Tag Archives: State Management

State Management

VIEW STATE

  • The ViewState property provides a dictionary object for retaining values between multiple requests for the same page only.
  • ViewState is lost if the user visits a different Web page, so it is useful only for temporarily storing values. They are saved in hidden fields.
  • The viewstate for all of the controls on the page will be stored in a single hidden control called __VIEWSTATE.

<input type=”hidden” name=”__VIEWSTATE” id=”__VIEWSTATE” value=”/wEPDwUKMTIxNDIyOTM0Mg9kFgICAw9kFgICAQ8PFgIeBFRleHQFEzQvNS8yMDA2IDE6Mzc6MTEgUE1kZGROWHn/rt75XF/pMGnqjqHlH66cdw==” />

We can encrypt viewstate to make it more difficult for attackers. To configure view state encryption:

At Application Level:

<Configuration>

<system.web>

<pages viewStateEncryptionMode=”Always”/>

</system.web>

</configuration>

At Page level:

<%@ Page AutoEventWireup=”true” CodeFile=”Default.aspx.cs” Inherits=”_Default” ViewStateEncryptionMode=”Always”%>

View State is enabled by default, but we can disable it by setting the EnableViewState property for each web control to false.

Data Types You Can Store in View State

Strings

Integers

Boolean values

Array objects

ArrayList objects

Hash tables

Custom ViewState

ArrayList PageArrayList;

//Get value from ViewState

if (ViewState[“PageArrayList”] != null)

{

PageArrayList = (ArrayList)ViewState[“arrayListInViewState”];

}

//To saves into ViewState

ViewState.Add(“arrayListInViewState”, PageArrayList);

QUERYSTRING

A query string is information sent to the server appended to the end of a page URL.

Benefits: –

• No server resources are required. The query string containing in the HTTP requests for a specific URL.

• All browsers support query strings.

Limitations: –

• Query string data is directly visible to user thus leading to security problems.

• Most browsers and client devices impose a 255-character limit on URL length.

If you have more than one query string then using “&” sign.

eg:

http://www.gurunguns.com/login.aspx?type=testing&uid=qstring

We can use the above queryString in C# as:

string loginType = Request.QueryString[“type”]

string userid = Request.QueryString[“uid”]

To access QueryString using javascript:

http://triaslama.wordpress.com/2008/04/12/retrieving-query-string-values-in-aspnet-and-javascript/

COOKIES

PERSISTENT COOKIE NON-PERSISTENT COOKIE
1. Persistent cookies are stored in text file at the client side. Non-Persistent cookies are stored in the RAM at client.
2. They are permanent cookies. They are destroyed when the browser is closed.
3. Session Id is not stored in them. Session Id is stored in non-persistent cookies.
Advertisements

Leave a comment

Filed under .Net