Posts

Showing posts from February, 2011

How Does <%: ... %> Differ From <%= ... %> in ASP.Net MVC

The <%= ... %> syntax has been available in ASP.NET since the platform was first invented. Just like the equivalent syntaxes in PHP, JSP, Classic ASP, and many other platforms, it’s a way to emit dynamic values into the HTML response. But this raises a question of security: if the dynamic value may originally have been supplied by a user, how can you be sure it doesn’t contain any unwanted HTML or malicious JavaScript? The standard way to avoid any such risk is to HTML-encode the value before emitting it, which converts any special characters (e.g., < ) to harmless HTML entities (e.g., &lt; ) that the browser knows to treat as plain text. <%= Html.Encode(ViewData["greeting"]) %> The tricky bit is remembering to write Html.Encode() all the time, especially considering that sometimes you must not encode certain values because they may contain HTML that you do want (e.g., from HTML helper methods like Html.ActionLink() , which already take care of encoding an...
Post a Comment
Read more

Specify port number in ASP.NET Development Server

Image
By default, the web server assigns random selected port for localhost. For example, if you have created a web site and you are going to test a page named TestPage.aspx, when you see the URL might be the following. http://localhost:4049/TestPage.aspx Following step are given below to assign a static port for the ASP.NET Development Server 1.      In   the Solution Explorer , right click the name of web site. 1.      In the   Properties   pane, you will find   Use dynamic ports = True , change   Use dynamic ports =False . This will enable editing of the   Port number   property. 2.      In the   Properties   pane, change a   Port number. Now, whenever you run web site with in   Visual Studio Developer , the   ASP.NET Development Server   will listen on the specified port.
Post a Comment
Read more

Difference between Convert.ToString() and ToString() method

Convert.ToString() handles null values and not throws ObjectReferenceNullException whereas ToString() does not handles the null value and throws the null exception error message. If you don't want to get the null exception if your object is null then you have to use Convert.ToString () Method.
Post a Comment
Read more