Fixing MAX_PATH issues in GitLab
This post is a short reminder for my future self, for when I next have to fight with MAX_PATH issues and GitLab. Yes, it's 2024, and I'm still being sabotaged by Window's archaic MAX_PATH restriction....
View ArticleMajor updates to NetEscapades.AspNetCore.SecurityHeaders
In this post I provide an update on the NetEscapades.AspNetCore.SecurityHeaders project. I've just released a preview version of 1.0.0, which addresses some longstanding requests for extra...
View ArticleReplacing Exceptions-as-flow-control with the result pattern: Working with...
This is the first post in the series: Working with the result pattern. Part 1 - Replacing Exceptions-as-flow-control with the result pattern (this post) In this post I provide a worked example of...
View ArticleSafety and simplicity with LINQ: Working with the result pattern - Part 2
This is the second post in the series: Working with the result pattern. Part 1 - Replacing Exceptions-as-flow-control with the result pattern Part 2 - Safety and simplicity with LINQ (this post) This...
View ArticleAdding more extensions to Result: Working with the result pattern - Part 3
This is the third post in the series: Working with the result pattern. Part 1 - Replacing Exceptions-as-flow-control with the result pattern Part 2 - Safety and simplicity with LINQ Part 3 - Adding...
View ArticleIs the result pattern worth it?: Working with the result pattern - Part 4
This is the fourth post in the series: Working with the result pattern. Part 1 - Replacing Exceptions-as-flow-control with the result pattern Part 2 - Safety and simplicity with LINQ Part 3 - Adding...
View ArticleRecent updates for NetEscapades.EnumGenerators: interceptors!
In this post I describe a recent update to the NetEscapades.EnumGenerators package. The big new feature introduced in 1.0.0-beta11 is experimental support for interceptors. Interceptors allow you to...
View ArticleCross-Origin-Opener-Policy: preventing attacks from popups: Understanding...
This is the first post in the series: Understanding cross-origin security headers. Part 1 - Cross-Origin-Opener-Policy: preventing attacks from popups (this post) In this post I describe the...
View ArticleCross-Origin-Resource-Policy: preventing hotlinking and XSSI attacks:...
This is the second post in the series: Understanding cross-origin security headers. Part 1 - Cross-Origin-Opener-Policy: preventing attacks from popups Part 2 - Cross-Origin-Resource-Policy:...
View ArticleCross-Origin-Embedder-Policy: securing embedded resources: Understanding...
This is the third post in the series: Understanding cross-origin security headers. Part 1 - Cross-Origin-Opener-Policy: preventing attacks from popups Part 2 - Cross-Origin-Resource-Policy: preventing...
View ArticleUsing the YamlDotNet source generator for Native AOT
In this post I show how you can use the YamlDotNet source generator in your .NET 7+ application. This is particularly important if you're planning on using your application with NativeAOT. Reading YAML...
View ArticleBuilding LaTeX projects on Windows easily with Docker
In this short post I describe how I build LaTeX projects on a Windows machine by using Docker. There's nothing particularly novel or exciting about this, someone just asked me about it recently so this...
View ArticleImplementing an interceptor with a source generator: Creating a source...
This is the eleven post in the series: Creating a source generator. Part 1 - Creating an incremental generatorPart 2 - Testing an incremental generator with snapshot testingPart 3 - Integration testing...
View ArticleReading compilation options and the C# version in source generators: Creating...
This is the twelve post in the series: Creating a source generator. Part 1 - Creating an incremental generatorPart 2 - Testing an incremental generator with snapshot testingPart 3 - Integration testing...
View ArticleAccessing MSBuild properties and user configuration to source generators:...
This is the thirteen post in the series: Creating a source generator. Part 1 - Creating an incremental generatorPart 2 - Testing an incremental generator with snapshot testingPart 3 - Integration...
View ArticleSupporting multiple .NET SDK versions in analyzers and source generators
In this post I describe why source generators might need to work with multiple versions of the .NET SDK. This may be necessary if you want to support features that are only available in newer versions...
View ArticleSupporting multiple .NET SDK versions in a source generator: Creating a...
This is the fourteen post in the series: Creating a source generator. Part 1 - Creating an incremental generatorPart 2 - Testing an incremental generator with snapshot testingPart 3 - Integration...
View ArticlePreventing client-side cross-site-scripting vulnerabilities with Trusted Types
In this post I describe how to use the Trusted Types directive as part of the Content-Security-Policy (CSP) feature to prevent against cross-site-scripting (XSS) attacks. I'll start by demonstrating...
View ArticleSetting application environment variables in IIS without restarts
I recently needed to set some environment variables for an application that was running in IIS on Windows. It turns out there's lots of different ways to do that. In this post, I describe some of the...
View ArticleDisabling localized satellite assemblies during dotnet publish
In this brief post I show how to reduce the size of the publish output for .NET apps by preventing the publishing of localization resources when they're not needed. What are localization satellite...
View ArticleCreating an analyzer to detect infinite loops caused by ThreadAbortExceptions
In this post I describe an infinite-loop scenario that can occur on .NET Framework when a ThreadAbortException is raised. I describe when you might run into this scenario, why it happens (it's a bug in...
View ArticleRunning an ASP.NET Core app inside IIS in a Windows container
In this post I first discuss the differences between Linux and Windows containers, and then describe how to run an ASP.NET Core app inside IIS, inside of a Windows container. I show how to install the...
View ArticleCreating provenance attestations for NuGet packages in GitHub Actions
In this post I discuss software provenance, what attestations say about your software, and how they work. I then show you can use GitHub actions to easily create a signed attestation when creating a...
View ArticleCreating a software bill of materials (SBOM) for an open-source NuGet package
In this post I discuss several tools you can use to create a software bill of materials (SBOM) for an application or a NuGet package. I demonstrate GitHub's built-in "Export SBOM" button, Microsoft's...
View ArticleCreating SBOM attestations in GitHub Actions
In this post I show how you can create attestations for SBOM documents that you have created for your application or Nuget package. Supply chain security and attestations In the last couple of posts on...
View Article