Category: Technology

Invalid State Crashes Client?

Post author By bryan
Post date August 7, 2009

It’s the infamous view state again. My my my. I knew there were reasons I really didn’t dig the complexity ASP.NET were trying to cover up. This time though, my sense of amazement reached new heights when the client browser crashed (yip-crashed) because the server picked up some dodgy view state. Read that again. Carefully.
Oh. And you probably might have already guessed which browser does the crashing. No prizes for getting it right, sorry. The correct and predictable, even appropriate response is: “The view state is invalid for this page and might be corrupted” which is what all the other browsers I’ve tested on so far show. On with the experiment…

We’ll start off with a simple ASPX page. Nothing complicated.

<html>
	<script language="C#" runat="server">
  public void Page_Load(Object sender, EventArgs E)
  {
  }

  public void Submit_Click(Object sender, EventArgs E)
  {
  }
	</script>
	<body>
		<form id="Form1" runat="server">
			<asp:Button ID="Submit" OnClick="Submit_Click" Text="Submit" Runat="server"></asp:Button>
		</form>
	</body>
</html>

Click on the button and woohoo- no surprises. But now we add a little extra something. We modify the contents of the page after it’s loaded. Nothing special here either really. Standard AJAX behaviour.

<asp:Button ID="Submit" OnClick="Submit_Click" Text="Submit" Runat="server"></asp:Button>
<div id="dynamic_content"></div>
<script type="text/javascript">
//<![CDATA[
  window.onload = get_dynamic_content;
  function get_dynamic_content() {
    //....
  }
//]]>
</script>

The JavaScript function get_dynamic_content() will make a request and then proceed to populate the div dynamic_content with some more HTML. The obvious solution is to do something along the lines of:

function get_dynamic_content() {
  document.getElementById('dynamic_content').innerHTML = '...some html...';
}

Incidentally, therein lies another rub in that div.innerHTML behaves differently for IE. Take a peek for yourself. And within all those comments, of this article, there lies a ~~hack~~ solution. You can read more about that debate there. Moving along.

So having hacked the little piece of innerHTML magic, you start populating your element with all sorts of dynamic content. Wonderful. Then during a series of development efforts, you get a buggy piece of HTML tagging along for the ride. A second form element- don’t worry, not a server-side form. More about why and why not here if you not too sure about how that fits into the scheme of things. Anyway, so you get an erroneous piece of HTML coming through- a valid bug in the development effort- and your second form contains an extra view state element. By now, you’ve also probably deciphered the design and architecture of this piece of handy work.

And i’ll recount here- this may be a valid bug, but it’s not about the bug. It’s the way the client browser handles a server-side bug.

So let’s assume that part of the payload (simplified) includes the following:

<form>
...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEWAgL9hvuOBAK8w4S2BGRm0HOf1YSq2O4B5nwrlp8eUNwR" />
...
</form>

You click on Submit. Is this what you would be expecting?

It’s not even bad HTML. In fact, if the dynamic payload didn’t include the extra form element, just the viewstate ala

<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEWAgL9hvuOBAK8w4S2BGRm0HOf1YSq2O4B5nwrlp8eUNwR" />

You get the reasonable and correct behaviour. ASP.NET complains about the view state being fudged. Good. But wrap that extra view state input element in a form tag and IE client blows up. WTF? Incidentally, the form wrapper is arguably more correct.

Here’s the full code for your enjoyment. Modify the content variable and element type of dynamic_content and test across all your browsers.

<html>
	<script language="C#" runat="server">
  public void Page_Load(Object sender, EventArgs E)
  {
  }

  public void Submit_Click(Object sender, EventArgs E)
  {
  }
	</script>
	<body>
		<form id="Form1" runat="server">
			<asp:Button ID="Submit" OnClick="Submit_Click" Text="Submit" Runat="server"></asp:Button>
			<div id="dynamic_content"></div>
      <script type="text/javascript">
      //<![CDATA[
        window.onload = get_dynamic_content;
        function get_dynamic_content() {
          var content = '<form><input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEWAgL9hvuOBAK8w4S2BGRm0HOf1YSq2O4B5nwrlp8eUNwR" /></form>';
          //document.getElementById('dynamic_content').innerHTML = content;
          swap_content_div(document.getElementById('dynamic_content'), content);
        } 
        function swap_content_div(old_div, content) {
          someHtml = content;
          var newDiv = document.createElement(old_div.tagName);
          newDiv.id = old_div.id;
          newDiv.className = old_div.className;
          newDiv.innerHTML = someHtml;
          old_div.parentNode.replaceChild(newDiv, old_div);
        }
      //]]>
      </script>
		</form>
	</body>
</html>

