You are previewing Pro ASP.NET MVC 3 Framework, Third Edition.
O'Reilly logo
Pro ASP.NET MVC 3 Framework, Third Edition

Book Description

The ASP.NET MVC 3 Framework is the latest evolution of Microsoft's ASP.NET web platform. It provides a radically new high-productivity programming model that promotes cleaner code architecture, test-driven development, and powerful extensibility, combined with all the benefits of ASP.NET 4.

In this, the third edition, the core model-view-controller (MVC) architectural concepts are not simply explained or discussed in isolation, but are demonstrated in action. You'll work through an extended tutorial to create a working e-commerce web application that combines ASP.NET MVC with the latest C# language features and unit-testing best practices. By gaining this invaluable, practical experience, you'll discover MVC's strengths and weaknesses for yourself—and put your best-learned theory into practice.

The book's authors, Steve Sanderson and Adam Freeman, have both watched the growth of ASP.NET MVC since its first release. Steve is a well known blogger on the MVC Framework and a member of the Microsoft Web Platform and Tools team. Adam started designing and building web applications 15 years ago and has been responsible for some of the world's largest and most ambitious projects. You can be sure you are in safe hands.

What you'll learn

  • Gain a solid architectural understanding of ASP.NET MVC 3, including basic MVC

  • Explore the entire ASP.NET MVC Framework

  • See how MVC and test-driven development work in action

  • Capitalize on your existing knowledge quickly and easily through comparison of features in classic ASP.NET to those in ASP.NET MVC

  • Learn about the latest security and deployment issues, including those related to IIS 7

Who this book is for

This book is for web developers with a basic knowledge of ASP.NET and C# who want (or need) to start using the new ASP.NET MVC 3 Framework.

Table of Contents

  1. Copyright
  2. About the Authors
  3. About the Technical Reviewer
  4. Acknowledgments
  5. I. Introducing ASP.NET MVC 3
    1. 1. What's the Big Idea?
      1. 1.1. A Brief History of Web Development
        1. 1.1.1. Traditional ASP.NET Web Forms
        2. 1.1.2. What's Wrong with ASP.NET Web Forms?
      2. 1.2. Web Development Today
        1. 1.2.1. Web Standards and REST
        2. 1.2.2. Agile and Test-Driven Development
        3. 1.2.3. Ruby on Rails
        4. 1.2.4. Sinatra
        5. 1.2.5. Node.js
      3. 1.3. Key Benefits of ASP.NET MVC
        1. 1.3.1. MVC Architecture
        2. 1.3.2. Extensibility
        3. 1.3.3. Tight Control over HTML and HTTP
        4. 1.3.4. Testability
        5. 1.3.5. Powerful Routing System
        6. 1.3.6. Built on the Best Parts of the ASP.NET Platform
        7. 1.3.7. Modern API
        8. 1.3.8. ASP.NET MVC Is Open Source
      4. 1.4. Who Should Use ASP.NET MVC?
        1. 1.4.1. Comparisons with ASP.NET Web Forms
        2. 1.4.2. Migrating from Web Forms to MVC
        3. 1.4.3. Comparisons with Ruby on Rails
        4. 1.4.4. Comparisons with MonoRail
      5. 1.5. What's New in ASP.NET MVC 3
      6. 1.6. Summary
    2. 2. Getting Ready
      1. 2.1. Preparing the Workstation
        1. 2.1.1. Installing Visual Studio 2010
        2. 2.1.2. Installing the Essential Software
        3. 2.1.3. Installing Optional Components
          1. 2.1.3.1. MVC Framework Source Code
          2. 2.1.3.2. IIS Express
          3. 2.1.3.3. SQL Server 2008 R2 Management Studio Express
      2. 2.2. Preparing the Server
        1. 2.2.1. Enabling the Web Server Role
        2. 2.2.2. Installing Additional Components
        3. 2.2.3. Setting up Web Deployment
      3. 2.3. Getting Further Information
      4. 2.4. Summary
    3. 3. Your First MVC Application
      1. 3.1. Creating a New ASP.NET MVC Project
        1. 3.1.1. Adding the First Controller
        2. 3.1.2. Understanding Routes
      2. 3.2. Rendering Web Pages
