Search Results

Search found 75304 results on 3013 pages for 'asp net development serv'.

Page 21/3013 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >

  • Securing an ASP.NET MVC 2 Application

    - by rajbk
    This post attempts to look at some of the methods that can be used to secure an ASP.NET MVC 2 Application called Northwind Traders Human Resources.  The sample code for the project is attached at the bottom of this post. We are going to use a slightly modified Northwind database. The screen capture from SQL server management studio shows the change. I added a new column called Salary, inserted some random salaries for the employees and then turned off AllowNulls.   The reporting relationship for Northwind Employees is shown below.   The requirements for our application are as follows: Employees can see their LastName, FirstName, Title, Address and Salary Employees are allowed to edit only their Address information Employees can see the LastName, FirstName, Title, Address and Salary of their immediate reports Employees cannot see records of non immediate reports.  Employees are allowed to edit only the Salary and Title information of their immediate reports. Employees are not allowed to edit the Address of an immediate report Employees should be authenticated into the system. Employees by default get the “Employee” role. If a user has direct reports, they will also get assigned a “Manager” role. We use a very basic empId/pwd scheme of EmployeeID (1-9) and password test$1. You should never do this in an actual application. The application should protect from Cross Site Request Forgery (CSRF). For example, Michael could trick Steven, who is already logged on to the HR website, to load a page which contains a malicious request. where without Steven’s knowledge, a form on the site posts information back to the Northwind HR website using Steven’s credentials. Michael could use this technique to give himself a raise :-) UI Notes The layout of our app looks like so: When Nancy (EmpID 1) signs on, she sees the default page with her details and is allowed to edit her address. If Nancy attempts to view the record of employee Andrew who has an employeeID of 2 (Employees/Edit/2), she will get a “Not Authorized” error page. When Andrew (EmpID 2) signs on, he can edit the address field of his record and change the title and salary of employees that directly report to him. Implementation Notes All controllers inherit from a BaseController. The BaseController currently only has error handling code. When a user signs on, we check to see if they are in a Manager role. We then create a FormsAuthenticationTicket, encrypt it (including the roles that the employee belongs to) and add it to a cookie. private void SetAuthenticationCookie(int employeeID, List<string> roles) { HttpCookiesSection cookieSection = (HttpCookiesSection) ConfigurationManager.GetSection("system.web/httpCookies"); AuthenticationSection authenticationSection = (AuthenticationSection) ConfigurationManager.GetSection("system.web/authentication"); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, employeeID.ToString(), DateTime.Now, DateTime.Now.AddMinutes(authenticationSection.Forms.Timeout.TotalMinutes), false, string.Join("|", roles.ToArray())); String encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); if (cookieSection.RequireSSL || authenticationSection.Forms.RequireSSL) { authCookie.Secure = true; } HttpContext.Current.Response.Cookies.Add(authCookie); } We read this cookie back in Global.asax and set the Context.User to be a new GenericPrincipal with the roles we assigned earlier. protected void Application_AuthenticateRequest(Object sender, EventArgs e){ if (Context.User != null) { string cookieName = FormsAuthentication.FormsCookieName; HttpCookie authCookie = Context.Request.Cookies[cookieName]; if (authCookie == null) return; FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); string[] roles = authTicket.UserData.Split(new char[] { '|' }); FormsIdentity fi = (FormsIdentity)(Context.User.Identity); Context.User = new System.Security.Principal.GenericPrincipal(fi, roles); }} We ensure that a user has permissions to view a record by creating a custom attribute AuthorizeToViewID that inherits from ActionFilterAttribute. public class AuthorizeToViewIDAttribute : ActionFilterAttribute{ IEmployeeRepository employeeRepository = new EmployeeRepository(); public override void OnActionExecuting(ActionExecutingContext filterContext) { if (filterContext.ActionParameters.ContainsKey("id") && filterContext.ActionParameters["id"] != null) { if (employeeRepository.IsAuthorizedToView((int)filterContext.ActionParameters["id"])) { return; } } throw new UnauthorizedAccessException("The record does not exist or you do not have permission to access it"); }} We add the AuthorizeToView attribute to any Action method that requires authorization. [HttpPost][Authorize(Order = 1)]//To prevent CSRF[ValidateAntiForgeryToken(Salt = Globals.EditSalt, Order = 2)]//See AuthorizeToViewIDAttribute class[AuthorizeToViewID(Order = 3)] [ActionName("Edit")]public ActionResult Update(int id){ var employeeToEdit = employeeRepository.GetEmployee(id); if (employeeToEdit != null) { //Employees can edit only their address //A manager can edit the title and salary of their subordinate string[] whiteList = (employeeToEdit.IsSubordinate) ? new string[] { "Title", "Salary" } : new string[] { "Address" }; if (TryUpdateModel(employeeToEdit, whiteList)) { employeeRepository.Save(employeeToEdit); return RedirectToAction("Details", new { id = id }); } else { ModelState.AddModelError("", "Please correct the following errors."); } } return View(employeeToEdit);} The Authorize attribute is added to ensure that only authorized users can execute that Action. We use the TryUpdateModel with a white list to ensure that (a) an employee is able to edit only their Address and (b) that a manager is able to edit only the Title and Salary of a subordinate. This works in conjunction with the AuthorizeToViewIDAttribute. The ValidateAntiForgeryToken attribute is added (with a salt) to avoid CSRF. The Order on the attributes specify the order in which the attributes are executed. The Edit View uses the AntiForgeryToken helper to render the hidden token: ......<% using (Html.BeginForm()) {%><%=Html.AntiForgeryToken(NorthwindHR.Models.Globals.EditSalt)%><%= Html.ValidationSummary(true, "Please correct the errors and try again.") %><div class="editor-label"> <%= Html.LabelFor(model => model.LastName) %></div><div class="editor-field">...... The application uses View specific models for ease of model binding. public class EmployeeViewModel{ public int EmployeeID; [Required] [DisplayName("Last Name")] public string LastName { get; set; } [Required] [DisplayName("First Name")] public string FirstName { get; set; } [Required] [DisplayName("Title")] public string Title { get; set; } [Required] [DisplayName("Address")] public string Address { get; set; } [Required] [DisplayName("Salary")] [Range(500, double.MaxValue)] public decimal Salary { get; set; } public bool IsSubordinate { get; set; }} To help with displaying readonly/editable fields, we use a helper method. //Simple extension method to display a TextboxFor or DisplayFor based on the isEditable variablepublic static MvcHtmlString TextBoxOrLabelFor<TModel, TProperty>(this HtmlHelper<TModel> htmlHelper, Expression<Func<TModel, TProperty>> expression, bool isEditable){ if (isEditable) { return htmlHelper.TextBoxFor(expression); } else { return htmlHelper.DisplayFor(expression); }} The helper method is used in the view like so: <%=Html.TextBoxOrLabelFor(model => model.Title, Model.IsSubordinate)%> As mentioned in this post, there is a much easier way to update properties on an object. Download Demo Project VS 2008, ASP.NET MVC 2 RTM Remember to change the connectionString to point to your Northwind DB NorthwindHR.zip Feedback and bugs are always welcome :-)

    Read the article

  • ASP.NET MVC 3: Implicit and Explicit code nuggets with Razor

    - by ScottGu
    This is another in a series of posts I’m doing that cover some of the new ASP.NET MVC 3 features: New @model keyword in Razor (Oct 19th) Layouts with Razor (Oct 22nd) Server-Side Comments with Razor (Nov 12th) Razor’s @: and <text> syntax (Dec 15th) Implicit and Explicit code nuggets with Razor (today) In today’s post I’m going to discuss how Razor enables you to both implicitly and explicitly define code nuggets within your view templates, and walkthrough some code examples of each of them.  Fluid Coding with Razor ASP.NET MVC 3 ships with a new view-engine option called “Razor” (in addition to the existing .aspx view engine).  You can learn more about Razor, why we are introducing it, and the syntax it supports from my Introducing Razor blog post. Razor minimizes the number of characters and keystrokes required when writing a view template, and enables a fast, fluid coding workflow. Unlike most template syntaxes, you do not need to interrupt your coding to explicitly denote the start and end of server blocks within your HTML. The Razor parser is smart enough to infer this from your code. This enables a compact and expressive syntax which is clean, fast and fun to type. For example, the Razor snippet below can be used to iterate a collection of products and output a <ul> list of product names that link to their corresponding product pages: When run, the above code generates output like below: Notice above how we were able to embed two code nuggets within the content of the foreach loop.  One of them outputs the name of the Product, and the other embeds the ProductID within a hyperlink.  Notice that we didn’t have to explicitly wrap these code-nuggets - Razor was instead smart enough to implicitly identify where the code began and ended in both of these situations.  How Razor Enables Implicit Code Nuggets Razor does not define its own language.  Instead, the code you write within Razor code nuggets is standard C# or VB.  This allows you to re-use your existing language skills, and avoid having to learn a customized language grammar. The Razor parser has smarts built into it so that whenever possible you do not need to explicitly mark the end of C#/VB code nuggets you write.  This makes coding more fluid and productive, and enables a nice, clean, concise template syntax.  Below are a few scenarios that Razor supports where you can avoid having to explicitly mark the beginning/end of a code nugget, and instead have Razor implicitly identify the code nugget scope for you: Property Access Razor allows you to output a variable value, or a sub-property on a variable that is referenced via “dot” notation: You can also use “dot” notation to access sub-properties multiple levels deep: Array/Collection Indexing: Razor allows you to index into collections or arrays: Calling Methods: Razor also allows you to invoke methods: Notice how for all of the scenarios above how we did not have to explicitly end the code nugget.  Razor was able to implicitly identify the end of the code block for us. Razor’s Parsing Algorithm for Code Nuggets The below algorithm captures the core parsing logic we use to support “@” expressions within Razor, and to enable the implicit code nugget scenarios above: Parse an identifier - As soon as we see a character that isn't valid in a C# or VB identifier, we stop and move to step 2 Check for brackets - If we see "(" or "[", go to step 2.1., otherwise, go to step 3  Parse until the matching ")" or "]" (we track nested "()" and "[]" pairs and ignore "()[]" we see in strings or comments) Go back to step 2 Check for a "." - If we see one, go to step 3.1, otherwise, DO NOT ACCEPT THE "." as code, and go to step 4 If the character AFTER the "." is a valid identifier, accept the "." and go back to step 1, otherwise, go to step 4 Done! Differentiating between code and content Step 3.1 is a particularly interesting part of the above algorithm, and enables Razor to differentiate between scenarios where an identifier is being used as part of the code statement, and when it should instead be treated as static content: Notice how in the snippet above we have ? and ! characters at the end of our code nuggets.  These are both legal C# identifiers – but Razor is able to implicitly identify that they should be treated as static string content as opposed to being part of the code expression because there is whitespace after them.  This is pretty cool and saves us keystrokes. Explicit Code Nuggets in Razor Razor is smart enough to implicitly identify a lot of code nugget scenarios.  But there are still times when you want/need to be more explicit in how you scope the code nugget expression.  The @(expression) syntax allows you to do this: You can write any C#/VB code statement you want within the @() syntax.  Razor will treat the wrapping () characters as the explicit scope of the code nugget statement.  Below are a few scenarios where we could use the explicit code nugget feature: Perform Arithmetic Calculation/Modification: You can perform arithmetic calculations within an explicit code nugget: Appending Text to a Code Expression Result: You can use the explicit expression syntax to append static text at the end of a code nugget without having to worry about it being incorrectly parsed as code: Above we have embedded a code nugget within an <img> element’s src attribute.  It allows us to link to images with URLs like “/Images/Beverages.jpg”.  Without the explicit parenthesis, Razor would have looked for a “.jpg” property on the CategoryName (and raised an error).  By being explicit we can clearly denote where the code ends and the text begins. Using Generics and Lambdas Explicit expressions also allow us to use generic types and generic methods within code expressions – and enable us to avoid the <> characters in generics from being ambiguous with tag elements. One More Thing….Intellisense within Attributes We have used code nuggets within HTML attributes in several of the examples above.  One nice feature supported by the Razor code editor within Visual Studio is the ability to still get VB/C# intellisense when doing this. Below is an example of C# code intellisense when using an implicit code nugget within an <a> href=”” attribute: Below is an example of C# code intellisense when using an explicit code nugget embedded in the middle of a <img> src=”” attribute: Notice how we are getting full code intellisense for both scenarios – despite the fact that the code expression is embedded within an HTML attribute (something the existing .aspx code editor doesn’t support).  This makes writing code even easier, and ensures that you can take advantage of intellisense everywhere. Summary Razor enables a clean and concise templating syntax that enables a very fluid coding workflow.  Razor’s ability to implicitly scope code nuggets reduces the amount of typing you need to perform, and leaves you with really clean code. When necessary, you can also explicitly scope code expressions using a @(expression) syntax to provide greater clarity around your intent, as well as to disambiguate code statements from static markup. Hope this helps, Scott P.S. In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/scottgu

    Read the article

  • Asynchronous Streaming in ASP.NET WebApi

    - by andresv
     Hi everyone, if you use the cool MVC4 WebApi you might encounter yourself in a common situation where you need to return a rather large amount of data (most probably from a database) and you want to accomplish two things: Use streaming so the client fetch the data as needed, and that directly correlates to more fetching in the server side (from our database, for example) without consuming large amounts of memory. Leverage the new MVC4 WebApi and .NET 4.5 async/await asynchronous execution model to free ASP.NET Threadpool threads (if possible).  So, #1 and #2 are not directly related to each other and we could implement our code fulfilling one or the other, or both. The main point about #1 is that we want our method to immediately return to the caller a stream, and that client side stream be represented by a server side stream that gets written (and its related database fetch) only when needed. In this case we would need some form of "state machine" that keeps running in the server and "knows" what is the next thing to fetch into the output stream when the client ask for more content. This technique is generally called a "continuation" and is nothing new in .NET, in fact using an IEnumerable<> interface and the "yield return" keyword does exactly that, so our first impulse might be to write our WebApi method more or less like this:           public IEnumerable<Metadata> Get([FromUri] int accountId)         {             // Execute the command and get a reader             using (var reader = GetMetadataListReader(accountId))             {                 // Read rows asynchronously, put data into buffer and write asynchronously                 while (reader.Read())                 {                     yield return MapRecord(reader);                 }             }         }   While the above method works, unfortunately it doesn't accomplish our objective of returning immediately to the caller, and that's because the MVC WebApi infrastructure doesn't yet recognize our intentions and when it finds an IEnumerable return value, enumerates it before returning to the client its values. To prove my point, I can code a test method that calls this method, for example:        [TestMethod]         public void StreamedDownload()         {             var baseUrl = @"http://localhost:57771/api/metadata/1";             var client = new HttpClient();             var sw = Stopwatch.StartNew();             var stream = client.GetStreamAsync(baseUrl).Result;             sw.Stop();             Debug.WriteLine("Elapsed time Call: {0}ms", sw.ElapsedMilliseconds); } So, I would expect the line "var stream = client.GetStreamAsync(baseUrl).Result" returns immediately without server-side fetching of all data in the database reader, and this didn't happened. To make the behavior more evident, you could insert a wait time (like Thread.Sleep(1000);) inside the "while" loop, and you will see that the client call (GetStreamAsync) is not going to return control after n seconds (being n == number of reader records being fetched).Ok, we know this doesn't work, and the question would be: is there a way to do it?Fortunately, YES!  and is not very difficult although a little more convoluted than our simple IEnumerable return value. Maybe in the future this scenario will be automatically detected and supported in MVC/WebApi.The solution to our needs is to use a very handy class named PushStreamContent and then our method signature needs to change to accommodate this, returning an HttpResponseMessage instead of our previously used IEnumerable<>. The final code will be something like this: public HttpResponseMessage Get([FromUri] int accountId)         {             HttpResponseMessage response = Request.CreateResponse();             // Create push content with a delegate that will get called when it is time to write out              // the response.             response.Content = new PushStreamContent(                 async (outputStream, httpContent, transportContext) =>                 {                     try                     {                         // Execute the command and get a reader                         using (var reader = GetMetadataListReader(accountId))                         {                             // Read rows asynchronously, put data into buffer and write asynchronously                             while (await reader.ReadAsync())                             {                                 var rec = MapRecord(reader);                                 var str = await JsonConvert.SerializeObjectAsync(rec);                                 var buffer = UTF8Encoding.UTF8.GetBytes(str);                                 // Write out data to output stream                                 await outputStream.WriteAsync(buffer, 0, buffer.Length);                             }                         }                     }                     catch(HttpException ex)                     {                         if (ex.ErrorCode == -2147023667) // The remote host closed the connection.                          {                             return;                         }                     }                     finally                     {                         // Close output stream as we are done                         outputStream.Close();                     }                 });             return response;         } As an extra bonus, all involved classes used already support async/await asynchronous execution model, so taking advantage of that was very easy. Please note that the PushStreamContent class receives in its constructor a lambda (specifically an Action) and we decorated our anonymous method with the async keyword (not a very well known technique but quite handy) so we can await over the I/O intensive calls we execute like reading from the database reader, serializing our entity and finally writing to the output stream.  Well, if we execute the test again we will immediately notice that the a line returns immediately and then the rest of the server code is executed only when the client reads through the obtained stream, therefore we get low memory usage and far greater scalability for our beloved application serving big chunks of data.Enjoy!Andrés.        

    Read the article

  • General Purpose ASP.NET Data Source Control

    - by Ricardo Peres
    OK, you already know about the ObjectDataSource control, so what’s wrong with it? Well, for once, it doesn’t pass any context to the SelectMethod, you only get the parameters supplied on the SelectParameters plus the desired ordering, starting page and maximum number of rows to display. Also, you must have two separate methods, one for actually retrieving the data, and the other for getting the total number of records (SelectCountMethod). Finally, you don’t get a chance to alter the supplied data before you bind it to the target control. I wanted something simple to use, and more similar to ASP.NET 4.5, where you can have the select method on the page itself, so I came up with CustomDataSource. Here’s how to use it (I chose a GridView, but it works equally well with any regular data-bound control): 1: <web:CustomDataSourceControl runat="server" ID="datasource" PageSize="10" OnData="OnData" /> 2: <asp:GridView runat="server" ID="grid" DataSourceID="datasource" DataKeyNames="Id" PageSize="10" AllowPaging="true" AllowSorting="true" /> The OnData event handler receives a DataEventArgs instance, which contains some properties that describe the desired paging location and size, and it’s where you return the data plus the total record count. Here’s a quick example: 1: protected void OnData(object sender, DataEventArgs e) 2: { 3: //just return some data 4: var data = Enumerable.Range(e.StartRowIndex, e.PageSize).Select(x => new { Id = x, Value = x.ToString(), IsPair = ((x % 2) == 0) }); 5: e.Data = data; 6: //the total number of records 7: e.TotalRowCount = 100; 8: } Here’s the code for the DataEventArgs: 1: [Serializable] 2: public class DataEventArgs : EventArgs 3: { 4: public DataEventArgs(Int32 pageSize, Int32 startRowIndex, String sortExpression, IOrderedDictionary parameters) 5: { 6: this.PageSize = pageSize; 7: this.StartRowIndex = startRowIndex; 8: this.SortExpression = sortExpression; 9: this.Parameters = parameters; 10: } 11:  12: public IEnumerable Data 13: { 14: get; 15: set; 16: } 17:  18: public IOrderedDictionary Parameters 19: { 20: get; 21: private set; 22: } 23:  24: public String SortExpression 25: { 26: get; 27: private set; 28: } 29:  30: public Int32 StartRowIndex 31: { 32: get; 33: private set; 34: } 35:  36: public Int32 PageSize 37: { 38: get; 39: private set; 40: } 41:  42: public Int32 TotalRowCount 43: { 44: get; 45: set; 46: } 47: } As you can guess, the StartRowIndex and PageSize receive the starting row and the desired page size, where the page size comes from the PageSize property on the markup. There’s also a SortExpression, which gets passed the sorted-by column and direction (if descending) and a dictionary containing all the values coming from the SelectParameters collection, if any. All of these are read only, and it is your responsibility to fill in the Data and TotalRowCount. The code for the CustomDataSource is very simple: 1: [NonVisualControl] 2: public class CustomDataSourceControl : DataSourceControl 3: { 4: public CustomDataSourceControl() 5: { 6: this.SelectParameters = new ParameterCollection(); 7: } 8:  9: protected override DataSourceView GetView(String viewName) 10: { 11: return (new CustomDataSourceView(this, viewName)); 12: } 13:  14: internal void GetData(DataEventArgs args) 15: { 16: this.OnData(args); 17: } 18:  19: protected virtual void OnData(DataEventArgs args) 20: { 21: EventHandler<DataEventArgs> data = this.Data; 22:  23: if (data != null) 24: { 25: data(this, args); 26: } 27: } 28:  29: [Browsable(false)] 30: [DesignerSerializationVisibility(DesignerSerializationVisibility.Visible)] 31: [PersistenceMode(PersistenceMode.InnerProperty)] 32: public ParameterCollection SelectParameters 33: { 34: get; 35: private set; 36: } 37:  38: public event EventHandler<DataEventArgs> Data; 39:  40: public Int32 PageSize 41: { 42: get; 43: set; 44: } 45: } Also, the code for the accompanying internal – as there is no need to use it from outside of its declaring assembly - data source view: 1: sealed class CustomDataSourceView : DataSourceView 2: { 3: private readonly CustomDataSourceControl dataSourceControl = null; 4:  5: public CustomDataSourceView(CustomDataSourceControl dataSourceControl, String viewName) : base(dataSourceControl, viewName) 6: { 7: this.dataSourceControl = dataSourceControl; 8: } 9:  10: public override Boolean CanPage 11: { 12: get 13: { 14: return (true); 15: } 16: } 17:  18: public override Boolean CanRetrieveTotalRowCount 19: { 20: get 21: { 22: return (true); 23: } 24: } 25:  26: public override Boolean CanSort 27: { 28: get 29: { 30: return (true); 31: } 32: } 33:  34: protected override IEnumerable ExecuteSelect(DataSourceSelectArguments arguments) 35: { 36: IOrderedDictionary parameters = this.dataSourceControl.SelectParameters.GetValues(HttpContext.Current, this.dataSourceControl); 37: DataEventArgs args = new DataEventArgs(this.dataSourceControl.PageSize, arguments.StartRowIndex, arguments.SortExpression, parameters); 38:  39: this.dataSourceControl.GetData(args); 40:  41: arguments.TotalRowCount = args.TotalRowCount; 42: arguments.MaximumRows = this.dataSourceControl.PageSize; 43: arguments.AddSupportedCapabilities(DataSourceCapabilities.Page | DataSourceCapabilities.Sort | DataSourceCapabilities.RetrieveTotalRowCount); 44: arguments.RetrieveTotalRowCount = true; 45:  46: if (!(args.Data is ICollection)) 47: { 48: return (args.Data.OfType<Object>().ToList()); 49: } 50: else 51: { 52: return (args.Data); 53: } 54: } 55: } As always, looking forward to hearing from you!

    Read the article

  • ASP.NET MVC ‘Extendable-hooks’ – ControllerActionInvoker class

    - by nmarun
    There’s a class ControllerActionInvoker in ASP.NET MVC. This can be used as one of an hook-points to allow customization of your application. Watching Brad Wilsons’ Advanced MP3 from MVC Conf inspired me to write about this class. What MSDN says: “Represents a class that is responsible for invoking the action methods of a controller.” Well if MSDN says it, I think I can instill a fair amount of confidence into what the class does. But just to get to the details, I also looked into the source code for MVC. Seems like the base class Controller is where an IActionInvoker is initialized: 1: protected virtual IActionInvoker CreateActionInvoker() { 2: return new ControllerActionInvoker(); 3: } In the ControllerActionInvoker (the O-O-B behavior), there are different ‘versions’ of InvokeActionMethod() method that actually call the action method in question and return an instance of type ActionResult. 1: protected virtual ActionResult InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary<string, object> parameters) { 2: object returnValue = actionDescriptor.Execute(controllerContext, parameters); 3: ActionResult result = CreateActionResult(controllerContext, actionDescriptor, returnValue); 4: return result; 5: } I guess that’s enough on the ‘behind-the-screens’ of this class. Let’s see how we can use this class to hook-up extensions. Say I have a requirement that the user should be able to get different renderings of the same output, like html, xml, json, csv and so on. The user will type-in the output format in the url and should the get result accordingly. For example: http://site.com/RenderAs/ – renders the default way (the razor view) http://site.com/RenderAs/xml http://site.com/RenderAs/csv … and so on where RenderAs is my controller. There are many ways of doing this and I’m using a custom ControllerActionInvoker class (even though this might not be the best way to accomplish this). For this, my one and only route in the Global.asax.cs is: 1: routes.MapRoute("RenderAsRoute", "RenderAs/{outputType}", 2: new {controller = "RenderAs", action = "Index", outputType = ""}); Here the controller name is ‘RenderAsController’ and the action that’ll get called (always) is the Index action. The outputType parameter will map to the type of output requested by the user (xml, csv…). I intend to display a list of food items for this example. 1: public class Item 2: { 3: public int Id { get; set; } 4: public string Name { get; set; } 5: public Cuisine Cuisine { get; set; } 6: } 7:  8: public class Cuisine 9: { 10: public int CuisineId { get; set; } 11: public string Name { get; set; } 12: } Coming to my ‘RenderAsController’ class. I generate an IList<Item> to represent my model. 1: private static IList<Item> GetItems() 2: { 3: Cuisine cuisine = new Cuisine { CuisineId = 1, Name = "Italian" }; 4: Item item = new Item { Id = 1, Name = "Lasagna", Cuisine = cuisine }; 5: IList<Item> items = new List<Item> { item }; 6: item = new Item {Id = 2, Name = "Pasta", Cuisine = cuisine}; 7: items.Add(item); 8: //... 9: return items; 10: } My action method looks like 1: public IList<Item> Index(string outputType) 2: { 3: return GetItems(); 4: } There are two things that stand out in this action method. The first and the most obvious one being that the return type is not of type ActionResult (or one of its derivatives). Instead I’m passing the type of the model itself (IList<Item> in this case). We’ll convert this to some type of an ActionResult in our custom controller action invoker class later. The second thing (a little subtle) is that I’m not doing anything with the outputType value that is passed on to this action method. This value will be in the RouteData dictionary and we’ll use this in our custom invoker class as well. It’s time to hook up our invoker class. First, I’ll override the Initialize() method of my RenderAsController class. 1: protected override void Initialize(RequestContext requestContext) 2: { 3: base.Initialize(requestContext); 4: string outputType = string.Empty; 5:  6: // read the outputType from the RouteData dictionary 7: if (requestContext.RouteData.Values["outputType"] != null) 8: { 9: outputType = requestContext.RouteData.Values["outputType"].ToString(); 10: } 11:  12: // my custom invoker class 13: ActionInvoker = new ContentRendererActionInvoker(outputType); 14: } Coming to the main part of the discussion – the ContentRendererActionInvoker class: 1: public class ContentRendererActionInvoker : ControllerActionInvoker 2: { 3: private readonly string _outputType; 4:  5: public ContentRendererActionInvoker(string outputType) 6: { 7: _outputType = outputType.ToLower(); 8: } 9: //... 10: } So the outputType value that was read from the RouteData, which was passed in from the url, is being set here in  a private field. Moving to the crux of this article, I now override the CreateActionResult method. 1: protected override ActionResult CreateActionResult(ControllerContext controllerContext, ActionDescriptor actionDescriptor, object actionReturnValue) 2: { 3: if (actionReturnValue == null) 4: return new EmptyResult(); 5:  6: ActionResult result = actionReturnValue as ActionResult; 7: if (result != null) 8: return result; 9:  10: // This is where the magic happens 11: // Depending on the value in the _outputType field, 12: // return an appropriate ActionResult 13: switch (_outputType) 14: { 15: case "json": 16: { 17: JavaScriptSerializer serializer = new JavaScriptSerializer(); 18: string json = serializer.Serialize(actionReturnValue); 19: return new ContentResult { Content = json, ContentType = "application/json" }; 20: } 21: case "xml": 22: { 23: XmlSerializer serializer = new XmlSerializer(actionReturnValue.GetType()); 24: using (StringWriter writer = new StringWriter()) 25: { 26: serializer.Serialize(writer, actionReturnValue); 27: return new ContentResult { Content = writer.ToString(), ContentType = "text/xml" }; 28: } 29: } 30: case "csv": 31: controllerContext.HttpContext.Response.AddHeader("Content-Disposition", "attachment; filename=items.csv"); 32: return new ContentResult 33: { 34: Content = ToCsv(actionReturnValue as IList<Item>), 35: ContentType = "application/ms-excel" 36: }; 37: case "pdf": 38: string filePath = controllerContext.HttpContext.Server.MapPath("~/items.pdf"); 39: controllerContext.HttpContext.Response.AddHeader("content-disposition", 40: "attachment; filename=items.pdf"); 41: ToPdf(actionReturnValue as IList<Item>, filePath); 42: return new FileContentResult(StreamFile(filePath), "application/pdf"); 43:  44: default: 45: controllerContext.Controller.ViewData.Model = actionReturnValue; 46: return new ViewResult 47: { 48: TempData = controllerContext.Controller.TempData, 49: ViewData = controllerContext.Controller.ViewData 50: }; 51: } 52: } A big method there! The hook I was talking about kinda above actually is here. This is where different kinds / formats of output get returned based on the output type requested in the url. When the _outputType is not set (string.Empty as set in the Global.asax.cs file), the razor view gets rendered (lines 45-50). This is the default behavior in most MVC applications where-in a view (webform/razor) gets rendered on the browser. As you see here, this gets returned as a ViewResult. But then, for an outputType of json/xml/csv, a ContentResult gets returned, while for pdf, a FileContentResult is returned. Here are how the different kinds of output look like: This is how we can leverage this feature of ASP.NET MVC to developer a better application. I’ve used the iTextSharp library to convert to a pdf format. Mike gives quite a bit of detail regarding this library here. You can download the sample code here. (You’ll get an option to download once you open the link). Verdict: Hot chocolate: $3; Reebok shoes: $50; Your first car: $3000; Being able to extend a web application: Priceless.

