Skip to content


Should our front-end websites be server-side at all?

Decaying Code - Maxime Rouiller - 1 hour 23 min ago

I’ve been toying around with projects like Jekyll, Hexo and even some hand-rolled software that will generate me HTML files based on data. The thought that crossed my mind was…

Why do we need dynamically generated HTML again?

Let me take examples and build my case.

Example 1: Blog

Of course the simpler examples like blogs could literally all be static. If you need comments, then you could go with a system like Disqus. This is quite literally one of the only part of your system that is dynamic.

RSS feed? Generated from posts. Posts themselves? Could be automatically generated from a databases or Markdown files periodically. The resulting output can be hosted on a Raspberry Pi without any issues.

Example 2: E-Commerce

This one is more of a problem. Here are the things that don’t change a lot. Products. OK, they may change but do you need to have your site updated right this second? Can it wait a minute? Then all the “product pages” could literally be static pages.

Product reviews? They will need to be “approved” anyway before you want them live. Put them in a servier-side queue, and regenerate the product page with the updated review once it’s done.

There’s 3 things that I see that would require to be dynamic in this scenario.

Search, Checkout and Reviews. Search because as your products scales up, so does your data. Doing the search client side won’t scale at any level. Checkout because we are now handling an actual order and it needs a server components. Reviews because we’ll need to approve and publish them.

In this scenario, only the Search is the actual “Read” component that is now server side. Everything else? Pre-generated. Even if the search is bringing you the list of product dynamically, it can still end up on a static page.

All the other write components? Queued server side to be processed by the business itself with either Azure or an off-site component.

All the backend side of the business (managing products, availability, sales, whatnot, etc.) will need a management UI that will be 100% dynamic (read/write).


So… do we need dynamic front-end with the latest server framework? On the public facing too or just the backend?

If you want to discuss it, Tweet me at @MaximRouiller.

Categories: Blogs

You should not be using WebComponents yet

Decaying Code - Maxime Rouiller - 1 hour 23 min ago

Have you read about WebComponents? It sounds like something that we all tried to achieve on the web since... well... a long time.

If you take a look at the specification, it's hosted on the W3C website. It smell like a real specification. It looks like a real specification.

The only issue is that Web Components is really four specifications. Let's take a look at all four of them.

Reviewing the specificationsHTML Templates


This specific specification is not part of the "Web components" section. It has been integrated in HTML5. Henceforth, this one is safe.

Custom Elements


This specification is for review and not for implementation!

Alright no let's not touch this yet.

Shadow DOM


This specification is for review and not for implementation!

Wow. Okay so this is out of the window too.

HTML Imports


This one is still a working draft so it hasn't been retired or anything yet. Sounds good!

Getting into more details

So open all of those specifications. Go ahead. I want you to read one section in particular and it's the author/editors section. What do we learn? That those specs were draft, edited and all done by the Google Chrome Team. Except maybe HTML Templates which has Tony Ross (previously PM on the Internet Explorer Team).

What about browser support?

Chrome has all the spec already implemented.

Firefox implemented it but put it behind a flag (about:config, search for properties dom.webcomponents.enabled)

Internet Explorer, they are all Under Consideration

What that tells us

Google is pushing for a standard. Hard. They built the spec, pushing the spec also very hary since all of this is available in Chrome STABLE right now. No other vendors has contributed to the spec itself. Polymer is also a project that is built around WebComponents and it's built by... well the Chrome team.

That tells me that nobody right now should be implementing this in production. If you want to contribute to the spec, fine. But WebComponents are not to be used.

Otherwise, we're only getting in the same issue we were in 10-20 years ago with Internet Explorer and we know it's a painful path.

What is wrong right now with WebComponents

First, it's not cross platform. We handled that in the past. That's not something to stop us.

Second, the current specification is being implemented in Chrome as if it was recommended by the W3C (it is not). Which may lead us to change in the specification which may render your current implementation completely inoperable.

Third, there's no guarantee that the current spec is going to even be accepted by the other browsers. If we get there and Chrome doesn't move, we're back to Internet Explorer 6 era but this time with Chrome.

What should I do?

As for what "Production" is concerned, do not use WebComponents directly. Also, avoid Polymer as it's only a simple wrapper around WebComponents (even with the polyfills).

