Things that Every ASP.NETDeveloper should knowDarren SimMicrosoft MVP (ASP.NET / IIS)Member, Microsoft Developer Guidance ...
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
Fundamentals•   Internet is based on TCP/IP•   World Wide Web is based on HTTP    – HTTP based on Request/Response paradig...
Http RequestGET http://localhost:99/default.aspx HTTP/1.1Accept: */*Accept-Language: en-usUA-CPU: x86Accept-Encoding: gzip...
Http ResponseHTTP/1.1 200 OKCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/7.0X-AspNet-...
How we connect to the internet?                    ISP
IIS Architecture                    Configuration              Application Pool  SvcHost.exe                              ...
Configuration File                                                 Site               Application   Machine.config        ...
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
Fiddler•   Tracing tool specifically for HTTP•   Shows complete request and response (not packets)•   Can save archive of ...
Microsoft Network Monitor•   General network tracing tool for many protocols•   Hooks into network adapters•   See network...
IIS Log Files•   Time Taken (execute, queue, and time to client – IIS 7/6)•   Sub-status codes are very useful for indicat...
Log Parser•   Utility to query IIS log files, event logs, etc•   Query syntax nearly identical to SQL•   Write series of q...
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
Performance CulpritsProblem Statement•   HTTP requests are the biggest web performance killer•   Reduce Requests, massivel...
Performance CulpritsSolution•   Combine all Javascript into one file•   Combine all CSS into one file•   Using MSAjax CDN ...
Reduce & Avoid Requests•   Avoid Response.Redirect    –   Invokes an extra client side HTTP Request•   Use Server.Transfer...
Reduce Page Size•   The smaller the page, the quicker the download•   Especially important in these areas    – Mobile Appl...
Reduce Page Size•   Most Browsers support HTTP Compression    –   GZIP & Deflate    –   IE, Firefox etc•   Drastically red...
HTTP Compression•   Server evaluates the “Accept-Encoding” header for request,    compresses resulting response•   largeGr...
HTTP Compression (cont…)•   IIS 7    –   Can control when to stop using if CPU usage is too high    –   Minimum default fi...
Content Expirations•   Client asks “if-modified-since”•   Small content files it is just as expensive to see if modified a...
Ajax Minifier•   Microsoft Ajax Minifier (Codeplex.com)•   Minimize CSS and JavaScript files    –   Remove whitespace, com...
ETags•   Used for cache validation•   IIS sends the ETag header in response for static files    –   hash:changeNumber•   I...
CSS Sprite•   Combine small images into a single image•   Use CSS to “index” into the larger image•   Often 70-95% of time...
Tracing•   Setup ASP.NET to save information about recent requests•   <trace enabled="true" pageOutput="false" localOnly="...
Tracing (code)
Trace Outputs
Analysis of Trace Output
Error Page Configurations•   <deployment retail=”true” /> (machine.config only)    –   <customErrors mode=”On” />    –   <...
Global.asax Application_Error( )•   Every ASP.NET web site should have this coded to ensure that    unhandled exceptions a...
Validation Controls•   OWASP Top 10    – XSS (Cross Site Scripting)    – SQL Injection•   All input from web controls need...
Caching– Data caching (Cache), cut 50% of our SQL queries which was 72,080,000  less queries each month!– Substitution– Ou...
Yahoo! A List Browsers                        Win XP             Win 7            Mac 10.6.†      iOS 3.†   iOS 4.†   Andr...
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
Reference Model to Guide Architecture Projects
Model for Web 2.0                     Users          Client applications/runtimes           Connectivity/reachability     ...
Basic Service-Consumer Pattern                         Consumed                             via                          i...
Landscape leading to hybrid platforms
Web 2.0 Reference Architecture (basic)
Web 2.0 Reference Architecture (detailed)
Components of a pattern (basic)
Components of a pattern (detailed)
Patterns for Web 2.0•   The Service-Oriented Architecture Pattern•   The Software as a Service (SaaS) Pattern•   The Parti...
Patterns for Web 2.0 (cont…)•   The Synchronized Web Pattern•   The Collaborative Tagging Pattern•   The Declarative Livin...
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
Resources & ReadingsPerformance Managementhttp://www.sitepoint.com/books/aspnetant1/aspnetant1-sample.pdfASP.NET Developer...
itsme@darrensim.com   http://www.facebook.com/darrensim   http://www.twitter.com/darrensim
Upcoming SlideShare
Loading in …5
×

CTU June 2011 - Things that Every ASP.NET Developer Should Know

3,208
-1

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,208
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
34
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