    Read the article

  • .NET Reflector 7.2 Early Access Build 2 Released: Performance Critical

    - by Bart Read
    I've just posted a write-up of some of the performance tuning I've done to improve .NET Reflector 7.2's start-up time here: http://www.reflector.net/2011/05/net-reflector-7-start-up-time-running-out-of-gas-or-pedal-to-the-metal/ You can get the new build from the .NET Reflector homepage at http://www.reflector.net/. Please remember to give us your feedback in the forum, at http://forums.reflector.net/, using the tags #7.2 and #eap. Technorati Tags: reflector,early access,7.2

    Read the article

  • .NET Reflector 7.2 Early Access Build 1 Released

    - by Bart Read
    I've just posted up full details of this release on the .NET Reflector blog at http://www.reflector.net/2011/05/life-is-a-journey-not-a-destination-net-reflector-7-2-ea-1-has-been-released/ and, breaking with previous tradition, this includes a fairly extensive changelog. You can download this EA build from the .NET Reflector homepage at http://www.reflector.net/. Enjoy! (And please don't forget to tell us what you think on the forum, http://forums.reflector.net/, using the tags #7.2 and #eap.)...(read more)

    Read the article

  • ASP.NET Web Forms Extensibility: Handler Factories

    - by Ricardo Peres
    An handler factory is the class that implements IHttpHandlerFactory and is responsible for instantiating an handler (IHttpHandler) that will process the current request. This is true for all kinds of web requests, whether they are for ASPX pages, ASMX/SVC web services, ASHX/AXD handlers, or any other kind of file. Also used for restricting access for certain file types, such as Config, Csproj, etc. Handler factories are registered on the global Web.config file, normally located at %WINDIR%\Microsoft.NET\Framework<x64>\vXXXX\Config for a given path and request type (GET, POST, HEAD, etc). This goes on section <httpHandlers>. You would create a custom handler factory for a number of reasons, let me list just two: A centralized place for using dependency injection; Also a centralized place for invoking custom methods or performing some kind of validation on all pages. Let’s see an example using Unity for injecting dependencies into a page, suppose we have this on Global.asax.cs: 1: public class Global : HttpApplication 2: { 3: internal static readonly IUnityContainer Unity = new UnityContainer(); 4: 5: void Application_Start(Object sender, EventArgs e) 6: { 7: Unity.RegisterType<IFunctionality, ConcreteFunctionality>(); 8: } 9: } We instantiate Unity and register a concrete implementation for an interface, this could/should probably go in the Web.config file. Forget about its actual definition, it’s not important. Then, we create a custom handler factory: 1: public class UnityPageHandlerFactory : PageHandlerFactory 2: { 3: public override IHttpHandler GetHandler(HttpContext context, String requestType, String virtualPath, String path) 4: { 5: IHttpHandler handler = base.GetHandler(context, requestType, virtualPath, path); 6: 7: //one scenario: inject dependencies 8: Global.Unity.BuildUp(handler.GetType(), handler, String.Empty); 9:  10: return (handler); 11: } 12: } It inherits from PageHandlerFactory, which is .NET’s included factory for building regular ASPX pages. We override the GetHandler method and issue a call to the BuildUp method, which will inject required dependencies, if any exist. An example page with dependencies might be: 1: public class SomePage : Page 2: { 3: [Dependency] 4: public IFunctionality Functionality 5: { 6: get; 7: set; 8: } 9: } Notice the DependencyAttribute, it is used by Unity to identify properties that require dependency injection. When BuildUp is called, the Functionality property (or any other properties with the DependencyAttribute attribute) will receive the concrete implementation associated with it’s type, as registered on Unity. Another example, checking a page for authorization. Let’s define an interface first: 1: public interface IRestricted 2: { 3: Boolean Check(HttpContext ctx); 4: } An a page implementing that interface: 1: public class RestrictedPage : Page, IRestricted 2: { 3: public Boolean Check(HttpContext ctx) 4: { 5: //check the context and return a value 6: return ...; 7: } 8: } For this, we would use an handler factory such as this: 1: public class RestrictedPageHandlerFactory : PageHandlerFactory 2: { 3: private static readonly IHttpHandler forbidden = new UnauthorizedHandler(); 4:  5: public override IHttpHandler GetHandler(HttpContext context, String requestType, String virtualPath, String path) 6: { 7: IHttpHandler handler = base.GetHandler(context, requestType, virtualPath, path); 8: 9: if (handler is IRestricted) 10: { 11: if ((handler as IRestricted).Check(context) == false) 12: { 13: return (forbidden); 14: } 15: } 16:  17: return (handler); 18: } 19: } 20:  21: public class UnauthorizedHandler : IHttpHandler 22: { 23: #region IHttpHandler Members 24:  25: public Boolean IsReusable 26: { 27: get { return (true); } 28: } 29:  30: public void ProcessRequest(HttpContext context) 31: { 32: context.Response.StatusCode = (Int32) HttpStatusCode.Unauthorized; 33: context.Response.ContentType = "text/plain"; 34: context.Response.Write(context.Response.Status); 35: context.Response.Flush(); 36: context.Response.Close(); 37: context.ApplicationInstance.CompleteRequest(); 38: } 39:  40: #endregion 41: } The UnauthorizedHandler is an example of an IHttpHandler that merely returns an error code to the client, but does not cause redirection to the login page, it is included merely as an example. One thing we must keep in mind is, there can be only one handler factory registered for a given path/request type (verb) tuple. A typical registration would be: 1: <httpHandlers> 2: <remove path="*.aspx" verb="*"/> 3: <add path="*.aspx" verb="*" type="MyNamespace.MyHandlerFactory, MyAssembly"/> 4: </httpHandlers> First we remove the previous registration for ASPX files, and then we register our own. And that’s it. A very useful mechanism which I use lots of times.

    Read the article

  • Inline Image in ASP.NET

    - by Ricardo Peres
    Inline images is a technique that, instead of referring to an external URL, includes all of the image’s content in the HTML itself, in the form of a Base64-encoded string. It avoids a second browser request, at the cost of making the HTML page slightly heavier and not using cache. Not all browsers support it, but current versions of IE, Firefox and Chrome do. In order to use inline images, you must write the img element’s src attribute like this: 1: <img src="data:image/gif;base64,R0lGODlhEAAOALMAAOazToeHh0tLS/7LZv/0jvb29t/f3//Ub/ 2: /ge8WSLf/rhf/3kdbW1mxsbP//mf///yH5BAAAAAAALAAAAAAQAA4AAARe8L1Ekyky67QZ1hLnjM5UUde0ECwLJoExKcpp 3: V0aCcGCmTIHEIUEqjgaORCMxIC6e0CcguWw6aFjsVMkkIr7g77ZKPJjPZqIyd7sJAgVGoEGv2xsBxqNgYPj/gAwXEQA7" 4: width="16" height="14" alt="embedded folder icon"/> The syntax is: data:[<mediatype>][;base64],<data> I developed a simple control that allows you to use inline images in your ASP.NET pages. Here it is: 1: public class InnerImage: Image 2: { 3: protected override void OnInit(EventArgs e) 4: { 5: String imagePath = this.Context.Server.MapPath(this.ImageUrl); 6: String extension = Path.GetExtension(imagePath).Substring(1); 7: Byte[] imageData = File.ReadAllBytes(imagePath); 8:  9: this.ImageUrl = String.Format("data:image/{0};base64,{1}", extension, Convert.ToBase64String(imageData)); 10:  11: base.OnInit(e); 12: } 13: } Simple, don’t you think?

    Read the article

  • ASP.Net Development Tips

    Opening ASP.NET 3.5 websites in VWD 2010 VWD Express 2010 by default supports ASP.NET 4.0. If you are opening old projects that are based on either ASP.NET 3.5 or ASP.NET 2.0, you need to make some adjustments. Refer to the steps below: 1. Back up the folder containing your ASP.NET 3.5 website files and place it in another directory. For example, suppose this is the path of your original ASP.NET website that needs to be opened in VWD 2010: L:aspdotnetprojectsareaofcirclefunction Copy that folder (do not cut it) and put it in a separate folder that can be accessed by VWD 2010. By copying the fo...

    Read the article

  • ASP.NET or PHP for news website? [closed]

    - by Goma
    Whcih is better to build a news website from scratch with the following features: Every registered member can read the news. some members (moderators) can add news. Admin can edit, delete,etc. Every thread or topic may contain many pictures. Members can reply and add their comment. Members can upload their photos and other photos. There will be private messages between users. The visitors will be arround 2,000,000, every day.

    Read the article

  • I can't access Page.RouteData or Response.RedirectPermanent in web forms upgraded from 3.5 to 4.0 ?

    - by Barbaros Alp
    Hi, I have upgraded my web application from 3.5 to 4.0 to get benefits of the new features of ASP.NET 4.0. When i try to get Route Data Values; Page.RouteData.Values["customerId"] with this code i couldn't reach the RouteData.Values collection the Page class doesnt contain a member called routedata. I also have the same issue with Response.RedirectPermanent... What might be the reason ? Thanks in advance