Tags asp.net, javascript

Technology

HOWTO Do Software

The expression “software is hard” (a quote from Donald Knuth if I’m not mistaken) has seen a lot of mileage (yours truly contributing my fair share) over the years because of it’s simple truth. And in that, we’ve all searched and found (or not) some or other holy grail of methodology. And then the methodology wars began…

And with each new spin, a new skirmish emerged on the radar. Even some of the the tool-chain manufacturers got involved, either creating their own style or methodology (i suspect largely to suit their product rather than the process) or adopting their product to try and encompass the latest and greatest in fashionable methodology. Much ado.

Now software is both art and science. And as such, you need a healthy dose of both to get it right. The art demands your imagination and creative skills; the application of your emotional quotient and your ability to think beyond the four-sided. The science demands much the same plus discipline. Art, too, demands discipline (find me a great writer, painter, cartoonist, graffiti-artist, musician who did NOT practise and hone his/her ability each and every day- for hours each day). Art and science are much the same. Discipline is but one of the common threads.

Discipline to sit down each and every day, for hours, and get it right- get it perfect. That doesn’t mean just hours of random throwing paint at the canvas or the random plucking of guitar strings (which is my forte, by the by). And what about the scientist? Does she spend hours each day in the laboratory throwing random chemicals together into a test-tube to see what might happen? Maybe once in a while, that kind of activity is fun- but not a primary activity.

No. They all set themselves down each day, both scientist and artist, and constructively engage their brains, and think for themselves about what they are actually doing- or going to do. They know before the experiment or song or painting is completed- what to more or less expect. Sometimes it doesn’t turn out that way- and the results are either surprising or horrendous. Sound familiar? But by and large, it’s predictable- and it should be. Software is no different.

How you get there, and which methodology you use is largely irrelevant (i say largely, but you need to read the legal copy disclaimers in fine print carefully); as long as you have discipline. Following a set pattern so often that it becomes part of your autonomic nervous system is key. There’s good reason to do it, especially when you add in the one thing that distinguishes software: deadlines. Although, I am sure that in this day and age, professional artists and scientists suffer the same. Deadlines make the job more interesting- and the need for discipline even more critical.

A brief observation of any professional field where life and death are important will reveal the stand-out-in-your-face notion of REPEAT. In fact, it’s the only way we actually ever learn anything. You repeat the excercise over and over again (ad nauseum some might say) until you get it right blindfold. Why? Because when there’s a deadline, you go blind. And the more impossible the deadline, the more blind you become. You don’t have time to think- just time to do. And you need to make sure you are STILL doing it perfectly.

So, HOWTO Do Software. Pick a way. Find a way. Develop a style and method of delivery that embodies rational scientific reason to justify the “why” you do it that way. Don’t do something or end up doing something “just because it’s the way we do it” and not have a valid reason and purpose behind the behaviour (and I’m afraid if you don’t even recognise that, your opinionated delivery is just going to be that- opinionated). Add in your own artistic flair- but above all- be disciplined about it. Not just off beat, whacky, eccentric, random or out there. Notice i said “just”. Which means you can still be off beat, whacky, eccentric, random or out there- just be disciplined about it. Oh- and write quality tests 😉

Tags agile, software

Technology

ActiveRecord Meets Thrift

I stumbled across the Thrift framework not so long ago and have been intrigued ever since because of it’s promises. And it’s easy to fall in love with the marketing and promises of any framework when it tickles and uses the words and phrases you like to hear, not so?

So finally, I have the opportunity to test drive it: in a design that will become a product that will be released into production in the not so far future. So I want to make sure it’s ticking along as I would expect it to, especially if I want to test, implement, debug, deploy, maintain, scale and extend. And so far, i’m tres impressed.

