SlideShare ist ein Scribd-Unternehmen logo

Chapter 8 part1

Als PPTX, PDF herunterladen
A
application developer
Technologie
1 von 23
• The Problem of State • View State • The ViewState Collection • Cross-Page Posting • The Query String • Cookies • Session State • Using Session Object to display Session Details
• Stateless HTTP connection. • Additional steps required to retain information for a longer period of time or over the lifetime of the application. • The information can be as simple as a user’s name or as complex as a stuffed full shopping cart for an ecommerce site.
View state uses a hidden field that ASP.NET automatically inserts in the final, rendered HTML of a web page. It’s a perfect place to store information that’s used for multiple postbacks in a single web page. The Web Server stores most of the properties of the Web Controls of a requested page directly to its view state and retrieve it later when the page is posted back.
• Every item in a View State is stored in a separate “slot” using a unique string name. • ViewState["Counter"] = 1; • ViewState collection stores all items as basic objects so you also need to cast the retrieved value to the appropriate data type using the casting syntax • int counter; • counter = (int)ViewState["Counter"];
ASP.NET runs the view state through a hashing algorithm (with the help of a secret key value). The hashing algorithm creates a hash code. Which is added at the end of the view state data and sent to the browser. When the page is posted back, ASP.NET then checks whether the checksum it calculated matches the hash code. If a malicious user changes part of the view state data, that doesn’t match.
If your view state contains some information you want to keep secret, you can enable view state encryption. You can turn on encryption for an individual page using the ViewStateEncryptionMode property of the Page directive: <%@Page ViewStateEncryptionMode="Always" %> Or <configuration> <system.web> <pages viewStateEncryptionMode="Always" /> ... </system.web> </configuration>
You can store your own objects in view state just as easily as you store numeric and string types. However, to store an item in view state, ASP.NET must be able to convert it into a stream of bytes so that it can be added to the hidden input field in the page. This process is called serialization. If your objects aren’t serializable (and by default they’re not), you’ll receive an error message when you attempt to place them in view state. To make your objects serializable, you need to add a Serializable attribute before your class declaration.
One of the most significant limitations with view state is that it’s tightly bound to a specific page. If the user navigates to another page, this information is lost. Two basic techniques to transfer information between pages are:  Cross-page posting  Query string
With Cross-Page Posting one page can send the user to another page, complete with all the information for that Page. The infrastructure that supports cross-page postbacks is a property named PostBackUrl which comes with  ImageButton, LinkButton, and Button To use cross-posting, you simply set PostBackUrl to the name of another web form. When the user clicks the button, the page will be posted to that new URL with the values from all the input controls on the current page.
Response.Redirect("newpage.aspx?recordID=10"); You can send multiple parameters as long as they’re separated with an ampersand (&): Response.Redirect("newpage.aspx?recordID=10& mode=full"); The receiving can receive the values from the QueryString dictionary collection exposed by the built-in Request object: string ID = Request.QueryString["recordID"];
• Information is limited to simple strings, which must contain URL-legal characters. • Information is clearly visible to the user and to anyone else who cares to eavesdrop on the Internet. • The enterprising user might decide to modify the query string and supply new values, which your program won’t expect and can’t protect against. • Many browsers impose a limit on the length of a URL (usually from 1KB to 2KB). For that reason, you can’t place a large amount of information in the query string.
One potential problem with the query string is that some characters aren’t allowed in a URL. Furthermore, some characters have special meaning. For example, the ampersand (&) is used to separate multiple query string parameters, the plus sign (+) is an alternate way to represent a space, and the number sign (#) is used to point to a specific bookmark in a web page. string url = "QueryStringRecipient.aspx?"; url += "Item=" + Server.UrlEncode (lstItems. SelectedItem.Text) + "&"; url += "Mode=" + chkDetails.Checked.ToString(); Response.Redirect(url);
Cookies are small files that are created in the web browser’s memory (if they’re temporary) or on the client’s hard drive (if they’re permanent). They work transparently without the user being aware that information needs to be stored. They also can be easily used by any page in your application and even be retained between visits, which allows for truly long-term storage.
• They’re limited to simple string information • They’re easily accessible and readable if the user finds and opens the corresponding file. • Some users disable cookies on their browsers, which will cause problems for web applications that require them. • Users might manually delete the cookie files stored on their hard drives.
using System.Net; // Create the cookie object. HttpCookie cookie = new HttpCookie("Preferences"); // Set a value in it. cookie["LanguagePref"] = "English"; // Add another value. cookie["Country"] = "US"; // Add it to the current web response. Response.Cookies.Add(cookie); // This cookie lives for one year. cookie.Expires = DateTime.Now.AddYears(1);
You retrieve cookies by cookie name using the Request.Cookies collection: HttpCookie cookie = Request.Cookies["Preferences"]; if (cookie != null) { language = cookie["LanguagePref"]; } The only way to remove a cookie is by replacing it with a cookie that has an expiration date that has already passed. HttpCookie cookie = new HttpCookie("Preferences"); cookie.Expires = DateTime.Now.AddDays(-1); Response.Cookies.Add(cookie);
An application might need to store and access complex information such as custom data objects, which can’t be sent through a query string. Or the application might have stringent security requirements that prevent it from storing information about a client in view state or in a custom cookie. Session state management allows you to store any type of data in memory on the server. Every client that accesses the application is given a distinct session ID.
ASP.NET tracks each session using a unique 120-bit identifier. ASP.NET uses a proprietary algorithm to generate this value, thereby guaranteeing (statistically speaking) that the number is unique and it’s random enough that a malicious user can’t reverse-engineer or “guess” what session ID a given client will be using. This ID is the only piece of session-related information that is transmitted between the web server and the client. When the client presents the session ID, ASP.NET looks up the corresponding session, retrieves the objects you stored previously, and places them into a special collection so they can be accessed in your code.
Using cookies: In this case, the session ID is transmitted in a special cookie (named ASP.NET_SessionId), which ASP.NET creates automatically when the session collection is used. This is the default. Using modified URLs: In this case, the session ID is transmitted in a specially modified (or munged) URL. This allows you to create applications that use session state with clients that don’t support cookies.
• If the user closes and restarts the browser. • If the user accesses the same page through a different browser window, although the session will still exist if a web page is accessed through the original browser window. Browsers differ on how they handle this situation. • If the session times out due to inactivity. • If your web page code ends the session by calling the Session.Abandon() method.
You can interact with session state using the System.Web.SessionState.HttpSessionState class which is provided in an ASP.NET web page as the built-in Session object.
lblSession.Text = "Session ID: " + Session.SessionID; lblSession.Text += "<br />Number of Objects: "; lblSession.Text += Session.Count.ToString(); lblSession.Text += "<br />Mode: " + Session.Mode.ToString(); lblSession.Text += "<br />Is Cookieless: "; lblSession.Text += Session.IsCookieless.ToString(); lblSession.Text += "<br />Is New: "; lblSession.Text += Session.IsNewSession.ToString(); lblSession.Text += "<br />Timeout (minutes): "; lblSession.Text += Session.Timeout.ToString();

