PrideParrot

The Blog

- Ramblings -

  • You should not miss this!

    Stunning templates using Bootstrap 3

    Are you one who doesn't have great design skills but looking for stuff to create nice templates in a short time? Are you one who recently heard about this nice framework called Twitter Bootstrap and don't have much knowledge or experience to customize and create some website that represents your brand? Well folks, this tutorial is for you.

    Continue Reading
    image
  • Learn the technology ASP.NET MVC

    How to create a blog

    Enjoy the fun in learning by doing

    There are different ways we can learn a technology, by reading books, by attending conferences, by doing samples and more. I think one of the best way is by creating something useful out of it. One of the useful thing that could be easily created is a blog. In this multi-part series, we are going to learn ASP.NET MVC step by step by creating a blog from scratch.

    Continue Reading
    image
  • image
    Know the differences between the frameworks

    MVC vs Web API

    Choose the right one for the right job

    ASP.NET MVC is a framework that is used to create web applications in MVC pattern. ASP.NET Web API is relatively a new framework that makes it easy to build HTTP services that can reach a broad range of clients. In this cartoon Mark and Ted discusses about the differences between ASP.NET MVC and ASP.NET Web API. Mark clears Ted when to use the Web API over MVC.

    See Cartoon

Welcome to PrideParrot - Popular Posts

List of posts archived in "July 2012"

Search 

One of the important feature of ASP.NET MVC is Routing. The Routing infrastructure helps us to map the incoming requests to controllers and actions. The routing module ships with a separate assembly System.Web.Routing and that helps us to use the routing infrastructure outside ASP.NET MVC applications, like in Webforms.

In this article we are going to see about the important details of routing infrastructure. First we start from basics and slowly move to the advanced concepts and at-last we see how we can simplify creating routes by using our own extension methods. For people who are already familiar with the basic things they can jump to the last section where we discuss about creating cool extension methods and that's fun.

Continue Reading

This post is more kind of tip. The action link html helpers really simplifies our job in generating hyperlinks. These html helpers are integrated with the routing infrastructure and that helps to generate links very smartly. There are lot of overloaded versions available but most of them takes the route values as an anonymous object.

Suppose we need to generate an URL like below,

http://mapservices.com/location/show?pos.lat=12.12&pos.lon=23.5

The querystring names contains a "." operator and when you use an anonymous object to pass these values as new { pos.lat = 12.12, pos.lon = 23.5 } you will run into an exception. How we generate urls like them using built-in action-link helpers is the rest of this post.

Continue Reading

Cross Site Request Forgery also known as CSRF (XSRF) is a widely exploited website vulnerability. In a CSRF attack, a malicious site instructs a victim's browser to send a request to an honest site, as if request were part of the victim's interaction with the honest site, leveraging the victim's network connectivity and the browser's state, such as cookies, to disrupt the integrity of the victim's session with the honest site. One of the popular technique to prevent CSRF attack is by using security tokens (from here).

ASP.NET MVC suports prevention against CSRF through the AntiForgeryToken html helper and ValidateAntiForgeryToken filter. The AntiForgeryToken is supported only for the POST requests and not for GET and this makes sense because the GET operation has to used only for safe operations (as per HTTP spec.).

In some applications we need all the POST operations should be validated for the anti-forgery token and in those cases instead of decorating all the POST actions in the application with the ValidateAntiForgeryTokenAttribute we can create a custom authorization filter and apply it globally, that's what we are going to see in this article. We will also see how to create a html helper that renders form along with the hidden field that contains security token.

Continue Reading

Value Providers are the components that feeds data to model binders. The framework contains a bunch of built-in value providers like FormValueProvider, RouteDataValueProvider, QueryStringValueProvider and HttpFileCollectionValueProvider that fetches data from Request.Form, Request.QueryString, Request.Files and RouteData.Values. These Value Providers are called in the order they are registered and so the one that registered earlier gets the first chance. We can easily restrict the model to bind with data from a particular Value Provider.

The interesting thing is we can even create own custom Value Provider to feed data to models. In this article we see how to create a value provider that feed data from session.

Continue Reading
Subscribe