        1. 3.2.1. Creating and Rendering a View
        2. 3.2.2. Adding Dynamic Output
      3. 3.3. Creating a Simple Data-Entry Application
        1. 3.3.1. Setting the Scene
        2. 3.3.2. Designing a Data Model
          1. 3.3.2.1. Adding a Model Class
        3. 3.3.3. Linking Action Methods
          1. 3.3.3.1. Creating the Action Method
          2. 3.3.3.2. Adding a Strongly Typed View
        4. 3.3.4. Building the Form
        5. 3.3.5. Handling Forms
          1. 3.3.5.1. Using Model Binding
          2. 3.3.5.2. Rendering Other Views
        6. 3.3.6. Adding Validation
          1. 3.3.6.1. Highlighting Invalid Fields
        7. 3.3.7. Completing the Example
      4. 3.4. Summary
    4. 4. The MVC Pattern
      1. 4.1. The History of MVC
      2. 4.2. Understanding the MVC Pattern
        1. 4.2.1. Understanding the Domain Model
        2. 4.2.2. The ASP.NET Implementation of MVC
        3. 4.2.3. Comparing MVC to Other Patterns
        4. 4.2.4. Understanding the Smart UI Pattern
          1. 4.2.4.1. Understanding the Model-View Architecture
          2. 4.2.4.2. Understanding Classic Three-Tier Architectures
          3. 4.2.4.3. Understanding Variations on MVC
            1. 4.2.4.3.1. Understanding the Model-View-Presenter Pattern
            2. 4.2.4.3.2. Understanding the Model-View-View Model Pattern
      3. 4.3. Applying Domain-Driven Development
        1. 4.3.1. Modeling an Example Domain
        2. 4.3.2. Ubiquitous Language
        3. 4.3.3. Aggregates and Simplification
        4. 4.3.4. Defining Repositories
      4. 4.4. Building Loosely Coupled Components
        1. 4.4.1. Using Dependency Injection
        2. 4.4.2. An MVC-Specific Dependency Injection Example
        3. 4.4.3. Using a Dependency Injection Container
      5. 4.5. Getting Started with Automated Testing
        1. 4.5.1. Understanding Unit Testing
          1. 4.5.1.1. Using Test-Driven Development and the Red-Green-Refactor Workflow
        2. 4.5.2. Understanding Integration Testing
      6. 4.6. Summary
    5. 5. Essential Language Features
      1. 5.1. Essential C# Features
        1. 5.1.1. Using Automatically Implemented Properties
        2. 5.1.2. Using Object and Collection Initializers
        3. 5.1.3. Using Extension Methods
          1. 5.1.3.1. Applying Extension Methods to an Interface
          2. 5.1.3.2. Creating Filtering Extension Methods
        4. 5.1.4. Using Lambda Expressions
        5. 5.1.5. Using Automatic Type Inference
        6. 5.1.6. Using Anonymous Types
        7. 5.1.7. Performing Language Integrated Queries
          1. 5.1.7.1. Understanding Deferred LINQ Queries
          2. 5.1.7.2. Repeatedly Using a Deferred Query
      2. 5.2. Understanding Razor Syntax
        1. 5.2.1. Creating the Project
          1. 5.2.1.1. Defining the Model
          2. 5.2.1.2. Defining the Controller
          3. 5.2.1.3. Creating the View
          4. 5.2.1.4. Setting the Default Route
        2. 5.2.2. Examining a Basic Razor View
          1. 5.2.2.1. Working with the Model Object
          2. 5.2.2.2. Defining Razor Code
          3. 5.2.2.3. Including Multiple Functions in a Code Block
          4. 5.2.2.4. Passing Data Using the View Bag Feature
          5. 5.2.2.5. Working with Layouts
          6. 5.2.2.6. Working Without Layouts
      3. 5.3. Summary
    6. 6. Essential Tools for MVC
      1. 6.1. Using Ninject
        1. 6.1.1. Creating the Project
          1. 6.1.1.1. Adding Ninject
        2. 6.1.2. Getting Started with Ninject
        3. 6.1.3. Creating Chains of Dependency
        4. 6.1.4. Specifying Property and Parameter Values
        5. 6.1.5. Using Self-Binding
        6. 6.1.6. Binding to a Derived Type
        7. 6.1.7. Using Conditional Binding
      2. 6.2. Applying Ninject to ASP.NET MVC
      3. 6.3. Unit Testing with Visual Studio
        1. 6.3.1. Creating the Project
        2. 6.3.2. Creating Unit Tests
        3. 6.3.3. Running the Unit Tests (and Failing)
        4. 6.3.4. Implementing the Feature
