Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ASP.NET MVC Best Practices malisa ncube


Published on


Published in: Technology
  • Be the first to comment

  • Be the first to like this

ASP.NET MVC Best Practices malisa ncube

  1. 1. ASP.NET MVC [TITLE]Best Practices
  2. 2. WHO’S THIS GUY• Malisa Ncube• Software Engineer at Infectious Diseases Institute (Uganda)• Blogger –• Follow me on Twitter handle - @malisancube• My email is• Leader of Uganda .NET Usergroup #MSOpenDoor• Urban Artist• High sense of humor
  3. 3. AGENDA• ASP.NET MVC Best Practices• A bit of ASP.NET MVC 4 Preview• We’ll see• Conclusion• Q&A
  4. 4. What is ASP.NET MVC?
  5. 5. What is ASP.NET MVC? • Model: The model contains the core information for an application. This includes the data and validation rules as well as data access and aggregation logic. • View: The view encapsulates the presentation of the application, and in ASP.NET this is typically the HTML markup. • Controller: The controller contains the control-flow logic. It interacts with the Model and Views to control the flow of information and execution of the application
  6. 6. What is ASP.NET MVC? (Continued) • Opensource – Released under MSL for Pre release components. • Proven: There are many sites that are using ASP.NET MVC framework and many resources. • Testable: Enables good software development practices.
  7. 7. Practices
  8. 8. 1) Isolate your layers properly. • Use the ViewModel for transmitting data to the view. They should be simple POCO de-normalised objects. • Use the Domain Model Entities for persistence, validation, Behaviours and complex relationships . Mapping with ViewModel can be done with tools like Automapper.
  9. 9. 1) Isolate your layers properly (Continued). • Use Controllers for selecting the view to be shown and not for business logic. • Use the view for displaying Html which will be rendered by the browser. Not for business logic. • Use Services/Repositories for manipulating business objects. Let’s see come code
  10. 10. 2) Use the PRG (PostRedirectGet) pattern • Prevent reposts to the form • Issues an HTTP302 with temporary redirect • Watch out for Json redirects. Check the type of requests. • Use proper verbs [HttpPost], [HttpGet] on you controllers
  11. 11. 3) Secure site from forgery • Confused deputy problem (A confused deputy is a computer program that is innocently fooled by some other party into misusing its authority) • Prevent (cross site request Forgery)CSRF/XSRF • Prevent (cross site request Forgery)CSRF/XSRF With Ajax • Use Anti-forgery helpers for form posts @Html.AntiForgeryToken and ValidateAntiForgeryTokenAttribute which peeks into Request.Form collection for antiforgery token
  12. 12. 4) Make you application testable, maintainable and extensible • Use IoC to make your application testable • Have actual tests for different segments of your application. • You can scaffold the application using NuGet packages like MvcScaffold and include the repository and unit tests. Let’s see come code
  13. 13. 5) Write clean code • Use Action Filters for crosscutting concerns. • - They help clean up your code by giving you a declarative approach to programming, similar to Aspect Oriented programming. More specifically Postsharp. • - Handling errors, Authorisation, Tracing. Let’s see come code
  14. 14. 6) Use strongly typed views • You may decide to inherit behaviour of all views from a certain base class. • Avoid the ViewBag Let’s see come code
  15. 15. 7) JSON endpoints • All JSON endpoints require [HttpPost] to prevent JSON hijacking • hijacking.aspx • - With [HttpPost], returning arrays is allowed.
  16. 16. 8) Performance Tips • Test the application performance. (Fiddler, YSlow) • Optimise /compress your images • Minify your scripts and CSS Let’s see come code
  17. 17. 9) Productivity Tips • Use "Nuget" packages that help with productivity. • ELMAH • MvcScafolding • Create you own nuget packages Let’s see come code
  18. 18. Tips
  19. 19. 1) ASP.NET is still has the power of ASP.NET • You can extend using HttpModules, HttpHandlers • You can use HttpCaching Let’s see come code
  20. 20. 2) Think about globalization from the beginning • Make you application support globalisation if its going to be on the internet. • Don’t forget to make accessibility –
  21. 21. ASP.NET 4.0 Preview
  22. 22. ASP.NET 4.0 Preview• PageInspector• Nuget (Enabling MSBuild and Continuous Integration environments)• Mobile phone support improvements• HTML5 support• Easier deployment + minification (Including cloud deployment)• Asynchronous / Await• Tooling (Page Inspector)• Web Sockets
  23. 23. New Features in ASP.NET MVC 4 Developer Preview
  24. 24. New Features in ASP.NET MVC 4 Developer Preview
  25. 25. Q&A
  26. 26. REFERENCES••• (Phil Haack)•••