As I use more and more JavaScript and Ajax on my sites the number and the size of the JavaScript include files grow. What do to about this? jQuery comes in a uncompressed and minimized version, ideally I want to use the first on my Dev-box and the second on the production server. Asp.net 3.5 SP1 comes with the feature CompositeScript which allows us to combine several script into one download. Well, I am trying to get away from the asp.net ScriptManager, so I came up with my own solution.

The first version supports the following:

During development the fullsize script files are used

In Production mode, a single minimized file is used that includes all the JavaScript code needed for the page.

This file is not generated on the fly, instead it is stored on the file system. This makes it more scalable.

Here’s how in works:

All my common JavaScript include files are in one location /css/. Instead of referencing them with

<script src="../css/jquery.js" type="text/javascript"></script>
<script src="../css/topas.js" type="text/javascript"></script>

On the page, I just have a single literal control:

<asp:Literal runat="server" ID="litSciptIncludes"></asp:Literal>

Which results in the following html:

<script src="../css/lib/3.js" type="text/javascript"></script>

3.js has the compressed content of both jquery.js and topas.js

In the Page_Load method in code behind I have some code to add scripts:

ScriptIncluder inc = new ScriptIncluder();
inc.AddScript(ScriptIncluder.Scripts.jQuery);
inc.AddScript(ScriptIncluder.Scripts.Topas);
litSciptIncludes.Text = inc.GetIncludes();

The ScriptIncluder class is responsible for building the <script src…> tags. We add all the scripts we need on the page with the AddScript method, a fixed number of scripts are defined in a enumeration.

[Flags]
public enum Scripts
{
  jQuery = 1,
  Topas = 2,
  TopasDate = 16,
  TopasEdit = 32,
  jQueryUI = 256,
  jQueryMaskedEdit = 512,
}

public void AddScript(Scripts scriptID)
{
  _scripts.Add(scriptID);
  _scriptCode += (int)scriptID;
}

In my application framework I have a setting in the web.config which defines the Debug-Mode, when in development I just loop through all the added scripts and return one <script> tag for each added script. However when in production, I return a single script tag that points to a single file.

public string GetIncludes()
{
    string html = string.Empty;
    string start = "<script type=\"text/javascript\" src=\"" + Core.Config.VirtualRoot + "css/";
    string end = "\"></script>" + Environment.NewLine;

    if (Core.Config.CurrentDebugLevel >= Core.Config.DebugLevels.SharedDev)
    {
        // include plain text files
        foreach (Scripts script in _scripts)
        {
            html += start + _scriptNames[script] + end;
        }
    }
    else
    {
        // include compressed file
        html = start + "lib/" + _scriptCode + ".js" + end;
    }
    return html;
}

_scriptNames[] is a generic list of all the script file names, _scriptCode is the sum of all the scriptIDs as defined in the Scripts enumeration.

So where do all the /css/lib/nn.js files come from that are needed for the single compressed file?

I use a batch file to create them:

pushd \websites\foo\wwwroot\css
jsmin.exe lib/769.js jquerymin.js jqueryuimin.js jquery.maskedinput.js
jsmin.exe lib/819.js jquerymin.js jqueryuimin.js jquery.maskedinput.js topas.js topas.date.js topas.edit.js
jsmin.exe lib/49.js topas.js topas.date.js topas.edit.js
jsmin.exe lib/3.js topas.js jquerymin.js
jsmin.exe lib/1.js jquery.js
popd

In theory I need hundreds of these /lib/nnn.js files, but in practice there are only a few combinations that I use. What is jsmin.exe? It is a small tool based on Douglas Crawford’s jsmin (http://www.crockford.com/javascript/jsmin.html). He has C# code to minimize a single JavaScript file. I added some code to process any number of files into a single file. I can just run the batch file every time I have changed any of my JavaScript include files and can also make it part of my build process.

Any drawbacks? If every page uses a different combination of include files, all these combinations have to be downloaded once and then cached, so the actual jQuery code may be downloaded several times.

In the old days rebuilding a Windows machine involved a day or so of post-installation work to set up applications and customize the environment.

