WinJS : JavaScript library from Microsoft

WinJS

The Windows Library for JavaScript (abbreviated as WinJS) is an open source JavaScript library developed by Microsoft. It has been designed with the primary goal to ease development of Windows Store apps for Windows 8 and Windows Phone apps for Windows Phone 8.1 and Xbox One[1] applications using HTML5 and JavaScript, as an alternative to using XAML and C#, VB.NET or C++ (CX).

What is WinJS?
WinJS is an open-source JavaScript library that can assist you in building HTML, CSS, and JavaScript applications for the Windows Store with a consistent look and performance across all Windows devices. WinJS will work in any browser and can be used as a standalone solution or with other frameworks and libraries.

What can WinJS do?
WinJS makes it possible to add Windows UI controls in HTML, such as ListView, FlipView, and Semantic Zoom, features like virtualizing collections, and high-quality infrastructure like page controls, promises, data-binding, and a template engine.

Where can I use WinJS?
Use WinJS not only for your Universal Windows apps with HTML/JS, but also for your websites, and when using HTML-based app technologies like Apache Cordova. The library consists of modules that bring JavaScript coding conventions to Windows Runtime functionality.

Node.js is a required component of building WinJS on your local machine. Presumably, by working on top of Node, WinJS is able to deal especially well with asynchronous tasks, like chat and other user interactions, within apps.

Try WinJS here.

Humanizer

Humanizer

Humanizer meets all your .NET needs for manipulating and displaying strings, enums, dates, times, timespans, numbers and quantities.

One can install Humanizer as a nuget package: 

Install-Package Humanizer

Features

• Humanize: Humanize string extensions allow you turn an otherwise computerized string into a more readable human-friendly one.
• Dehumanize: Much like you can humanize a computer friendly into human friendly string you can dehumanize a human friendly string into a computer friendly one
• Transform: There is a Transform method that supersedes LetterCasing, ApplyCase and Humanize overloads that accept LetterCasing.
• Truncate: You can truncate a string using the Truncate method
• Humanize DateTime: You can Humanize an instance of DateTime and get back a string telling how far back or forward in time.

• Inflector methods: There are also a few inflector methods:
• Pluralize: Pluralize pluralizes the provided input while taking irregular and uncountable words into consideration.
• Singularize: Singularize singularizes the provided input while taking irregular and uncountable words into consideration.
• ToQuantity: Many times you want to call Singularize and Pluralize to prefix a word with a number; e.g. "2 requests", "3 men".
• Ordinalize: Ordinalize turns a number into an ordinal string used to denote the position in an ordered sequence such as 1st, 2nd, 3rd, 4th.

• Number to words: Humanizer can change numbers to words using the ToWords extension

Few examples of above features:

• "PascalCaseInputStringIsTurnedIntoSentence".Humanize() => "Pascal case input string is turned into sentence"
• "CanReturnTitleCase".Humanize(LetterCasing.Title) => "Can Return Title Case"
• "Pascal case input string is turned into sentence".Dehumanize() => "PascalCaseInputStringIsTurnedIntoSentence"
• "Sentence casing".Transform(To.SentenceCase) => "Sentence casing"
• "Long text to truncate".Truncate(10) => "Long text…"
• "Long text to truncate".Truncate(2, Truncator.FixedNumberOfWords, TruncateFrom.Left) => "…to truncate"
• DateTime.UtcNow.AddHours(30).Humanize() => "tomorrow"
• DateTime.UtcNow.AddHours(2).Humanize() => "2 hours from now"
• "Man".Pluralize() => "Men"
• "Men".Singularize() => "Man"
• "case".ToQuantity(0) => "0 cases"
• 1.Ordinalize() => "1st"
• 122.ToWords() => "one hundred and twenty-two"

You can download from here also.

Anti-Cross Site Scripting Library (AntiXSS)

Before understanding Anti-Cross Site Scripting Library (AntiXSS) let us understand Cross-Site Scripting(XSS).

Cross-site Scripting (XSS)

Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it.

An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by your browser and used with that site. These scripts can even rewrite the content of the HTML page.

Cross-Site Scripting (XSS) attacks occur when:

1. Data enters a Web application through an untrusted source, most frequently a web request.

2. The data is included in dynamic content that is sent to a web user without being validated for malicious code.

The malicious content sent to the web browser often takes the form of a segment of JavaScript, but may also include HTML, Flash or any other type of code that the browser may execute. The variety of attacks based on XSS is almost limitless, but they commonly include transmitting private data like cookies or other session information to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user's machine under the guise of the vulnerable site.

Anti-Cross Site Scripting Library

AntiXSS helps you to protect your current applications from cross-site scripting attacks, at the same time helping you to protect your legacy application with its Security Runtime Engine. AntiXSS incorporates radically and innovatively rethought features, offering you a newer, more powerful weapon against the often employed cross-site scripting (XSS) attack. AntiXSS gives you:

• Improved Performance. AntiXSS has been completely rewritten with performance in mind, and yet retains the fundamental protection from XSS attacks that you have come to rely on for your applications.
• Secure Globalization. The web is a global market place, and cross-site scripting is a global issue. An attack can be coded anywhere, and Anti-XSS now protects against XSS attacks coded in dozens of languages.
• Standards Compliance. AntiXSS is written to comply with modern web standards. You can protect your web application without adversely affecting its UI.

How it works?

Proper output encoding and good input validation will fix the XSS issue. For output encoding use AntiXSS Library for its comprehensive encoding capabilities. AntiXSS works by looking at all the characters in the input and encoding characters not in the whitelist.

XSS Vulnerability:

Response.Write(Request.Params["input"]);

To prevent XSS, we need to use below code (AntiXSS):

AntiXss.UrlEncode(TextBox1.Text)

AntiXss.HtmlAttributeEncode(TextBox1.Text)

AntiXss.XmlEncode(TextBox1.Text)

AntiXss.JavaScriptEncode(item)

You can download AntiXSS library from here.

CodeProject

Portable Class Libraries in .Net

Portable Class Libraries 

The Portable Class Library project enables you to write and build managed assemblies that work on more than one .NET Framework platform. You can create classes that contain code you wish to share across many projects, such as shared business logic, and then reference those classes from different types of projects.

Using the Portable Class Library project, you can build portable assemblies that work without modification on the .NET Framework, Silverlight, Windows Phone 7, or Xbox 360 platforms. Without the Portable Class Library project, you must target a single platform and then manually rework the class library for other platforms. The Portable Class Library project supports a subset of assemblies from these platforms, and provides a Visual Studio template that makes it possible to build assemblies that run without modification on these platforms.

Note: Portable Class Libraries are now built into Visual Studio 11. For Visual Studio 2010 one needs to install this add-in from Visual Studio Gallery.

Reference: 

How to Make Portable Class Libraries Work for You

Cross-Platform Portable Class Libraries with .NET are Happening

TypeScript

TypeScript

TypeScript is a free and open source programming language developed by Microsoft. It is a strict superset of JavaScript, and essentially adds optional static typing and class-based object oriented programming to the language. Anders Hejlsberg, lead architect of C#, has worked on development of TypeScript.

TypeScript is a language for application-scale JavaScript development. TypeScript is a typed superset of JavaScript that compiles to plain JavaScript.Any browser. Any host. Any OS. Open Source.

TypeScript supports header files which add type information to existing JavaScript libraries, extending its benefits to popular libraries like jQuery, MongoDB, Node.js, and D3.js.

TypeScript is a language extension that adds features to JavaScript.

• Type annotations and compile-time type checking
• Classes
• Interfaces
• Modules
• Abbreviated "arrow" syntax for anonymous functions

Enterprise Library 6.0 released

Enterprise Library 6.0

What's New

This major release of this Enterprise Library contains many compelling new features and updates that will make developers and IT professionals more productive. Two new application blocks are:

• Semantic Logging Application Block.
• Transient Fault Handling Application Block (this application block was previously a part of the Enterprise Library Integration Pack for Windows Azure; in this release it has been generalized and updated to the latest technologies).

Other major new features include:

• New programmatic configuration that doesn’t require a container.
• AsynchronousTraceListenerWrapper for the Logging Application Block, which enables existing listeners to write messages asynchronously.
• JSON formatter for the Logging Application Block.

The new Unity Application Block includes improvements like:

• Registration by convention.
• Support for NetCore (Windows Store apps).
• Resolving objects of type Lazy.
• The Unity assembly is now Security Transparent.
• Support for ASP.NET MVC and ASP.NET Web API.

Note, this release of Enterprise Library retired the following application blocks:

• Caching Application Block
• Cryptography Application Block
• Security Application Block

Few server-side JavaScript libraries

Server-side JavaScript means that the server portion of a web application is written in JavaScript.

Below are few JavaScript libraries:

Node.js

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

Rhino

Rhino is an open-source implementation of JavaScript written entirely in Java. It is typically embedded into Java applications to provide scripting to end users. It is embedded in J2SE 6 as the default Java scripting engine.

CommonJS

JavaScript is a powerful object oriented language with some of the fastest dynamic language interpreters around. The official JavaScript specification defines APIs for some objects that are useful for building browser-based applications. However, the spec does not define a standard library that is useful for building a broader range of applications.

You can use JavaScript to write:

• ·         Server-side JavaScript applications
• ·         Command line tools
• ·         Desktop GUI-based applications
• ·         Hybrid applications (Titanium, Adobe AIR)

Socket.IO

Socket.IO aims to make realtime apps possible in every browser and mobile device, blurring the differences between the different transport mechanisms. It's care-free realtime 100% in JavaScript.

Ejscript

Ejscript™ is a compact, fast and powerful implementation of JavaScript. It fully complies with the ECMAScript Edition 3 specification, and adds enhancements such as modules, class declarations, optional typing, and a rich system library.

The Ejscript Web framework has a Model/View/Controller (MVC) paradigm and supports SQL databases with an integrated ORM layer. It has a library of Ajax view controls, templating engine, automatic validations and integrated jQuery support. It is the ideal language for rapid development of Server-Side JavaScript applications.