These postings are provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.
Jonathan RozenblitDeveloper Evangelist
Susan IbachDeveloper Evangelist
In this post, I’ll share what I learned about how to get started writing HTML5 code in Visual Studio 2010.
HTML5 seems to be everywhere these days! I started trying it myself a few months back and I quickly decided that if possible, I wanted to play with it in Visual Studio. I’ve been working with Visual Studio for years, it’s got to be simpler to keep working with the developer tool I already know and love rather than moving to a new tool. Besides I want to be able to incorporate HTML5 into ASP.NET applications! It took me a bit of messing about to get up and running with HTML5 the way I know there will be greater support for HTML5 in Visual Studio 11. But for now I am working with Visual Studio 2010. I thought I would share what I learned so hopefully it will be easier for you.
Here’s what you want to do:
You will definitely want to make sure you have Service Pack 1 installed! By installing Service Pack 1 you get both intellisense (can’t live without that anymore) and validation for HTML5. Don’t forget after you install Service pack 1 to go to Tools | Options | Text Editor | HTML | Validation and set the validation to HTML5 or XHTML5 or the HTML5 validation won’t work.
First of all there is a really great blog by Burke Holland on how to use the MVC HTML5 template for Visual Studio 2010 here.
You have a couple of choices here.
The first tags I started playing with in Visual Studio were the video and audio tags. I immediately had problems getting an actual video to display on my web page it was really frustrating. Here is what I had to do to get everything working. The basic problem was with the MIME types. When a .avi, or .MP3 file was used on my website, the web server didn’t recognize that those were video and audio files. To get it working I had to edit my web.config file and make sure I had IIS express running in the development environment instead of the development server built into Visual Studio to ensure that my web.config file was being used to figure out the MIME types. You need to do this for the WOFF fonts as well.
<mimeMap fileExtension=".mp4" mimeType="video/mp4" />
<mimeMap fileExtension=".m4v" mimeType="video/mp4" />
<mimeMap fileExtension=".woff" mimeType="application/x-woff" />
<mimeMap fileExtension=".webm" mimeType="video/webm" />
<mimeMap fileExtension=".ogg" mimeType="video/ogg" />
<mimeMap fileExtension=".ogv" mimeType="video/ogg" />
Change the project settings, by right clicking on the project and changing the settings to Use IIS Express when debugging in Visual Studio.
Once you have it up and running you can start exploring the world of HTML5. There are some great resources on learning HTML5 here. Make sure you read up on feature detection since different browsers will support different HTML5 features and because you will need this for backwards compatibility as well!
If you want to experiment with <video>, I found it handy to just download Big Buck Bunny since you can get it in multiple formats so it’s great for experimenting with the fallback features of HTML5 <video> for different browsers.
Since a big part of HTML5 is the cross browser support, make sure you try it out in different browsers, or use the F12 developer tools in Internet Explorer to test how your code will work in different browsers or older browsers.
Most of all have fun!
Rob Labbe, Senior Security Program Manager at Microsoft challenges us to think about security in a new way: does it matter if someone gets in to your system if you stop them from taking anything out?
One of the best parts of doing webcasts is people often ask you questions you hadn’t quite thought about, or make you think about issues in different ways. I just finished recording a security webcast on .NET Rocks with Carl Franklin and Richard Campbell and it got me thinking. Shame they never warned me I’d have to think.
The information security “industry” has turned out thousands of security products, tools, methodologies, processes, you name it… some of it is even pretty good. Given all that innovation, why is it, at a macro level it appears we’re not getting any better as an IT industry or as developers in security our systems and preventing large scale compromise?
It can’t be a lack of tools, platforms and processes can it? Given the huge advances in all those areas, I think it is pretty safe to say we have the tools in our toolbox to be more secure. So, if it isn’t the tools, could it be us? Could it be that as developers and IT pros we’re simply looking at security the wrong way?
Since the beginning of time, when we have something of value we try to protect it by ensuring the bad guys can’t get to it. We build castles, moats, and walls… Banks build vaults, we bury important military installations in the middle of mountains or solid chunks of granite. All that thinking carried over to our IT systems. We focus on firewalls to keep the bad guys out, intrusion detection to let us know if they find a way in, and all manner of systems and technologies to do it. We’re building a big, digital vault to keep our company crown jewels locked up. In theory it’s a great plan. If we keep all the bad guys out, then there is no way they can steal our stuff.
