Tuesday, January 10, 2006

.NET Development Tips

I have not posted any development items in quite some time, so I thought that I would post a couple of items that I have found over the past few days.

SmartNavigation Causes Erratic Behavior in Web Applications

First off, if you value your sanity, disable SmartNavigation in your application. This can be done by making a change to a setting within the Web.config file for your web application. Pages can override this setting, though, so take care to ensure that you are not doing that. To disable SmartNavigation, make sure you have the following in your Web.config:

   <pages smartNavigation="false" />

SmartNavigation is supposed to be this nice feature (only available to IE users though) that helps to speed up web applications, as well as helps to remember the location on a page during PostBack. ASP.NET Web applications do a lot of posting back to the server. Of course in doing that, the page has to be reloaded. SmartNavigation is supposed to help in this respect, and it does. However, a nasty side-effect of this is that you often get erratic behavior in your web applications, particularly those that use a lot of JavaScript. As an example, I created this nifty web control that makes the file input control in html look nice. You are no longer stuck with the ugly browse button, and can instead replace it with a nice image for the browse button. With SmartNavigation enabled though, sometimes after a postback, the control would not be visible in IE. The kicker, the HTML for the control was rendered and is viewable in the source for the page. So, why oh why does it not show up? SmartNavigation. Didn't do it every time, but it did on occasion.

So, I simply disable it from now on. If you want the feature that remembers where you were at on a page before postback, there are numerous solutions on the web. A particularly nice one can be found here.

DHTML Effect Filters Can be Disabled in IE Security Settings

Another item that I have found recently also surfaced during the creation of me file input control. And it has to do with DHTML effect filters. I had code in the style attribute:

filter:alpha(opacity: 0);

When I loaded the page on my local machine, everything was fine. When I uploaded the page to the remote server, and attempted to load the page using the same browser, the effect did not render.

Turns out, there is a setting in IE that must be enabled for this to work. Open IE, select the Tools menu, and the Options item from that menu. Select the Security tab, and choose Custom level. Scroll down until you find "Binary & Script Behaviours". Make sure that this is enabled. Apparently DHTML filters could be a security risk. Could someone explain to me how these could be exploited? It is beyond me!

No comments: