Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have some logic in Session_Start and this logic is actual for all my controller methods except one special method. I need to not execute Session_start logic, when user goes to special method URL.
Any ideas how I can do that?
As far as I understand your question, you do not want the code within your Session_Start method to be invoked if a special url is requested. I think it would be helpful to know what your problem is, that you want to solve. For now here is my answer:
Since Session_Start is only invoked once (at least usually, depending on your configuration of the session module - see my comments to your question), this only works if the client invokes the "special" url first, e.g. before calling other urls. If another url has been invoked first, session will be initialized according to your code. Important: as mentioned, depending on your configuration, there will be always a Session (but in this special case you do not want to execute your custom logic in Session_Start):
You can use the Current HttpRequest and perform a check on some properties:
// this will (usually) only be called once, on the first request of the client
protected void Session_Start() {
// perform your check here if this is the url you want to exclude
if (HttpContext.Current.Request.Url.OriginalString.ToLowerInvariant().EndsWith("something")) {
return;
}
// your initialization here that should not be executed for clients accessing the site using the above url
}
As you can see, you can access the Request object, and perform your check there, depending on your requriements.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
Scenario- After request validation, I will need to
Call database and update the record. Based on a certain condition on the execution of this database call and request data, I will be calling Service1.
Upon performing this step, I will call another database and update record from the request.
At last I will call audit service to save the transaction details.
This can be achievable in normal code structure. But I am pretty confident there will be plug and play after step 1 or 2, i.e., a database/service call will be introduced in next release after step 1/step 2 (TBD).
I decided to opt for Chain of Responsibility.
Problems
Where ever the operation breaks/exception is generated, code should stop its execution.
Under single Logging object, I am having difficulty to handle the sequential call.
For step 1’s conditional service call, the dynamic modification of the chain of operations is bit complex, as I have to rely on single data type return from the AbstractionHandler.
Is there any alternative design pattern that I can follow?
You have a scenario in which you have a sequence of operations that may or may not occur based on the result of previous operations.
In my opinion you choosing the right pattern, Chain of Responsibility will be a good choice.
You just need to adapt the classic implementaion that allows passing the request along the chain of potential handlers until one of them handles request.
Basicaly, you can change the implementation of each operation so that when its condition is valid, it executes its own logic and returns the result for the next operation in the chain.
So where ever the operation fail, you should't throw exceptions because exceptions must be used for exceptional conditions (any condition that your normal logical flow does not handle); therefore, within a chain of responsibility it is expect that some operation could return a signal to interrupt the chain (expected result).
Considering that, in my opinion you shouldn't throw an exception in this situation. Instead, you should return a controlled signal to stop the flow of the chain.
Regards,
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
I'm working with Anonymous Pipes to be able to communicate between 2 applications. I have 3 classes. A base class Node which holds the incoming and outgoing streams and methods like Read and Write. Deriving from this class are Client and Server. They each initialize respectively their AnonymousPipeClientStream and AnonymousPipeServerStream and have a method to sync with each other.
Having above code allows me to communicate between the 2 applications. I start the "server" application. This application starts the "client".
When both applications are started I need to send some arguments from the server to the client. The client is basically waiting for messages from the server. On the server I need to start the reading of the arguments on the client, then send the arguments and end the reading on the client so it's free to start another task. To do this I simply need to
write the start command,
write the arguments,
write the end command and
wait for the client to confirm the task is finished.
public void ServerStartClientTask()
{
Write(ReadInputs); // (1)
Write(Arg1); // (2)
Write(Arg2); // (2)
Write(ReadInputs); // (3)
while (WaitFor(ReadInputs)); // (4)
}
This is "straightforward" when you're the writer of the code (in my opinion) and is the convention how communication with the client has to happen. I wanted to make it more clear for myself and my colleagues so I came up with the following:
public void StartClientTask(Flag flag)
{
Write(flag);
}
public void EndClientTask(Flag flag)
{
Write(flag);
while (WaitFor(flag)) { }
}
public void ServerStartClientTask()
{
StartClientTask(ReadInputs); // (1)
Write(Arg1); // (2)
Write(Arg2); // (2)
EndClientTask(ReadInputs); // (3) and (4)
}
This code merely wraps code into another method to make it more readable how the communication is dome with the client.
