1. IT-Security >
  2. Programmierung


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Programmierung


Suchen

News RSS Quellen: 35x
News Kategorien unterhalb von Programmierung: 1x
News RSS Feeds dieser Programmierung Kategorie: RSS Feed Programmierung
Benutze Feedly zum Abonieren.Folge uns auf feedly
Download RSS Feed App für Windows 10 Store (Leider gibt es nicht mehr viele Extensions mit welchen Sie RSS-Feeds in einer Software abonieren können. Der Browser Support für RSS-Feeds wurde eingestellt (Firefox,Chrome).

Eigene IT Security Webseite / Blog / Quelle hinzufügen

Seitennavigation

Seite 1 von 658 Seiten (Bei Beitrag 1 - 35)
23.015x Beiträge in dieser Kategorie

Nächste 2 Seite | Letzte Seite

[ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ]

Top Stories from the Microsoft DevOps Community – 2019.10.18

Zur Kategorie wechselnProgrammierung vom | Quelle: devblogs.microsoft.com Direktlink direkt öffnen

It is the fall conference season, which means that this blog may be brought to you from a different geographical location every week. This week I had the privilege of speaking at All Things Open, and a chance to visit our Raleigh, NC office for the first time ever. Are you participating in any fun events this fall?

To mix things up, this week’s newsletter is featuring a few videos, but we will start with some blogs.

Azure DevOps Migration Tools
Azure DevOps Migration Tools is a community project building tools that allow you to migrate Teams, Backlogs, Tasks, Test Cases, and Plans & Suits from one Project to another in Azure DevOps / TFS both within the same Organization, and between Organizations. It’s been very useful to people in this community who are working with large organizations. The new version v8.3.0 came out a few days ago! It supports restarting the migration, and migrating work items between Team Projects. Huge thanks to all the project contributors!

Azure DevOps – how to package a simple DLL?
Many organizations are starting to move towards internal open source, but the most common way of sharing code across the organization is still via shared libraries. This post from Antti K. Koskela shows a YAML pipeline for building a NuGet package and pushing it to a NuGet feed. Needless to say, the package feed could be hosted on Azure Artifacts. Thank you, Antti!

Tasktop Integration Hub – ServiceNow to Azure DevOps
In many cases, software development bottlenecks are caused by process and communication issues, rather than technical challenges. Tasktop is a product that helps integrate enterprise software delivery tools with operations management tools. This short video features an integration between Service Now and Azure DevOps using Tasktop. The Tasktop Integration Hub provides a two-way sync between Service Now and Work Items in Azure Boards, automatically synchronize IDs, progress statuses, comments, attachments, and other information. So much less process overhead!

Fortify on Demand – New Azure DevOps Features and Functionality
Application security is the top of mind for tech leads and executives alike. Fortify on Demand is a Micro Focus product that offers application security as a service, providing a range of security assessments. This video walks through the integration between Azure DevOps and Fortify on Demand (FOD), kicking off an FOD scan from an Azure Pipeline and verifying that the FOD policy was met before the Build can pass.

Three things to keep in mind when using Azure DevOps Pipelines
When introducing team members to new technical tools, we often focus on step by step instructions and forget the bigger picture. This video from Matthew Shiroma at Nebulaworks dives into three important concepts for setting up Continuous Integration and Continuous Delivery using Azure Pipelines – variable scopes, CI/CD triggers, and Task Groups. Thanks for a great conceptual overview, Matthew!

If you’ve written an article about Azure DevOps or find some great content about DevOps on Azure, please share it with the #AzureDevOps hashtag on Twitter!

The post Top Stories from the Microsoft DevOps Community – 2019.10.18 appeared first on Azure DevOps Blog.


News Bewertung

Weiterlesen Weiterlesen

How Containerized SQL Server Makes Development Easier

Zur Kategorie wechselnProgrammierung vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Upcoming SameSite Cookie Changes in ASP.NET and ASP.NET Core

Zur Kategorie wechselnProgrammierung vom | Quelle: devblogs.microsoft.com Direktlink direkt öffnen

SameSite is a 2016 extension to HTTP cookies intended to mitigate cross site request forgery (CSRF). The original design as was a feature web sites would opt into by adding the new parameters, not setting the SameSite property, or setting it to value of Laxindicated the cookie should be sent on navigation within the same site, or through GET navigation to your site from other sites. A value of Strict limited the cookie to requests only from the same site. .NET 4.7.2 and ASP.NET Core 2.0 added support for the SameSite property. OIDC and other features which send POST requests from an external site to the site requesting a login use cookies for correlation and CSRF protection and needed to opt-out of SameSite by not setting the property.

Google is now updating the standard and implementing their proposed changes in Chrome in a method. The change adds a new SameSite value, “None”, and changes the default behavior to “Lax”. This breaks OIDC logins, and potentially other features your web site may rely on, these features will have to use cookies whose SameSite property is set to a value of “None”. However browsers which adhere to the original standard and are unaware of the new value have a different behavior to browsers which use the new standard as the SameSite standard states that if a browser sees a value for SameSite it does not understand it should treat that value as “Strict”. This means your .NET website will now have to add user agent sniffing to decide whether you send the new None value, or not send the attribute at all.

.NET will issue updates to change the behavior of its SameSite attribute behavior in .NET 4.7.2 and in .NET Core 2.1 and above to reflect Google’s introduction of a new value. The updates for the .NET Framework will be available on November 19th as an optional update via Microsoft Update and WSUS if you use the “Check for Update” functionality. On December 10th it will become widely available and appear in Microsoft Update without you having to specifically check for updates. .NET Core updates will be available with .NET Core 3.1 starting with preview 1, in November.

.NET Core 3.1 will contain an updated enum definition, SameSite.Unspecified which will not set the SameSite property.

The OIDC middleware for Katana v4 and .NET Core will be updated at the same time as their .NET Framework and .NET updates however we cannot introduce the user agent sniffing code into the framework, this must be implemented in your site code. The implementation of agent sniffing will vary according to what version of ASP.NET or ASP.NET Core you are using and the browsers you wish to support.

For ASP.NET 4.72 Katana agent sniffing should be implemented in an implementation of ICookieManager;

public class SameSiteCookieManager : ICookieManager
{
  private readonly ICookieManager _innerManager;

  public SameSiteCookieManager() : this(new CookieManager())
  {
  }

  public SameSiteCookieManager(ICookieManager innerManager)
  {
    _innerManager = innerManager;
  }

  public void AppendResponseCookie(IOwinContext context, string key, string value,
                                   CookieOptions options)
  {
    CheckSameSite(context, options);
    _innerManager.AppendResponseCookie(context, key, value, options);
}

  public void DeleteCookie(IOwinContext context, string key, CookieOptions options)
  {
    CheckSameSite(context, options);
    _innerManager.DeleteCookie(context, key, options);
  }

  public string GetRequestCookie(IOwinContext context, string key)
  {
    return _innerManager.GetRequestCookie(context, key);
  }

  private void CheckSameSite(IOwinContext context, CookieOptions options)
  {
    if (DisallowsSameSiteNone(context) && options.SameSite == SameSiteMode.None)
    {
        options.SameSite = null;
    }
  }

  public static bool DisallowsSameSiteNone(IOwinContext context)
  {
    // TODO: Use your User Agent library of choice here.
    var userAgent = context.Request.Headers["User-Agent"];
    return userAgent.Contains("BrokenUserAgent") ||
           userAgent.Contains("BrokenUserAgent2")
  }
}

