Question 151 – What is
an ASP.NET Application and Page Life Cycle?
ASP.NET creates an
environment which can process the request. i.e. creates application object,
request, response and context objects
Once environment is created, the request is processed through a series of events which is processed by using modules, handlers and page objects. MHPM (Module, handler, page and Module event)
Once environment is created, the request is processed through a series of events which is processed by using modules, handlers and page objects. MHPM (Module, handler, page and Module event)
Question 152 – What are the Steps for ASP.net environment creation?
Step
1 IIS checks which ISAPI extension can server and pass to
respective. e.g. aspx page to aspnet_isapi.dll
Step 2 If first request then ApplicationManager creates a Application Domain.
Step 3 App Domain will create hosting environment (HttpRuntime) object, then core objects like HttpContext, HttpRequest and HttpResponse will be created.
Step 4 Once core objects created, HttpApplication is created, if global.aspx is available then object for that will be created. global.asax file inherits from ‘HttpApplication’ class
Step 5 The HttpApplication object is then assigned to the core ASP.NET objects(HttpContext, HttpRequest and HttpResponse) to process the page.
Step 6 HttpApplication then starts processing the request by the following format HTTP module events, handlers and page events. (MHPM)
Step 7 (M: HttpModule): Client request processing starts. Used when we want to inject logic in events of ASP.NET pipeline. It is an event based processor. 6 important events we can utilize before page object is created BeginRequest, AuthenticateRequest, AuthorizeRequest, ResolveRequestCache, AcquireRequestState and PreRequestHandlerExecute.
Step 8 (H: ‘HttpHandler’): Used when we want to inject logic based in file extensions like ‘.ASPX’, ‘.HTML’. It is an extension based processor. Once above 6 events fired, ASP.NET engine will invoke ProcessRequest event.
Step 9 (P: ASP.NET page): ASP.NET page object will be created. There are 6 important events - Init, Load, validate, event, render and unload. SILVER to remember the events S – Start , I – (Init) , L (Load) , V (Validate), E (Event) and R (Render).
Step 10 (M: HttpModule): Once the page object is executed and unloaded from memory, HttpModule provides post page execution events which can be used to inject custom post-processing logic. There are 4 important post-processing events PostRequestHandlerExecute, ReleaserequestState, UpdateRequestCache and EndRequest.
Step 2 If first request then ApplicationManager creates a Application Domain.
Step 3 App Domain will create hosting environment (HttpRuntime) object, then core objects like HttpContext, HttpRequest and HttpResponse will be created.
Step 4 Once core objects created, HttpApplication is created, if global.aspx is available then object for that will be created. global.asax file inherits from ‘HttpApplication’ class
Step 5 The HttpApplication object is then assigned to the core ASP.NET objects(HttpContext, HttpRequest and HttpResponse) to process the page.
Step 6 HttpApplication then starts processing the request by the following format HTTP module events, handlers and page events. (MHPM)
Step 7 (M: HttpModule): Client request processing starts. Used when we want to inject logic in events of ASP.NET pipeline. It is an event based processor. 6 important events we can utilize before page object is created BeginRequest, AuthenticateRequest, AuthorizeRequest, ResolveRequestCache, AcquireRequestState and PreRequestHandlerExecute.
Step 8 (H: ‘HttpHandler’): Used when we want to inject logic based in file extensions like ‘.ASPX’, ‘.HTML’. It is an extension based processor. Once above 6 events fired, ASP.NET engine will invoke ProcessRequest event.
Step 9 (P: ASP.NET page): ASP.NET page object will be created. There are 6 important events - Init, Load, validate, event, render and unload. SILVER to remember the events S – Start , I – (Init) , L (Load) , V (Validate), E (Event) and R (Render).
Step 10 (M: HttpModule): Once the page object is executed and unloaded from memory, HttpModule provides post page execution events which can be used to inject custom post-processing logic. There are 4 important post-processing events PostRequestHandlerExecute, ReleaserequestState, UpdateRequestCache and EndRequest.
Question 153 – What is
the ASP.NET Page Life Cycle?
|
Section
|
Event
|
Description
|
|
HttpModule
|
BeginRequest
|
Signals a new
request; guaranteed to be raised on each request.
|
|
HttpModule
|
AuthenticateRequest
|
Signals Asp.Net
runtime is ready to authenticate the user.
|
|
HttpModule
|
AuthorizeRequest
|
Signals Asp.Net
runtime is ready to authorize the user.
|
|
HttpModule
|
ResolveRequestCache
|
Asp.Net runtime
determines Page can be loaded from Cache or to load completely. Caching
logic can be implemented here.
|
|
HttpModule
|
AcquireRequestState
|
Signals Asp.Net
runtime is ready to acquire session variables.
|
|
HttpModule
|
PreRequestHandlerExecute
|
Before handling over
the control to handler if we needed to perform any tasks.
|
|
HttpHandler
|
ProcessRequest
|
Write logic which
needs to be executed as per page extensions.
|
|
Page
|
Init
|
Creating controls
dynamically, in case you have controls to be created on runtime. Any
setting initialization. Master pages and the settings. We do not have access
toviewstate, postedvalues and neither the controls are initialized.
|
|
Page
|
Load
|
Asp.Net controls are
fully loaded and write UI manipulation logic.
|
|
Page
|
Validate
|
Any valuators on
your page, If we like to check the same here.
|
|
|
Render
|
Like to make some
changes to the final HTML which is going out to the browser, you can
enter your HTML logic here.
|
|
Page
|
Unload
|
Page object is
unloaded from the memory.
|
|
HttpModule
|
PostRequestHandlerExecute
|
Any logic you would
like to inject after the handlers are executed.
|
|
HttpModule
|
ReleaserequestState
|
Like to save update
some state variables like session variables.
|
|
HttpModule
|
UpdateRequestCache
|
Before you end, if
you want to update your cache.
|
|
HttpModule
|
EndRequest
|
Last stage before
your output is sent to the client browser.
|
Question 154 – What is
a Directive in ASP.Net?
Directives specify settings that are used by
the page and user-control compilers when the compilers process ASP.NET Web
Forms pages and user control files. There are 11 types of directives in asp.net
and are as follows
·
@Page - Enables you to
specify attributes and values for an Asp.Net Page to be used when the page is
parsed and compiled.
·
@Master - It is quite
similar to the Page directive. The Master directive belongs to Master Pages
that is .master files.
·
@Control - It is used
when we build an Asp.Net user controls. The @Control directive helps us to
define the properties to be inherited by the user control. These values are
assigned to the user control as the page is parsed and compiled.
·
@Register - Associates
aliases with namespaces and classes, which allow user controls and custom
server controls to be rendered when included in a requested page or user
control.
·
@Reference -
Links a page, user control, or COM control to the current page or user control
declaratively.
·
@PreviousPageType -
Creates a strongly typed reference to the source page from the target of a
cross-page posting.
·
@OutputCache - It
controls the output caching policies of the Asp.Net page or user control.
·
@Import - Imports a
namespace into a page or user control explicitly.
·
@Implements - It gets
the Asp.Net page to implement a specified .NET framework interface.
·
@Assembly - It is used
to make your ASP.NET page aware of external components.
·
@MasterType - To
access members of a specific master page from a content page, you can create a
strongly typed reference to the master page by creating a @MasterType
directive.
Question 155 – What
are the different Validation Controls in ASP.Net?
·
Required Field
Validator – Makes an input control as a required field.
·
Range Validator – Check
that the users input falls under a specific range.
·
Compare Validator –
Compare the value of 1 input control to other input control or to fixed value.
·
Regular Expression
Validator – Ensure the value of 1 input control matches a specified pattern.
·
Custom Validator – we
can write our own validation logic, e.g. we can check for values at run time.