      4. 6.4. Using Moq
        1. 6.4.1. Adding Moq to the Visual Studio Project
        2. 6.4.2. Creating a Mock with Moq
          1. 6.4.2.1. Using the Moq Method Selector
          2. 6.4.2.2. Using Moq Parameter Filters
          3. 6.4.2.3. Returning a Result
        3. 6.4.3. Unit Testing with Moq
        4. 6.4.4. Verifying with Moq
      5. 6.5. Summary
    7. 7. SportsStore: A Real Application
      1. 7.1. Getting Started
        1. 7.1.1. Creating the Visual Studio Solution and Projects
        2. 7.1.2. Adding References
        3. 7.1.3. Setting Up the DI Container
        4. 7.1.4. Starting the Application
      2. 7.2. Starting the Domain Model
        1. 7.2.1. Creating an Abstract Repository
        2. 7.2.2. Making a Mock Repository
      3. 7.3. Displaying a List of Products
        1. 7.3.1. Adding a Controller
        2. 7.3.2. Adding the View
        3. 7.3.3. Setting the Default Route
        4. 7.3.4. Running the Application
      4. 7.4. Preparing a Database
        1. 7.4.1. Creating the Database
        2. 7.4.2. Defining the Database Schema
        3. 7.4.3. Adding Data to the Database
        4. 7.4.4. Creating the Entity Framework Context
        5. 7.4.5. Creating the Product Repository
      5. 7.5. Adding Pagination
        1. 7.5.1. Displaying Page Links
          1. 7.5.1.1. Adding the View Model
          2. 7.5.1.2. Adding the HTML Helper Method
          3. 7.5.1.3. Adding the View Model Data
          4. 7.5.1.4. Displaying the Page Links
        2. 7.5.2. Improving the URLs
      6. 7.6. Styling the Content
        1. 7.6.1. Defining Common Content in the Layout
        2. 7.6.2. Adding CSS Rules
        3. 7.6.3. Creating a Partial View
      7. 7.7. Summary
    8. 8. SportsStore: Navigation and Cart
      1. 8.1. Adding Navigation Controls
        1. 8.1.1. Filtering the Product List
        2. 8.1.2. Refining the URL Scheme
        3. 8.1.3. Building a Category Navigation Menu
          1. 8.1.3.1. Creating the Navigation Controller
          2. 8.1.3.2. Generating Category Lists
          3. 8.1.3.3. Creating the Partial View
          4. 8.1.3.4. Highlighting the Current Category
        4. 8.1.4. Correcting the Page Count
      2. 8.2. Building the Shopping Cart
        1. 8.2.1. Defining the Cart Entity
        2. 8.2.2. Adding the Add to Cart Buttons
        3. 8.2.3. Implementing the Cart Controller
        4. 8.2.4. Displaying the Contents of the Cart
      3. 8.3. Using Model Binding
        1. 8.3.1. Creating a Custom Model Binder
      4. 8.4. Completing the Cart
        1. 8.4.1. Removing Items from the Cart
        2. 8.4.2. Adding the Cart Summary
      5. 8.5. Submitting Orders
        1. 8.5.1. Extending the Domain Model
        2. 8.5.2. Adding the Checkout Process
        3. 8.5.3. Implementing the Order Processor
          1. 8.5.3.1. Defining the Interface
          2. 8.5.3.2. Implementing the Interface
        4. 8.5.4. Registering the Implementation
        5. 8.5.5. Completing the Cart Controller
        6. 8.5.6. Displaying Validation Errors
        7. 8.5.7. Displaying a Summary Page
      6. 8.6. Summary
    9. 9. SportsStore: Administration
      1. 9.1. Adding Catalog Management
        1. 9.1.1. Creating a CRUD Controller
        2. 9.1.2. Rendering a Grid of Products in the Repository
        3. 9.1.3. Creating a New Layout
        4. 9.1.4. Implementing the List View
        5. 9.1.5. Editing Products
          1. 9.1.5.1. Creating the Edit Action Method
          2. 9.1.5.2. Creating the Edit View
          3. 9.1.5.3. Updating the Product Repository
          4. 9.1.5.4. Handling Edit POST Requests
          5. 9.1.5.5. Displaying a Confirmation Message
          6. 9.1.5.6. Adding Model Validation
          7. 9.1.5.7. Enabling Client-Side Validation
        6. 9.1.6. Creating New Products
        7. 9.1.7. Deleting Products
      2. 9.2. Securing the Administration Features
        1. 9.2.1. Setting Up Forms Authentication
