Articles : Page 1 of 1
-
Dynamic JSON Parsing in .NET with JsonValue
Mar 1219So System.Json has been around for a while in Silverlight, but it's relatively new for the desktop .NET framework and now moving into the lime-light with the pending release of ASP.NET Web API which is bringing a ton of attention to server side JSON usage. The JsonValue, JsonObject and JsonArray objects are going to be pretty useful for Web API applications as they allow you dynamically create and parse JSON values without explicit .NET types to serialize from or into. But even more so I think...
-
Preventing CSRF With Ajax
Oct 1111A long while ago I wrote about the potential dangers of Cross-site Request Forgery attacks, also known as CSRF or XSRF. These exploits are a form of confused deputy attack. Screen grab from The Police Academy movie.In that post, I covered how ASP.NET MVC includes a set of anti-forgery helpers to help mitigate such exploits. The helpers include an HTML helper meant to be called in the form that renders a hidden input, and an attribute applied to the controller action to protect. These helpers...
-
What’s the Difference Between a Value Provider and Model Binder?
Jun 1130ASP.NET MVC 3 introduced the ability to bind an incoming JSON request to an action method parameter, which is something I wrote about before. For example, suppose you have the following class defined (keeping it really simple here): public class ComicBook { public string Title { get; set; } public int IssueNumber { get; set; } } And you have an action method that accepts an instance of ComicBook: [HttpPost] public ActionResult Update(ComicBook comicBook) { // Do something with ComicBo...
- 1
