web development 8 comments

Firefox 3.0: 411 Length required with JQuery

By on July 21st, 2009

I am currently working on a small project for my own. My favourite (and the only one tester) was complaining on some of “ajax” features. Tests were done with use of Firefox 3.0 – I was developing on Firefox 3.5 and had absolutely no problems with those problematic features. Anyway I decided to check this out an downloaded 3.0 version ( most recent is 3.0.11). You can have multiple instances of Firefox on Your machine – just make sure You install them in separate directories. Then the best would be to create different user profiles – like one default and one for testing. You can manage profiles using :

firefox.exe -ProfileManager

And then You can run prev version by:

\path\Firefox 3.0\firefox.exe -P test_profile -no-remote

Having this set up You can test in Firefox 3.0. I was able to reproduce error and check what is going on in firebug.
I was receiving HTTP 411 error, which says:

Your Web server thinks that the HTTP data stream sent by the client (e.g. your Web browser or our CheckUpDown robot) should include a ‘Content-Length’ specification. This is typically used only for HTTP methods that result in the placement of data on the Web server, not the retrieval of data from it.

It looks like jQuery (1.3.2) ajax calls with data parameter set to ‘null’ was causing this to happen.

Simple solution for me was to set ‘{}’ as data parameter value instead of ‘null’. Moreover, You can change method that I already mentioned about, postJSON with this fix:

$.postJSON = function(url, data, callback) {
     if(data == null)
         data = {};
     $.post(url, data, callback, "json");
};

BTW I already use Firefox 3.5 during development – it consumes less resources than previous versions () so I strongly recommend upgrading to newest version.

Share
web development 1 comment

$.postJSON – how to avoid JSON attack

By on June 26th, 2009


I’ve recently read great article by Phil Haack, JSON Hijacking. It points to some JSON vulnerabilities, basically: how sensitive data can be captured by bad people during “GET JSON” request. During my web development I always start with adding some javascript helper methods. One of them, based on jQuery, is making HTTP POST instead of GET. This should be sufficient to avoid majority of JSON attacks. So instead of $.getJSON( … ), use:

$.postJSON = function(url, data, callback) {
  $.post(url, data, callback, "json");
};

And action method with HTTP method type filter:

[AcceptVerbs(HttpVerbs.Post)]
public ActionResult DoSth(int id)
{
//.... bla bla bla ...
}

As simple as that!

Share
internet startup, web development 1 comment

Making internet start-up… Part 1: What to make?

By on June 22nd, 2009

Recently I have more free time so I decided that It is a good time to start small internet start-up. Why small? First of all It is just me that is going to work on it. For now :) Until it will get super successful… Secondly I really like simple and small solutions. I tried to make something advanced, not trivial few times during recent years always ending up somewhere at the begging, giving up, realizing that project I was working on is not for single person, and I do not want to spend next few years working on sth that may never success. From that moment I know that as long as It is just me working on sth I need to come up with simple, 2-3 months projects.

Ok, so far I know that I would like to make sth simple, sth that won’t take me few months… But what to do? It may sound trivial but I really belive that whatever You do It can succeed only If You are really passionate about it. It is just like with the job – You can be really good at something only if You really care about it (okay, there are exceptions). I never mention that but I am a big fan of traveling – I dream that some day I can somehow join programming with exploring new places and cultures. I am always frustrated when I think that there are at most 2 weeks each year (holidays!) one can spend on traveling. I would like my start-up to be connected with my other (beside programming) passions.

I was thinking about project that can help people that are planning their trips – no matter if it is an Amazonian expedition or family holidays. I would like foreigners, or people that “just landed” in new country, territory to find useful information via this web site. I was in the same situation some time ago when I first came in Cyprus in order to find job. I was fighting with plenty of obstacles at the begging. I really consider knowledge that I gained during that time as invaluable, and It is kind of an experience that cannot be gained from any guide or government papers.

I am not planning to make sth super popular. Probably I would start with some sort of forum that can serve local community – here in Cyprus. I would count on selectivity of information. I am going to count on people’s experience and their will to share it. I will take inspiration from web sites like: tripadvisor, travbuddy and merge it with portals that work like “Question and Answers”: wikianswers, Yahoo! Answers, stackoverflow.