Use other framework that abstract away the WebComponents part. Frameworks like X-Tag or Brick. That way you can benefit from the feature without learning a specification that may be obsolete very quickly or not implemented at all.

Categories: Blogs

Fix: Error occurred during a cryptographic operation.

Decaying Code - Maxime Rouiller - 1 hour 23 min ago

Have you ever had this error while switching between projects using the Identity authentication?

Are you still wondering what it is and why it happens?

Clear your cookies. The FedAuth cookie is encrypted using the defined machine key in your web.config. If there is none defined in your web.config, it will use a common one. If the key used to encrypt isn't the same used to decrypt?

Boom goes the dynamite.

Categories: Blogs

Renewed MVP ASP.NET/IIS 2015

Decaying Code - Maxime Rouiller - 1 hour 23 min ago

Well there it goes again. It was just confirmed that I am renewed as an MVP for the next 12 months.

Becoming an MVP is not an easy task. Offline conferences, blogs, Twitter, helping manage a user group. All of this is done in my free time and it requires a lot of time.But I'm so glad to be part of the big MVP family once again!

Thanks to all of you who interacted with me last year, let's do it again this year!

Categories: Blogs

Failed to delete web hosting plan Default: Server farm 'Default' cannot be deleted because it has sites assigned to it

Decaying Code - Maxime Rouiller - 1 hour 23 min ago

So I had this issue where I was moving web apps between hosting plans. As they were all transferred, I wondered why it refused to delete them with this error message.

After a few click left and right and a lot of wasted time, I found this blog post that provides a script to help you debug and the exact explanation as to why it doesn't work.

To make things quick, it's all about "Deployment Slots". Among other things, they have their own serverFarm setting and they will not change when you change their parents in Powershell (haven't tried by the portal).

Here's a copy of the script from Harikharan Krishnaraju for future references:

Switch-AzureMode AzureResourceManager
$Resource = Get-AzureResource

foreach ($item in $Resource)
	if ($item.ResourceType -Match "Microsoft.Web/sites/slots")
		$plan=(Get-AzureResource -Name $item.Name -ResourceGroupName $item.ResourceGroupName -ResourceType $item.ResourceType -ParentResource $item.ParentResource -ApiVersion 2014-04-01).Properties.webHostingPlan;
		write-host "WebHostingPlan " $plan " under site " $item.ParentResource " for deployment slot " $item.Name ;

	elseif ($item.ResourceType -Match "Microsoft.Web/sites")
		$plan=(Get-AzureResource -Name $item.Name -ResourceGroupName $item.ResourceGroupName -ResourceType $item.ResourceType -ApiVersion 2014-04-01).Properties.webHostingPlan;
		write-host "WebHostingPlan " $plan " under site " $item.Name ;
Categories: Blogs

Switching Azure Web Apps from one App Service Plan to another

Decaying Code - Maxime Rouiller - 1 hour 23 min ago

So I had to do some change to App Service Plan for one of my client. The first thing I was looking for was to do it under the portal. A few clicks and I'm done!

But before I get into why I need to move one of them, I'll need to tell you about why I needed to move 20 of them.

Consolidating the farm

First, my client had a lot of WebApps deployed left and right in different "Default" ServicePlan. Most were created automatically by scripts or even Visual Studio. Each had different instance size and difference scaling capabilities.

We needed a way to standardize how we scale and especially the size on which we deployed. So we came down with a list of different hosting plans that we needed, the list of apps that would need to be moved and on which hosting plan they currently were.

That list went to 20 web apps to move. The portal wasn't going to cut it. It was time to bring in the big guns.


Powershell is the Command Line for Windows. It's powered by awesomeness and cats riding unicorns. It allows you to do thing like remote control Azure, import/export CSV files and so much more.

CSV and Azure is what I needed. Since we built a list of web apps to migrate in Excel, CSV was the way to go.

The Code or rather, The Script

What follows is what is being used. It's heavily inspired of what was found online.

My CSV file has 3 columns: App, ServicePlanSource and ServicePlanDestination. Only two are used for the actual command. I could have made this command more generic but since I was working with apps in EastUS only, well... I didn't need more.

This script should be considered as "Works on my machine". Haven't tested all the edge cases.


