Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
CTU June 2011 - Things that Every ASP.NET Developer Should Know
1. Things that Every ASP.NET
Developer should know
Darren Sim
Microsoft MVP (ASP.NET / IIS)
Member, Microsoft Developer Guidance Web Advisory Council
Director, Singapore Software Quality Testing Board (SGTQB)
2. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices
3. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices
4. Fundamentals
• Internet is based on TCP/IP
• World Wide Web is based on HTTP
– HTTP based on Request/Response paradigm
– Header and body
– Stateless
– Specification @ http://www.ietf.org/rfc/rfc2068.txt
8. IIS Architecture
Configuration Application Pool
SvcHost.exe w3wp.exe
WWW Windows
Publishing Process
Service Activation
(W3SVC) Service (WAS)
User Mode
Kernel Mode
HTTP.sys
9. Configuration File
Site Application
Machine.config Root web.config
web.config web.config
<system.Web> <system.Web>
Applicationhost.config
<system.webServer> <system.webServer>
*Web.config has a 100Kb file size limit.
10. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices
11. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices
12. Fiddler
• Tracing tool specifically for HTTP
• Shows complete request and response (not packets)
• Can save archive of session
• Can be used on own machine (ipv4.fiddler, ipv6.fiddler)
• Can create own GET requests
• Can decrypt SSL traffic!
13. Microsoft Network Monitor
• General network tracing tool for many protocols
• Hooks into network adapters
• See network frames at multiple levels
• Apply filters for specific protocols, IP addresses, etc
Free download at http://www.microsoft.com/downloads/en/details.aspx?FamilyID=983b941d-06cb-
4658-b7f6-3088333d062f&displaylang=en
14. IIS Log Files
• Time Taken (execute, queue, and time to client – IIS 7/6)
• Sub-status codes are very useful for indicating the exact problems
• Log entries are made AFTER the page execution is complete
• Log file entries are always in GMT
• Setup cookie, referrer, bytes sent
15. Log Parser
• Utility to query IIS log files, event logs, etc
• Query syntax nearly identical to SQL
• Write series of queries for site health (HTTP status, time taken, file
sizes, down pages, orders, etc)
• ASP.NET Response.AppendToLog( )
Download Log Parser at http://tinyurl.com/5uoxz
16. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices
17. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices
19. Performance Culprits
Solution
• Combine all Javascript into one file
• Combine all CSS into one file
• Using MSAjax CDN instead of your own
20. Reduce & Avoid Requests
• Avoid Response.Redirect
– Invokes an extra client side HTTP Request
• Use Server.Transfer instead
21. Reduce Page Size
• The smaller the page, the quicker the download
• Especially important in these areas
– Mobile Applications (Windows Mobile, IPhone, 3G Data Card)
– Non Broadband Users
– Many offices have less capacity than broadband
– Developing Countries
22. Reduce Page Size
• Most Browsers support HTTP Compression
– GZIP & Deflate
– IE, Firefox etc
• Drastically reduces page size
• Steps
– Browser Passes Accept-Encoding in Request Header
– Data is compressed and sent to browser
– Browser decompresses html
• Only GET is compressed, POST IS NOT Compressed
23. HTTP Compression
• Server evaluates the “Accept-Encoding” header for request,
compresses resulting response
• largeGridView.aspx - 41 frames down to 7
• Implemented in February 2003 when about 3% of Fortune 1000 web
sites utilized
• Used 53% less bandwidth, ~25% faster Keynote measurements
• Now use IIS Compression (free)
24. HTTP Compression (cont…)
• IIS 7
– Can control when to stop using if CPU usage is too high
– Minimum default file size is 256K
– Only static compression is on by default
Detailed article about enabling IIS 6 compression at http://tinyurl.com/yjdo7w
25. Content Expirations
• Client asks “if-modified-since”
• Small content files it is just as expensive to see if modified as to
receive content
• Setup expiration times for content folders
• Avoid requests for files that seldom change (.js, .css, images, etc)
• Rename the file if need to override browser caching
26. Ajax Minifier
• Microsoft Ajax Minifier (Codeplex.com)
• Minimize CSS and JavaScript files
– Remove whitespace, comments, excessive semicolons, etc
• Command line, .dll, and build tasks
• jQuery-1.4.2.js minimized 55.5%
• Test after minimize!
• MSBuild Extension Pack (version #)
27. ETags
• Used for cache validation
• IIS sends the ETag header in response for static files
– hash:changeNumber
• IIS 6
– changeNumber – specific to server
– Set to 0 with Metabase Explorer, http://tinyurl.com/2agsbtc
• IIS 7
– changeNumber - 0 by default
– Completely remove header with HttpModule
28. CSS Sprite
• Combine small images into a single image
• Use CSS to “index” into the larger image
• Often 70-95% of time taken for a user is time requesting components
(images, .css, .js)
• Reduce the number of requests
**Free CSS Sprite generator at http://spritegen.website-performance.org/
29. Tracing
• Setup ASP.NET to save information about recent requests
• <trace enabled="true" pageOutput="false" localOnly="false"
requestLimit="2" mostRecent="true" />
• /Trace.axd
34. Global.asax Application_Error( )
• Every ASP.NET web site should have this coded to ensure that
unhandled exceptions are caught and logged
• HKLMSystemCurrentControlSetServicesEventLogApplication and
add key for source
• Use <customErrors mode=“On” /> to redirect to a down page
35. Validation Controls
• OWASP Top 10
– XSS (Cross Site Scripting)
– SQL Injection
• All input from web controls needs to be verified
• Leverage client validation for user experience but must validate on the server
• Common validators
– RequiredFieldValidator
– RangeValidator
– RegularExpressionValidator
– CompareValidator
– CustomValidator
36. Caching
– Data caching (Cache), cut 50% of our SQL queries which was 72,080,000
less queries each month!
– Substitution
– Output caching (shared)
– Don’t cache page (set specific cache ability)
• Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache);
37. Yahoo! A List Browsers
Win XP Win 7 Mac 10.6.† iOS 3.† iOS 4.† Android 2.2.†
Safari 5.† A-grade
Chrome † (latest
A-grade
stable)
A-grade (upon GA A-grade (upon GA
Firefox 4.†
release) release)
Firefox 3.6.† A-grade A-grade A-grade
A-grade (upon GA
IE 9.0
release)
IE 8.0 A-grade A-grade
IE 7.0 A-grade
IE 6.0 A-grade
Safari for iOS A-grade A-grade
WebKit for Android
A-grade
OS
Complete list available at http://developer.yahoo.com/yui/articles/gbs/
38. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices
39. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices
48. Patterns for Web 2.0
• The Service-Oriented Architecture Pattern
• The Software as a Service (SaaS) Pattern
• The Participation-Collaboration Pattern
• The Asynchronous Particle Update Pattern
• The Mashup Pattern
• The Rich User Experience Pattern
49. Patterns for Web 2.0 (cont…)
• The Synchronized Web Pattern
• The Collaborative Tagging Pattern
• The Declarative Living and Tag Gardening Pattern
• The Semantic Web Grounding Pattern
• The Persistent Rights Management (PRM) Pattern
• The Structured Information Pattern
50. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices
51. AGENDA
HTTP and Web Server Fundamentals
Debugging and Analysis Tools
Development Techniques
Patterns & Practices