1.Define
state management in ASP.NET.
State management is implemented in order to retain information about the user requests. Web pages are stateless. Each request creates new page without retaining any previous information about the user requests. ASP.NET supports several State management techniques to maintain state information.
State management in ASP.NET can be classified into
•Client-side state management
•Server-side state management
View State
1.What is ViewState?
Web forms have very short lifetimes. In ASP.NET, the data that is entered in controls is encoded and stored in a hidden field. This encoded data is then sent with each request and restored to controls in Page_Init. The data in these controls is then available in the Page_Load event. The data that ASP.NET preserves between requests is called the Web form’s view state.
2.How do you enable or disable a ViewState
for a control on the page?
Every
ASP.NET control has a property called EnableViewState. If EnableViewState is
set to true ViewState is enabled for the control. If EnableViewState is set to
false ViewState is disabled for the control.
3.What is the name of the hidden form field
in which ViewState of the page is saved?
__ViewState
4.how to make viewstate secure?
1.EnableViewstateMac=”true” in page directive
2.ViewStateEncryptionMode=”Always”
in Page directive
5.When does ViewState restoration happens?
During the Page_Init event
6.What are the disadvantages of using ViewState?
Performance degradation
and Security Problem
7.Is ViewState encoded?
7.Is ViewState encoded?
Yes, ViewState is encoded inbase-64 format.
8.Can you encrypt ViewState of Page?
Yes, we can use the LosFormatter class to encrypt ViewState of Page.
9.Can the HTML controls retain State accross
postbacks?
No,
by default HTML controls donot retain state accross postbacks.
10.Can you make HTML controls retain State
accross postbacks?
Yes, HTML controls can retain State accross postbacks, if you convert HTML controls to Server Controls.
There are 2 ways to convert HTML control to Server
Controls.
1. Right click on the HTML Control and then click "Run As Server Control"
Or
2. Set runat="server" attribute for the Control.
1. Right click on the HTML Control and then click "Run As Server Control"
Or
2. Set runat="server" attribute for the Control.
11.Can someone view the Page HTML source and
read ViewState?
No. ViewState is base-64 encoded. Hence you cannot read ViewState. If you right click on the Page and View Source you will find __ViewState is base-64 encoded.
12.What happens during the Page_Init event?
The server controls are loaded and initialized from the Web form’s view state. This is the first step in a Web form’s life cycle.
13.Can you programatically store and retrieve
data from ViewState?
Yes. In ASP.NET you can programatically store and retrieve data from ViewState. See the example below
//Save the value in ViewState object
ViewState["SomeVar"] = txtFirstName.text;
//Retrieve the value from ViewState object
String strFirstName = ViewState["SomesVar"].ToString();
Cookies
1.What are Cookies in ASP.NET?
Cookies are small pieces of information stored on the client computer. Use cookies to store small amounts of information on the client’s machine. Web sites often use cookies to store user preferences or other information that is client-specific. Because cookies can be refused, it is important to check whether the browser allows them before you try to create them. They are limited to storing only character data and they are limited to 4K in size.
2.What
are different types of Cookies?
in-memory Cookies
Persistent Cookies
3.What are Session Cookies?
Session cookies are stored in-memory during the client browser session. When the browser is closed the session cookies are lost.
4.What is the difference between Session
Cookies and Persistent Cookies?
Persistent Cookies are same as Session Cookies except that, persistent cookies have an expiration date. The expiration date indicates to the browser that it should write the cookie to the client's hard drive. Keep in mind that because a user can delete cookies from their machine that there is no guarantee that a cookie you "drop" on a user machine will be there the next time they visit your site.
5.What are the advantages of Using Cookies?
1.Cookies do not require any server resources since they are stored on the client.
2.Cookies are easy to implement.
3.You can configure cookies to expire when the browser session ends (session cookies) or they can exist for a specified length of time on the client computer (persistent cookies).
6.What are the disadvantages of Using Cookies?
1.Users can delete a cookies.
2.Users browser can refuse cookies,so your code has to anticipate that possibility.
3.Cookies exist as plain text on the client machine and they may pose a possible security risk as anyone can open and tamper with cookies.
7.How do you create a Cookie that never
expires?
To create a Cookie that never expires set the Expires property of the Cookie object to DateTime.MaxValue.
8.Are Cookies secure?
No, Cookies are not secure. You must pay attention to the type of data you store in cookies.
1.Cookies are not designed to store critical information so storing passwords in a cookie is a bad idea.
2.Keep the lifetime of a cookie as short as practically possible.
3.Encrypt cookie data to help protect the values stored in the cookie.
9.DIFFERENCE BETWEEN SESSION AND COOKIES?
The basic
and main difference between cookie and session is that cookies are stored in
the user's browser but sessions can't store in user's browser. This specifies
which is best used for.
• A cookie can keep all the information in the client's browser until deleted. If a person has a login and password, this can be set as a cookie in their browser so they do not have to re-login to your website every time they visit. You can store almost anything in a browser cookie.
• Sessions are not reliant on the user allowing a cookie. They work like a token in the browser which allowing access and passing information while the user has opened his browser. The problem in sessions is when you close the browser the session will automatically lost. So, if you had a site requiring a login, this couldn't be saved as a session but it can be saved as a cookie, and the user has to re-login every time they visit.
• A cookie can keep all the information in the client's browser until deleted. If a person has a login and password, this can be set as a cookie in their browser so they do not have to re-login to your website every time they visit. You can store almost anything in a browser cookie.