Because I travel a lot without a computer I love using 'portable' software that runs from a USB stick. The same software also comes in handy on my home machines.

After a new Windows setup I install only my main work applications: Office, Visual Studio, SQL Server. Then I map two partitions usually from an external drive (so I can move it around). One partition has all my data and the other one has many applications that don't require any installation.

There are dozens of these applications that don't require a set-up procedure, copying them into a folder on a hard drive is enough. These apps fall into two categories, portable apps, that are especially written to not use the registry or documents and settings and only write to there own 'application folder' Many of these can be found at http://portableapps.com. The second category is software that wasn't created as portable but still runs without installation. All kinds of little tools do this and also many small to medium size dot.net applications.

Some issues:

Some apps still write to the registry, the users home directory or isolated storage. So if you are concerned about any privacy data there, make sure to delete this data manually after you are done.

File associations do not work because they are not created during setup (as there was none). If you really need them, you can create them yourself.

Other considerations:

dot.net was created with 'standalone' apps in mind. There are not suppose to use the registry and can be deployed using xcopy (just copy the files). However if you are using the built-in way to save user settings, they go into the user's home directory. Visual Studio promotes to package applications into msi files that can be installed by the end user. These leave entries in the 'installed applications' section of the registry to allow un-installation. I much rather put them into a zip file, the user can see what he/she gets and can just delete the folder if the program is no longer needed. Ideally the program has a feature to delete any saved user settings, as these are hard to find.

If you are only sporadically using some big application like Visual Studio, consider installing it once into a Virtual Machine and then moving/copying it between machines or installations of Windows.

Some standalone Apps I am using:

• Portable Firefox (portableapps.com)
• Portable OpenOffice
• Portable SevenZip
• Paint.net
• LiveWriter
• SharpDevelop
• Portable Chrome
• Xamp (Apache, MySQL, Php)
• Python
• All sysinternals tools
• VLCPortable
• Foxit

• portableapps.com
• portablefreeware.com

Version: 19-June-2009

As I am going into my fourth year of traveling around the world, I've seen many different setups for shared Windows machines.

I'm using Internet Cafes and PCs in hostels for all my computer usage and the number of viruses and messed up machines I encounter is just amazing.

In Asia in 2005-2007 there were still some Windows 98s around but now in Latin America I only see XP and Vista machines, so I wont talk about Windows 9x, that's a whole different game.

There are a few different ways of how PCs are usually set up:

1. Bare bones OS, users run as administrator
2. As 1 but with some AntiVirus software installed
3. As 2 but users run as standard user
4. Some software like Deep Freeze is used. This creates a snapshot of an install and than reapplies that snapshot every time the machine boots. So all changes during a user sessions are discarded after a reboot. Microsoft's free SteadyState could be used as well, but I've never seen it in the wild.

In addition to the many many commercial shops run some sort of Cybercafe software that tracks the usage time of the customer and reports back to a central server so the customer can be charged when leaving. The software often adds some restrictions as well, like disallowing access to the registry, taskmanager or cmd.exe. Again many times the users still runs as administrator.

So option 4 doesn't sound too bad, doesn't it, lets explain why it isn't a good option. Take the Oasis hostel in Granada, Nicaragua. Deep Freeze 5 was installed about 15 months ago, every morning after booting up, a clean system was on the machine, problem was it was an unpatched system. Within an hour, Conficker came in from the network and other viruses joined in from USB sticks. For the rest of the day these suckers would do their work and would spread to other USB devices. Having AntiVirus software didn't help much because the virus definitions were totally out of date, as any updates would be overwritten every morning.

So none of these ways are perfect and some cost money. Lets try to solve the problem with builtin/free tools.