Empfohlen

State management
State managementState management
State managementLalit Kale
 
State management
State managementState management
State managementteach4uin
 
State Management in ASP.NET
State Management in ASP.NETState Management in ASP.NET
State Management in ASP.NETShyam Sir
 
Ch05 state management
Ch05 state managementCh05 state management
Ch05 state managementMadhuri Kavade
 
State management
State managementState management
State managementIblesoft
 
Session and state management
Session and state managementSession and state management
Session and state managementPaneliya Prince
 
Asp.net
Asp.netAsp.net
Asp.netYaswanth Babu Gummadivelli
 
State management
State managementState management
State managementIblesoft
 

Empfohlen

State management
State managementState management
State managementLalit Kale
 
State management
State managementState management
State managementteach4uin
 
State Management in ASP.NET
State Management in ASP.NETState Management in ASP.NET
State Management in ASP.NETShyam Sir
 
Ch05 state management
Ch05 state managementCh05 state management
Ch05 state managementMadhuri Kavade
 
State management
State managementState management
State managementIblesoft
 
Session and state management
Session and state managementSession and state management
Session and state managementPaneliya Prince
 
Asp.net
Asp.netAsp.net
Asp.netYaswanth Babu Gummadivelli
 
State management
State managementState management
State managementIblesoft
 
State management in ASP .NET
State management in ASP .NETState management in ASP .NET
State management in ASP .NETbaabtra.com - No. 1 supplier of quality freshers
 
ASP.NET Lecture 4
ASP.NET Lecture 4ASP.NET Lecture 4
ASP.NET Lecture 4Julie Iskander
 
05 asp.net session07
05 asp.net session0705 asp.net session07
05 asp.net session07Vivek chan
 
Search engine optimization (seo) from Endeca & ATG
Search engine optimization (seo) from Endeca & ATGSearch engine optimization (seo) from Endeca & ATG
Search engine optimization (seo) from Endeca & ATGVignesh sitaraman
 
ASP.NET 12 - State Management
ASP.NET 12 - State ManagementASP.NET 12 - State Management
ASP.NET 12 - State ManagementRandy Connolly
 
MICROSOFT ASP.NET ONLINE TRAINING
MICROSOFT ASP.NET ONLINE TRAININGMICROSOFT ASP.NET ONLINE TRAINING
MICROSOFT ASP.NET ONLINE TRAININGSanthosh Sap
 
State management 1
State management 1State management 1
State management 1singhadarsh
 
Lecture8
Lecture8Lecture8
Lecture8Châu Thanh Chương
 
Oracle Endeca Developer's Guide
Oracle Endeca Developer's GuideOracle Endeca Developer's Guide
Oracle Endeca Developer's GuideKeyur Shah
 
06 asp.net session08
06 asp.net session0806 asp.net session08
06 asp.net session08Vivek chan
 
State management
State managementState management
State managementMuhammad Amir
 
Managing states
Managing statesManaging states
Managing statesPaneliya Prince
 
Programming web application
Programming web applicationProgramming web application
Programming web applicationaspnet123
 
HTML5 Local Storage
HTML5 Local StorageHTML5 Local Storage
HTML5 Local StorageLior Zamir
 
19_JavaScript - Storage_Cookies_students.pptx
19_JavaScript - Storage_Cookies_students.pptx19_JavaScript - Storage_Cookies_students.pptx
19_JavaScript - Storage_Cookies_students.pptxVatsalJain39
 
ASP.NET Lecture 2
ASP.NET Lecture 2ASP.NET Lecture 2
ASP.NET Lecture 2Julie Iskander
 
Generating the Server Response: HTTP Status Codes
Generating the Server Response: HTTP Status CodesGenerating the Server Response: HTTP Status Codes
Generating the Server Response: HTTP Status CodesDeeptiJava
 
State Management.pptx
State Management.pptxState Management.pptx
State Management.pptxDrMonikaPatel2
 
19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptx19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptxssuser4a97d3
 
session and cookies.ppt
session and cookies.pptsession and cookies.ppt
session and cookies.pptJayaprasanna4
 
Ecom2
Ecom2Ecom2
Ecom2Santosh Pandey
 
9781305078444 ppt ch09
9781305078444 ppt ch099781305078444 ppt ch09
9781305078444 ppt ch09Terry Yoast
 

Weitere ähnliche Inhalte

Was ist angesagt?