    Read the article

  • Redmine on Apache2 with Passenger issue

    - by nkr1pt
    I installed Redmine and run it in Apache2 with the Passenger module. Apache2 boots, Passenger module gets loaded and the Redmine welcome page is shown, however when trying to login or navigate to other parts of the Redmine site, the browser keeps loading and loading and loading forever, although the Redmine production.log indicates redirects and HTTP 200 codes in the header, so everything seems to work correctly according to the log. I tested in various browsers. Does anyone have an idea what could be wrong? I will add apache configuration and some relevant log snippets from both apache and redmine hereafter. Apache2 Redmine configuration: DocumentRoot /var/www <Directory /var/www/redmine> RailsEnv production AllowOverride all RailsBaseURI /redmine PassengerResolveSymLinksInDocumentRoot on </Directory> Apache2 error log after booting Apache: [Wed Feb 09 19:59:58 2011] [notice] Apache/2.2.14 (Ubuntu) Phusion_Passenger/3.0.2 DAV/2 SVN/1.6.6 configured -- resuming normal operations Redmine production log after logging in: Logfile created on Wed Feb 09 20:01:40 +0100 2011 Processing WelcomeController#index (for 192.168.1.55 at 2011-02-09 20:01:48) [GET] Parameters: {"action"=>"index", "controller"=>"welcome"} Rendering template within layouts/base Rendering welcome/index Completed in 220ms (View: 96, DB: 16) | 200 OK [http://sirius/redmine] Processing AccountController#login (for 192.168.1.55 at 2011-02-09 20:03:17) [GET] Parameters: {"action"=>"login", "controller"=>"account"} Rendering template within layouts/base Rendering account/login Completed in 85ms (View: 63, DB: 1) | 200 OK [http://sirius/redmine/login] Processing AccountController#login (for 192.168.1.55 at 2011-02-09 20:03:20) [POST] Parameters: {"back_url"=>"http%3A%2F%2Fsirius%2Fredmine", "action"=>"login", "authenticity_token"=>"cEMUZHhRKJU8w3p6d+xQQhJTk4/pnnzUdg5g5fwhxDU=", "username"=>"admin", "controller"=>"account", "password"=>"[FILTERED]", "login"=>"Login \302\273"} Redirected to http://sirius/redmine Completed in 37ms (DB: 6) | 302 Found [http://sirius/redmine/login] Processing WelcomeController#index (for 192.168.1.55 at 2011-02-09 20:03:20) [GET] Parameters: {"action"=>"index", "controller"=>"welcome"} Rendering template within layouts/base Rendering welcome/index Completed in 100ms (View: 77, DB: 6) | 200 OK [http://sirius/redmine] Apache2 error log afterwards: [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/mod_instaweb.cc(247)] ModPagespeed OutputFilter called for request /redmine/login [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/mod_instaweb.cc(272)] unparsed=/redmine/login, absolute_url=http://sirius/redmine/login [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: HtmlParse::StartParse [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/mod_instaweb.cc(299)] Request headers:\nHTTP/1.1 0 Internal Server Error\r\nHost: sirius\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.8) Gecko/20100723 Ubuntu/10.04 (lucid) Firefox/3.6.8\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nAccept-Encoding: gzip,deflate\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nKeep-Alive: 115\r\nConnection: keep-alive\r\nReferer: http://sirius/redmine\r\nCookie: _redmine_session=BAh7BjoPc2Vzc2lvbl9pZCIlNmVlMzFiMDc4MWQxZDU5ZTI5MTk2NjU0NGY3MzJmYzQ%3D--ea4b7adbc35551051632b5544faaad138ae08d90\r\n\r\n [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/mod_instaweb.cc(302)] request-filename=/var/www/redmine/login, uri=/redmine/login [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/mod_instaweb.cc(319)] ModPagespeed Response headers:\nHTTP/1.1 200 OK\r\nStatus: 200\r\nX-Mod-Pagespeed: 0.9.0.0-128\r\n\r\n [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 2157us: HtmlParse::Flush [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 2272us: HtmlParse::CoalesceAdjacentCharactersNodes [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 2342us: HtmlParse::ApplyFilter:AddHead [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 2407us: HtmlParse::SanityCheck [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 2504us: HtmlParse::ApplyFilter:CssCombine [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/stylesheets/application.css?1296181549 [Wed Feb 09 20:03:17 2011] [warn] [0209/200317:WARNING:net/instaweb/util/google_message_handler.cc(32)] Failed to create or read input resource /redmine/stylesheets/application.css?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/stylesheets/jstoolbar.css?1296181549 [Wed Feb 09 20:03:17 2011] [warn] [0209/200317:WARNING:net/instaweb/util/google_message_handler.cc(32)] Failed to create or read input resource /redmine/stylesheets/jstoolbar.css?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 3642us: HtmlParse::ApplyFilter:CssFilter [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/stylesheets/application.css?1296181549 [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] http://sirius/redmine/login:9: Failed to load resource http://sirius/redmine/stylesheets/application.css?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/stylesheets/jstoolbar.css?1296181549 [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] http://sirius/redmine/login:17: Failed to load resource http://sirius/redmine/stylesheets/jstoolbar.css?1296181549 [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Failed to load resource http://sirius/redmine/stylesheets/jstoolbar.css?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 4863us: HtmlParse::ApplyFilter:Javascript [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:11: Found script with src /redmine/javascripts/prototype.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/prototype.js?1296181549 [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/prototype.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:12: Found script with src /redmine/javascripts/effects.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/effects.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/effects.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/effects.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:13: Found script with src /redmine/javascripts/dragdrop.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/dragdrop.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] Creating connection [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:14: Found script with src /redmine/javascripts/controls.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/controls.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/controls.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:15: Found script with src /redmine/javascripts/application.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/application.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] Creating connection [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 8389us: HtmlParse::SanityCheck [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 8588us: HtmlParse::CoalesceAdjacentCharactersNodes [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 8701us: HtmlParse::ApplyFilter:InlineCss [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: 8701us: HtmlParse::ApplyFilter:InlineCss [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/stylesheets/application.css?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/stylesheets/application.css?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 9199us: HtmlParse::ApplyFilter:InlineJs [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/prototype.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/prototype.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/effects.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] Creating connectionhttp://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/effects.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connectionhttp://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/effects.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/dragdrop.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/dragdrop.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/controls.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/controls.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/application.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/application.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 11398us: HtmlParse::ApplyFilter:ImgRewrite [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 11506us: HtmlParse::ApplyFilter:CacheExtender [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/stylesheets/application.css?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/stylesheets/application.css?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/prototype.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/prototype.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/effects.js?1296181549 [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/effects.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/dragdrop.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/dragdrop.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/controls.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/controls.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/javascripts/application.js?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/javascripts/application.js?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/stylesheets/jstoolbar.css?1296181549 [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(29)] http://sirius/redmine/login: Couldn't fetch resource /redmine/stylesheets/jstoolbar.css?1296181549 to rewrite. [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 14401us: HtmlParse::ApplyFilter:HtmlWriter [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [notice] [0209/200317:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 15218us: HtmlParse::FinishParse [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:17 2011] [error] [0209/200317:ERROR:net/instaweb/util/google_message_handler.cc(54)] net/instaweb/apache/serf_url_async_fetcher.cc:506: Creating connection [Wed Feb 09 20:03:20 2011] [warn] [client 192.168.1.55] Not GET request: 2., referer: http://sirius/redmine/login [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(247)] ModPagespeed OutputFilter called for request /redmine/login [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(272)] unparsed=/redmine/login, absolute_url=http://sirius/redmine/login [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: HtmlParse::StartParse [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(299)] Request headers:\nHTTP/1.1 0 Internal Server Error\r\nHost: sirius\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.8) Gecko/20100723 Ubuntu/10.04 (lucid) Firefox/3.6.8\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nAccept-Encoding: gzip,deflate\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nKeep-Alive: 115\r\nConnection: keep-alive\r\nReferer: http://sirius/redmine/login\r\nCookie: _redmine_session=BAh7BzoPc2Vzc2lvbl9pZCIlNmVlMzFiMDc4MWQxZDU5ZTI5MTk2NjU0NGY3MzJmYzQ6EF9jc3JmX3Rva2VuIjFjRU1VWkhoUktKVTh3M3A2ZCt4UVFoSlRrNC9wbm56VWRnNWc1ZndoeERVPQ%3D%3D--8b195ac3cab88b5a1f408e3f18aaddc70782140e\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 165\r\n\r\n [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(302)] request-filename=/var/www/redmine/login, uri=/redmine/login [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(319)] ModPagespeed Response headers:\nHTTP/1.1 302 Found\r\nLocation: http://sirius/redmine\r\nStatus: 302\r\nX-Mod-Pagespeed: 0.9.0.0-128\r\n\r\n [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 604us: HtmlParse::Flush [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 697us: HtmlParse::CoalesceAdjacentCharactersNodes [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 758us: HtmlParse::ApplyFilter:AddHead [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 813us: HtmlParse::SanityCheck [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 912us: HtmlParse::CoalesceAdjacentCharactersNodes [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 965us: HtmlParse::ApplyFilter:CssCombine [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 1020us: HtmlParse::ApplyFilter:CssFilter [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 1073us: HtmlParse::ApplyFilter:Javascript [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 1125us: HtmlParse::ApplyFilter:InlineCss [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 1179us: HtmlParse::ApplyFilter:InlineJs [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 1233us: HtmlParse::ApplyFilter:ImgRewrite [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 1285us: HtmlParse::ApplyFilter:CacheExtender [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 1338us: HtmlParse::ApplyFilter:HtmlWriter [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine/login:1: 1415us: HtmlParse::FinishParse [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(247)] ModPagespeed OutputFilter called for request /redmine [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(272)] unparsed=/redmine, absolute_url=http://sirius/redmine [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine:1: HtmlParse::StartParse [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(299)] Request headers:\nHTTP/1.1 0 Internal Server Error\r\nHost: sirius\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.8) Gecko/20100723 Ubuntu/10.04 (lucid) Firefox/3.6.8\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8\r\nAccept-Language: en-us,en;q=0.5\r\nAccept-Encoding: gzip,deflate\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nKeep-Alive: 115\r\nConnection: keep-alive\r\nReferer: http://sirius/redmine/login\r\nCookie: _redmine_session=BAh7BzoMdXNlcl9pZGkGOg9zZXNzaW9uX2lkIiVlYjNmYTY5NmZjNzMwYTdhMjA5ZDJmZmM4MTM0MzcyMw%3D%3D--57a4931aae681664d2a6ff6c039ac84b6ebc9e55\r\nIf-None-Match: "76628aff953f11fbdefb77ce3d575718"\r\n\r\n [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(302)] request-filename=/var/www/redmine, uri=/redmine [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/mod_instaweb.cc(319)] ModPagespeed Response headers:\nHTTP/1.1 200 OK\r\nStatus: 200\r\nX-Mod-Pagespeed: 0.9.0.0-128\r\n\r\n [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine:1: 1870us: HtmlParse::Flush [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine:1: 1973us: HtmlParse::CoalesceAdjacentCharactersNodes [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine:1: 2040us: HtmlParse::ApplyFilter:AddHead [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine:1: 2101us: HtmlParse::SanityCheck [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/util/google_message_handler.cc(48)] http://sirius/redmine:1: 2231us: HtmlParse::ApplyFilter:CssCombine [Wed Feb 09 20:03:20 2011] [notice] [0209/200320:INFO:net/instaweb/apache/serf_url_async_fetcher.cc(632)] Initiating async fetch for http://sirius/redmine/stylesheets/application.css?1296181549

