For many developers out in the .Net community it was ASP.Net that initially drove them to switch from some other platform. This was most likely due to the much enhanced programming model that ASP.Net provided and the improvements in performance that were promised and delivered. However, although the ASP.Net platform is a highly robust and scalable system you should still be aware of a few tricks of the trade that may help you increase your performance on your web application.
During my years of working with .Net I have learned many things on how to properly deal with certain situations that arise. Hopefully, you will find this information useful.
Best Practice #1
It is usually a good idea to set the SmartNavigation property to true on most pages.
The reasoning:
This reduces or eliminates screen flickering during postbacks to the server. Furthermore the scroll position will be preserved.
Best Practice #2
Enable the ability for multiple postbacks when using AutoPostback controls by using a user interface device such as a button.
The reasoning:
If the user has disabled Javascript controls in their browser then there is no way for the user to submit the form unless you provide a button or other user interface device.
Best Practice #3
It is preferred to use the Server.HtmlEncode method when displaying data taken from the database to an HTML control or Web control.
The reasoning:
This makes sure that the special characters are displayed in the correct manner and prevents cross side scripting attacks.
Best Practice #4
It is always best to validate input on the client side by using a validator control. Also, make sure you also validate all data on the server side as well as unforeseen security vulnerabilities can put your server at risk.
The reasoning:
Validation of all data is a best practice in all situations. This ensures a consistent database and data integrity and the integrity of your website.
Best Practice #5
It is usually a best practice to make sure the client is still connected during a time consuming task. This can be accomplished using the Response.IsClientConnected method during a known time consuming task.
The reasoning:
This method allows you to check to see if the client is still connected to the server. If the client is no longer connected you can then use the Response.End method to end the session and free up resources.
Best Practices #6
It is usually a good practice to avoid the use of hidden fields in order to store data between page postbacks.
The reasoning:
There are few very good reasons for storing potentially sensitive information using hidden fields. These do not store data in an encrypted manner or can store any significant amounts of data.
Best Practice #7
It is usually a good practice to store data taken from either files or a database in the ASP.Net cache object if the data does not change much over a period of time and can be shared with multiple users on the webpage.
The reasoning:
By storing and caching the data taken from a file or database you increase the performance and scalability of your application.
Best Practice #8
It is a best practice to use a Global error handler in the Global.asax file of your application.
The reasoning:
This allows you to recover properly from unexpected exceptions in the current application. Also this may allow you to implement a common error recovery mechanism for your web application.
Best Practice #9
It is always best to never use the Off attribute when setting the <custom errors> attribute in the web.config file of your application when it resides on a production server viewable by the outside.
The reasoning:
Doing this will enable unauthorized visitors to view potentially sensitive information about your application thereby increasing the security risk that your website can be attacked from outside visitors.
Best Practice #10
It is always best to set your application tracing in the web.config file rather than using the @Page directive on individual aspx pages.
The reasoning:
This allows you to enable application level tracing for the entire application rather than for each individual page of your website.