I am open to any suggestions and ideas concerning my project so feel free to send it on email at mike at itmeze.com, or simply leave comment. Thanks in advance

Share
web development 31 comments

Abandon ASP.NET WebForms!

By on May 12th, 2009

Just abandon ASP.NET WebForms – the sooner You realize that – the better for You.

At the begging I would like to say that I used to be a BIG fan of ASP.NET. Before my experience with Microsoft technology started I had some really bad time with php and mysql. But that was some long time ago – in the begging of this century. Then I started playing with ASP.NET – and I really dig into it. Managed code, simplified views by use of controllers, postbacks, viewstates, widly used provider classes  - for sitemap,  database. It all looked just GREAT! I had barely any knowledge of web (html, css) and I was still able to make cool websites.  You just drag and drop button – you double click it – and You immediately get place for Your code for handling button’s click event. Yeah! Event-driven web development – that sounded exacly like something I was doing so far in windows applications.

Somehow, the longer I was playing with that, the more confused I was. All the pros suddenly showed up to be not as cool as they looked like at the beginning. Viewstate become a performance issue, I ended up compressing it, turning it off here and there.  Sooner or later I needed new functionality for controls – I ended up writing my own. Those provider models were not really “test friendly”. A sort of a turning point was when AJAX showed up. You make AJAX callback – You go through all stages for of page life cycle.  What?! I need that much to change so little.  Because I was trying to stick to Microsoft technologies and not really look around, I accepted the fact – web development is painful – it is just how it is.

The turning point was at the end of last year(2008). I was working on medium project for one of local companies. Company is small – has just a few developers. Project was just about to end when I had talk with my boss from US. I looked sth. like that:

- Boss: We are just about to release beta of our product, I talked to some web designers to make a new look for our web site.

- Me: Yeah! It sounds great!

- Boss: They will need code so that they can prepare come CSS for us…

I never consider myself a CSS guy, Our web site was functional but sort of ‘ugly’ one, so it was a big relief for me. I prepared code, send it and made sample web site public. After stg like month I received PDF file with screen-shots of Our new website. It looked just great. Everything was clear, simple and yet really eye-catchy.

Two weeks after I had approved It I received long-waiting HTML and CSS styles. And I was shocked! It looked like those designers never looked at code. What they have made will force me to write completely new rendering of nearly all used controls (navigation, gridview etc.). I was really, really angry. At the begging I was angry at my boss for not making sure we leave it to people that know sth about asp.net, then I was angry at those designers. Finally, when I calm down I realize that actually problem lies somewhere else. Let us face the fact – why those designers need to know anything about asp.net. They prepared styles and html for a view. View has nothing to do with page flow, controls and logic. It is just a View – presentation side of Your application. How the hell they should know about OnRowDataBound?

I realized – and that was painful – that WebForms does not force developers to write loosely coupled code. By providing, or better say: allowing,  page or controls events it destroys separation of concerns. Somehow view, control and business logic overlays each other. By adding ViewState it hides basic property of html protocol – it stateless. WebForm’s design make developers dumb. I am 100% serious!

So, my suggestion: Abandon ASP.NET WebForms if You can! Yes, You can! There are a lot of nice alternatives, including ASP.NET MVC, Pythod Django or Ruby on Rails. I really become fun of MVC framework – especially if it concerns web development. One of Microsoft MVP wrote that “You should at least learn ASP.NET MVC”. I would go further, You can not afford not to learn it.

Share
off topic No comments yet

My first words!

By on April 24th, 2009

Well, everyone has to start someday. So Dear Reader, this is my first post. Slightly more about me You will find on about-me page. I will just copy-paste part:

This blog is called ITmeze. This name is somehow meaningful. Although I am a Polish citizen, I currently live on small island called Cyprus – placed on Mediterranean Sea – somewhere between Greece, Israel, Turkey and Egypt. And You now what is the best about Cyprus? It’s meze. This is a way of eating. If You go to restaurant and order meze You will be server with 10-20 small pieces of local meat, fishes or sea food. So that you can just seat and relax and enjoy piece of this or that. And I would like this blog to be a sort of meze – You will read here a little bit of web development, struggles I face running my internet startups, things from IT world that I find worth writing about.

So just sit where You are, Dear Reader and enjoy!

Share