On the server, I have the default Thrift server, Ruby flavoured, running on Mac OS X with a CSharp client on a Windows XP box (same LAN) and all with no extra tinkering; just as is, courtesy of the generator. Luverly stuff! And then, the implemented handler on the server uses ActiveRecord to handle the database lifting. No Rails: just Thrift and ActiveRecord. And it rocks (so far).

I’ll more than likely be documenting this implementation in more detail over time since the combination opens up many more opportunities in the space i love to ~~work~~ play in. And that’s including the spike project source code.

References and gratitude to the following authors/posts which assisted in getting this going:

Tags activerecord, cross-platform, csharp, thrift

Technology

Morty py

Post author By bryan
Post date July 8, 2009

Morty py is the same Morty that was built using Ruby on Rails as part of a bigger scheme related to the basics of financial learning, specifically the concept of amortisation. Morty py, as it’s creative name suggests, is a Python implementation. Moreover, it’s also hosted on Google’s AppEngine.

In all, the differences between the frameworks and development experience are both varied and the same. It doesn’t really matter which is “better”- that discussion is a moot point. But in summary, i love the RoR implementation for it’s expressiveness in code and coherence of the MVC pattern. But Google’s AppEngine rocks when it comes to functionality and the tool chain. Performance (for this app) is much of a muchness. Python is really nice, and so is Ruby. Granted, getting to grips with Python was much easier, but that’s only because my multi-lingual skills have improved greatly. And being a multi-linguist is so much more satisfying.

Afterall, imagine, in one day, coding the backend in Python, some related services in Ruby, maybe an optimized service in C, with a front end in C#, possibly ASP.NET or WinForms, a mobile front end in Java and then some obligatory JavaScript to boot. Not forgetting the frameworks that come with each of those languages that make them ultimately productive. For me, seventh heaven 😉

Tags appengine, python, rails, ruby

Technology

Target Market

Post author By bryan
Post date June 25, 2009

Maybe the guys at Nokia have different ideas about concepts such as “target market”, “market segmentation” or “target audience”?

nokiamusicstore

Technocists? Really. This kind of thing should be outlawed. It’s the 21st century! But then again, the money votes always make the biggest difference. Bye, bye Nokia Music Store.

Tags freedom

Technology

AppEngine

Post author By bryan
Post date June 25, 2009

Started working with AppEngine a little bit recently and for the most part, I’m impressed by the ability to just get on with it. It resonated with some of Rob’s post and his idea of “stop thinking, just build” (with the ‘stop thinking’ part given a reasonable and relaxed interpretation on my part). And even jumping into Python again was fairly easy (read ‘nice’). Admittedly, my journey with Ruby has helped big time in overcoming the “who’s-moved-my-cheese” factor when it comes to static typing, intellisense, IDE… well, all the “trappings” if you like 🙂 So, back to AppEngine.

It’s fast, simple and uncomplicated. Some straightforward abstractions and useful mocks (like the user login for example) and even without having to host an app on Google, using the tool chain locally is superb for tracer bullets- even quicker than, dare i say, Rails? 🙂

Once, that is, you get ~~over~~ with the conventions of the platform and language (which is not huge by any stretch of the imagination). And on that note, i just want to state categorically that conventions are great. Not the kind where you drink good coffee and chat much g33k. The kind where you make a whole bunch of assumptions up front and then code everything according to those assumptions (and a further step of faith: you wire those assumptions into the framework). Yes, i know what they say about assumptions making something out of U and ME. A quirky expression- but is that really an absolute truth? And I’ve noted a different kind of assumptions before.

I feel this is where some of the mainstream programming gets lost from time to time (and with good reason mind you). Anything can happen, everything goes- no real conventions: you get to code *everything*. Joy. (All) you have are classes which you can abuse to perform functions and in between you get to do a lot of heavy lifting. Then again, what’s heavy is relative.

And in the web application world, AppEngine does a lot of the heavy. Which is great for just getting on with it. Try it. Go on… 60 minutes is all it’ll take.

