• Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
2,959
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
32
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Things that Every ASP.NETDeveloper should knowDarren SimMicrosoft MVP (ASP.NET / IIS)Member, Microsoft Developer Guidance Web Advisory CouncilDirector, Singapore Software Quality Testing Board (SGTQB)
  • 2. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 3. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 4. Fundamentals• Internet is based on TCP/IP• World Wide Web is based on HTTP – HTTP based on Request/Response paradigm – Header and body – Stateless – Specification @ http://www.ietf.org/rfc/rfc2068.txt
  • 5. Http RequestGET http://localhost:99/default.aspx HTTP/1.1Accept: */*Accept-Language: en-usUA-CPU: x86Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506; .NET CLR 1.1.4322; InfoPath.2; .NET CLR 3.5.21022)Host: localhost:99Proxy-Connection: Keep-AlivePragma: no-cache
  • 6. Http ResponseHTTP/1.1 200 OKCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/7.0X-AspNet-Version: 2.0.50727 HeaderX-Powered-By: ASP.NETDate: Sun, 07 Mar 2010 19:22:19 GMTContent-Length: 686<head><title> Home Page </title></head><body class="basic"> <form name="form1" method="post" action="default.aspx" id="form1"><div><input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"value="/wEPDwULLTE0MDkxNzYwNDNkZKn1tb3qjzVWNrSAgGULkE4nvHPg" /></div> Body <div style="background-color:Blue"> <h3>Home</h3> </div> </form></body></html>
  • 7. How we connect to the internet? ISP
  • 8. IIS Architecture Configuration Application Pool SvcHost.exe w3wp.exe WWW Windows Publishing Process Service Activation (W3SVC) Service (WAS)User ModeKernel Mode HTTP.sys
  • 9. Configuration File Site Application Machine.config Root web.config web.config web.config <system.Web> <system.Web> Applicationhost.config <system.webServer> <system.webServer>*Web.config has a 100Kb file size limit.
  • 10. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 11. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 12. Fiddler• Tracing tool specifically for HTTP• Shows complete request and response (not packets)• Can save archive of session• Can be used on own machine (ipv4.fiddler, ipv6.fiddler)• Can create own GET requests• Can decrypt SSL traffic!
  • 13. Microsoft Network Monitor• General network tracing tool for many protocols• Hooks into network adapters• See network frames at multiple levels• Apply filters for specific protocols, IP addresses, etcFree download at http://www.microsoft.com/downloads/en/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en
  • 14. IIS Log Files• Time Taken (execute, queue, and time to client – IIS 7/6)• Sub-status codes are very useful for indicating the exact problems• Log entries are made AFTER the page execution is complete• Log file entries are always in GMT• Setup cookie, referrer, bytes sent
  • 15. Log Parser• Utility to query IIS log files, event logs, etc• Query syntax nearly identical to SQL• Write series of queries for site health (HTTP status, time taken, file sizes, down pages, orders, etc)• ASP.NET Response.AppendToLog( )Download Log Parser at http://tinyurl.com/5uoxz
  • 16. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 17. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 18. Performance CulpritsProblem Statement• HTTP requests are the biggest web performance killer• Reduce Requests, massively improve performance
  • 19. Performance CulpritsSolution• Combine all Javascript into one file• Combine all CSS into one file• Using MSAjax CDN instead of your own
  • 20. Reduce & Avoid Requests• Avoid Response.Redirect – Invokes an extra client side HTTP Request• Use Server.Transfer instead
  • 21. Reduce Page Size• The smaller the page, the quicker the download• Especially important in these areas – Mobile Applications (Windows Mobile, IPhone, 3G Data Card) – Non Broadband Users – Many offices have less capacity than broadband – Developing Countries
  • 22. Reduce Page Size• Most Browsers support HTTP Compression – GZIP & Deflate – IE, Firefox etc• Drastically reduces page size• Steps – Browser Passes Accept-Encoding in Request Header – Data is compressed and sent to browser – Browser decompresses html• Only GET is compressed, POST IS NOT Compressed
  • 23. HTTP Compression• Server evaluates the “Accept-Encoding” header for request, compresses resulting response• largeGridView.aspx - 41 frames down to 7• Implemented in February 2003 when about 3% of Fortune 1000 web sites utilized• Used 53% less bandwidth, ~25% faster Keynote measurements• Now use IIS Compression (free)