• Sessions are not reliant on the user allowing a cookie. They work like a token in the browser which allowing access and passing information while the user has opened his browser. The problem in sessions is when you close the browser the session will automatically lost. So, if you had a site requiring a login, this couldn't be saved as a session but it can be saved as a cookie, and the user has to re-login every time they visit.
Query Strings
1.What are the advantages of using Query
Strings?
1.Query strings are easy to implement.
2.Browser support for passing values in a query string is nearly universal.
3.Query strings are contained in the HTTP request for a specific URL and do not require server resources.
2.What are the disadvantages of using
querystrings to send data from one page to another?
1.Query strings are insecure because the information in the query string is directly visible to the user on the address line in the browser.
2.Many browsers impose a 255 URL character limit which can limit their flexibility.
3.Give an example to send Query Strings from
code?
You can send query strings from server side code using the Response.Redirect() method as shown below.
Response.Redirect("QueryStrings2.aspx?FName=David&LName=Boon");
4.Difference Between Query String and Sessions?
Querystring
|
Session
|
Session data can be accessed throughout the session.
|
|
Querystring data is visible to user and can be seen in
browser url.
|
Session data is not visible to user.
|
Data is not secured and can be altered hence
insensitive data is stored in querystring.
|
Data is secured hence sensitive data such as user
information is stored.
|
Querystring has constraint of Maxlength.
|
Session does not have such constraint.
|
5.Difference between Query string and
Cookies?
Cookies is a text file stored
on client machine when we surf ant thing on internet by the server
automatically we dont have to create it
Query string is used to transfer data from 1 page to another but this is not safe as it shows in url what data we r sending
pen any site and see url after question mark tht is url
Cookies:Cookies are little pieces of information that a server stores on a browser. They are of two types
1. Temporary cookie
2. Persistent cookie
Temporary cookie: - They are also known as session cookies. These are volatile in nature. When the browser is shutdown they are erased.
Persistent cookie:- These may be called as permanent cookies. These are especially saved in files. It may remain for a month or year.
Query string is used to transfer data from 1 page to another but this is not safe as it shows in url what data we r sending
pen any site and see url after question mark tht is url
Cookies:Cookies are little pieces of information that a server stores on a browser. They are of two types
1. Temporary cookie
2. Persistent cookie
Temporary cookie: - They are also known as session cookies. These are volatile in nature. When the browser is shutdown they are erased.
Persistent cookie:- These may be called as permanent cookies. These are especially saved in files. It may remain for a month or year.
Session State
1.What is a Session?
A Session is a unique instance of the browser. A single user can have multiple instances of the browser running on his or her machine. If each instance visits your Web application, each instance has a unique session. A session starts when a user accesses a page on a Web site for the first time, at which time they are assigned a unique session ID. The server stores the user's session ID in the Session.SessionID property.
2.What is the default session timeout
period?
20 minutes.
3.Where do you generally specify the Session Timeout?
You specify the Session Timeout setting in the web.config file.
4.Can you specify Session Timeout in a
code behind file?
Yes, can specify the Session.Timeout property as shown below in a code behind file.
Session.Timeout = 10;
5.How do you end a user session?
You can call the Session.Abandon() method to end a user session. If a user then tries to access a page the server will assign them a new session ID and it will clear all the previous session variables. You'll typically use Session.Abandon() on log-out pages.
6.What type of data can you store in
Application State and Session State variables?
Application State and Session State variables are used to store data that you want to keep for the lifetime of an application or for the lifetime of a session. You can store any type of data in the Application or Session state, including objects.
7.Are Application State or Session State variables type safe?
No, Application and Session state variables are created on the fly, without variable name or type checking.
8.How do you disable Session state for a Web form?
To turn Session state off for a Web form set EnableSessionState property of the Page to False.
9.What is Session Identifier?
Session Identifier is used to identify session. It has SessisonID property. When a page is requested, browser sends a cookie with a session identifier. This identifier is used by the web server to determine if it belongs to an existing session. If not, a Session ID is generated by the web server and sent along with the response.
10.What are the Session State
Modes?
ASP.NET supports three Session State modes.
•InProc
•State Server
•SQL Server
11.what is the difference between session and viewstate?
Session
State:
Session state is maintained in
session level.
- Session state value is available in all pages within a user session.
- Session state information stored in server.
- Session state persist the data of particular user in the server. This data available till user close the browser or session time completes.
- Session state value is available in all pages within a user session.
- Session state information stored in server.
- Session state persist the data of particular user in the server. This data available till user close the browser or session time completes.
View State:
- View state is maintained in page level only.
- View state of one page is not visible in another page.
- View state information stored in client only.
- View state persist the values of particular page in the client (browser) when post back operation done.
12.what is the difference between
session state and application state?
Session State:
1)Session state is user and browser specific.
2)Session state can be stored in memory on the server as well as client's cookies.
3)If client has disabled cookies in his browser then session state will be stored in URL.
4)Session state has scope to the current browser only. If we change the browser session id is changed.
1)Session state is user and browser specific.
2)Session state can be stored in memory on the server as well as client's cookies.
3)If client has disabled cookies in his browser then session state will be stored in URL.
4)Session state has scope to the current browser only. If we change the browser session id is changed.
Application State:
1)Application state is application specific.
2)Application state is stored only in the memory on the server.
3)Application state does not track client's cookies or URL.
4)Application state has no scope to the current browser. If we change the browser application id remains same.
13.How to add and remove data to
Application State Variables?
//Code to add data to Application State
Application.Add("AppName", "Sample");
//Code to remove data from Application State
Application.Remove("AppName");
14.How do you remove all Application State Variables data?
//Code to remove all Application State Variables data Application.RemoveAll();
No comments:
Post a Comment