Tim Marman's Loosely Coupled

Browse by Tags

• C#
• Programming
• Security

• If you can read a file, you can copy it

  Raymond reminds us that there is no "Copy" access mask because copying is not a fundamental file operation . Copying a file is just reading it into memory and then writing it out. Once the bytes come off the disk, the file system has no control any more over what the user does with them. Something to keep in mind when designing your web applications. Once you send something to the client, you inherently give up control over what can be done with that information. Posted Jan 09 2007, 09:42 AM by Tim with | with no comments Filed under: Technology, Software Development, Security, AJAX, .NET

• JSON and XML

  Back at the PDC, I mentioned that Microsoft chose JSON over XML in Atlas, its AJAX framework. The debate has reared its head again recently, prompted largely by Tim Bray's post . Tim says that JSON is great for its single intended purpose, "to put structs on the wire." Dare, who used to work on the XML team at Microsoft, say JSON is better than XmlHttpRequest because it helps work around browser security model limitations and is easier to program with . The cross-browser issues are a particularly big issue that people have tried to tackle in different ways - I mentioned before that Julien is using a Flash proxy to work around these issues , and I've seen other architectures which use a server-side proxy on the original server to handle the third-party request. The key here is that AJAX is not about the technology , but the experience. JSON may or may not be the "best" way to approach this, but the exercise at least highlights some of the limitations (and, to be fair, strengths) inherent... Posted Jan 05 2007, 09:44 AM by Tim with | with no comments Filed under: Technology, Software Development, Security, AJAX, C#, .NET

• Managing Exceptions in Framework Code

  One of the long-running debates here has been the use of exceptions for managing workflow. This was especially fierce while we were working on the Javascript framework, but it has died down a little in the strongly-typed .NET world. The two major questions are: ... when should should you return false / null and when should you throw an exception? I've always been of the opinion that a method should only throw exceptions for events that are truly fatal. For example, a search method returning no results is not an exception. However, a method that internally uses that search method may throw an exception under certain scenarios if it was intending on operating those results. Others are of the opinion that everything should be thrown as an exception. The argument is that even something like no results should trigger exception-handling code, and the easiest way to do this is have the callee fall into a catch block. ( I would counter that, even in the catch block, you need to special case different... Posted Jan 04 2006, 08:00 AM by Tim with | with 2 comment(s) Filed under: Technology, Software Development, AJAX, .NET, Programming