        2. 9.2.2. Applying Authorization with Filters
        3. 9.2.3. Creating the Authentication Provider
        4. 9.2.4. Creating the Account Controller
        5. 9.2.5. Creating the View
      3. 9.3. Image Uploads
        1. 9.3.1. Extending the Database
        2. 9.3.2. Enhancing the Domain Model
        3. 9.3.3. Updating the Entity Framework Conceptual Model
        4. 9.3.4. Creating the Upload User Interface Elements
        5. 9.3.5. Saving Images to the Database
        6. 9.3.6. Implementing the GetImage Action Method
        7. 9.3.7. Displaying Product Images
      4. 9.4. Summary
  6. II. ASP.NET MVC 3 in Detail
    1. 10. Overview of MVC Projects
      1. 10.1. Working with Visual Studio MVC Projects
        1. 10.1.1. Using the Internet and Intranet Application Controllers
        2. 10.1.2. Understanding MVC Conventions
          1. 10.1.2.1. Following Conventions for Controller Classes
          2. 10.1.2.2. Following Conventions for Views
          3. 10.1.2.3. Following Conventions for Layouts
      2. 10.2. Debugging MVC Applications
        1. 10.2.1. Creating the Project
        2. 10.2.2. Launching the Visual Studio Debugger
        3. 10.2.3. Causing the Visual Studio Debugger to Break
          1. 10.2.3.1. Using Breakpoints
          2. 10.2.3.2. Breaking on Exceptions
        4. 10.2.4. Using Edit and Continue
          1. 10.2.4.1. Enabling Edit and Continue
          2. 10.2.4.2. Modifying the Project
          3. 10.2.4.3. Editing and Continuing
      3. 10.3. Project-Wide Dependency Injection
      4. 10.4. Summary
    2. 11. URLs, Routing, and Areas
      1. 11.1. Introducing the Routing System
        1. 11.1.1. Creating the Routing Project
        2. 11.1.2. Introducing URL Patterns
        3. 11.1.3. Creating and Registering a Simple Route
        4. 11.1.4. Defining Default Values
        5. 11.1.5. Using Static URL Segments
        6. 11.1.6. Defining Custom Segment Variables
          1. 11.1.6.1. Using Custom Variables as Action Method Parameters
        7. 11.1.7. Defining Optional URL Segments
        8. 11.1.8. Defining Variable-Length Routes
        9. 11.1.9. Prioritizing Controllers by Namespaces
        10. 11.1.10. Constraining Routes
          1. 11.1.10.1. Constraining a Route Using a Regular Expression
          2. 11.1.10.2. Constraining a Route to a Set of Specific Values
          3. 11.1.10.3. Constraining a Route Using HTTP Methods
          4. 11.1.10.4. Defining a Custom Constraint
        11. 11.1.11. Routing Requests for Disk Files
        12. 11.1.12. Bypassing the Routing System
      2. 11.2. Generating Outgoing URLs
        1. 11.2.1. Preparing the Project
        2. 11.2.2. Generating Outgoing URLs in Views
          1. 11.2.2.1. Targeting Other Controllers
          2. 11.2.2.2. Passing Extra Values
          3. 11.2.2.3. Specifying HTML Attributes
          4. 11.2.2.4. Generating Fully Qualified URLs in Links
          5. 11.2.2.5. Generating URLs (and Not Links)
          6. 11.2.2.6. Generating Links and URLs from Routing Data
        3. 11.2.3. Generating Outgoing URLs in Action Methods
        4. 11.2.4. Generating a URL from a Specific Route
      3. 11.3. Customizing the Routing System
        1. 11.3.1. Creating a Custom RouteBase Implementation
          1. 11.3.1.1. Routing Incoming URLs
          2. 11.3.1.2. Generating Outgoing URLs
        2. 11.3.2. Creating a Custom Route Handler
      4. 11.4. Working with Areas
        1. 11.4.1. Creating an Area
        2. 11.4.2. Populating an Area
        3. 11.4.3. Resolving the Ambiguous Controller Issue
        4. 11.4.4. Generating Links to Actions in Areas
      5. 11.5. URL Schema Best Practices
        1. 11.5.1. Make Your URLs Clean and Human-Friendly
        2. 11.5.2. GET and POST: Pick the Right One
      6. 11.6. Summary
    3. 12. Controllers and Actions
      1. 12.1. Introducing the Controller
        1. 12.1.1. Preparing the Project
        2. 12.1.2. Creating a Controller with IController