And then configure OIDC settings to use the new CookieManager;

app.UseOpenIdConnectAuthentication(
    new OpenIdConnectAuthenticationOptions
    {
    // … Your preexisting options … 
    CookieManager = new SameSiteCookieManager(new SystemWebCookieManager())
});

For ASP.NET Core you should implement the sniffing code within a cookie policy

private void CheckSameSite(HttpContext httpContext, CookieOptions options)
{
    if (options.SameSite > SameSiteMode.Unspecified)
    {
        var userAgent = httpContext.Request.Headers["User-Agent"].ToString();
        // TODO: Use your User Agent library of choice here.
        if (/* UserAgent doesn’t support new behavior /*)
        {
               // For .NET Core < 3.1 set SameSite = -1
               options.SameSite = SameSiteMode.Unspecified;
         }
    }
}

public void ConfigureServices(IServiceCollection services)
{
    services.Configure<CookiePolicyOptions>(options =>
    {
        options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
        options.OnAppendCookie = cookieContext => 
            CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
        options.OnDeleteCookie = cookieContext => 
            CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
    });
}

public void Configure(IApplicationBuilder app)
{
    app.UseCookiePolicy(); // Before UseAuthentication or anything else that writes cookies.
    app.UseAuthentication();
    // …
}

Under testing with the Azure Active Directory team we have found the following checks work for all the common user agents that Azure Active Directory sees that don’t understand the new value.

public static bool DisallowsSameSiteNone(string userAgent)
{
    // Cover all iOS based browsers here. This includes:
    // - Safari on iOS 12 for iPhone, iPod Touch, iPad
    // - WkWebview on iOS 12 for iPhone, iPod Touch, iPad
    // - Chrome on iOS 12 for iPhone, iPod Touch, iPad
    // All of which are broken by SameSite=None, because they use the iOS networking stack
    if (userAgent.Contains("CPU iPhone OS 12") || userAgent.Contains("iPad; CPU OS 12"))
    {
        return true;
    }

    // Cover Mac OS X based browsers that use the Mac OS networking stack. This includes:
    // - Safari on Mac OS X.
    // This does not include:
    // - Chrome on Mac OS X
    // Because they do not use the Mac OS networking stack.
    if (userAgent.Contains("Macintosh; Intel Mac OS X 10_14") && 
        userAgent.Contains("Version/") && userAgent.Contains("Safari"))
    {
        return true;
    }

    // Cover Chrome 50-69, because some versions are broken by SameSite=None, 
    // and none in this range require it.
    // Note: this covers some pre-Chromium Edge versions, 
    // but pre-Chromium Edge does not require SameSite=None.
    if (userAgent.Contains("Chrome/5") || userAgent.Contains("Chrome/6"))
    {
        return true;
    }

    return false;
}

This browser list is by no means canonical and you should validate that the common browsers and other user agents your system supports behave as expected once the update is in place.

Chrome is scheduled to turn on the new behavior in February or March 2020, with a temporary mitigation in Chrome 79 Beta. If you want to test against known breaking browsers older versions of Chromium are available for download, Chromium 76 and Chromium 74 both will exhibit the incompatible behavior with the new standard.

If you cannot update your framework versions by the time Chrome turns the new behavior in early 2020 you may be able to change your ODIC flow to a Code flow, rather than the default implicit flow that ASP.NET and ASP.NET Core uses, but this should be viewed as a temporary measure.

We strongly encourage you to download the updated .NET Framework and .NET Core versions and start planning your update now, before Chrome’s changes are rolled out.

The post Upcoming SameSite Cookie Changes in ASP.NET and ASP.NET Core appeared first on ASP.NET Blog.


News Bewertung

Weiterlesen Weiterlesen

Emulator 29.2.5 Canary

Zur Kategorie wechselnProgrammierung vom | Quelle: androidstudio.googleblog.com Direktlink direkt öffnen

Emulator 29.2.5 is now available in the Canary and Dev channels. Changes:
  • Fixed potential emulator freezes related to gralloc buffer destruction.
  • Improved performance of glMapBufferRange and glUnmapBuffer (requires new system image).
  • Fixed potential issues with ADB APK installer / file pusher UI code not running on the UI thread.
  • Wear AVDs now default to using the AC charger.
  • For API < 16, we now force host side rendering (either with host GPU or Swiftshader). This should resolve issues with black screens on these images.
  • Fixed issue when emulator would get stuck closing if a gRPC endpoint was created.
  • Whenever the emulator has a fatal abort message, we now print in the console in addition to generating the crash report dialog. This should make such events more visible.
AMD users on Windows: Since 29.2.4, we've made a preview of a hypervisor that does not require using Hyper-V and has performance on par with HAXM. Sideload link
  • Be on an AMD CPU.
  • Ensure that WHPX/Hyper-V are disabled. This requires a system restart.
  • Running the silent install script will install the hypervisor driver.
  • The emulator should be able to run after that, assuming it is 29.2.3 or later.
  • Running the silent install script with -u will uninstall the driver.
  • In a future Studio canary, we will make this hypervisor driver available in the SDK manager.
Since last week, we've also made the following changes to the Container Scripts (background):
  • Authentication is now required to use the remote streaming emulator. This is an extra step, but it makes it easier to stream the emulator in more environments.
  • Cleaned up and updated documentation.
  • Known issue: Note that while the streaming client can be built and used on macOS, the containers themselves are not intended for running on macOS as nested CPU virtualization is required, which is not currently supported in macOS Docker.

News Bewertung

Weiterlesen Weiterlesen

Java on Visual Studio Code October Update

Zur Kategorie wechselnProgrammierung vom | Quelle: devblogs.microsoft.com Direktlink direkt öffnen

Welcome to the October update of Java on Visual Studio Code! This month, we’re bringing some new features for code navigation, code actions and refactoring, code snippet along with Java 13 support. There’re also improvements in debugger, maven, checkstyle and Test Runner. Please checkout and let us know what you think!

Code Navigation

Go to super implementation
You can now keep track of class implementations and overriding methods by clicking the Go to Super Implementation link when hover.

See the code navigation in action.

Code Actions

A couple new code actions have been added to VS Code for Java recently.

Create non existing package

Now when your package name doesn’t match the folder name, you have the options to either change the package name in your code, or move the folder in file system (even when the destination folder doesn’t exist yet).

Add quick fix for non accessible references

This quick fix helps you resolve non accessible reference

Automatically trigger auto-import on paste

If you paste blocks of code that contain references to classes or static methods and fields that are not yet imported, VS Code now can automatically add missing imports. The new feature is enabled via the java.actionsOnPaste.organizeImports preference in VS Code preferences. If true (the default value), triggers “Organize imports” when Java code is pasted into an empty file.

Refactoring

Inline refactoring

The Inline refactoring lets you reverse the refactoring for a local variable, method, and constant.

Convert for-loop to for-each loop

The enhanced for-loop is a popular feature. Its simple structure allows you to simplify code by presenting for-loops that visit each element of an array/collection without explicitly expressing how one goes from element to element.

Convert anonymous class to nested class

This refactoring allows you to convert an anonymous class into a named inner class.

Deprecation tags for symbols and completions

Java extension now shows source code that references deprecated types or members with a strike-through line.

Code Snippets

Now VS Code Java supports server side code snippets, which means it will provide more code snippets options in a context aware way. You can also also see more detailed information during the preview of code snippets during selection.

Java 13 support

Java 13 is out and VS Code is ready for it. It supports Java 13 through latest Java Extension. For developers use Java 12 with preview features, you will need to upgrade to JDK 13 to keep working with them.

