Q How can you prevent a cleint by using Action method in MVC?

I have two actions inside my controller (shoppingCartController)

public ActionResult Index()
	//some stuff here
	return View(viewModel);

public ActionResult AddToCart(int id)

	return RedirectToAction("Index");


Is there anyway to prevent the users from directly calling the index action by typing the url in the browser?
For example: If the user browses to shoppingCart/index be redirected to Home/Index.
You could use the [ChildActionOnly] attribute on your action method to make sure it’s not called directly, or use the ControllerContext.IsChildAction property inside your action to determine if you want to redirect.
For example:

public ActionResult Index()
       //perform redirect here

    //some stuff here
    return View(viewModel);




Leave a comment

Filed under C#, Interview question, MVC, Uncategorized

Q Explain deferred execution vs. immediate execution in LINQ. Provide examples.

In LINQ, deferred execution simply means that the query is not executed at the time it is specified. Specifically, this is accomplished by assigning the query to a variable. When this is done, the query definition is stored in the variable but the query is not executed until the query variable is iterated over. For example:

DataContext productContext = new DataContext();

var productQuery = from product in productContext.Products
where product.Type == "SOAPS"
select product; // Query is NOT executed here

foreach (var product in productQuery) // Query executes HERE

You can also force immediate execution of a query. This can be useful, for example, if the database is being updated frequently, and it is important in the logic of your program to ensure that the results you’re accessing are those returned at the point in your code where the query was specified. Immediate execution is often forced using a method such as Average, Sum, Count, List, ToList, or ToArray. For example:

DataContext productContext = new DataContext();

var productCountQuery = (from product in productContext.Products
where product.Type == "SOAPS"
select product).Count(); // Query executes HERE


Leave a comment

Filed under C#, Interview question

How does HTTPS works?

How does HTTPS works?

  1. Client request for secure Https  page.
  2. Web server respond by sending certificate with public key.
  3. Client checks the validity of the certificate and create a symmetric session key using the public key and sends it back to Web serer.
  4. Web server decrypt the symmetric session key using it’s private key and sends page encrypted using the symmetric session key.
  5. Secure session has now been established between Client browser & Web server.


HTTPS pages typically use one of two secure protocols to encrypt communications – SSL (Secure Sockets Layer) or TLS (Transport Layer Security). Both the TLS and SSL protocols use what is known as an ‘asymmetric’ Public Key Infrastructure (PKI) system. An asymmetric system uses two ‘keys’ to encrypt communications, a ‘public’ key and a ‘private’ key. Anything encrypted with the public key can only be decrypted by the private key and vice-versa.

The ‘private’ key should be kept strictly protected and should only be accessible the owner of the private key. In the case of a website, the private key remains securely ensconced on the web server. Conversely, the public key is intended to be distributed to anybody and everybody that needs to be able to decrypt information that was encrypted with the private key.



Leave a comment

Filed under .Net, ASP.Net, C#, WCF

When to use Channel factory in WCF

If you are using assembly-sharing (which is, let’s face it, hugely convenient if you own both ends of the pipe), then both ends already have a complete version if the interface etc. It seems redundant to run the svcutil tool (at command-prompt or via the IDE) just to get back a wrapper for what we already have. It also works very well when you want to code only to an interface, not to the wrapper class – and use some centralised code to get a channel to a particular interface at a given address. This is actually how I mainly use WCF.

The “client” approach works well for one-off services, or where it doesn’t need to go through any central tooling. It also makes for very simple demos.

How to: Use the ChannelFactory

Leave a comment

Filed under WCF

EmitDefaultValue Significance

In .Net, types have default value. Like for reference type default value is null, and for integer type default value is 0.
It is desirable to omit data member from serialized data which is set to it’s default value as a performance advantage.

To omit a member from serialised data, set the EmitDefaultValue property of the attribute to false. Default is true.

public class Employee
    public string employeeName = null;

    public int employeeID = 0;

    [DataMember(EmitDefaultValue = false)]
    public string position = null;

    [DataMember(EmitDefaultValue = false)]
    public int salary = 0;

    [DataMember(EmitDefaultValue = false)]
    public int? bonus = null;

    [DataMember(EmitDefaultValue = false)]
    public int targetSalary = 57800;

XML Representation

   <employeeName xsi:nil="true" />

Data Member Default Values

Leave a comment

Filed under WCF

Benefit of const

A Very similar to a #define in C, const “variables” in the .NET Framework don’t have their own actual storage location but rather are substituted into the Microsoft Intermediate Language (MSIL) instructions at compile time where they are referenced. For example, if I have the following C# code

int myInt = 5; 

csc.exe will generate this MSIL:

ldc.i4.5 stloc.0 ldloc.0 call void [mscorlib]System.Console::WriteLine(int32)

In other words, it loads the value 5, stores it to the myInt variable, then loads this value back onto the execution stack, and prints it out using Console.WriteLine.

