| |
| |
Foreword | |
| |
| |
Introduction | |
| |
| |
| |
Getting Started | |
| |
| |
A Quick Introduction to ASP.NET MVC | |
| |
| |
How ASP.NET MVC Fits in with ASP.NET | |
| |
| |
The MVC Pattern | |
| |
| |
MVC as Applied to Web Frameworks | |
| |
| |
The Road to MVC 4 | |
| |
| |
ASP.NET MVC 1 Overview | |
| |
| |
ASP.NET MVC 2 Overview | |
| |
| |
ASP.NET MVC 3 Overview | |
| |
| |
MVC 4 Overview | |
| |
| |
ASP.NET Web API | |
| |
| |
Enhancements to Default Project Templates | |
| |
| |
Mobile Project Template using jQuery Mobile | |
| |
| |
Display Modes | |
| |
| |
Bundling and Minifi cation | |
| |
| |
Included Open Source Libraries | |
| |
| |
Miscellaneous Features | |
| |
| |
Open Source Release | |
| |
| |
Creating an MVC 4 Application | |
| |
| |
Software Requirements for ASP.NET MVC 4 | |
| |
| |
Installing ASP.NET MVC 4 | |
| |
| |
Installing the MVC 4 Development Components | |
| |
| |
Installing MVC 4 on a Server | |
| |
| |
Creating an ASP.NET MVC 4 Application | |
| |
| |
The New ASP.NET MVC 4 Dialog | |
| |
| |
Application Templates | |
| |
| |
View Engines | |
| |
| |
Testing | |
| |
| |
The MVC Application Structure | |
| |
| |
ASP.NET MVC and Conventions | |
| |
| |
Convention over Confi guration | |
| |
| |
Conventions Simplify Communication | |
| |
| |
Summary | |
| |
| |
| |
Controllers | |
| |
| |
The Controller's Role | |
| |
| |
A Sample Application: The MVC Music Store | |
| |
| |
Controller Basics | |
| |
| |
A Simple Example: The Home Controller | |
| |
| |
Writing Your First Controller | |
| |
| |
Creating the New Controller | |
| |
| |
Writing Your Action Methods | |
| |
| |
A Few Quick Observations | |
| |
| |
Parameters in Controller Actions | |
| |
| |
Summary | |
| |
| |
| |
Views | |
| |
| |
The Purpose of Views | |
| |
| |
Specifying a View | |
| |
| |
ViewData and ViewBag | |
| |
| |
Strongly Typed Views | |
| |
| |
View Models | |
| |
| |
Adding a View | |
| |
| |
Understanding the Add View Dialog Options | |
| |
| |
The Razor View Engine | |
| |
| |
What Is Razor? | |
| |
| |
Code Expressions | |
| |
| |
HTML Encoding | |
| |
| |
Code Blocks | |
| |
| |
Razor Syntax Samples | |
| |
| |
Implicit Code Expression | |
| |
| |
Explicit Code Expression | |
| |
| |
Unencoded Code Expression | |
| |
| |
Code Block | |
| |
| |
Combining Text and Markup | |
| |
| |
Mixing Code and Plain Text | |
| |
| |
Escaping the Code Delimiter | |
| |
| |
Server-Side Comment | |
| |
| |
Calling a Generic Method | |
| |
| |
Layouts | |
| |
| |
ViewStart | |
| |
| |
Specifying a Partial View | |
| |
| |
Summary | |
| |
| |
| |
Models | |
| |
| |
Modeling the Music Store | |
| |
| |
Scaff olding a Store Manager | |
| |
| |
What Is Scaff olding? | |
| |
| |
Empty Controller | |
| |
| |
Controller with Empty Read/Write Actions | |
| |
| |
API Controller with Empty Read/Write Actions | |
| |
| |
Controller with Read/Write Actions and Views, Using Entity Framework | |
| |
| |
Scaff olding and the Entity Framework | |
| |
| |
Code First Conventions | |
| |
| |
The DbContext Class | |
| |
| |
Executing the Scaff olding Template | |
| |
| |
The Data Context | |
| |
| |
The StoreManagerController | |
| |
| |
The Views | |
| |
| |
Executing the Scaff olded Code | |
| |
| |
Creating Databases with the Entity Framework | |
| |
| |
Using Database Initializers | |
| |
| |
Seeding a Database | |
| |
| |
Editing an Album | |
