Pull to refresh
72.41
Rating

.NET *

A hub about .NET

Show first
Rating limit

XSS: attack, defense — and C# programming

PVS-Studio corporate blog Information Security *Programming *.NET *C# *

XSS - or cross-site scripting - is one of the most common vulnerabilities in web applications. It has been on the OWASP Top 10 list (the list of the most critical security risks to web applications) for a while now. So let's figure out together how your browser can acquire and execute a script from a third-party website, and what this may lead to (spoiler: your cookies could get stolen, for example). And while we're at it, we'll talk about ways you can protect yourself from XSS.

Read more
Total votes 1: ↑1 and ↓0 +1
Views 1.8K
Comments 1

Tutorial: how to port a project from Interop Word API to Open XML SDK

PVS-Studio corporate blog Programming *.NET *C# *Development for Office 365 *
Tutorial

With the .NET5 release further development of some projects was questionable due to the complexity of porting. One can abandon small outdated libraries or find a replacement. But it's hard to throw away Microsoft.Office.Interop.Word.dll. Microsoft doesn't plan to add compatibility with .NET Core/5+, so in this article we focus on creating Word files with Open XML SDK.

Read more
Total votes 4: ↑3 and ↓1 +2
Views 1.6K
Comments 0

Is PHP compilable?! PVS-Studio searches for errors in PeachPie

PVS-Studio corporate blog PHP *.NET *Compilers *C# *

PHP is widely known as an interpreted programming language used mainly for website development. However, few people know that PHP also has a compiler to .NET – PeachPie. But how well is it made? Will the static analyzer be able to find actual bugs in this compiler? Let's find out!

Read more
Total votes 2: ↑2 and ↓0 +2
Views 430
Comments 0

Optimization of .NET applications: a big result of small edits

PVS-Studio corporate blog .NET *C# *

0852_NETAppsPerf_MinChangesMajorRes/image1.png


Today we're going to discuss how small optimizations in the right places of the application can improve its performance. Imagine: we remove the creation of an extra iterator in one place, get rid of boxing in the other. As a result, we get drastic improvements because of such small edits.

Read more →
Total votes 6: ↑4 and ↓2 +2
Views 1.6K
Comments 0

AngouriMath 1.3 update

Open source *.NET *C# *Mathematics *F# *

Four months of awesome work together with a few new contributors finally result in a new major release, which I'm happy to announce about.

Now we get completely new matrices, improved parser, a lot of new functions, almost rewritten interactive package (for working in Jupyter) and many more.

This article about a big update in a FOSS symbolic algebra library for .NET, I hope it may be interesting for someone!

Read more
Total votes 5: ↑5 and ↓0 +5
Views 3.7K
Comments 0

Creating a NuGet package for a library with platform-specific API

Programming *.NET *
Tutorial

When creating a .NET library with a partially platform-specific API, we should think about how to pack it into a NuGet package so that the installed library will work in various scenarios (.NET Framework, .NET Core, self-contained application and so on). Unfortunately, it is difficult to find a step-by-step instruction on the web that describes how to perform this task. This article is intended to be such an instruction.

Read more
Total votes 1: ↑1 and ↓0 +1
Views 4.7K
Comments 0

How to be good in hackathons as a developer? Practice creating simple pet projects

.NET *API *Google API *C# *DIY
Sandbox

Hackathons could be very intimidating and stressful. The key to getting better is doing simple projects. In this article, we will look at an example of a web app that can be used for sharpening your skills when you prepare for a hackathon. We will use a powerful Google API based on Machine Learning and apply the following technologies: ASP.NET, HTML, Docker, Heroku, and Git.

Read more
Total votes 5: ↑5 and ↓0 +5
Views 2.6K
Comments 1

How WCF Shoots Itself in the Foot With TraceSource

PVS-Studio corporate blog .NET *C# *Development for Windows *

We don't often get the chance to write something on parallel programming issues. This time we "got lucky". The TraceEvent standard method has some implementation peculiarities. They resulted in an error with multiple threads blocking. So we'd like to warn users about this nuance and cover this interesting case from our users support practice. Why was our support involved? Keep reading to find out. Enjoy the reading!