Debugger

Show Run/Debug when hover

In case you don’t like the Run/Debug button on the Code Lens of your main method, but still want easy access to the functionality, you can now configure to disable the Code Lens but still accessible by hover.

In this release, we’ve also made a lot of improvements in error handling and message to help user resolve issues during debugging. One example is to add fix suggestions when a build failure occurs when launching the program.

By clicking Fix... a list of suggestions would be provided.

A more detailed troubleshooting guide is also provided.

Maven Support

Resolve unknown type

Maven extension now supports searching Maven Central to resolve unknown type in your code. You can achieve this easily by clicking the link in hover.

Other improvements in Maven extension includes

  1. Enable search artifact by groupId and/or artifactId when auto completing dependency.
  2. Add inline action buttons in Maven explorer. Add icons for Maven explorer items.

Checkstyle

Enhanced setting configuration command

Checkstyle: Set the Checkstyle Configuration command will now detect potential Checkstyle configuration files and list them. You can also provide a configuration file by directly writing a URL in the input box now.

Setting checkstyle version support

A new command Checkstyle: Set the Checkstyle Version is added to the extension. It supports:

  • List the latest Checkstyle version from main repo.
  • List all the download versions.
  • List all the supported versions.
  • Mark the currently used version with a check symbol.

When the version is too high (with breaking changes) for a user defined checkstyle configuration.

And when the version is too low (with new features) for google_check.xml fetched from checkstyle master branch.

Other improvements

  1. Provide more granularity of progress of loading project. We’re working on making the language server more transparent with what it’s working on behind the scene.
  2. Test Runner updates
    • Add java.test.saveAllBeforeLaunchTest setting to specify whether to automatically save the files before launching the tests.
    • Add java.test.forceBuildBeforeLaunchTest setting to specify whether to automatically build the workspace before launching the tests.

Sign up

If you’d like to follow the latest of Java on VS Code, please provide your email with us using the form below. We will send out updates and tips every couple weeks and invite you to test our unreleased feature and provide feedback early on.

Try it out

Please don’t hesitate to give it a try! Your feedback and suggestions are very important to us and will help shape our product in future.

The post Java on Visual Studio Code October Update appeared first on Visual Studio Blog.


News Bewertung

Weiterlesen Weiterlesen

How to use Azure Bastion to connect securely to your Azure VMs | Azure Friday

Zur Kategorie wechselnProgrammierung vom | Quelle: channel9.msdn.com Direktlink direkt öffnen

Using a bastion host can help limit threats such as port scanning and other types of malware targeting your VMs. Ashish Jain joins Scott Hanselman to show how Azure Bastion gives you secure and seamless RDP and SSH access to your virtual machines. Now you can securely access your VMs over SSL from the Azure portal and without exposing public IP addresses.


News Bewertung

Weiterlesen Weiterlesen

English Google Webmaster Central office-hours from October 18, 2019

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Fall .NET Core Survey

Zur Kategorie wechselnProgrammierung vom | Quelle: devblogs.microsoft.com Direktlink direkt öffnen

It’s been a busy time for .NET Core – we just shipped 3.0, and are currently working on a few updates for v3.1 (due in November.) As we turn our attention to .NET Core 5.0, we want to take a step back and see what you are doing with .NET Core and how we can make it even better.

We have put together a quick survey that will help us understand our customer base a bit better, how you are using .NET core, and what we can do to improve it. So please head over to Survey Monkey and help shape the future of .NET Core.

Surveys help give us a breadth view of .NET Core users, but we also want to understand in more depth what challenges you face in your projects, so if you are willing to participate in more detailed feedback, please provide your contact details in the survey.

Thank you for your contribution.

The post Fall .NET Core Survey appeared first on .NET Blog.


News Bewertung

Weiterlesen Weiterlesen

How Thinking in Python Made Me a Better Software Engineer

Zur Kategorie wechselnProgrammierung vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Bring Stunning Animations to Your Apps with Lottie | Xamarin Developer Summit

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Accessibility in Xamarin.Forms | Xamarin Developer Summit

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Build a mobile chatbot with Xamarin & Bot Framework | Xamarin Developer Summit

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Backgrounding Like a Boss with Shiny | Xamarin Developer Summit

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Recent Site Isolation improvements

Zur Kategorie wechselnProgrammierung vom | Quelle: blog.chromium.org Direktlink direkt öffnen

In July 2018 we launched Site Isolation in Chrome as a way to secure desktop browsers against the risk of side-channel attacks like Spectre. We recently published a USENIX Security conference paper highlighting the benefits of this launch. Today, we are pleased to announce further improvements we've rolled out in Chrome 77:
  • Chrome for Android has enabled Site Isolation for sites where users enter passwords.
  • On desktop platforms, Site Isolation now helps defend against attacks from fully compromised renderer processes, not just side-channel attacks.

Site Isolation on Android

Chrome 77 has brought Site Isolation and its benefits to Android users. Like Site Isolation on desktop, this launch leverages OS processes to make it harder for attackers to steal data from other websites. In particular, it offers the most effective defense against Spectre-like CPU vulnerabilities.


We wanted to ensure that Site Isolation does not adversely affect user experience in a resource-constrained environment like Android. This is why, unlike desktop platforms where we isolate all sites, Chrome on Android uses a slimmer form of Site Isolation, protecting fewer sites to keep overhead low. More specifically, Site Isolation is turned on only for high-value sites where users log in with a password. This protects sites with sensitive data that users likely care about, such as banks or shopping sites, while allowing process sharing among less critical sites.


Once Chrome observes a password interaction on a website, future visits to that site will be protected by Site Isolation. That means the site will be rendered in its own dedicated renderer process, walled off from other sites. Navigations to other sites will cause a tab to switch processes, and cross-site iframes are put into a different process, becoming "out-of-process iframes." Chrome keeps a list of isolated sites stored locally on the device and clears the list whenever users clear their browsing history or other site data. To bootstrap, Chrome also isolates a crowdsourced list of sites where mobile users have been entering passwords most frequently.


For the most part, Site Isolation is a behind-the-scenes architectural change that should not change the experience for users or developers. As on desktop platforms, it does cause Chrome to create more processes, which comes with performance tradeoffs: on the plus side, each renderer process is smaller, shorter-lived, and has less contention internally, but there is about a 3-5% total memory overhead in real workloads. We continue to work hard to optimize this behavior to keep Chrome both fast and secure.


In Chrome 77, password-triggered Site Isolation has been enabled for 99% of users (with a 1% holdback to monitor and improve performance) on Android devices that have a sufficient amount of RAM (currently 2GB). While we investigate how to bring this support to more devices, users who desire the most complete protection for their devices may manually opt in to full Site Isolation via chrome://flags/#enable-site-per-process, which will isolate all websites but carry higher memory cost.


In the future, we plan to add support for more ways of detecting when a site should be protected by Site Isolation. For example, we're working on allowing website operators to opt in any site to Site Isolation, without requiring user login.

Containing Compromised Renderers

On desktop platforms, Site Isolation in Chrome 77 now helps defend against significantly stronger attacks. Our initial launch targeted Spectre-like attacks which could leak any data from a given renderer process. Site Isolation can now handle even severe attacks where the renderer process is fully compromised via a security bug, such as memory corruption bugs or Universal Cross-Site Scripting (UXSS) logic errors.


For example, suppose an attacker discovered and exploited a memory corruption bug in Chrome's rendering engine, Blink. The bug might allow them to run arbitrary native code within the sandboxed renderer process, no longer constrained by the security checks in Blink. However, Chrome's browser process knows what site the renderer process is dedicated to, so it can restrict which cookies, passwords, and site data the entire process is allowed to receive. This makes it far more difficult for attackers to steal cross-site data.


