If anyone using DotNetJunkies (or the same version of Community Server) is trying to "claim" their blog in Technorati, I don't recommend the automatic method. Every time I have tried the automatic method to link this blog to my Technorati profile it has sat endlessly and patiently at the "Please wait while we check your site for Technorati goodness" stage. I am now trying the "Skip this step" step. Technorati Profile Wish me luck!

First, I hope this festive season is great for fellow bloggers, readers, and everyone else. Merry Christmas! Next, I came across two sites that I'm keeping an eye on and thought I'd mention here: Red Gate bloggers (makers of the excellent SQL Compare), and site called TracksLife that offers a free service to track anything as "lists" - TracksLife will send you reminders to update your lists on a schedule of your choosing, as well as making your lists (shopping lists, budget, diet, etc.) available via RSS if you choose. And of interest to me, the site uses AJAX technologies too.

I've used Windows Explorer day in, day out for many long years, and one thing that has bugged me all that time is the blank space in the "Size" column next to a folder in details view. One workaround is to view the Properties dialog of the folder which will show the total space used, including all files and sub-directories. Another is the excellent (but now no longer free, apparently) TreeSize program. But now I don't need either. Thanks to fellow DNJ Scott Munro, I now have a "Folder Size" column in Windows Explorer, courtesy of the Folder Size for Windows SourceForge project. That means...

Jason Salas posts about S5 (Simple Standards-based Slide Show System), an XHTML, CSS and JavaScript browser-based slideshow. The demo is very impressive - after looking at it stupidly for a few seconds, I realised that clicking in the white area or pressing the space bar starts the slideshow. Hovering over the bottom-right corner reveals navigation controls, and viewing the source shows that authoring can be done on a simple XHTML page by surrounding each slide in a div with the "slide" class - the navigation controls are created dynamically in the JavaScript. Very cool.  

I've been developing an ASP.NET 2.0 web site on my machine (and I love the in-built web server) which accesses an SQL Server 2000 database through an SQL account, but which also passes the current user's Windows login for row-level access. This works fine in development when the web.config file is set up like: <authentication mode="Windows"/> In this situation in development, my Windows login is returned when using code like System.Security.Principal.WindowsIdentity.GetCurrent(), which is what I want. But, when I tested the deployment of the site on Windows Server 2003, the current user always returned NT AUTHORITY! So, after checking all the possible settings...

Cross-site scripting (XSS) is a problem that ASP.NET helps you deal with by not allowing any "malicious" (I'm interpreting this as HTML tags, whether it's <0BJECT> or <i>) input in the Request object, by default. This behaviour can be switched off by setting the "ValidateRequest" Page directive to "false" and you can do your own validation à la Peter van Ooijen's "Protecting an ASP.NET page against malicious input with ValidateRequest (A potentially dangerous Request.Form value was detected)" post. In my case I left the default setting on - I'm not good enough to catch all possible vectors of attack - but...

One very cool feature of Visual Studio 2005 is the ability to install a Trial version, and then upgrade to the full version by buying a product key or boxed copy. Doing this means that the trial version does not need to be removed (wiping out all the carefully-crafted settings for the IDE) to install the full version. This option can be found under the "Add or Remove Programs", "Change/Remove" screen: This is helpful to me because I have a web site currently on Beta 2, and I want to upgrade to the RTM before going much further. Now I...