Social Icons

Thursday, 20 June 2013

How to use ViewState in Asp.net with example

ViewState in Asp.Net

Introduction:

In my previous articles i explained Asp.Net Ajax Tutorial,difference between web.config and machine.config,Working or Consuming three tier architecture in .Net Applicaiton and various articles regarding Asp.Net and WPF. Now i will explain what is ViewState in Asp.Net,when to use viewstate, advantages and disadvantages of viewstate,Enabling and disabling viewstate and enableviewstate vs ViewStateMode etc.

Description:

It is the one of the client- side statemanagement techniques in Asp.Net. Web Forms page provides built - in property ViewState for automatically retaining the values between multiple page requests for the same page. we can say it is the process of tracking the values of the controls on the page for multiple requests for the same page. We can also add custom values to ViewState. Asp.Net Framework automatically takes care of storing controls information in viewstate and retrieving it before rendering on postback.
       ViewState uses Hiddenfield to store information in key/value format. The value stored in encrypted format.
If you open the pagesource it will look like this

Enable/Disable ViewState:

We can control the enabling and disabling the viewstate at three level i.e control level, page level and from web.config. By default this property is enabled. To disable at page level and control level Use EnableViewState Property set it to false.
 To configure ViewState from Web.Config use ViewStateEncryptionMode property which has Values always and none.



You can disable EnableViewState at page level in page directive as follows

ViewStateMode in Asp.Net ViewState:

 In Framework 4.0  a new property ViewStateMode is introduced for viewstate. Prior to Asp.Net 4.0 we use EnableViewState property. Now we can use both of these.
 ViewStateMode property allows us to disable viewstate at parent level and enable it in child level using EnableViewState Property. Both of these properties allow you disable viewstate at parent level and enable it in child level.
     If we disable the viewstate on the page then it will decrease the server processing and page size.

Advantages of ViewState in Asp.Net:

  • Easily understandable and implementable.
  • No server resource required.
  • Enhanced security features like it can be encoded and decoded automatically.

Disadvantages of Viewstate in Asp.Net:

  • Performance overhead if we need to store large data in viewstate as the values are stored in the page.
  • Security. As values are stored in hidden field in encrypted format then it can easily trapped if they see the pagesource.

How to make viewstate secured in Asp.Net:

You can secure viewstate in two different ways
  • By using "hash codes". This code is cryptographically strong checksum. You can do this by using EnableViewStateMAC=true in page directive of page. MAC stands for "Message Authentication Code".  When we set this property then viewstate uses hashcode. While storing viewstate information in hidden fields this hashcode is added to viewstate and during postback it checks with checksum existence if mismatch found postback is rejected.
  • Second one is using ViewStateEcryptionMode Property. Set this property to Always So that always viewstate encrypts the data.
  ViewStateEncryptionMode had three properties Always, Auto, Never.
  • Always: Encrypts viewstate information always
  • Auto : Encrypts only if any control requests for encryption
  • Never: Never attempts to encrypt viewstate information.
We can set these settings in web.config configuration file 


Conclusion:

 I hope you got information regarding what is viewstate, how to use viewstate, How viewstate works in asp.net,advantages,disadvantages and how to secure viewstate in asp.net. I would like to have feedback on this post from you.

Viewstate Examples:

1 comment:

Please Give your Valuable Suggestions,Questions and Comments to improve my blog.