In case you haven't heard, the software plugin formerly known as WPF/E is now officially going to be called SilverLight.  More details can be found at http://www.microsoft.com/silverlight/ including a pretty cool video. 

I've always been a fan of Altova's XMLSpy and have used it since it was first released.  Their release of XMLSpy 2007 doesn't disappoint as it adds support for several things that are of particular interest to me such as XSLT 2.0 and XPath 2.0, XQuery and enhanced WSDL editing.  It of course adds many more features which you can learn about at http://www.altova.com/products/xmlspy/xml_editor.html.

I'm teaching Microsoft's .NET Distributed Application Development course this week in Phoenix and wanted to get some sample code I put together posted for everyone that is attending (and anyone else that is interested).  The code demonstrates asynchronous Web Services calls, MSMQ fundamentals, remoting through code and remoting through configuration files, using delegates with remoting, WSE 3 features, plus more. 

I was reading an article that was posted yesterday about various AJAX security vulnerabilities that was pretty interesting.  It documents how many AJAX frameworks allow GET requests to hi-jack JSON messages and process them as desired.  This is a big deal since any sensitive information included within a JSON message would be viewable to a clever CSRF (Cross Site Request Forgery) hacker. 

Microsoft's Scott Guthrie cleared up the issue with regard to the ASP.NET AJAX framework today.  He wrote up a great post describing how the framework automatically disables GET requests by default (the UpdatePanel uses POST operations) and they add a special application/json content type header that is checked.  The architects of the ASP.NET AJAX framework did a great job thinking this through and ensuring that the framework prevented these types of attacks "out of the box".

In this video tutorial I walk through the fundamentals of calling Web Services asynchronously from an ASP.NET page using the .NET 2.0 event driven model exposed by Web Service proxy objects.  There are several different options for calling Web Services asynchronously including polling, callbacks and wait handles, but the event driven model is quite easy to use and doesn't put as much pressure on the ASP.NET thread pool as the other options.

View the Video

I'm teaching the ASP.NET 2.0 Programming class at Interface Technical Training this week and had a few people ask questions about how to embed controls such as a DropDownList into a DetailsView and use it while in edit mode.  The sample code below demonstrates one way of doing this without resorting to VB.NET or C# code and shows how the <%# Bind("FieldName") %> data binding expression can be used.