Switch-AzureMode AzureResourceManager
$rgn = 'Default-Web-EastUS'

$allAppsToMigrate = Import-Csv $filename
foreach($app in $allAppsToMigrate)
    if($app.ServicePlanSource -ne $app.ServicePlanDestination)
        $appName = $app.App
		    $source = $app.ServicePlanSource
		    $dest = $app.ServicePlanDestination
        $res = Get-AzureResource -Name $appName -ResourceGroupName $rgn -ResourceType Microsoft.Web/sites -ApiVersion 2014-04-01
        $prop = @{ 'serverFarm' = $dest}
        $res = Set-AzureResource -Name $appName -ResourceGroupName $rgn -ResourceType Microsoft.Web/sites -ApiVersion 2014-04-01 -PropertyObject $prop
        Write-Host "Moved $appName from $source to $dest"
Categories: Blogs

Microsoft Virtual Academy Links for 2014

Decaying Code - Maxime Rouiller - 1 hour 23 min ago

So I thought that going through a few Microsoft Virtual Academy links could help some of you.

Here are the links I think deserve at least a click. If you find them interesting, let me know!

Categories: Blogs

Temporarily ignore SSL certificate problem in Git under Windows

Decaying Code - Maxime Rouiller - 1 hour 23 min ago

So I've encountered the following issue:

fatal: unable to access 'https://myurl/myproject.git/': SSL certificate problem: unable to get local issuer certificate

Basically, we're working on a local Git Stash project and the certificates changed. While they were working to fix the issues, we had to keep working.

So I know that the server is not compromised (I talked to IT). How do I say "ignore it please"?

Temporary solution

This is because you know they are going to fix it.

PowerShell code:

$env:GIT_SSL_NO_VERIFY = "true"

CMD code:


This will get you up and running as long as you don’t close the command window. This variable will be reset to nothing as soon as you close it.

Permanent solution

Fix your certificates. Oh… you mean it’s self signed and you will forever use that one? Install it on all machines.

Seriously. I won’t show you how to permanently ignore certificates. Fix your certificate situation because trusting ALL certificates without caring if they are valid or not is juts plain dangerous.

Fix it.


Categories: Blogs

The Yoda Condition

Decaying Code - Maxime Rouiller - 1 hour 23 min ago

So this will be a short post. I would like to introduce a word in my vocabulary and yours too if it didn't already exist.

First I would like to credit Nathan Smith for teaching me that word this morning. First, the tweet:

Chuckling at "disallowYodaConditions" in JSCS… — Awesome way of describing it.

— Nathan Smith (@nathansmith) November 12, 2014

So... this made me chuckle.

What is the Yoda Condition?

The Yoda Condition can be summarized into "inverting the parameters compared in a conditional".

Let's say I have this code:

string sky = "blue";if(sky == "blue) {    // do something}

It can be read easily as "If the sky is blue". Now let's put some Yoda into it!

Our code becomes :

string sky = "blue";	if("blue" == sky){    // do something}

Now our code read as "If blue is the sky". And that's why we call it Yoda condition.

Why would I do that?

First, if you're missing an "=" in your code, it will fail at compile time since you can't assign a variable to a literal string. It can also avoid certain null reference error.

What's the cost of doing this then?

Beside getting on the nerves of all the programmers in your team? You reduce the readability of your code by a huge factor.

Each developer on your team will hit a snag on every if since they will have to learn how to speak "Yoda" with your code.

So what should I do?

Avoid it. At all cost. Readability is the most important thing in your code. To be honest, you're not going to be the only guy/girl maintaining that app for years to come. Make it easy for the maintainer and remove that Yoda talk.

The problem this kind of code solve isn't worth the readability you are losing.

Categories: Blogs

Do you have your own Batman Utility Belt?

Decaying Code - Maxime Rouiller - 1 hour 23 min ago
Just like most of us on any project, you (yes you!) as a developer must have done the same thing over and over again. I'm not talking about coding a controller or accessing the database.

Let's check out some concrete examples shall we?

  • Have you ever setup HTTP Caching properly, created a class for your project and call it done?
  • What about creating a proper Web.config to configure static asset caching?
  • And what about creating a MediaTypeFormatter for handling CSV or some other custom type?
  • What about that BaseController that you rebuild from project to project?
  • And those extension methods that you use ALL the time but rebuild for each projects...

