Tagged articles

In case you have any page on your website which allows anonymous users to POST data to your web application, you should always use any kind of bot protection. Usually that is any kind of CAPTCHA implementation... read more

Even before popularity of micro service approach, for even monolithic applications you needed to have health-checks (Google Compute Engine) or health-probes (Microsoft Azure) for load balancing. Basically in load balancing scenario, these endpoints are used to tell load balancer whether instance can handle requests or not. Since handling of requests may consider several components, these endpoints either return 200 OK HTTP response or any other response like 500 Internal Server Error with optional payload message describing the issue and each component status. ... read more

Both Web API in .NET 4.5 and later and Web API in ASP.NET CORE have great error handling support out of the box. You can specify you global handler and control your response to a client when exception happens. ... read more

Often case when you need to convert String to a different type which is most of the time a primitive type in C# is when you are reading values from configuration. In both .NET and .NET Core, reading from configuration return plain String value... read more

Authentication in web services is a bit more different than with web pages because of one simple reason. There is no UI for entering credentials to authenticate to consume service... read more

Enums in C# can contain multiple values if they are decorated with [Flags] attribute. However, Flag Enums are not recommended to be used in web api action method signatures... read more

Cross-site Scripting (XSS) refers to client-site code injection attack where an attacker can execute malicious scripts into a web application. Basically attacker manages to upload malicious script code to the website which will be later on served to the users and executed in their browser. It is ofter use to steal form inputs, cookie values, change the page layout or redirect to attackers website. ... read more

WebP is an image format introduced by Google Developers and it provides superior lossless and lossy compression for images on the web. Using WebP, webmasters and web developers can create smaller, richer images that make the web faster. ... read more

Minification of Cascade Style Sheet (CSS) and Java Script (JS) should be on a TODO list for every web application. The minification of CSS and JS can be easily one on the runtime with ASP.NET bundling which is build in in ASP.NET framework, but in case of distributing your resource files over CDN you cannot use the runtime minification. You physical files need to be minified... read more

Starting from few years ago, Google enforces secured over unsecured website traffic. However it is an ongoing process since both publishers and advertisers need to implement HTTPS in order to avoid mixed contnet exception in a browser and preventing ads to load on a website. ... read more