Bart is a LINQ to Objects genius

by Matt 24. April 2009 15:57

This is why LINQ is so cool.

Bart De Smet has written an epic post with a fascinating example of LINQ queries, extension methods, polymorphism and the power of having functions as a first class citizen.

I can’t summarise the post and do it justice. Go read it. It’s lovely.

Tags: , , , ,

How to use BlogEngine.net as an OpenID provider

by Matt 16. April 2009 17:39

openid-icon-100x100

One of the nice things about OpenID is that just about anyone can be an identity provider. Indeed, that’s pretty much the point.

OpenID is just a URL. Specifically, a URL that uniquely identifies you and that you and only you have control over.

You know, like your blog address.

So let’s make BlogEngine.net be an OpenID. Turns out, it’s dead easy.

1. Go and get an OpenID

What? Did you think we’d do the heavy lifting ourselves? No, no, no. Friends don’t let friends try and implement security protocols. Leave it to the professionals.

Put it this way – I don’t even want to have to get https working as a part of my blog, let alone implement OpenID security exchanges.

I used the guide available at Will Norris’ site to help make a choice of which 3rd party to help decide which to go for. As far as I can see, the two best choices are MyOpenID and MyVidoop. Both look like very good providers, offering just about everything – attribute exchange, personas - but I went with MyOpenID because they support logging in using CardSpace (we have history).

So, my OpenID is http://mtellis.myopenid.com.

2. But I thought you said you could use your blog address?!

Of course. OpenID supports delegation. This allows me to have an OpenID URL that delegates to another OpenID provider. In other words, when I try to log in to a site using this blog as an OpenID, this blog will actually delegate responsibility to the “real” OpenID provider, MyOpenID.

This is very easy to set up. You just need to add a few lines of HTML to your blog.

First, find the help pages for delegation for your OpenID provider. Here they are for MyOpenID, and here they are for MyVidoop.

Now log onto your instance of BlogEngine and go to the settings page. Towards the bottom of the page, there is a text box labelled “HTML Head Section”. Paste the HTML from the help pages into this box, and save.

This is what mine looks like:


<link rel="openid.server" href="http://www.myopenid.com/server" />
<link rel="openid.delegate" href="http://mtellis.myopenid.com/" />
<link rel="openid2.local_id" href="http://mtellis.myopenid.com" />
<link rel="openid2.provider" href="http://www.myopenid.com/server" />
<meta http-equiv="X-XRDS-Location"
content="http://www.myopenid.com/xrds?username=mtellis.myopenid.com" />

Of course, these are my details – make sure to put yours in.

And don’t worry, I’m not showing you anything sensitive here. This information is plainly visible to everyone with a simple view source – there are no secrets here.

What this is doing is telling the web site you’re trying to log into that you have delegated your OpenID. You tell it the server it needs to speak to (http://www.myopenid.com/server) and who that server knows you as (http://mtellis.myopenid.com in my case).

3. Let’s log in to something!

The simplest was to test is to go to this checkup page, which will try and log in for you. Enter your blog address, (http://sticklebackplastic.com) in the text field and hit check. If all is well, you should see something like:

 CheckingOpenId

This shows that the checkup site, my blog and MyOpenID can all talk together properly.

Now click the “Try logging in” link.

This time, you should get redirected to your OpenID provider. Here, MyOpenID is telling me who is trying to authenticate (openidenabled.com) and prompts me for my password (or Information Card – yay for phishing resistant logins!).

MyOpenIDSignIn

Once I’ve successfully authenticated with MyOpenID, I’m redirected back to the test page, where it confirms that everything is working as it should.

SuccessfullyLoggedIn

And there you have it.

Three simple steps, and now your blog is your OpenID. Go use it to log in to all those sites with the cute little openid-16x16 icons. Go on, shoo.

Tags: , ,

Announcing xunitcontrib 0.2 – Resharper 4.5 support

by Matt 14. April 2009 17:24

I’ve just released 0.2 of the xunitcontrib project (actually thought I’d released it over the weekend. Hadn’t pressed the right button. Oops – it’s there now.)

This release is primarily to support the RTM release of Resharper 4.5 (with a couple of smaller bug fixes too). It runs just like the old one, but with one added feature specifically for 4.5 – support for Resharper’s Solution Wide Code Inspections. When this is turned on, Resharper will highlight any public methods that are not used as part of a project. And of course, test methods are public methods that are not used by any other part of a project. One implementation of the wonderfully named IsTestStuff, and we’re all sorted.

Check out the downloads page for more details, and instructions on how to install.

And if you’ve got any comments, issues or ideas, please post them to the CodePlex site or leave a comment here, or via twitter, either directly to me (@citizenmatt) or via the #xunitcontrib hashtag.

Tags: ,

Making IE8’s InPrivate Filtering sticky

by Matt 14. April 2009 15:11

Last time, we saw that you can use IE8’s interesting InPrivate Filtering feature as a slightly heavy handed ad blocker.

It’s off by default, which is fair enough, but it’s rather surprising that once you do turn it on, it’s only on for the duration of that session, and resets itself to off for the next time you launch IE.

Fortunately, there’s a registry setting. Add a new DWORD value called “StartMode” to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Safety\PrivacIE. Setting to 0 means off at startup, 1 means set to “automatically block” and 2 is set to “choose content”.

If you’ve imported an xml file that claims to be a port of one of the adblock plus lists, you’ll want to set it to 2. If you set it to automatically block, it’ll block based on the number of times a script or image has been shared – which is probably not enough control.

Tags: , ,

IE8’s poor man’s adblock

by Matt 6. April 2009 18:56

One of the more interesting-but-you’ll-never-use-it features of IE8 was the InPrivate Filtering mode – not to be confused with the tracks covering features of InPrivate Browsing.

It’s billed as a privacy guard – it can automatically block content that is being used from multiple sites. So if a script or image is included on more than 10 sites it’ll get blocked. At least, theoretically. It’s off by default (I guess not downloading shared scripts could have too much of an adverse affect on the web)

 image

This is one of those forehead slapping moments. What services dish out images or scripts that people are worried include behaviour tracking cookies that a privacy guard such as this might want to block?

Yep. Adverts.

IE is smart enough to keep a track and automatically track items that are used by more than 10 sites, but the advanced settings let you import a whole bunch from an xml file. You know, like a black list of advertising content.

neowin has an article explaining how to do this, with a link to a forum post with such a black list. And it works reasonably well. It’s not as good as AdBlock for Firefox, but it’s better than nothing.

It’s not that different to the other solutions employed to get ad blocking into IE. It’s perhaps a little less heavy handed than a hosts file, blocking actual content rather than whole sites. It will have pretty much the same impact as a proxy pac file, but without the hassle of also running a black hole proxy. And I suspect it’s not going to be as good as something like Ad Muncher or Privoxy, that (as far as I can tell) are rewriting proxies that will strip offending images out of the pages before they get to the browser. (And I don’t know what IE7Pro does. I’m too scared of it to install it. No add on should implement that many features)

No matter what, it’s nice that it’s in the box.

But it could have been nicer.

Looking at the rules xml file, you’ll notice that it’s actually an RSS feed, with a single element that contains all the rules. RSS = subscriptions. So one quick Google later, and I find window.external.AddInPrivateSubscription(URL, filterName).

Perfect! Gears start turning – a web page that calls this script API to set up a subscription to a web service which gets the latest AdBlock Plus filter, converts the black and white list sections to xml and serve the latest files – an always up to date simple ad blocking filter for IE.

The only downside is that this is beta documentation and the method is missing in action in the RTM. How disappointing.

(Of course, the real power that AdBlock Plus has is in the CSS matching and element hiding. That really makes the ads invisible. I don’t know how to port these. Perhaps they could get edited into a user style sheet? Hardly the one-click solution any more, though)

So, there we have it. With the initial design for supporting subscriptions, the IE devs must have had ad-blocking as an unspoken design goal for this feature. But they’ve pulled a Microsoft and implemented something that has some really interesting potential, but just falls short, isn’t very easy to find, and is turned off anyway.

Tags: ,

Rel=Me

Month List

RecentComments

Comment RSS