Last week I showed a peculiar XML Signature that validates even though the containing document was changed. The reason is that the signature lacks References. Before explaining what’s wrong with the signature – and with the validation code, we’ll have a look at how XML Signatures work.
XML DSig Primer
XML in general is a powerful beast, with so many options available that it quickly gets really complex. The XML Digital Signatures standard is no exception to that. The extra features complexity of XML DSig compared to other signature standard is that one or more different blocks of data can be signed by the same signature block. That data can be the containing XML Document, part of an XML document or some other resource such as a web page. In this post we’ll only look at signing resources in the document containing the signature.
Before looking at the role of code coverage, I’d like to take a few steps back and look at the objectives of testing.
When working properly with test driven development, no production code is written unless there is a failing test driving the change. As soon as the test pass, no addition of production code is allowed until there is again a failing test. If that principle is followed, there will simply be no production code that is not covered by a test.
My objective is to achieve high code quality.
My way of achieving that is TDD.
An effect of that is that I do get full code coverage.
With git, it’s possible to do things that must be considered pure magic for anyone using older version control systems. Learn 7 simple tricks that will help you take the leap beyond commit, push and pull and let you leverage the powers of git. With these 7 tricks, you will be the git Wizard of the office.
This is a summary of my talk at Tech Days Sweden 2015. The explanations here are very brief, if you would like me to explain anything of this in more detail in a separate post, please leave a comment.
Even though there is no SQL Client tooling installed on a machine, PowerShell can be used to execute SQL. I recently had to verify that I had been granted Dbo rights on a database that was on a server only reachable from a web server. The web server of course had no SQL tooling whatsoever installed. To do that I created a small Powershell script that only relies on the .NET Framework.
The typical recommendation for executing SQL commands from powershell is to use the Invoke-Sqlcmd cmdlet. I’m sure its a good tool, but unfortunately it isn’t installed by default. Sometimes installing extra software is not an option, so instead I’ve used PowerShell’s built in capability to create and use .NET objects. The Sql client objects are included in the default .NET framework installation, so this should work on any Windows machine.