Profiling a CoreCLR application with dotMemory

I had ported an application over to CoreCLR (that's a whole other blog post), along with my colleague James Humphries put it in a docker image and sat back and watched it do its thing. After 6 hours of running the docker container had crashed. Ah nuts we thought, so pulled up the logs from docker and the last line looked like this 2016-02-10T20:18:31.728783069Z Killed. I'm pretty sure when you have a log entry with Killed in it, things can't be good. To the interweb...

I opened up the CoreFX repository on Github to search for the term Killed and there were 2 comments but nothing that was logged out anywhere. I then Googled for docker and killed and there was an entry that someone else had spotted on their container and the feedback was essentially it was probably out of memory.


Introducing Negotiator - a GoLang content negotiation library

In my continued experience learning GoLang I started looking at how to best use it when dealing with HTTP. The idiomatic way to use GoLang and HTTP is to use the standard library which keeps things minimal but there are a few features missing. The first thing is a router. OOTB GoLang doesn't have a router and the majority seem to suggest using a package called Mux from Gorilla Toolkit, a set of libraries that aims to improve the standard library from Go. After having a play with it I didn't really warm to it so spent some time looking into the alternatives (and there are plenty!) and eventually decided upon Goji

Once I had started using Goji I then wanted to handle content negotiation in my HTTP handler. As I said earlier GoLang is minimal in its offerings OOTB and this is a good thing. Just for the record there are a few frameworks out there if you want/need and all encompassing framework such as Martini, Revel and Echo. These tend to bend the idioms of GoLang a bit and even the author of Martini blogged on this fact due to feedback from the community that although its capabilities are great they aren't idiomatic Go.


Introducing PoGo - a GoLang, Twitter favourites to Pocket importer

I've always kept myself up to date with the latest languages arriving on the scene and I've spent time in the past learning Node and last year I learnt Python by doing the Omnisharp plugin for Sublime. I have recently been looking for a static language that I can transfer my C# skills too and I had narrowed it down to 3; Swift, Kotlin and GoLang. I started out with Kotlin and setting up a dev environment with IntelliJ and running the koans that Jetbrains advise you step through to pick up the language. Whilst it seemed relatively straightforward I got "noob confused" when I saw examples of Java calling into Kotlin with get/set prefixes somehow magically added to Kotlin properties. It turns out the Kotlin compiler does this for Java libraries so it can communicate with it, to me it seemed strange that I code a library in one language and the compiler then exposes these methods and properties slightly differently. Superficial as this sounds I also didn't really like the mammoth that appears to be IntelliJ. Coming from a predominantly Visual Studio background but working with Omnisharp I wanted a lightweight editor with some refactoring, intellisense and error highlighting.


NancyFX and Hypermedia

I've been slowly educating my self on hypermedia; what it is, how does it help and how to use it. I must say I've found it a very interesting topic and I thought it was time I put some information into a blog post just in case the 2 people that read this blog might find it useful.

In my day job I'm responsible for a HTTP API (notice I didn't use REST) and some months ago I spoke to Glenn Block around a general discussion about hypermedia. Glenn put this on YouTube if you want to watch it.


Cookie Authentication & CRSF with AngularJs, Owin & Mono

I'm currently working on a project that has Nancy serving up an API. For the UI there is AngularJS. We were using JWT for authentication just to get us up and running but then as things became more final in the product we knew it would be better to swap to cookies for security plus we may as well leverage the browser capabilities for cookie handling. I'm not going to get into the arguments about JWT security vs cookie security, there are advantages/disadvantages for using both in this scenario. Our API is built on top of OWIN and Microsoft provide cookie middleware so I thought this would be nice and simple to plug in. Lets just remember I'm working on Mono!

In our Startup class I added the below

app.UseCookieAuthentication(new CookieAuthenticationOptions
    AuthenticationMode = AuthenticationMode.Active,
    CookieHttpOnly = true,
    CookieSecure = Microsoft.Owin.Security.Cookies.CookieSecureOption.SameAsRequest,
    SlidingExpiration = true,
    AuthenticationType = "MyCookie",
    CookieName = "MyCookie"

Hopefully thats pretty self explanatory. So I fired up my application and BOOM!