  • 24. HTTP Compression (cont…)• IIS 7 – Can control when to stop using if CPU usage is too high – Minimum default file size is 256K – Only static compression is on by defaultDetailed article about enabling IIS 6 compression at http://tinyurl.com/yjdo7w
  • 25. Content Expirations• Client asks “if-modified-since”• Small content files it is just as expensive to see if modified as to receive content• Setup expiration times for content folders• Avoid requests for files that seldom change (.js, .css, images, etc)• Rename the file if need to override browser caching
  • 26. Ajax Minifier• Microsoft Ajax Minifier (Codeplex.com)• Minimize CSS and JavaScript files – Remove whitespace, comments, excessive semicolons, etc• Command line, .dll, and build tasks• jQuery-1.4.2.js minimized 55.5%• Test after minimize!• MSBuild Extension Pack (version #)
  • 27. ETags• Used for cache validation• IIS sends the ETag header in response for static files – hash:changeNumber• IIS 6 – changeNumber – specific to server – Set to 0 with Metabase Explorer, http://tinyurl.com/2agsbtc• IIS 7 – changeNumber - 0 by default – Completely remove header with HttpModule
  • 28. CSS Sprite• Combine small images into a single image• Use CSS to “index” into the larger image• Often 70-95% of time taken for a user is time requesting components (images, .css, .js)• Reduce the number of requests**Free CSS Sprite generator at http://spritegen.website-performance.org/
  • 29. Tracing• Setup ASP.NET to save information about recent requests• <trace enabled="true" pageOutput="false" localOnly="false" requestLimit="2" mostRecent="true" />• /Trace.axd
  • 30. Tracing (code)
  • 31. Trace Outputs
  • 32. Analysis of Trace Output
  • 33. Error Page Configurations• <deployment retail=”true” /> (machine.config only) – <customErrors mode=”On” /> – <compilation debug=”false” /> – <tracing enabled=“false” />• External config files (no restart)
  • 34. Global.asax Application_Error( )• Every ASP.NET web site should have this coded to ensure that unhandled exceptions are caught and logged• HKLMSystemCurrentControlSetServicesEventLogApplication and add key for source• Use <customErrors mode=“On” /> to redirect to a down page
  • 35. Validation Controls• OWASP Top 10 – XSS (Cross Site Scripting) – SQL Injection• All input from web controls needs to be verified• Leverage client validation for user experience but must validate on the server• Common validators – RequiredFieldValidator – RangeValidator – RegularExpressionValidator – CompareValidator – CustomValidator
  • 36. Caching– Data caching (Cache), cut 50% of our SQL queries which was 72,080,000 less queries each month!– Substitution– Output caching (shared)– Don’t cache page (set specific cache ability) • Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache);
  • 37. Yahoo! A List Browsers Win XP Win 7 Mac 10.6.† iOS 3.† iOS 4.† Android 2.2.†Safari 5.† A-gradeChrome † (latest A-gradestable) A-grade (upon GA A-grade (upon GAFirefox 4.† release) release)Firefox 3.6.† A-grade A-grade A-grade A-grade (upon GAIE 9.0 release)IE 8.0 A-grade A-gradeIE 7.0 A-gradeIE 6.0 A-gradeSafari for iOS A-grade A-gradeWebKit for Android A-gradeOSComplete list available at http://developer.yahoo.com/yui/articles/gbs/
  • 38. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 39. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 40. Reference Model to Guide Architecture Projects
  • 41. Model for Web 2.0 Users Client applications/runtimes Connectivity/reachability Services Capabilities
  • 42. Basic Service-Consumer Pattern Consumed via internet Service Client Applications Provides View Offered as Interface Capability
  • 43. Landscape leading to hybrid platforms
  • 44. Web 2.0 Reference Architecture (basic)
  • 45. Web 2.0 Reference Architecture (detailed)
  • 46. Components of a pattern (basic)
  • 47. Components of a pattern (detailed)
  • 48. Patterns for Web 2.0• The Service-Oriented Architecture Pattern• The Software as a Service (SaaS) Pattern• The Participation-Collaboration Pattern• The Asynchronous Particle Update Pattern• The Mashup Pattern• The Rich User Experience Pattern
  • 49. Patterns for Web 2.0 (cont…)• The Synchronized Web Pattern• The Collaborative Tagging Pattern• The Declarative Living and Tag Gardening Pattern• The Semantic Web Grounding Pattern• The Persistent Rights Management (PRM) Pattern• The Structured Information Pattern
  • 50. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 51. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  • 52. Resources & ReadingsPerformance Managementhttp://www.sitepoint.com/books/aspnetant1/aspnetant1-sample.pdfASP.NET Developer Guidance Maphttp://www.darrensim.com
  • 53. itsme@darrensim.com http://www.facebook.com/darrensim http://www.twitter.com/darrensim