Sean Kenny

Web Api and AngularJS - JSON Vulnerability Protection Filter

permalink

The Issue

From the AngularJS documentation

A JSON vulnerability allows third party website to turn your JSON resource URL into JSONP request under some conditions. To counter this your server can prefix all JSON requests with following string “)]}‘,\n”. Angular will automatically strip the prefix before processing it as JSON.

Phil Haack outlines the issue here.

Can we automatically prepend ")]}',\n" in Web Api? Sure!

FullCalendar - With a Resource Day View! - V2

permalink

v2.0.2

I’ve finally got to updating my fork of Adam Shaw’s v2.0.2 Full Calendar.

There are a few changes required if you are going to move from the previous 1.6 version, namely the use of the moment.js date library. I’ve used this library previously and you owe it to yourself to take a look. It takes all that javascript date pain away. And that’s a good thing…

Resource FullCalendar - Dragging and Clicking

permalink

I’ve previously posted on my “addition of resources” fork of the fullcalendar javascript control here. Today I want to outline some features around the drag/drop and click events that are a little undiscoverable.

Select

To add a select event callback, use the following config setting:

1
2
3
4
5
6
7
8
....
selectable: true,
select: function(start, end, allDay, ev) {
    console.log(start);
    console.log(end);
    console.log(ev.data);
},
....

Deserialisation and Constructor Logic Don’t Mix

permalink

I got caught on this one last week. I was load testing a web api resource using ApacheBench and was getting some really bad perf figures in the region of 40 req/sec when I would have expected an order of magnitude more at least. The data model being sent as JSON was:

Web Api With Dot in the Route

permalink

We have a requirement to have a dot midway in a route for one of our web api services. The route looks something like http://localhost/api/some.route/person. The controller (if using attribute based routing) is:

1
2
3
4
5
6
7
8
9
[RoutePrefix("api/some.route")]
public class UsersController : ApiController
{
  [Route("person")]
  public HttpResponseMessage Person(int id)
  {
    // do stuff
  }
}