Client-side optimization is getting a lot of attention lately, but some of its basic aspects seem to go unnoticed. If you look carefully at pages on the web (even those that are supposed to be highly optimized), it’s easy to spot a good amount of redundancies, and inefficient or archaic structures in their markup. All this baggage adds extra weight to pages that are supposed to be as light as possible.
The reason to keep documents clean is not so much about faster load times, as it is about having a solid and robust foundation to build upon. Clean markup means better accessibility, easier maintenance, and good search engine visibility. Smaller size is just a property of clean documents, and another reason to keep them this way.
In this post, we’ll take a look at HTML optimization: removing some of the common markup smells; reducing document size by getting rid of redundant structures, and employing minification techniques. We’ll look at currently available minification tools, and analyze what they do wrong and right. We’ll also talk about what can be done in a future.
Read more
By Mikhail Esteves | January 4th, 2010 in
General |
No Comments
There are three questions you have when you’re hiring a programmer (or anyone, for that matter): Are they smart? Can they get stuff done? Can you work with them? Someone who’s smart but doesn’t get stuff done should be your friend, not your employee. You can talk your problems over with them while they procrastinate on their actual job. Someone who gets stuff done but isn’t smart is inefficient: non-smart people get stuff done by doing it the hard way and working with them is slow and frustrating. Someone you can’t work with, you can’t work with.
The traditional programmer hiring process consists of: a) reading a resume, b) asking some hard questions on the phone, and c) giving them a programming problem in person. I think this is a terrible system for hiring people. You learn very little from a resume and people get real nervous when you ask them tough questions in an interview. Programming isn’t typically a job done under pressure, so seeing how people perform when nervous is pretty useless. And the interview questions usually asked seem chosen just to be cruel. I think I’m a pretty good programmer, but I’ve never passed one of these interviews and I doubt I ever could.
Read more
By Mikhail Esteves | December 5th, 2009 in
General |
1 Comment
This month’s column is simply a collection of what I consider to be facts – truths, if you will – about software engineering. I’m presenting this software engineering laundry list because far too many people who call themselves software engineers, or computer scientists, or programmers, or whatever nom du jour you prefer, either aren’t familiar with these facts or have forgotten them.
I don’t expect you to agree with all these facts; some of them might even upset you. Great! Then we can begin a dialog about which facts really are facts and which are merely figments of my vivid loyal opposition imagination! Enough preliminaries. Here are the most frequently forgotten fundamental facts about software engineering. Some are of vital importance – we forget them at considerable risk.
Read more
By Mikhail Esteves | December 3rd, 2009 in
General |
No Comments
Years ago, when developers first started to make the transition to HTML layouts without tables, one CSS property that suddenly took on a very important role was the float property. The reason that the float property became so common was that, by default, block-level elements will not line up beside one another in a column-based format. Since columns are necessary in virtually every CSS layout, this property started to get used – and even overused – prolifically.
The CSS float property allows a developer to incorporate table-like columns in an HTML layout without the use of tables. If it were not for the CSS float property, CSS layouts would not be possible except using absolute and relative positioning – which would be messy and would make the layout unmaintainable.
Read more
By Mikhail Esteves | October 20th, 2009 in
General |
No Comments
Here’s an easy way to avoid One Click Attacks in ASP.NET applications. If you have a Base class that all your ASP.NET pages derive from, override the OnInit function. For example:
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
if (User.Identity.IsAuthenticated)
ViewStateUserKey = User.Identity.Name;
}
If you don’t have a base class defined, you would have to put the above code in every ASP.NET page.
By Mikhail Esteves | September 14th, 2009 in
C#/.NET,
Tips | tags:
asp.net,
c#,
Tips |
No Comments
Here’s a quick guide on installing Bugzilla 3.4.1 on Dreamhost.
Fire up a shell and follow these steps (these command are from http://wiki.dreamhost.com/Bugzilla) in the directory of the domain you want to install Bugzilla in.
mkdir bugs
cd bugs
wget http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-STABLE.tar.gz
tar zxf bugzilla-STABLE.tar.gz
rm bugzilla-STABLE.tar.gz
mv bugzilla*/* .
Next, follow setups 6, 7, 8 and 9 from the Bugzilla Dreamhost wiki.
Now you will need to manually install Module::Build and DateTime::Locale for Bugzilla to work. To do this, first get the latest CPAN download links for the modules.