If you answered yes to any of those questions... you are in great risk of having to code those again.

Hell... maybe someone already built them out there. But more often than not, they will be packed with other classes that you are not using. However, most of those projects are open source and will allow you to build your own Batman utility belt!

So once you see that you do something often, start building your utility belt! Grab those open source classes left and right (make sure to follow the licenses!) and start building your own class library.


Once you have a good collection that is properly separated in a project and that you seem ready to kick some monkey ass, the only way to go is to use NuGet to pack it together!

Checkout the reference to make sure that you do things properly.

NuGet - Publishing

OK you got a steamy new hot NuGet package that you are ready to use? You can either push it to the main repository if your intention is to share it with the world.

If you are not ready quite yet, there are multiple way to use a NuGet package internally in your company. The easiest? Just create a Share on a server and add it to your package source! As simple as that!

Now just make sure to increment your version number on each release by using the SemVer convention.

Reap the profit

OK, no... not really. You probably won't be money anytime soon with this library. At least not in real money. Where you will gain however is when you are asked to do one of those boring task yet over again in another project or at another client.

The only thing you'll do is import your magic package, use it and boom. This task that they planned would take a whole day? Got finished in minutes.

As you build up your toolkit, more and more task will become easier to accomplish.

The only thing left to consider is what NOT to put in your toolkit.

Last minute warning

If you have an employer, make sure that your contract allows you to reuse code. Some contracts allows you to do that but double check with your employer.

If you are a company, make sure not to bill your client for the time spent building your tool or he might have the right to claim them as his own since you billed him for it.

In case of doubt, double check with a lawyer!

Categories: Blogs

I have been laid off, now what? 10 ways to keep it together.

Panamo QA - Georgia Motoc - 7 hours 51 min ago
Ten ways to overcome the negative emotions of being laid off. Continue reading →
Categories: Blogs

Follow the work – bad news for Test Managers?

The Social Tester - 19 hours 19 min ago

I get lots of enquiries from founders of start-ups who reach a certain growth point where they really need to start taking control of the quality of the work being produced. Their companies seem to reach a size and market growth where the focus on quality becomes a priority. This is usually about the time […]

The post Follow the work – bad news for Test Managers? appeared first on Rob Lambert.

Categories: Blogs

TestStorming - A Collaborative Approach for Rapid Test Design

Thanks to everyone who attended my webinar today on TestStorming(TM)!

Here is the recorded presentation:
Here are the slides:

Here is the article on my website:

And, finally, here is the link to the METS spreadsheets I mentioned today:

Have a great weekend!

Categories: Blogs

TDD and Its (at least) 5 Benefits

Sustainable Test-Driven Development - Thu, 10/01/2015 - 20:19
Many developers have concerns about adopting test-driven development, specifically regarding: It's more work.  I'm already over-burdened and now you're giving me a new job to do. I'm not a tester.  We have testers for testing, and they have more expertise than I do.  It will take me a long time to learn how to write tests as well as they do. If I write the code, and then test it, the test-pass
Categories: Blogs

Cambridge Lean Coffee

Hiccupps - James Thomas - Thu, 10/01/2015 - 05:41
Yesterday's Cambridge Lean Coffee was hosted by Chris George at Cambridge Consultants. Here's a brief note on the topics that made it to discussion in the group I was in.

Can you quantify usability? Do you try?How to manage bug backlogs alongside sprints?
  • very dependent on the context you're working in
  • don't separate the bugs and other stories
  • the tester should be trying to illuminate knowledge of the product
  • ... including project risks (like two managers with different goals) to the product
What makes you laugh when you're testing?
  • the discovery of the unexpected thing that exposes assumptions were made
  • ... examples included a configuration option which was only used in reporting the setting of the option itself; a performance metric reported in mega rather than milli units (against industry standard) which had been that way for years and not been noticed.
  • ... but not usually the discovery that some spec item under test isn't implemented right
  • aha! vs haha!
  • the start of the planning process (but that's an evil laugh to worry developers)
Should developers be testers?
  • experiments at Atlassian: Quality at speedQuality assistance.
  • what it takes to make someone have pride in their work
  • what does it mean to be a tester anyway?
  • comparison with other professions - important work is tested (or checked?) generally. Isn't it?
Categories: Blogs

