Playing around with the sockets  in Silverlight 2 beta 1  I found out that it works fine on my local host. When publishing my sample to a real Web server (I mean a Web server that is reachable in the Internet with a domain) I got always a socket exception saying that access is denied . I looked around if I could find any help on that. I thought that there maybe is a restriction in the defaults of Silverlight and that I could find somewhere a configuration similar to the .NET and zones configuration, but I didn't.
Posted by Michael Schwarz on Sunday, March 9, 2008
In my last post  I wrote about how you can use sockets in Silverlight 2 beta 1 . Well, when publishing my application to a Internet domain the code didn't work. I always get a socket exception: error code 10013, access denied. I have put an example online at http://frankfurt.schwarz-interactive.de:4510/test.aspx .
Posted by Michael Schwarz on Saturday, March 8, 2008
The new beta of Silverlight 2  introduces Sockets. The security model enforced by the System.Net.Sockets namespace in Silverlight 2 allows for a connection only back to the site or host of origin. So Silverlight 2 applications will be allowed to connect only to the host from which they were downloaded.
Posted by Michael Schwarz on Friday, March 7, 2008
Posted by Michael Schwarz on Monday, July 30, 2007
In my current project I'm using a own User object that I store in the HttpContext.Session to have personalized data available without connecting on each AJAX method / page refresh to the database. If the session will end because of timeouts, Web server resets/crash or application pool recycle this data will not be available any more, I have to read all again and store it in the session.
Posted by Michael Schwarz on Monday, July 30, 2007
I will be available for Microsoft Silverlight discussions at the [webinale 07  conference in Ludwigsburg/Stuttgart to talk and discuss about the latest version of Silverlight presented at the Mix07 in Las Vegas. Of course, you can talk with me about Ajax.NET Professional, too.]
Posted by Michael Schwarz on Saturday, April 28, 2007
Posted by Michael Schwarz on Friday, April 13, 2007
Today I opened the turkish version of Google  and did a search for something I cannot remember. The thing was that I didn't hit enter, instead I clicked on the button Google'da Ara. What I noticed then was that the ' was not correct url encoded. Hm, nothing you have to care about. But after clicking on a link to a blog from the search results I found the same wrong url encoded url in the who is linking me section. While reading the page I had the idea to do some more testing with the apostrophe (or a quote).
Posted by Michael Schwarz on Wednesday, April 11, 2007
Posted by Michael Schwarz on Saturday, April 7, 2007
I had a watch today on the webcast How Hackers Reverse Engineer and Exploit an Ajax Application . There wasn't any new security issue as we already should know as AJAX or web application developers. Samples did show how to hack the AutoComplete.asmx web service (using ASP.NET AJAX ) which was used on a demo web application using SQL Injection.
Posted by Michael Schwarz on Thursday, January 25, 2007
In the past you may have heared about more and more security bugs on well-known web sites you use maybe more often a day. Below there are some tips you should have in mind when browsing:
Posted by Michael Schwarz on Tuesday, January 16, 2007
During the weekend I found an script error on the Google pending members web page. Because I was using the new Google groups beta interface I didn't looked on it. But today the script error still occurs and I noticed the same error on the older version, too. I had a look inside the generated html output and found that there was a script tag that was not closed, ah, it was a membership request message.
Posted by Michael Schwarz on Monday, December 4, 2006
The last months I found more and more web sites that make a heavy use of AJAX to be on the Web 2.0 train, but a lot of them are very strange because they are slower than before, you will get more errors and sometimes nothing does work (i.e. when running on a mobile device). Here are my top 10 mistakes when using AJAX (not depending which framework you want to use):
Posted by Michael Schwarz on Monday, November 20, 2006
Scott Hanselman  is writing on his blog :
Posted by Michael Schwarz on Tuesday, October 24, 2006
Posted by Michael Schwarz on Monday, July 3, 2006
I put the new version online, download the latest DLL at http://www.ajaxpro.info/ . There are a lot of performance changes done, and the lib is now working perfect with the script.aculo.us effects. A not yet finished updated version of the Starter Kit is online, see http://munich.schwarz-interactive.de/ . See the changes here:
Posted by Michael Schwarz on Friday, June 2, 2006
I have written a short example about how to use web forms security with Ajax.NET Professional. The example (C# and VB.NET) is included in the latest version available at http://www.ajaxpro.info/ . Discuss the security.aspx example at Google groups . (Update: there are about 2.500 members reading and writing posts!!!)
Posted by Michael Schwarz on Friday, May 12, 2006