        3. 12.1.3. Creating a Controller by Deriving from the Controller Class
      2. 12.2. Receiving Input
        1. 12.2.1. Getting Data from Context Objects
        2. 12.2.2. Using Action Method Parameters
          1. 12.2.2.1. Understanding How Parameters Objects Are Instantiated
          2. 12.2.2.2. Understanding Optional and Compulsory Parameters
          3. 12.2.2.3. Specifying Default Parameter Values
      3. 12.3. Producing Output
        1. 12.3.1. Understanding Action Results
        2. 12.3.2. Returning HTML by Rendering a View
        3. 12.3.3. Passing Data from an Action Method to a View
          1. 12.3.3.1. Providing a View Model Object
          2. 12.3.3.2. Passing Data with the ViewBag
          3. 12.3.3.3. Passing Data with View Data
        4. 12.3.4. Performing Redirections
          1. 12.3.4.1. Redirecting to a Literal URL
          2. 12.3.4.2. Redirecting to a Routing System URL
          3. 12.3.4.3. Redirecting to an Action Method
        5. 12.3.5. Returning Text Data
        6. 12.3.6. Returning XML Data
        7. 12.3.7. Returning JSON Data
        8. 12.3.8. Returning Files and Binary Data
          1. 12.3.8.1. Sending a File
          2. 12.3.8.2. Sending a Byte Array
          3. 12.3.8.3. Sending the Contents of a Stream
        9. 12.3.9. Returning Errors and HTTP Codes
          1. 12.3.9.1. Sending a Specific HTTP Result Code
          2. 12.3.9.2. Sending a 404 Result
          3. 12.3.9.3. Sending a 401 Result
        10. 12.3.10. Creating a Custom Action Result
      4. 12.4. Summary
    4. 13. Filters
      1. 13.1. Using Filters
        1. 13.1.1. Introducing the Four Basic Types of Filters
        2. 13.1.2. Applying Filters to Controllers and Action Methods
        3. 13.1.3. Using Authorization Filters
          1. 13.1.3.1. Creating an Authentication Filter
          2. 13.1.3.2. Using the Built-in Authorization Filter
            1. 13.1.3.2.1. Implementing a Custom Authorization Policy
            2. 13.1.3.2.2. Implementing a Custom Authorization Failure Policy
        4. 13.1.4. Using Exception Filters
          1. 13.1.4.1. Creating an Exception Filter
          2. 13.1.4.2. Using the Built-In Exception Filter
        5. 13.1.5. Using Action and Result Filters
          1. 13.1.5.1. Implementing the OnActionExecuting Method
          2. 13.1.5.2. Implementing the OnActionExecuted Method
          3. 13.1.5.3. Implementing a Result Filter
          4. 13.1.5.4. Using the Built-In Action and Result Filter Class
        6. 13.1.6. Using Other Filter Features
          1. 13.1.6.1. Filtering Without Attributes
          2. 13.1.6.2. Using Global Filters
          3. 13.1.6.3. Ordering Filter Execution
        7. 13.1.7. Using the Built-in Filters
          1. 13.1.7.1. Using the RequireHttps Filter
          2. 13.1.7.2. Using the OutputCache Filter
      2. 13.2. Summary
    5. 14. Controller Extensibility
      1. 14.1. Request Processing Pipeline Components
      2. 14.2. Creating a Controller Factory
        1. 14.2.1. Defining a Custom Controller Factory
        2. 14.2.2. Registering a Custom Controller Factory
      3. 14.3. Working with the Built-In Controller Factory
        1. 14.3.1. Prioritizing Namespaces
        2. 14.3.2. Customizing DefaultControllerFactory Controller Creation
          1. 14.3.2.1. Using the Dependency Resolver
          2. 14.3.2.2. Using a Controller Activator
          3. 14.3.2.3. Overriding DefaultControllerFactory Methods
      4. 14.4. Creating a Custom Action Invoker
      5. 14.5. Using the Built-In Action Invoker
        1. 14.5.1. Using a Custom Action Name
        2. 14.5.2. Using Action Method Selection
          1. 14.5.2.1. Creating a Custom Action Method Selector
          2. 14.5.2.2. Handling Unknown Actions
        3. 14.5.3. Using Action Method Selectors to Support REST Services
          1. 14.5.3.1. Overriding HTTP Methods
          2. 14.5.3.2. Overriding HTTP Methods in an MVC HTML Form