What He Sed

Hiccupps - James Thomas - Wed, 09/30/2015 - 05:46

I recently came into possession of an ancient O'Reilly book on the utilities sed and awk, tools that I use occasionally at work but have really only scratched the surface of. There's a passage right at the start that chimed with me, and here it is as a command line call:
$ echo 'Initially, using sed and awk will seem like the long way to accomplish a task. After several attempts you may conclude that the task would have been easier to do manually. Be patient. You not only have to learn how to use sed and awk but you also need to learn to recognize situations where using them pays off. As you become more proficient, you will solve problems more quickly and solve a broader range of problems.

You will also begin to see opportunities to find general solutions to specific problems. There is a way of looking a a problem so you see it related to a class of problems. Then you can devise a solution that can be reused in other situations.' | sed 's/sed and awk/new tools/g'

Image: O'Reilly
Thanks: Sarah for the book.
Categories: Blogs

Testing SQL Injections with Sqlmap

Testing TV - Mon, 09/28/2015 - 13:13
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. This video provides a demonstration of sqlmap out-of-band takeover features with Metasploit integration. sqlmap is launched against an ASP.NET test page hosted on a Microsoft Windows 2003 server with back-end […]
Categories: Blogs

Software Testing Standards

Testing TV - Thu, 09/24/2015 - 15:43
James Christie shares insights on software testing standards (ISO 29119) and auditing. Video producer:
Categories: Blogs

Goal Setting towards agile

The Social Tester - Thu, 09/24/2015 - 09:00

Goal Setting towards agile “You’ve got to be very careful if you don’t know where you are going, because you might not get there” Yogi Berra Everytime I get asked how to implement agile in a team I ask a simple clarifying question back. “Why?” The answer to this question is often not very forthcoming. […]

The post Goal Setting towards agile appeared first on Rob Lambert.

Categories: Blogs

What skills help us build quality in?

Agile Testing with Lisa Crispin - Wed, 09/23/2015 - 22:11
Lean Coffee

Janet and I facilitate Agile Testing Days Lean Coffee each morning, great way to start!

Agile Testing Days 2015 is coming up November 9-12 in Potsdam, Germany. This year’s theme: “Embracing Agile for a Competitive Edge – Establish leadership by delivering early, rapid & iterative application releases”. To paraphrase Elisabeth Hendrickson, the ability to release business value frequently at a sustainable pace is the very definition of “agile”. That sustainable pace part – that’s where the focus on quality comes in.

We’ve always known we can’t “test quality in” (though that doesn’t stop many companies from trying). But it can be hard to learn the practices that help us bake quality into a software product, starting when that product or feature is just a half-baked idea.

At Agile Testing Days, Janet Gregory and I will lead a tutorial on ways that teams can

We draw and brainstorm a lot!

We draw and brainstorm a lot!

build and share expertise in testing and other areas so that the whole team achieves a level of quality that lets them deliver frequently and fast. The tutorial is open to everyone who wants their teams to achieve frequent, even continuous, delivery of valuable software: testers, BAs, programmers, architects, POs, PMs, managers, Ops practitioners and more.

We hope you will come to Agile Testing Days, and if you do, we hope you will participate in our tutorial! We expect participants will push the boundaries and generate some new ideas, as in our tutorial last year where we identified ways to overcome future challenges in agile testing. (I’ve been using some of those myself, such as the rotating group brainwriting/drawing/mapping, and cube-shaped testers.) This year, we’ll again let participants shape the agenda, with these goals in mind:

  • Lists of skills testers have that they can share with the team – and effective ways to do experiments

    You’ll take away experiments to try with your team.


  • How you can build your T-shaped skill sets and contribute to the cube-shaped team skills
  • Ways the whole team can collaborate to make the best use of test automation
  • And the goals that you bring!
Super Agile Person

Sightings of Super Agile Person are expected!

Please watch our video for more information. Hope to see you in Potsdam!


The post What skills help us build quality in? appeared first on Agile Testing with Lisa Crispin.

Categories: Blogs