In Chrome 77, Site Isolation helps protect many types of sensitive data from such compromised renderer processes:
  • Authentication: Cookies and stored passwords can only be accessed by processes locked to the corresponding site.
  • Network data: Site Isolation uses Cross-Origin Read Blocking to filter sensitive resource types (e.g., HTML, XML, JSON, PDF) from a process, even if that process tries to lie to Chrome's network stack about its origin. Resources labeled with a Cross-Origin-Resource-Policy header are also protected.
  • Stored data and permissions: Renderer processes can only access stored data (e.g., localStorage) or permissions (e.g., microphone) based on the process's site lock. 
  • Cross-origin messaging: Chrome's browser process can verify the source origin of postMessage and BroadcastChannel messages, preventing the renderer process from lying about who sent the message.


We are continuing to improve compromised renderer protections in several ways:

  • Bringing these protections to Chrome for Android. This requires extra work to handle the case where only certain sites are isolated.
  • Protecting CSRF defenses. Sec-Fetch-Site and Origin request headers can be verified to prevent compromised renderers from forging them.
  • Protecting more types of data. We are investigating how to protect additional data types by default with Cross-Origin Read Blocking.
  • Removing exceptions. We are working to remove cases where these protections may not yet apply. For example, a small set of extensions still have broader cross-site access from content scripts, until they update to the new security model. We have already worked with extension authors to bring the affected Chrome user population down from 14% to 2%, as well as harden other extension security issues. Also, Site Isolation does not apply to Flash, which is currently disabled by default and is on a deprecation path.

We're excited about the improvements this brings to Chrome's overall security model. As a result, we are broadening the scope of the Chrome Vulnerability Reward Program to also cover cross-site data disclosure attacks that involve compromised renderers. For a limited time, security bugs affecting Site Isolation may be eligible for higher rewards than the usual amount for information disclosure bugs. We are grateful for the contributions from security researchers that we have received so far, and we look forward to working together further to improve the state of web security.




Posted by Alex Moshchuk and Łukasz Anforowicz, Site Isolators


News Bewertung

Weiterlesen Weiterlesen

It's just SQL: Native Backup and Restore | Data Exposed

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Finding and using color themes in Visual Studio

Zur Kategorie wechselnProgrammierung vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

German / Google Webmaster Central Sprechstunden auf Deutsch vom 17. Oktober 2019

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

It's just SQL: Native Backup and Restore | Data Exposed

Zur Kategorie wechselnProgrammierung vom | Quelle: channel9.msdn.com Direktlink direkt öffnen

Come see how easy it is to restore an existing SQL Database to Azure SQL Managed Instance.

More information: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-managed-instance.


News Bewertung

Weiterlesen Weiterlesen

User Interface Testing | DevOps for Mobile | On .NET

Zur Kategorie wechselnProgrammierung vom | Quelle: channel9.msdn.com Direktlink direkt öffnen

Join James Montemagno & Abel Wang in this installment of DevOps for Mobile Developers where they discuss how to perform user interface testing on iOS and Android apps with several popular testing frameworks. They walk through building a test locally and then integrating it into a continuous integration pipeline in Azure DevOps with App Center Test.

Show Links:

Useful Links:

News Bewertung

Weiterlesen Weiterlesen

Announcing the general availability of larger, more powerful standard file shares for Azure Files

Zur Kategorie wechselnProgrammierung vom | Quelle: azure.microsoft.com Direktlink direkt öffnen

Better scale and more power for IT professionals and developers!

We're excited to announce the general availability of larger, more powerful standard file shares for Azure Files. Azure Files is a secure, fully managed public cloud file storage with full range of data redundancy options and hybrid capabilities using Azure File Sync.

Here is a quick look at some of the improvements in the Azure Files standard file shares' capacity and performance.

1

With the release of large file shares, a single standard file share in a general purpose account can now support up to 100 TiB capacity, 10K IOPS, and 300 MiB/s throughput. All premium file shares in Azure FileStorage accounts currently support large file shares by default. If your workload is latency sensitive and requires a higher level of performance, you should consider Azure Files premium tier. Visit Azure Files scale limits documentation to get more details.

What’s new?

Since the preview of large file shares, we have been working on making the Azure Files experience even better. Large file shares now has:

  • Ability to upgrade existing general purpose storage accounts and existing file shares.
  • Ability to opt in for larger files shares at a storage account instead of subscription level.
  • Expanded regional coverage.
  • Support for both locally redundant and zonal redundant storages.
  • Improvements in the performance and scale of sync to work better with larger file shares. Visit Azure File Sync scalability targets to keep informed of the latest scale.

Pricing and availability

The increased capacity and scale of standard file shares on your general purpose accounts come at zero additional cost. Refer to the pricing page for further details.

Currently, standard large file shares support is available for locally redundant and zone redundant storages and available in 13 regions worldwide. We are quickly expanding the coverage to all Azure regions. Stay up to date on region availability by visiting Azure Files documentation.

Getting started

You no longer need to register your subscription for the large file shares feature.

New storage account

Create a new general purpose storage account in one of the supported regions on a supported redundancy option. While creating storage account, go to Advanced tab and enable Large file shares feature. See detailed steps on how to enable large file shares support on a new storage account. All new shares created under this new account will, by default, have 100 TiB capacity with increased scale.

2

 

Existing storage account

On an existing general purpose storage account that resides on one of the supported regions, go to Configuration, enable Large file shares feature, and hit Save. You can now update quota for existing shares under this upgraded account to more than 5 TiB. All new shares created under this upgraded account will, by default, have 100 TiB capacity with increased scale.

3

 

See detailed steps on how to enable large file shares support on an existing storage account.

Opting in your storage accounts into large file shares feature does not cause any disruption to your existing workloads, including Azure File Sync. Once opted in, you cannot disable the large files shares feature on your account.

Feedback

Please share your feedback on the Azure Storage forum or send us email at [email protected]. You can also post your ideas and suggestions about Azure Storage on our feedback forum.

Happy sharing!


News Bewertung

Weiterlesen Weiterlesen

SAP on Azure–Designing for Efficiency and Operations

Zur Kategorie wechselnProgrammierung vom | Quelle: azure.microsoft.com Direktlink direkt öffnen

This is the final blog in our four-part series on Designing A Great SAP on Azure Architecture.

Robust SAP on Azure Architectures are built on the pillars of Security, Performance and Scalability, Availability and Recoverability, and Efficiency and Operations.

Within this blog we will a cover a range of Azure services and a new GitHub repository which can support operational efficiencies for your SAP applications running on Azure.

Let’s get started.

Simplifying SAP Shared Storage architecture with Azure NetApp Files

A diagram showing the simplified SAP Shared Storage architecture.

Azure NetApp Files (ANF) can be used to simplify your SAP on Azure deployment architecture, providing an excellent use case for high availability (HA) of your SAP shared files based on Enterprise NFS.

SAP Shared Files are critical for SAP systems with high availability requirements and more than one application server. Additionally, SAP HANA scale-out systems also require a common set of shared files i.e.

  •  /sapmnt which stores SAP kernel files, profiles and job logs.
  •  /hana/shared, which houses binaries, configuration files and traces for SAP HANA scale-out.