First, let's think about what a typical user wants to do on the computer:

• Surf the Internet
• Use Skype
• Use Office
• Copy photos from a camera to another USB device or upload them to the Internet.
• Burn files onto CD or DVD
• Download free music or podcasts and put it on a iPod or another player.
• View PDF documents
• Use Chat/Instant Messaging applications

So here's my proposed solution for a fairly secure public Windows machine:

Setup:

• Install XP or Vista
  Always use a fully licensed version, otherwise certain updates may not work.
• Apply all Microsoft updates and patches
  Use Internet Explorer and go to update.microsoft.com, I recommend also installing the latest version of the dot.net framework and Silverlight
• Turn off Fast User switching
  This just confuses uses and may lead to both admin and standard user logged on at the same time, something we don't want.
  Open the control panel and then the 'user accounts' section. Click on 'Change the way users log on or off', untick 'Use fast user switching'.
• Use a strong password for the administrator account
• Make sure the Windows Firewall is on
  In the control panel, click on 'Security Center'
• Make sure Windows Auto update is set to auto download and auto install.
  This makes sure updates are applied when running as standard user. In the control panel, click on 'Security Center' and check the settings for 'Automatic Updates'
• Install a free Anti Virus package like AVGFree and make sure it is set to update the virus definitions once a day.
• Make sure autorun is turned off
  See Microsoft site for detailes
• Install alternative keyboard layouts such as Spanish and Hebrew
  In control panel open the 'Date, time, language and regional options' section. Check the checkbox for 'Install files for complex script...'. This is required for Hebrew.
  The click on 'add other languages' and then on the 'Details' button. There you can add additional input languages. Also click on the 'Language bar' button and make sure the language bar is shown so the use can change the language.
• Install other Software
  • MS Office, or Open Office
    openoffice.org
  • Skype
    internet telephony: skype.com
  • Firefox
    web surfing: getfirefox.com
  • DeepBurner Free
    CD/DVD burning: deepburner.com
  • Foxit
    PDF viewing: foxitsoftware.com
  • IM Client
    chatting: choose a client that supports all common IM protocols???
  • Floola
    iPod management: floola.com This doesn't sync anything and also allows you to copy songs off the iPod.
  • Adobe Flash
    browser plugin: adobe.com
• DO NOT install:
  • Adobe Acrobat Reader
    too big and slow, many security problems
  • Nero
    too big and installs too many things you don't want
  • iTunes
    too big, also may delete people's music when trying to sync
  • Any browser plugins and toolbars,
    these are some times nice to have to not necessary.
• Make sure the installed software doesn't autostart but put an icon on the 'all users' desktop.
  Put a shortcut into C:\Documents and Settings\All Users\Desktop
• For Vista and Windows 7, turn off UAC.
  The user should not be able to access admin features and should not be prompted for an Admin password.  On the other hand, when using Internet Explorer UAC is valuable for security reasons.
• Create a new user account.
  Use the 'user accounts' section in control panel. Lets call it 'user'. For convenience reasons with an empty password.
• Set the autologin to the new user.
  See Microsoft site for detailes
• Make sure the user is only in the user's group not in the administrators group.
  This means the user only has write access to the user's own home directory (C:/documents and settings/username or C:/users/username) and can't change anything else in the system.
• If you have additional partitions, make sure the user doesn't have write permissions.
  !Explain how to do this!
• Create a html page that explains the usage of DeepBurner and Floola to users who are used to Nero and iTunes. Put the file on the All Users desktop.
  !A sample file should be created!
• Optional: Set read-only permissions to the HKCU-Run section in the registry and the Startup folder. This prevents most applications from auto-starting.
  !Explain how to do this!

The user can now do all the things he/she wants to do but can't screw up the system itself. New software and viruses may be installed but they can only affect the user's home directory.

You could now create an disk image of the system and use it for other computers. After using the image make sure to apply all updates.

Maintenance:

Over time the user's home directory is getting messed up with photos, documents and software. So once a week or so you should log on as the administrator and do some clean-up:

• Delete the user's profile, but not the user itself.
  This deletes everything the user added and brings the system back into a clean state.
  Do do this log off the standard user and log in as the administrator. In the start menu right click on 'My Computer' and choose properties. Under the 'Advanced' tab, click on the 'Settings' button in the 'User Profiles' section. There chose the User account and click 'delete'.
  You can also download a tool from Microsoft to delete the profile from the command line and create a batch file to do this.
• Windows, Office and your AntiVirus software should be up to date because of auto-update but you should check the third party software for new versions. Another reason to keep the number of these applications low.
• Log on as the standard user to create a new clean profile.
• Optional: Set read-only permissions again.