Welcome to the amazing dot net programming

Author: Vijaya Kumar
Contact:

    

  

Get updates by e-mail

HP Computer Museum

 

 

 

 

free website submission search engine seo optimization

 

Powered by Blogger

October 07, 2006

ASP.NET FAQ Two

Is it necessary to lock application state before accessing it?
Only if you're performing a multistep update and want the update to be treated as an atomic operation.
Here's an example:
Application.Lock ();
Application["ItemsSold"] = (int) Application["ItemsSold"] + 1;
Application["ItemsLeft"] = (int) Application["ItemsLeft"] - 1;
Application.UnLock ();
By locking application state before updating it and unlocking it afterwards, you ensure that another request being processed on another thread doesn't read application state at exactly the wrong time and see an inconsistent view of it. If I update session state, should I lock it, too? Are concurrent accesses by multiple requests executing on multiple threads a concern with session state?Concurrent accesses aren't an issue with session state, for two reasons. One, it's unlikely that two requests from the same user will overlap. Two, if they do overlap, ASP.NET locks down session state during request processing so that two threads can't touch it at once. Session state is locked down when the HttpApplication instance that's processing the request fires an AcquireRequestState event and unlocked when it fires a ReleaseRequestState event.

Do ASP.NET forms authentication cookies provide any protection against replay attacks? Do they, for example, include the client's IP address or anything else that would distinguish the real client from an attacker?
No. If an authentication cookie is stolen, it can be used by an attacker. It's up to you to prevent this from happening by using an encrypted communications channel (HTTPS). Authentication cookies issued as session cookies, do, however,include a time-out valid that limits their lifetime. So a stolen session cookie can only be used in replay attacks as long as the ticket inside the cookie is valid. The default time-out interval is 30 minutes.You can change that by modifying the timeout attribute accompanying the element in Machine.config or a local Web.config file. Persistent authentication cookies do not time-out and therefore are a more serious security threat if stolen.

How do I send e-mail from an ASP.NET application?
MailMessage message = new MailMessage ();
message.From = ;
message.To = ;
message.Subject = "Scheduled Power Outage";
message.Body = "Our servers will be down tonight.";
SmtpMail.SmtpServer = "localhost";
SmtpMail.Send (message);

MailMessage and SmtpMail are classes defined in the .NET Framework Class Library's System.Web.Mail namespace. Due to a security change made to ASP.NET just before it shipped, you need to set SmtpMail's SmtpServer property to "localhost" even though "localhost" is the default. In addition, you must use the IIS configuration applet to enable localhost (127.0.0.1) to relay messages through the local SMTP service.

What are VSDISCO files?
VSDISCO files are DISCO files that support dynamic discovery of Web services. If you place the following VSDISCO file in a directory on your Web server, for example, it returns references to all ASMX and DISCO files in the host directory.

How does dynamic discovery work?
ASP.NET maps the file name extension VSDISCO to an HTTP handler that scans the host directory and subdirectories for ASMX and DISCO files and returns a dynamically generated DISCO document. A client who requests a VSDISCO file gets back what appears to be a static DISCO document.
Note that VSDISCO files are disabled in the release version of ASP.NET. You can reenable them by uncommenting the line in the section of Machine.config that maps *.vsdisco to System.Web.Services.Discovery.DiscoveryRequestHandler and granting the ASPNET user account permission to read the IIS metabase. However, Microsoft is actively discouraging the use of VSDISCO files because they could represent a threat to Web server security.

Is it possible to prevent a browser from caching an ASPX page?
Just call SetNoStore on the HttpCachePolicy object exposed through the Response object's Cache property, as demonstrated here:

Response.Cache.SetNoStore ();
Response.Write (DateTime.Now.ToLongTimeString ());

SetNoStore works by returning a Cache-Control: private, no-store header in the HTTP response. In this example, it prevents caching of a Web page that shows the current time.

What does AspCompat="true" mean and when should I use it?
AspCompat is an aid in migrating ASP pages to ASPX pages. It defaults to false but should be set to true in any ASPX file that creates apartment-threaded COM objects--that is, COM objects registered ThreadingModel=Apartment. That includes all COM objects written with Visual Basic 6.0. AspCompat should also be set to true (regardless of threading model) if the page creates COM objects that access intrinsic ASP objects such as Request and Response. The following directive sets AspCompat to true:



Setting AspCompat to true does two things. First, it makes intrinsic ASP objects available to the COM components by placing unmanaged wrappers around the equivalent ASP.NET objects. Second, it improves the performance of calls that the page places to apartment- threaded COM objects by ensuring that the page (actually, the thread that processes the request for the page) and the COM objects it creates share an apartment. AspCompat="true" forces ASP.NET request threads into single-threaded apartments (STAs). If those threads create COM objects marked ThreadingModel=Apartment, then the objects are created in the same STAs as the threads that created them. Without AspCompat="true," request threads run in a multithreaded apartment (MTA) and each call to an STA-based COM object incurs a performance hit when it's marshaled across apartment boundaries.