Prior to Azure NetApp Files, SAP on Azure customers running Linux with high availability requirements had to protect the SAP Shared Files using Pacemaker clusters and block replication devices. These setups were complex to manage and required a high degree of technical skills to administer. With the introduction of Azure NetApp Files, a Pacemaker cluster can be removed from the architecture which reduces landscape sprawl and maintenance efforts. Moreover, there is no longer a need to stripe disks nor configure block replication technologies for the SAP Shared Files. Rather, Azure NetApp Files volumes can be configured using Azure Portal, Azure CLI or PowerShell and mounted to the SAP Central Services clusters. Azure NetApp Files volumes can also be resized on the fly and protected by way of storage snapshots.

To simplify your SAP on Azure deployment architecture, we have published two scenarios for high availability of your SAP System Central Services and SAP shared files based on Azure NetApp Files with NFS.

High Availability for SAP NetWeaver on Azure VMs on Red Hat Enterprise Linux with Azure NetApp Files for SAP applications

High availability for SAP NetWeaver on Azure VMs on SUSE Linux Enterprise Server with Azure NetApp Files for SAP applications

Optimizing Dev, Test and Sandbox deployments with Azure Connector for SAP LaMa

Within a typical SAP estate, several application landscapes are often deployed i.e. ERP, SCM, BW etc. and there is an ongoing need to perform SAP system copies and SAP system refreshes, i.e. creating new SAP projects systems for technical/application releases or periodically refreshing QA systems from Production copies. The end-to-end process for SAP system copies and refreshes can be both time-consuming and labor intensive.

SAP LaMa Enterprise Edition can support operational efficiencies in this area where several steps involved in the SAP system copy or refresh can be automated. Our Azure Connector for LaMa enables copying, deletion and relocation of Azure Managed Disks to help your SAP operations team perform SAP system copies and system refreshes rapidly reducing manual efforts.

In terms of virtual machines (VMs) operations, the Azure Connector for LaMa can be used to reduce the run costs for your SAP estate on Azure. You can stop (deallocate) and start your SAP virtual machines which enables you to run certain workloads with a reduced utilization profile i.e. though the LaMa interface scheduling your SAP S/4HANA sandbox virtual machine to be online from 08:00-18:00, 10 hours per day instead of running 24 hours. Furthermore, the Azure Connector for LaMa also allows you to resize your virtual machine when performance demands arise directly from within LaMa.

Save Time and Reduce Errors by Automating SAP Deployments

The manual deployment of your SAP infrastructure and software installation can be time consuming, tedious and error prone. One of the major benefits of Azure is the ability to automate your SAP infrastructure deployment i.e. virtual machines, storage and the installation of your SAP software. Automation reduces errors and deviation and facilitates programmatic and accelerated SAP deployments. As a customer, you have a wide range of automation tools available natively on Azure such as Azure Resource Manager templates and you can also create deployment scripts via both PowerShell and Azure CLI. Moreover, you also have the option to leverage your favorite configuration management tools.

We have included some links below as a kick-starter around Azure automation for your SAP deployment.

Get a Holistic View with Azure Monitor for SAP Solutions

SAP on Azure customers can now benefit from having a central location to monitor infrastructure telemetry as well as database metrics. We have enhanced our Azure Monitor functionality to include SAP Solutions monitoring. This enhancement on Azure Monitor covers both SAP on Azure virtual machines (VMs) and our bare-metal HANA Large Instances (HLI) offering. Azure Monitor for SAP Solution capabilities include:

  •  Monitoring the health & utilization of infrastructure
  •  Correlation of data between infrastructure and the SAP database for troubleshooting
  •  Trending data to identify patterns enabling proactive remediation

Azure Monitor for SAP Solutions does not run an agent on the SAP HANA VM or HLI. Instead, it deploys a managed resource group within your customer subscription which contains resources to collects telemetry from the SAP HANA server and in-turn ingest the data into Azure’s Log Analytics.

Some of the components deployed in managed resource group are:

  • Azure Key Vault – used to store customer secrets such as database credentials
  • User-Assigned Identity – assigned to Key Vault as access policy
  • Log Analytics – workspace to collect and analyze monitoring telemetry
  • Collector Virtual Machine– runs the logic to collect telemetry from the SAP HANA database server

Our vision here is to enable a single point of monitoring and analysis where your infrastructure and SAP telemetries coincide to ease issue identification and implement remediations before any fatal outage occurs. A simple example is where the memory utilization trajectory is going critical and SAP HANA starts experiencing column unload., When this happens, an alert is triggered to inform the administrators before the issue exacerbates.

At October 2019, Azure Monitor for SAP is able to collect statistics from SAP HANA and is currently in Private Preview, therefore, please reach out to your Microsoft Account team should you have interest in this service.

Additional resources for optimizing your SAP deployments

The AzureCAT SAP Deployment Engineering team provides deep engagement on customer projects where we help our customers successfully deploy their SAP applications on Azure with quality. Throughout the project lifecycle, there can be times where remediation or optimizations of a customer’s SAP deployment architecture is required. For example:

  •  Lifting the Resilience of the SAP Deployment Architecture:

A scenario can arise where a customer may have deployed their SAP system in single instance virtual machines (SLA 99.9 percent) rather than a high availability configuration via Azure Availability Sets (SLA 99.95 percent). Now the customer has a need to move to an Availability Set configuration while retaining their existing network (IP, vNIC) and data disks.

  • Performance Optimization:

An SAP on Azure customer is already running in Production and would now like to benefit from Proximity Placement Groups to optimize the network performance between their SAP Application and Database virtual machines.

  •  Availability Zones Selection:

A customer requires guidance to select the optimum Azure Availability Zones to minimize network Round-Trip-Time and facilitate a recovery point objective of zero (sync) for their SAP database.

To address the above topics (and more), we have created a new GitHub repository. This repository will be enduring, and our customers and partners can expect new scripts to land on an ongoing basis to support operational efficiencies of SAP deployments on Azure.

Closing

This blog closes out our series on Designing a Great SAP on Azure Architecture. We hope you’ve enjoyed our latest offerings to efficiently operate your SAP assets on Azure and as always, change is the only constant in the world of clouds and we are here to accommodate the change and make it simpler.

As a next step, we recommend you check-out our SAP on Azure Getting Started page.

For the previous blogs in the series you can refer to the links below:


News Bewertung

Weiterlesen Weiterlesen

Last Chance to Register! Don’t Miss These Awesome Experiences at SDC19.

Zur Kategorie wechselnProgrammierung vom | Quelle: program.developer.samsung.com Direktlink direkt öffnen

Inspiration abounds at Samsung Developer Conference. Get your imagination and learn on with these experiences and exhibits.
News Bewertung

Weiterlesen Weiterlesen

Wie sich der stationäre Modehandel mit Online-Lösungen ankurbeln lässt

Zur Kategorie wechselnProgrammierung vom | Quelle: thinkwithgoogle.com Direktlink direkt öffnen

Der deutsche Modeeinzelhandel befindet sich aktuell im wohl größten Umbruch seiner Geschichte. Während Onlineshops überdurchschnittliche Wachstumsraten verzeichnen, geht das Geschäft im stationären Handel immer weiter zurück. Kreative Lösungen sind gefragt, um modeaffine Käufer, deren Shoppingverhalten sich grundlegend verändert hat, von sich zu überzeugen.
News Bewertung

Weiterlesen Weiterlesen

How To Build a Microservice Without Losing a Job

Zur Kategorie wechselnProgrammierung vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

DM Verity Algorithm Change

Zur Kategorie wechselnProgrammierung vom | Quelle: blog.chromium.org Direktlink direkt öffnen

One of the foundational security features of Chromebooks is Verified Boot, which protects our users from potentially malicious software being run on their devices. The last chain of verification in this process is to validate the integrity of the root file system (rootfs). This blog post describes a recent enhancement to this rootfs validation to increase the cryptographic strength against attackers. This enhancement was carefully implemented to ensure that it didn’t negatively impact the startup time of Chromebooks.

Chrome OS uses DM Verity [1] to verify the rootfs authenticity. This is to protect against malicious software such as rootkits [2], as well as accidental corruptions. The underlying structure leverages a cryptographic hash tree approach along with a kernel crypto API. With the hash tree approach individual hashes of small blocks constituting the rootfs are computed first. Then the hash tree is built up to compute and verify a final hash value [3]. This incremental approach makes the verification process less resource intensive, and consequently faster.

Until recently, the underlying hash algorithm used by DM Verity in Chrome OS has been SHA1. However, SHA1 has been found to be vulnerable to attacks a few years ago [4] and more recently research by Google and the larger security community has demonstrated that SHA1 collisions are not just theory anymore but can happen in practice [5, 6, 7]. This necessitates the replacement of SHA1 with SHA2 or SHA3 when the use scenarios makes the attacks defined in the research studies feasible.

On the other hand, the risks to DM Verity due to collision attacks are arguably low. This is because DM Verity uses a hash tree structure with disk data blocks as leaves to obtain the final hash. And to turn the collision attack into an exploit for DM Verity, the attacker would need to develop malware that would fit into a single and specific block and produce the same hash value as the original block using a chosen prefix attack. This would be computationally expensive.
We decided to proactively upgrade DM Verity in Chrome OS to use SHA256 instead. Moving to SHA256 was difficult because it is computationally more expensive than SHA1 and potentially would have increased Chromebook boot time. This is why we spent significant time tuning our implementation and measuring its performance impact on a wide range of Chromebooks to ensure that you will get very similar performance with SHA256 that you had with SHA1 when you boot your Chromebook as shown here:



Kernel boot time comparison in ms for (1)Veyron-minnie, (2)Cyan, (3)Octopus, (4)Sarien, (5)Samus, (6)Clapper, (7)Eve, (8)Bob

With this change in place your Chromebook will be safer and remain blazing fast. This migration from SHA1 to SHA256 in DM Verity is ready to go and will be on Chromebooks starting with M77.

Posted by Betul Soysal, Chrome OS security software engineer

References:

  1. https://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot
  2. https://en.wikipedia.org/wiki/Rootkit
  3. https://source.android.com/security/verifiedboot/dm-verity
  4. https://en.wikipedia.org/wiki/SHA-1
  5. Stevens, Marc, Elie Bursztein, Pierre Karpman, Ange Albertini, and Yarik Markov. "The first collision for full SHA-1.(2017)." URL http://shattered. it/static/shattered. pdf 167 (2017): 169-177.
  6. Mezher, Monique, and Ahmed Ibrahim. "Introducing Practical SHA-1 Collisions to the Classroom." Proceedings of the 50th ACM Technical Symposium on Computer Science Education. ACM, 2019.
  7. Leurent, Gaëtan, and Thomas Peyrin. "From Collisions to Chosen-Prefix Collisions Application to Full SHA-1." In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 527-555. Springer, Cham, 2019.



News Bewertung

Weiterlesen Weiterlesen

Debug JavaScript in Microsoft Edge from Visual Studio

Zur Kategorie wechselnProgrammierung vom | Quelle: devblogs.microsoft.com Direktlink direkt öffnen

As you may know, the next version of Microsoft Edge will adopt the Chromium open source project to create better web compatibility and less fragmentation of different underlying web platforms. If you haven’t already, you can try out preview builds of Microsoft Edge from https://www.microsoftedgeinsider.com which is now available on Windows 10, 8.1, 8, 7, and macOS!

With Visual Studio today, you can already debug JavaScript running in the current version of Microsoft Edge, built on top of the EdgeHTML web platform. Starting with Visual Studio 2019 version 16.2, we’ve extended support to the preview builds of Microsoft Edge, which leverage Chromium. Head to visualstudio.com/downloads/ to download the latest Visual Studio now!

Visual Studio hearts Microsoft Edge
Visual Studio now supports debugging JavaScript running in Microsoft Edge!

 

Create a new ASP.NET Core Web Application

You can now debug JavaScript in Microsoft Edge for your ASP.NET Framework and ASP.NET Core applications. To try out this feature, let’s start by creating a new ASP.NET Core Web Application.

Screenshot of the "Create a new project" dialog in Visual Studio
Create a new project in Visual Studio and select ASP.NET Core Web Application.

 

To show off support for debugging JavaScript, we’ll use the React.js template which shows you how to integrate React.js with an ASP.NET Core application. Once your project has been created, open ClientApp/src/App.js which you’ll see is a React component for our app.

 

Using JavaScript to calculate the Fibonacci sequence

Let’s assume that as part of this app, a user will input the term in the Fibonacci sequence they want to know and our client-side JavaScript code will be responsible for calculating it and displaying the result to the user. The Fibonacci sequence is a series of numbers where each number is the sum of the two preceding ones, starting with 0 and 1.

Position 1 2 3 4 5 6 7
Value 0 1 1 2 3 5 8

 

To handle this calculation, let’s create a new Fibonacci component and add it to our app. Start by modifying App.js to import our soon-to-be-created Fibonacci component and route to it:

import React, { Component } from 'react';
import { Route } from 'react-router';
import { Layout } from './components/Layout';
import { Home } from './components/Home';
import { FetchData } from './components/FetchData';
import { Counter } from './components/Counter';
import { Fibonacci } from './components/Fibonacci';

export default class App extends Component {
  displayName = App.name

  render() {
    return (
      <Layout>
        <Route exact path='/' component={Home} />
        <Route path='/counter' component={Counter} />
        <Route path='/fetchdata' component={FetchData} />
        <Route path='/fibonacci' component={Fibonacci} />
      </Layout>
    );
  }
}

Now that our app will handle routing the /fibonacci endpoint, let’s modify the NavMenu to navigate to that endpoint. Open ClientApp/src/components/NavMenu.js and add this LinkContainer component at line 36:

<LinkContainer to={'/fibonacci'}>
  <NavItem>
    <Glyphicon glyph='alert' /> Fibonacci
  </NavItem>
</LinkContainer>

before the </Nav> tag. Now, you’ll be able to easily test our new /fibonacci route from the NavMenu. Finally, let’s create our Fibonacci component. Create a new JavaScript file (Ctrl+N) and save it as Fibonacci.js in the ClientApp/src/components/ folder. Add the code below to your new component:

import React, { Component } from 'react';

export class Fibonacci extends Component {
  displayName = Fibonacci.name

  constructor(props) {
    super(props);
    this.state = {
      n: 8,
      f_n: null,
    };
    this.calculateFibonacci = this.calculateFibonacci.bind(this);
  }

  calculateFibonacci() {
    var f_0 = 0;
    var f_1 = 1;
    for (var i = 3; i < this.state.n; i++) {
      var f_2 = f_0 + f_1;
      f_0 = f_1;
      f_1 = f_2;
    };
    this.setState({
      f_n: f_2
    })
    console.log("The " + i.toString() + "th Fibonnaci number is:", f_2);
  }
		
  render() {
    return (
      <div>
        <h1>Fibonacci</h1>
        <p>This is a simple example of a React component.</p>
        <p>The {this.state.n}th Fibonacci number is: <strong>{this.state.f_n}</strong></p>
        <button onClick={this.calculateFibonacci}>Calculate</button>
      </div>
    );
  }
}

Eventually, we’ll add a form to the render function for the user to supply n, the variable we’re using to represent the term in the Fibonacci sequence that they want to know. For now, just to test our logic, we’ll assume that the user wants to know what the 8th term in the sequence is, which is 13. Let’s build our app in the new Microsoft Edge to see if our code is calculating the right answer.

