CartLog In

Browse by Tags

> > > >
Application Security — Documents Are Untrusted Input
Application Security — Documents Are Untrusted Input
A .docx is a ZIP file Open a .docx file in a hex editor and the first two bytes are PK . Every modern Office format - .docx , .xlsx , .pptx - is a ZIP archive of XML parts and embedded resources. PDF is not a ZIP file, but just like Office formats it...
Oliver Sturm (DevExpress)
29 May 2026
.NET .net core Architecture ASP.NET Blazor Office File API Reporting security WinForms WPF XAF
Application Security — Stronger Hashes and Safer Passwords
Application Security — Stronger Hashes and Safer Passwords
Every application that stores passwords makes an implicit bet: that the hashing algorithm it chose will remain strong enough to resist attacks for as long as those hashes exist. It’s worth revisiting that bet regularly. This post walks through the reasoning...
Oliver Sturm (DevExpress)
17 April 2026
.NET .net core Architecture ASP.NET Blazor Dashboard Data Access Office File API Reporting security WinForms WPF XAF
Application Security — Why One Does Not Simply Protect a Data Store Connection String and Other Login Credentials?
Application Security — Why One Does Not Simply Protect a Data Store Connection String and Other Login Credentials?
A developer asks: “How do I protect my connection string in a desktop application?” This is one of the most common security questions in .NET development, and it sounds like it should have a straightforward answer. But there is a fundamental problem we...
Oliver Sturm (DevExpress)
2 April 2026
.NET .net core Architecture Backend Data Access database Desktop Frontend Middle Tier ORM RDBMS REST security webapi windows WinForms WPF
.NET — About NuGet Package Audit and "False-Positive" Security Warnings
.NET — About NuGet Package Audit and "False-Positive" Security Warnings
Over the last few years, the commitment to `information security` has evolved in a positive direction - more organizations taking a far more serious posture when it comes to system security and its associated risks. Software development processes are...
Dennis Garavsky (DevExpress)
17 July 2024
.NET .net core .NET MAUI ASP.NET Dashboards NuGet Reporting security WinForms WPF XAF
.NET and .NET Framework — Migration from Newtonsoft.Json to System.Text.Json (v24.1)
.NET and .NET Framework — Migration from Newtonsoft.Json to System.Text.Json (v24.1)
What Will Change in v24.1 In our v24.1 release cycle (set to ship in June 2024), the following DevExpress products will use Microsoft’s System.Text.Json instead of Newtonsoft.Json for JSON serialization-related tasks in runtime code : Data Access Library...
Dennis Garavsky (DevExpress)
1 April 2024
.NET .net 6 .NET 8 .net core ASP.NET ASP.NET Core Blazor C# Dashboards DevExtreme installation installer Maps Reporting Roadmap security Survey v24.1 Web WinForms WPF XAF
Modern Desktop Apps And Their Complex Architectures
Modern Desktop Apps And Their Complex Architectures
Back in 2002, the world was exciting for Windows desktop application developers: Microsoft released the .NET Framework! With it came the completely new language C# (do you remember it was called Cool prior to the release?) as well as various new subsystems...
Oliver Sturm (DevExpress)
9 February 2024
.NET .net core Architecture Asynchronous Backend Data Access Desktop Frontend Middle Tier REST security webapi windows WinForms WPF
XAF - .NET App Security & Web API Service Benchmark for EF Core and XPO ORM
XAF - .NET App Security & Web API Service Benchmark for EF Core and XPO ORM
Hope you are all doing well. We created this GitHub project to test the performance of XAF's Security System for the two Object-Relational Mapping (ORM) libraries. We tested these libraries with BenchmarkDotNet : Microsoft Entity Framework Core (EF Core...
Dennis Garavsky (DevExpress)
23 March 2021
access control ASP.NET authentication authorization EF EF Core Entity Framework non-XAF permissions RBAC RLS roles security WinForms WPF XAF XPO
XAF - Role-based Access Control & User Authentication API for .NET Apps Powered by the XPO and EF Core ORM
XAF - Role-based Access Control & User Authentication API for .NET Apps Powered by the XPO and EF Core ORM
UPDATED: .NET App Security API (Role-based Access Control) is available free-of-charge (versions 21.2.x and 22.1.x). We recently began a series of posts designed to explain XAF’s security system and how it can be used in non-XAF .NET apps powered by DevExpress...
Dennis Garavsky (DevExpress)
17 July 2019
access control ASP.NET authentication authorization Console EF EF Core Entity Framework Featured non-XAF permissions RBAC RLS roles security WCF WinForms WPF XAF XPO
More Posts

Featured Posts

DevExpress Developer Survey — AI Impact, Regulatory Compliance, Upgrade & General Product Experience
Dennis Garavsky (DevExpress)
SBOMs for CRA Compliance in DevExpress-Based Apps — Preview Now Open
Alex Chuev (DevExpress)
Microsoft Multilingual App Toolkit (MAT) Has Been Deprecated: What’s Next for DevExpress-Powered App Localization?
Dennis Garavsky (DevExpress)

Popular Topics

Subscribe