An ASP.NET wtf
-
This isn't a huge WTF, but it's still a WTF. It wasn't actually a WTF
while looking at the code either; that happened while remembering it,
about a year after I wrote it. Yeah, it's my code. :^) I had only been a 'professional' for a few months, and I was just getting into the less obvious bits of ASP.NET.
Here is the most convenient example (from a code behind file):
if( refreshFromDB )
m_dsBI =
ProjectDB.DBPartners.GetBudgetItemList (DBAccess.GetConnection(),
partnerID);
this.dgBudgetItems.DataSource = m_dsBI.Tables[0];
this.dgBudgetItems.DataBind();
ViewState["m_dsBI"] = this.m_dsBI;
I've anonymized it a little bit. If you don't know ASP.NET, what this
is saying is that m_dsBI, whatever it is, is getting put into the
ViewState, which means it gets encoded into a long string of gibberish
that goes into a hidden form variable. (ViewState itself is a half-WTF
until you rationalize it as a convenience.)
This construct is on more than one place in the code for this page. So
the web client ended up posting about 80k to the server each time, on a
small data set. (I'm not sure whether this was ever deployed. I was
moved to other projects.)
So, that's my little self-WTF. I am absolved.
-
That's not too bad, I've seen it happen millions of times and worse than that.
The problem is the idiotic default viewstate setting asp .NET has, and
the uneducated programmers don't know they have to change their
behaviours.
If you just throw some controls on a page with some codebehind (random)
without setting some viewstate=false properties, you'll end up with
huge html source.
I agree that it's a convenience to have state preserved, but I believe
viewstate should default to off and ppl should set it to on for stuff
they want persisted.
Oh, and on a larger scheme, the whole thing with the viewstate being a
hidden form field and every link being a javascript postback function
is really messy
-
The viewstate is actually a fairly clever idea. It's a terrible implementation though ;) It is not at all a safe place to put anything because it is only base64 encoded XML. As long as you don't store huge tables in it it can be very useful for collection of user data. Obviously never store anything like passwords, queries, connection strings, etc in it. But, if you have much more bandwidth than server resources (gigabit ethernet for instance) the viewstate can increase the number of users your server can handle.
Like any tool, you can use it to architect a palace or chisel wtfs to be immortalized here :)
-
Discovering your own WTFs is the first step to not being a WTF coder.
The second step is fixing them (if your position permits you too).
Congrats on finding it, anybody who hasn't found their WTFs from the past are probably coding WTFs right now.
-
yeah its quite a common wtf
but i prefer
Viewstate(key) = guid
Session(Viewstate(key)) = thetable