If you don’t have it installed already, head to https://www.microsoftedgeinsider.com to download the preview builds of Microsoft Edge. In Visual Studio, click the dropdown next to IIS Express and select the version of Microsoft Edge (Beta, Dev, or Canary) that you have installed. If you don’t see Microsoft Edge Beta, Dev or Canary in the dropdown, you may need to restart Visual Studio.

Screenshot of Visual Studio, selecting the Microsoft Edge Dev browser to launch
Select Microsoft Edge Beta, Dev, or Canary for Visual Studio to launch

Now click the green Play button or press F5 on your keyboard. Visual Studio will start your web application and Microsoft Edge will automatically launch and navigate to your app.

Screenshot of the app in Microsoft Edge
Your app is successfully running in Microsoft Edge!

You’ll see the entry we added for our Fibonacci component in the NavMenu on the left. Click on Fibonacci.

A screenshot of the Fibonacci component we added in Microsoft Edge
Microsoft Edge is showing the Fibonacci component we added

Now click the Calculate button.

Screenshot of Microsoft Edge where our Fibonacci component calculated the 8th term in the sequence as 8
Our Fibonacci component is calculating the 8th term in the sequence as 8

We know that the 8th term should be 13 but our code is saying that the 8th Fibonacci number is 8!

Debugging JavaScript in Visual Studio

Switching back to Visual Studio, since our calculateFibonacci() function prints to the Console, you can actually see that log in the Debug Output.

Screenshot of Visual Studio with our console.log statement shown in the Debug Output
You can see console.log statements from your client-side JavaScript code in Visual Studio’s Debug Output

To figure out where our code is going wrong, let’s set a breakpoint on Line 19 inside the for loop in Visual Studio. We’ll start by checking if our code is calculating the 3rd and 4th terms in the Fibonacci sequence correctly. Click the Restart button next to the Stop button or press Ctrl+Shift+F5 to bind the breakpoint and start debugging.

Note: If you have not enabled JavaScript debugging before, your JavaScript breakpoint will not bind successfully. Visual Studio will ask if you want to enable JavaScript debugging and then restart the debugging process and bind your breakpoint. Click Enable JavaScript Debugging (Debugging Will Stop and Restart).

Screenshot of Visual Studio asking if you want to enable JavaScript debugging
Click “Enable JavaScript Debugging” and Visual Studio will restart debugging

We know that the first two terms in the Fibonacci sequence are 0 and 1. The third term should also be 1. Switch from the Output view to Watch 1 and add f_2, f_1, and f_0 to watch. This is what Visual Studio should look like now:

Screenshot of Visual Studio with a breakpoint set on Line 19 in Fibonacci.js and f_0, f_1, f_2 added to Watch 1
Visual Studio is paused at Line 19 in Fibonacci.js and you can see the values of f_0, f_1, and f_2 in Watch 1

Click the Step Over button or press F10. You will now see that our code correctly calculated the third Fibonacci number, 1, as the value of f_2.

Position 3 4
Value 1 2
Did our function compute this term correctly? Checkmark

Let’s keep stepping to see if there’s a bug somewhere else in the loop. Step Over two more times and you should see both f_0 and f_1 are now equal to 1, which they need to be to calculate the 4th term in the sequence.

You will now see that our code is paused at Line 18. Let’s add i to our watch as it will tell us which term we’re computing in the Fibonacci sequence. Step Over one more time and you’ll see that the value of i is now 4. Now the code is checking to see if the value of i is less than n, the variable we’re using to represent which term in the Fibonacci sequence we’re trying to find. In this example, we’ve hardcoded n as 8 since we’re trying to calculate the 8th term in the sequence. Since 4 < 8, step over again and we’ll continue looping.

Step Over now and you should see that f_2 is now 2, and since i is 4, we know that our code has successfully computed the 4th term in the Fibonacci sequence as 2.

Position 3 4
Value 1 2
Did our function compute this term correctly? Checkmark Checkmark

We could keep stepping over and over again until we find the problem but since we’ve already proven that we’re calculating the 3rd and 4th terms in the Fibonnaci sequence correctly, let’s jump ahead to the 7th term since it’s the last term we calculate before we see the bug.

Using a conditional breakpoint to jump ahead in the for loop

Stop debugging for now by clicking the Stop button or pressing Shift+F5. Right click your breakpoint and select Conditions… or press Alt+F9. This will allow us to set a condition for our breakpoint and we’ll only break when that condition is true.

Screenshot of Visual Studio, adding a condition to the breakpoint you set on Line 19
You can add a condition to a breakpoint and that means you will only break execution when that condition is true.

Enter i == 7 as the condition we want to break on, which means we’ll only break in the last loop before we see the bug. Start your web app again by clicking the green Play button or pressing F5. This time, we’ll break only when i is 7. Here’s what Visual Studio looks like now:

A screenshot of Visual Studio, breaking on line 19 in Fibonacci.js when i is 7
With the conditional breakpoint, we only break when i is 7

Step over once and you will see that we’ve calculated the 7th term in the Fibonacci sequence correctly since f_2 is equal to 8.

Step over three times and we’ll now be paused at i < n. Since i is now 8, i < n actually evaluates to false which means we’re going to break out of the loop. We’ve found the bug: we aren’t going through the loop to calculate the 8th Fibonacci number!

We can fix this bug by changing the calculateFibonacci() function to:

calculateFibonacci() {
  var f_0 = 0;
  var f_1 = 1;
  for (var i = 3; i <= this.state.n; i++) {
    var f_2 = f_0 + f_1;
    f_0 = f_1;
    f_1 = f_2;
  };
  this.setState({
    f_n: f_2
  })
  console.log("The " + (i - 1).toString() + "th Fibonnaci number is:", f_2);
}

Now when i is 8, we’ll actually go through the for loop since since 8 <= 8. Remove the breakpoint, click the Restart button next to the Stop button or press Ctrl+Shift+F5. Click on Fibonacci in the NavMenu and click on the Calculate button to see that we’ve correctly calculated the 8th term in the Fibonacci sequence as 13! We did it!

A screenshot of your app in Microsoft Edge, correctly calculating the 8th Fibonacci term as 13
Your app in Microsoft Edge correctly calculated the 8th Fibonacci term as 13!

 

Attaching to Microsoft Edge

So far in this post, we’ve been using the green Play button in Visual Studio to build our web application, launch Microsoft Edge, and automatically have Edge navigate to our app. Starting in Visual Studio 2019 version 16.3 Preview 3, you can now attach the Visual Studio debugger to an already running instance of Microsoft Edge.

First, ensure that there are no running instances of Microsoft Edge. Now, from your terminal, run the following command:

start msedge –remote-debugging-port=9222

From Visual Studio, open the Debug menu and select Attach to Process or press Ctrl+Alt+P.

A screenshot of a computer Description automatically generated

From the Attach to Process dialog, set Connection type to Chrome devtools protocol websocket (no authentication). In the Connecting target textbox, type in http://localhost:9222/ and press Enter. You should see the list of open tabs you have in Microsoft Edge listed out in the Attach to Process dialog.

A screenshot of a computer screen Description automatically generated

Click Select… and check JavaScript (Microsoft Edge – Chromium). You can add tabs, navigate to new tabs, and close tabs and see those changes reflected in the Attach to Process dialog by clicking the Refresh button. Select the tab you want to debug and click Attach.