05 asp.net session07
05 asp.net session0705 asp.net session07
05 asp.net session07Vivek chan
 
Search engine optimization (seo) from Endeca & ATG
Search engine optimization (seo) from Endeca & ATGSearch engine optimization (seo) from Endeca & ATG
Search engine optimization (seo) from Endeca & ATGVignesh sitaraman
 
ASP.NET 12 - State Management
ASP.NET 12 - State ManagementASP.NET 12 - State Management
ASP.NET 12 - State ManagementRandy Connolly
 
MICROSOFT ASP.NET ONLINE TRAINING
MICROSOFT ASP.NET ONLINE TRAININGMICROSOFT ASP.NET ONLINE TRAINING
MICROSOFT ASP.NET ONLINE TRAININGSanthosh Sap
 
State management 1
State management 1State management 1
State management 1singhadarsh
 
Oracle Endeca Developer's Guide
Oracle Endeca Developer's GuideOracle Endeca Developer's Guide
Oracle Endeca Developer's GuideKeyur Shah
 
06 asp.net session08
06 asp.net session0806 asp.net session08
06 asp.net session08Vivek chan
 
Programming web application
Programming web applicationProgramming web application
Programming web applicationaspnet123
 
HTML5 Local Storage
HTML5 Local StorageHTML5 Local Storage
HTML5 Local StorageLior Zamir
 

Was ist angesagt? (14)

State management in ASP .NET
State management in ASP .NETState management in ASP .NET
State management in ASP .NET
 
ASP.NET Lecture 4
ASP.NET Lecture 4ASP.NET Lecture 4
ASP.NET Lecture 4
 
05 asp.net session07
05 asp.net session0705 asp.net session07
05 asp.net session07
 
Search engine optimization (seo) from Endeca & ATG
Search engine optimization (seo) from Endeca & ATGSearch engine optimization (seo) from Endeca & ATG
Search engine optimization (seo) from Endeca & ATG
 
ASP.NET 12 - State Management
ASP.NET 12 - State ManagementASP.NET 12 - State Management
ASP.NET 12 - State Management
 
MICROSOFT ASP.NET ONLINE TRAINING
MICROSOFT ASP.NET ONLINE TRAININGMICROSOFT ASP.NET ONLINE TRAINING
MICROSOFT ASP.NET ONLINE TRAINING
 
State management 1
State management 1State management 1
State management 1
 
Lecture8
Lecture8Lecture8
Lecture8
 
Oracle Endeca Developer's Guide
Oracle Endeca Developer's GuideOracle Endeca Developer's Guide
Oracle Endeca Developer's Guide
 
06 asp.net session08
06 asp.net session0806 asp.net session08
06 asp.net session08
 
State management
State managementState management
State management
 
Managing states
Managing statesManaging states
Managing states
 
Programming web application
Programming web applicationProgramming web application
Programming web application
 
HTML5 Local Storage
HTML5 Local StorageHTML5 Local Storage
HTML5 Local Storage
 

Ähnlich wie Chapter 8 part1

19_JavaScript - Storage_Cookies_students.pptx
19_JavaScript - Storage_Cookies_students.pptx19_JavaScript - Storage_Cookies_students.pptx
19_JavaScript - Storage_Cookies_students.pptxVatsalJain39
 
Generating the Server Response: HTTP Status Codes
Generating the Server Response: HTTP Status CodesGenerating the Server Response: HTTP Status Codes
Generating the Server Response: HTTP Status CodesDeeptiJava
 
19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptx19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptxssuser4a97d3
 
session and cookies.ppt
session and cookies.pptsession and cookies.ppt
session and cookies.pptJayaprasanna4
 
9781305078444 ppt ch09
9781305078444 ppt ch099781305078444 ppt ch09
9781305078444 ppt ch09Terry Yoast
 
C# cookieless session id and application state
C# cookieless session id and application stateC# cookieless session id and application state
C# cookieless session id and application stateMalav Patel
 
Java - Servlet - Mazenet Solution
Java - Servlet - Mazenet SolutionJava - Servlet - Mazenet Solution
Java - Servlet - Mazenet SolutionMazenetsolution
 
state managment
state managment state managment
state managment aniliimd
 
Enterprise java unit-2_chapter-3
Enterprise java unit-2_chapter-3Enterprise java unit-2_chapter-3
Enterprise java unit-2_chapter-3sandeep54552
 