    Read the article

  • Enum.HasFlag method in C# 4.0

    - by Jalpesh P. Vadgama
    Enums in dot net programming is a great facility and we all used it to increase code readability. In earlier version of .NET framework we don’t have any method anything that will check whether a value is assigned to it or not. In C# 4.0 we have new static method called HasFlag which will check that particular value is assigned or not. Let’s take an example for that. First I have created a enum called PaymentType which could have two values Credit Card or Debit Card. Just like following. public enum PaymentType { DebitCard=1, CreditCard=2 } Now We are going to assigned one of the value to this enum instance and then with the help of HasFlag method we are going to check whether particular value is assigned to enum or not like following. protected void Page_Load(object sender, EventArgs e) { PaymentType paymentType = PaymentType.CreditCard; if (paymentType.HasFlag(PaymentType.DebitCard)) { Response.Write("Process Debit Card"); } if (paymentType.HasFlag(PaymentType.CreditCard)) { Response.Write("Process Credit Card"); } } Now Let’s check out in browser as following. As expected it will print process Credit Card as we have assigned that value to enum. That’s it It’s so simple and cool. Stay tuned for more.. Happy Programming.. Technorati Tags: Enum,C#4.0,ASP.NET 4.0

    Read the article

  • ASP.NET MVC : strange POST behavior

    - by user93422
    ASP.NET MVC 2 app I have two actions on my controller (Toons): [GET] List [POST] Add App is running on IIS7 integration mode, so /Toons/List works fine. But when I do POST (that redirects to /Toons/List internally) it redirects (with 302 Object Moved) back to /Toons/Add. The problem goes away if I use .aspx hack (that works in IIS6/IIS7 classic mode). But without .aspx - GET work fine, but POST redirects me onto itself but with GET. What am I missing? I'm hosting with webhost4life.com and they did change IIS7 to integrated mode already. EDIT: The code works as expected using UltiDev Cassini server. EDIT: It turned out to be trailing-slash-in-URL issue. Somehow IIS7 doesn't route request properly if there is no slash at the end. EDET: Explanation of the behavior What happens is when I request (POST) /Toons/List (without trailing slash), IIS doesn't find the handler (I do not have knowledge to understand how exactly IIS does URL-to-handler mapping) and redirects the request (using 302 code) to /Toons/List/ (notice trailing slash). A browser, according to the HTTP specification, must redirect the request using same method (POST in this case), but instead it handles 302 as if it is 303 and issues GET request for the new URL. This is incorrect, but known behavior of most browsers. The solution is either to use .aspx-hack to make it unambiguous for IIS how to map requests to ASP.NET handler, or configure IIS to handle everything in the virtual directory using ASP.NET handler. Q: what is a better way to handle this?

    Read the article

  • Transalation of tasks in .NET 1.1 to .NET 3.5

    - by ggonsalv
    In .Net 1.1 I would run a stored procedure to fill a typed dataset. I would use a Datareader to fill the dataset for speed (though it was probably not necessary) Then I would use the Dataset to bind to multiple controls on the page so as to render the data to multiple CSS/javsript based tabs on the page. This would also reduce the database call to 1. So I know I could this in 3.5, but is there a better way. For example can one stored procedure create an EDM object to be used. Since the data is mainly readonly should I even bother changing or keep using the Stored proc -> Data set -> Bind individual controls to specific data tables

    Read the article

  • Insert Stored Procedure, Using Asp.Net WebForm to Insert new [Customer]

    - by user2953815
    Can someone please help me create a stored procedure to insert a new customer from a web form. I am having difficulty making the state a drop down list for customer to pick a state from the list and having that inserted into the database. INSERT INTO Customer ( Cust_First, Cust_Middle, Cust_Last, Cust_Phone, Cust_Alt_Phone, Cust_Email, Add_Line1, Add_Line2, Add_Bill_Line1, Add_Bill_Line2, City, State_Prov_Name, Postal_Zip_Code, Country_ID ) VALUES ( @Cust_First, @Cust_Middle, @Cust_Last, @Cust_Phone, @Cust_Alt_Phone, @Cust_Email, @Add_Line1, @Add_Line2, @Add_Bill_Line1, @Add_Bill_Line2, @City, @State_Prov_Name, @Postal_Zip_Code, @Country_ID )"> <InsertParameters> <asp:Parameter Name="Cust_First" Type="String"></asp:Parameter> <asp:Parameter Name="Cust_Middle" Type="String"></asp:Parameter> <asp:Parameter Name="Cust_Last" Type="String"></asp:Parameter> <asp:Parameter Name="Cust_Phone" Type="String"></asp:Parameter> <asp:Parameter Name="Cust_Alt_Phone" Type="String"></asp:Parameter> <asp:Parameter Name="Cust_Email" Type="String"></asp:Parameter> <asp:Parameter Name="Add_Line1" Type="String"></asp:Parameter> <asp:Parameter Name="Add_Line2" Type="String"></asp:Parameter> <asp:Parameter Name="Add_Bill_Line1" Type="String"></asp:Parameter> <asp:Parameter Name="Add_Bill_Line2" Type="String"></asp:Parameter> <asp:Parameter Name="City" Type="String"></asp:Parameter> <asp:Parameter Name="Postal_Zip_Code" Type="String"></asp:Parameter> <asp:Parameter Name="Cust_ID" Type="Int32"></asp:Parameter> <asp:Parameter Name="State_Prov_Name" Type="String"></asp:Parameter> <asp:Parameter Name="Country_Name" Type="String"></asp:Parameter> </InsertParameters>

    Read the article

  • How to go about converting this classic asp to asp.net

    - by Phil
    I have some classic asp code that needs converting to asp.net. So far I have tried to achieve this using datareaders and repeaters and had no luck as the menu loops through 4 different record sets, passing along the menuNid before moving to the next record. Please can you tell me what method you would use to conver this code... i.e datareaders? dataset? etc? Thanks <% set RSMenuLevel0 = conn.execute("select id, DepartmentID, GroupingID, Heading, OrderID, Publish, moduleid, url, urltarget " &_ "from T where (DepartmentID = 0 and GroupingID = 0 and Publish <> 0) order by OrderID") %> <% if session("JavaScriptEnabled") = "False" Then %> <% while not RSMenuLevel0.EOF if RSMenuLevel0("Publish") <> 0 then Menu0heading = RSMenuLevel0("Heading") Menu0id = RSMenuLevel0("id") %> <%if RSMenuLevel0("url") > "" and RSMenuLevel0("moduleid") = 0 then%> &nbsp;<a href="http://<%=RSMenuLevel0("url")%>" target="<%=RSMenuLevel0("urltarget")%>"><%=Menu0heading%></a> <%else%> &nbsp;<a href="/default.asp?id=<%=Menu0id%>"><%=Menu0heading%></a> <%end if%> <% end if RSMenuLevel0.MoveNext wend %> <% else %> <ul id="Menu1" class="MM"> <%if home <> 1 then%> <!-- <li><a href="/default.asp"><span class="item">Home</span></a> --> <%end if%> <% numone=0 while not RSMenuLevel0.EOF ' numone = numone + 1 Menu0heading = RSMenuLevel0("Heading") 'itemID = lcase(replace(Menu0heading," ","")) Menu0id = RSMenuLevel0("id") if RSMenuLevel0("url") > "" and RSMenuLevel0("moduleid") = 0 then url = RSMenuLevel0("url") if instr(url,"file:///") > 0 then %> <li><a href="<%=RSMenuLevel0("url")%>" target="<%=RSMenuLevel0("urltarget")%>" <%if numone=1 then%>class="CURRENT"<%end if%>><span class="item"><%=Menu0heading%></span></a> <%else%> <li><a href="http://<%=RSMenuLevel0("url")%>" target="<%=RSMenuLevel0("urltarget")%>" <%if numone=1 then%>class="CURRENT"<%end if%>><span class="item"><%=Menu0heading%></span></a> <%end if%> <%else%> <li><a href="/default.asp?id=<%=RSMenuLevel0("id")%>" <%if numone=1 then%>class="CURRENT"<%end if%>><span class="item"><%=Menu0heading%></span></a> <%end if%> <% set RSMenuLevel1 = conn.execute("select id, DepartmentID, GroupingID, Heading, OrderID, Publish, moduleid, url, urltarget " &_ "from T where (DepartmentID = 0 and GroupingID = " & Menu0id & " and Publish <> 0) order by OrderID") if not RSMenuLevel1.EOF then %> <ul> <% while not RSMenuLevel1.EOF Menu1heading = RSMenuLevel1("Heading") Menu1id = RSMenuLevel1("id") if RSMenuLevel1("url") > "" and RSMenuLevel1("moduleid") = 0 then url = RSMenuLevel1("url") if instr(url,"file:///") > 0 then %> <li><a href="<%=RSMenuLevel1("url")%>" target="<%=RSMenuLevel1("urltarget")%>"><%=Menu1heading%></a> <%else%> <li><a href="http://<%=RSMenuLevel1("url")%>" target="<%=RSMenuLevel1("urltarget")%>"><%=Menu1heading%></a> <%end if%> <%else%> <li><a href="/default.asp?id=<%=RSMenuLevel1("id")%>"><%=Menu1heading%></a> <%end if%> <% set RSMenuLevel2 = conn.execute("select id, DepartmentID, GroupingID, Heading, OrderID, Publish, moduleid, url, urltarget " &_ "from T where (DepartmentID = 0 and GroupingID = " & Menu1id & " and Publish <> 0) order by OrderID") if not RSMenuLevel2.EOF then %> <ul> <% while not RSMenuLevel2.EOF Menu2heading = RSMenuLevel2("Heading") Menu2id = RSMenuLevel2("id") if RSMenuLevel2("url") > "" and RSMenuLevel2("moduleid") = 0 then %> <li><a href="http://<%=RSMenuLevel2("url")%>" target="<%=RSMenuLevel2("urltarget")%>"><%=Menu2heading%></a> <%else%> <li><a href="/default.asp?id=<%=RSMenuLevel2("id")%>"><%=Menu2heading%></a> <%end if%> <% set RSMenuLevel3 = conn.execute("select id, DepartmentID, GroupingID, Heading, OrderID, Publish, moduleid, url, urltarget " &_ "from T where (DepartmentID = 0 and GroupingID = " & Menu2id & " and Publish <> 0) order by OrderID") if not RSMenuLevel3.EOF then %> <ul> <% while not RSMenuLevel3.EOF Menu3heading = RSMenuLevel3("Heading") Menu3id = RSMenuLevel3("id") if RSMenuLevel3("url") > "" and RSMenuLevel3("moduleid") = 0 then %> <li><a href="http://<%=RSMenuLevel3("url")%>" target="<%=RSMenuLevel3("urltarget")%>"><%=Menu3heading%></a></li> <%else%> <li><a href="/default.asp?id=<%=RSMenuLevel3("id")%>"><%=Menu3heading%></a></li> <%end if%> <% RSMenuLevel3.MoveNext wend %> </ul> <% end if RSMenuLevel2.MoveNext %> </li> <% wend %> </ul> <% end if RSMenuLevel1.MoveNext %> </li> <% wend %> </ul> <% end if RSMenuLevel0.MoveNext %> </li> <% wend %> </ul> <% end if %>

    Read the article

  • Exposing business logic as WCF service

    - by Oren Schwartz
    I'm working on a middle-tier project which encapsulates the business logic (uses a DAL layer, and serves a web application server [ASP.net]) of a product deployed in a LAN. The BL serves as a bunch of services and data objects that are invoked upon user action. At present times, the DAL acts as a separate application whereas the BL uses it, but is consumed by the web application as a DLL. Both the DAL and the web application are deployed on different servers inside organization, and since the BL DLL is consumed by the web application, it resides in the same server. The worst thing about exposing the BL as a DLL is that we lost track with what we expose. Deployment is not such a big issue since mostly, product versions are deployed together. Would you recommend migrating from DLL to WCF service? If so, why? Do you know anyone who had a similar experience?