If you change the myInt variable to be a constant, like so

const int myInt = 5; 

the MSIL generated will be:

ldc.i4.5 call void [mscorlib]System.Console::WriteLine(int32)

Now, wherever myInt is referenced in the code, instead of having to do a “ldloc.0” to get the value from the variable, the MSIL just loads the constant value which is hardcoded into the MSIL. As such, there’s usually a small performance and memory advantage to using constants.
However, in order to use them you must have the value of the variable at compile time, and any references to this constant at compile time, even if they’re in a different assembly, will have this substitution made. Constants are certainly a useful tool if you know the value at compile time.
If you don’t, but want to ensure that your variable is set only once, you can use the readonly keyword in C# (which maps to initonly in MSIL) to indicate that the value of the variable can only be set in the constructor; after that, it’s an error to change it. This is often used when a field helps to determine the identity of a class, and is often set equal to a constructor parameter.

Leave a comment

Filed under C#

Channel Factory

What is Channel Factory
There are three ways to create a WCF client:

  1. Proxy – Using VS or SvcUtil.exe
  2. WCF Channel Factory
  3. REST services, using HttpClient or WebClient

A Channel Factory enables you to create a communication channel to the service without a proxy.
A Channel Factory is implemented by the IChannelFactory Interface.
The Channel Factory class is useful when you want to share a common service contract DLL between the client and the server.

Using the ChannelFactory<T> class is an easier alternative to making calls to the WCF services to the laborious process of generating proxies via the SvcUtil.exe tool every time a service contract changes. Channel Factory is a factory for creating service communication channels at runtime.
ChannelFactory<T> takes a generic parameter of the service type (it must be a service contract interface) to create a channel.

For using channel factory, the following steps are necessary:

  • Create a binding in WCF
  • Create a ChannelFactory class
  • Create a Channel
  • Send-Receive messages over that channel
public interface IService1

    string GetData(int value);


How to Call WCF Service Use Channel Factory

//1. Create a binding  in WCF
BasicHttpBinding myBinding = new BasicHttpBinding();
EndpointAddress myEndpoint = new EndpointAddress("http://localhost:3047/Service1.svc");

//2. Create a ChannelFactory class
ChannelFactory myChannelFactory = new ChannelFactory(myBinding, myEndpoint);
//3. Create a Channel
IService1 instance = myChannelFactory.CreateChannel();

//4. Send-Receive messages over that channel


Difference between proxy and channel factory

PROXY Channel Factory
1 Only require URL where the service resides You must have direct access to the assembly that contains that service contract T for
2 Very Simpler Not easier
3 Easy to Understand channels are complex, network-related
4 There is Visual Studio gives you add the reference When you share a common service contract dll between the client and the server, you’ll be using the ChannelFactory class
5 Proxies have several restrictions like:

  1. Properties need to have gets and sets
  2. Contructors can’t be exposed
  3. Methods other than the service contract cannot be exposed
If you know that your entities will not change much and the client code is less, then a DLL would work better than a proxy
6 By using SVCutil.exe you will create PRoxy When you are using DLL that refers Service contract interface then use the channel factory class

When to use a ChannelFactory i.e. a shared DLL?

A DLL is helpful if the client code is under you control and you’d like to: share more than just the service contract with the client — such as some utility methods associated with entities and make the client & the service code more tightly bound. If you know that your entities will not change much and the client code is less, then a DLL would work better than a proxy. Proxies have several restrictions like:

  1. Properties need to have gets and sets
  2. Contructors can’t be exposed
  3. Methods other than the service contract cannot be exposed

What all to package in the DLL?

You’ll need to package the following:

  1. Entities
  2. Service contract — the interface
  3. RequestMsg classes (if any)
  4. ResponseMsg classes (if any)

So if you are designing a connected system and using WCF for that, then you can use a shared dll instead of a proxy, to avoid code repetition and be more effective in the use of the service entities.



Leave a comment

Filed under WCF