The Visual Studio debugger is now attached to Microsoft Edge! You can pause execution of JavaScript, set breakpoints, and see console.log() statements directly in the Debug Output window in Visual Studio.

Conclusion

To recap:

  • We created an ASP.NET Core web application in Visual Studio 2019 version 16.2 and built it in a preview build of Microsoft Edge
  • We added a new component to our web application that contained a bug
  • We found the bug by setting breakpoints and debugging our web app running in Microsoft Edge from Visual Studio!
  • We showed you how to attach the Visual Studio debugger to an existing instance of Microsoft Edge

We’re eager to learn more about how you work with JavaScript in Visual Studio! Please send us feedback by clicking the Feedback icon in Visual Studio or by tweeting @VisualStudio and @EdgeDevTools.

A close up of a screen Description automatically generated

The post Debug JavaScript in Microsoft Edge from Visual Studio appeared first on Visual Studio Blog.


News Bewertung

Weiterlesen Weiterlesen

The Cloud Native Show - LIVE: Ep. 1

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Announcing the general availability of Desktop Analytics

Zur Kategorie wechselnProgrammierung vom | Quelle: microsoft.com Direktlink direkt öffnen

Desktop Analytics—the cloud-connected service that helps IT professionals take a data-driven approach to Windows endpoint management—is now generally available.

The post Announcing the general availability of Desktop Analytics appeared first on Microsoft 365 Blog.


News Bewertung

Weiterlesen Weiterlesen

Partly Cloudy: Hello News (Intro, project structure, and HTTP requests)

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Hello News (Intro, project structure, and HTTP requests) | Partly Cloudy

Zur Kategorie wechselnProgrammierung vom | Quelle: channel9.msdn.com Direktlink direkt öffnen

Partly Cloudy is the show where you'll learn how to build a Xamarin.Forms app from scratch all the way through deploying it to the App Stores! Along the way you'll see some Azure goodness sprinkled in to make a fully enabled real-world mobile app.

In this first episode learn how a Xamarin.Forms project is structured and how to make HTTP requests to a local Azure function.

Show Links:

Useful Links:


News Bewertung

Weiterlesen Weiterlesen

Upcoming Scheduled Maintenance on October 20

Zur Kategorie wechselnProgrammierung vom | Quelle: developer.apple.com Direktlink direkt öffnen

We will be conducting scheduled maintenance on Sunday, October 20, 2019 at 6:00 a.m. PT for up to 8 hours. App Store Connect on the web, the App Store Connect app, the App Store Connect API, and the Developer ID notary service will be unavailable during this time. We apologize for any inconvenience and recommend that you make critical deliveries or changes on another day. Certificates, Identifiers & Profiles will remain available.For real-time status information for developer tools and services, you can check the System Status page.
News Bewertung

Weiterlesen Weiterlesen

Document Management Improvements: Vertical document tabs are here!

Zur Kategorie wechselnProgrammierung vom | Quelle: devblogs.microsoft.com Direktlink direkt öffnen

Demonstration of Vertical Tabs

We are excited to announce that the first preview of Vertical Document Tabs is available as part of Visual Studio version 16.4 Preview 2. Vertical tabs give you the option to better utilize horizontal screen space and at the same time gives more vertical space for your code. It lets you see more of your open document tabs and gives an intuitive and flexible way of ordering them.

Enabling Vertical Document Tabs

Vertical Tabs in Tools > Options

To try out vertical tabs, enable Vertical document tab layout feature by going to Tools > Options > Environment > Preview Features. Once the feature is enabled you will be able to see additional settings for vertical tabs under Tools > Options > Environment > Tabs and Windows and to easily change tab layouts between the three orientations (left, right, and top) with the document tab’s right-click context menu.

Two ways to change tab layout

What’s New in the Vertical Layout

While designing for the vertical layout, we took the opportunity to improve on today’s document management experience.

Easily Change Layouts

Easily switch your tabs to the left, to the right, and back to the top as needed with the right-click context menu.

Right-click context menu to change layout

Sorting

Take control of how your tabs will be opened. In addition to the default alphabetical sort, we’ve added the ability to have your tabs open via most recently opened as well. While alphabetical sort has a fixed order, most recently opened will allow you to rearrange the order of your tabs after opening them.

Change tab sort order

Vertical and Horizontal Document Groups

Vertical and horizontal document groups are also easily manageable with just one vertical tab well.

Vertical document groups with vertical document tabs

What’s Next?

Vertical Tabs

This is the first peek at the work we are doing in bringing vertical tabs to Visual Studio. For next steps, we will be monitoring all the feedback to identify any key missing features or enhancements needed for the feature.

Document Management

The Vertical Document Tabs feature is just one step in a larger effort to improve the document management experience in Visual Studio. We will be looking at other features that will help boost productivity like grouping, adding more sort types, and improving today’s horizontal tab experience. For a full list of suggestions we are tracking, take a look at this Developer Community ticket.

Try it out and let us know how we did!

Answer our survey here or through the Give Feedback link listed under our feature in Tools > Options > Environment > Preview Features > Vertical Document tab layout to help improve the feature.

The post Document Management Improvements: Vertical document tabs are here! appeared first on Visual Studio Blog.


News Bewertung

Weiterlesen Weiterlesen

Is a Hotdog a Sandwich? #AskGoogleWebmasters

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

German / Google Webmaster Central Sprechstunden fuer Publisher auf Deutsch vom 15.10.2019

Zur Kategorie wechselnVideo | Youtube vom | Quelle: youtube.com Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Trusted Cloud: security, privacy, compliance, resiliency, and IP

Zur Kategorie wechselnProgrammierung vom | Quelle: azure.microsoft.com Direktlink direkt öffnen

Can you trust your cloud provider? That’s a question being asked a lot of these days, and with the newest version of our popular white paper Trusted Cloud: Microsoft Azure security, privacy, compliance, resiliency, and protected IP we’ve worked to provide you answers.

When we first published Trusted Cloud in 2015, the paper was 13 pages long and covered security, privacy, and compliance. Since then we’ve updated Trusted Cloud several times, and our newest edition stretches to 42 pages and includes new sections on resiliency and intellectual property. We understand 42 pages is a lot, so now we’re also offering Trusted Cloud both as a single paper and as five separate papers.

Trusted Cloud

 

Security. The updated security section covers the multiple services that make up our defense-in-depth approach to security, including new services like our Security Information and Event Management (SIEM) offering, Azure Sentinel.

Compliance. Azure now offers an industry-leading 92 compliance offerings. We’ve seen tremendous growth in this area since the 21 offerings listed in the original 2015 paper. We’ve also added new services like Azure Blueprints, which provides you with templates to create, deploy, and update fully governed cloud environments to help meet compliance requirements.

Privacy. Since 2015, we’ve seen an explosion of interest in online privacy, and that led to impactful new regulations like the General Data Protection Regulation (GDPR). Get a detailed description of the stringent privacy practices and standards used by Azure, and the tools we offer customers to protect privacy.

Reliability and resiliency. This new section covers both reliability – keeping Azure performing dependably and consistently reliability – as well as resiliency – being able to respond to failures in a way that avoids downtime and data loss.

Intellectual property. The second new section outlines Azure’s unique protections intellectual property (IP), including software code. Our Azure intellectual property (IP) Advantage program provides the industry’s most comprehensive protection against intellectual property (IP) risks.

Download the entire paper:

Download the individual portions:


News Bewertung

Weiterlesen Weiterlesen

Seitennavigation

Seite 1 von 658 Seiten (Bei Beitrag 1 - 35)
23.015x Beiträge in dieser Kategorie

Nächste 2 Seite | Letzte Seite

[ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ]