dasBlog Security Advisories

Dominick Baier has posted two security bullitens for dasBlog: Security Advisory: Log File Path Predictability in dasBlog Community Edition This issue may or may not affect you. On my host, this does not occur as they lock down /logs from anon users. Security Advisory : New XSS Vulnerability in dasBlog Community Edition This issue was…

0

dasBlog 1.7.5016.2 released

We’ve released dasBlog 1.7.5016.2. This is a release to address almost every bug that was reported since releasing 1.7.5016.1. There is an important Cross Site Security Vulnerability fix in this release and it’s recommended that everyone upgrade. Release Notes Version History Download If you are running 1.7 already, the upgrade is a good old xcopy….

6

dasBlog 1.7 questions and answers

First of all, the community reaction to dasBlog Community Edition 1.7 has been great! I’m delighted that people have been able to move with little trouble. However, a number of folks have asked some questions and I’d like to answer some of those. Question: What happened to the Attachment feature, and what is this new Enclosure…

2

dasBlog 1.7 released

Well, I’m a bit late to the party… but as Scott announced, dasBlog 1.7 is finished. There are numerous and substantial improvements in this version. Some of them were done months ago, and the most substantial came in the last 2 months as Scott and I feverishly whipped dasBlog into a fast asp.net app. We…

9

Referral Spam and Movable Type Blacklist

Well, just in time for a wave of referral spam that is hitting my blog (mostly from http://www.ownsthis.com) I spent part of today writing a class that can consume the Movable Type Blacklist. The class will allow you to download this file from the server periodically (no more than once a day). I have written…

3

RSS xhtml:body

A while ago there was some hubub about support for xhtml:body in the RSS item tag. Since all RSS aggregators must support the description tag, which contains all the escaped html content of the post, having another tag in the RSS feed that duplicates all this content into a tag that only some RSS readers…

1

Dying Thread on Trackbacks, Referrals and Pingbacks

Part 2 of 2 Bug 2: TrackingHandler Thread Dies Another problem that Scott Hanselman informed me of was that he would frequently stop receiving Trackbacks, Pingbacks and Referrals on his posts. Furthermore, it was intermittent. This was troubling since losing a Trackback means it’s lost forever. Well we went hunting in the code, and thanks…

3

DateTime.ToString(“yyyy-MM-dd”)

Recently I found the answer to two very hard questions about bugs in dasBlog. They were kinda tricky to figure out, but also really interesting (bug 2 will be in a follow up post) Bug 1: DateTime.ToString() One of the classes in dasBlog that stores information like Comments, Trackbacks and Pingbacks determines it’s filename like…

4

Enclosure support in dasBlog

Well, thanks to some encouragement from Jeff Sandquist, I just recently added Enclosure support to dasBlog. It was a bit tricky because RSS 2.0 only allows for a single enclosure per item. I didn’t want to get burned by the spec changing at some point, so dasBlog actually support any number of attachments, but only…

2

dasBlog 1.7 progress

Well I plan on spending the next few days getting together a beta of dasBlog 1.7. I’ve been slowly doing some work on dasBlog the past few months (emphasis on slowly). To be honest I was pretty close to closing up shop on dasBlog and eventually writing something new from scratch, mostly because I felt…

10