| |
| |
Building a Resource to Edit an Album | |
| |
| |
Models and View Models Redux | |
| |
| |
The Edit View | |
| |
| |
Responding to the Edit POST Request | |
| |
| |
The Edit Happy Path | |
| |
| |
The Edit Sad Path | |
| |
| |
Model Binding | |
| |
| |
The DefaultModelBinder | |
| |
| |
Explicit Model Binding | |
| |
| |
Summary | |
| |
| |
| |
Forms And Html Helpers | |
| |
| |
Using Forms | |
| |
| |
The Action and the Method | |
| |
| |
To GET or to POST? | |
| |
| |
Searching for Music with a Search Form | |
| |
| |
Searching for Music by Calculating the Action Attribute Value | |
| |
| |
HTML Helpers | |
| |
| |
Automatic Encoding | |
| |
| |
Making Helpers Do Your Bidding | |
| |
| |
Inside HTML Helpers | |
| |
| |
Setting Up the Album Edit Form | |
| |
| |
Html.BeginForm | |
| |
| |
Html.ValidationSummary | |
| |
| |
Adding Inputs | |
| |
| |
Html.TextBox and Html.TextArea | |
| |
| |
Html.Label | |
| |
| |
Html.DropDownList and Html.ListBox | |
| |
| |
Html.ValidationMessage | |
| |
| |
Helpers, Models, and View Data | |
| |
| |
Strongly Typed Helpers | |
| |
| |
Helpers and Model Metadata | |
| |
| |
Templated Helpers | |
| |
| |
Helpers and ModelState | |
| |
| |
Other Input Helpers | |
| |
| |
Html.Hidden | |
| |
| |
Html.Password | |
| |
| |
Html.RadioButton | |
| |
| |
Html.CheckBox | |
| |
| |
Rendering Helpers | |
| |
| |
Html.ActionLink and Html.RouteLink | |
| |
| |
URL Helpers | |
| |
| |
Html.Partial and Html.RenderPartial | |
| |
| |
Html.Action and Html.RenderAction | |
| |
| |
Passing Values to RenderAction | |
| |
| |
Cooperating with the ActionName Attribute | |
| |
| |
Summary | |
| |
| |
| |
Data Annotations And Validation | |
| |
| |
Annotating Orders for Validation | |
| |
| |
Using Validation Annotations | |
| |
| |
Required | |
| |
| |
StringLength | |
| |
| |
RegularExpression | |
| |
| |
Range | |
| |
| |
Validation Attributes from System.Web.Mvc | |
| |
| |
Custom Error Messages and Localization | |
| |
| |
Looking behind the Annotation Curtain | |
| |
| |
Validation and Model Binding | |
| |
| |
Validation and Model State | |
| |
| |
Controller Actions and Validation Errors | |
| |
| |
Custom Validation Logic | |
| |
| |
Custom Annotations | |
| |
| |
IValidatableObject | |
| |
| |
Display and Edit Annotations | |
| |
| |
Display | |
| |
| |
Scaff oldColumn | |
| |
| |
DisplayFormat | |
| |
| |
ReadOnly | |
| |
| |
DataType | |
| |
| |
UIHint | |
| |
| |
HiddenInput | |
| |
| |
Summary | |
| |
| |
| |
Membership, Authorization, And Security | |
| |
| |
Using the Authorize Attribute to Require Login | |
| |
| |
Securing Controller Actions | |
| |
| |
How the AuthorizeAttribute Works with Forms Authentication and the AccountController | |
| |
| |
Windows Authentication in the Intranet Application Template | |
| |
| |
Securing Entire Controllers | |
| |
| |
Securing Your Entire Application Using a Global Authorization Filter | |
| |
| |
Using the Authorize Attribute to Require Role Membership | |
| |
| |
Extending Roles and Membership | |
| |
| |
External Login via OAuth and OpenID | |
| |
| |
Registering External Login Providers | |
| |
| |
Configuring OpenID Providers | |
| |
| |
Configuring OAuth Providers | |
| |
| |
Security Implications of External Logins | |
| |
| |
Trusted External Login Providers | |
| |
| |
Require SSL for Login | |
| |
| |
Understanding the Security Vectors in a Web Application | |