    Read the article

  • Add new row to asp .net grid view using button

    - by SARAVAN
    Hi, I am working in ASP .net 2.0. I am a learner. I have a grid view which has a button in it. Please find the asp mark up below <form id="form1" runat="server"> <div> <asp:GridView ID="myGridView" runat="server"> <Columns> <asp:TemplateField> <ItemTemplate> <asp:Button CommandName="AddARowBelow" Text="Add A Row Below" runat="server" /> </ItemTemplate> </asp:TemplateField> </Columns> </asp:GridView> </div> </form> Please find the code behind below. using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Data; using System.Web.UI.WebControls; namespace GridViewDemo { public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { DataTable dt = new DataTable("myTable"); dt.Columns.Add("col1"); dt.Columns.Add("col2"); dt.Columns.Add("col3"); dt.Rows.Add(1, 2, 3); dt.Rows.Add(1, 2, 3); dt.Rows.Add(1, 2, 3); dt.Rows.Add(1, 2, 3); dt.Rows.Add(1, 2, 3); myGridView.DataSource = dt; myGridView.DataBind(); } protected void myGridView_RowCommand(object sender, GridViewCommandEventArgs e) { } } } I was thinking that when I click the command button, it would fire the mygridview_rowcommand() but instead it threw an error as follows: Invalid postback or callback argument. Event validation is enabled using in configuration or <%@ Page EnableEventValidation="true" % in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation. Can any one let me know on where I am going wrong?

    Read the article

  • CascadingDropDown jQuery Plugin for ASP.NET MVC

    - by rajbk
    CascadingDropDown is a jQuery plugin that can be used by a select list to get automatic population using AJAX. A sample ASP.NET MVC project is attached at the bottom of this post.   Usage The code below shows two select lists : <select id="customerID" name="customerID"> <option value="ALFKI">Maria Anders</option> <option value="ANATR">Ana Trujillo</option> <option value="ANTON">Antonio Moreno</option> </select>   <select id="orderID" name="orderID"> </select> When a customer is selected in the first select list, the second list will auto populate itself with the following code: $("#orderID").CascadingDropDown("#customerID", '/Sales/AsyncOrders'); Internally, an AJAX post is made to ‘/Sales/AsyncOrders’ with the post body containing  customerID=[selectedCustomerID]. This executes the action AsyncOrders on the SalesController with signature AsyncOrders(string customerID).  The AsyncOrders method returns JSON which is then used to populate the select list. The JSON format expected is shown below : [{ "Text": "John", "Value": "10326" }, { "Text": "Jane", "Value": "10801" }] Details $(targetID).CascadingDropDown(sourceID, url, settings) targetID The ID of the select list that will auto populate.  sourceID The ID of the select list, which, on change, causes the targetID to auto populate. url The url to post to Options promptText Text for the first item in the select list Default : -- Select -- loadingText Optional text to display in the select list while it is being loaded. Default : Loading.. errorText Optional text to display if an error occurs while populating the list Default: Error loading data. postData Data you want posted to the url in place of the default Example : { postData : { customerID : $(‘#custID’), orderID : $(‘#orderID’) }} will cause customerID=ALFKI&orderID=2343 to be sent as the POST body. Default: A text string obtained by calling serialize on the sourceID onLoading (event) Raised before the list is populated. onLoaded (event) Raised after the list is populated, The code below shows how to “animate” the  select list after load. Example using custom options: $("#orderID").CascadingDropDown("#customerID", '/Sales/AsyncOrders', { promptText: '-- Pick an Order--', onLoading: function () { $(this).css("background-color", "#ff3"); }, onLoaded: function () { $(this).animate({ backgroundColor: '#ffffff' }, 300); } }); To return JSON from our action method, we use the Json ActionResult passing in an IEnumerable<SelectListItem>. public ActionResult AsyncOrders(string customerID) { var orders = repository.GetOrders(customerID).ToList().Select(a => new SelectListItem() { Text = a.OrderDate.HasValue ? a.OrderDate.Value.ToString("MM/dd/yyyy") : "[ No Date ]", Value = a.OrderID.ToString(), }); return Json(orders); } Sample Project using VS 2010 RTM NorthwindCascading.zip

    Read the article

  • Customizing the processing of ListItems for asp:RadioButtonList with "Flow" layout and "Horizontal"

    - by evovision
    Hi, recently I was asked to add an ability to pad specific elements from each other to a certain distance in RadioButtonList control. Not quite common everyday task I would say :)   Ok, let's get started!   Prerequisites: ASP.NET Page having RadioButtonList control with RepeatLayout="Flow" RepeatDirection="Horizontal" properties set.   Implementation:  The underlying data was coming from another source, so the only fast way to add meta information about padding was the text value itself (yes, not very optimal solution): Id = 1, Name = "This is first element" and for padding we agreed to use <space/> meta tag: Id = 2, Name = "<space padcount="30px"/>This is second padded element"   To handle items rendering in RadioButtonList control I've created custom class and subclassed from it:    public class CustomRadioButtonList : RadioButtonList    {        private Action<ListItem, HtmlTextWriter> _preProcess;         protected override void RenderItem(ListItemType itemType, int repeatIndex, RepeatInfo repeatInfo, HtmlTextWriter writer)        {            if (_preProcess != null)            {                _preProcess(this.Items[repeatIndex], writer);            }             base.RenderItem(itemType, repeatIndex, repeatInfo, writer);        }         public void SetPrePrenderItemFunction(Action<ListItem, HtmlTextWriter> func)        {            _preProcess = func;        }    }   It is pretty straightforward approach, the key is to override RenderItem method. Class has SetPrePrenderItemFunction method which is used to pass custom processing function that takes 2 parameters: ListItem and HtmlTextWriter objects.   Now update existing RadioButtonList control in Default.aspx: add this to beginning of the page:   <%@ Register Namespace="Sample.Controls" TagPrefix="uc1" %>   and update the control to:   <uc1:CustomRadioButtonList ID="customRbl" runat="server" DataValueField="Id" DataTextField="Name"            RepeatLayout="Flow" RepeatDirection="Horizontal"></uc1:CustomRadioButtonList>   Now, from codebehind of the page:   Add regular expression that will be used for parsing:   private Regex _regex = new Regex(@"(?:[<]space padcount\s*?=\s*?(?:'|"")(?<padcount>\d+)(?:(?:\s+)?px)?(?:'|"")\s*?/>)(?<content>.*)?", RegexOptions.IgnoreCase | RegexOptions.Compiled);   and finally setup the processing function in Page_Load:   protected void Page_Load(object sender, EventArgs e)    {        customRbl.DataSource = DataObjects;         customRbl.SetPrePrenderItemFunction((listItem, writer) =>        {            Match match = _regex.Match(listItem.Text);            if (match.Success)            {                writer.Write(string.Format(@"<span style=""padding-left:{0}"">Extreme values: </span>", match.Groups["padcount"].Value + "px"));                 // if you need to pad listitem use code below                //x.Attributes.CssStyle.Add("padding-left", match.Groups["padcount"].Value + "px");                 // remove meta tag from text                listItem.Text = match.Groups["content"].Value;            }        });         customRbl.DataBind();    }   That's it! :)   Run the attached sample application:     P.S.: of course several other approaches could have been used for that purpose including events and the functionality for processing could also be embedded inside control itself. Current solution suits slightly better due some other reasons for situation where it was used, in your case consider this as a kick start for your own implementation :)   Source application: CustomRadioButtonList.zip

