pro asp.net mvc 3 framework : [build the most maintainable ... · introducing the routing system...
TRANSCRIPT
Pro ASP.NET MVC 3
FrameworkThird Edition
ADAM FREEMAN
STEVEN SANDERSON
ApressB
Contents
J
About the Authors xxiii
About the Technical Reviewer xxiv
Acknowledgments xxv
Part 1: Introducing ASP.NET MVC 3 1
Chapter 1: What's the Big Idea? 3
A Brief History of Web Development 3
Traditional ASP.NET Web Forms 5
What's Wrong with ASP.NET Web Forms? 6
Web Development Today 7
Web Standards and REST 7
Agile and Test-Driven Development 7
Ruby on Rails 8
Sinatra 8
Node.js 9
Key Benefits of ASP.NET MVC 9
MVC Architecture 10
Extensibility 10
Tight Control over HTML and HTTP 11
Testability 11
Powerful Routing System 11
Built on the Best Parts of the ASP.NET Platform 12
Modern API 12
ASP.NET MVC Is Open Source 13
Who Should Use ASP.NET MVC? 13
Comparisons with ASP.NET Web Forms 13
Migrating from Web Forms to MVC 14
Comparisons with Ruby on Rails 14
Comparisons with MonoRail 14
What's New in ASP.NET MVC 3 15
Summary 15
Chapter 2: Getting Ready 17
Preparing the Workstation,
17
Installing Visual Studio 2010 17
Installing the Essential Software 19
Installing Optional Components 21
Preparing the Server 22
Enabling the Web Server Role 23
Installing Additional Components 25
Setting up Web Deployment ,26
Getting Further Information 30
Summary 30
Chapter 3: Your First MVC Application 31
Creating a New ASP.NET MVC Project .31
Adding the First Controller 33
Understanding Routes 36
Rendering Web Pages 37
Creating and Rendering a View 37
Adding Dynamic Output 41
Creating a Simple Data-Entry Application 42
Setting the Scene 42
Designing a Data Model 43
Linking Action Methods 44
Building the Form 47
Handling Forms 51
Adding Validation 54
Completing the Example 59
Summary 61
Chapter 4: The MVC Pattern 63
The History of MVC 63
Understanding the MVC Pattern 64
Understanding the Domain Model 64
The ASP.NET Implementation of MVC 65
Comparing MVC to Other Patterns 66
Understanding the Smart Ul Pattern 66
Applying Domain-Driven Development 69
Modeling an Example Domain 70
Ubiquitous Language 70
Aggregates and Simplification 71
Defining Repositories 73
Building Loosely Coupled Components 73
Using Dependency Injection 74
An MVC-Specific Dependency Injection Example 76
Using a Dependency Injection Container 77
Getting Started with Automated Testing 78
Understanding Unit Testing 78
Understanding Integration Testing 87
Summary, 88
Chapter 5: Essential Language Features 89
Essential C# Features 89
Using Automatically Implemented Properties 89
Using Object and Collection Initializers 92
Using Extension Methods 94
Using Lambda Expressions 99
Using Automatic Type Inference 101
Using Anonymous Types 102
Performing Language Integrated Queries 103
Understanding Razor Syntax 110
Creating the Project 110
Examining a Basic Razor View 114
Summary 124
Chapter 6: Essential Tools for MVC .125
Using Ninject 125
Creating the Project 128
Getting Started with Ninject 129
Creating Chains of Dependency 130
Specifying Property and Parameter Values 132
Using Self-Binding 133
Binding to a Derived Type 134
Using Conditional Binding 135
Applying Ninject to ASP.NET MVC 137
Unit Testing with Visual Studio 138
Creating the Project 139
Creating Unit Tests 141
Running the Unit Tests (and Failing) 146
Implementing the Feature 147
Using Moq 148
Adding Moq to the Visual Studio Project 148
Creating a Mock with Moq 148
Unit Testing with Moq 151
Verifying with Moq 153
Summary 153
Chapter 7: SportsStore: A Real Application 155
Getting Started 156
Creating the Visual Studio Solution and Projects 156
Adding References 158
Setting Up the Dl Container 159
Starting the Application 160
Starting the Domain Model 162
Creating an Abstract Repository 163
Making a Mock Repository 163
Displaying a List of Products 164
Adding a Controller 164
Adding the View 165
Setting the Default Route 167
Running the Application 168
Preparing a Database 168
Creating the Database 169
Defining the Database Schema 170
Adding Data to the Database 172
Creating the Entity Framework Context 173
Creating the Product Repository 175
Adding Pagination 176
Displaying Page Links 179
Improving the URLs 187
Styling the Content 188
Defining Common Content in the Layout 189
Adding CSS Rules 190
Creating a Partial View 191
Summary 194
Chapter 8: SportsStore: Navigation and Cart , 195
Adding Navigation Controls 195
Filtering the Product List 195
Refining the URL Scheme 198
Building a Category Navigation Menu 201
Correcting the Page Count 210
Building the Shopping Cart 213
Defining the Cart Entity 213
Adding the Add to Cart Buttons 217
Implementing the Cart Controller 218
Displaying the Contents of the Cart 220
Using Model Binding 223
Creating a Custom Model Binder 224
Completing the Cart 228
Removing Items from the Cart 228
Adding the Cart Summary 230
Submitting Orders 233
Extending the Domain Model 233
Adding the Checkout Process 234
Implementing the Order Processor 238
Registering the Implementation 241
Completing the Cart Controller 241
Displaying Validation Errors 245
Displaying a Summary Page 246
Summary 248
Chapter 9: SportsStore: Administration 249
Adding Catalog Management 249
Creating a CRUD Controller 250
Rendering a Grid of Products in the Repository 252
Creating a New Layout 253
Implementing the List View 255
Editing Products 260
Creating New Products 275
Deleting Products 276
Securing the Administration Features 279
Setting Up Forms Authentication 280
Applying Authorization with Filters 281
Creating the Authentication Provider 282
Creating the Account Controller 284
Creating the View 285
Image Uploads 290
Extending the Database 290
Enhancing the Domain Model 290
Updating the Entity Framework Conceptual Model 291
Creating the Upload User Interface Elements 292
Saving Images to the Database 293
Implementing the Getlmage Action Method 294
Displaying Product Images 298
Summary 299
Part 2: ASP.NET MVC 3 in Detail 301
Chapter 10: Overview of MVC Projects ,303
Working with Visual Studio MVC Projects 303
Using the Internet and Intranet Application Controllers 308
Understanding MVC Conventions 309
Debugging MVC Applications 310
Creating the Project 310
Launching the Visual Studio Debugger 311
Causing the Visual Studio Debugger to Break 312
Using Edit and Continue 317
Project-Wide Dependency Injection 321
Summary 323
Chapter 11: URLs, Routing, and Areas 325
Introducing the Routing System 325
Creating the Routing Project 326
Introducing URL Patterns 327
Creating and Registering a Simple Route 329
Defining Default Values 334
Using Static URL Segments 336
Defining Custom Segment Variables 340
Defining Optional URL Segments 342
Defining Variable-Length Routes 344
Prioritizing Controllers by Namespaces 346
Constraining Routes 349
Routing Requests for Disk Files 354
Bypassing the Routing System 357
Generating Outgoing URLs 358
Preparing the Project 358
Generating Outgoing URLs in Views 359
Generating Outgoing URLs in Action Methods 366
Generating a URL from a Specific Route 367
Customizing the Routing System 368
Creating a Custom RouteBase Implementation 368
Creating a Custom Route Handler 373
Working with Areas 374
Creating an Area 375
Populating an Area 377
Resolving the Ambiguous Controller Issue 379
Generating Links to Actions in Areas 380
URL Schema Best Practices 381
Make Your URLs Clean and Human-Friendly 381
GET and POST: Pick the Right One 382
Summary 383
Chapter 12: Controllers and Actions 385
Introducing the Controller 385
Preparing the Project 385
Creating a Controller with IController 385
Creating a Controller by Deriving from the Controller Class 387
Receiving Input 389
Getting Data from Context Objects 389
Using Action Method Parameters 391
Producing Output 393
Understanding Action Results 395
Returning HTML by Rendering a View 399
Passing Data from an Action Method to a View 403
Performing Redirections 409
Returning Text Data 414
Returning XML Data 416
Returning JSON Data 417
Returning Files and Binary Data 418
Returning Errors and HTTP Codes .-421
Creating a Custom Action Result 423
Summary 426
Chapter 13: Filters 427
Using Filters 427
Introducing the Four Basic Types of Filters 429
Applying Filters to Controllers and Action Methods 430
Using Authorization Filters 431
Using Exception Filters 437
Using Action and Result Filters 442
Using Other Filter Features 448
Using the Built-in Filters 454
Summary 459
Chapter 14: Controller Extensibility 461
Request Processing Pipeline Components 461
Creating a Controller Factory 461
Defining a Custom Controller Factory 462
Registering a Custom Controller Factory 464
Working with the Built-in Controller Factory 464
Prioritizing Namespaces 465
Customizing DefaultControllerFactory Controller Creation 466
Creating a Custom Action Invoker 468
Using the Built-in Action Invoker 470
Using a Custom Action Name 470
Using Action Method Selection 472
Using Action Method Selectors to Support REST Services 475
Improving Performance with Specialized Controllers 478
Using Sessionless Controllers 478
Using Asynchronous Controllers 480
Summary 491
Chapter 15: Views 493
Creating a Custom View Engine 493
Creating a Custom IView 495
Creating an IViewEngine Implementation 496
Registering a Custom View Engine 497
Working with the Razor Engine 500
Understanding Razor View Rendering 500
Adding Dependency Injection to Razor Views 502
Configuring the View Search Locations 503
Adding Dynamic Content to a Razor View 505
Using Inline Code 506
Using HTML Helpers 512
Creating an Inline HTML Helper 513
Creating an External Helper Method 514
Using the Built-in HTML Helpers 516
Using Sections 532
Testing For Sections 535
Rendering Optional Sections 535
Using Partial Views 536
Creating a Partial View 536
Using Strongly Typed Partial Views 537
Using Child Actions 539
Creating a Child Action 540
Rendering a Child Action 540
Summary 541
Chapter 16: Model Templates 543
Using Templated View Helpers 543
Styling Generated HTML 548
Using Model Metadata 550
Working with Complex Type Parameters 559
Customizing the Templated View Helper System ...561
Creating a Custom Editor Template 561
Creating a Custom Display Template 565
Creating a Generic Template 565
Replacing the Built-in Templates 566
Using the ViewData.Templatelnfo Property 568
Passing Additional Metadata to a Template 569
Understanding the Metadata Provider System 570
Creating a Custom Model Metadata Provider 571
Customizing the Data Annotations Model Metadata Provider 574
Summary 576
Chapter 17: Model Binding , .....577
Understanding Model Binding 577
Using the Default Model Binder 578
Binding to Simple Types 580
Binding to Complex Types 581
Binding to Arrays and Collections 585
Manually Invoking Model Binding ....588
Restricting Binding to a Specific Data Source 589
Dealing with Binding Errors 590
Using Model Binding to Receive File Uploads 591
Customizing the Model Binding System 592
Creating a Custom Value Provider 592
Creating a Dependency-Aware Model Binder 594
Creating a Custom Model Binder 595
Creating Model Binder Providers 598
Using the ModelBinder Attribute 599
Summary 599
Chapter 18: Model Validation 601
Creating the Project 601
Explicitly Validating a Model 604
Displaying Validation Messages 606
Displaying Property-Level Validation Messages 610
Using Alternative Validation Techniques 612
Performing Validation in the Model Binder 612
Specifying Validation Rules Using Metadata 616
Defining Self-validating Models 621
Creating a Custom Validation Provider 622
Performing Client-Side Validation 626
Enabling and Disabling Client-Side Validation 627
Using Client-Side Validation 629
Understanding How Client-Side Validation Works 634
Customizing Client-Side Validation 635
Performing Remote Validation 642
Summary 645
Chapter 19: Unobtrusive Ajax 647
Using MVC Unobtrusive Ajax 647
Creating the Project 647
Enabling and Disabling Unobtrusive Ajax 650
Using Unobtrusive Ajax Forms 651
Understanding How Unobtrusive Ajax Works 653
Setting Ajax Options ,654
Ensuring Graceful Degradation 654
Providing the User with Feedback While Making an Ajax Request 656
Prompting the User Before Making a Request 657
Creating Ajax Links 658
Ensuring Graceful Degradation for Links 661
Working with Ajax Callbacks 662
Working with JSON 665
Adding JSON Support to the Controller 666
Processing JSON in the Browser 668
Detecting Ajax Requests in the Action Method 669
Receiving JSON Data 670
Summary 672
Chapter 20: jQuery ...673
Creating the Project 673
Referencing jQuery 675
Writing jQuery Code 678
Creating a jQuery Sandbox 679
Basic jQuery Theory 682
Understanding jQuery Selectors 683
Using jQuery Filters 686
Understanding jQuery Methods 688
Waiting for the DOM 689
Using jQuery CSS Methods 690
Working with the DOM 694
Using jQuery Events b9a
Using jQuery Visual Effects 699
Using jQuery Ul 701
Referencing jQuery Ul 702
Making Better Buttons 703
Using a Slider 704
Summary 708
Part 3: Delivering Successful ASP.NET MVC 3 Projects 709
Chapter 21: Security and Vulnerability 711
AH Input Can Be Forged 711
Forging HTTP Requests 713
Cross-Site Scripting and HTML Injection 715
Understanding an XSS Vulnerability 715
Razor HTML Encoding 716
Request Validation 717
JavaScript String Encoding and XSS 720
Session Hijacking 722
Defense via Client IP Address Checks 723
Defense by Setting the HttpOnly Flag on Cookies 723
Cross-Site Request Forgery 724
Attack 724
Defense 725
Preventing CSRF Using the Antiforgery Helpers 725
SQL Injection 727
Attack 727
Defense Using Parameterized Queries 728
Defense Using Object-Relational Mapping 728
Using the MVC Framework Securely 728
Don't Expose Action Methods Accidentally 728
Don't Allow Model Binding to Change Sensitive Properties 729
Summary 730
Chapter 22: Authentication and Authorization 731
Using Windows Authentication 731
Using Forms Authentication 734
Setting Up Forms Authentication 735
Using Cookieless Forms Authentication -738
Using Membership, Roles, and Profiles 738
Setting Up and Using Membership 740
Setting Up and Using Roles 749
Setting Up and Using Profiles 753
Why You Shouldn't Use URL-Based Authorization 758
Restricting Access Using IP Addresses and Domains 758
Summary 760
Chapter 23: Deployment 761
Preparing an Application for Deployment 761
Detecting View Errors Before Deployment 761
Configuring Dynamic Page Compilation 762
Preparing for a Bin Deployment ,763
Preparing the Web.config File for Transformation 764
Preparing the Project for Database Deployment 776
Understanding the IIS Fundamentals 779
Understanding Web Sites 779
Understanding Virtual Directories 779
Understanding Application Pools 780
Binding Web Sites to Hostnames, IP Addresses, and Ports 780
Preparing the Server for Deployment 781
Deploying an Application 783
Deploying an Application by Copying Files 784
Using a Deployment Package 785
Using One-Click Publishing 790
Summary 792
Index 793