Introducing asp
Introducing aspIntroducing asp
Introducing aspaspnet123
 
Session 32 - Session Management using Cookies
Session 32 - Session Management using CookiesSession 32 - Session Management using Cookies
Session 32 - Session Management using CookiesPawanMM
 
Server side programming bt0083
Server side programming bt0083Server side programming bt0083
Server side programming bt0083Divyam Pateriya
 
ASP.Net Presentation Part3
ASP.Net Presentation Part3ASP.Net Presentation Part3
ASP.Net Presentation Part3Neeraj Mathur
 

Ähnlich wie Chapter 8 part1 (20)

19_JavaScript - Storage_Cookies_students.pptx
19_JavaScript - Storage_Cookies_students.pptx19_JavaScript - Storage_Cookies_students.pptx
19_JavaScript - Storage_Cookies_students.pptx
 
ASP.NET Lecture 2
ASP.NET Lecture 2ASP.NET Lecture 2
ASP.NET Lecture 2
 
Generating the Server Response: HTTP Status Codes
Generating the Server Response: HTTP Status CodesGenerating the Server Response: HTTP Status Codes
Generating the Server Response: HTTP Status Codes
 
State Management.pptx
State Management.pptxState Management.pptx
State Management.pptx
 
19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptx19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptx
 
session and cookies.ppt
session and cookies.pptsession and cookies.ppt
session and cookies.ppt
 
Ecom2
Ecom2Ecom2
Ecom2
 
9781305078444 ppt ch09
9781305078444 ppt ch099781305078444 ppt ch09
9781305078444 ppt ch09
 
C# cookieless session id and application state
C# cookieless session id and application stateC# cookieless session id and application state
C# cookieless session id and application state
 
Advance Java
Advance JavaAdvance Java
Advance Java
 
ASP.NET View State - Security Issues
ASP.NET View State - Security IssuesASP.NET View State - Security Issues
ASP.NET View State - Security Issues
 
Java - Servlet - Mazenet Solution
Java - Servlet - Mazenet SolutionJava - Servlet - Mazenet Solution
Java - Servlet - Mazenet Solution
 
state managment
state managment state managment
state managment
 
Caching in Kentico 11
Caching in Kentico 11Caching in Kentico 11
Caching in Kentico 11
 
Enterprise java unit-2_chapter-3
Enterprise java unit-2_chapter-3Enterprise java unit-2_chapter-3
Enterprise java unit-2_chapter-3
 
Chapter 23
Chapter 23Chapter 23
Chapter 23
 
Introducing asp
Introducing aspIntroducing asp
Introducing asp
 
Session 32 - Session Management using Cookies
Session 32 - Session Management using CookiesSession 32 - Session Management using Cookies
Session 32 - Session Management using Cookies
 
Server side programming bt0083
Server side programming bt0083Server side programming bt0083
Server side programming bt0083
 
ASP.Net Presentation Part3
ASP.Net Presentation Part3ASP.Net Presentation Part3
ASP.Net Presentation Part3
 

Mehr von application developer

Mehr von application developer (20)

Chapter 26
Chapter 26Chapter 26
Chapter 26
 
Chapter 25
Chapter 25Chapter 25
Chapter 25
 
Assignment
AssignmentAssignment
Assignment
 
Next step job board (Assignment)
Next step job board (Assignment)Next step job board (Assignment)
Next step job board (Assignment)
 
Chapter 19
Chapter 19Chapter 19
Chapter 19
 
Chapter 18
Chapter 18Chapter 18
Chapter 18
 
Chapter 17
Chapter 17Chapter 17
Chapter 17
 
Chapter 16
Chapter 16Chapter 16
Chapter 16
 
Week 3 assignment
Week 3 assignmentWeek 3 assignment
Week 3 assignment
 
Chapter 15
Chapter 15Chapter 15
Chapter 15
 
Chapter 14
Chapter 14Chapter 14
Chapter 14
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
 
Chapter 12
Chapter 12Chapter 12
Chapter 12
 
Chapter 11
Chapter 11Chapter 11
Chapter 11
 
Chapter 10
Chapter 10Chapter 10
Chapter 10
 
C # test paper
C # test paperC # test paper
C # test paper
 
Chapter 9
Chapter 9Chapter 9
Chapter 9
 
Chapter 8 part2
Chapter 8 part2Chapter 8 part2
Chapter 8 part2
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
Chapter 6
Chapter 6Chapter 6
Chapter 6
 

Kürzlich hochgeladen

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 

Kürzlich hochgeladen (20)

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

Chapter 8 part1

  • 1. • The Problem of State • View State • The ViewState Collection • Cross-Page Posting • The Query String • Cookies • Session State • Using Session Object to display Session Details
  • 2. • Stateless HTTP connection. • Additional steps required to retain information for a longer period of time or over the lifetime of the application. • The information can be as simple as a user’s name or as complex as a stuffed full shopping cart for an ecommerce site.
  • 3. View state uses a hidden field that ASP.NET automatically inserts in the final, rendered HTML of a web page. It’s a perfect place to store information that’s used for multiple postbacks in a single web page. The Web Server stores most of the properties of the Web Controls of a requested page directly to its view state and retrieve it later when the page is posted back.
  • 4. • Every item in a View State is stored in a separate “slot” using a unique string name. • ViewState["Counter"] = 1; • ViewState collection stores all items as basic objects so you also need to cast the retrieved value to the appropriate data type using the casting syntax • int counter; • counter = (int)ViewState["Counter"];
  • 5. ASP.NET runs the view state through a hashing algorithm (with the help of a secret key value). The hashing algorithm creates a hash code. Which is added at the end of the view state data and sent to the browser. When the page is posted back, ASP.NET then checks whether the checksum it calculated matches the hash code. If a malicious user changes part of the view state data, that doesn’t match.
  • 6. If your view state contains some information you want to keep secret, you can enable view state encryption. You can turn on encryption for an individual page using the ViewStateEncryptionMode property of the Page directive: <%@Page ViewStateEncryptionMode="Always" %> Or <configuration> <system.web> <pages viewStateEncryptionMode="Always" /> ... </system.web> </configuration>
  • 7. You can store your own objects in view state just as easily as you store numeric and string types. However, to store an item in view state, ASP.NET must be able to convert it into a stream of bytes so that it can be added to the hidden input field in the page. This process is called serialization. If your objects aren’t serializable (and by default they’re not), you’ll receive an error message when you attempt to place them in view state. To make your objects serializable, you need to add a Serializable attribute before your class declaration.
  • 8. One of the most significant limitations with view state is that it’s tightly bound to a specific page. If the user navigates to another page, this information is lost. Two basic techniques to transfer information between pages are:  Cross-page posting  Query string
  • 9. With Cross-Page Posting one page can send the user to another page, complete with all the information for that Page. The infrastructure that supports cross-page postbacks is a property named PostBackUrl which comes with  ImageButton, LinkButton, and Button To use cross-posting, you simply set PostBackUrl to the name of another web form. When the user clicks the button, the page will be posted to that new URL with the values from all the input controls on the current page.
  • 10. Response.Redirect("newpage.aspx?recordID=10"); You can send multiple parameters as long as they’re separated with an ampersand (&): Response.Redirect("newpage.aspx?recordID=10& mode=full"); The receiving can receive the values from the QueryString dictionary collection exposed by the built-in Request object: string ID = Request.QueryString["recordID"];
  • 11. • Information is limited to simple strings, which must contain URL-legal characters. • Information is clearly visible to the user and to anyone else who cares to eavesdrop on the Internet. • The enterprising user might decide to modify the query string and supply new values, which your program won’t expect and can’t protect against. • Many browsers impose a limit on the length of a URL (usually from 1KB to 2KB). For that reason, you can’t place a large amount of information in the query string.
