Z.ASP.Net MVC FAQ

Version History

What are the differences in different version of ASP.Net MVC

MVC Architecture

ASP.Net Web Forms Vs ASP.Net MVC

MVC Design pattern further augment ASP.Net web forms by implementing Front Controller pattern that provides very high level of abstraction and implement saparation of concerns like model (data) view and business logic (controller) and testing. http://www.dotnetcurry.com/showarticle.aspx?ID=370

What is the purpose of mustache.js

It is template library used by MVC infrastructure to build UI templates.

How Browser request are mapped to controller

Each browser request are mapped to controller via a route map that gets registered and loaded during application start up in global.asax file

What does the Web.Config file do in the views folder of a MVC project

ASP.Net MVC Security

How to secure an MVC application

To secure controllers or actions, the Authorize attribute has been provided (which can be applied globally as shown below). Read more on blogs.msdn.com

How ASP.Net security is different than MVC security.

ASP.Net uses page level security while MVC uses controller and action level security

What is Cross-Site Request Forgery and how MVC application can be prevented.

It is a hacking techniques in if user logged in to targeted website and a link is provided to client via some email or ad and once user clicked on it browser send the request to server with authentication cookies browser already have and server thinks that it is a valid request. http://www.veracode.com/security/csrf.

MVC provide a Anti Forgery Token system that can be applied to sensitive operation.

  1. http://blog.stevensanderson.com/2008/09/01/prevent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/

  2. https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet

Performance

What is the purpose of System.Web.Optimization namespace.

The System.Web.Optimization namespace includes classes that support Content Delivery Networks (CDN) and the process of optimizing JavaScript and cascading style sheet (CSS) files in a website to reduce file size and improve page performance. The classes in this namespace enable developers to carry out bundling and minification tasks to optimize their JavaScript and CSS files.

Deployment

How to deploy MVC application in the cloud.

Azure provides a publishing profile that VS can use to deployment