Table of Contents [Hide/Show]
Pitfalls Usability and Administrative Security General Preventing Denial-of-Service Attacks Performance Tweaks General Pipeline Process Configuration Profile/Membership Provider Use AJAX Browser Cache
MaxLength
confirm
confirmExt
web.config
WITH EXECUTE AS DBO
SELECT
VIEW DEFINITION
EXECUTE
Page_Error()
Server.GetLastError
Server.ClearError
global.asax
Application_Error()
<httpModules> <remove name="OutputCache" /> <remove name="Session" /> <remove name="WindowsAuthentication" /> <remove name="FormsAuthentication" /> <remove name="PassportAuthentication" /> <remove name="UrlAuthorization" /> <remove name="FileAuthorization" /> <remove name="ErrorHandlerModule" /> <remove name="AnonymousIdentification" /> </httpModules>
<system.net> <processModel enable="true" timeout="Infinite" idleTimeout="Infinite" shutdownTimeout="00:00:05" requestLimit="Infinite" requestQueueLimit="5000" restartQueueLimit="10" memoryLimit="60" webGarden="false" cpuMask="0xffffffff" userName="machine" password="AutoGenerate" logLevel="Errors" clientConnectedCheck="00:00:05" comAuthenticationLevel="Connect" comImpersonationLevel="Impersonate" responseDeadlockInterval="00:03:00" responseRestartDeadlockInterval="00:03:00" autoConfig="false" maxWorkerThreads="100" maxIoThreads="100" minWorkerThreads="40" minIoThreads="30" serverErrorMessageFile="" pingFrequency="Infinite" pingTimeout="Infinite" asyncOption="20" maxAppDomains="2000" /> <connectionManagement> <add address="*" maxconnection="100" /> </connectionManagement>
maxWorkerThreads
maxIOThreads
minWorkerThreads
minIOThreads
memoryLimit
system.net/connectionManagement
applicationName
<profile enabled="true"> <providers> <clear /> <add name="..." type="System.Web.Profile.SqlProfileProvider" connectionStringName="..." applicationName="YourApplicationName" description="..." /> </providers>
Profile.Save();
<profile enabled="true" automaticSaveEnabled="false" >
<roleManager enabled="true" cacheRolesInCookie="true" >
Email
UserName
WHERE
LoweredEmail
LoweredUserName
ApplicationId
aspnet_Profile_GetProfiles
LIKE LOWER(@UserNameToMatch)
CREATE PROCEDURE [dbo].[aspnet_Profile_GetProfiles] @ApplicationName nvarchar(256), @ProfileAuthOptions int, @PageIndex int, @PageSize int, @UserNameToMatch nvarchar(256) = NULL, @InactiveSinceDate datetime = NULL AS IF @UserNameToMatch IS NOT NULL BEGIN SELECT u.UserName, u.IsAnonymous, u.LastActivityDate, p.LastUpdatedDate, DATALENGTH(p.PropertyNames) + DATALENGTH(p.PropertyValuesString) + DATALENGTH(p.PropertyValuesBinary) FROM dbo.aspnet_Users u INNER JOIN dbo.aspnet_Profile p ON u.UserId = p.UserId WHERE u.LoweredUserName = LOWER(@UserNameToMatch) SELECT @@ROWCOUNT END ELSE BEGIN -- Do the original bad things DECLARE @ApplicationId uniqueidentifier SELECT @ApplicationId = NULL SELECT @ApplicationId = ApplicationId FROM aspnet_Applications WHERE LOWER(@ApplicationName) = LoweredApplicationName IF (@ApplicationId IS NULL) RETURN -- Set the page bounds DECLARE @PageLowerBound int DECLARE @PageUpperBound int DECLARE @TotalRecords int SET @PageLowerBound = @PageSize * @PageIndex SET @PageUpperBound = @PageSize - 1 + @PageLowerBound -- Create a temp table TO store the select results CREATE TABLE #PageIndexForUsers ( IndexId int IDENTITY (0, 1) NOT NULL, UserId uniqueidentifier ) -- Insert into our temp table INSERT INTO #PageIndexForUsers (UserId) SELECT u.UserId FROM dbo.aspnet_Users u, dbo.aspnet_Profile p WHERE ApplicationId = @ApplicationId AND u.UserId = p.UserId AND (@InactiveSinceDate IS NULL OR LastActivityDate <= @InactiveSinceDate) AND ( (@ProfileAuthOptions = 2) OR (@ProfileAuthOptions = 0 AND IsAnonymous = 1) OR (@ProfileAuthOptions = 1 AND IsAnonymous = 0) ) AND (@UserNameToMatch IS NULL OR LoweredUserName LIKE LOWER(@UserNameToMatch)) ORDER BY UserName SELECT u.UserName, u.IsAnonymous, u.LastActivityDate, p.LastUpdatedDate, DATALENGTH(p.PropertyNames) + DATALENGTH(p.PropertyValuesString) + DATALENGTH(p.PropertyValuesBinary) FROM dbo.aspnet_Users u, dbo.aspnet_Profile p, #PageIndexForUsers i WHERE u.UserId = p.UserId AND p.UserId = i.UserId AND i.IndexId >= @PageLowerBound AND i.IndexId <= @PageUpperBound DROP TABLE #PageIndexForUsers END END
GET
POST
[WebMethod][ScriptMethod(UseHttpGet=true)] public string CachedGet() { TimeSpan cacheDuration = TimeSpan.FromMinutes(1); Context.Response.Cache.SetCacheability(HttpCacheability.Public); Context.Response.Cache.SetExpires(DateTime.Now.Add(cacheDuration)); Context.Response.Cache.SetMaxAge(cacheDuration); Context.Response.Cache.AppendCacheExtension( "must-revalidate, proxy-revalidate"); return DateTime.Now.ToString(); }
~/images/logo.png
~/images/logo.png?ver=20091029
logo.png
Content-Length
ScrewTurn Wiki version 3.0.1.400. Some of the icons created by FamFamFam. Except where noted, all contents Copyright © 1999-2024, Patrick Jasinski.