ASP.

NET
Extensio
n
Require
d
version
Description
asax 1.0 Global.asax, used for application-level logic
[14]
ascx 1.0 Web UserControls custo! controls to be placed onto "eb pages.
as#x 1.0 custo! $%%& #andlers.
as!x 1.0
"eb service pages. 'ro! version (.0 a Code be#ind page of an as!x )le
is placed into t#e app*code folder.
axd 1.0
"#en enabled in "eb.con)g re+uesting trace.axd outputs application-
level tracing. ,lso used for t#e special "ebresource.axd #andler "#ic#
allo"s control-co!ponent developers to pac.age a co!ponent-control
co!plete "it# i!ages, script, css etc. for deplo/!ent in a single )le 0an
1asse!bl/12
bro"ser (.0
bro"ser capabilities )les stored in 345 for!at6 introduced in version (.0.
,7&.89% ( includes !an/ of t#ese b/ default, to support co!!on "eb
bro"sers. %#ese specif/ "#ic# bro"sers #ave "#ic# capabilities, so t#at
,7&.89% ( can auto!aticall/ custo!i:e and opti!i:e its output
accordingl/. 7pecial .bro"ser )les are available for free do"nload to
#andle, for instance, t#e W;C <alidator, so t#at it properl/ s#o"s
standards-co!pliant pages as being standards-co!pliant. =eplaces t#e
#arder-to-use >ro"serCaps section t#at "as in !ac#ine.con)g and could
be overridden in "eb.con)g in ,7&.89% 1.x.
con)g 1.0
"eb.con)g is t#e onl/ )le in a speci)c Web application to use t#is
extension b/ default 0!ac#ine.con)g si!ilarl/ a?ects t#e entire Web
server and all applications on it2, #o"ever ,7&.89% provides facilities to
create and consu!e ot#er con)g )les. %#ese are stored in 345 for!at.
cs-vb 1.0
Code )les 0cs indicates C@, vb indicates <isual >asic2. Code be#ind )les
0see above2 predo!inantl/ #ave t#e extension A.aspx.csA or A.aspx.vbA
for t#e t"o !ost co!!on languages. Bt#er code )les 0often containing
co!!on Alibrar/A classes2 can also exist in t#e "eb folders "it# t#e
cs-vb extension. Cn ,7&.89% ( t#ese s#ould be placed inside t#e
,pp*Code folder "#ere t#e/ are d/na!icall/ co!piled and available to
t#e "#ole application.
db!l ;.D 5C8E to 7E5 data classes )le
!aster (.0 !aster page )le. Fefault )le na!e is 4aster1.!aster
resx 1.0 resource )les for internationali:ation and locali:ation. =esource )les can
be global 0e.g. !essages2 or AlocalA "#ic# !eans speci)c for a single
aspx or ascx )le.
site!ap (.0 site!ap con)guration )les. Fefault )le na!e is "eb.site!ap
s.in (.0 t#e!e s.in )les.
svc ;.0 Windo"s Co!!unication 'oundation service )le
ed!x ;.D ,FB.89% 9ntit/ 'ra!e"or. !odel
Describe the role of inetinfo.exe, aspnet_isapi.dll andaspnet_wp.exe in the page loading process.
inetinfo.exe is theMicrosoft IIS server running, handling ASP.N! re"uests a#ong other things.$hen an ASP.N!
re"uest is received %usuall& a file with .aspx extension', the ISAPI filter aspnet_isapi.dll ta(es care of it b& passing
the re"uest tothe actual wor(er process aspnet_wp.exe.
$hat)s the difference between *esponse.$rite%' and*esponse.+utput.$rite%',
*esponse.+utput.$rite%' allows &ou to write for#atted output.
$hat #ethods are fired during the page load,
Init%' - when the page is instantiated
.oad%' - when the page is loaded into server #e#or&
Pre*ender%' - the brief #o#ent before the page is displa&ed to the user as /!M.
0nload%' - when page finishes loading.
$hen during the page processing c&cle is 1iewState available,
After the Init%' and before the Page_.oad%', or +n.oad%' for a control.
$hat na#espace does the $eb page belong in the .N! 2ra#ewor( class hierarch&,
S&ste#.$eb.0I.Page
$here do &ou store the infor#ation about the user)s locale,
S&ste#.$eb.0I.Page.3ulture
$hat)s the difference between 3odebehind45M&3ode.aspx.cs5 andSrc45M&3ode.aspx.cs5,
3ode6ehind is relevant to 1isual Studio.N! onl&.
$hat data t&pes do the *ange1alidator control support,
Integer, String, and Date.
xplain the differences between Server-side and 3lient-side code,
Server-side code executes on the server. 3lient-side code executes in the client7s browser.
$hat t&pe of code %server or client' is found in a 3ode-6ehind class,
!he answer is server-side code since code-behind is executed on the server. /owever, during the code-behind7s
execution on the server, it can render client-side code such as 8avaScript to be processed in the clients browser. 6ut
9ust to be clear, code-behind executes on the server, thus #a(ing it server-side code.
$hat is the difference between Server.!ransfer and *esponse.*edirect, $h& would I choose one over the other,
Server.Transfer transfers page processing fro# one page directly to the next page without making a round-trip
ack to the client!s rowser. !his provides a faster response with a little less overhead on the server.
Server.!ransfer does not update the clients url history list or current url. *esponse.*edirect is used to redirect the
user7s browser to another page or site. !his perfor#as a trip bac( to the client where the client7s browser is
redirected to the new page. !he user7s browser histor& list is updated to reflect the new address.
$hat is the :lobal.asax used for,
!he :lobal.asax %including the :lobal.asax.cs file' is used to i#ple#ent application and session level events.
<%@ Application Language="C#" %>
<script runat="server">
void Application_Start(object sender !ventArgs e"
#
$$ Code t%at runs on application startup
&
void Application_!nd(object sender !ventArgs e"
#
$$ Code t%at runs on application s%utdo'n
&
void Application_!rror(object sender !ventArgs e"
#
$$ Code t%at runs '%en an un%andled error occurs
&
void Session_Start(object sender !ventArgs e"
#
$$ Code t%at runs '%en a ne' session is started
&
void Session_!nd(object sender !ventArgs e"
#
$$ Code t%at runs '%en a session ends(
$$ )ote* +%e Session_!nd event is raised onl, '%en t%e sessionstate -ode
$$ is set to .n/roc in t%e 0eb(con1ig 1ile( .1 session -ode is set to
StateServer
$$ or S2LServer t%e event is not raised(
&
<$script>
$hat are the Application_Start and Session_Start subroutines used for,
!his is where &ou can set the specific variables for the Application and Session ob9ects.
3an &ou explain what inheritance is and an exa#ple of when &ou #ight use it,
$hen &ou want to inherit %use the functionalit& of' another class. xa#ple; $ith a base class na#ed #plo&ee, a
Manager class could be derived fro# the #plo&ee base class.
Describe the difference between inline and code behind.
Inline code written alongside the ht#l in a page. 3ode-behind is code written in a separate file and referenced b& the
.aspx page.
$hats MSI., and wh& should #& developers need an appreciation of it if at all,
MSI. is the Microsoft Inter#ediate .anguage. All .N! co#patible languages will get converted to MSI.. MSI.
also allows the .N! 2ra#ewor( to 8I! co#pile the asse#bl& on the installed co#puter.
Na#e two properties co##on in ever& validation control,
3ontrol!o1alidate propert& and !ext propert&.
$hat are the validation controls in asp.net,
!o si#plif& developer)s life without writing code to validate the user input validation controls are
developed.ASP.N! validation controls also provide two wa&s of validation; Server-side or 3lient-side. !he nice
thing about these 1alidation controls is that it will perfor# client-side validation when it detects the browser is able
%unless client-side validation has been disabled'. !hus reducing roundtrips. And it will perfor# server-side where
necessar&. !his client-side<server-side detection and validation is done without extra wor( b& the developer=
$ith ASP.N!, there are six%>' controls included. !he& are;
!he *e"uired2ield1alidation 3ontrol; it #a(es sure that a user inputs a value.% attri;3ontrol!o1alidate'
!he 3o#pare1alidator 3ontrol ; it ensures the sa#e value b<n two controls , b<n a control and a fixed value. 0sage
of this 3o#pare1alidator is for confir#ing new passwords, chec(ing if a departure date is before the arrival date.
%attri;3ontrol!o1alidate,3ontrol!o3o#pare,1alue!o3o#pare,+perator'
!he *ange1alidator 3ontrol ; chec(s to see if a control value is within a valid range%attri; 3ontrol!o1alidate
,Maxi#u#1alue, Mini#u#1alue, and !&pe'
!he *egularxpression1alidator 3ontrol ; nsures that the value of an input control #atches a specified pattern.
