Correlation
I have created correlation for .Net applicaiton for view State:
Correlation Substistuion with Post Request:
![]()
View state
View state refers to the page-level state management mechanism, utilized by the HTML pages emitted by ASP.NET applications to maintain the state of the Web form controls and widgets. The state of the controls is encoded and sent to the server at every form submission in a hidden field known as
The main use for this is to preserve form information across postbacks. View state is turned on by default and normally serializes the data in every control on the page regardless of whether it is actually used during a postback. This behavior can (and should) be modified, however, as View state can be disabled on a per-control, per-page, or server-wide basis.
Developers need to be wary of storing sensitive or private information in the View state of a page or control, as the base64 string containing the view state data can easily be de-serialized. By default, View state does not encrypt the
Event Validation:
The event validation mechanism reduces the risk of unauthorized postback requests and callbacks. When the EnableEventValidation property is set to true, ASP.NET allows only the specific events that can be raised on the control during a postback request or callback. In this model, a control registers its events during rendering and then validates the events during postback or callback handling. All event-driven controls in ASP.NET now use this feature by default.
Performance testing is iteration process means create
script for one real user and run the script for huge or many users. How server
identifies the each user actions for multiple users, for this server creates an
UNIQUE USER SESSION for every user. Using this session user can perform this
actions or transactions. Once users sign out from application, once again
server creates new session for the same user. So for each user has unique
sessions.
We created a script for real one user, so script records the unique session id in the script. If i am running second time script uses the recorded session id due to this script will throw error. So we need to change the dynamic values (like session Id) each user, this is called correlation. In computer science terminology making "constant" value to "variable".
Correlation is capturing the dynamic values from the server then passing that value to the script.
Screen Shot:We created a script for real one user, so script records the unique session id in the script. If i am running second time script uses the recorded session id due to this script will throw error. So we need to change the dynamic values (like session Id) each user, this is called correlation. In computer science terminology making "constant" value to "variable".
Correlation is capturing the dynamic values from the server then passing that value to the script.
I have created correlation for .Net applicaiton for view State:
Correlation Substistuion with Post Request:
View state
View state refers to the page-level state management mechanism, utilized by the HTML pages emitted by ASP.NET applications to maintain the state of the Web form controls and widgets. The state of the controls is encoded and sent to the server at every form submission in a hidden field known as
__VIEWSTATE. The server
sends back the variable so that when the page is re-rendered, the controls
render at their last state. At the server side, the application may change the
viewstate, if the processing requires a change of state of any control. The
states of individual controls are decoded at the server, and are available for
use in ASP.NET pages using the ViewState collection. The main use for this is to preserve form information across postbacks. View state is turned on by default and normally serializes the data in every control on the page regardless of whether it is actually used during a postback. This behavior can (and should) be modified, however, as View state can be disabled on a per-control, per-page, or server-wide basis.
Developers need to be wary of storing sensitive or private information in the View state of a page or control, as the base64 string containing the view state data can easily be de-serialized. By default, View state does not encrypt the
__VIEWSTATE value.
Encryption can be enabled on a server-wide (and server-specific) basis,
allowing for a certain level of security to be maintainedEvent Validation:
The event validation mechanism reduces the risk of unauthorized postback requests and callbacks. When the EnableEventValidation property is set to true, ASP.NET allows only the specific events that can be raised on the control during a postback request or callback. In this model, a control registers its events during rendering and then validates the events during postback or callback handling. All event-driven controls in ASP.NET now use this feature by default.
No comments:
Post a Comment