04 | Customizing Controllers

Slides:



Advertisements
Similar presentations
Using EBSCOs Search Box Builder Tool Tutorial. Would you like to promote your EBSCOhost resources by adding an easy-to-use search box to your website?
Advertisements

Creating an EDS Search Box Using EBSCO’s Search Box Builder Tool
METALOGIC s o f t w a r e © Metalogic Software Corporation DACS Developer Overview DACS – the Distributed Access Control System.
Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!
INTRODUCTION TO ASP.NET MVC AND EXAMPLE WALKTHROUGH RAJAT ARYA EFECS - OIM DAWG – 4/21/2009 ASP.NET MVC.
Introduction to MVC Adding a View Page NTPCUG Tom Perkins, Ph.D.
Introduction to MVC Action Methods, Edit View, and a Search Feature NTPCUG Dr. Tom Perkins.
 The Citrix Application Firewall prevents security breaches, data loss, and possible unauthorized modifications to Web sites that access sensitive business.
11 Getting Started with ASP.NET Beginning ASP.NET 4.0 in C# 2010 Chapters 5 and 6.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Object-Oriented Enterprise Application Development Tomcat 3.2 Configuration Last Updated: 03/30/2001.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
06 | Implementing Web APIs Jon Galloway | Tech Evangelist Christopher Harrison | Head Geek.
Virtual techdays INDIA │ November 2010 ASP.Net MVC Deep Dive Sundararajan S │ Associate Tech Architect, Aditi Technologies.
Fraser Technical Solutions, LLC
NextGen Technology upgrade – Synerizip - Sandeep Kamble.
ASP.NET Web API Udaiappa Ramachandran NHDN-Nashua.NET/Cloud Computing UG Lead Blog:
©2008 Gotham Digital Science Secure Parameter Filter (SPF) (AKA Protecting Vulnerable Applications with IIS7) Justin Clarke, Andrew Carey Nairn.
Design Patterns Phil Smith 28 th November Design Patterns There are many ways to produce content via Servlets and JSPs Understanding the good, the.
Standalone Java Application vs. Java Web Application
Introduction to ASP.NET MVC Information for this presentation was taken from Pluralsight Building Applications with ASP.NET MVC 4.
Introduction to Entity Framework Part 2 CRUD Scaffolding Tom Perkins NTPCUG.
Murach’s ASP.NET 4.0/VB, C1© 2006, Mike Murach & Associates, Inc.Slide 1.
1.NET Web Forms Web Services © 2002 by Jerry Post.
Chapter 6 Server-side Programming: Java Servlets
Building Secure Web Applications With ASP.Net MVC.
BIT 286: Web Applications Lecture 10 : Thursday, February 5, 2015 ASP.Net Form Submission.
Module 7: Advanced Application and Web Filtering.
Forms Collecting Data CSS Class 5. Forms Create a form Add text box Add labels Add check boxes and radio buttons Build a drop-down list Group drop-down.
KEW Definitions Document Type The Document Type defines the routing definition and other properties for a set of documents. Each document is an instance.
Web Design and Development. World Wide Web  World Wide Web (WWW or W3), collection of globally distributed text and multimedia documents and files 
Virtual techdays INDIA │ 9-11 February 2011 SESSION TITLE Kamala Rajan S │ Technical Manager, Marlabs.
Modern Development Technologies in SharePoint SHAREPOINT SATURDAY OMAHA APRIL, 2016.
BIT 286: Web Applications Lecture 04 : Thursday, January 15, 2015 ASP.Net MVC -
HTML III (Forms) Robin Burke ECT 270. Outline Where we are in this class Web applications HTML Forms Break Forms lab.
1 Using MVC 6. MVC vs. ASP Web Forms Both run under ASP.NET Can coexist In Web Forms, browser requests page. xxx.aspx and xxx.aspx.cs on the server Page.
Jim Fawcett CSE686 – Internet Programming Spring 2014
Ask the Experts – Building Login-Based Sites in AEM
ASP.NET Forms.
An introduction to ASP.Net with MVC Nischal S
Magento Development Company
Receiving form Variables
Overview Blogs and wikis are two Web 2.0 tools that allow users to publish content online Blogs function as online journals Wikis are collections of searchable,
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
Building Web Applications with Microsoft ASP
Jim Fawcett CSE686 – Internet Programming Spring 2012
MVC Architecture, Symfony Framework for PHP Web Apps
z/Ware 2.0 Technical Overview
Section 13 - Integrating with Third Party Tools
Data Virtualization Tutorial… CORS and CIS
C#: ASP.NET MVC Overview
Play Framework: Introduction
Jon Galloway | Tech Evangelist Christopher Harrison | Head Geek
Cross-Site Forgery
SharePoint Cloud hosted Apps
02 | Developing ASP.NET MVC 4 Models
Data Structures and Database Applications Custom Models with MVC
Controllers.
Social Media And Global Computing Managing MVC with Custom Models
Customizing Controllers Controllers Customizing කර ගැනීම
Project Management in SharePoint
HTTP GET vs POST SE-2840 Dr. Mark L. Hornick.
MIS JavaScript and API Workshop (Part 3)
Project Management in SharePoint
Web Development Using ASP .NET
05 | Customizing Views Jon Galloway | Development Platform Evangelist
MVC Controllers.
ASP.NET MVC Web Development
Ajax and JSON Jeremy Shafer Department of MIS Fox School of Business
Ajax and JSON Jeremy Shafer Department of MIS Fox School of Business
Presentation transcript:

04 | Customizing Controllers Jon Galloway | Technical Evangelist Christopher Harrison | Content Developer

Taking Control of Controllers Adding Actions Model Binding Filters Vanity URLs Controller Best Practices

Adding Actions

Adding Actions Controllers are classes Actions are methods Creating an action involves adding a method to a class

Action Signature Return Types Parameters ActionResult FileResult JsonResult ViewResult Parameters Normal parameters MVC model binding

Get and Post Create/Update/Delete are typically two step operations Present the form Accept the input Create two actions Form presentation via HttpGet (default) Accept data via HttpPost

Model Binding Update an action to use FormCollection Execute and show off generated form (with name attributes) Show via debugger the generated form collection Highlight id vs name Model Binding

Model Binding

Default Model Binder “It just works” – Jon Galloway Uses the name attribute of input elements Automatically matches parameter names for simple data types Complex objects are mapped by property name Complex properties use dotted notation <input type="text" name="Album.LinerNotes" /> Song SongID Title Length Lyrics Album AlbumID Title Label LinerNotes

Controlling Model Binding Imagine the following model Need Create a form to edit everything but the lyrics Challenge Default model binder automatically binds all inbound properties Song SongID Title Length Lyrics

Solutions Simplest Other solutions Use the bind attribute to indicate which properties to bind Edit([Bind(Include = "SongID,Title,Length")] Song song) Other solutions Create a view model Create a custom model binder

BindAttribute

Filters

Filters Filters are attributes Alter execution Decorate controllers and actions Alter execution MVC contains several built-in filters Often used in lieu of updating web.config

Normal Action Execution MVC Instantiates Controller User Request Action is Executed HTML Returned Model is Combined with View

Actions with Filters MVC Instantiates Controller User Request Pre-execution Filter Code Executes Action is Executed HTML Returned Model is Combined with View Post-execution Filter Code Executes

Adding Filters Action Controller Global FilterConfig.cs

Security Filters Authorize ValidateAntiForgeryToken RequireHttps Control who can access a controller/action Properties Users Roles ValidateAntiForgeryToken Defends against cross-site request forgery Requires anti-forgery token to be added to view RequireHttps Requries SSL

SSL Encrypts traffic and prevents tampering Authenticates server When to use SSL Asking for sensitive information After authentication http://blog.codinghorror.com/should-all-web-traffic-be-encrypted/

Security Filters

Vanity URLs

Standard URL Users have no idea what that URL refers to www.mymusicstore.com/App/Album/Details/Display.aspx?ID=42&BandID=64 Users have no idea what that URL refers to Search engines have no idea what that URL refers to It’s just plain ugly

Vanity URL User knows information provided by the page www.mymusicstore.com/Album/Cure/Wish User knows information provided by the page Search engines know information provided by page Don’t underestimate the importance of vanity URLs

MVC Routing Vanity URLs are handled by routing Routing in MVC controls what controller/action is called based on the URL provided Methods for updating routing RouteConfig.cs AttributeRouting

RouteConfig.cs

Attribute Routing Attributes control routing/URL RouteAttribute [Route("Album/Edit/{id:int}")] public ActionResult Edit(int id) www.mymusicstore.com/Album/Edit/42 Calls the Edit action Passes in the ID parameter ID must be an integer

RoutePrefix Added to controller Adds prefix to all routes [RoutePrefix("Album")] public class AlbumsController : Controller { [Route("Album/Edit/{id:int}")] public ActionResult Edit(int id) // code }

Attribute Routing

Controller Best Practices

Controller Design Guidelines High Cohesion Make sure all actions are closely related Low Coupling Controllers should know as little about the rest of the system as possible Simplifies testing and changes Repository pattern Wrap data context calls into another object

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.