IS AllStars Login
Keywords
 Location

Investigating the new ASP.NET MVC vs Web Forms and Silverlight


Blog Date: 4/21/2009
 

Recent Blogs

 << Back
Model Views: MVP, MVC, MVVM design patterns 1/12/2009
Agile Development Methodologies History 1/13/2009
Build automation, Perforce, Visual Studio .NET 1/15/2009
 More Blogs...

I've started to look into the new ASP.NET MVC framework and it's really nice.

My problems with Silverlight is that it requires users to install Silverlight onto their browser. And let's face it: unless you're a techie geek, you are probably like "what is this silverlight junk. it's got a fancy logo, but what does it do?"

ASP.NET MVC is great because it goes back to the original model of classic ASP where you have the flexibility of implementing your own controls and finer degree of control of the HTML it renders. It does not use ViewState or ASPX pages. It uses REST to build routing tables to route your request to a Controller's set of functions. It then uses "Views" to render the expected results.

The biggest issue I'm seeing right now is with security. Because the built-in Form Validation of ASP.NET web forms is not built-in, you have to build your own security for cross-site scripting attacks and sql injection. There are many articles about how to resolve most of those issues. And they all say, hey, use:

Server.HtmlEncode(givenValue);

But, c'mon, that won't resolve everything. Let's hope people are a little smarter now and know how to protect against that. That's a big "hope".

Scott Guthrie creates a nice write-up tutorial about how to build an MVC application along with a sample application. Writes in his blog:

NerdDinner ASP.NET MVC Tutorial

The tutorial starts by using the File->New Project command in Visual Studio to create a brand new ASP.NET MVC project, and then incrementally adds functionality and features.  Along the way it covers how to:

  • Create a database
  • Build a model with validation and business rules
  • Implement data listing/details UI on a site using Controllers and Views
  • Enable CRUD (Create, Update, Delete) data form entry
  • Use the ViewModel pattern to pass information from a Controller to a View
  • Re-use UI across a site using partials and master pages
  • Implement efficient data paging
  • Secure an application using authentication and authorization
  • Use AJAX to deliver dynamic updates
  • Use AJAX to add interactive map support
  • Perform automated unit testing (including dependency injection and mocking)

You can read more about it here:
http://weblogs.asp.net/scottgu/archive/2009/03/10/free-asp-net-mvc-ebook-tutorial.aspx



5/5/2009 8:01:02 PM
Home | Job Search | Career Tools | Blog | Tech News | Contact | Site Map