Wednesday, November 25, 2015

ASP.NET MVC Do's and Dont's/Best practices

Introduction

ASP.NET MVC (Model-View-Controller architectural pattern) is getting popular day by day, due to Separation of code, extensive templates, data-binding, test-driven development (TDD), Scaffolding and no view state like features, it has REST and SEO support nature. it is really an plugged and extensible framework. We get complete control over HTML with MVC support.  But before going to code on ASP.NET MVC we should take care of some Do's and Dont's or best practices. Here i am explaining some Do's and Don'ts of ASP.NET MVC code
         Many developers/organizations thinking of migrating their exiting application to ASP.NET MVC, This article will help them to understand code facts

Do's and Dont's/Best Practices




1. Business logic should be the part of Model only
Before start code on MVC we should make understand that Business logic should be reside in Model only, it will add your security and code duplication can be avoided. The view load faster as there is no business present in view.

2.  Use only specific view engine
View engines are used to create HTML markup from your view, it is the combination of HTML and programming code, ASP.NET has its own asp.net engine where as ASP.NET MVC has its razor engine. You should only use your specified view engine, it will increase application performance, see below snippet
protected void Application_Start()
{
    ViewEngines.Engines.Clear(); //clear all engines
    ViewEngines.Engines.Add(new RazorViewEngine());
}
3. Create separate assembly for Model
if the application is large and complex then make separate assembly for Model to avoid An unfortunate mishap.  Basically Model should contain business logic, Validation part, session maintenance and data logic part.

4. HTML and data access part should be done from VIEW only
As we know VIEW is the presenter part and it should be very flexible. VIEW should not contains any business logic and session maintenance, use ViewData to access data in View.

5.  Business logic and data access should not exist in ControllerViewData
Controller should be only responsible for calling model, Prepare view, return view, redirect to action etc

6. Delete Demo code from application when you create it
Delete AccountController and all other auto created code from application it will slow down the performance

7. Disable request validation
Request validation validate the request submitted to server and avoid the potential dangerous characters, but it will also block the contents to post HTML markup tags to the server, so disable it, with the help of ValidateInput we can do it, see below snippet
[ValidateInput(false)]
[AcceptVerbs(HttpVerbs.Post)]
public ActionResult Create([Bind(Exclude="Name")]TestEmployee clsEmp)
{
//code goes here
}
8. Master view model may be use for Uniformness
In ASP.NET master pages are used to maintain uniformness in look and feel, same way in ASP.NET MVC we use master view for it.

9.  Data Annotations can be used for server side validation
Use System.ComponentModel.DataAnnotations namespace for server side validation, just use it in model with attribute, see snippet
Public class GetAddress
{
    [Required(ErrorMessage="Address is mandatory")]
    public string Address { get; set; }
}
10. Use extension methods
Extension method help us to simplify LINQ queries and improve application performance, these methods are the static methods and access with this keyword.

11. Remove un-necessary folders and references
When you start creating new ASP.NET MVC application, visual studio does create lot of un-necessary folders and references that are not useful, we can remove them to avoid additional overhead on application

12. Do Bundling and Minifying CSS Files
Bundling and Minifying is the process of minimizing the size of referenced file like .JS, .JSON, .CSS we can reduce the size of such files which will ultimately boost the application performance, in Bundling we merge all CSS in one file and same done for .JS and .JSON file in Minification we remove extra spaces and enters from file and reduce file size

13. For each view there should be a view model
Do you have view ? if yes then create ViewModel. it should used only for data binding and may not contain any presenter code. ViewModel is essential when we want to show some data in different format, in such case view only responsible for present and ViewModel does the job of data transformation

14. Design Routing properly not URL re-writing
URL routing is very much different than URL re-writing, may developers consider them as unique thing. URL routing does not create new URL for old URL but it maps resources with route

15.  Use ViewData and ViewBag for large data storage
If you want to work with lage data, spread sheets, dashboards or volume data sources then ViewData is good option, both views and controllers can easily access ViewData and ViewBag

16. For current and the subsequent requests use TempData
TempData is very short-lived instance, it should use only For current and the subsequent requests.

17. Use Glimpse, fidder, F-12 like package to monitor and improve performance of ASP.NET MVC
Glimpse NuGet package provide detail diagnostic information of ASP.NET apps, where as fidder, F-12 shows you client side activities, more information can be found on Here

18.  Deploy code in Release mode
Code with Release is more compressed than debug mode as it does not conain .pdb file so less memory is utilized by it

19. Remove unnessary HTTP headers
Remove X-AspNetMvc version from global.asax.cs as it will not provide no direct benifit and un-necessarily use small amount of bandwidth, see below snippet
MvcHandler.DisableMvcResponseHeader = true;
20. Use CDN (Content Delivery Networks)
CDN is helping you to download your supportive things (like required .JS, .CSS, .JSON files) from nearest location/server, so travelling time of resources from one location to another will save significantly.