For Module::Build, you’ll find the download link here: http://search.cpan.org/~kwilliams/Module-Build/
For DateTime::Locale, you’ll find the download at: http://search.cpan.org/~drolsky/DateTime-Locale-0.43/
I’ve used the latest available builds at the time of this writing for the example below. Next, follow these steps in the Bugzilla installation directory:
mkdir tmp
cd tmp
PERL5LIB=/full-path-to-bugzilla-install-dir/lib
export PERL5LIB
wget http://search.cpan.org/CPAN/authors/id/K/KW/KWILLIAMS/Module-Build-0.31.tar.gz
tar xzf Module-Build-0.31.tar.gz
cd Module-Build-0.31
perl Makefile.pl
make
make test
make install
cd ..
rm -rf Module-Build*
# To install DateTime::Locale
wget http://search.cpan.org/CPAN/authors/id/D/DR/DROLSKY/DateTime-Locale-0.43.tar.gz
tar zxf DateTime-Locale-0.43.tar.gz
cd DateTime-Locale-0.43
perl Makefile.pl
make
make test
make install
cd ../..
rm -rf tmp
Re-run ./checksetup.pl and then fix permissions as in the Dreamhost Bugzilla wiki page:
for i in docs graphs images js skins; do find $i -type d -exec chmod o+rx {} \; ; done
for i in jpg gif css js png html rdf xul; do find . -name \*.$i -exec chmod o+r {} \; ; done
find . -name .htaccess -exec chmod o+r {} \;
chmod o+x . data data/webdot
You should now have a working Bugzilla installation at yourdomain.com/bugs.
By Mikhail Esteves | August 24th, 2009 in
LAMP,
Tips | tags:
bugzilla,
dreamhost,
perl,
Tips |
3 Comments
ASP.NET 2.0 makes encrypting configSections in the web.config file a snap and there is no reason to not encrypt sensitive configSections. Just google for “encrypt config” and there are tons of code snippets waiting for you to copy and paste. Below is a code snippet that is found most commonly in google search results for protecting and unprotecting web.config file:
private void ProtectSection(string sectionName, string provider)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection(sectionName);
if (section != null && !section.SectionInformation.IsProtected)
{
section.SectionInformation.ProtectSection(provider);
config.Save();
}
}
private void UnProtectSection(string sectionName)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection(sectionName);
if (section != null && section.SectionInformation.IsProtected)
{
section.SectionInformation.UnprotectSection();
config.Save();
}
}
You would usually call
ProtectSection method in the
Application_Start event in global.asax. As you can see, it accepts two parameters, sectionName (like “connectionStrings”) and provider which is basically an encryption services provider.
ASP.
NET ships with 2 default providers:
- The Windows Data Protection API (DPAPI) Provider (DataProtectionConfigurationProvider)
If you use this provider then the encryption keys are provided by the Windows OS. You don’t need to maintain the keys. However, this also means that you will need to deploy you application initially with a plain-text config file and then wait for your application logic to actually encrypt it.
- RSA Protected Configuration Provider (RSAProtectedConfigurationProvider)
If you use this options then you are also required to create key containers to hold the public and private keys used for encrypting and decrypting the config information.
Once the data is encrypted, you don’t need to change anything in your code while accessing the settings. The
ASP.
NET configuration classes are smart enough to decrypt and provide you plain-text when they come across encrypted configSections. Pretty cool eh!
Please note that you may never need to invoke the UnprotectSection method. It is only provided, just in case you want to revert back to a plain-text config file.
For a complete detailed tutorial on encrypting configSections see http://aspnet.4guysfromrolla.com/articles/021506-1.aspx
By Raghavendra K | July 23rd, 2009 in
C#/.NET |
No Comments
If you are a Windows Vista user, there is nothing more bugging than the UAC in Windows Vista. UAC which was supposed to bring improved security in Windows, does it pretty well but at the cost of user friendliness.
There are lots of apps and softwares that I run on my Machine, and Vista bugs me everytime I open them. For quite some time I’ve been looking to disable UAC for select applications, rather than disabling it all together, as that could possibly create a security havoc. After some time looking around for a solution, I finally found a solution that was recommended by Microsoft, and even Worked pretty well for me.
If you are looking to disable UAC for certain applications in Windows Vista, then follow this guide, and once you are done, the UAC may not really be all that bugging as it used to be.
Read more
By Mikhail Esteves | July 15th, 2009 in
Tips,
Windows |
No Comments
