Wednesday, September 16, 2009

Silverlight Unit test Framework - running only one test class

One thing that can be a bit frustrating when developing Unit Tests for Silverlight using the Silverlight Unit Test Framework is that there is no explicit way (in the documentation) to isolate a specific set of tests to execute, sicne by default the test runner will execute all tests in the test assembly.

Fortunately, we can pass TagExpression's to our UnitTestSystem upon initialization, this will tell the system to only execute the tests in the classes indicated in this expression, as a comma separated list:

In App.xaml.cs, red text is the new code, where ClassWithTestsOfInterest is the test class that you want executed:

private void Application_Startup(object sender, StartupEventArgs e)
  {
 
var testsToRun = UnitTestSystem.CreateDefaultSettings();
  testsToRun.TagExpression = "ClassWithTestsOfInterestTests";

  this.RootVisual = UnitTestSystem.CreateTestPage(testsToRun);
  }


Thursday, May 14, 2009

Running Pyke in IronPython

Since easy_install does not work with IronPython (due to missing Gzip libraries), you need to run Pyke from the sources. This is easier than it seems.
- Unpack Pyke. Resulting directory is something like pike_1.0.2
- Since IronPyton does not have a native implementation of the subprocess module, Get subprocess.py from: http://bitbucket.org/jdhardy/code/raw/8bfe4cffece2/subprocess.py and copy it to the pyke-1.0.2\pyke directory
- Start IronPython from the comman dline, while pyke-1.0.2 is the active directory:
○ c:\pyke_1.0.2>ipy.exe
- Type: import pyke

So, to recap, here is how you would run the towers of hanoi example:

c:\>cd pike-1.0.2
c:\pike-1.0.2>ipy.exe
IronPython 2.0 (2.0.0.0) on .NET 2.0.50727.3053
Type "help", "copyright", "credits" or "license" for more information.
>>> import pyke
>>> from examples.towers_of_hanoi import test
>>> test.test(1)
got 1: ((0, 2),)
>>>


That's it!

Friday, April 17, 2009

WiX 3.0 beta allows to set SiteId

When deploying web applications distributed in multiple servers, you may need to have them all configured with the same SiteId (to share the session DB, etc...). WiX now offers a nice little piece of markup that configures all this for you (instead of having to recur to unreliable VBS calls).

<iis:website id="YourSite" description="Something" directory="YourSite" dirproperties="RootDir" startoninstall="yes" autostart="yes" configureifexists="no" SiteId="10">
...
</iis:WebSite>


Just a word of caution: altough this attribute is included in the Schema for 3.0, it is not actually implemented until WiX v3.0.4805.0. Attempting to use it in any version earlier than this will eventually give you compile errors, since the WiX compiler does not know how to hanlde this attribute.

Friday, February 20, 2009

Add dynamic content to iFrame - IE issues

I need to add dynamic content to an iFrame, and I do not know in advance if this content will be plain text, HTML, JavaScript or a mix. I know that in most instances there will be some JavaScript payload to be executed as part of this content.

I am using a method similar to the one explained by Thomas Bindzus in his blog. This used to work like a charm until a few weeks ago, where it suddenly stopped working in Internet Explorer. Any attempts to do document.write by the content beeing loaded failed. The funny thing is that the payload scripts did execute, but any attempt to add something to the document was ignored by the browser.

After what seems to be hours of playing around, I found out that IE has a problem when closing the document. I modified th logic a bit to avoid closing the document if we are dynamically adding content in IE.

function AddContent(content, frameId)
{
var iframe = document.getElementById(frameId);

var doc = null;
if(iframe.contentDocument) { // Firefox, Opera
doc = iframe.contentDocument;
} else if(iframe.contentWindow) { // Internet Explorer
doc = iframe.contentWindow.document;
var ie = true;
} else if(iframe.document) { // Others?
doc = iframe.document;
}

doc.open();
doc.write(content);
if (
!ie) { // Only close the document for all other browsers, not for IE
doc.close();
}
}

Tuesday, February 17, 2009

Unescaping unicode characters in C# encoded in JavaScript

JavaScript escape and unescape are very powerful functions, but they do have its various idiosyncrasies that do not work appropriately with the standard escaping methods in the serverside C# code.
The regualr methods we have on C# to handle escaping/unescaping are:
  • Uri.EscapeDataString
  • Uri.EscapeUriString
  • HttpUtility.UrlEncode
  • HttpUtility.URLPathEncode
but none of these return a properly unescaped string as escaped by the JavaScript conterpart. Fortunately for us, Microsoft's own JScript libary has it's own, serverside implementation of the JavaScript encode/unencode methods, that do the job exactly as expected. They are exact equivalents.

string Microsoft.JScript.GlobalObject.unescape(string escapedString)

To use it in your code:
  1. Reference Micrtosoft.JScript.dll in your project
  2. Use the static methods in GlobalObject to do the escape/unescape

Localization in ASP.NET markup

To localize HTML or ASP.NET controls on the markup:

<asp:checkbox runat="server" id="chkOrderable" text=""><%$ Localize:Page_Property_Orderable %>" />


You must have the a resource named Page_Property_Orderable in your String.resx file.

If you are in need to localize JavaScript content (when the code is inline on the ASP.NET markup), see Rick Strahl's blog post on the subject.

Friday, February 6, 2009

SuppressMessage in code for CAT.NET

If you are using Microsoft's CAT.NET threat vulnerability static analysis tool, you may find that sometimes it is giving you false positives. If you need to suppress a vulnerability, it gives you several options:

  • Manual Suppression of found vulnerabilities in the CAT.NET UI
  • A Suppresions.xml file (located in the current project directory) - Entries in the Suppress tab of the UI get saved here
  • Method and Asemmbly level suppresions in code, using the SuppressMessageAttribute class.

I find the Method and assembly Level suppressions to be most helpful when you want to suppress a false positive from your code, when preparing it for Security Review by some other team or developer. In code suppressions are also a good way of documenting your code, and can be easily searched for.

Prerequisites for In Code suppression:

#define CODE_ANALYSIS
using System.Diagnostics.CodeAnalysis;

Assembly level suppresion:

[assembly: SuppressMessage("Microsoft.ACESec.CATNet.Core.Rules", "ACESEC05"]
namespace Project.Common
{...

Method Level Suppresion:

public class SomeClass
{
[SuppressMessage("Microsoft.ACESec.CATNet.Core.Rules", "ACESEC05")]
public string MyFalsePositiveMethod()
{...