%attri; 3ontrol!o1alidate, 1alidationxpression'ex;#ail validation.
!he 3usto#1alidator 3ontrol; adds great flexibilit& to our validation abilities./ere we get to write out own
functions and pass the control value to this function.%attri; 3ontrol!o1alidate, 3lient1alidation2unction,
+nServer1alidate'. $e notice that there are two new attributes 3lient1alidation2unction and +nServer1alidate.
3lient1alidation2unction is usuall& a 9avascript funtion included in the ht#l to the user. +nServer1alidate is the
function that is server-side to chec( for validation if client does not support client-side validation.
1alidation Su##ar& 3ontrol; an additional control that co#ple#ents the validation controls. !he validation
su##ar& control will collect all the error #essages of all the non-valid controls and put the# in a tid& list. !he list
can be either shown on the web page %ShowSu##ar&4?!rue?' or with a popup box %b& specif&ing
ShowMessage6ox45!rue5'
All of the validation controls inherit fro# the base class 6ase1alidator so the& all have a series of properties and
#ethods that are co##on to all validation controls. !he& are;
3ontrol!o1alidate - !his value is which control the validator is applied to.
rrorMessage - !his is the error #essage that will be displa&ed in the validation su##ar&.
Is1alid - 6oolean value for whether or not the control is valid.
1alidate - Method to validate the input control and update the Is1alid propert&.
Displa& - !his controls how the error #essage is shown. /ere are the possible options;
o None %!he validation #essage is never displa&ed.'
o Static %Space for the validation #essage is allocated in the page la&out.'
o D&na#ic %Space for the validation #essage is d&na#icall& added to the page if validation fails.'
Note; If &ou are doing server-side validation, #a(e sure the button onclic( #ethod has a Page.Is1alid if state#ent or
it will loo( li(e &our validators aren7t doing an&thing.
$hat is the transport protocol &ou use to call a $eb service,
S+AP %Si#ple +b9ect Access Protocol' is the preferred protocol.
!rue or 2alse; A $eb service can onl& be written in .N!,
2alse
$hat does $SD. stand for,
$eb Services Description .anguage.
$here on the Internet would &ou loo( for $eb services,
http;<<www.uddi.org
!rue or 2alse; !o test a $eb service &ou #ust create a $indows application or $eb application to consu#e this
service,
2alse, the web service co#es with a test page and it provides /!!P-:! #ethod to test.
$hat is the difference between /!!P-:! and /!!P-P+S!,
"ET and P#ST basicall& allow information to e sent ack to the we server from a rowser %or other /!!P
client for that #atter'. 3hoosing "ET as the 5#ethod5 will append all of the data in the form to the $%& and it
will show up in the $%& ar of your rowser .So it is not secured. !he a#ount of infor#ation &ou can send bac(
using a :! is restricted as $%&s can only e '()* characters. :! is the default #ethod used in the for# if not
#entioned. A P#ST on the other hand will %t&picall&' send the information through a soc(et %+essage ,ody'
bac( to the web server and it won!t show up in the $%& ar. So it is secured. @ou can send #uch #ore
infor#ation to the server this wa& - and it7s not restricted to textual data either.
$hat is State Manage#ent,
-TTP is a stateless protocol. State #anage#ent is the process b& which &ou #aintain state and page infor#ation
over #ultiple re"uests for the sa#e or different pages. !here are ) types State Manage#ent; 3lient A Side State
Manage#ent and Server A Side State Manage#ent.
3SSM stores infor#ation on the client7s co#puter b& e#bedding the infor#ation into a $eb page, a unifor#
resource locator %url', or a coo(ie.
.iew State A Asp.Net uses 1iew State to trac( the values in the 3ontrols. @ou can add custo# values to the view
state. It is used b& the Asp.net page fra#ewor( to auto#aticall& save the values of the page and of each control 9ust
prior to rendering to the page. $hen the page is posted, one of the first tas(s perfor#ed b& page processing is to
restore view state.
Advantages;
No server resources are re/uired !he view state is contained in a structure within the page code.
Simple implementation 1iew state does not re"uire an& custo# progra##ing to use. It is on b& default
to #aintain state data on controls.
