daveharney (15) [Avatar] Offline
#1
In many commercial website projects, financial success comes down to the amount of rework that’s required to fix bugs. Customers of custom software projects don’t like paying the bill or giving good references for buggy software that fails to fulfill business requirements and design expectations. Identifying the cause of bugs is often more art than science and is more like police detective work than routine programming. Any good detective needs evidence and the author’s logging advice is an essential part of that process.

As I now only develop websites for small projects, my production sites tend to be on shared hosting servers where I have limited ability to control logging and can’t use some of the suggestions in this chapter. However, I’ve always found these shared servers have some level of individual logging ability and it definitely pays to find out what’s available and to activate it before deployment.

The next time I deploy a project, I’ll definitely revisit this Chapter 17.

Chapter 18 has some of the same limitations for projects on shared hosting servers. However, the author did a fine job of increasing my nightmare potential! Above all else, this chapter convinced me to stick with the standard Core Templates and standard EF Core. It also convinced me to explore HTTPS on my next deployment. Let’s Encrypt will be my first stop.

Although I’m using VS, I wasn’t successful in being able to us an IIS Express Development Certificate.

Chapter 18 also did a good job explaining XSS, CSRF, open redirects and CORS. And, now I understand the “returnURL” a lot better.

At the time of my reading, I didn’t find any sample code for these two chapters and it’s probably very difficult to put something together because of the reliance on specific hosting systems for some of the code. However, it would be helpful to see a basic project that illustrated some of the code constructs mentioned in the chapter – just a suggestion.
Andrew Lock (51) [Avatar] Offline
#2
Hi Dave,

There is source code for chapters 17 and 18! It's not up on Manning's website yet - I'll nudge them to upload it.

Andrew