      6. 14.6. Improving Performance with Specialized Controllers
        1. 14.6.1. Using Sessionless Controllers
          1. 14.6.1.1. Managing Session State in a Custom IControllerFactory
          2. 14.6.1.2. Managing Session State Using DefaultControllerFactory
        2. 14.6.2. Using Asynchronous Controllers
          1. 14.6.2.1. Creating an Asynchronous Controller
            1. 14.6.2.1.1. Creating the Async and Completed Methods
            2. 14.6.2.1.2. Starting Asynchronous Tasks
            3. 14.6.2.1.3. Finishing Asynchronous Tasks
            4. 14.6.2.1.4. Passing Parameters from the Async to the Completed Method
            5. 14.6.2.1.5. Managing Timeouts
            6. 14.6.2.1.6. Aborting Asynchronous Operations
          2. 14.6.2.2. Using the .NET Asynchronous Programming Pattern
          3. 14.6.2.3. Deciding When to Use Asynchronous Controllers
      7. 14.7. Summary
    6. 15. Views
      1. 15.1. Creating a Custom View Engine
        1. 15.1.1. Creating a Custom IView
        2. 15.1.2. Creating an IViewEngine Implementation
        3. 15.1.3. Registering a Custom View Engine
      2. 15.2. Working with the Razor Engine
        1. 15.2.1. Understanding Razor View Rendering
        2. 15.2.2. Adding Dependency Injection to Razor Views
        3. 15.2.3. Configuring the View Search Locations
      3. 15.3. Adding Dynamic Content to a Razor View
        1. 15.3.1. Using Inline Code
          1. 15.3.1.1. Importing Namespaces into a View
            1. 15.3.1.1.1. Adding a @using Tag to a View
            2. 15.3.1.1.2. Adding a Namespace to Web.config
          2. 15.3.1.2. Understanding Razor HTML String Encoding
          3. 15.3.1.3. Using Dynamically Typed Views
      4. 15.4. Using HTML Helpers
        1. 15.4.1. Creating an Inline HTML Helper
        2. 15.4.2. Creating an External Helper Method
        3. 15.4.3. Using the Built-in HTML Helpers
          1. 15.4.3.1. Creating Forms
          2. 15.4.3.2. Using Input Helpers
          3. 15.4.3.3. Using Strongly Typed Input Helpers
          4. 15.4.3.4. Creating Select Elements
          5. 15.4.3.5. Creating Links and URLs
          6. 15.4.3.6. Using the WebGrid Helper
          7. 15.4.3.7. Using the Chart Helper
          8. 15.4.3.8. Using Other Built-In Helpers
      5. 15.5. Using Sections
        1. 15.5.1. Testing For Sections
        2. 15.5.2. Rendering Optional Sections
      6. 15.6. Using Partial Views
        1. 15.6.1. Creating a Partial View
        2. 15.6.2. Using Strongly Typed Partial Views
      7. 15.7. Using Child Actions
        1. 15.7.1. Creating a Child Action
        2. 15.7.2. Rendering a Child Action
      8. 15.8. Summary
    7. 16. Model Templates
      1. 16.1. Using Templated View Helpers
        1. 16.1.1. Styling Generated HTML
        2. 16.1.2. Using Model Metadata
          1. 16.1.2.1. Using Metadata to Control Editing and Visibility
          2. 16.1.2.2. Using Metadata for Labels
          3. 16.1.2.3. Using Metadata for Data Values
          4. 16.1.2.4. Using Metadata to Select a Display Template
          5. 16.1.2.5. Applying Metadata to a Buddy Class
        3. 16.1.3. Working with Complex Type Parameters
      2. 16.2. Customizing the Templated View Helper System
        1. 16.2.1. Creating a Custom Editor Template
        2. 16.2.2. Creating a Custom Display Template
        3. 16.2.3. Creating a Generic Template
        4. 16.2.4. Replacing the Built-in Templates
        5. 16.2.5. Using the ViewData.TemplateInfo Property
          1. 16.2.5.1. Respecting Data Formatting
          2. 16.2.5.2. Working with HTML Prefixes
        6. 16.2.6. Passing Additional Metadata to a Template
      3. 16.3. Understanding the Metadata Provider System
        1. 16.3.1. Creating a Custom Model Metadata Provider
        2. 16.3.2. Customizing the Data Annotations Model Metadata Provider
      4. 16.4. Summary
    8. 17. Model Binding
      1. 17.1. Understanding Model Binding
      2. 17.2. Using the Default Model Binder
        1. 17.2.1. Binding to Simple Types
        2. 17.2.2. Binding to Complex Types
          1. 17.2.2.1. Specifying Custom Prefixes
          2. 17.2.2.2. Selectively Binding Properties
        3. 17.2.3. Binding to Arrays and Collections
          1. 17.2.3.1. Binding to Collections of Custom Types
          2. 17.2.3.2. Binding to Collections with Nonsequential Indices
          3. 17.2.3.3. Binding to a Dictionary
      3. 17.3. Manually Invoking Model Binding
        1. 17.3.1. Restricting Binding to a Specific Data Source
        2. 17.3.2. Dealing with Binding Errors
      4. 17.4. Using Model Binding to Receive File Uploads
      5. 17.5. Customizing the Model Binding System
        1. 17.5.1. Creating a Custom Value Provider
        2. 17.5.2. Creating a Dependency-Aware Model Binder
        3. 17.5.3. Creating a Custom Model Binder
        4. 17.5.4. Creating Model Binder Providers
        5. 17.5.5. Using the ModelBinder Attribute
      6. 17.6. Summary
    9. 18. Model Validation
      1. 18.1. Creating the Project
      2. 18.2. Explicitly Validating a Model
      3. 18.3. Displaying Validation Messages
        1. 18.3.1. Displaying Property-Level Validation Messages
      4. 18.4. Using Alternative Validation Techniques
        1. 18.4.1. Performing Validation in the Model Binder
        2. 18.4.2. Specifying Validation Rules Using Metadata
          1. 18.4.2.1. Creating a Custom Property Validation Attribute
          2. 18.4.2.2. Creating a Model Validation Attribute
        3. 18.4.3. Defining Self-validating Models
        4. 18.4.4. Creating a Custom Validation Provider
          1. 18.4.4.1. Registering a Custom Validation Provider
      5. 18.5. Performing Client-Side Validation
        1. 18.5.1. Enabling and Disabling Client-Side Validation
        2. 18.5.2. Using Client-Side Validation
        3. 18.5.3. Understanding How Client-Side Validation Works
        4. 18.5.4. Customizing Client-Side Validation
          1. 18.5.4.1. Explicitly Creating Validation HTML Attributes
          2. 18.5.4.2. Creating Model Attributes That Support Client-Side Validation
          3. 18.5.4.3. Creating Custom Client-Side Validation Rules
      6. 18.6. Performing Remote Validation
      7. 18.7. Summary
    10. 19. Unobtrusive Ajax
      1. 19.1. Using MVC Unobtrusive Ajax
        1. 19.1.1. Creating the Project
        2. 19.1.2. Enabling and Disabling Unobtrusive Ajax
        3. 19.1.3. Using Unobtrusive Ajax Forms
        4. 19.1.4. Understanding How Unobtrusive Ajax Works
      2. 19.2. Setting Ajax Options
        1. 19.2.1. Ensuring Graceful Degradation
        2. 19.2.2. Providing the User with Feedback While Making an Ajax Request
        3. 19.2.3. Prompting the User Before Making a Request
      3. 19.3. Creating Ajax Links
        1. 19.3.1. Ensuring Graceful Degradation for Links
      4. 19.4. Working with Ajax Callbacks
      5. 19.5. Working with JSON
        1. 19.5.1. Adding JSON Support to the Controller
        2. 19.5.2. Processing JSON in the Browser
        3. 19.5.3. Detecting Ajax Requests in the Action Method
        4. 19.5.4. Receiving JSON Data
      6. 19.6. Summary
    11. 20. jQuery
      1. 20.1. Creating the Project
      2. 20.2. Referencing jQuery
      3. 20.3. Writing jQuery Code
        1. 20.3.1. Creating a jQuery Sandbox
          1. 20.3.1.1. Using Firefox
          2. 20.3.1.2. Using Chrome
      4. 20.4. Basic jQuery Theory
        1. 20.4.1. Understanding jQuery Selectors
          1. 20.4.1.1. Using Attribute Selectors
        2. 20.4.2. Using jQuery Filters
          1. 20.4.2.1. Using Content Filters
          2. 20.4.2.2. Using Form Filters
        3. 20.4.3. Understanding jQuery Methods
        4. 20.4.4. Waiting for the DOM
        5. 20.4.5. Using jQuery CSS Methods
        6. 20.4.6. Working with the DOM
      5. 20.5. Using jQuery Events
      6. 20.6. Using jQuery Visual Effects
      7. 20.7. Using jQuery UI
        1. 20.7.1. Referencing jQuery UI
        2. 20.7.2. Making Better Buttons
