ul>
</div>
<span style="color: #444444;">
</span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a rel="lytebox" href="http://1.bp.blogspot.com/-0YDTrMH0qz4/U_gtjWwx9tI/AAAAAAAAAt0/BH_UEVHTIYA/s1600/PrecompilationASPNET.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-0YDTrMH0qz4/U_gtjWwx9tI/AAAAAAAAAt0/BH_UEVHTIYA/s1600/PrecompilationASPNET.jpg" height="500" width="640" /></a></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<br /></div>
<div>
<br /></div>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;">This Precompilation have some advanced properties also : Click on configure for advanced proprieties of precompilation.</span><br />
<span style="color: #444444;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a rel="lytebox" href="http://1.bp.blogspot.com/-jlKyeAfPeTY/U_guaKMmx0I/AAAAAAAAAt8/oIY3pWzMsGQ/s1600/AdvancedPrecompilationSettings.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-jlKyeAfPeTY/U_guaKMmx0I/AAAAAAAAAt8/oIY3pWzMsGQ/s1600/AdvancedPrecompilationSettings.jpg" height="640" width="545" /></a></div>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;">I do always prefer my application to choose "<b>Allow precompiled site to be updatable</b>" because its allows to me update my (<b>.aspx, .cshtml, .ascx , partial views, master files</b>) in application.</span><br />
<span style="color: #444444;">its very useful when you have to update your website for minor changes ,and you don't want to deploy a build again.</span><br />
<span style="color: #444444;">.</span><br />
<h2 style="text-align: left;">
References and further readings:</h2>
<a href="http://msdn.microsoft.com/en-us/library/bb398860(v=vs.100).aspx" rel="nofollow" target="_blank">ASP.NET Precompilation Overview</a><br />
<a href="http://msdn.microsoft.com/en-us/library/aa983464(v=vs.110).aspx" rel="nofollow" target="_blank">ASP.NET Web Application Project Precompilation Overview</a><br />
<a href="http://msdn.microsoft.com/en-us/library/hh475319(v=vs.110).aspx" rel="nofollow" target="_blank">Advanced Precompile Settings</a><br />
<a href="http://sarveshkushwaha.blogspot.in/2013/10/tips-tricks-for-asp-net-performance.html" target="_blank">For more ASP.NET applications Performance tips and tricks</a></div>Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com53tag:blogger.com,1999:blog-4577946163419870602.post-32308994034879077462014-08-15T04:08:00.001-07:002014-08-22T20:39:54.834-07:00Calculate the Execution time of a Function in C# , Razor View, Aspx View<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: #444444;">My previous article was on the how to do the performance profiling with Visual Studio. Using Visual Studio analyze tool we can profile a function , dynamic link library, project and solution.</span><br />
<span style="color: #444444;">Link of</span> - <b><a href="http://sarveshkushwaha.blogspot.in/2014/08/performance-profiling-in-visual-studio.html" target="_blank">Performance Profiling with Visual Studio</a></b><br />
<br />
<b><span style="color: #444444;">Requirements :</span></b><br />
<br />
<ol style="text-align: left;">
<li><span style="color: #444444;">However if we want to see execution for a particular function , you definitely don't want to run the profiler for that.Although profiler is more sophisticated way.</span></li>
<li><span style="color: #444444;">if you have any loop on your razor / aspx view of asp.net application ,through profile it wolld be difficult to calculate the time of that loop.<a name='more'></a></span></li>
</ol>
<div>
<span style="color: #444444;"><b>Solution :</b></span></div>
<div>
<br /></div>
<div>
<a href="http://msdn.microsoft.com/en-us/library/system.diagnostics.stopwatch.aspx" rel="nofollow" target="_blank"><b>Stopwatch</b> </a>class in System.Diagnostics namespace which provide set of methods and properties to calculate the elapsed time.</div>
<div>
<b><span style="color: #444444;"><br /></span></b></div>
<div>
<b><span style="color: #444444;">Example:</span></b></div>
<div>
<br /></div>
<div>
In my MVC application i m calculating how much time my index function is taking to execute :</div>
<div>
<br />
<pre> public ActionResult Index()
{
Stopwatch sw = new Stopwatch();
sw.Start();
for (int i = 0; i < 100000000; i++)
{
}
sw.Stop();
Debug.WriteLine("Total Time taken by functions is {0}", sw.ElapsedMilliseconds);//using Elapsed Milliseconds
return View();
}</pre>
</div>
<div>
<br />
As you can see i have created the instance of stopwatch , starts that and stopped when my loop is getting over.Using <b>Debug.Writeline</b> to see the result in output window . you can use <b>Console.Writeline</b> for console application to see the result in console window.<br />
<br /></div>
<div>
<b>Output :</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a rel="lytebox" href="http://1.bp.blogspot.com/-Dpg_Tn4tSCY/U-3o_GxCTXI/AAAAAAAAAtg/iiZb31AYMJE/s1600/StopwatchOutput.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-Dpg_Tn4tSCY/U-3o_GxCTXI/AAAAAAAAAtg/iiZb31AYMJE/s1600/StopwatchOutput.jpg" height="312" width="640" /></a></div>
<br />
<br /></div>
<div>
<br /></div>
<div>
<span style="color: #444444;"><br /></span></div>
<br />
<span style="color: #444444;"><br /></span>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<b>Note:</b><br />
<div style="text-align: left;">
</div>
<ol style="text-align: left;">
<li><b>Do not apply debugger in b/w the code ,where you are using the stopwatch to measure the elapsed time .It will measure all the hurdles time of code.</b></li>
</ol>
<div>
Write less , Tell more. Happy Independence day :) </div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com1tag:blogger.com,1999:blog-4577946163419870602.post-82187041910650126932014-08-11T10:21:00.001-07:002014-08-22T20:40:19.248-07:00Performance Profiling in Visual Studio<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: #444444;">Hi Guys after a long time i am writing this article ( Feeling very poor [GARIB] ), Jokes apart In this article i will describe how to do the performance profiling using Visual Studio.</span><br />
<span style="color: #444444;">There are many third party tools which do the Code Profiling , Memory profiling and Performance Profiling for us these are paid tools but they are good as well :</span><br />
<ul style="text-align: left;">
<li><span style="color: #444444;"><b>ANTS</b></span></li>
<li><span style="color: #444444;"><b>Just Trace</b></span></li>
<li><span style="color: #444444;"><b>Your KIT </b></span></li>
<li><span style="color: #444444;"><b>.NET Memory Profiler</b></span></li>
<li><span style="color: #444444;"><b>Eqatec</b></span></li>
<li><span style="color: #444444;"><b>Slim Tune Profiler</b></span></li>
<li><span style="color: #444444;"><b>Dot Trace</b></span></li>
</ul>
<br />
<span style="color: #444444;">As i said am feeling poor, i will describe -"<b>How to do Performance Profiling using Visual Studio inbuilt performance analysis tools ?</b>"</span><br />
<span style="color: #444444;"></span><br />
<a name='more'></a><span style="color: #444444;"><br /></span>
<span style="color: #444444;"><b>Following Versions Of the Visual Studio has this ANALYZE tool :</b></span><br />
<br />
<ol style="text-align: left;">
<li><span style="color: #444444;">Visual Studio 2010 Premium and Ultimate</span></li>
<li><span style="color: #444444;">Visual Studio 2012 Professional, </span><span style="color: #444444;">Premium and Ultimate</span></li>
<li><span style="color: #444444;">Visual Studio 2013 </span><span style="color: #444444;">Professional, </span><span style="color: #444444;">Premium and Ultimate</span></li>
</ol>
<div>
<span style="color: #444444;"><b>What this ANALYZE tool can do for Visual Studio supporting languages Applications ? </b></span></div>
<div>
<span style="color: #444444;"><b><br /></b></span></div>
<div>
<span style="color: #444444;"><b>1. Code Analysis : </b>This tool can analyze code in a solution.It will tell us where we are violating the rules of </span><span style="color: #444444;">code's </span><span style="color: #444444;">best practices</span><span style="color: #444444;">.</span><br />
<span style="color: #444444;">Open VS 2012 > Open Solution of any application > Go To Analyze Tab > Run Code Analysis</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-ThyekO6oC6w/U-jWDACdPyI/AAAAAAAAAsA/5jAt2-DwkTs/s1600/CodeAnalysis.jpg" imageanchor="1" rel="lytebox" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-ThyekO6oC6w/U-jWDACdPyI/AAAAAAAAAsA/5jAt2-DwkTs/s1600/CodeAnalysis.jpg" height="259" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><b>2. Performance Analysis :</b></span><br />
<span style="color: #444444;"><b><br /></b></span>
<span style="color: #444444;">Open VS 2012 > Open Solution of any application > Go To Analyze Tab > Open Performance Wizard</span><br />
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><b>Step 1: Choose One Profiling Method : (I am choosing Instrumentation because it will give us the measurement in time)</b></span><br />
<br />
<span style="color: #444444;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-mtM9ryYC8Oc/U-jXW49CiyI/AAAAAAAAAsM/ChenSqXOuik/s1600/PerformanceWizard.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-mtM9ryYC8Oc/U-jXW49CiyI/AAAAAAAAAsM/ChenSqXOuik/s1600/PerformanceWizard.jpg" height="558" width="640" /></a></div>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;">Above is the four method of profiling ,and i am going to cover the Second one which will tell us the time taken by functions :</span><br />
<br />
<ul style="text-align: left;">
<li><span style="color: #444444;"><b>CPU - Sampling : </b>In this profiling method it scans every methods in an application and tells what percentage of CPU they are using.</span></li>
<li><span style="color: #444444;"><b>Instrumentation : </b>In this profiling method it tells how much time every function takes to execute.</span></li>
</ul>
<div>
<span style="color: #444444;"><br /></span></div>
</div>
<div>
<span style="color: #444444;"><b>Step 2: On page-2 of wizard Choose Modules to profile : </b>you can profile one or more projects ,a dynamic link library ( <b>.dll )</b> , an executable file (.<b>exe) </b>and asp.net and JavaScript application.</span><br />
<span style="color: #444444;"><br /></span>
<span style="color: #444444;">ex: i have chosen my project i.e <b>MVC4Bootstrap3SampleApplication</b></span><br />
<span style="color: #444444;"><b><br /></b></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-zLm1GcqSago/U-jhRVaqhSI/AAAAAAAAAsc/ImTwIfFGj70/s1600/PerformanceWizardScreen2.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-zLm1GcqSago/U-jhRVaqhSI/AAAAAAAAAsc/ImTwIfFGj70/s1600/PerformanceWizardScreen2.jpg" height="545" width="640" /></a></div>
<span style="color: #444444;"><b><br /></b></span>
<b><span style="color: #444444;"><br /></span></b>
<span style="color: #444444;"><b>Step 3: On Page-3 of wizard : </b> it will ask you to choose which application you are going to profile either ASP.NET or JavaScript Application.</span><br />
<span style="color: #444444;">ex: mine is web application so opting the Enable tier interaction Profiling .</span><br />
<span style="color: #444444;"><br /></span>
<b><span style="color: #444444;">Final step : Yay click on finish button :) .</span></b><br />
<b><br /></b>
<span style="color: #444444;">After final step you will see a VSP extension tab on your visual studio. It will keep profiling your application till you are performing the operation on browser and not stopping the profiling.After stopping the profiling you can see a report on your performance explorer.</span><br />
<span style="color: #444444;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-OIvRdT1D3Ms/U-jkwVTtimI/AAAAAAAAAso/heRikKEc1Rs/s1600/PerformanceReport1.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-OIvRdT1D3Ms/U-jkwVTtimI/AAAAAAAAAso/heRikKEc1Rs/s1600/PerformanceReport1.jpg" height="230" width="640" /></a></div>
<span style="color: #444444;"><br /></span>
<b><span style="color: #444444;"><br /></span></b>
<b><span style="color: #444444;"><br /></span></b>
<br />
<br /></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
In above image you can see my HomeController's Index method is 442.21 milliseconds Avg.Elapsed Exclusive Time and 453.78 milliseconds Avg. Elapsed Inclusive Time.<br />
<br />
<ul style="text-align: left;">
<li><b>Inclusive Time : </b>Inclusive time tells us the function takes time along with other calls from function.</li>
<li><b>Exclusive Time: </b>Exclusive time tells us how much time taken by that particular function excluding functions called from that particular function.</li>
</ul>
<div>
<br /></div>
<div>
My Application HomeController's Index method taken 442.21 milliseconds.Click on the function :</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-Mr2i9vwQyJw/U-josniCTyI/AAAAAAAAAs0/DCTKxm_85t8/s1600/PerformanceReport2.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-Mr2i9vwQyJw/U-josniCTyI/AAAAAAAAAs0/DCTKxm_85t8/s1600/PerformanceReport2.jpg" height="419" width="640" /></a></div>
<div>
<br /></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<blockquote class="tr_bq">
<br />
<b>Note: </b>By default Instrumentation method of profiling will include all the methods which is invoked from the launch of an application.It will include the small and system functions and system dll functions you are using in your application.</blockquote>
<br />
<b>Tricks :</b><br />
<b><br /></b>
<b>How to Exclude Short functions from Instrumentation :</b><br />
So the result of functions coming into report will be reduced.<br />
<br />
<ul style="text-align: left;">
<li>In Performance Explorer, select Performance Session and then right-click on that and select Properties.</li>
<li>The Property Pages dialog box is displayed.</li>
<li>In the Property Pages, click the Instrumentation properties.</li>
<li>To exclude short functions from instrumentation, uncheck Exclude short functions from Instrumentation.</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-NMAiD1mMdiM/U-j0FBE3zNI/AAAAAAAAAtE/VvrfJcn-DPM/s1600/ExludeSmallfunctions.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-NMAiD1mMdiM/U-j0FBE3zNI/AAAAAAAAAtE/VvrfJcn-DPM/s1600/ExludeSmallfunctions.jpg" height="226" width="640" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b>How to Limit Instrumentation to Specific Functions :</b></div>
<br />
<ul style="text-align: left;">
<li>In Performance Explorer, select Performance Session and then right-click on that and select Properties.</li>
<li>Go to the Advanced section, under "Additional instrumentation options", specify the methods you specifically want to profile (e.g. "<span style="background-color: white; font-family: Arial, 'Liberation Sans', 'DejaVu Sans', sans-serif; font-size: 14px; line-height: 18px;">/include:MyNamespace.MyClass::MyFunc</span>")</li>
<li>To select all the methods of a namespace : ( For example, "/include:MyNS::*" specifies all functions in the MyNS namespace).</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-S2aUOhJr1fI/U-j4GiQw0XI/AAAAAAAAAtQ/vGruZ5jgkag/s1600/IncludeSpecificFunction.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-S2aUOhJr1fI/U-j4GiQw0XI/AAAAAAAAAtQ/vGruZ5jgkag/s1600/IncludeSpecificFunction.jpg" height="200" width="640" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<br />
<br />
thats all folks for instrumentation :) .<br />
<br />
<b>References and further readings:</b><br />
<br />
<br />
<ul style="text-align: left;">
<li><b><a href="http://blogs.msdn.com/b/visualstudioalm/archive/2013/07/12/performance-and-diagnostics-hub-in-visual-studio-2013.aspx" rel="nofollow" target="_blank">Performance and Diagnostics Hub in Visual Studio 2013</a></b></li>
<li><b><a href="http://msdn.microsoft.com/en-us/library/ms182372.aspx" rel="nofollow" target="_blank">Beginners Guide to Performance Profiling</a></b></li>
<li><b><a href="http://msdn.microsoft.com/en-us/library/bb514150.aspx" rel="nofollow" target="_blank">How to: Exclude or Include Short Functions from Instrumentation</a></b></li>
<li><b><a href="http://msdn.microsoft.com/en-us/library/bb385774.aspx" rel="nofollow" target="_blank">Controlling Data Collection in Profiling Tools</a></b></li>
<li><a href="http://msdn.microsoft.com/en-IN/library/z9z62c29.aspx" rel="nofollow" target="_blank"><b>Analyzing Application Performance by Using Profiling Tools</b></a></li>
</ul>
<br />
<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com76tag:blogger.com,1999:blog-4577946163419870602.post-43174546104696659672014-06-08T06:23:00.000-07:002014-06-08T06:23:48.734-07:00IE-10 right align text input issue <div dir="ltr" style="text-align: left;" trbidi="on">
<b>Remove Clear Icon - "X" from input fields of Internet Explorer</b><br />
<b><br /></b>
Recently i added style text-align to right of an input :<br />
<pre><input type="text" style="text-align: right;">
</pre>
<br />
<b>Issue :</b><br />
But when someone types number in that then the last part of the text inside the textbox isn't displayed completely in Internet Explorer 10 as soon as the textbox loses focus.It because of its "Clear Icon - x".<br />
Even they have fixed this in their latest version of Internet Explorere - 11.<br />
<br />
<a name='more'></a><br /><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-sEzGoPjIZvI/U5RjSWBixTI/AAAAAAAAArQ/5kOp3sgTk1g/s1600/inputImage.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-sEzGoPjIZvI/U5RjSWBixTI/AAAAAAAAArQ/5kOp3sgTk1g/s1600/inputImage.png" /></a></div>
<br />
<br />
<br />
<b>How to fix this it For IE-10 :</b><br />
<b><br /></b>
Just add following css in your Main style sheet (Remove clear icon) :<br />
<pre>::-ms-clear {
display: none;
}
</pre>
<br />
For any specif input do it like this :<br />
<pre>.anyinput::-ms-clear {
display: none;
}
</pre>
<br />
Thats all folks :) :) .</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com0tag:blogger.com,1999:blog-4577946163419870602.post-61819344961305346602014-06-06T20:59:00.000-07:002014-08-22T20:41:18.698-07:00Hack proof your ASP.NET applications from Sensitive Data Exposure and Information Leakage<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 style="text-align: left;">
Introduction:</h2>
<div>
This is Part 4 of my series Hack proof your asp.net application.In this article ,I will describe How we sometimes unintentionally expose some sensitive information or leak some information to a hacker , who used that information to hack us. Keeping These terms separate "Sensitive Data exposure" which can directly harm to an individual or an organization, "Information leakage" are which helps attacker to perform malicious activities.Both terms are correlated and we can say Information leakage can contain Sensitive data exposure and vice versa.</div>
<h2 style="text-align: left;">
Background:</h2>
<div>
You can read previous article of this series from below links :</div>
<div>
<ol style="text-align: left;">
<li style="border: 0px; color: #111111; font-family: 'Segoe UI', Arial, sans-serif; font-size: 14px; margin: 0px; padding: 0px;"><a href="http://www.codeproject.com/Articles/604268/Hack-Proof-Your-ASP-NET-Applications-From-SQL-Inje" style="border: 0px; color: purple; margin: 0px; padding: 0px; text-decoration: none;" target="_blank" title="SQLInjection">Secure your ASP.NET applications from SQL Injection</a></li>
<li style="border: 0px; color: #111111; font-family: 'Segoe UI', Arial, sans-serif; font-size: 14px; margin: 0px; padding: 0px;"><a href="http://www.codeproject.com/Articles/617043/Hack-Proof-Your-ASP-NET-Application-From-Cross-Sit" style="border: 0px; color: purple; margin: 0px; padding: 0px; text-decoration: none;">Secure your ASP.NET applications from XSS Attack</a></li>
<li style="border: 0px; color: #111111; font-family: 'Segoe UI', Arial, sans-serif; font-size: 14px; margin: 0px; padding: 0px;"><a href="http://www.codeproject.com/Articles/686881/Hack-Proof-Your-ASP-NET-Applica" target="_blank">Secure your ASP.NET applications from CSRF Attack<a name='more'></a></a></li>
</ol>
<h2>
Sensitive Data Exposure:<span style="color: #111111; font-family: 'Segoe UI', Arial, sans-serif; font-size: 14px;"> </span></h2>
</div>
<div>
<span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;">First thing you need to find out what is "Sensitive Data" for your business.What are your business "terms and conditions" or what are your "policies" or what offerings you are providing to your consumer or customer. </span></span><span style="color: #111111; font-family: 'Segoe UI', Arial, sans-serif; font-size: 14px;">Sensitive Data are which can directly harm an individual or an organization.</span><br />
