Professional Documents
Culture Documents
C H A P T e R 1
C H A P T e R 1
Introducing ASP.NET 4
Lesson 1: Understanding Web Communications
Like all client-server applications, web applications have two distinct components:
■ Client Also known as the front-end interface, the web browser presents the user interface, accepts user
input, and sends data to the server for processing.
■ Server Also known as the back end, the web server responds to requests from clients for specific pages.
It responds with an HTML page that includes instructions for how to generate the user interface.
The web browser (the client) and the web server communicate by using Hypertext Transfer
Protocol (HTTP), a text-based network protocol assigned to TCP port 80. If the server has a certificate, the
client and server can use HTTP Secure (HTTPS) to authenticate the server and encrypt communications.
HTTPS is assigned to TCP port 443.
The web server uses HTTP to send a response back to the web browser. If the request was
processed successfully, the web server returns the HTTP status code 200, along with an HTML document.
If the server cannot find the page, it returns the code 404. If the user requests an outdated or relocated
page, the server returns the code 302 and the new URL so that the browser can access the correct page.
This is known as redirection. Several other responses are possible as well, depending on the particular
situation.
The second line of the response indicates the type of web server (Server: Microsoft-IIS/6.0). The
third line (Content-Type) indicates the type of resource that is being sent to the web browser as part of
the response. This indicator is in the form of a Multipurpose Internet Mail Extensions (MIME) type. In this
example (Content-Type: text/html), the file is an HTML text file. The MIME type is a two-part designator
that is shown as type/subtype, in which the first part is the resource type (text, in this example) and the
second part is the resource subtype (html, in this example).
The next line is content length (Content-Length: 38 in this example). This simply indicates the size
of the content (in “octets,” or 8-bit bytes) that follows. After the Content-Length line, the response
message is returned. The browser attempts to process the content based on its MIME type. For example,
it interprets HTML for HTML MIME types and shows a picture for image MIME types.
The method attribute of the form tag indicates the HTTP command (POST) to use when sending the
request to the server. The action attribute is the relative URL of the page to which the request will be
sent.
There are two HTTP commands that can be used to submit the form data to the web server: GET
and POST. When the GET command is used, the form data is appended to the URL as part of the query
string. The query string is a collection of key–value pairs, separated by an ampersand (&) character. The
start of the query string is indicated by a question mark (?). The following provides an example.
GET /getCustomer.aspx?Id=123&color=blue
HTTP/1.1
Host: www.northwindtraders.com
In this example, a GET request is made to the web server for a webpage called getCustomer.aspx
on the root of the website (indicated by the forward slash). The query string contains the form data
following the question mark (?).
When the GET command is used to send data to the server, the complete URL and query string can be
seen and modified in the address bar of the web browser.
However, it’s not a good choice for authentication pages, because the user’s credentials would be
visible in the URL. It’s also not a good choice when the user needs to transfer large amounts of
information, because when Windows Internet Explorer and Internet Information Services (IIS) are used,
the limit for a query string is 1,024 characters (other browsers and server implementations also have
limitations, although they might not limit the length to the values IIS and Internet Explorer use).
The POST command is a better choice for submitting credentials and large amounts of data. When
the POST command is used, the data is placed into the message body of the request as follows.
POST /getCustomer.aspx HTTP/1.1
Host: www.northwindtraders.com
Id=123&color=blue
Using the POST command removes the input from the URL and overcomes size constraints.
Instead, the data is hidden in the message body.
Sending data back to the server as part of your request is often referred to as a postback in ASP.NET.
Although its name comes from the POST command, it is possible to perform a postback by using the GET
command already described. An ASP.NET webpage contains a property called IsPostBack that is used to
determine if data is being sent back to the web server or if the webpage is simply being requested.
Quick Check
1. What protocol is used to communicate between the web browser and the web server?
2. In ASP.NET, what does the Request object represent?
3. In ASP.NET, what does the Response object represent?
Quick Check Answers
1. HTTP is used for web browser and web server communication.
2. The Request object in ASP.NET wraps the communication from the web browser to the web server.
3. The Response object in ASP.NET wraps the communication from the web server to the web browser.
Lesson Summary
■ The web server is responsible for accepting requests for a resource and sending the appropriate
response.
■ The web browser is responsible for displaying data to the user, collecting data from the user, and
sending data to the web server.
■ HTTP is a text-based communication protocol that is used to communicate between web browsers and
web servers by using TCP port 80 by default.
■ Secure HTTP (HTTPS) uses TCP port 443 by default.
■ Each HTTP method indicates the desired action. The most common methods are GET and POST.
■ The process of sending data to a web server from a browser is commonly referred to as a postback in
ASP.NET programming.
■ You can troubleshoot HTTP by using a sniffer such as Microsoft Network Monitor.
Lesson Review
1. From within an ASP.NET page, you need to run a section of code only if the user has previously loaded the page
and is submitting data as part of a form. Which Page object property should you use?
A. IsCallback
B. IsReusable
C. IsValid
D. IsPostBack
Answer: D
A. Incorrect: IsCallback is generated by client-side scripts and does not involve reloading a page.
B. Incorrect: IsReusable is a standard property that indicates whether an object can be reused.
C. Incorrect: IsValid indicates whether page validation succeeded. IsValid is discussed in more detail in Chapter 5,
“Input Validation and Site Navigation.”
D. Correct: If IsPostBack is true, the page loading is the result of a form being submitted by the user. IsPostBack is
discussed in more detail in Chapter 5.
2. You are troubleshooting a problem users have when submitting information with a form. The form data does not
appear in the web browser’s address bar, but you know the web server is receiving the form data. After capturing the
web communications with a sniffer, which type of HTTP request should you examine to see the data the user
submitted?
A. PUT
B. CONNECT
C. POST
D. GET
Answer: C
A. Incorrect: The PUT command is used to add a file to a web server.
B. Incorrect: The CONNECT command is not frequently used. It is reserved for use with proxy servers under very
specific conditions.
C. Correct: The POST command is used when a browser submits the results of a form. The form data is stored as part
of the response packet.
D. Incorrect: The GET command is used to submit a form with the form data included as part of the URI.
Web applications and websites function and perform similarly, but web applications differ from websites in
several important ways. For example, with a web application:
■ You can create an MVC application.
■ Visual Studio stores the list of files in a project file (.csproj or .vbproj), rather than relying on the folder
structure.
■ You cannot mix Visual Basic and C#.
■ You cannot edit code without stopping a debugging session.
■ You can establish dependencies between multiple web projects.
■ You must compile the application before deployment, which prevents you from testing a page if another
page will not compile.
■ You do not have to store the source code on the server.
■ You can control the assembly name and version.
■ You cannot edit individual files after deployment without recompiling.
Typically, website projects are the right choice when one developer will be creating and managing a
website. Web application projects are better for enterprise environments with multiple developers and
formal processes for testing, deployment, and administration.