Wednesday, September 1, 2010

Asp.Net 4.0 : The new <%: %> syntax

Asp.Net 4.0 introduces new code expression syntax (<%: %>) that renders output same like <%= %> but automatically encodes contents before rendering.


For example:

Let’s say we have "myContent" variable to be displayed on the web page.
For that we can write <%= Server.HtmlEncode(myContent) %>.
This works fine but developer often forgot to write Server.HtmlEncode() method and opens the door for Cross-site script injection (XSS) and HTML encoding attacks.
With asp.net 4.0 we can write the same code as <%: myContent %> which looks concise :)
So we can say <%= Server.HtmlEncode(myContent) %> is same as <%: myContent %>.

Thursday, August 5, 2010

ClientIDMode Property for generated ClientID in ASP.NET 4.0

ClientIDMode Property for generated ClientID

Every asp.net control is rendered as an HTML element and a corresponding ClientId is generated for it.If we want to reference the generated HTML element in javascript we must know the Id attribute of the generated element. The ID attribute in HTML that is rendered for Web server controls is generated based on the ClientID property of the control.

Until ASP.NET 4, we do not have much control over the generated Id of the Control. The new ClientIDMode property lets you specify more precisely how the client ID is generated for controls.

Possible settings for ClientIDMode are following:

* AutoID - Generated ClientID is similar to earlier versions of ASP.NET.Difficult to predict generated Id values.
* Static - This specifies that the ClientID value will be the same as the ID. For example if our label control has id HeaderLabel then the ClientId will also have value of HeaderLabel
* Predictable - This setting is used mostly in controls that are inside Data Bound Controls. The ClinetId value is generated by concatenating the ClinetId value of the parent naming container with the ID value of the control. This setting works in conjunction with the ClientIDRowSuffix property

If specified the value of the data field specified in the ClientIDRowSuffix property is added at the end.

For instance if we have StudentName Label inside ListView1 Student Name labels ClinetIDMode is set to Predictable and ClientIDRowSuffix is set to "ID" then StudentName labels' generated client id's will be as :

ListView1_ StudentName _1
ListView1_ StudentName _2
ListView1_ StudentName _3
ListView1_ StudentName _4

* Inherit - The control inherits the ClientIDMode setting of its parent control. This is the default value for control

Permanent Redirect in Asp.net 4.0: Response.RedirectPermanent

Response.RedirectParmanent is an extension function introduced in .NET 4.0.
The main motive of it is to indicate the Response Code to the Search Engine that the page is moved permanently. The Response.Redirect generates Response code as 302 whereas RedirectParmanent returns 301.

Thus say you have a page, and which is included to search engine for a long time, if you use Response.Redirect() it will not change this effect to the search engine(taking this a temporary change), while if you use Response.RedirectParmanent() it will take it as permanent.

In case of Server.Transfer() the actual response is actually been updated. There is no effect to the search engine, and search engine will think the output is coming from the same page that is called upon. Let us give an example :

Say you have 2 pages (Page 1 and Page 2) where Page1 redirects to Page2
In case of

1. Response.Redirect() : Search Engine will take this redirection as Temporary(Status 301) and always keep Page1 in its cache.
2. Response.RedirectParmanent() : Search Engine will take this a permanent redirection(Status 302) and will remove Page1 from its database and include Page2 for better performance on search.
3. Server.Transfer() : Search Engine will be unaware of any redirection been took place (Status 200) and will keep Page1 to its database. It will think Page1 is producing the output response of Page2.

When to use:
Response.Redirect is perfect when your page is temporarily changed and will be changed to original within a short span of time.
Response.RedirectParmanent() when you are thinking of deleting the Page1 totally after the search engines changes its cache.
Server.Transfer() when you are thinking of keeping the page for ever, and to let search engine unaware of this redirection.

Response.RedirectPermanent do the same thing as following code does.

Response.Status = "301 moved permanently";
Response.AddHeader("location", newPath);
Response.End();

Thursday, June 3, 2010

Disable content copy using java script

You can prevent copy of content from your page by using following java script:


document.oncontextmenu = function() { alert("Copy not allowed"); return false; }
window.onload = function() {
document.onselectstart = function() { return false; } // ie
document.onmousedown = function() { return false; } // mozilla
}


If you want to disable copy for perticular element you can use following java script

window.onload = function() {
var element = document.getElementById('content');
element.onselectstart = function () { return false; } // ie
element.onmousedown = function () { return false; } // mozilla
}

Tuesday, March 9, 2010

LINQ let Keyword

How can I miss that! :)

I have been working with LINQ for almost 2 years, and I've never noticed the new keyword "let" which is used inside LINQ queries to create temporarily variables.

var list = new List() { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
var query = from i in list
let j = i + 2
let k = j * j
select new { i, j, k };

You can see the let keyword was used to create two new temp variables (j, k) which their values were calculated inside the query.

Looks nice, doesn't it!!

Could not load file or assembly or one of its dependencies. Access is denied" Error

Recently, I have installed Windows7 and configured one project from my friend's pc on my machine and I have faced this problem.

I have found solutions that works are,

Go to "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files" ( Modify the framework version, root directory etc according to your environment.)

Now, right-click and open up the Security tabs for this folder. Grant "Full control" to the 'users' group. However, it this is a security problem for your environment to grant full control to all users in Users group

If you don't find this folder, you need to register ASP.NET on IIS.
You can do so by opening VS Command promot and type aspnet_regiis.exe -i

Another Solution could be to put the concerned assemblies lo GAC.

I think this problem exists for pcs with fresh installation.

Monday, February 1, 2010

lock and unlock your folder with this simple trick !

You can lock and unlock your folder with this simple trick !

Procedure :
1. Make a folder on the desktop and name it as "folder"

2. Now, open notepad and write ren folder folder.{21EC2020-3AEA-1069-A2DD-08002B30309D} and now (Notepad Menu) File>save as.

3. In the 'save as' name it as lock.bat and click save ! (Save it on Desktop)

4. Now, again open notepad again and write ren folder.{21EC2020-3AEA-1069-A2DD-08002B30309D} folder and now (Notepad Menu) File>save as.

5. In the 'save as' name it as key.bat and click save ! (Save it on Desktop)

6. Now, double click lock.bat to lock the folder and now if you open your folder, control panel will open up !

7. Now, double click key.bat to open the folder and now if you open your folder, you can access your data inside the folder again !

8. Lock your folder and hide the key.bat somewhere else on your hard disk !

9. Whenever you want to open your folder just paste the key.bat on desktop and open your folder using it !