Enhanced security features !he values in view state are hashed, co#pressed, and encoded for 0nicode
i#ple#entations, which provides #ore securit& than using hidden fields.
Disadvantages;
Performance considerations 6ecause the view state is stored in the page itself, storing large values can
cause the page to slow down when users displa& it and when the& post it. !his is especiall& relevant for
#obile devices, where bandwidth is often a li#itation.
0evice limitations Mobile devices #ight not have the #e#or& capacit& to store a large a#ount of view-
state data.
Potential security risks !he view state is stored in one or #ore hidden fields on the page. Although view
state stores data in a hashed for#at, it can still be ta#pered with. !he infor#ation in the hidden field can be
seen if the page output source is viewed directl&, creating a potential securit& issue
3ontrol State A If &ou create a custo# control that re"uires view state to wor( properl&, &ou should use control state
to ensure other developers don)t brea( &our control b& disabling view state.
Advantages;
No server resources are re/uired 6& default, control state is stored in hidden fields on the page.
%eliaility 6ecause control state cannot be turned off li(e view state, control state is a #ore reliable
#ethod for #anaging the state of controls.
.ersatility 3usto# adapters can be written to control how and where control-state data is stored.
Disadvantages;
Some programming is re/uired $hile the ASP.N! page fra#ewor( provides a foundation for control
state, control state is a custo# state-persistence #echanis#. !o full& utiliBe control state, &ou #ust write
code to save and load control state.
/idden fields A .i(e view state, hidden fields store data in an /!M. for# without displa&ing it in the user7s
browser. !he data is available onl& when the for# is processed.
Advantages;
No server resources are re/uired !he hidden field is stored and read fro# the page.
1idespread support Al#ost all browsers and client devices support for#s with hidden fields.
Simple implementation /idden fields are standard /!M. controls that re"uire no co#plex progra##ing
logic.
Disadvantages;
Potential security risks !he hidden field can be ta#pered with. !he infor#ation in the hidden field can
be seen if the page output source is viewed directl&, creating a potential securit& issue. @ou can #anuall&
encr&pt and decr&pt the contents of a hidden field, but doing so re"uires extra coding and overhead. If
securit& is a concern, consider using a server-based state #echanis# so that no sensitive infor#ation is sent
to the client. 2or #ore infor#ation, see ASP.N! $eb Application Securit& and 6asic Securit& Practices
for $eb Applications.
Simple storage architecture !he hidden field does not support rich data t&pes. /idden fields offer a
single string value field in which to place infor#ation. !o store #ultiple values, &ou #ust i#ple#ent
deli#ited strings and the code to parse those strings. @ou can #anuall& serialiBe and de-serialiBe rich data
t&pes to and fro# hidden fields, respectivel&. /owever, it re"uires extra code to do so. If &ou need to store
rich data t&pes on the client, consider using view state instead. 1iew state has serialiBation built-in, and it
stores data in hidden fields.
Performance considerations 6ecause hidden fields are stored in the page itself, storing large values can
cause the page to slow down when users displa& it and when the& post it.
Storage limitations If the a#ount of data in a hidden field beco#es ver& large, so#e proxies and
firewalls will prevent access to the page that contains the#. 6ecause the #axi#u# a#ount can var& with
different firewall and prox& i#ple#entations, large hidden fields can be sporadicall& proble#atic. If &ou
need to store #an& ite#s of data, consider doing one of the following;
Put each ite# in a separate hidden field.
0se view state with view-state chun(ing turned on, which auto#aticall& separates data into
#ultiple hidden fields.
Instead of storing data on the client, persist the data on the server. !he #ore data &ou send to the
client, the slower the apparent response ti#e of &our application will be because the browser will need to
download or send #ore data.
3oo(ies 1e applications can store small pieces of data in the client2s 1e rowser b& using coo(ies. A coo(ie
is a small amount of data that is stored either in a text file on the client file system %if the coo(ie is persistent' or
in #e#or& in the client browser session %if the coo(ie is te#porar&'. !he #ost co##on use of coo(ies is to identif&
a single user as he or she visits #ultiple $eb pages.
Advantages;
3onfigurale expiration rules !he coo(ie can expire when the browser session ends, or it can exist
indefinitel& on the client co#puter, sub9ect to the expiration rules on the client.
No server resources are re/uired !he coo(ie is stored on the client and read b& the server after a post.