    Read the article

  • ASP.NET List Control

    - by Ricardo Peres
    Today I developed a simple control for generating lists in ASP.NET, something that the base class library does not contain; it allows for nested lists where the list item types and images can be configured on a list by list basis. Since it was a great fun to develop, I'd like to share it here. Here is the code: [ParseChildren(true)] [PersistChildren(false)] public class List: WebControl { public List(): base("ul") { this.Items = new List(); this.ListStyleType = ListStyleType.Auto; this.ListStyleImageUrl = String.Empty; this.CommonCssClass = String.Empty; this.ContainerCssClass = String.Empty; } [DefaultValue(ListStyleType.Auto)] public ListStyleType ListStyleType { get; set; } [DefaultValue("")] [UrlProperty("*.png;*.gif;*.jpg")] public String ListStyleImageUrl { get; set; } [DefaultValue("")] [CssClassProperty] public String CommonCssClass { get; set; } [DefaultValue("")] [CssClassProperty] public String ContainerCssClass { get; set; } [Browsable(false)] [PersistenceModeAttribute(PersistenceMode.InnerProperty)] public List Items { private set; get; } protected override void Render(HtmlTextWriter writer) { String cssClass = String.Join(" ", new String [] { this.CssClass, this.ContainerCssClass }); if (cssClass.Trim().Length != 0) { this.CssClass = cssClass; } if (String.IsNullOrEmpty(this.ListStyleImageUrl) == false) { this.Style[ HtmlTextWriterStyle.ListStyleImage ] = String.Format("url('{0}')", this.ResolveClientUrl(this.ListStyleImageUrl)); } if (this.ListStyleType != ListStyleType.Auto) { switch (this.ListStyleType) { case ListStyleType.Circle: case ListStyleType.Decimal: case ListStyleType.Disc: case ListStyleType.None: case ListStyleType.Square: this.Style [ HtmlTextWriterStyle.ListStyleType ] = this.ListStyleType.ToString().ToLower(); break; case ListStyleType.LowerAlpha: this.Style [ HtmlTextWriterStyle.ListStyleType ] = "lower-alpha"; break; case ListStyleType.LowerRoman: this.Style [ HtmlTextWriterStyle.ListStyleType ] = "lower-roman"; break; case ListStyleType.UpperAlpha: this.Style [ HtmlTextWriterStyle.ListStyleType ] = "upper-alpha"; break; case ListStyleType.UpperRoman: this.Style [ HtmlTextWriterStyle.ListStyleType ] = "upper-roman"; break; } } base.Render(writer); } protected override void RenderChildren(HtmlTextWriter writer) { foreach (ListItem item in this.Items) { this.writeItem(item, this, 0); } base.RenderChildren(writer); } private void writeItem(ListItem item, Control control, Int32 depth) { HtmlGenericControl li = new HtmlGenericControl("li"); control.Controls.Add(li); if (String.IsNullOrEmpty(this.CommonCssClass) == false) { String cssClass = String.Join(" ", new String [] { this.CommonCssClass, this.CommonCssClass + depth }); li.Attributes [ "class" ] = cssClass; } foreach (String key in item.Attributes.Keys) { li.Attributes[key] = item.Attributes [ key ]; } li.InnerText = item.Text; if (item.ChildItems.Count != 0) { HtmlGenericControl ul = new HtmlGenericControl("ul"); li.Controls.Add(ul); if (String.IsNullOrEmpty(this.ContainerCssClass) == false) { ul.Attributes["class"] = this.ContainerCssClass; } if ((item.ListStyleType != ListStyleType.Auto) || (String.IsNullOrEmpty(item.ListStyleImageUrl) == false)) { if (String.IsNullOrEmpty(item.ListStyleImageUrl) == false) { ul.Style[HtmlTextWriterStyle.ListStyleImage] = String.Format("url('{0}');", this.ResolveClientUrl(item.ListStyleImageUrl)); } if (item.ListStyleType != ListStyleType.Auto) { switch (this.ListStyleType) { case ListStyleType.Circle: case ListStyleType.Decimal: case ListStyleType.Disc: case ListStyleType.None: case ListStyleType.Square: ul.Style[ HtmlTextWriterStyle.ListStyleType ] = item.ListStyleType.ToString().ToLower(); break; case ListStyleType.LowerAlpha: ul.Style [ HtmlTextWriterStyle.ListStyleType ] = "lower-alpha"; break; case ListStyleType.LowerRoman: ul.Style [ HtmlTextWriterStyle.ListStyleType ] = "lower-roman"; break; case ListStyleType.UpperAlpha: ul.Style [ HtmlTextWriterStyle.ListStyleType ] = "upper-alpha"; break; case ListStyleType.UpperRoman: ul.Style [ HtmlTextWriterStyle.ListStyleType ] = "upper-roman"; break; } } } foreach (ListItem childItem in item.ChildItems) { this.writeItem(childItem, ul, depth + 1); } } } } [Serializable] [ParseChildren(true, "ChildItems")] public class ListItem: IAttributeAccessor { public ListItem() { this.ChildItems = new List(); this.Attributes = new Dictionary(); this.Text = String.Empty; this.Value = String.Empty; this.ListStyleType = ListStyleType.Auto; this.ListStyleImageUrl = String.Empty; } [DefaultValue(ListStyleType.Auto)] public ListStyleType ListStyleType { get; set; } [DefaultValue("")] [UrlProperty("*.png;*.gif;*.jpg")] public String ListStyleImageUrl { get; set; } [DefaultValue("")] public String Text { get; set; } [DefaultValue("")] public String Value { get; set; } [Browsable(false)] public List ChildItems { get; private set; } [Browsable(false)] public Dictionary Attributes { get; private set; } String IAttributeAccessor.GetAttribute(String key) { return (this.Attributes [ key ]); } void IAttributeAccessor.SetAttribute(String key, String value) { this.Attributes [ key ] = value; } } [Serializable] public enum ListStyleType { Auto = 0, Disc, Circle, Square, Decimal, LowerRoman, UpperRoman, LowerAlpha, UpperAlpha, None } SyntaxHighlighter.config.clipboardSwf = 'http://alexgorbatchev.com/pub/sh/2.0.320/scripts/clipboard.swf'; SyntaxHighlighter.brushes.CSharp.aliases = ['c#', 'c-sharp', 'csharp']; SyntaxHighlighter.all();

    Read the article

  • Anti-Forgery Request in ASP.NET MVC and AJAX

    - by Dixin
    Background To secure websites from cross-site request forgery (CSRF, or XSRF) attack, ASP.NET MVC provides an excellent mechanism: The server prints tokens to cookie and inside the form; When the form is submitted to server, token in cookie and token inside the form are sent by the HTTP request; Server validates the tokens. To print tokens to browser, just invoke HtmlHelper.AntiForgeryToken():<% using (Html.BeginForm()) { %> <%: this.Html.AntiForgeryToken(Constants.AntiForgeryTokenSalt)%> <%-- Other fields. --%> <input type="submit" value="Submit" /> <% } %> which writes to token to the form:<form action="..." method="post"> <input name="__RequestVerificationToken" type="hidden" value="J56khgCvbE3bVcsCSZkNVuH9Cclm9SSIT/ywruFsXEgmV8CL2eW5C/gGsQUf/YuP" /> <!-- Other fields. --> <input type="submit" value="Submit" /> </form> and the cookie: __RequestVerificationToken_Lw__=J56khgCvbE3bVcsCSZkNVuH9Cclm9SSIT/ywruFsXEgmV8CL2eW5C/gGsQUf/YuP When the above form is submitted, they are both sent to server. [ValidateAntiForgeryToken] attribute is used to specify the controllers or actions to validate them:[HttpPost] [ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public ActionResult Action(/* ... */) { // ... } This is very productive for form scenarios. But recently, when resolving security vulnerabilities for Web products, I encountered 2 problems: It is expected to add [ValidateAntiForgeryToken] to each controller, but actually I have to add it for each POST actions, which is a little crazy; After anti-forgery validation is turned on for server side, AJAX POST requests will consistently fail. Specify validation on controller (not on each action) Problem For the first problem, usually a controller contains actions for both HTTP GET and HTTP POST requests, and usually validations are expected for HTTP POST requests. So, if the [ValidateAntiForgeryToken] is declared on the controller, the HTTP GET requests become always invalid:[ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public class SomeController : Controller { [HttpGet] public ActionResult Index() // Index page cannot work at all. { // ... } [HttpPost] public ActionResult PostAction1(/* ... */) { // ... } [HttpPost] public ActionResult PostAction2(/* ... */) { // ... } // ... } If user sends a HTTP GET request from a link: http://Site/Some/Index, validation definitely fails, because no token is provided. So the result is, [ValidateAntiForgeryToken] attribute must be distributed to each HTTP POST action in the application:public class SomeController : Controller { [HttpGet] public ActionResult Index() // Works. { // ... } [HttpPost] [ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public ActionResult PostAction1(/* ... */) { // ... } [HttpPost] [ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public ActionResult PostAction2(/* ... */) { // ... } // ... } Solution To avoid a large number of [ValidateAntiForgeryToken] attributes (one attribute for one HTTP POST action), I created a wrapper class of ValidateAntiForgeryTokenAttribute, where HTTP verbs can be specified:[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)] public class ValidateAntiForgeryTokenWrapperAttribute : FilterAttribute, IAuthorizationFilter { private readonly ValidateAntiForgeryTokenAttribute _validator; private readonly AcceptVerbsAttribute _verbs; public ValidateAntiForgeryTokenWrapperAttribute(HttpVerbs verbs) : this(verbs, null) { } public ValidateAntiForgeryTokenWrapperAttribute(HttpVerbs verbs, string salt) { this._verbs = new AcceptVerbsAttribute(verbs); this._validator = new ValidateAntiForgeryTokenAttribute() { Salt = salt }; } public void OnAuthorization(AuthorizationContext filterContext) { string httpMethodOverride = filterContext.HttpContext.Request.GetHttpMethodOverride(); if (this._verbs.Verbs.Contains(httpMethodOverride, StringComparer.OrdinalIgnoreCase)) { this._validator.OnAuthorization(filterContext); } } } When this attribute is declared on controller, only HTTP requests with the specified verbs are validated:[ValidateAntiForgeryTokenWrapper(HttpVerbs.Post, Constants.AntiForgeryTokenSalt)] public class SomeController : Controller { // Actions for HTTP GET requests are not affected. // Only HTTP POST requests are validated. } Now one single attribute on controller turns on validation for all HTTP POST actions. Submit token via AJAX Problem For AJAX scenarios, when request is sent by JavaScript instead of form:$.post(url, { productName: "Tofu", categoryId: 1 // Token is not posted. }, callback); This kind of AJAX POST requests will always be invalid, because server side code cannot see the token in the posted data. Solution The token must be printed to browser then submitted back to server. So first of all, HtmlHelper.AntiForgeryToken() must be called in the page where the AJAX POST will be sent. Then jQuery must find the printed token in the page, and post it:$.post(url, { productName: "Tofu", categoryId: 1, __RequestVerificationToken: getToken() // Token is posted. }, callback); To be reusable, this can be encapsulated in a tiny jQuery plugin:(function ($) { $.getAntiForgeryToken = function () { // HtmlHelper.AntiForgeryToken() must be invoked to print the token. return $("input[type='hidden'][name='__RequestVerificationToken']").val(); }; var addToken = function (data) { // Converts data if not already a string. if (data && typeof data !== "string") { data = $.param(data); } data = data ? data + "&" : ""; return data + "__RequestVerificationToken=" + encodeURIComponent($.getAntiForgeryToken()); }; $.postAntiForgery = function (url, data, callback, type) { return $.post(url, addToken(data), callback, type); }; $.ajaxAntiForgery = function (settings) { settings.data = addToken(settings.data); return $.ajax(settings); }; })(jQuery); Then in the application just replace $.post() invocation with $.postAntiForgery(), and replace $.ajax() instead of $.ajaxAntiForgery():$.postAntiForgery(url, { productName: "Tofu", categoryId: 1 }, callback); // Token is posted. This solution looks hard coded and stupid. If you have more elegant solution, please do tell me.

    Read the article

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >