We are applying localization in our application by using resx files and using it by calling Resources.Resource.Key and ResourceManager class to get the values of keys. Currently we are facing an issue that in some languages single (') and double quotes (") are appearing while in English resource there is no such thing like that. Problem is that when we calls javascript methods like alert('value') in code then it crashes because single quote within another single quote does not work. I know there is way to handle it by replacing single quote with "\'" but in order to fix this I need to write this code throughout the application. Is there any workaround that whenever I call the resource by calling above ways I mentioned earlier One method automatically called in which I can modify the value return by the resource. Waiting for your valuable suggestions. Thx
Anywhere you're referencing resources you should HTML encode the output. If you're using ASP.NET WebForms you can use <%: Resources.Strings.Something %>. If you're using the Razor view engine then it will be HTML encoded by default.
Related
In short: I have a method name provided via a JSON configuration file. I'd like to call a method using this provided name. The method (with a matching name) will exist in the backend. What's the best way of going about this?
I am not quite sure what I should be searching for as an example.
To detail: I am working with a legacy application, hence the VB.NET. I am building a single PDF file from multiple PDF sources. Most of these are as is, I simply read the configuration and grab the relevant files and the job is done. However some require processing, I'd like the configuration file to pass in a method name to be called that will perform extra processing on the PDF, whatever that may be.
As there can be a lot of PDF files that can vary, I cannot simply use a property such as "PostProcessing: true".
Any ideas?
You could use reflection to reflect method names back and check them against the name passed from the property in the config file.
Like so
Type magicType = Type.GetType("MagicClass");
MethodInfo magicMethod = magicType.GetMethod("ItsMagic");
object magicValue = magicMethod.Invoke(magicClassObject, new object[]{100});
That would work.. but to be honest, I'd go with a case statement as you'll be hardcoding the method names anyway (because they are code), and it'll be strongly typed (less chance of typos and errors).
I have a little piece of code, which gets data from a DB, and I want to parse it into a .cshtml Razor-View-Template. therefor i create a variable of a new TemplateService and execute .parse() on that. Now I want to output the file to the user. What is the best performing function to accomplish this task? I have an MVC application. And as the text above already describes, this is a little template system.
Edit:
For example:
I have a folder templates/default-tpl/, which contains a file index.cshtml
This file contains some Razor-related variables (for example #ViewData["Title"]
Now i have a Controller, which calls the RazorEngine TemplateService's Parse() function with the corresponding ViewData.
Now I have the HTML ready and parsed
So the question is, from this point, how do i output the website the most performant way? Or is there even a complete different approach possible?
(Doing this to obfuscate ASP.NET MVC Framework in web app.)
Have renamed the cookie name with static AntiForgeryConfig class via Helpers in Application_Start.
Global.asax:
AntiForgeryConfig.CookieName = "Test";
But still obvious AntiForgeryToken is being used due to input name:
Front End:
<input name="__RequestVerificationToken" type="hidden" value="blahblahblah" />
Arguably the value smells of MVC with encoding but not really sure what to about this. (Different issue really but comments/other approaches welcomed and appreciated regardless.)
After checking the source code on CodePlex, it appears that this value is hard-coded as a constant. So there's no easy way of changing this value. You can see this here: http://aspnetwebstack.codeplex.com/SourceControl/latest#src/System.Web.WebPages/Helpers/AntiForgeryConfig.cs
I'm surprised it's not configurable. Anyways, it appears that what you want to do is not possible.
However, I advice you create a feature request on Codeplex and hope they will implement it.
Note: If you want to go really hardcore, you could always download the code and make the modification, but this will probably give you more problems than it solves.
The answer to this StackOverflow question should get you started.
Changing the input name is non-trivial. Both the Html.AntiForgeryToken helper and the ValidationAntiforgeryToken attribute rely on the input name being "__RequestVerificationToken". If you want it to be something else, you will need to drop down into using the AntiForgery API and create your own versions of both helper and attribute to validate against your chosen name.
I need to get some Json to the client side from the server and it's somewhat troublesome as almost all tutorials assume an Ajax call to a separate action to get the Json.
This led me to think that there must be some reason why it is done this way. In Asp.Net MVC we can pass a Model along with the view to get the information but we can't seem to easily pass a Json object. Instead you are supposed to make a separate call to get this information.
What if the Json info is known when the page is generated, why not generate it at the same time?
I'm sorry if I wasn't clear enough. While it's nice to hear of ways to get Json to the client, the question is actually whether there is a specific reason the Ajax call method is much more popular, like security or anything like that.
Can you put something like this into your view? (rough pseudo code, assuming using a Razor view)
< script >
var myJSON = { Field: #model.Field, Field2: #model.Field2 };
< /script >
Because you do not need both at the same time... on the first call will be to get html (the view of the data - represented by a view model), and any ajax calls will be to get the possibly updated data (json serialized view model).
No reason why you can't. You could use the javacript serializer to create a JSON string that drop on the page. You could also create an action that return the json string that you called from a script tag.
What you want if you're using KnockOut, would be the Mapping plugin that turns an ordinary JS object, like that generated above, into an observable ready for KnockOut to use. See here from info. http://knockoutjs.com/documentation/plugins-mapping.html
You can use content-negotiation by setting accept header. This is considered a best practice (and according to some RESTful).
This needs to be supported and implemented at server as well. ASP NET MVC does not make it easy to support content-negotiation and you have to implement it yourself by if-else or using ActionFilter and implementing action selector.
I'm trying to read all filenames from a specified (server- not client) folder, and insert all the filenames into a javascript Array.
It should behave like the Directory.GetFiles method in ASP.NET C#.
I created a new array, and I just need the loop method (Javascript or jQuery) to iterate in the specific folder, and insert all the filenames into the array.
Thanks all helpers!
You're going to need to invoke some form of ajax postback to do this on the server, returning an array of strings as a JSON result.
Note that this has the usual caveats that the web server account must have the necessary permissions to be able to query the selected folder.
I wouldn't do this - it's potentially a security problem.
Out of interest, why are you doing this? I'm trying to imagine what you gain from having this information on the client...