        3. 20.7.3. Using a Slider
      8. 20.8. Summary
  7. III. Delivering Successful ASP.NET MVC 3 Projects
    1. 21. Security and Vulnerability
      1. 21.1. All Input Can Be Forged
        1. 21.1.1. Forging HTTP Requests
      2. 21.2. Cross-Site Scripting and HTML Injection
        1. 21.2.1. Understanding an XSS Vulnerability
        2. 21.2.2. Razor HTML Encoding
        3. 21.2.3. Request Validation
          1. 21.2.3.1. Disabling Request Validation
        4. 21.2.4. JavaScript String Encoding and XSS
      3. 21.3. Session Hijacking
        1. 21.3.1. Defense via Client IP Address Checks
        2. 21.3.2. Defense by Setting the HttpOnly Flag on Cookies
      4. 21.4. Cross-Site Request Forgery
        1. 21.4.1. Attack
        2. 21.4.2. Defense
        3. 21.4.3. Preventing CSRF Using the Antiforgery Helpers
      5. 21.5. SQL Injection
        1. 21.5.1. Attack
        2. 21.5.2. Defense Using Parameterized Queries
        3. 21.5.3. Defense Using Object-Relational Mapping
      6. 21.6. Using the MVC Framework Securely
        1. 21.6.1. Don't Expose Action Methods Accidentally
        2. 21.6.2. Don't Allow Model Binding to Change Sensitive Properties
      7. 21.7. Summary
    2. 22. Authentication and Authorization
      1. 22.1. Using Windows Authentication
      2. 22.2. Using Forms Authentication
        1. 22.2.1. Setting Up Forms Authentication
          1. 22.2.1.1. Handling Login Attempts
        2. 22.2.2. Using Cookieless Forms Authentication
      3. 22.3. Using Membership, Roles, and Profiles
        1. 22.3.1. Setting Up and Using Membership
          1. 22.3.1.1. Setting Up SqlMembershipProvider
          2. 22.3.1.2. Using SqlMembershipProvider with SQL Server Express
          3. 22.3.1.3. Manually Preparing SQL Server
          4. 22.3.1.4. Managing Membership
            1. 22.3.1.4.1. Using the Web Site Administration Tool (WAT)
            2. 22.3.1.4.2. Using the IIS .NET Users tool
          5. 22.3.1.5. Creating a Custom Membership Provider
        2. 22.3.2. Setting Up and Using Roles
          1. 22.3.2.1. Setting Up SqlRoleProvider
          2. 22.3.2.2. Managing Roles
          3. 22.3.2.3. Creating a Custom Roles Provider
        3. 22.3.3. Setting Up and Using Profiles
          1. 22.3.3.1. Setting Up SqlProfileProvider
          2. 22.3.3.2. Configuring, Reading, and Writing Profile Data
            1. 22.3.3.2.1. Enabling Anonymous Profiles
          3. 22.3.3.3. Creating a Custom Profile Provider
      4. 22.4. Why You Shouldn't Use URL-Based Authorization
      5. 22.5. Restricting Access Using IP Addresses and Domains
      6. 22.6. Summary
    3. 23. Deployment
      1. 23.1. Preparing an Application for Deployment
        1. 23.1.1. Detecting View Errors Before Deployment
        2. 23.1.2. Configuring Dynamic Page Compilation
        3. 23.1.3. Preparing for a Bin Deployment
        4. 23.1.4. Preparing the Web.config File for Transformation
          1. 23.1.4.1. Understanding the Transformation Structure
          2. 23.1.4.2. Inserting Configuration Elements
          3. 23.1.4.3. Removing Configuration Elements
          4. 23.1.4.4. Setting and Removing Attributes
          5. 23.1.4.5. Replacing Elements
          6. 23.1.4.6. Using the Locator Attribute
        5. 23.1.5. Preparing the Project for Database Deployment
      2. 23.2. Understanding the IIS Fundamentals
        1. 23.2.1. Understanding Web Sites
        2. 23.2.2. Understanding Virtual Directories
        3. 23.2.3. Understanding Application Pools
        4. 23.2.4. Binding Web Sites to Hostnames, IP Addresses, and Ports
      3. 23.3. Preparing the Server for Deployment
      4. 23.4. Deploying an Application
        1. 23.4.1. Deploying an Application by Copying Files
        2. 23.4.2. Using a Deployment Package
          1. 23.4.2.1. Creating the Deployment Package
          2. 23.4.2.2. Deploying the Package
        3. 23.4.3. Using One-Click Publishing
      5. 23.5. Summary