WebMantras

Windows Internet Explorer 9 introduces pinned sites, a feature with which you can integrate your websites with the Windows 7 desktop. With pinned sites enabled for a website, users can pin that site to the Windows 7 taskbar or add the site to the desktop or Start menu. Pinned sites enable easy access to favorite websites and add shortcut functionality similar to that found in Microsoft Windows applications.

The following code example uses meta elements to customize the pinned site shortcut with a name, tooltip, start URL, initial window size, and navigation button color.

1. Name the Pinned Site for Windows
   Without this rule, Windows will use the page title as the name for your application.
   <meta name="application-name" content="Sample Title">
2. Give Your Pinned Site a TooltipYou know — a tooltip. A little textbox that appears when the user holds their mouse over your Pinned Site’s icon.
   <meta name="msapplication-tooltip" content="A description of what this site does.">
3. Set a Default Page for Your Pinned Site
   If the site should go to a specific URL when it is pinned (such as the homepage), enter it here.
   <meta name="msapplication-starturl" content="http://www.example.com/index.html?pinned=true">
4. Recolor Internet Explorer’s Controls Manually
   IE9 will automatically use the overall color of your Pinned Site’s favicon to shade its browser buttons. UNLESS you give it another color here. Only use named colors (“red”) or hex colors (“#f00″).
   <meta name="msapplication-navbutton-color" content="#f00">
5. Manually Set the Window Size of a Pinned Site
   If the site should open at a certain window size once pinned, you can specify the dimensions here. It only supports static pixel dimensions. 800×600 minimum.
   <meta name="msapplication-window" content="width=800;height=600">
6. Jump List (Right-Click) “Tasks”
   Add Jump List Tasks that will appear when the Pinned Site’s icon gets a right-click. Each Task goes to the specified URL, and gets its own mini icon (essentially a favicon, a 16×16 .ICO). You can add as many of these as you need.
   <meta name="msapplication-task" content="name=Task 1;action-uri=http://host/Page1.html;icon-uri=http://host/icon1.ico">

   <meta name=”msapplication-task” content=”name=Task 2;action-uri=http://microsoft.com/Page2.html;icon-uri=http://host/icon2.ico”>

Reference:

1. Pinned Sites: Windows 7 Desktop Integration with Internet Explorer 9
2. IE9 Pinned Sites

By using this nifty protocol-relative URL trick

web.config configuration best practice rules for making web pages fast and secure

Node.js is a server-side JavaScript environment that uses an asynchronous event-driven model. Node is built on top of Google’s V8 JavaScript engine. Google V8 actually compiles JavaScript into native machine code prior to execution, resulting in extremely fast runtime performance. Node enables you to rapidly build network apps that are lightning fast and highly concurrent.

Node.js and “event-driven” programming is best explained by this post using two analogies

Related Links:

1. Beginners Guide
2. Bad and Good Use cases for Node.js
3. Understanding node.js
4. Node.js for Java developers

Recently Windows Live introduced Single-Use code a very simple and effective way to Sign-In to your Live account from a public computer like at the library or school. You can now use a Single-Use Code instead of your password for added security.

Requesting a Single-Use Code:
Each Single-Use Code can be used only one time, but you can request one whenever you need one. When you request a Single-Use Code, you receive it in a text message to a mobile phone number that you’ve added to your Windows Live account.

HP Web Security Research Group in coordination with the Microsoft Security Response Center has created a Free downloadable tool called Scrawlr which is is short for SQL Injector and Crawler.

Scrawlr crawls a website to detect SQL Injection vulnerabilities on pages that hackers can discover using a simple crawler or Google query. It supports many file types.

Limitations:

1. Only tests for SQL Injection vulnerabilities and only tests the query string parameters of  URLs
2. It does not submit forms (no POST parameters) nor audit them
3. It will crawl a max of 1500 URLs
4. It also does not interpret JavaScript or Flash
5. Does not keep state or use Cookies
6. No authentication support

Related Links:

1. The HP Security Laboratory Blog Post
2. Download Scrawlr (Registration Required)
3. Scawlr FAQs