Tags appengine, python, web

Technology

Get Ubuntu

Post author By bryan
Post date June 15, 2009
1 Comment on Get Ubuntu

This is more of a shameless advertising plug than anything else- a departure from the usual theme of posts- but when you really like something, you can’t help yourself but just say *something* about it. That said…

I’ve advocated Ubuntu for a while now since I took the leap myself away from the restrictive environment which Windows had become*. When I first jumped, there were minor issues here and there but, with a bit of geek, the problem was solved. Since then, the OS has grown into an incredibly rich and useful OS with no issues (at least that is, not for a while). It does just work.

The latest release has been even more comforting and in particular, the netbook remix version is beautiful! I also work a lot on Mac and can appreciate an interface that is simple and intuitive and lets you get on with the job without getting in the way. UNR rates as one my most favouritest (sic) OSes. I can’t work (as in code a lot) on that platform just yet- but the way the services and technology is moving, who knows 🙂

So, don’t delay, go Get Ubuntu. Now. Really.

Oh, and if you’re worried about your “office” productivity and spreadsheets and word processing, don’t. OpenOffice is pretty good. No. Very good. No. Darn good! I’ve managed to use some pretty sophisticated and involved spreadsheets (created in Excel 2007) on OpenOffice 3.0 and there was some minor trickery involved regarding linked spreadsheets, but after sorting that out- total freedom!

Incidentally, this quiet article had more good things to say.

* I’m not really an MS hater, so try not read between the lines too much 🙂 I still do a lot of work on the MS platform in .NET and enjoy using the tools i have there, mostly because i’m very familiar and comfortable with them. It’s just that the client OS itself though doesn’t offer me any extra value for the extra price i have to pay for it- plus it’s slower on the same spec machine.

Tags ubuntu

Business Technology

Playground Update

Post author By bryan
Post date June 9, 2009

The playground has got a new update: stats-related. We covered the sections where you can uncover a bunch of numerical descriptions on a dataset, which is useful for a quick overall summary of the data. I’ve used this tool a couple of times myself preparing for exams and checking manual calculations (yes, sometimes i need to do this type of thing manually) and of course, it’s much easier than using my Sharp or Casio calculator.
And then there are times when you need to examine the relationship between two variables…

The “Applied” Stats Calculator helps with that quite a bit by giving you a fairly (or so i’d like to think) easy way of inputting your data and then calculating and displaying the relationship through a least-squares attempt on the data provided. There are two motivations for this development:
a) linear relationships are more meaningful than just describing a dataset on its own
b) a showcase in extending the javascript library, complete, as always, with tests.

statsbi

Tags maths, playground, stats

perspective Technology

Software Guarantees

Post author By bryan
Post date May 11, 2009

It’s a long time coming: consumer protection for software. And it’s a ~~good~~ not altogether bad thing. How much software out there promises the world but delivers nothing but a world of headache? Of course, the devil is in the details and how they go about enforcing that is going to be interesting. Can you imagine the legal copy? Of course, this opens up the world for computer forensics in a big way. We might even get a new show: CSI Brussels, the Bits-n-Bytes version. Ha.

But from an engineering perspective, this kind of move will most certainly sift out the hype from the functional (and create more of a different hype) and all the war around the best technology might abate (while the war between lawyers rage) so that the job can just get done by those actually doing the job and knowing how to do it (which, by this stage will not be many). It also means developers will choose their tools more carefully and with more consideration and be less prone to just adopting the next best thing just because it’s the next best thing. Which, in turn will impact the software tool market (probably negatively though). Who’s going to write code to interact with a service (or even allow interaction) if you got no control over how the other end of your integration works and you could possibly get sued for thrice more than you earned on the job. Imagine the insurance?

Of course, i’m assuming that the implementation of this kind of policies (or others related to it) is well though-out, fair and just 🙂 The evil side to this kind of policy is just too staggering. That’s something for the budding authors (of CSI) out there to write about…

Tags legal, software

Technology

Priceless

Post author By bryan
Post date April 23, 2009

I’ve had to work a lot with MS over the last few days (partner programmes, OSs, servers, networking…) eish. Compared to Apple networking, it’s a beast- but that’s another topic for another day. So this morning I tapped on to the partner website….

For everything else, there’s MasterCard?