Tuesday, September 18, 2012

What is view state

ViewState: Its nothing but it's a hidden data which is kept by asp.net pages in "_VIEWSTATE" as hidden form field. They track the changes to a web site during post backs.
The ViewState of a page can be seen if you view the source code of the running page(Right Click --> View Source). It will be listed under the following tags:
< input id="__VIEWSTATE" name="__VIEWSTATE" type="hidden" value=""  >
Having a large ViewState will cause a page to download slowly from the users side.

source view

<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE” value="/wEPDwUKMTIxNDIyOTM0Mg9kFgICAw9kFgICAQ8PFgIeBFRleHQFEzQvNS8yMDA2IDE6Mzc6MTEgUE1kZGROWHn/rt75XF/pMGnqjqHlH66cdw==" />

Encrypting of the View State: You can enable view state encryption to make it more difficult for attackers and malicious users to directly read view state information. Though this adds processing overhead to the Web server, it supports in storing confidential information in view state. To configure view state encryption for an application does the following:

<Configuration>
   <system.web>
                  <pages viewStateEncryptionMode="Always"/>
  </system.web>
</configuration>

Alternatively, you can enable view state encryption for a specific page by setting the value in the page directive, as the following sample demonstrates:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" ViewStateEncryptionMode="Always"%>

View State is enabled by default, but if you can disable it by setting the EnableViewState property for each web control to false. This reduces the server processing time and decreases page size. 

No comments: