.NET news » ASP.NET

Web Parts can help you build better Web sites. Find out why and learn the ins and outs of building and deploying them.

Explains how to build poll application in ASP.NET. Includes sample project with source code.

Have you ever wanted to emit standards compliant and CSS based markup rather than the default table based markup provided in ASP.NET 2.0? Adaptive control behavior in ASP.NET 2.0 gives you the ability to customize the functionality of ASP.NET controls.

Cross-site scripting attacks are platform and browser independent, and can allow malicious users to perform malicious actions such as gaining unauthorized access to client data like cookies or hijacking sessions entirely. Simple steps that developers can take to prevent XSS attacks in their ASP.NET applications include doing the following: 1. Validating and constraining input 2. Encoding output For defense in depth, developers may wish to use the Microsoft Anti-Cross Site Scripting Library to encode output. This library differs from most encoding libraries in that it uses the "principle of inclusions" technique to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set (invalid characters or potential attacks). The principle of inclusions approach provides a high degree of protection against XSS attacks and is suitable for Web applications with high security requirements.

ASP.NET 2.0 does not break any existing controls from 1.1, but it adds a whole bunch of new ones, as well as several new technologies for control development.

The Enterprise Library Application Blocks aren't useful only in Windows Forms applications; you can use them in ASP.NET too by downloading a set of patch files and configuring the security settings appropriately. Find out how.

ASP.NET 2.0 has unleashed a number of wonderful improvements for localizing Web applications. This article will help you apply extensibility features of ASP.NET to handle enterprise localization scenarios and improve your localization-development process.

In this article we'll examine how to build a tag cloud in ASP.NET. In this article we'll focus on accomplishing this through code in an ASP.NET page's code-behind class. In a future article, we'll move this code out of the ASP.NET page and into a stand alone, custom, compiled server control that supports data binding, use of declarative data source controls, and so on..

Online Article: ASP.NET 2.0 Web Part Infrastructure

Web applications today do a number of things. They could be a banking site, a content management system, or a news Web site. In spite of the diversity of Web applications available today, it almost always makes sense to break a Web page into smaller, reusable widgets

The Membership API in the .NET Framework provides the concept of a user account and associates with it core properties: username, passsword, email, security question and answer, whether or not the account has been approved, whether or not the user is locked out of the system, and so on. However, depending on the application's needs, chances are your application needs to store additional, user-specific fields. For example, an online messageboard site might want to also allow users to specify a signature, their homepage URL, and their IM address.

ASP.NET 2.0 Profile system can be used to store user-specific information. The Profile system allows the page developer to define the properties she wants to associate with each user. Once defined, the developer can programmatically read from and assign values to these properties. The Profile system accesses or writes the property values to a backing store as needed. Like Membership and Roles, the Profile system is based on the provider model, and the particular Profile provider is responsible for serializing and deserializing the property values to some data store. The .NET Framework ships with a SqlProfileProvider class by default, which uses a SQL Server database table (aspnet_Profile) as its backing store.

In this article we will examine the Profile system - how to define the user-specific properties and interact with them programmatically from an ASP.NET page - as well as look at using the SqlProfileProvider that ships with .NET 2.0.