Category: ASP.NET

Block access to images from other websites

In ASP.NET you can write HTTP Modules to perform actions inside the request pipeline before the request is being finally processed. In this example we use an HTTP Module to check whether the REFERER header matches our website. If it doesn’t then we won’t allow access to the resources. By doing this we can simply

Running a background thread inside an ASP.NET website

When most people think of a web site or web application they think of something that respond to user navigations. The site has a life cycle that begins when the call comes in and ends when the response has been returned. Between these users calls the site is dead. But in reality it’s possible to

Extend MVC controller to support Toastr messages

In an earlier post I showed how to create an MVC wrapper for Toastr, a JavaScript library used for displaying user messages in the web browser. In the post I mentioned that there are two ways to make it possible to call an AddToastMessage function directly from the action methods in the controller: Implement an

Create an MVC wrapper for Toastr

Toastr is a great little library for creating user messages on your website. It’s written in JavaScript and is as such platform independent. But if you’re like me (mainly working in ASP.NET MVC) then creating a server side extension to get messaging support directly in your controllers, could be something to consider. The code shown

Using Json.NET as default JSON serializer in MVC

Returning JSON from an MVC action method is very easy. Just look at this simple example: public JsonResult GetItemData(int itemId) { // …things to do… var response = new { result = “ok” }; return Json(response); } Serialization of the object into JSON is taken care of by ASP.NET in the background and you can

Implement a complex type in MVC4 and EF

When you create models in Entity Framework you have the possibility to generalize parts of it into reusable types by adding the ComplexType attribute. To illustrate I have a made up example of an access definition type that can be used on many different user-to-something connections to define what kind of access the user has.

Security in MVC4

Traditional security in web applications has focused on securing a file or folder through web.config. The problem with this security model is that a path is unreliable when using routing. Two different routes can lead to the same function and thus both routes need to be secured. This opens up for security holes. When looking

%d bloggers like this: