It appears that one must still download the Web Deploy extension. Also, Version 3.5 is now available. To download on a server, default IE security rules will require you add something like http://*.microsoft.com as a trusted site else you can’t download the installer. The whole package is rather large in its purpose and covers many … Read more
Is it possible to steal a cookie and authenticate as an administrator? Yes it is possible, if the Forms Auth cookie is not encrypted, someone could hack their cookie to give them elevated privileges or if SSL is not require, copy someone another person’s cookie. However, there are steps you can take to mitigate these … Read more
Check your line: if (dtdata.Rows[4].ToString() == “Annual Leave”) If it is a standard .net table wouldnt .ToString() evaluate to “System.Data.DataRow”? Also ws.Cells[“E1”] will need to be adjusted for each cell after looping through the row count (basically what krillgar was saying). Something like that: [TestMethod] public void Cell_Color_Background_Test() { //http://stackoverflow.com/questions/28679602/how-to-set-cell-color-programmatically-epplus //Throw in some data var … Read more
Yes, Regex objects are thread-safe. From the docs: The Regex class is immutable (read-only) and is inherently thread safe. Regex objects can be created on any thread and shared between threads. You might want to consider using RegexOptions.Compiled too – although don’t assume it’ll help performance; measure!
The bad news, as determined by ILSpy, is that there is no way to get to a System.Net.SslStream instance from anywhere inside ASP.NET. That class is used for direct programming against the network, for example by the WCF framework. The best you can do from ASP.NET (whether using System.Web or OWIN on top of IIS … Read more
Asp.Net Core 2.0 definitely support multiple authentication schemes. Rather than a hacking with authenticate middleware, you can try to specify the schema in Authorize attribute: [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] I gave a try and it worked fine. Assuming you have added both Identity and JWT as below: services.AddIdentity<ApplicationUser, ApplicationRole>() services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) Since AddIdentity() already set cookie authentication … Read more
Sorry there is no way in .NET to change the time zone globally. The only way you have is to change the timezone of your server or rewrite all of your code. The best practice is to not rely on the system time zone at all (never use DateTime.Now). You should handle all date as … Read more
It is just syntax. <% %> is simply short for <script runat=”server”> </script> aka code render blocks. <%# %> are binding expressions (plus the above). <%= %> is the above + a Response.Write(). <%: %> is the above + a Response.Write() wrapped in Html.Encode (new in .NET 4.0). <%$ %> is an ASP.NET expression, used … Read more
From AutoValidateAntiforgeryTokenAttribute documentation: An attribute that causes validation of antiforgery tokens for all unsafe HTTP methods. An antiforgery token is required for HTTP methods other than GET, HEAD, OPTIONS, and TRACE. It can be applied at as a global filter to trigger validation of antiforgery tokens by default for an application. AutoValidateAntiforgeryTokenAttribute allows to apply … Read more
Using the article linked by Panagiotis Kanavos, I was able to reach a solution. From the ASP.NET Core 2.1.0-preview1, there was a line .AddDefaultUI(), which you didn’t have to include in Startup.cs. services.AddIdentity<IdentityUser, IdentityRole>(options => options.Stores.MaxLengthForKeys = 128) .AddEntityFrameworkStores<ApplicationDbContext>() .AddDefaultUI() .AddDefaultTokenProviders(); In the final release version of Core 2.1 however, the same section was simplified … Read more