Before we have a chance to finish our perfect, high security vault, we get a wrinkle, one I like to call “The Business”. They have requirements, they want to let people into our vault. All sorts of people. Good people, bad people, people we don’t even know about. By the time we’re finished poking holes in our vault for all the services and users want, a complex system can have thousands upon thousands of endpoints, holes and possible entry points.
I think we need a new analogy. Rather than building a vault or fortress, perhaps we need to design our networks as prisons. Classify our applications and data according to their sensitivity (minimum security right through super max) and flip a lot of our security and detective controls inward. Lets focus on controlling the known, our data, and relatively few users and systems that are within our span of control. Time has proven that we can’t prevent the determined human adversary from finding some foothold in, however we can make great strides in limiting that impact. Does it matter who gets in, if the important data doesn’t get out?
For IT Pros, most of this comes down to doing a really good job with hygiene tasks: Keeping machines patched, doing a good job with identity management (particularly privileged Identity) and you’re 90% of the way there. For developers, again it is partly hygiene, but we need to remember that our applications need to be installed on systems, so we need to work with the IT pros to ensure least privilege, and intelligent encryption and data protection for data based on the risk and data classification.
For Developers, to enable good application security hygiene we need a good Security Development Lifecycle. A good SDL will help you build that prison for your key data, help you identify the key assets, identify risks and design security controls to protect those key assets. Regardless of what is going on “out there” the SDL will help you manage and identify those places you need to work with IT to come up with one big plan.
Over the next several guest blog posts, I’m going to walk through the SDL from a developer’s perspective, using the prison as the analogy, we’ll look at how following good SDL practices will help us not only build a more secure application, but also do it in a way that has minimal impact on the project budget and schedule. It should be a fun ride, stay tuned!
Too often I get asked whether the Windows Azure trial is actually FREE because you have to enter a credit card when signing up. With the introduction of Spending Limits, yes, yes, it is.
Here’s the situation – you’ve been following the Canadian Developer Connection, my blog, or wherever you get your updates on what’s new and exciting in the developer world. You’re sitting down to give Windows Azure a try (check out the Windows Azure Challenge for a fun way to get started with Windows Azure). You go to create your free Windows Azure trial and boom – it asks you for a credit card. You scratch your head and say: “If I put my card in there, I’m going to get charged – but it’s a free trial…”
The truth is that, up until recently, it was technically possible to get charged for your Windows Azure usage if you went over the resources that come with the free trial. But now – no more. Your FREE trial is actually FREE because of a new feature that was added to Windows Azure called a Spending Limit, and the nice thing is that it is enabled automatically to ensure that you’re protected!
Now when you sign up for a new trial subscription and deploy applications to Windows Azure, the spending limit, which is by default set to $0 (meaning you don’t want to spend any money) will prevent you from being charged! If and when your usage exceeds the monthly amounts included in your subscription, Windows Azure will disable your service for the remainder of that billing month, which includes removing any apps you have running (though your data in your storage accounts and databases will be accessible as read-only). At the beginning of the next billing month, your subscription will be re-enabled and you will be able to re-deploy your Windows Azure apps and have full access to your storage accounts and databases. Perfect for ensuring that you are not charged for playing around and getting comfortable with Windows Azure.
Here’s what you’ll see as you approach the limit of your subscription:
and then when you’ve reached the limit, rather than charging your credit card, the subscription is disabled:
No more worries of being charged
With spending limits in place, there are not more excuses as to why you can’t give Windows Azure a try. Here are two great ways to do so:
Join the Conversation
I’d love to hear all about your first experiences with Windows Azure – what compelled you to give it a try? What was your first time like? Did you have any “ah-ha” moments? Did you come to any realizations? Did you make any sort of conclusions about Windows Azure? Once you’ve gone through one of the above (and/or the many other hands-on labs on TechDays Online), join the conversation about first experiences in Canadian Developer Connection group on LinkedIn.