21. Use validationSummary to show all validations in one snap
see below method to use to show all validation in one snap
<%= Html.ValidationSummary() %>
22. Razor is recommended
We know ASP.NET MVC support multiple engines but Razor is recommended by Microsoft as it is light weight and it has very simple syntax

23. Do you want some repetitive UI to be display on each page ? use Partial view
Partial view is like a user control in classic ASP.NET, you can use them if you want to show piece of UI on each page

24. If you are not using bundles and WebAPI then simple remove their associated files
Go to App_start directory and remove BundleConfig file, now go to Application_Start method, in Global.asax.cs and remove the line BundleConfig.RegisterBundles, same thing you can do for WebApiConfig

This is not a detail level document, this document at least need a basic knowledge of ASP.NET MVC, i will cover more detail documentation in next version of this document till then enjoy this stuff

Suggestion and Queries are always welcome

Thanks
koolprasad2003

Monday, October 26, 2015

A potentially dangerous Request.Form value was detected from the client occurred in ASP.NET 4.0



Error


Problem :
         If you are using ASP.NET 4.0 and  you tried to enter some non-encoded HTML content/text like "( )&< > " in Textbox then browser throws "A potentially dangerous Request.Form value was detected from the client" exception

Cause :
        ASP.Net By default validates all input controls for potentially unsafe contents and you entered text is non-encoded HTML content which is like mark-up text, Thus it disallows such content by throwing the above Exception. By default it is recommended to allow this check to happen on each postback

Resolution :
        There are following resolution for this error
1. In many cases if you want to all such mark-up text to any particular page then you can take use of page directive and make 'ValidateRequest '  to false in page directive
see below snippet
<%@ Page Language="C#" AutoEventWireup="true" ValidateRequest = "false" %>

2. If you want to disable this check throughout your Web Application you’ll need to set it false in your web.config section, see below snippet
 <system.web>
      <pages validateRequest="false" />
 </system.web>

3. You can allow mark-up as input for specific pages instead of the whole site by putting it all in a <location> element. This will make sure all your other pages are safe, see below web.config file
<location path="Code/.aspx">
    <system.web>
      <pages validateRequest="false" />
    </system.web>
  </location>
Above snippet will take care of your all .aspx pages inside Code folder

4. If you are using ASP.NET 4.0 then above all solutions will not help you alone, you need to take help of more settings, you need to keep your requestValidationMode to 2.0, see below web.config snippet
  <location path="Code/.aspx">
    <system.web>
      <pages validateRequest="false" />
      <httpRuntime requestValidationMode="2.0" />
    </system.web>
  </location>

Just re-start your IIS and your problem is resolved !!!

Wednesday, March 4, 2015

HTTP Error 404.17 : The requested content appears to be script and will not be served by the static file handler

You may got error while browsing your ASP.NET website, which reads  "HTTP Error 404.17 : The requested content appears to be script and will not be served by the static file handler "

Please see below error snap



Probable causes:

 There are many causes behind this problem
1.  HTTP Handler configured to handle the request has certain preconditions set, but its Application pool does not meet some or all of these preconditions, in simple words Application pool's .NET framework is not set properly to the application in which it is compiled (If my application developed in 4.5 and I am attaching application pool with framework 2.0)

2. If my application is migrated from IIS 6 then My Application pool should running in Classic Mode, with enable 32 bit mode options

3. Required .NET framework has restriction in 'ISAPI and CGI restrictions' in IIS

Solutions :

Problem can be resolved by following steps
1. Open IIS manager (Go to start - Run - type 'INETMGR')
2. Select the Server Name (System Name)
3. Select ISAPI and CGI restrictions in right side pane
4. Allow the Not Allowed restrictions for required framework
5. If your required framework will not exist in ISAPI and CGI restrictions  then you need to re-registered framework with following command
see below snippet, to know how to allow ISAPI and CGI restrictions 


6. Go to Start - Run put following command in Run window

C:\Windows\Microsoft.NET\Framework\v4.0.30319 \aspnet_regiis -I

see below snippet


Here I have given example for .NET Framework 4.0 you can use same command for any .NET framework.

7. Set required .NET version in application pool
8. Enable '32-Bit Applications' in application pool
9. Restart IIS

That all, Now try to browse the same website, we have resolved the bug.