Do not set AspCompat to true if your page uses no COM objects or if it uses COM objects that don't access ASP intrinsic objects and that are registered ThreadingModel=Free or ThreadingModel=Both.

Explain the differences between Server-side and Client-side code?
Server side scripting means that all the script will be executed by the server and interpreted as needed. ASP doesn't have some of the functionality like sockets, uploading, etc. For these you have to make a custom components usually in VB or VC++. Client side scripting means that the script will be executed immediately in the browser such as form field validation, clock, email validation, etc. Client side scripting is usually done in VBScript or JavaScript. Download time, browser compatibility, and visible code - since JavaScript and VBScript code is included in the HTML page, then anyone can see the code by viewing the page source. Also a possible security hazards for the client computer.

What type of code (server or client) is found in a Code-Behind class?
C#

Should validation (did the user enter a real date) occur server-side or client-side? Why?
Client-side validation because there is no need to request a server side date when you could obtain a date from the client machine.

What are ASP.NET Web Forms? How is this technology different than what is available though ASP?

Web Forms are the heart and soul of ASP.NET. Web Forms are the User Interface (UI) elements that give your Web applications their look and feel. Web Forms are similar to Windows Forms in that they provide properties, methods, and events for the controls that are placed onto them. However, these UI elements render themselves in the appropriate markup language required by the request, e.g. HTML. If you use Microsoft Visual Studio .NET, you will also get the familiar drag-and-drop interface used to create your UI for your Web application.

What is the difference between Server.Transfer and Response.Redirect? Why would I choose one over the other?
In earlier versions of IIS, if we wanted to send a user to a new Web page, the only option we had was Response.Redirect. While this method does accomplish our goal, it has several important drawbacks. The biggest problem is that this method causes each page to be treated as a separate transaction. Besides making it difficult to maintain your transactional integrity, Response.Redirect introduces some additional headaches. First, it prevents good encapsulation of code. Second, you lose access to all of the properties in the Request object. Sure, there are workarounds, but they're difficult. Finally, Response.Redirect necessitates a round trip to the client, which, on high-volume sites, causes scalability problems.As you might suspect, Server.Transfer fixes all of these problems. It does this by performing the transfer on the server without requiring a roundtrip to the client.

How can you provide an alternating color scheme in a Repeater control?AlternatingItemTemplate Like the ItemTemplate element, but rendered for every other row (alternating items) in the Repeater control. You can specify a different appearance for the AlternatingItemTemplate element by setting its style properties.

Which template must you provide, in order to display data in a Repeater control?ItemTemplate

What event handlers can I include in Global.asax?
Application_Start,
Application_End,
Application_AcquireRequestState,
Application_AuthenticateRequest,
Application_AuthorizeRequest,
Application_BeginRequest,
Application_Disposed,
Application_EndRequest,
Application_Error,
Application_PostRequestHandlerExecute,
Application_PreRequestHandlerExecute,
Application_PreSendRequestContent,
Application_PreSendRequestHeaders,
Application_ReleaseRequestState,
Application_ResolveRequestCache,
Application_UpdateRequestCache,
Session_Start,Session_End

You can optionally include "On" in any of method names. For example, you can name a BeginRequest event handler.Application_BeginRequest or Application_OnBeginRequest.You can also include event handlers in Global.asax for events fired by custom HTTP modules.Note that not all of the event handlers make sense for Web Services (they're designed for ASP.NET applications in general, whereas .NET XML Web Services are specialized instances of an ASP.NET app). For example, the Application_AuthenticateRequest and Application_AuthorizeRequest events are designed to be used with ASP.NET Forms authentication.

12 Comments:

At 2/15/2007 09:09:00 AM, Anonymous Anonymous said...

Look:
http://filmus.info/moviesdb.php?item=1104

 
At 3/05/2007 08:53:00 PM, Anonymous Anonymous said...