Now for the question.
This example is not limiting to my question but just the use case I have now and to introduce my question. Is doing this wrapping of code with just other names a good or bad practice? Both examples work perfectly fine, they're just written differently. Is there a benefit to doing the 2nd approuch or would you rather just write a comment at (1), (3) and (4) in the 1st example?
In my opinion this is a very good practice and I use it all the time.
Makes the code very readable for other developers.
this way I rarely have to use comments inside my methods because the names of the methods explain what is happening.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
I have hard time finding the best way to deal with default values, when deserializing json into a class model in my AspNetCore WebApi.
Whenever a client makes a PUT request to the api, how should i figure out if a property was set to null in the request - or not set at all in the request?
At this moment I use the [FromBody] Attribute for deserialization into a class type, along with ModelValidation for requiring fields etc. But once the json request has been deserialized, how can i tell if eg. a "string name" property was explicitly set to null, or not set at all in the json requst, but defaulted to null?
It the case it was not set at all, i don't want to change the state of the actual model being saved in DB, for that property.
The problem arises when a client uses PUT, and a new field has been implemented, which the client does not know about. I don't want clients overwriting a "new" value to null, that they have no intention of setting in the first place.
Is there any standard or best practice for handling this? I can't imagine i'm the only one with this problem. Implementing my own json deserializer, or, implementing versioning for the endpoint for the sake of adding an additional field, seems a bit over the top.. And coordinating a deploy for all the clients at the same time (where the handling of the new property/value is handled), is not an option either.
All suggestions appreciated.
Regards Frederik
I think you're not using proper HTTP method and that is source of your problem. HTTP PUT means that you want to overwrite resource at request url with what is in request body. And because C# doesn't have undefined then it cannot differentiate NULL from not provided property.
If you need to do partial modification then you should use PATCH instead
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
As seen here Programmatic MSIL injection or here http://www.codeproject.com/Articles/463508/NET-CLR-Injection-Modify-IL-Code-during-Run-time you can modify IL code at runtime using some tricky injections.
My question is : how to prevent that? For instance, if someone use that to bypass a security feature, how can i avoid that security hole?
how to prevent that?
You can't, as far as I understand. But you can do make it not easy.
In the simple case, you don't even need to inject IL. You can do IL weaving to modify the assembly. For example, you can find the login method ant delete the original IL code and simply return true, or you can jump to your own login method.
public bool Login(string userName)
{
// original method did security checks
// and return true if the user is authorized
// your implementation can return true or jump to other method
}
For this you must to do it when the application is not running, you modifying the assembly itself. You can do it with mono.cecil and you can look on StaticProxy.Fody for example.
The other case is inject code to running assembly. and this is divide to two cases:
When the code isn't jitted\ngen'd
When the code is jitted\ngen'd
For the first case is more easy, You still have the IL of each method and you inject your own IL instructions.
The second case is more complex because the Jitter redirect the IL pointer to the machine code.
For two of them you can see a bunch of articles\libraris to make the inject work.
Codecope
Article 1
Article 2
But even if you however make it impossible to inject, you still not protected. Because you can modify the bytes itself. See this article for details.
For all above method, there is cases when it more complex to do the work. For example, Generics, DynamicMethods, prevent load assemblies to your process (which is needed in some cases).
To summarize, you can do it very hardly to inject your code but not prevent it.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
How to load index page with QueryString in asp.net? I know that we can redirect to a particular page with QueryString, but what I want is to load first page with some querystring.
If you are setting start action in Property pages of your application then you can follow following steps
1) right click on your project in solution explores
2) Go to Property pages
3) Set start action to 'Specific Page' and value = "index.aspx?a=22"
A very simple way to make it work on both local and remote enviroments is to, at page_load(), detect if the desired QueryString content is present.
If not, Use Response.Redirect pointing to the current page with the added QueryString parameters. Example follows:
if (Request.QueryString["QSEntry"] == null)
Response.Redirect("Page.aspx?QSEntry=desiredValue");
Pro: It'll work the way you want.
Con: You're actually loading the page twice (first time it's a parameterless load), so don't forget to take that into consideration.