CartLog In

Browse by Tags

> > > >
Application Security — Documents Are Untrusted Input
Application Security — Documents Are Untrusted Input
A .docx is a ZIP file Open a .docx file in a hex editor and the first two bytes are PK . Every modern Office format - .docx , .xlsx , .pptx - is a ZIP archive of XML parts and embedded resources. PDF is not a ZIP file, but just like Office formats it...
Oliver Sturm (DevExpress)
29 May 2026
.NET .net core Architecture ASP.NET Blazor Office File API Reporting security WinForms WPF XAF
Application Security — Stronger Hashes and Safer Passwords
Application Security — Stronger Hashes and Safer Passwords
Every application that stores passwords makes an implicit bet: that the hashing algorithm it chose will remain strong enough to resist attacks for as long as those hashes exist. It’s worth revisiting that bet regularly. This post walks through the reasoning...
Oliver Sturm (DevExpress)
17 April 2026
.NET .net core Architecture ASP.NET Blazor Dashboard Data Access Office File API Reporting security WinForms WPF XAF
Application Security — Why One Does Not Simply Protect a Data Store Connection String and Other Login Credentials?
Application Security — Why One Does Not Simply Protect a Data Store Connection String and Other Login Credentials?
A developer asks: “How do I protect my connection string in a desktop application?” This is one of the most common security questions in .NET development, and it sounds like it should have a straightforward answer. But there is a fundamental problem we...
Oliver Sturm (DevExpress)
2 April 2026
.NET .net core Architecture Backend Data Access database Desktop Frontend Middle Tier ORM RDBMS REST security webapi windows WinForms WPF
Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) — Authorization Code Flow (Part 4)
Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) — Authorization Code Flow (Part 4)
This post is the next installment in my series titled Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) . The content relates to my previously published post Modern Desktop Apps And Their Complex Architectures...
Oliver Sturm (DevExpress)
6 March 2025
.NET access control authentication authorization EF ef core Entity Framework keycloak rbac REST security webapi WinForms
Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) — Authenticate Users and Protect Data (Part 3)
Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) — Authenticate Users and Protect Data (Part 3)
This post is the next installment in my series titled Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) . The content relates to my previously published post Modern Desktop Apps And Their Complex Architectures...
Oliver Sturm (DevExpress)
14 October 2024
.NET access control authentication authorization EF ef core Entity Framework keycloak rbac REST security webapi WinForms
WinForms — Connect a .NET Desktop Client to a Middle Tier Security Server (EF Core with WebSockets)
WinForms — Connect a .NET Desktop Client to a Middle Tier Security Server (EF Core with WebSockets)
Series Overview This article is the second in a series of posts for teams who wish to build .NET desktop applications that communicate securely with backend services. Table of Contents Intro — Modern Desktop Apps And Their Complex Architectures Choosing...
Bogdan Kharchenko (DevExpress)
18 September 2024
.NET access control ASP.NET authentication authorization EF EFCore Entity Framework grid rbac security web api webapi WinForms XAF
XAF (Cross-Platform .NET App UI & Web API Service) — Year-End Roadmap (v24.2)
XAF (Cross-Platform .NET App UI & Web API Service) — Year-End Roadmap (v24.2)
UPDATE: What's New in XAF (v24.2) | June 2025 Roadmap (v25.1) As always, thank you for choosing XAF . We appreciate your support. This blog post outlines some of our XAF-related development plans for the second half of 2024 (v24.2). Strategically, our...
Dennis Garavsky (DevExpress)
21 July 2024
.NET .NET 8 .NET 9 .net core 2024 asp.net Core blazor EF Core Entity Framework future OData Performance roadmap security v24.2 web api WinForms XAF XPO
WinForms — Connect a .NET Desktop Client to a Secure Backend Web API Service (EF Core with OData)
WinForms — Connect a .NET Desktop Client to a Secure Backend Web API Service (EF Core with OData)
Series Overview As you may recall from an earlier post (Modern Desktop Apps And Their Complex Architectures), we want to help guide our loyal WinForms/WPF/VCL/.NET MAUI/XAF customers through new/tightened security requirements (and associated complexities...
Dennis Garavsky (DevExpress)
17 July 2024
.NET access control ASP.NET authentication authorization EF EFCore Entity Framework odata rbac security web api webapi WinForms XAF
.NET — About NuGet Package Audit and "False-Positive" Security Warnings
.NET — About NuGet Package Audit and "False-Positive" Security Warnings
Over the last few years, the commitment to `information security` has evolved in a positive direction - more organizations taking a far more serious posture when it comes to system security and its associated risks. Software development processes are...
Dennis Garavsky (DevExpress)
17 July 2024
.NET .net core .NET MAUI ASP.NET Dashboards NuGet Reporting security WinForms WPF XAF
.NET and .NET Framework — Migration from Newtonsoft.Json to System.Text.Json (v24.1)
.NET and .NET Framework — Migration from Newtonsoft.Json to System.Text.Json (v24.1)
What Will Change in v24.1 In our v24.1 release cycle (set to ship in June 2024), the following DevExpress products will use Microsoft’s System.Text.Json instead of Newtonsoft.Json for JSON serialization-related tasks in runtime code : Data Access Library...
Dennis Garavsky (DevExpress)
1 April 2024
.NET .net 6 .NET 8 .net core ASP.NET ASP.NET Core Blazor C# Dashboards DevExtreme installation installer Maps Reporting Roadmap security Survey v24.1 Web WinForms WPF XAF
More Posts

Featured Posts

DevExpress Developer Survey — AI Impact, Regulatory Compliance, Upgrade & General Product Experience
Dennis Garavsky (DevExpress)
SBOMs for CRA Compliance in DevExpress-Based Apps — Preview Now Open
Alex Chuev (DevExpress)
Microsoft Multilingual App Toolkit (MAT) Has Been Deprecated: What’s Next for DevExpress-Powered App Localization?
Dennis Garavsky (DevExpress)

Popular Topics

Subscribe