<span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;">Sensitive Data includes password , credit card , personal information and may include email depends on the business policy of different website.</span></span><br />
<span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;"><br /></span></span>
<span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><b><span style="font-size: 14px;">Impact of Sensitive Data Exposure :</span></b></span><br />
<span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;">Sensitive Data may exposed accidentally(application error or application bug) and maliciously done by any hacker. </span></span><br />
<br />
<ul style="text-align: left;">
<li><span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;">Negative Impact on consumer and business integrity,</span></span></li>
<li><span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;">Financial loss(from business loss/credit card exposed details misuse),</span></span></li>
<li><span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;">Can expose credit card detail , passwords etc.</span></span></li>
</ul>
<div>
<span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;">Multiple points where sensitive data may exposed by an ASP.NET application :</span></span></div>
<div>
<span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.blogger.com/blogger.g?blogID=4577946163419870602" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-iiUpWDD6hBs/U1Mq3AwF6dI/AAAAAAAAAo4/lC_WBYH3-Qk/s1600/MultiplePointsToExposeSesnitiveData.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-iiUpWDD6hBs/U1Mq3AwF6dI/AAAAAAAAAo4/lC_WBYH3-Qk/s1600/MultiplePointsToExposeSesnitiveData.jpg" height="366" width="640" /></a></div>
<div>
<span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;"><br /></span></span></div>
<div>
<span style="color: #111111; font-family: Segoe UI, Arial, sans-serif;"><span style="font-size: 14px;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', Arial, sans-serif; font-size: 14px;"> </span></div>
As we can see in above image there is no palace which is safe , an attacker can try to get sensitive data from victim(client) machine , victim browser (cache) , server's config , log and temp file ,database (using SQL injection or from config file).<br />
<br />
<b>How to prevent from Sensitive Data Exposure:</b><br />
Sensitive Data can be exposed Internally and externally.<br />
<br />
1. To prevent insider attack you need to control who gain access to your application and data backup,<br />
2. To prevent Outsider attack you need to encrypt all the "Sensitive Data" on the network,<br />
3. Secure storing of password in .NET applications (<a href="http://www.troyhunt.com/2012/07/stronger-password-hashing-in-net-with.html" rel="nofollow" target="_blank">Secure passwords in asp.net</a>),<br />
4. Disable Caching for pages that contains sensitive data,</div>
<div>
<b> In HTML page :</b><br />
<b><br /></b></div>
<div>
Add following META tags in Header of the page</div>
<div>
<pre> <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE"></pre>
<div>
<b><br /></b>
<b> In ASP.NET applications:</b><br />
<b><br /></b> We can use above headers anywhere as well. Specifically in asp.net we can disable caching programmatic for specific page ,add this in page load :<br />
<br />
<pre> Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache);
Response.Cache.SetNoStore();</pre>
<br />
Or set the ouput directive in .aspx page, that cache should expire in 0 seconds.<br />
<br /></div>
</div>
<div>
<pre><span style="font-family: Consolas, Courier, monospace; font-size: 13px; line-height: 17px;"> <%@ OutputCache Duration="0" VaryByParam="None" %></span>
</pre>
<div>
<br />
<b>In ASP.NET MVC applications:</b><br />
<b><br /></b>
<b> Disable for all actions in a controller -</b><b> </b><br />
<pre> [OutputCacheAttribute(VaryByParam = "*", Duration = 0, NoStore = true)] // will be applied to all actions in MyController, unless those actions override with t heir own decoration
public class MyController : Controller
{
// ...
} </pre>
</div>
<b> Disable for particular action-</b><br />
<b><br /></b>
<br />
<pre> public class MyController : Controller
{
[OutputCacheAttribute(VaryByParam = "*", Duration = 0, NoStore = true)] // w ill disable caching for Index action only
public ActionResult Index()
{
return View();
}
} </pre>
<div>
5. Turn off Auto-complete on the page where you are collecting sensitive data.<br />
<br />
<pre><form id="Form1" method="post" runat="server" autocomplete="off"> //for whole page
Or for a specific TextBox :
<input type= "text" autocomplete="off"/> // in simple html
<asp:TextBox ID="Textbox1" Runat="server" autocomplete="off"></asp:TextBox> //in asp.net aspx page</pre>
<br /></div>
6. Do not store sensitive data unnecessary (Like Many Online payment gateway do , they do not store credit card details they just pass it and forget it) , if you want to store such details then they must me <a href="https://www.pcisecuritystandards.org/security_standards/index.php" rel="nofollow" target="_blank">PCI/DSS</a> compliance .Including some<br />
<ul style="text-align: left;"><ul>
<li>Protect stored cardholder data</li>
<li>Encrypt transmission of cardholder data across open, public networks.</li>
</ul>
</ul>
</div>
<div>
<br /></div>
<div>
Encrypt of config file is it really necessary in asp.net? Nowadays i thought no because IIS7 does not allow to directly access config file from url. IIS7 restricted it by default , they filter every request from <span style="background-color: #666666;"><requestfiltering></span> , learn more about it (<a href="http://www.iis.net/configreference/system.webserver/security/requestfiltering/hiddensegments" rel="nofollow" target="_blank">Request Filtering</a>) .However if a web server has been compromised allowing remote access to the server itself, then having an encrypted web.config file will be the least of your worries :P :D.</div>
<h2 style="text-align: left;">
</h2>
<h2 style="text-align: left;">
Information leakage :</h2>
<div>
Revealing System data or debugging information helps an attacker to learn about the system and form a plan of attack accordingly.Information leakage is not direct attack, its just help an attacker to gather information about system which helps him to do any another attack.<br />
<br />
<b>What Can an attacker gathers ?</b><br />
<br />
<ul style="text-align: left;">
<li>Software versions(so attacker can try to find the vulnerabilities of that particular version)</li>
<li>System Types(SQL server, IIS, MySQL etc.. )</li>
<li>Login ID and Email address (Now attacker just have to find your password)</li>
<li>Tracing and debugging information</li>
</ul>
<div>
<b><br /></b>
<b>How an attacker gathers Information ?</b></div>
<div>
An attacker behaves likes an detective who collects all the information about the victim.There are some of ways how they do it :</div>
<div>
<b> 1. Search Engines : </b>Search engine index information about every website and attacker do take benefit from that.</div>
<div>
<ul style="text-align: left;">
<li>Index debug/trace information</li>
<li>Find any organization documents</li>
<li>Index private content</li>
<li>Index errors</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-pHtVxs_yV0U/U1yuskHVIsI/AAAAAAAAApI/xoFcgFaqTVc/s1600/ILexm.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-pHtVxs_yV0U/U1yuskHVIsI/AAAAAAAAApI/xoFcgFaqTVc/s1600/ILexm.jpg" height="480" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div>
<br /></div>
<div>
2.<b> Fiddling with application(forcing errors,analyzing </b><b>HTTP headers etc..</b><b>)</b></div>
</div>
<div>
<b>3. Automated scanning tools.</b></div>
<div>
<b><br /></b></div>
<div>
<b>Example :</b></div>
<div>
1. Getting trace information of many websites using search engines:</div>
<div class="separator" style="clear: both;">
<a href="http://3.bp.blogspot.com/-xo2PTO6snA4/U1yuu3fVleI/AAAAAAAAApU/uX65NJQKyeQ/s1600/ILExample.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-xo2PTO6snA4/U1yuu3fVleI/AAAAAAAAApU/uX65NJQKyeQ/s1600/ILExample.jpg" height="360" width="640" /></a><a href="http://3.bp.blogspot.com/-xo2PTO6snA4/U1yuu3fVleI/AAAAAAAAApU/uX65NJQKyeQ/s1600/ILExample.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a></div>
<div>
</div>
<br />
<br />
<div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Tracing information may expose :<br />
<br />
<ul style="text-align: left;">
<li>connection string (credentials)</li>
<li>Your application framework version (Helps attacker to form attack according to framework vulnerability)</li>
<li>Virtual directory path</li>
</ul>
<br />
<br />
2. Find organization documents<br />
<pre>site:www.[domain_name].com .xls .doc .ppt //Precede your query with site: if you know you want your answer from within a specific site or type of site</pre>
<br />
3. Forcing errors to see detail :<br />
Attacker try to cause error in any application(Asp.net) ,and gathers information about their version. In worst cases they do gather connection-string , credentials etc..<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-yTj4xo0vQzY/U2RXCJFpFwI/AAAAAAAAApk/ewLfd3fWpTI/s1600/errorExposed.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-yTj4xo0vQzY/U2RXCJFpFwI/AAAAAAAAApk/ewLfd3fWpTI/s1600/errorExposed.jpg" height="286" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Attacker can pass length which is not handled in the code (can pass length of query string which exceed max length of INT32 variable).Following details may exposed from by causing an error :<br />
<ul style="text-align: left;">
<li>Connection string is exposed by causing an error into any asp.net application (This is the worst case, i am just showing what attacker do hack any asp.net application,and i know nobody use this coding standard nowadays,but still.)</li>
<li>Coding implementation style</li>
<li>Physical location of an application</li>
<li>Asp.net version is exposed</li>
</ul>
<div>
4. HTTP Headers reveals information too :</div>
<div>
I have used <a href="http://www.telerik.com/fiddler" rel="nofollow" target="_blank">Fiddler</a> (Free tool to fiddle any application) to see the HTTP response header from server.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-17F4zjxT5c8/U2RgZ9k42PI/AAAAAAAAAp4/ETpadcNA3sY/s1600/ResponseHeadersAsp.net.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-17F4zjxT5c8/U2RgZ9k42PI/AAAAAAAAAp4/ETpadcNA3sY/s1600/ResponseHeadersAsp.net.jpg" /></a></div>
<div>
If you will see Miscellaneous node of HTTP Response header.These node details revealing that application is </div>
<div>
<ul style="text-align: left;">
<li>MVC application</li>
<li>Framework version is 4.0</li>
<li>Server is Microsoft-IIS</li>
</ul>
<div>
<br /></div>
</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br />
<br />
<br />
5. Login page/Sign up page helps attacker to know the Email Address is valid or not (example: Hackers try on many web application to login with administrator@domain.com , they can confirm this email by sign up page when sign up page will tell id already exist)</div>
<div>
<br /></div>
<div>
All above mentioned are just some example how an attacker gathers information about an application.There might be some other ways too.</div>
<div>
<br /></div>
<div>
<h3 style="text-align: left;">
<b>How to Prevent Asp.net Application from Information Leakage :</b></h3>
</div>
<div>
<b><br /></b></div>
<div>
<b>1. Always redirect to an Error page when any error occurs (Don't reveal anything from error)</b><br />
<br />
<b>In Asp.Net application :</b><br />
<b>Step 1: Create an error page/pages accordingly to the error</b><br />
<b>Step 2: In Application web.config set the default redirection when any error occurs :</b><br />
<b><br /></b>
<br />
<pre><system.web>
<customErrors mode="RemoteOnly" defaultRedirect="~/Error.aspx"></customErrors>
<div>
<span style="font-family: monospace;"><span style="white-space: pre;"> <!-- your rest configuration of system.web--></span></span><br />
</system.web></div>
</pre>
Custom error node will cause an application to redirect to <span style="background-color: #999999;">defaultRedirect</span> node value page. There are three mode in <span style="background-color: #999999;">customErrors</span><span style="background-color: white;"> On/Off/RemoteOnly . I personally use RemoteOnly because its automatically works only when application deployed not at the time of development so i can see the errors at the time of development and can fix them.</span><br />
<span style="background-color: white;"><br /></span>
<span style="background-color: white;">Using </span><span style="background-color: #999999;">customErrors</span><span style="background-color: white;"> node you can redirect according to the status code of Response Headers:</span><br />
<pre><customErrors mode="RemoteOnly" defaultRedirect="~/ErrorPages/Oops.aspx">
<error statusCode="404" redirect="~/ErrorPages/404.aspx" />
</customErrors></pre>
<span style="background-color: white;"><b><br /></b></span>
<span style="background-color: white;"><b>In Asp.Net MVC application :</b></span><br />
<span style="background-color: white;"><b>Step1 : Create an Error Controller</b></span><br />
<span style="background-color: white;"><b>Step2 : Again like asp.net application set it to web.config</b></span><br />
<pre><customErrors mode="On" defaultRedirect="~/Error">
<error redirect="~/Error/NotFound" statusCode="404" />
</customErrors></pre>
<br />
For different status code you can redirect to different views from controller:<br />
<pre>public class ErrorController : Controller
{
public ViewResult Index()
{
return View("Error");
}
public ViewResult NotFound()
{
Response.StatusCode = 404;
return View("NotFound");
}
}</pre>
Default Error view : (you can create according to the status code as well)<br />
<pre> @model System.Web.Mvc.HandleErrorInfo
@{
ViewBag.Title = "Error";
}
<hgroup class="title">
<h1 class="error">Error.</h1>
<h2 class="error">An error occurred while processing your request.</h2>
</hgroup></pre>
<br />
<b>2. Disable tracing </b><br />
Set trace enabled = false in web.config for both Asp.Net and Asp.Net MVC application in <system.web> node.<br />
<pre> <trace enabled="false"/></pre>
<br />
<br />
<b>3.Always Deploy in Release Mode</b><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-zfUnE4r41V0/U28I8wlZ9FI/AAAAAAAAAqE/fNnh97QFU8o/s1600/DeployInreleaseMode.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-zfUnE4r41V0/U28I8wlZ9FI/AAAAAAAAAqE/fNnh97QFU8o/s1600/DeployInreleaseMode.jpg" height="210" width="640" /></a></div>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b>Tip : Above mentioned Point 1,2,3 can be achieve using Asp.net feature of <span style="background-color: #999999;">Retail Mode</span> .</b><br />
Retail Mode is little known feature of Asp.Net which Turn on Custom Error , Disable tracing , Compiles in release mode for all the application running on a System.<br />
<br />
<ul style="text-align: left;">
<li>Turns on Custom Error</li>
<li>Disable Tracing</li>
<li>Compile in Release Mode</li>
</ul>
<div>
<b>How to Turn Retail Mode on ?</b></div>
<div>
<br /></div>
<div>
<b>Step 1: Go to > MachineConfig</b></div>
<pre>C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config
C:\Windows\Microsoft.NET\Framework\"Your Version of framework"\Config</pre>
<div>
<b><br /></b>
<b>Step 2: Open machine.config file > find <system.web> node</b><br />
<b>Step 3: under this Enable retail mode :</b><br />
<pre> <deployment retail="true" /></pre>
<b><br /></b></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-2ahRWyH14C4/U28P5BksWZI/AAAAAAAAAqU/M6_ds15yptM/s1600/retailMode.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-2ahRWyH14C4/U28P5BksWZI/AAAAAAAAAqU/M6_ds15yptM/s1600/retailMode.jpg" height="380" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<b>4. Remove Unnecessary HTTP headers</b><br />
<b><br /></b>
<br />
The X-AspNet-Version, X-AspNetMvc-Version, X-Powered-By, and Server HTTP headers provide no direct benefit and unnecessarily used a small amount of bandwidth.<br />
<br />
<ul style="text-align: left;">
<li>Removing <b>X-AspNet-Version</b> : Under <System.web> add this <httpRuntime enableVersionHeader="false"/></li>
<li>Removing <b>X-AspNetMvc-Version</b> : Add this in Global.asax.cx file MvcHandler.DisableMvcResponseHeader = true;</li>
<li>Remove <b>Server </b>Header : Refer this <a href="http://blogs.technet.com/b/stefan_gossner/archive/2008/03/12/iis-7-how-to-send-a-custom-server-http-header.aspx" rel="nofollow" target="_blank">link</a> </li>
<li>Remove or Edit <b>X-Powered-By</b> : IIS7 Manager > HTTP Response Header > Remove</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-2Q0QWDnpNck/U5JFB15YOpI/AAAAAAAAAq0/H1JRb0Hklxc/s1600/Picture1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-2Q0QWDnpNck/U5JFB15YOpI/AAAAAAAAAq0/H1JRb0Hklxc/s1600/Picture1.jpg" height="140" width="640" /></a><a href="http://4.bp.blogspot.com/-2Q0QWDnpNck/U5JFB15YOpI/AAAAAAAAAq0/H1JRb0Hklxc/s1600/Picture1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a><a href="http://4.bp.blogspot.com/-2Q0QWDnpNck/U5JFB15YOpI/AAAAAAAAAq0/H1JRb0Hklxc/s1600/Picture1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a><a href="http://4.bp.blogspot.com/-2Q0QWDnpNck/U5JFB15YOpI/AAAAAAAAAq0/H1JRb0Hklxc/s1600/Picture1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<b>5. Beware of error/information messages should not give too much information</b> -</div>
<div>
We hate this message from some websites at the time of login - "your credentials is incorrect".But some websites deliberately do it , they don't want to tell you the which one is incorrect Password or UserID .</div>
<div>
<br /></div>
<div>
<b>6. Search your application on search engines (Google,Bing ,yahoo ..) to see what is indexed their.</b></div>
<div>
its very easy to conduct a site search using google :</div>
<div>
Enter site:www.yourwebsite.com search term into the search box.*</div>
<div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-gVV5miXWqXU/U5JIvrwg3aI/AAAAAAAAArA/6gO1m7d7ebU/s1600/SiteSearch.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-gVV5miXWqXU/U5JIvrwg3aI/AAAAAAAAArA/6gO1m7d7ebU/s1600/SiteSearch.jpg" height="458" width="640" /></a></div>
</div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<div>
<b> 7. Test permissions </b></div>
<div>
<b> 8. Test error (cause error and see what really happens)</b></div>
<div>
<b> 9. Audit your source code </b></div>
</div>
<div>
<b><br /></b></div>
<h3 style="text-align: left;">
<b>References and further readings: </b></h3>
<div>
<b></b><br />
<div>
<b><a href="https://www.owasp.org/index.php/Information_Leakage/">https://www.owasp.org/index.php/Information_Leakage/</a></b></div>
<b>
<div>
<a href="https://www.owasp.org/index.php/ASP.NET_Misconfigurations/">https://www.owasp.org/index.php/ASP.NET_Misconfigurations/</a></div>
<div>
<a href="http://cwe.mitre.org/data/definitions/200.html">http://cwe.mitre.org/data/definitions/200.html</a></div>
</b></div>
<div>
<b><br /></b></div>
<div>
<br /></div>
</div>
</div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com4tag:blogger.com,1999:blog-4577946163419870602.post-17915963512654875452014-04-13T00:23:00.000-07:002014-04-13T14:59:02.799-07:00What is Heartbleed bug and Its solutions ?<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Introduction <o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">From last few days Heartbleed trending on the internet and saying to the
internet, I am the evil. People are calling this bug as "Biggest Security
Threat" to the internet. Some Websites called this bug
"Catastrophic".<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">I was Gawked to know i was not safe since 2011 December Since OpneSSL
included Heartbeat Extension.<o:p></o:p></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a rel="lytebox" href="http://2.bp.blogspot.com/-PNsn11CMwDQ/U0o5iC1IMnI/AAAAAAAAAoE/8k_KXtoGMZ8/s1600/Heartbleed.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-PNsn11CMwDQ/U0o5iC1IMnI/AAAAAAAAAoE/8k_KXtoGMZ8/s1600/Heartbleed.jpg" height="320" width="306" /></a></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN; mso-no-proof: yes;"><!--[if gte vml 1]><v:shapetype id="_x0000_t75"
coordsize="21600,21600" o:spt="75" o:preferrelative="t" path="m@4@5l@4@11@9@11@9@5xe"
filled="f" stroked="f">
<v:stroke joinstyle="miter"/>
<v:formulas>
<v:f eqn="if lineDrawn pixelLineWidth 0"/>
<v:f eqn="sum @0 1 0"/>
<v:f eqn="sum 0 0 @1"/>
<v:f eqn="prod @2 1 2"/>
<v:f eqn="prod @3 21600 pixelWidth"/>
<v:f eqn="prod @3 21600 pixelHeight"/>
<v:f eqn="sum @0 0 1"/>
<v:f eqn="prod @6 1 2"/>
<v:f eqn="prod @7 21600 pixelWidth"/>
<v:f eqn="sum @8 21600 0"/>
<v:f eqn="prod @7 21600 pixelHeight"/>
<v:f eqn="sum @10 21600 0"/>
</v:formulas>
<v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect"/>
<o:lock v:ext="edit" aspectratio="t"/>
</v:shapetype><v:shape id="Picture_x0020_5" o:spid="_x0000_i1029" type="#_x0000_t75"
alt="http://www.codeproject.com/KB/Articles/758776/Working/Heartbleed.jpg"
style='width:279pt;height:291pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\sarvesh\AppData\Local\Temp\msohtmlclip1\01\clip_image001.jpg"
o:title="Heartbleed"/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span>
<br />
<a name='more'></a><br /></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Background<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">This heartbleed bug is on internet since 2011 December and it got fixed
a week ago .First it was found by Google Security team member <b><span style="border: none windowtext 1.0pt; mso-border-alt: none windowtext 0cm; padding: 0cm;">NEEL MEHTA </span></b>and a software firm called <b><span style="border: none windowtext 1.0pt; mso-border-alt: none windowtext 0cm; padding: 0cm;">CODENOMICON.</span></b> Codenomicon took the initiative about
this bug and created a website for the information and solution of this bug i.e <a href="http://heartbleed.com/"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://heartbleed.com</span></a>.<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><b>Why we Need SSL ?</b></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Before getting dive into the HeartBleed , i would like to tell you about
why we need SSL (Secure Cocket Layer) also known as TSL (Transport security
layer).<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Usually we send the password,personal details,credit card details,
selfie pics, social media posts over the internet . </span></div>
<div class="separator" style="clear: both; text-align: center;">
<a rel="lytebox" href="http://3.bp.blogspot.com/-tC6nyeSqk38/U0o5sSY55jI/AAAAAAAAAoM/FHnGdE8SniI/s1600/InfoOnInternet.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-tC6nyeSqk38/U0o5sSY55jI/AAAAAAAAAoM/FHnGdE8SniI/s1600/InfoOnInternet.jpg" height="286" width="640" /></a></div>
<!--[if gte vml 1]><v:shape id="Picture_x0020_4"
o:spid="_x0000_i1028" type="#_x0000_t75" alt="http://www.codeproject.com/KB/Articles/758776/Working/InfoOnInternet.jpg"
style='width:471pt;height:210.75pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\sarvesh\AppData\Local\Temp\msohtmlclip1\01\clip_image002.jpg"
o:title="InfoOnInternet"/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--><o:p></o:p><br />
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">To encrypt such details we used HTTPS. To ensure any malicious person
can not intercept these details we use OpenSSL. Which is a open source software
for the implementation of SSL on the web.<o:p></o:p></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a rel="lytebox" href="http://4.bp.blogspot.com/-csLXEF1qQ3o/U0o56_ijeUI/AAAAAAAAAoU/q5-frI4upV4/s1600/SSLimplementations.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-csLXEF1qQ3o/U0o56_ijeUI/AAAAAAAAAoU/q5-frI4upV4/s1600/SSLimplementations.jpg" height="224" width="640" /></a></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN; mso-no-proof: yes;"><!--[if gte vml 1]><v:shape id="Picture_x0020_3"
o:spid="_x0000_i1027" type="#_x0000_t75" alt="http://www.codeproject.com/KB/Articles/758776/Working/SSLimplementations.jpg"
style='width:603.75pt;height:213pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\sarvesh\AppData\Local\Temp\msohtmlclip1\01\clip_image003.jpg"
o:title="SSLimplementations"/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">But all the SSL implemented HeartBeat extensions are vulnerable to
HeartBleed. Through HeartBeat extension attacker can read the client/server
memory(64kb at a time) .<o:p></o:p></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-lTXSmAflhig/U0o6CruoPBI/AAAAAAAAAoc/swSjOqtVJnI/s1600/HeartbeatExploit.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-lTXSmAflhig/U0o6CruoPBI/AAAAAAAAAoc/swSjOqtVJnI/s1600/HeartbeatExploit.jpg" height="386" width="640" /></a></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN; mso-no-proof: yes;"><!--[if gte vml 1]><v:shape id="Picture_x0020_2"
o:spid="_x0000_i1026" type="#_x0000_t75" alt="http://www.codeproject.com/KB/Articles/758776/Working/HeartbeatExploit.jpg"
style='width:574.5pt;height:347.25pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\sarvesh\AppData\Local\Temp\msohtmlclip1\01\clip_image004.png"
o:title="HeartbeatExploit"/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="border: none windowtext 1.0pt; color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-border-alt: none windowtext 0cm; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN; padding: 0cm;">What
is Heartbeat Extension ?</span><span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">OpenSSL introduced an extension Heartbeat to keep seesion alive for
longer time and to avoid reestablishment of sessions. Heartbeat introduced in
OpnSSL with its 1.0.1 build release as defined in the RFC 6520 TLS/DTLS
Heartbeat Extension. Heartbeat messages can be sent without authenticating with
the server.For every request there might be a Heartbeatrequest and a
Heartbeatresponse.<o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">What is Heartbleed
?<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">YAY you got the nerve - "<b><span style="border: none windowtext 1.0pt; mso-border-alt: none windowtext 0cm; padding: 0cm;">Vulnerability in Hearbeat
causes Heartbleed</span></b>".<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Heartbleed bug allows anyone on the Internet to read the memory of the
systems protected by the vulnerable versions of the OpenSSL software.<o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Are you Heartbleed
Vulnurable ?<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">People have created the malicious script for heartbeat request and
created many online checker .Following are the websites where you can test are
your website is Heartbleed vulnerable or not.<o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 0cm 0cm 0.0001pt; text-align: left; text-indent: -18pt;">
</div>
<ul style="text-align: left;">
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="http://filippo.io/Heartbleed/"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://filippo.io/Heartbleed/</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="https://lastpass.com/heartbleed/"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">https://lastpass.com/heartbleed/</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="http://tif.mcafee.com/heartbleedtest" target="_blank"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://tif.mcafee.com/heartbleedtest</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="http://tif.mcafee.com/heartbleedtest" target="_blank"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">https://www.ssllabs.com/ssltest/</span></a></span></li>
</ul>
<!--[if !supportLists]--><br />
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">How to exploit
Heartbleed attack?<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">There are many available ways to exploit Heartbleed .Everyone has their
proof of concepts .<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Some of Ways liked by me :<o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 0cm 0cm 0.0001pt; text-align: left; text-indent: -18pt;">
</div>
<ul style="text-align: left;">
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">Easy and simple way to do it :<a href="http://www.garage4hackers.com/entry.php?b=2551"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://www.garage4hackers.com/entry.php?b=2551</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">Honeypot Sniffing: <a href="http://packetstormsecurity.com/files/126068/hb_honeypot.pl.txt"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://packetstormsecurity.com/files/126068/hb_honeypot.pl.txt</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">Openmagic <a href="https://github.com/isgroup-srl/openmagic"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">https://github.com/isgroup-srl/openmagic</span></a>/</span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford<a href="https://gist.github.com/dyatlov/10192468"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">https://gist.github.com/dyatlov/10192468</span></a></span></li>
</ul>
<!--[if !supportLists]--><br />
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
<span style="font-family: "Times New Roman","serif"; font-size: 12.0pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Basically
using idea of Heartbeat , client can send a Heartbeatrequest and server will
have to respond with Heartbeatresponse.<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">The total length of a HeartbeatMessage(request/response) can NOT exceed
2^14 or max_fragment_length when negotiated as defined in [RFC6066]. So we are
only able to leak 64 kb of memory and that could easily have usernames/password
or any random information.<o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Which OpenSSL
versions are vulnerable and Who are vulnerable to Heartbleed ?<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Heartbleed is only exploit where vulnarable OpenSSL software has
installed .Vulnerable versions are:<o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 0cm 0cm 0.0001pt; text-align: left; text-indent: -18pt;">
</div>
<ul style="text-align: left;">
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">1.0.1</span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">1.0.1a,</span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">1.0.1b,</span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">1.0.1c,</span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">1.0.1d,</span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">1.0.1e,</span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">1.0.1f,</span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">1.0.2-beta1. </span></li>
</ul>
<!--[if !supportLists]--><br />
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
<br /></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">OpenSSL are installed mostly on the Apache servers and nginx servers.
According to the Netcraft <b>Half a million</b> trusted websites are
vulnerable to this Heartbleed Bug. <b>Image Courtsey Netcraft</b> : <span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;"><a href="http://news.netcraft.com/archives/2014/04/02/april-2014-web-server-survey.html">LINK </a></span><o:p></o:p></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a rel="lytebox" href="http://1.bp.blogspot.com/-A84QH3vmcgI/U0o6MkXBOOI/AAAAAAAAAok/eEUWd_zJqIQ/s1600/netcraft+report.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://1.bp.blogspot.com/-A84QH3vmcgI/U0o6MkXBOOI/AAAAAAAAAok/eEUWd_zJqIQ/s1600/netcraft+report.png" height="556" width="640" /></a></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN; mso-no-proof: yes;"><!--[if gte vml 1]><v:shape id="Picture_x0020_1"
o:spid="_x0000_i1025" type="#_x0000_t75" alt="http://www.codeproject.com/KB/Articles/758776/Working/netcraft_report.png"
style='width:395.25pt;height:343.5pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:\Users\sarvesh\AppData\Local\Temp\msohtmlclip1\01\clip_image005.png"
o:title="netcraft_report"/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--></span><span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Are windows server safe ?</span></b><span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;"><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Being a .Net developer this is the first thing came into my mind, Are
the websites developed by me and deployed on the Windows server using IIS are
safe ?<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">According to the Microsoft they do not include OpenSSL and are not
vulnerable to this Heartbleed. Microsoft has their own encryption component
called SChannel (Abbreviated as Secure Channel) .But Those client which are
running softwares on OpenSSL instead of Schannel are
vulnerable to this threat. <o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Solutions to
prevent Heartbleed attack :<o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Upgrade your
OpenSSL : <o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Apply an upgarde to <a href="http://www.openssl.org/news/secadv_20140407.txt" target="_blank" title=""><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">OpenSSL 1.0.1g</span></a> . Contact your software vendor
to apply an update for this. <o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Things to remember .</span></div>
<div class="MsoNormal">
</div>
<ol style="text-align: left;">
<li><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">Regenerate you
Secret Keys(There might be possibility that attacker already hacked your
cuurent secret key).</span></li>
<li><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">Ask your users to
change the password (I have receieved the offical mail request from tumblr to
change password). </span></li>
</ol>
<br />
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">Disable Heartbeat
from Current installed SSL:</span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt;">Steps to Do it :</span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
</div>
<ol style="text-align: left;">
<li><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">Recompile your
OpenSSL with the -DOPENSSL_NO_HEARTBEATS flag.</span></li>
<li><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;">Restart your Apache
and nginx server to effect the above command. </span></li>
</ol>
<br />
<!--[if !supportLists]--><br />
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
<br /></div>
<div class="MsoNormal">
<span style="color: #111111; font-family: "Segoe UI","sans-serif"; font-size: 10.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">I hope you liked this simple and straight article.I have insighted alot
about this bug , we can have a healthy discussion here regarding this bug.<o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 15pt 0cm 8.25pt;">
<span style="color: #333333; font-family: "Segoe UI","sans-serif"; font-size: 22.5pt; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-IN;">References and
further readings: <o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 0cm 0cm 0.0001pt; text-align: left; text-indent: -18pt;">
</div>
<ul style="text-align: left;">
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="http://heartbleed.com/"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://heartbleed.com/</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="http://www.troyhunt.com/2014/04/everything-you-need-to-know-about.html"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://www.troyhunt.com/2014/04/everything-you-need-to-know-about.html</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="http://news.netcraft.com/archives/2014/04/02/april-2014-web-server-survey.html"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://news.netcraft.com/archives/2014/04/02/april-2014-web-server-survey.html</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="https://www.openssl.org/news/secadv_20140407.txt"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">https://www.openssl.org/news/secadv_20140407.txt</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="http://blogs.technet.com/b/erezs_iis_blog/archive/2014/04/09/information-about-heartbleed-and-iis.aspx"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://blogs.technet.com/b/erezs_iis_blog/archive/2014/04/09/information-about-heartbleed-and-iis.aspx</span></a></span></li>
<li><span style="color: #111111; font-family: Symbol; font-size: 10pt; text-indent: -18pt;"><span style="font-family: 'Times New Roman'; font-size: 7pt;"> </span></span><span style="color: #111111; font-family: 'Segoe UI', sans-serif; font-size: 10.5pt; text-indent: -18pt;"><a href="http://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/"><span style="border: none windowtext 1.0pt; color: purple; mso-border-alt: none windowtext 0cm; padding: 0cm;">http://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/</span></a> </span></li>
</ul>
<div>
<span style="color: #111111; font-family: Segoe UI, sans-serif;"><span style="font-size: 14px;"><br /></span></span></div>
<!--[if !supportLists]--><br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
<br /></div>
</div>Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com1tag:blogger.com,1999:blog-4577946163419870602.post-60361077934366715812014-04-11T09:25:00.004-07:002017-01-21T09:42:38.900-08:00C# Command Line Compiler (CSC.EXE)<div dir="ltr" style="text-align: left;" trbidi="on">
<b>What is CSC.EXE ? </b><br />
Command line compiler takes C# code as input and transforms code to MSIL/CIL (Microsoft intermediate language/Common intermediate language).CSC.exe produces .dll (dynamic link library) and .exe (executable) files.<br />
<a name='more'></a><br />
<a href="http://4.bp.blogspot.com/-4e00ypVUFTI/U0bum3Qej7I/AAAAAAAAAnc/p5fpu_pvVYY/s1600/CSC.jpg" imageanchor="1" rel="lytebox" style="clear: left; display: inline !important; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" height="360" src="https://4.bp.blogspot.com/-4e00ypVUFTI/U0bum3Qej7I/AAAAAAAAAnc/p5fpu_pvVYY/s1600/CSC.jpg" width="640" /></a><br />
<br />
CSC.exe comes with .net framework.you can install it standalone too.which is in :<br />
<br />
<pre>c:\Windows\Microsoft.Net\Framework\v4.0.30319{version installed on your computer}\csc.exe
</pre>
<br />
<br />
<b>How to Compile C# programs using CSC.exe (Without using Visual Studio) ?</b><br />
<br />
<b>Step 1:</b><br />
<br />
Create a program first -> myprogram.cs (name is upto you :P) , so we can compile that using CSC.EXE .<br />
I have created a program containing simple code :<br />
<br />
<pre>using System;
public class myprogram
{
static void Main()
{
Console.WriteLine("I hate hello world");
}
}
</pre>
<br />
<b>Step 2:</b><br />
<br />
<ul style="text-align: left;">
<li>Open the command prompt</li>
<li>Reach at the palace where is your program file exists</li>
<li>Locate the CSC (C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe )</li>
<li>Give input to CSC (C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe myprogram.cs)</li>
<li>.exe will be generated ;) :) </li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-FPbocy2lJ48/U0gVmzUpkwI/AAAAAAAAAns/9qLE6C7hKkk/s1600/CSC-Command.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="140" src="https://4.bp.blogspot.com/-FPbocy2lJ48/U0gVmzUpkwI/AAAAAAAAAns/9qLE6C7hKkk/s1600/CSC-Command.jpg" width="640" /></a></div>
<div>
<br /></div>
<br />
<b><br /></b>
<b><br /></b>
<b><br /></b>
<br />
<span id="goog_715584815"></span><span id="goog_715584816"></span><br />
<br />
<br />
<br />
<br />
<b>Step 3:</b><br />
<br />
Like indian movies there is happy ending .. A myprogram.exe is generated on my desktop :) .Execute that exe using CMD to see the desired result :<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-BI_WEFOk9TU/U0gWpFVxhRI/AAAAAAAAAn0/K3xzO_pphXs/s1600/CSC-output.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="254" src="https://3.bp.blogspot.com/-BI_WEFOk9TU/U0gWpFVxhRI/AAAAAAAAAn0/K3xzO_pphXs/s1600/CSC-output.jpg" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
YAY WE WON :P :) .Thats all what CSC.exe do for us .When we compile using visual studio its just use the same process we have done, behind the scene .<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com2tag:blogger.com,1999:blog-4577946163419870602.post-53570134546066739652014-04-10T00:36:00.001-07:002017-01-21T09:42:14.709-08:00Framework Class Library (FCL) in .NET <div dir="ltr" style="text-align: left;" trbidi="on">
<h4 style="text-align: left;">
FCL (Framework Class Library) :</h4>
<blockquote class="tr_bq">
A library of functionality to build / design .net applications.</blockquote>
Again as Framework class library(FCL) names depicts us its a collection of thousand and thousands of classes which is use to build an application.<br />
<br />
<a href="http://www.someecards.com/usercards/nsviewcard/MjAxNC0zOTcwM2YwYjViNTRlM2U1"><img alt="someecards.com - Shakespeare: what's in the name? Student : you Bi**ch !!! Sometimes names define Everything. *Kidding*" src="https://static.someecards.com/someecards/usercards/MjAxNC04ZDk2ZDc2ZDI3NDFjNzE1.png" /></a>
<br />
<br />
<a name='more'></a><br />
<br />
<blockquote class="tr_bq">
The Framework Class Library (FCL) is the collection of libraries that contains the totality: ASP.NET, WinForms,WCF,Web Services, the XML stack, ADO.NET and Many more.</blockquote>
<br />
Below image will make things more clear for you :<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-ER0geJ1An0s/U0ZHQe8hCqI/AAAAAAAAAnM/ZDtGLWPgj0A/s1600/framwork-class-library.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://1.bp.blogspot.com/-ER0geJ1An0s/U0ZHQe8hCqI/AAAAAAAAAnM/ZDtGLWPgj0A/s1600/framwork-class-library.jpg" width="640" /></a></div>
To build .net applications we need some predefined classes , so we can use them and make application according to our need so .NET framework provided us this FCL for the same purpose.<br />
<br />
Some of the FCl libraries are :<br />
<br />
<ol style="text-align: left;">
<li>Microsoft.Windows</li>
<li>System.Web<span class="Apple-tab-span" style="white-space: pre;"> </span></li>
<li>System.Windows</li>
<li>System.Secuirty</li>
<li>System.Reflection</li>
<li>System.Runtime</li>
</ol>
<br />
Thats it Folks !!!! <3 Write less Tell More :) :) ...<br />
<br />
<br />
<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com71tag:blogger.com,1999:blog-4577946163419870602.post-1901691761815722302014-04-06T08:52:00.003-07:002017-01-21T09:42:47.977-08:00CLR in .Net <div dir="ltr" style="text-align: left;" trbidi="on">
<h4 style="text-align: left;">
<b>Common Language Runtime : </b></h4>
<span style="color: #444444;">As its names depicts, its an execution environment for .Net applications (.Net supported languages). CLR job is managing the application while it executes.CLR manages the execution of programs written in supported language of .NET framework like (C#, Visual Basic, F#, IronPython, IronRuby, Boo, etc.).</span><br />
<span style="color: #444444;"></span><br />
<a name='more'></a><span style="color: #444444;"><br /></span>
<span style="color: #444444;">Below are the some services CLR provides when its manages the .NET application :</span><br />
<br />
<ol style="text-align: left;">
<li><span style="color: #444444;">Memory management</span></li>
<li><span style="color: #444444;">Operating system and hardware independence</span></li>
<li><span style="color: #444444;">language independence</span></li>
<li><span style="color: #444444;">Security </span></li>
</ol>
<div>
<b>1. Memory Management : </b></div>
<div>
<b><span style="color: #444444;"><br /></span></b></div>
<div>
<span style="color: #444444;">CLR actively tracks the objects you have created and memory things and CLR knows when you have finished your work with that object and you are finished with that memory then CLR cleans that memory so your program or application have enough memory to work further.</span></div>
<div>
<br /></div>
<div>
<b>2. Operating System and Hardware independence :</b></div>
<div>
<b><br /></b></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-GJHiVcjhFVw/U0FkEJ3d7RI/AAAAAAAAAm4/nnGrTXVn2Qc/s1600/CLR+independent.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="330" src="https://2.bp.blogspot.com/-GJHiVcjhFVw/U0FkEJ3d7RI/AAAAAAAAAm4/nnGrTXVn2Qc/s1600/CLR+independent.jpg" width="640" /></a></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<b><br /></b></div>
<div>
<span style="color: #444444;">.NET executable file (.EXE) is not a native window application , its made up of instructions called Common intermediate language (CIL) and sometimes its called Microsoft intermediate language (MSIL) .</span></div>
<div>
<span style="color: #444444;">Any device which has any kind of CLR can run the .Net applications .Like java application can run only where java virtual machine is installed .we can say CLR is like JVM (java virtual machine) and CIL is like java bytecode .</span></div>
<div>
<span style="color: #444444;">CLR is like a virtual machine its virtualizes the execution environment for .net application , you don't have to worry about what version of .net application , what specific cpu is being used.</span></div>
<div>
<br /></div>
<div>
<b>3. Language independence :</b> </div>
<div>
</div>
<div>
<span style="color: #444444;"> All .net supported language ( VC#.Net,VB.Net,VC++,VJ#,VF#,PHP,COBOL,PERL, PHYTHON, SMALLTALK,JSCRIPT...etc ) is managed by CLR .Programmes/application in any of Visual Basic , Visual C++ ,F#, or C# after compile they turns into an intermediate form of code called Common Intermediate Language (CIL) in a portable execution ( PE ) file that can then be managed and executed by the Common Language Runtime. </span></div>
<div>
<br /></div>
<div>
<b>4. Security : </b></div>
<div>
</div>
<div>
<span style="color: #444444;">CLR enforces Policy, Permissions on the .net applications . CLR applies the code access secuirty on the application . to understand it better please follow the link : <a href="http://msdn.microsoft.com/en-us/magazine/cc188939.aspx" target="_blank">http://msdn.microsoft.com/en-us/magazine/cc188939.aspx</a></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;">As all of the above are vast topic in itselfs , people have written book on just CLR .Tried to make you understand the overview of CLR hope you guys will like this article . :) :) </span></div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com1tag:blogger.com,1999:blog-4577946163419870602.post-44646697799371613052014-03-08T19:26:00.002-08:002014-03-09T22:08:07.877-07:00Knockout Built In Bindings- Part 1<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
</div>
Knockout providing Some built in bindings which update UI automatically and finally it keeps a clean layout with no dependency on ID and CSS class.<br />
We can categorize Knockout Built in bindings into four types:<br />
<br />
<ol style="text-align: left;">
<li>Text and Appearance</li>
<li>Control flow</li>
<li>Forms </li>
<li>Templates</li>
</ol>
<h4 style="text-align: left;">
<b><a name='more'></a>1. Text and Appearance : </b></h4>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-cTg7-mMb3Xk/UxK-3kCZNWI/AAAAAAAAAls/Ah5tzuQ4Q1k/s1600/KOBIBT1.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-cTg7-mMb3Xk/UxK-3kCZNWI/AAAAAAAAAls/Ah5tzuQ4Q1k/s1600/KOBIBT1.jpg" height="242" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
For controlling Text and Appearance Knockout providing above mentioned Built in bindings .i think their names depicting what they are meant for .So instead of describing them and i will tell , how to use them :<br />
<br />
<b>HTML </b>to use above KO built in bindings will be like :<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-V_RTUZmx3wE/UxLFCenK8hI/AAAAAAAAAl8/GqMM5AEtehA/s1600/KOBIBT1Use.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-V_RTUZmx3wE/UxLFCenK8hI/AAAAAAAAAl8/GqMM5AEtehA/s1600/KOBIBT1Use.jpg" height="282" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
To set Properties in <b>ViewModel</b> Code will be :<br />
<pre class="brush: js"> //#region Built In Bindings Type: Text and Apperance
var TextandpApperanceModel = {
ShowItOrHideIt: ko.observable(true), //its for visible Binding , true makes assoicated DOM element intially visible.
TextBinding: ko.observable("Show this line at associalted DOM element"),
HtmlBinding: ko.observable("<strong>Make It Bold</strong>"), //Take care of HTMl Encoding ,otherwise I will hack you :P
Age: ko.observable(80), //If your are above 80 then css should be RED :P
StyleBinding: ko.observable('Blue'), // We can set the style too
AttrBindingUrl: ko.observable('http://sarveshkushwaha.blogspot.com'), //setting the attribute href and target of an anchor
AttrBindingTarget: ko.observable('_blank'),
};
TextandpApperanceModel.CssBinding = ko.computed(function () {
return this.Age() > 75 ? "alert alert-danger" : "alert alert-success";
}, TextandpApperanceModel);
$('#ShowMeOrHideMe').click(function () {
var clicks = $(this).data('clicks');
if (clicks) {
TextandpApperanceModel.ShowItOrHideIt(true);
} else {
TextandpApperanceModel.ShowItOrHideIt(false);
}
$(this).data("clicks", !clicks);
});
ko.applyBindings(TextandpApperanceModel, document.getElementById('BindingTextAndApperanceSection'));
//#endregion
</pre>
<br />
<div style="text-align: left;">
I dont think i should do extra effort to describe all above code , its easy to understand and i have described lill bit as their comments .<br />
<br />
<h4 style="text-align: left;">
<b>2. Control Flow : </b></h4>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-i5nLyRl4O5Y/UxqkqRVOBYI/AAAAAAAAAmQ/L8aVomPvG0E/s1600/KOBIBT2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-i5nLyRl4O5Y/UxqkqRVOBYI/AAAAAAAAAmQ/L8aVomPvG0E/s1600/KOBIBT2.jpg" height="298" width="640" /></a></div>
<div>
<b><br /></b></div>
</div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<ul style="text-align: left;">
<li><b>if binding </b>: it almost like visible binding , visible binding applies css to associated DOM element to hide and show and where If binding physically adds or remove the associated DOM element in your DOM.</li>
</ul>
<div>
Example Case : lets suppose we want to show some text on CheckBox checked.and hide text o uncheck of the same textbox. How easily we can do this using if Binding : </div>
<div>
<br /></div>
<div>
<b>HTML :</b>
<br />
<pre><label><input type="checkbox" data-bind="checked: displayMessage" /> Control flow Binding Using IF (checkbox check then show) :Display message</label>
<div data-bind="if: displayMessage"> Here is my message.</div>
</pre>
<b><br /></b>
<b>ViewModel:</b><br />
<b><br /></b>
<br />
<pre> //#region Control flow
var arrayForech = [{ Name: "sarvesh" }, { Name: "isha" }, { Name: "akshay" }, { Name: "nitish" }];
var ControlFlowBindingModel = {
displayMessage: ko.observable(false),
ForeachBinding : ko.observable(arrayForech)
};
ko.applyBindings(ControlFlowBindingModel, document.getElementById('ControlFlowBinding'))
//#endregion
</pre>
<br /></div>
<ul style="text-align: left;">
<li><b>ifnot binding: </b>just opposite of if .</li>
<li><b>Foreach Binding : </b>To iterate any collection we can use foreach Binding. </li>
</ul>
<div>
<b>HTML :</b>
<br />
<pre><ul data-bind="foreach: ForeachBinding">
<li data-bind="text: Name"></li>
</ul>
</pre>
<b>Output:
</b>
<br />
<pre><ul data-bind="foreach: ForeachBinding">
<li data-bind="text: Name">sarvesh</li>
<li data-bind="text: Name">isha</li>
<li data-bind="text: Name">akshay</li>
<li data-bind="text: Name">nitish</li>
</ul>
</pre>
</div>
<div>
<b><br /></b>
<b><br /></b></div>
<div>
<b>Tips: </b>KO provides comment based syntax too for control flow.</div>
</div>
<pre>
<ol>
<!-- ko foreach :ForeachBinding -->
<li data-bind="text: Name"></li>
<!-- /ko -->
</ol>
</pre>
<br />
<br />
<ul style="text-align: left;">
<li><b>With Binding: </b>With binding creates a new context of binding , so all the descendent elements will bind to that specific object.</li>
</ul>
<div>
<b>HTML:</b></div>
<pre><h1 data-bind="text: city"> </h1>
<p data-bind="with: coords">
Latitude: <span data-bind="text: latitude"> </span>,
Longitude: <span data-bind="text: longitude"> </span>
</p>
</pre>
<b>ViewModel:</b><br />
<pre><script type="text/javascript">
ko.applyBindings({
city: "London",
coords: {
latitude: 51.5001524,
longitude: -0.1262362
}
});
</script>
</pre>
<pre></pre>
<pre>All the code you can download from my <a href="https://github.com/sarveshkushwaha/KnockoutDemo" target="_blank">GITHUB </a>repository.</pre>
<pre></pre>
<div>
<b><br /></b></div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com0tag:blogger.com,1999:blog-4577946163419870602.post-52821159196835535902014-02-01T19:33:00.001-08:002014-02-01T19:45:11.592-08:00Knockout Observables<div dir="ltr" style="text-align: left;" trbidi="on">
<b><span style="color: #444444;">What are Knockout Observables ? </span></b><br />
<blockquote class="tr_bq">
<span style="color: #444444;">Lets keeping it simple , Our UI gets automatically update when the ViewModel changes.To tell KO about changes in ViewModel we used Observables. Hey hey ... you just used term ViewModel . how will i create a ViewModel with KO ? </span></blockquote>
<br />
<a name='more'></a><br />
<span style="color: #444444;">Ok... Lets create it then ..its very easy to create ViewModel with KO just create a javascript object.</span><br />
<br />
<pre><span style="color: #444444;">var ViewModel = {</span>
<span style="color: #444444;"> Name: 'Sarvesh',</span>
<span style="color: #444444;"> GirlFriendName: 'Hehaha'</span>
<span style="color: #444444;"> };</span>
</pre>
<span style="color: #444444;">
Ok , we are done with ViewModel and now how to tell changes of ViewModel to KO ? </span><br />
<span style="color: #444444;">Answer : just make your model properties Observable like this.</span>
<br />
<span style="color: #444444;"><br /></span>
<br />
<pre><span style="color: #444444;">var ViewModel = {</span>
<span style="color: #444444;"> Name: ko.observable('Sarvesh'),,</span>
<span style="color: #444444;"> GirlFriendName: ko.observable('Hehaha')</span>
<span style="color: #444444;"> };</span></pre>
<pre><span style="color: #444444;">
</span></pre>
<span style="color: #444444;"><b>Observables:</b></span><br />
<span style="color: #444444;">Why we created observable like function ?? </span><br />
<span style="color: #444444;">Yuhuuuu you got the nerve darling .. Observable are actually functions .</span><br />
<span style="color: #444444;"><br /></span>
<a href="http://www.someecards.com/usercards/nsviewcard/MjAxNC0yYWE3ZmI2YTE4MjQwNTIz" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img alt="someecards.com - Never Forget that Observables are functions even when you are drunk :)" src="http://static.someecards.com/someecards/usercards/MjAxNC03OTE1ZjBmZTcxYzc1N2Yy.png" /></a>
<span style="color: #444444;"><br /></span><br />
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;">Lets create a Observalue , Get and Set values :</span><br />
<br />
<pre> //initialize model property
var viewModel= { name : ko.observable("I hate Hello World :)") };
viewModel.name("change the value"); //set the value
alert(viewModel.name()); // Get the value
ko.applyBindings(viewModel); // Acivate the Knockout
</pre>
<span style="color: #444444;"><br />Bind it our Viewpage : </span><br />
<pre>
<span data-bind="text: name"></span>
<input class="form-control " data-bind="value: name" placeholder="Name" type="text" />
</pre>
<span style="color: #444444;"><br />And Result will be : </span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-rfJWbxjvSBI/Uu0Sp--A08I/AAAAAAAAAkg/4cBzvQRe1o4/s1600/KOObservables1.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-rfJWbxjvSBI/Uu0Sp--A08I/AAAAAAAAAkg/4cBzvQRe1o4/s1600/KOObservables1.jpg" height="200" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<span style="color: #444444;">Code can be downloaded from my github repository </span><a href="https://github.com/sarveshkushwaha/KnockoutDemo">https://github.com/sarveshkushwaha/KnockoutDemo</a> <span style="color: #444444;">.But it would be better if you will wait till my last blog of this series ,so you can download final code from there.</span><br />
<span style="color: #444444;"><br /></span>
<span style="color: #444444;">But there are some more observable types , as you have mentioned in your Presentation.</span><br />
<div class="separator" style="clear: both; text-align: center;">
<img border="0" src="http://4.bp.blogspot.com/-eINyo0UUnJg/Uu0c13mNQpI/AAAAAAAAAkw/4Ot5TmrEOA8/s1600/KOObservables.jpg" height="360" width="640" /></div>
<div class="separator" style="clear: both;">
<br /></div>
<br />
<ul style="text-align: left;">
<li><span style="color: #444444;"><b>Observable Arrays :</b> What if we want to observer a collection of thing ?? Thats brings Observable arrays into the picture .To detect and respond to changes in collection of things ,we use observable arrays.</span></li>
</ul>
<blockquote class="tr_bq">
<span style="color: #444444;">Note : KO does not detect and respond to each item of collection .its just use for whole collection .To detect each property we need to further make those items as observable.</span></blockquote>
<span style="color: #444444;">Observable arrays have some very useful built in functions,which helps us a lot .</span><br />
<br />
<ul style="text-align: left;">
<li><span style="color: #444444;"><span style="background-color: #999999;">myObservableArray.push('Some new value')</span> adds a new item to the end of array</span></li>
<li><span style="color: #444444;"></span></li>
<li><span style="color: #444444;"><span style="background-color: #999999;">myObservableArray.pop()</span> removes the last value from the array and returns it</span></li>
<li><span style="color: #444444;"><span style="background-color: #999999;">myObservableArray.unshift('Some new value')</span> inserts a new item at the beginning of the array</span></li>
<li><span style="color: #444444;"><span style="background-color: #999999;">myObservableArray.shift()</span> removes the first value from the array and returns it</span></li>
<li><span style="color: #444444;"><span style="background-color: #999999;">myObservableArray.reverse()</span> reverses the order of the array</span></li>
<li><span style="color: #444444;"><span style="background-color: #999999;">myObservableArray.sort()</span> sorts the array contents.</span></li>
<li><span style="color: #444444;"><span style="background-color: #999999;">myObservableArray.remove(someItem)</span> removes all values that equal someItem and returns them as an array</span></li>
<li><span style="color: #444444;"><span style="background-color: #999999;">myObservableArray.removeAll()</span> removes all values and returns them as an array.</span></li>
</ul>
<span style="color: #444444;">Example : </span><br />
<div>
<span style="color: #444444;">We have a list of name now i want to add some name to it , it should automatically</span> <span style="color: #444444;">update the view .Such situation handle by Observable arrays.</span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;">View : </span></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-3iohg8pCQq0/Uu2sayLvgmI/AAAAAAAAAlA/4HcIELzXKOQ/s1600/KOObservablesArray.jpg" imageanchor="1" rel="lytebox" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-3iohg8pCQq0/Uu2sayLvgmI/AAAAAAAAAlA/4HcIELzXKOQ/s1600/KOObservablesArray.jpg" height="238" width="640" /></a></div>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span></div>
<pre><span style="color: blue; font-family: Consolas; font-size: 13px;"><</span><span style="color: maroon; font-family: Consolas; font-size: 13px;">div</span><span style="background-color: white; font-family: Consolas; font-size: 13px;"> </span><span style="color: red; font-family: Consolas; font-size: 13px;">class</span><span style="color: blue; font-family: Consolas; font-size: 13px;">=</span><span style="color: blue; font-family: Consolas; font-size: 13px;">"col-md-12"</span><span style="color: blue; font-family: Consolas; font-size: 13px;">></span></pre>
<pre style="background-color: white; background-position: initial initial; background-repeat: initial initial; font-family: Consolas; font-size: 13px;"> <span style="color: blue;"><</span><span style="color: maroon;">input</span> <span style="color: red;">type</span><span style="color: blue;">=</span><span style="color: blue;">"text"</span> <span style="color: red;">data-bind</span><span style="color: blue;">=</span><span style="color: blue;">"</span>value: itemToAdd<span style="color: blue;">"</span> <span style="color: blue;">/></span>
<span style="color: blue;"><</span><span style="color: maroon;">button</span> <span style="color: red;">class</span><span style="color: blue;">=</span><span style="color: blue;">"btn btn-primary btn-sm"</span> <span style="color: red;">data-bind</span><span style="color: blue;">=</span><span style="color: blue;">"</span>click: addItem<span style="color: blue;">"</span><span style="color: blue;">></span>Add<span style="color: blue;"></</span><span style="color: maroon;">button</span><span style="color: blue;">></span>
<span style="color: blue;"></</span><span style="color: maroon;">div</span><span style="color: blue;">></span>
<span style="color: blue;"><</span><span style="color: maroon;">div</span> <span style="color: red;">class</span><span style="color: blue;">=</span><span style="color: blue;">"col-md-3"</span> <span style="color: red;">style</span><span style="color: blue;">=</span><span style="color: blue;">"</span><span style="color: red;">padding-top</span>: <span style="color: blue;">10px</span>;<span style="color: blue;">"</span><span style="color: blue;">></span>
<span style="color: blue;"><</span><span style="color: maroon;">ul</span> <span style="color: red;">class</span><span style="color: blue;">=</span><span style="color: blue;">"list-group"</span> <span style="color: red;">data-bind</span><span style="color: blue;">=</span><span style="color: blue;">"</span>foreach: items<span style="color: blue;">"</span><span style="color: blue;">></span>
<span style="color: blue;"><</span><span style="color: maroon;">li</span> <span style="color: red;">class</span><span style="color: blue;">=</span><span style="color: blue;">"list-group-item"</span><span style="color: blue;">><</span><span style="color: maroon;">span</span> <span style="color: red;">data-bind</span><span style="color: blue;">=</span><span style="color: blue;">"</span>text: name<span style="color: blue;">"</span> <span style="color: blue;">/></</span><span style="color: maroon;">li</span><span style="color: blue;">></span>
<span style="color: blue;"></</span><span style="color: maroon;">ul</span><span style="color: blue;">></span>
<span style="color: blue;"></</span><span style="color: maroon;">div</span><span style="color: blue;">></span></pre>
<span style="color: #444444;"><br />
ViewModel :</span><br />
<span style="color: #444444;"><br /></span>
<br />
<pre>//#region Observable Arrays
var data = [{ name: "sarvesh" }, { name: "Akshay" }, { name: "isha" }, { name: "divya" }, { name: "priya" }];
var ObservableArray = {
// data
items: ko.observableArray(data),
itemToAdd: ko.observable(""),
// behaviors
addItem: function () {
this.items.push({ name: this.itemToAdd() });
this.itemToAdd("");
}
};
ko.applyBindings(ObservableArray, document.getElementById('ObservableArrayDiv')); //second parameter defines scope of model
//#endregion
</pre>
<ul style="text-align: left;">
<li><span style="color: #444444;"><b>Computed/Dependent Observables :</b> Dependent or computed observable are those which encapsulate one or more observables means which are dependent on one or more observable.</span></li>
</ul>
<div>
<span style="color: #444444;">
</span></div>
<div>
<span style="color: #444444;">Note : dependent term used in previous knockout version in latest they have changed to computed .Both terms depicts same sense.</span><br />
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;">
</span></div>
<div>
<span style="color: #444444;"><b>How to create Computed Observable? :</b></span><br />
<span style="color: #444444;"><b><br /></b></span></div>
<pre> //#region Computed Observables
var NameModel = { firstName : ko.observable("sarvesh"), lastName : ko.observable("Kushwaha")};
NameModel.fullName = ko.computed(function() {
return this.firstName() + this.lastName();
},NameModel);
//#endregion</pre>
<br />
<div>
<span style="color: #444444;">Computed Observables takes two parameter :</span><br />
<br />
<ul style="text-align: left;">
<li><span style="color: #444444;">First take function as argument to compute the things</span></li>
<li><span style="color: #444444;">Second takes ViewModel on which the computation will be applied</span></li>
</ul>
<div>
<span style="color: #444444;"><br /></span></div>
<br />
<span style="color: #444444;">Result will be : </span><br />
<span style="color: #444444;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-ZrEgdVcDqMI/Uu271oZmhXI/AAAAAAAAAlQ/NgbN5Sw0laQ/s1600/KOComputed.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/-ZrEgdVcDqMI/Uu271oZmhXI/AAAAAAAAAlQ/NgbN5Sw0laQ/s1600/KOComputed.jpg" /></a></div>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /><br /><br />I hope you have learned something by reading it .Thanks .</span><br />
<span style="color: #444444;">Code is available at my <a href="https://github.com/sarveshkushwaha/KnockoutDemo" target="_blank">git hub repository</a>.</span></div>
</div>
Anonymoushttp://www.blogger.com/profile/14108086149293280948noreply@blogger.com0