·
Validation Summary –
Displays report of all the validation errors of current page.
Question 156 – What is
the Difference between User Control and Custom Control?
|
User Controls
|
Custom Controls
|
|
Easier to create
|
Harder to create
|
|
Complied at runtime
|
Pre-complied control
|
|
Cannot be added to tool box
|
Can be added to toolbox
|
|
Good for Static layout
|
Good for dynamic layout
|
|
Not complied in to dll
|
Complied into dll
|
|
HTML Design(Visual Design possible)
|
No Visual Design, HTML needs to be declared
programmatically
|
|
One user control cannot be used in different
projects
|
one custom control can be used in different
projects
|
Question 157 – What is the Difference between Client Side and Server Side Code?
|
Client Side
|
Server Side
|
|
Code is written in a
scripting language such as JavaScript andHTML
|
Code is written in
VB, C# or other compiled languages
|
|
The browser itself
executes the code in response to a user action and no server round trip
is involved
|
Code is executed by
the server during a roundtrip in response to a user request or action
|
|
Client browser
executes code to dynamically modify the HTML.This is called Dynamic HTML
|
The server executes
server side code and returns HTML code tothe client browser for display
|
|
Code is script and
therefore it is interpreted
|
Code is either
compiled dynamically or precompiled into assemblies
|
Question 158 – What is
the Difference between Server.Transfer and Response.Redirect?
|
Server.Transfer
|
Response.Redirect
|
|
There is no Round
trip
|
There is a Round
trip
|
|
Previous page values
are accessible
|
Previous page values
are not accessible
|
|
Performance wise its
better
|
Less performance
|
|
Information can be
preserved in Server transfer through aparameter called preserveForm
|
A state can be
maintained in Response redirect but has a lot ofdrawbacks
|
Question 159 – What
are the different IIS Isolation Levels in ASP.Net?
IIS5 supports three isolation levels
·
Low (IIS Process)
§ ASP pages run in INetInfo.Exe, the main IIS
process
§ ASP crashes, IIS crashes
·
Medium (Pooled)
§ ASP runs in a different process, which makes
this setting more reliable
§ If ASP crashes IIS won't.
·
High (Isolated)
§ Each ASP application runs out-process in its
own process space
§ If an ASP application crashes, neither IIS nor
any other ASP application will be affected
Question 160 – What are the different Authentication Modes available in ASP.Net?
·
Windows
·
Form
·
Passport
·
None
Question 161 – What is
Windows Authentication Mode in ASP.Net?
Windows Authentication mode relies upon IIS to
perform the required authentication of a client. After IIS authenticates a
client, it passes a security token to ASP.NET.
Question 162 - What are the advantages and disadvantages of Windows Authentication Mode?
Advantages -
Authenticates using Windows accounts, so you do not need to write any custom
authentication code.
Disadvantages - May require the use and management of individual Windows user accounts.
Disadvantages - May require the use and management of individual Windows user accounts.
Question 163 – What is Form Authentication Mode in ASP.Net?
Form Authentication is an authentication
scheme that makes it possible for the application to collect credentials using
an HTML form directly from the client. If your application authenticates the
client, it issues a cookie to the client
Question 164 - What are the advantages and disadvantages of Form Authentication Mode?
Advantages - Makes it
possible for custom authentication schemes using arbitrary criteria. Can be
used for authentication or personalization. It does not require corresponding
Windows accounts.
Disadvantages - Is subject to replay attacks for the lifetime of the cookie, unless using SSL/TLS. Is only applicable for resources mapped to Aspnet_isapi.dll.
Disadvantages - Is subject to replay attacks for the lifetime of the cookie, unless using SSL/TLS. Is only applicable for resources mapped to Aspnet_isapi.dll.
Question 165 – What is Passport Authentication Mode in ASP.Net?
Passport Authentication is a centralized
authentication service provided by Microsoft that offers a single logon. When
register with Passport, the Passport service grants a site-specific key. The
server uses this key to encrypt and decrypt the query strings passed between
the site and the Passport logon server.
Question 166 - What are the advantages and disadvantages of Passport Authentication Mode?
Advantages - Supports
single sign-in across multiple domains. It is Compatible with all
browsers.
Disadvantages - Places an external dependency for the authentication process.
Disadvantages - Places an external dependency for the authentication process.
Question 167 – What is None Authentication Mode in ASP.Net?
None Authentication Mode is used when users
are not authenticated at all or if you plan to develop custom authentication
code.
Question 168 - What are the advantages and disadvantages of None Authentication Mode?
Advantages - Offers
total control of the authentication process providing the greatest flexibility.
It also provides the highest performance if you do not implement an
authentication method.
Disadvantages - Custom-built authentication schemes are seldom as secure as those provided by the operating system. It requires extra work to custom-build an authentication scheme.
Disadvantages - Custom-built authentication schemes are seldom as secure as those provided by the operating system. It requires extra work to custom-build an authentication scheme.
Question 169 – What are the different IIS authentications available?
IIS provides a variety of authentication
schemes:
·
Anonymous (enabled by
default) - Anonymous authentication gives users access to the public areas of
your Web site without prompting them for a user name or password.
·
Basic - username and
password are transmitted in clear text
·
Digest - username and
password are transmitted with encrypted format
·
Integrated Windows
authentication (enabled by default) - NTLM authentication/ Kerberos V5
·
Client Certificate
Mapping - A certificate is a digitally signed statement that contains
information about an entity and the entity's public key, thus binding these two
pieces of information together.
Question 170 – What is an Event Bubbling?
Server Controls like
DataGrid, DataGridView, DataList etc have other controls inside
them.
A control can participate in event bubbling through two methods that it inherits from the base class System.Web.UI.Control. These methods are OnBubbleEvent and RaiseBubbleEvent.
Example an DataGridView can have an Textbox or an button inside it. These Child Controls cannot raise events by themselves, but they pass the event to the parent control (DataGridView), which is passed to the page as “ItemCommand” event. This process is known as Event Bubbling.
A control can participate in event bubbling through two methods that it inherits from the base class System.Web.UI.Control. These methods are OnBubbleEvent and RaiseBubbleEvent.
Example an DataGridView can have an Textbox or an button inside it. These Child Controls cannot raise events by themselves, but they pass the event to the parent control (DataGridView), which is passed to the page as “ItemCommand” event. This process is known as Event Bubbling.
Question 171 – What
are the differences between Machine.Config and a Web.Config files in Asp.Net?
|
Web.config
|
Machine.config
|
|
Machine level
configuration
|
Application/folder
level configuration
|
|
Can have more than
one Web.config
|
Only one
Machine.config
|
|
Web.config overrides
the machine.config file
|
Same
|
|
Automatically
installed when installing Visual Studio.
|
Created when
creating an ASP.Net web application
|
Question 172 – What is
an Authentication?
Authentication is a process of identifying a
user based on their credentials (means user id and password). There are 5 types
of authentication and are as below.
·
Password based
authentication
·
Device based
authentication
·
Biometric
Authentication
·
Retina Scanners
·
Hand Scanners
Question 173 – What is an Authorization?
Authorization is a process of determining
whether an authenticated user is allowed to access a specific resource or not.
Question 174 – What is an Impersonation?
·
It is the process of
executing code in the context of another user identity.
·
It is the mechanism in
the ASP.NET which decide under which account web application should be run.
·
By default
Impersonation is off, we need to enable it in Web.config file.
·
By default all the
ASP.NET applications run under the ASP.NET user account. If you set the
impersonation to TRUE in the Web.config file then that application runs under
the current user's account who has logged in that machine. <identity
impersonate="true" />
·
We can use the
impersonation in this two scenarios:
§ To give each web application different
permissions.
§ To use existing Windows user permission.