If the answer is yes, could your hatred be caused by your local implementation? In this final post of our blog series we look at the last of four common problems with SharePoint implementations and how you can address them.
Once again, a huge thank you to Neil MacIsaac, SharePoint MCT, for putting this entire series together. Happy reading!
If you missed the earlier posts you can find them here
This week we look at Business Intelligence.
Are there organizations out there that are really striving for Business Unintelligence? Wouldn't everything that an organization does be in an effort to do something better? I love the term Business Intelligence (BI) mainly because of its massive overuse and its wide misunderstanding as 'reporting'. So the question really becomes "How do we maximize our BI?" First, it is important to understand what BI really is. It is about making better decisions. If we have better data, and a better understanding of our data, it would be logical to conclude we would make better decisions right? Not necessarily. The theory is correct, but in practice most organizations fail to implement this properly by not focusing on the decision that they are trying to improve and instead only achieve in bombarding their key decision makers with an avalanche of reports. What is also surprising is that most of the decision makers in an organization are probably the ones asking for the reports in the first place. Let me give you an example. In a sales based business, you might see some monthly sales figures like this (overly simplified for the sake of discussion)
Monthly Sales (Units)
Why do we need to see these sales figures? The typical answer you will get will be "Because I need to know if there are any problems and to see if we are doing better or worse than last month or last year." So, with the above numbers, where is the problem? Most people would focus on Bob because his numbers are lower than the others. What isn't shown with these numbers is that Bob is the newest of team and manages the smallest sales area. Can you still spot where the problem is in the above sales numbers? The typical failure in implementing a BI solution within SharePoint is usually in the disregard for a proper BI solution that focuses on those key decisions which strives to achieve a better decision by supplying as much data around the factors and drivers of the data as the data itself. Instead we see fancier reports of the above sales table and hope that our decision makers will 'figure it out'. Another interesting point concerning SharePoint and BI integration is the potential for SharePoint to implement the decision. If our BI solution is focused on key decisions, a good solution should allow the user to implement the decision as quickly and easily as possible.
As you can see, SharePoint offers many challenges when deployed into an organization and requires due diligence to maximize your return. I hope that some of my tips may make their way into your organization and perhaps save you from some of the common pitfalls that have trapped others. There is good reason why SharePoint has become as popular as it has and hopefully you will be better able to get the most out of your implementation.
I know I’m not the only one curious about the contents of Visual Studio 11 and .NET 4.5 so here are some resources to help you see what’s coming!
The Visual Studio team has gone hog wild the past few days releasing lots of great information about Visual Studio 11 and the .NET 4.5 Beta that will be available February 29th. I just wanted to share with you some of the great articles they have posted so you can start geeking out!
And one last link, because betas are great to download and explore but if you haven’t bought or renewed your existing Visual Studio license Get ready with MSDN: Save up to 35% on Visual Studio with MSDN
The title of this post is “Because there’s always more to learn.” Where’s that from? You know it… That’s right – TechDays. But wait… time to talk about TechDays 2012 already? Not quite. But it is time to talk about TechDays Online!
Whether you were able to attend Tech·Days 2011 (or even 2010!) or not you’ll find it all on Tech·Days Online. It looks like many of you have already been perusing the training content that’s up there, so it’s definitely looking like TechDays Online is how Canadian Developers, like you, are staying on top of the latest technologies and innovations, as well as connecting with the developer community at large.
So what’s available on TechDays Online? From Hands-On Labs to session videos to articles, and more, TechDays Online has the technical training that you need to grow your career:
But wait, there’s more – Introducing TechDays TV
Starting the end of this month, TechDays TV will air brand new TechDays sessions (exclusive to TechDays Online). The experts will be LIVE and INTERACTIVE which means that throughout the session, as well as after the session, you’ll be able to post your questions via chat or Twitter and have them answered in real-time. You’ll be connecting to technical folks as if they were right there with you at a TechDays tour location.
Clear your calendar and save the dates – every other Tuesday at 12:00 PM ET, starting February 28.
Visit Tech·Days Online now to drive your technical skills into the future—at your own pace and your own convenience and stay tuned for more on TechDays TV.