1. What is ASP.NET Core?
ASP.NET Core is a modern, open-source, cross-platform framework for building web applications. It is designed to provide a lightweight, high-performance framework that is suitable for building cloud-based applications, such as web apps, IoT apps, and mobile backends. ASP.NET Core allows developers to create robust web applications that can run on Windows, macOS, and Linux.
2. What are some benefits of ASP.NET Core over the classic ASP.NET?
- Cross-platform: ASP.NET Core runs on Windows, macOS, and Linux, making it more versatile.
- Performance: It’s optimized for high performance and scalability.
- Modular framework: Uses a smaller, modular set of libraries that can be tailored to the needs of the application.
- Unified programming model: Combines MVC, Web API, and Web Pages into a single framework.
- Improved support for modern web development: Better integration with modern client-side frameworks and tools.
- Dependency Injection (DI): Built-in support for DI.
- Cloud-optimized: Designed to work seamlessly with modern cloud environments.
3. How to explain OWIN and Katana in simple words?
- OWIN (Open Web Interface for .NET): A standard interface between .NET web applications and web servers. It decouples the web application from the server, making it easier to swap out or configure the server without changing the application code.
- Katana: A set of open-source components that implement OWIN specifications, allowing you to build web applications that can run on different types of servers, not just IIS.
4. Can ASP.NET Core work with the .NET framework?
Yes, ASP.NET Core can work with the full .NET Framework when running on Windows. This is typically referred to as targeting .NET Framework
(e.g., .NET Framework 4.8). However, it is more commonly associated with .NET Core/.NET 5+ for cross-platform capabilities.
5. Why this error: A potentially dangerous Request.Form value was detected from the client?
This error typically occurs when a user inputs HTML or JavaScript content that could be interpreted as a cross-site scripting (XSS) attack. ASP.NET validates input data and throws this error to prevent potentially malicious scripts from being executed.
6. Which protocol is used to call web services?
Web services typically use the HTTP or HTTPS protocol for communication. They may use other protocols depending on the specific type of service (e.g., SOAP, REST).
7. Explain the Cross-page posting and Redirect Permanent in ASP.NET?
- Cross-page posting: In ASP.NET Web Forms, cross-page posting allows data to be sent from one page to another using the
PostBackUrl
property. The second page can access the controls of the first page to read their values. - Redirect Permanent: This method sends a permanent redirection status code (301) to the client and redirects it to a specified URL, indicating that the resource has permanently moved to the new URL.
8. Explain how HTTP protocol works?
HTTP (Hypertext Transfer Protocol) is the foundation of data communication on the web. It is a request-response protocol where a client (such as a web browser) sends a request to a server, and the server sends back a response. HTTP uses methods like GET, POST, PUT, DELETE, etc., to define the type of action to be performed on a resource.
9. What is MVC?
MVC stands for Model-View-Controller, a design pattern used for developing user interfaces. In MVC:
- Model: Represents the application’s data and business logic.
- View: Represents the presentation layer (UI).
- Controller: Handles user input, interacts with the model, and returns the appropriate view.
10. What is the difference between ASP.NET Webforms and ASP.NET MVC?
- Webforms: Based on a page-controller pattern, uses server-side controls, view state, and event-driven programming. It’s more abstracted from HTML and HTTP.
- MVC: Based on the MVC pattern, provides more control over HTML, CSS, and JavaScript. It doesn’t use view state, leading to cleaner markup and better control over the rendered output.
11. How to enable Cross-Origin Requests (CORS) in ASP.NET Core?
To enable CORS in ASP.NET Core:
- Add the CORS service in
Startup.cs
:1 2 3 4 5
services.AddCors(options => { options.AddPolicy("AllowAllOrigins", builder => builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader()); });
- Use the CORS policy in your request pipeline:
1
app.UseCors("AllowAllOrigins");
12. What is dependency injection?
Dependency Injection (DI) is a design pattern used to achieve Inversion of Control (IoC). It allows objects to receive their dependencies rather than creating them directly. In ASP.NET Core, DI is built-in and can be configured in the Startup.cs
file using the IServiceCollection
interface.
13. What is In-memory cache?
In-memory caching is a technique where data is stored in the memory of the server for quick access. It improves application performance by reducing the need to fetch data from external sources (like databases) repeatedly.
14. How to enable the in-memory cache in ASP.NET Core project?
- Add the in-memory cache service in
Startup.cs
:1
services.AddMemoryCache();
- Use the
IMemoryCache
interface to interact with the cache in your application:1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
public class MyService { private readonly IMemoryCache _cache; public MyService(IMemoryCache cache) { _cache = cache; } public void SetCache() { _cache.Set("CacheKey", "CacheValue"); } public string GetCache() { return _cache.Get<string>("CacheKey"); } }
15. How to prevent Cross-Site Scripting (XSS) in ASP.NET Core?
- Encoding: Always encode user input before displaying it.
- Anti-XSS libraries: Use built-in ASP.NET Core features like
HtmlEncoder
,JavaScriptEncoder
, etc. - Validation: Validate input data using model validation attributes.
- Content Security Policy (CSP): Implement CSP headers to restrict the sources of content.
- AutoValidateAntiforgeryToken: Automatically validate requests to protect against cross-site scripting attacks.