| |
| |
Threat: Cross-Site Scripting | |
| |
| |
Threat Summary | |
| |
| |
Passive Injection | |
| |
| |
Active Injection | |
| |
| |
Preventing XSS | |
| |
| |
Threat: Cross-Site Request Forgery | |
| |
| |
Threat Summary | |
| |
| |
Preventing CSRF Attacks | |
| |
| |
Threat: Cookie Stealing | |
| |
| |
Threat Summary | |
| |
| |
Preventing Cookie Theft with HttpOnly | |
| |
| |
Threat: Over-Posting | |
| |
| |
Threat Summary | |
| |
| |
Preventing Over-Posting with the Bind Attribute | |
| |
| |
Threat: Open Redirection | |
| |
| |
Threat Summary | |
| |
| |
Protecting Your ASP.NET MVC 1 and MVC 2 Applications | |
| |
| |
Taking Additional Actions When an Open Redirect Attempt Is Detected | |
| |
| |
Open Redirection Summary | |
| |
| |
Proper Error Reporting and the Stack Trace | |
| |
| |
Using Confi guration Transforms | |
| |
| |
Using Retail Deployment Confi guration in Production | |
| |
| |
Using a Dedicated Error Logging System | |
| |
| |
Security Recap and Helpful Resources | |
| |
| |
Summary | |
| |
| |
| |
Ajax | |
| |
| |
jQuery | |
| |
| |
jQuery Features | |
| |
| |
The jQuery Function | |
| |
| |
jQuery Selectors | |
| |
| |
jQuery Events | |
| |
| |
jQuery and Ajax | |
| |
| |
Unobtrusive JavaScript | |
| |
| |
Using jQuery | |
| |
| |
Custom Scripts | |
| |
| |
Placing Scripts in Sections | |
| |
| |
The Rest of the Scripts | |
| |
| |
Ajax Helpers | |
| |
| |
Ajax ActionLinks | |
| |
| |
HTML 5 Attributes | |
| |
| |
Ajax Forms | |
| |
| |
Client Validation | |
| |
| |
jQuery Validation | |
| |
| |
Custom Validation | |
| |
| |
IClientValidatable | |
| |
| |
Custom Validation Script Code | |
| |
| |
Beyond Helpers | |
| |
| |
jQuery UI | |
| |
| |
Autocomplete with jQuery UI | |
| |
| |
Adding the Behavior | |
| |
| |
Building the Data Source | |
| |
| |
JSON and Client-Side Templates | |
| |
| |
Adding Templates | |
| |
| |
Modifying the Search Form | |
| |
| |
Getting JSON | |
| |
| |
jQuery.ajax for Maximum Flexibility | |
| |
| |
Improving Ajax Performance | |
| |
| |
Using Content Delivery Networks | |
| |
| |
Script Optimizations | |
| |
| |
Bundling and Minifi cation | |
| |
| |
Summary | |
| |
| |
| |
Routing | |
| |
| |
Uniform Resource Locators | |
| |
| |
Introduction to Routing | |
| |
| |
Comparing Routing to URL Rewriting | |
| |
| |
Defining Routes | |
| |
| |
Route URLs | |
| |
| |
Route Values | |
| |
| |
Route Defaults | |
| |
| |
Route Constraints | |
| |
| |
Named Routes | |
| |
| |
MVC Areas | |
| |
| |
Area Route Registration | |
| |
| |
Area Route Confl icts | |
| |
| |
Catch-All Parameter | |
| |
| |
Multiple URL Parameters in a Segment | |
| |
| |
StopRoutingHandler and IgnoreRoute | |
| |
| |
Debugging Routes | |
| |
| |
Under the Hood: How Routes Generate URLs | |
| |
| |
High-Level View of URL Generation | |
| |
| |
A Detailed Look at URL Generation | |
| |
| |
Ambient Route Values | |
| |
| |
Overfl ow Parameters | |
| |
| |
More Examples of URL Generation with the Route Class | |
| |
| |
Under the Hood: How Routes Tie Your URL to an Action | |
| |
| |
The High-Level Request Routing Pipeline | |
| |
| |
RouteData | |
| |
| |
Custom Route Constraints | |
| |
| |
Using Routing with Web Forms | |
| |
| |
Summary | |
| |
| |
| |
Nuget | |
| |
| |
Introduction to NuGet | |
| |
| |
Installing NuGet | |
| |
| |
Adding a Library as a Package | |
| |
| |
Finding Packages | |
| |
| |
Installing a Package | |
| |
| |
Updating a Package | |
| |
| |
Recent Packages | |
| |
| |
Package Restore | |
| |
| |
Using the Package Manager Console | |
| |
| |
Creating Packages | |
| |
| |
Packaging a Project | |
| |
| |
Packaging a Folder | |
| |
| |
NuSpec File | |
| |
| |
Metadata | |
| |
| |
Dependencies | |
| |
| |
Specifying Files to Include | |
| |
| |
Tools | |
| |
| |
Framework and Profi le Targeting | |
| |
| |
Prerelease Packages | |
| |
| |
Publishing Packages | |
| |
| |
Publishing to NuGet.org | |
| |
| |
Using NuGet.exe | |
| |
| |
Using the Package Explorer | |
| |
| |
Summary | |
| |
| |
| |
ASP.NET WEB API | |
| |
| |
Defining ASP.NET Web API | |
| |
| |
Getting Started with Web API | |
| |
| |
Writing an API Controller | |
| |
| |
Examining the Sample ValuesController | |
| |
| |
Async by Design: IHttpController | |
| |
| |
Incoming Action Parameters | |
| |
| |
Action Return Values, Errors, and Asynchrony | |
| |
| |
Configuring Web API | |
| |
| |
Configuration in Web-Hosted Web API | |
| |
| |
Configuration in Self-Hosted Web API | |
| |
| |
Configuration in Third-Party Hosts | |
| |
| |
Adding Routes to Your Web API | |
| |
| |
Binding Parameters | |
| |
| |
Filtering Requests | |
| |
| |
Enabling Dependency Injection | |
| |
| |
Exploring APIs Programmatically | |
| |
| |
Tracing the Application | |
| |
| |
Web API Example: ProductsController | |
| |
| |
Summary | |
| |
| |
| |
Dependency Injection | |
| |
| |
Software Design Patterns | |
| |
| |
Design Pattern: Inversion of Control | |
| |
| |
Design Pattern: Service Locator | |
| |
| |
Strongly Typed Service Locator | |
| |
| |
Weakly Typed Service Locator | |
| |
| |
The Pros and Cons of Service Locators | |
| |
| |
Design Pattern: Dependency Injection | |
| |
| |
Constructor Injection | |
| |
| |
Property Injection | |
| |
| |
Dependency Injection Containers | |
| |
| |
Dependency Resolution in MVC | |
| |
| |
Singly Registered Services in MVC | |
| |
| |
Multiply Registered Services in MVC | |
| |
| |
Arbitrary Objects in MVC | |
| |
| |
Creating Controllers | |
| |
| |
Creating Views | |
| |
| |
Dependency Resolution in Web API | |
| |
| |
Singly Registered Services in Web API | |
| |
| |
Multiply Registered Services in Web API | |
| |
| |
Arbitrary Objects in Web API | |
| |
| |
Dependency Resolvers in MVC vs. Web API | |
| |
| |
Summary | |
| |
| |
| |
Unit Testing | |
| |
| |
The Meaning of Unit Testing and Test-Driven Development | |
| |
| |
Defining Unit Testing | |
| |
| |
Testing Small Pieces of Code | |
| |
| |
Testing in Isolation | |
| |
| |
Testing Only Public Endpoints | |
| |
| |
Automated Results | |
| |
| |
Unit Testing as a Quality Activity | |
| |
| |
Defining Test-Driven Development | |
| |
| |
The Red/Green Cycle | |
| |
| |
Refactoring | |
| |
| |
Structuring Tests with Arrange, Act, Assert | |
| |
| |
The Single Assertion Rule | |
| |
| |
Creating a Unit Test Project | |
| |
| |
Examining the Default Unit Tests | |
| |
| |
Test Only the Code You Write | |
| |
| |
Tips and Tricks for Unit Testing ASP.NET MVC Applications | |
| |
| |
Testing Controllers | |
| |
| |
Keeping Business Logic out of Your Controllers | |
| |
| |
Passing Service Dependencies via Constructor | |
| |
| |
Favoring Action Results over HttpContext Manipulation | |
| |
| |
Favoring Action Parameters over UpdateModel | |
| |
| |
Using Action Filters for Orthogonal Activities | |
| |
| |
Testing Routes | |
| |
| |
Testing Calls to IgnoreRoute | |
| |
| |
Testing Calls to MapRoute | |
| |
| |
Testing Unmatched Routes | |
| |
| |
Testing Validators | |
| |
| |
Summary | |
| |
| |
| |
Extending MVC | |
| |
| |
Extending Models | |
| |
| |
Turning Request Data into Models | |
| |
| |
Exposing Request Data with Value Providers | |
| |
| |
Creating Models with Model Binders | |
| |
| |
Describing Models with Metadata | |
| |
| |
Validating Models | |
| |
| |
Extending Views | |
| |
| |
Customizing View Engines | |
| |
| |
Writing HTML Helpers | |
| |
| |
Writing Razor Helpers | |
| |
| |
Extending Controllers | |
| |
| |
Selecting Actions | |
| |
| |
Choosing Action Names with Name Selectors | |
| |
| |
Filtering Actions with Method Selectors | |
| |
| |
Action Filters | |
| |
| |
Authorization Filters | |
| |
| |
Action and Result Filters | |
| |
| |
Exception Filters | |
| |
| |
Providing Custom Results | |
| |
| |
Summary | |
| |
| |
| |
Advanced Topics | |
| |
| |
Mobile Support | |
| |
| |
Adaptive Rendering | |
| |
| |
The Viewport Meta Tag | |
| |
| |
Adaptive Styles Using CSS Media Queries | |
| |
| |
Display Modes | |
| |
| |
Layout and Partial View Support | |
| |
| |
Custom Display Modes | |
| |
| |
Mobile Site Template | |
| |
| |
Advanced Razor | |
| |
| |
Templated Razor Delegates | |
| |
| |
View Compilation | |
| |
| |
Advanced View Engines | |
| |
| |
Confi guring a View Engine | |
| |
| |
Finding a View | |
| |
| |
The View Itself | |
| |
| |
Alternative View Engines | |
| |
| |
New View Engine or New ActionResult? | |
| |
| |
Advanced Scaff olding | |
| |
| |
Customizing T4 Code Templates | |
| |
| |
The MvcScaff olding NuGet Package | |
| |
| |
Updated Add Controller Dialog Options | |
| |
| |
Using the Repository Template | |
| |
| |
Adding Scaff olders | |
| |
| |
Additional Resources | |
| |
| |
Advanced Routing | |
| |
| |
RouteMagic | |
| |
| |
Editable Routes | |
| |
| |
Advanced Templates | |
| |
| |
The Default Templates | |
| |
| |
MVC Futures and Template Definitions | |
| |
| |
Template Selection | |
| |
| |
Custom Templates | |
| |
| |
Advanced Controllers | |
| |
| |
Defining the Controller: The IController Interface | |
| |
| |
The ControllerBase Abstract Base Class | |
| |
| |
The Controller Class and Actions | |
| |
| |
Action Methods | |
| |
| |
The ActionResult | |
| |
| |
Action Result Helper Methods | |
| |
| |
Action Result Types | |
| |
| |
Implicit Action Results | |
| |
| |
Action Invoker | |
| |
| |
How an Action Is Mapped to a Method | |
| |
| |
Invoking Actions | |
| |
| |
Using Asynchronous Controller Actions | |
| |
| |
Choosing Synchronous versus Asynchronous Pipelines | |
| |
| |
Writing Asynchronous Action Methods | |
| |
| |
Performing Multiple Parallel Operations | |
| |
| |
MVC 2 and 3 Using AsyncController | |
| |
| |
Summary | |
| |
| |
| |
Real-World Asp.Net Mvc: Building The Nuget.Org Website | |
| |
| |
May the Source Be with You | |
| |
| |
WebActivator | |
| |
| |
ASP.NET Dynamic Data | |
| |
| |
Exception Logging | |
| |
| |
Profiling | |
| |
| |
Data Access | |
| |
| |
EF Code-Based Migrations | |
| |
| |
Membership | |
| |
| |
Other Useful NuGet Packages | |
| |
| |
T4MVC | |
| |
| |
WebBackgrounder | |
| |
| |
Lucene.NET | |
| |
| |
AnglicanGeek.MarkdownMailer | |
| |
| |
Ninject | |
| |
| |
Summary | |
| |
| |
Index | |