  • 12. One potential problem with the query string is that some characters aren’t allowed in a URL. Furthermore, some characters have special meaning. For example, the ampersand (&) is used to separate multiple query string parameters, the plus sign (+) is an alternate way to represent a space, and the number sign (#) is used to point to a specific bookmark in a web page. string url = "QueryStringRecipient.aspx?"; url += "Item=" + Server.UrlEncode (lstItems. SelectedItem.Text) + "&"; url += "Mode=" + chkDetails.Checked.ToString(); Response.Redirect(url);
  • 13. Cookies are small files that are created in the web browser’s memory (if they’re temporary) or on the client’s hard drive (if they’re permanent). They work transparently without the user being aware that information needs to be stored. They also can be easily used by any page in your application and even be retained between visits, which allows for truly long-term storage.
  • 14. They’re limited to simple string information • They’re easily accessible and readable if the user finds and opens the corresponding file. • Some users disable cookies on their browsers, which will cause problems for web applications that require them. • Users might manually delete the cookie files stored on their hard drives.
  • 15. using System.Net; // Create the cookie object. HttpCookie cookie = new HttpCookie("Preferences"); // Set a value in it. cookie["LanguagePref"] = "English"; // Add another value. cookie["Country"] = "US"; // Add it to the current web response. Response.Cookies.Add(cookie); // This cookie lives for one year. cookie.Expires = DateTime.Now.AddYears(1);
  • 16. You retrieve cookies by cookie name using the Request.Cookies collection: HttpCookie cookie = Request.Cookies["Preferences"]; if (cookie != null) { language = cookie["LanguagePref"]; } The only way to remove a cookie is by replacing it with a cookie that has an expiration date that has already passed. HttpCookie cookie = new HttpCookie("Preferences"); cookie.Expires = DateTime.Now.AddDays(-1); Response.Cookies.Add(cookie);
  • 17. An application might need to store and access complex information such as custom data objects, which can’t be sent through a query string. Or the application might have stringent security requirements that prevent it from storing information about a client in view state or in a custom cookie. Session state management allows you to store any type of data in memory on the server. Every client that accesses the application is given a distinct session ID.
  • 18. ASP.NET tracks each session using a unique 120-bit identifier. ASP.NET uses a proprietary algorithm to generate this value, thereby guaranteeing (statistically speaking) that the number is unique and it’s random enough that a malicious user can’t reverse-engineer or “guess” what session ID a given client will be using. This ID is the only piece of session-related information that is transmitted between the web server and the client. When the client presents the session ID, ASP.NET looks up the corresponding session, retrieves the objects you stored previously, and places them into a special collection so they can be accessed in your code.
  • 19. Using cookies: In this case, the session ID is transmitted in a special cookie (named ASP.NET_SessionId), which ASP.NET creates automatically when the session collection is used. This is the default. Using modified URLs: In this case, the session ID is transmitted in a specially modified (or munged) URL. This allows you to create applications that use session state with clients that don’t support cookies.
  • 20. • If the user closes and restarts the browser. • If the user accesses the same page through a different browser window, although the session will still exist if a web page is accessed through the original browser window. Browsers differ on how they handle this situation. • If the session times out due to inactivity. • If your web page code ends the session by calling the Session.Abandon() method.
  • 21. You can interact with session state using the System.Web.SessionState.HttpSessionState class which is provided in an ASP.NET web page as the built-in Session object.
  • 22.
  • 23. lblSession.Text = "Session ID: " + Session.SessionID; lblSession.Text += "<br />Number of Objects: "; lblSession.Text += Session.Count.ToString(); lblSession.Text += "<br />Mode: " + Session.Mode.ToString(); lblSession.Text += "<br />Is Cookieless: "; lblSession.Text += Session.IsCookieless.ToString(); lblSession.Text += "<br />Is New: "; lblSession.Text += Session.IsNewSession.ToString(); lblSession.Text += "<br />Timeout (minutes): "; lblSession.Text += Session.Timeout.ToString();