Read more
Total votes 5: ↑5 and ↓0 +5
Views 727
Comments 0

.NET Application Optimization: Simple Edits Speeded Up PVS-Studio and Reduced Memory Consumption by 70%

PVS-Studio corporate blog .NET *C# *

We know many ways to detect performance problems, such as extremely low speed and high memory consumption. Usually tests, developers, or testers detect such applications' drawbacks. In the worst case, users find weaknesses and report back. Alas, detecting defects is only the first step. Next, we should localize the problem. Otherwise, we won't solve it. Here comes a question - how to find weak points that lead to excessive memory consumption and slow down in a large project? Are there such at all? Maybe it's not about the application? So now you're reading a story how PVS-Studio C# developers encountered a similar problem and managed to solve it.

Read more
Rating 0
Views 917
Comments 0

OWASP, Vulnerabilities, and Taint Analysis in PVS-Studio for C#. Stir, but Don't Shake

PVS-Studio corporate blog Information Security *.NET *C# *

0831_TaintAnalysis_Cs/image1.png


We continue to develop PVS-Studio as a SAST solution. Thus, one of our major goals is expanding OWASP coverage. You might ask, what's the use when there's no taint analysis? That's exactly what we thought — and decided to implement taint analysis in the C# analyzer. Curious about what we accomplished? Read on!

Read more →
Total votes 2: ↑1 and ↓1 0
Views 635
Comments 0

Multithreading in Photon

.NET *Game development *C# *
Tutorial

What this article is about 

In this article, we will talk about multithreading in the backend. 

how it is implemented 

how is it used 

what can be done 

what we invented ourselves 

All these questions are relevant only if you develop something for the server side - modify the Server SDK code, write your own plugin, or even start some server application from scratch.

Read More
Rating 0
Views 800
Comments 0

One of the ways to dynamically deserialize a part of a JSON document with an unknown structure

.NET *C# *Data Engineering *
Tutorial

In this topic, I will tell you how to dynamically parse and deserialize only part of the whole JSON document. We will create an implementation for .NET Core with C# as a language.

For example, we have the next JSON as a data source for the report. Notice that we will get this JSON in the runtime and at the compile step we don't know the structure of this document. And what if you need to select only several fields for processing?

Read this amazing post
Total votes 2: ↑2 and ↓0 +2
Views 9.9K
Comments 2

Pitfalls in String Pool, or Another Reason to Think Twice Before Interning Instances of String Class in C#

PVS-Studio corporate blog Programming *.NET *C# *

As software developers, we always want our software to work properly. We'll do everything to improve the software quality. To find the best solution, we are ready to use parallelizing or applying any various optimization techniques. One of these optimization techniques is the so-called string interning. It allows users to reduce memory usage. It also makes string comparison faster. However, everything is good in moderation. Interning at every turn is not worth it. Further, I'll show you how not to slip up with creating a hidden bottleneck in the form of the String.Intern method for your application.

Read more
Total votes 2: ↑1 and ↓1 0
Views 1.6K
Comments 0

SmartTraits or lets add «multiple inheritance» to C#

.NET *C# *


One of our clients, a developer who used to work with php technologies for quite some time, frequently complained that with the transition to C# and .Net stack, he misses one of his favorite features from the php world — traits and he would like it very much to be able to use such functionality in .Net.

At one point, we decided to make him a present and implemented a proof of concept of similar functionality for C#.

To our surprise, it was quite easy to implement the PoC and the process of development was a lot of fun.
Read more →
Rating 0
Views 939
Comments 0

Compilation of math functions into Linq.Expression

Programming *.NET *Algorithms *C# *Mathematics *

Here I am going to cover my own approach to compilation of mathematical functions into Linq.Expression. What we are going to have implemented at the end:

1. Arithmetical operations, trigonometry, and other numerical functions

2. Boolean algebra (logic), less/greater and other operators

3. Arbitrary types as the function's input, output, and those intermediate

Hope it's going to be interesting!

Read more →
Total votes 4: ↑4 and ↓0 +4
Views 4.7K
Comments 1

A little life hack when you work with Azure Service Bus and ASP.NET Core

.NET *Microsoft Azure *
Tutorial

Some of the features of your website require message queue integration. It is not a complex task for most developers. If you work with Azure infrastructure, you are able to choose Azure Service Bus as a queue engine. It sounds quite simple: just create Azure Resource, write some code and then be happy! But what would you say if the resources are limited? What will you do if there are several teammates in your team, and all of you have to debug queues at the same time? I try to give you a simple solution.

Read more
Total votes 3: ↑3 and ↓0 +3
Views 8.2K
Comments 3

Authors' contribution