·
These two scenario are
fundamentally different. In the first one, impersonation defines a single,
specific account. In this case, no matter what user access the application, and
no matter what type of user-level security you use, the code will run under the
account you've set. In the second one, the user must be authenticated by IIS.
The web-page code will then execute under the identity of the appropriate user.
Question 175 – What is Autopostback event in ASP.Net?
It is the mechanism,
by which the page will be posted Back to the server automatically based on some
events in the web controls.
Example - Dropdown Box web control has the property autopostback, if we set the property to true, when ever user selects a different value in the combo box, and event will be fired in the server. i.e. a request will be send to the server.
Autopostback - Property of the control
IsPostback - Property of the Page class
IsPostback is a property which returns Boolean value. It checks weather the page is posted back or not.
Example - Dropdown Box web control has the property autopostback, if we set the property to true, when ever user selects a different value in the combo box, and event will be fired in the server. i.e. a request will be send to the server.
Autopostback - Property of the control
IsPostback - Property of the Page class
IsPostback is a property which returns Boolean value. It checks weather the page is posted back or not.
Question 176 – What is Tracing in ASP.Net
Tracing is a way to
monitor the execution of your ASP.NET application. You can record exception
details and program flow in a way that doesn't affect the program's
output.
Page level Tracing - Enabled on a page-by-page basis by adding "Trace=true" to the Page directive
Application Tracing - You can enable tracing for the entire application by adding tracing settings in web.config. In below example, pageOutput="false" and requestLimit="20"
Page level Tracing - Enabled on a page-by-page basis by adding "Trace=true" to the Page directive
Application Tracing - You can enable tracing for the entire application by adding tracing settings in web.config. In below example, pageOutput="false" and requestLimit="20"
Question 177 – What is Scavenging?
It is the process of deleting items from the
cache when memory is scarce. Items are removed when they have not been accessed
in some time or when items are marked as low priority when they are added to
the cache. ASP.NET uses the CacheItemPriority object to determine which items
to scavenge first. CacheItemPriority.High assigns a priority level to an item
so that the item is least likely to be deleted from the cache.
Question 178 – What are Trace Listeners?
·
It is a class that
listens for trace and debug messages from .NET applications.
·
Display messages to
users by writing messages to files.
·
It can modify messages
before displaying them, or even we can filter out the messages
·
It is common practice
to simply log the message with possibly some formatting for easy readability.
·
It is derived from the
System.Diagnostics.TraceListener base class.
·
The .NET Framework
ships with three trace listeners:
§ EventLogTraceListener - logging messages to
event logs.
§ DefaultTraceListener - logging messages to
standard debug output such as debuggers.
§ TextWriterTraceListener - logging messages to
text files.
Question 179 – What is the difference between Respose.Write and Response.Output.Write?
|
Response.Output.Write
|
Respose.Write
|
|
Formatted output
will be displayed.
|
unformatted output
will be displayed.
|
|
It gives
String.Format-style formatted output.
|
It never gives like
that.
|
|
It writes the HTTP
Output Stream.
|
It writes the text
stream
|
|
As per specified
options it formats the string and then write to web page.
|
It just output a
string to web page.
|
Question 180 – What is
SmartNavigation?
·
It is the property
that enables the individual controls to maintain focus between PostBack
·
The features of
SmartNavigation property are namely:
·
Maintaining element
focus between post backs
·
Eliminate page flash
caused by page post back
·
Prevents each post
back from being saved in the browser history
·
The scroll position of
a Web page is maintained after PostBack.
·
Only the most recent
Web page state is retained in the Web browser history folder.
Question 181 - What is
a State Management in ASP.Net?
State management is the process by which you
maintain state and page information over multiple requests for the same or
different pages. There are 2 types State Management:
·
Client – Side State
Management
·
Server – Side State
Management
Question 182 - What are the different management objects available with Client & Server Side Stage Management?
Client – Side State
Management
·
View
State – Asp.Net uses
View State to track the values in the Controls. You can add custom values to
the view state. It is used by the Asp.net page framework to automatically save
the values of the page and of each control just prior to rendering to the page.
When the page is posted, one of the first tasks performed by page processing is
to restore view state.
·
Control
State – If you create
a custom control that requires view state to work properly, you should use
control state to ensure other developers don’t break your control by disabling
view state.
·
Hidden
fields – Like view
state, hidden fields store data in an HTML form without displaying it in the
user's browser. The data is available only when the form is processed.
·
Cookies – Cookies store a value in the user's browser
that the browser sends with every page request to the same server. Cookies are
the best way to store state data that must be available for multiple Web pages
on a web site.
·
Query
Strings - Query strings
store values in the URL that are visible to the user. Use query strings when
you want a user to be able to e-mail or instant message state data with a URL.
Server – Side State
Management
·
Application
State - Application
State information is available to all pages, regardless of which user requests
a page.
·
Session
State –Information is
available to all pages opened by a user during a single visit.
Both application state and session state
information is lost when the application restarts. To persist user data between
application restarts, you can store it using profile properties.
Question 183 - How to Pass values between pages?
We can use one of the below options to pass
value between 2 pages in ASP.Net.
·
If the value is a
String then we can use either one of the following: QueryString, PostBack,
Cookies, Session, Cache, Application, Database
·
If the value is a
Dataset or an object then we can use either one of the following: (Assuming DTO
object not serialized) - Session, Application, Cache
Question 184 - What is a View State?
·
It is a built-in
structure for automatically retaining values amongst multiple requests for the
same page.
·
The viewstate is
internally maintained as a hidden field on the page but is hashed.
·
View State is used to
retain the state of server-side objects between post backs.
·
Controls perform well
- Label, TextBox, CheckBox, RadioButton, and HyperLink
·
Controls perform less
- DropDownList, ListBox, DataGrid, and DataList because of size and large data.
·
Making roundtrips to
the server.
·
Item stored in
Viewstate exist for the life of the current page. This includes PostBack (to
the same page).
Question 185 - What are the Benefits of ViewState?
·
No server resources
are required.
·
The values in view
state are hashed, compressed, and encoded, thus representing a higher state of
security than hidden fields
·
It is good for caching
data in Web frame configurations because the data is cached on the client
·
Simple to use
Question 186 - What
are the Limitations of ViewState?
·
Page loading and
posting performance decreases when large values are stored.
·
Although view state
stores data in a hashed format, it can still be tampered because it is stored
in a hidden field on the page.
Question 187 - What is an EnableViewState in ASP.Net?
·
EnableViewState turns
on the automatic state management feature that enables server controls to
re-populate their values on a round trip.
·
Through
EnableViewState=true /false we can define whether we have to maintain values of
control in hidden fields when page is posted back again and again
·
For example, if you
are binding a control to data on every round trip then you do not need the
control to maintain its view state, since you will wipe out any re-populated
data in any case.
·
Viewstate is enabled
for all server controls by default. To disable it, set the EnableViewState
property of the control to false.
Question 188 - What are Hidden Fields in ASP.Net?
·
These are html input
control with hidden type that store hidden data in the html.
·
The data stored in
hidden field is available when form processed on the server or using
JavaScript.
·
Syntax - <input
type="hidden" name="EVENTTARGET"
id="EVENTTARGETID" value="" />
·
Can store only one
value in their value property. The value is saved as a string so we need to
Typecast.
·
There are two types of
server control hidden fields -
§ System.Web.UI.WebControls.HiddenField
§ System.Web.UI.HtmlControls.HtmlInputHidden.
Question 189 - What are the Benefits of Hidden Fields in ASP.Net?
·
Easy to implement
·
Hidden fields are
supported by all browsers
·
Faster access of
information because data is stored on client side
·
No server resources
are required.
Question 190 - What are the Limitations of Hidden Fields in ASP.Net?
·
Not secure because the
data is stored on Client side so can be tampered creating a security hole
·
Decreases page
performance if too many hidden fields(large data’s)
·
Only support single
value and do not support rich structures as HTML.
·
Have to work around
with delimiters etc to handle complex structures.
Question 191 - What
are Hidden Frames in ASP.Net?
·
A hidden frame is a
frame with 0 width and height, so that no one can see it.
·
You can run programs
in there when you need to make a round trip to the server so that your main
frame does not refresh.
·
To create one, you
just use a frameset tag
·
A hidden frame is a
complete document, e.g. IFRAME, that is not visible.
Question 192 - What are the Benefits of Hidden Frames in ASP.Net?
·
Hidden frames allow
you to cache more than one data field.
·
The ability to cache
and access data items stored in different hidden forms.
Question 193 - What are the Limitations of Hidden Frames in ASP.Net?
·
Not supported by all
browsers
·
Stored data is not
secured as it is stored on client's machine in the form of hidden fields.
Question 194 - What is a Cookie in ASP.Net?
·
It is a small bit of
text that accompanies requests and pages as they go between the server and
browser.
·
The cookie contains
information the Web application can read whenever the user visits the site.
·
It provide a useful
means in Web applications to store user-specific information.
·
Cookies are associated
with a Web site, not with a specific page, so the browser and server will exchange
cookie information no matter what page the user requests from your site.
·
Most browsers support
cookies of up to 4096 bytes.
·
Most browsers allow
only 20 cookies per site, so if you try to store more, the old cookies are
discarded.
·
Maximum 300 cookies can
be stored that will be accepted from all sites combined.
Question 195 - What are the examples of Cookie usage in ASP.Net?
·
Cookies are used for
all sorts of purposes, all relating to helping the Web site remember you.
·
For example, a site
conducting a poll might use a cookie simply as a Boolean value to indicate
whether your browser has already participated in voting so that you don't vote
twice.
·
A site that asks you
to log on might use a cookie to tell itself that you've already logged on so
that you don't have to keep entering your credentials.
Question 196 - What
are the Types of Cookies in ASP.Net?
·
Persistent - Means the
cookie will be expired as soon as the application is closed
·
Non Persistent - Even
the application is closed the data will be remained as per the cookie timeout
value.
Question 197 - What are the Benefits of Cookies in ASP.Net?
·
They are simple to
use.
·
Light in size, thus
occupy less memory.
·
Stores server
information on client side
·
Data need not to be
sent back to server.
·
Cookies persist for
much longer period of time than a session.
Question 198 - What are the Limitations of Cookies in ASP.Net?
·
Since they are stored
on the client side in plain text, they are not secure.
·
Number of cookies that
can be stored and their size is limited.
·
They don't work if
security level is set too high in browser.
·
Some people might just
disable cookies on their browsers.
Question 199 - What is the relation between Cookies and Session State?
·
By default, ASP.NET
uses a non-persistent cookie to store the session state.
·
If a user has disabled
cookies on the browser, Session state cannot use a cookie to store the session
ID and Session state doesn't work. - No cookie, No Session state.
Question 200 - What is a Cookieless Session in ASP.Net?
You can configure your
application to store Session IDs not in a cookie, but in the URLs of pages in
your site. By keeping the Session ID in the URL, ASP.NET stores the ID in the
browser, in a manner of speaking, and can get it back when the user requests
another page. Cookieless sessions can get around the problem of a browser that
refuses cookies and allow you to work with Session state.
However, under some limited circumstances, if the user shares the URL with someone else — perhaps to email the URL to a colleague while the user's session is still active — then both users might end up sharing the same session, with unpredictable results.
However, under some limited circumstances, if the user shares the URL with someone else — perhaps to email the URL to a colleague while the user's session is still active — then both users might end up sharing the same session, with unpredictable results.
No comments:
Post a Comment