Tagged articles - ASP.NET

Azure Service Fabric is a great platform to host services for your distributed solution. It allows you to easily deploy and scale your applications and services. Apart from these out of the box functionalities which it is essentially build for, it also comes with secrets service which allows you to store and retrieve secret values for your application...read more

Object relational mappers or ORMs are a great tool which can significantly reduce application development time, but if they are not use wisely they can cause bottlenecks and performance issues. Same goes for dependency injection containers. The lifetime of the components, especially the ones that can cause recurse locks like SQL Server connections must be as short as possible and they should be released as soon as work is done. ...read more

It is obvious that no matter what is the size and complexity of your application, configuration values on your local development machine and the environment where the application is going to run will be different. To avoid any hard-coding and recompilation of your code, the most common practice is to store application and environment specific values to configuration files. Although ASP.NET Core provides great out of the box solution for having multiple configuration files depending on the environment (Use multiple environments in ASP.NET Core), there are still things that should not reside in the configuration files. ...read more

Swagger is the most convenient way to document your REST api endpoints. It provides generating of documentation on the fly based on the code structure, which shortens the time of creating the documentation drastically...read more

In memory caching is not a bullet proof way of caching data in an application, especially if this application is distributed. The lack of synchronization between nodes can cause you application to misbehave showing wrong data or even throwing exceptions and crashing. This is one of the main reasons why distributed caching is the best way of doing the caching in your web application. But not all applications you might be developing need to run as distributed on multiple machines...read more

In case you have any page on your website which allows anonymous users to POST data to your web application, you should always use any kind of bot protection. Usually that is any kind of CAPTCHA implementation...read more

Even before popularity of micro service approach, for even monolithic applications you needed to have health-checks (Google Compute Engine) or health-probes (Microsoft Azure) for load balancing. Basically in load balancing scenario, these endpoints are used to tell load balancer whether instance can handle requests or not. Since handling of requests may consider several components, these endpoints either return 200 OK HTTP response or any other response like 500 Internal Server Error with optional payload message describing the issue and each component status. ...read more

Both Web API in .NET 4.5 and later and Web API in ASP.NET CORE have great error handling support out of the box. You can specify you global handler and control your response to a client when exception happens. ...read more

Often case when you need to convert String to a different type which is most of the time a primitive type in C# is when you are reading values from configuration. In both .NET and .NET Core, reading from configuration return plain String value...read more

Authentication in web services is a bit more different than with web pages because of one simple reason. There is no UI for entering credentials to authenticate to consume service...read more

Enums in C# can contain multiple values if they are decorated with [Flags] attribute. However, Flag Enums are not recommended to be used in web api action method signatures...read more

Cross-site Scripting (XSS) refers to client-site code injection attack where an attacker can execute malicious scripts into a web application. Basically attacker manages to upload malicious script code to the website which will be later on served to the users and executed in their browser. It is ofter use to steal form inputs, cookie values, change the page layout or redirect to attackers website. ...read more

WebP is an image format introduced by Google Developers and it provides superior lossless and lossy compression for images on the web. Using WebP, webmasters and web developers can create smaller, richer images that make the web faster. ...read more

Minification of Cascade Style Sheet (CSS) and Java Script (JS) should be on a TODO list for every web application. The minification of CSS and JS can be easily one on the runtime with ASP.NET bundling which is build in in ASP.NET framework, but in case of distributing your resource files over CDN you cannot use the runtime minification. You physical files need to be minified...read more

Starting from few years ago, Google enforces secured over unsecured website traffic. However it is an ongoing process since both publishers and advertisers need to implement HTTPS in order to avoid mixed contnet exception in a browser and preventing ads to load on a website. ...read more