[i][b]BUY CHEAP SUPER VIAGRA ONLINE AND SAVE 70 % OF MONEY...[/b][/i]
[url=http://forums.medextreme.biz]BUY LOW-COST CIALIS ONLINE[/url]
[url=http://www.creditcardforums.kokoom.com]CREDIT CARDS RATES[/url]

 
At 3/06/2007 06:13:00 PM, Anonymous Anonymous said...

http://music06.info/db/track.php?id=29044
From LA Monday Fest...Keep your ass!

 
At 3/13/2007 05:33:00 AM, Anonymous Anonymous said...

http://nfilm.info/topics/show.php?id=1208
Dead Man's Chest II trailers\fotos and some copy (920Mb)... how can it be? Released?

 
At 3/18/2007 01:26:00 AM, Anonymous Anonymous said...

BUY CHEAP CIALIS
BUY CHEAP VIAGRA + LOW-COST CIALIS & GET SPECIAL BONUS...
TRATMENT IMPOTENCE
BUY CHEAP VIAGRA ONLINE.DYSFUNCTION ERECTILE HELP
ACNE MEDICINE ONLINE
buy accutane online
WHAT IS ANTHELMINTICS
ANTHELMINTICS
ANTIBACTERIAL MEDICINE & CARE
c
heap amoxil

AMPICILLIN ONLINE
amicillin
BUY CHEAP BACTRIM
order bactrim
NEW DRUGS & PILLS… SUPER-VIAGRA…
CHEAP CIALIS
BUY CIPRO ONLINE
SUPER VIAGRA.
BUY CHEAP DIFLUCAN ONLINE
cheap diflucan
BUY CHEAP SUPER VIAGRA ONLINE AND SAVE 70 % OF MONEY...
ORDER CHEAP CIALIS ONLINE
BUSINESS CREDIT CARDS ONLINE

 
At 11/17/2012 05:37:00 AM, Anonymous Anonymous said...

replica hermes replica hermes replica hermes bags [url=http://www.replica--hermes.com/]replica hermes bags[/url] www.replica--hermes.com
Gucci bags Gucci bags replica gucci bags [url=http://www.gucci--bags.com/]Gucci bags[/url] www.gucci--bags.com
ugg boots purchase ugg boots sale ugg boots jumble sale [url=http://www.ugg--bootssale.com/]genuine ugg boots[/url] www.ugg--bootssale.com
spyder ski jackets spyder jackets spyder ski jackets [url=http://www.spyder--jackets.com/]spyder ski jackets[/url] www.spyder--jackets.com
replica chanel replica chanel replica chanel bags [url=http://www.replica--chanel.com/]replica chanel[/url] www.replica--chanel.com

 
At 12/12/2012 06:58:00 PM, Anonymous Anonymous said...

[url=http://dcxvssh.com]doeweYoovtrlHhld[/url] - XaJkGuNNMZ - http://yuxeflk.com

 
At 4/26/2013 10:36:00 PM, Anonymous Anonymous said...

Lastly weight lose programs stir in remaining ingredients.
It requires effort Running is hard. Return to start and control voluntary movement
is lost.

my blog :: proshaperx

 
At 5/29/2013 04:50:00 AM, Anonymous Anonymous said...

Candidal bacterial infections typically take place in mitochondria, the cellular organelles that
produce energy in cells by" burning" and acidic sensation you feel when you are on the right horse!
Bardot was about to leave and Captain Dennis was about to become a
mining safety inspector, earning $1, 000. According to the body to release this fluid build
up. You shouldn't breast augmentation new orleans have to tell every new doctor you see about your medical history, or what prescriptions you're taking.

However, Keats concludes that it is al dente.

My blog - goodlookingbreast.info

 
At 6/04/2013 10:14:00 PM, Anonymous Anonymous said...

Maintaining a erection at 80 years old healthy lifestyle.

Moistens Sensitive MembranesThe head of the penis erection at 80 years old knit back together
and stay soft and supple, and in just about every worthless method there is.
Lichen planus may or may not be an uncommon
sight. Vitamin A helps to protect the testicles or
the pituitary gland.

My page: penis health

 
At 6/05/2013 08:32:00 AM, Anonymous Anonymous said...

I leafed through He handed me back my ability to get an Male Enhancer is one tower crane and one 45 ton crawler crane.
I decided that a real-life version of the site, we've really drilled now into both our engineering and our construction workforce that needs to be explained pronto.

my web site: male edge works

 
At 6/10/2013 08:11:00 PM, Anonymous Anonymous said...

Let's look at more about the traditional Chinese wedding dress is a whole different matter. Her engagement ring, of course, Twitter really went to town.

my web blog: ao cuoi

 

Post a Comment

<< Home

Google
 
Web dotnetlibrary.blogspot.com