CTU June 2011 - Things that Every ASP.NET Developer Should Know

  1. 1. Things that Every ASP.NETDeveloper should knowDarren SimMicrosoft MVP (ASP.NET / IIS)Member, Microsoft Developer Guidance Web Advisory CouncilDirector, Singapore Software Quality Testing Board (SGTQB)
  2. 2. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  3. 3. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  4. 4. Fundamentals• Internet is based on TCP/IP• World Wide Web is based on HTTP – HTTP based on Request/Response paradigm – Header and body – Stateless – Specification @ http://www.ietf.org/rfc/rfc2068.txt
  5. 5. Http RequestGET http://localhost:99/default.aspx HTTP/1.1Accept: */*Accept-Language: en-usUA-CPU: x86Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506; .NET CLR 1.1.4322; InfoPath.2; .NET CLR 3.5.21022)Host: localhost:99Proxy-Connection: Keep-AlivePragma: no-cache
  6. 6. Http ResponseHTTP/1.1 200 OKCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/7.0X-AspNet-Version: 2.0.50727 HeaderX-Powered-By: ASP.NETDate: Sun, 07 Mar 2010 19:22:19 GMTContent-Length: 686<head><title> Home Page </title></head><body class="basic"> <form name="form1" method="post" action="default.aspx" id="form1"><div><input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"value="/wEPDwULLTE0MDkxNzYwNDNkZKn1tb3qjzVWNrSAgGULkE4nvHPg" /></div> Body <div style="background-color:Blue"> <h3>Home</h3> </div> </form></body></html>
  7. 7. How we connect to the internet? ISP
  8. 8. IIS Architecture Configuration Application Pool SvcHost.exe w3wp.exe WWW Windows Publishing Process Service Activation (W3SVC) Service (WAS)User ModeKernel Mode HTTP.sys
  9. 9. Configuration File Site Application Machine.config Root web.config web.config web.config <system.Web> <system.Web> Applicationhost.config <system.webServer> <system.webServer>*Web.config has a 100Kb file size limit.
  10. 10. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  11. 11. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  12. 12. Fiddler• Tracing tool specifically for HTTP• Shows complete request and response (not packets)• Can save archive of session• Can be used on own machine (ipv4.fiddler, ipv6.fiddler)• Can create own GET requests• Can decrypt SSL traffic!
  13. 13. Microsoft Network Monitor• General network tracing tool for many protocols• Hooks into network adapters• See network frames at multiple levels• Apply filters for specific protocols, IP addresses, etcFree download at http://www.microsoft.com/downloads/en/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en
  14. 14. IIS Log Files• Time Taken (execute, queue, and time to client – IIS 7/6)• Sub-status codes are very useful for indicating the exact problems• Log entries are made AFTER the page execution is complete• Log file entries are always in GMT• Setup cookie, referrer, bytes sent
  15. 15. Log Parser• Utility to query IIS log files, event logs, etc• Query syntax nearly identical to SQL• Write series of queries for site health (HTTP status, time taken, file sizes, down pages, orders, etc)• ASP.NET Response.AppendToLog( )Download Log Parser at http://tinyurl.com/5uoxz
  16. 16. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  17. 17. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  18. 18. Performance CulpritsProblem Statement• HTTP requests are the biggest web performance killer• Reduce Requests, massively improve performance
  19. 19. Performance CulpritsSolution• Combine all Javascript into one file• Combine all CSS into one file• Using MSAjax CDN instead of your own
  20. 20. Reduce & Avoid Requests• Avoid Response.Redirect – Invokes an extra client side HTTP Request• Use Server.Transfer instead
  21. 21. Reduce Page Size• The smaller the page, the quicker the download• Especially important in these areas – Mobile Applications (Windows Mobile, IPhone, 3G Data Card) – Non Broadband Users – Many offices have less capacity than broadband – Developing Countries
  22. 22. Reduce Page Size• Most Browsers support HTTP Compression – GZIP & Deflate – IE, Firefox etc• Drastically reduces page size• Steps – Browser Passes Accept-Encoding in Request Header – Data is compressed and sent to browser – Browser decompresses html• Only GET is compressed, POST IS NOT Compressed
  23. 23. HTTP Compression• Server evaluates the “Accept-Encoding” header for request, compresses resulting response• largeGridView.aspx - 41 frames down to 7• Implemented in February 2003 when about 3% of Fortune 1000 web sites utilized• Used 53% less bandwidth, ~25% faster Keynote measurements• Now use IIS Compression (free)
  24. 24. HTTP Compression (cont…)• IIS 7 – Can control when to stop using if CPU usage is too high – Minimum default file size is 256K – Only static compression is on by defaultDetailed article about enabling IIS 6 compression at http://tinyurl.com/yjdo7w
  25. 25. Content Expirations• Client asks “if-modified-since”• Small content files it is just as expensive to see if modified as to receive content• Setup expiration times for content folders• Avoid requests for files that seldom change (.js, .css, images, etc)• Rename the file if need to override browser caching
  26. 26. Ajax Minifier• Microsoft Ajax Minifier (Codeplex.com)• Minimize CSS and JavaScript files – Remove whitespace, comments, excessive semicolons, etc• Command line, .dll, and build tasks• jQuery-1.4.2.js minimized 55.5%• Test after minimize!• MSBuild Extension Pack (version #)
  27. 27. ETags• Used for cache validation• IIS sends the ETag header in response for static files – hash:changeNumber• IIS 6 – changeNumber – specific to server – Set to 0 with Metabase Explorer, http://tinyurl.com/2agsbtc• IIS 7 – changeNumber - 0 by default – Completely remove header with HttpModule
  28. 28. CSS Sprite• Combine small images into a single image• Use CSS to “index” into the larger image• Often 70-95% of time taken for a user is time requesting components (images, .css, .js)• Reduce the number of requests**Free CSS Sprite generator at http://spritegen.website-performance.org/
  29. 29. Tracing• Setup ASP.NET to save information about recent requests• <trace enabled="true" pageOutput="false" localOnly="false" requestLimit="2" mostRecent="true" />• /Trace.axd
  30. 30. Tracing (code)
  31. 31. Trace Outputs
  32. 32. Analysis of Trace Output
  33. 33. Error Page Configurations• <deployment retail=”true” /> (machine.config only) – <customErrors mode=”On” /> – <compilation debug=”false” /> – <tracing enabled=“false” />• External config files (no restart)
  34. 34. Global.asax Application_Error( )• Every ASP.NET web site should have this coded to ensure that unhandled exceptions are caught and logged• HKLMSystemCurrentControlSetServicesEventLogApplication and add key for source• Use <customErrors mode=“On” /> to redirect to a down page
  35. 35. Validation Controls• OWASP Top 10 – XSS (Cross Site Scripting) – SQL Injection• All input from web controls needs to be verified• Leverage client validation for user experience but must validate on the server• Common validators – RequiredFieldValidator – RangeValidator – RegularExpressionValidator – CompareValidator – CustomValidator
  36. 36. Caching– Data caching (Cache), cut 50% of our SQL queries which was 72,080,000 less queries each month!– Substitution– Output caching (shared)– Don’t cache page (set specific cache ability) • Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache);
  37. 37. Yahoo! A List Browsers Win XP Win 7 Mac 10.6.† iOS 3.† iOS 4.† Android 2.2.†Safari 5.† A-gradeChrome † (latest A-gradestable) A-grade (upon GA A-grade (upon GAFirefox 4.† release) release)Firefox 3.6.† A-grade A-grade A-grade A-grade (upon GAIE 9.0 release)IE 8.0 A-grade A-gradeIE 7.0 A-gradeIE 6.0 A-gradeSafari for iOS A-grade A-gradeWebKit for Android A-gradeOSComplete list available at http://developer.yahoo.com/yui/articles/gbs/
  38. 38. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  39. 39. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  40. 40. Reference Model to Guide Architecture Projects
  41. 41. Model for Web 2.0 Users Client applications/runtimes Connectivity/reachability Services Capabilities
  42. 42. Basic Service-Consumer Pattern Consumed via internet Service Client Applications Provides View Offered as Interface Capability
  43. 43. Landscape leading to hybrid platforms
  44. 44. Web 2.0 Reference Architecture (basic)
  45. 45. Web 2.0 Reference Architecture (detailed)
  46. 46. Components of a pattern (basic)
  47. 47. Components of a pattern (detailed)
  48. 48. Patterns for Web 2.0• The Service-Oriented Architecture Pattern• The Software as a Service (SaaS) Pattern• The Participation-Collaboration Pattern• The Asynchronous Particle Update Pattern• The Mashup Pattern• The Rich User Experience Pattern
  49. 49. Patterns for Web 2.0 (cont…)• The Synchronized Web Pattern• The Collaborative Tagging Pattern• The Declarative Living and Tag Gardening Pattern• The Semantic Web Grounding Pattern• The Persistent Rights Management (PRM) Pattern• The Structured Information Pattern
  50. 50. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  51. 51. AGENDAHTTP and Web Server FundamentalsDebugging and Analysis ToolsDevelopment TechniquesPatterns & Practices
  52. 52. Resources & ReadingsPerformance Managementhttp://www.sitepoint.com/books/aspnetant1/aspnetant1-sample.pdfASP.NET Developer Guidance Maphttp://www.darrensim.com
  53. 53. itsme@darrensim.com http://www.facebook.com/darrensim http://www.twitter.com/darrensim
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×