Home > Articles > Programming > ASP .NET

This chapter is from the book

Request/Response Programming

The server control architecture is built on top of a more fundamental processing architecture, which may be called request/response. Understanding request/response is important to solidify our overall grasp of ASP.NET. Also, in certain programming situations request/response is the natural approach.

HttpRequest Class

The System.Web namespace contains a useful class HttpRequest that can be used to read the various HTTP values sent by a client during a Web request. These HTTP values would be used by a classical CGI program in acting upon a Web request, and they are the foundation upon which higher level processing is built. Table 14–1 shows some of the public instance properties of HttpRequest. If you are familiar with HTTP, the meaning of these various properties should be largely self-explanatory. Refer to the .NET Framework documentation of the HttpRequest class for full details about these and other properties.

TABLE 14–1 Public Instance Properties of HttpRequest

Property

Meaning

AcceptTypes

String array of client-supported MIME accept types

Browser

Information about client's browser capabilities

ContentLength

Length in bytes of content sent by the client

Cookies

Collection of cookies sent by the client

Form

Collection of form variables

Headers

Collection of HTTP headers

HttpMethod

HTTP transfer method used by client (e.g., GET or POST)

Params

Combined collection of QueryString, Form, ServerVariables, andCookies items

Path

Virtual request of the current path

QueryString

Collection of HTTP query string variables

ServerVariables

Collection of Web server variables


The Request property of the Page class returns a HttpRequest object. You may then extract whatever information you need, using the properties of HttpRequest. For example, the following code determines the length in bytes of content sent by the client and writes that information to the Response object.

Dim length As Integer = Request.ContentLength 
Response.Write("ContentLength = " & length & "<br>") 

COLLECTIONS

A number of useful collections are exposed as properties of HttpRequest. The collections are of type NamedValueCollection (in System.Collec-tions.Specialized namespace). You can access a value from a string key. For example, the following code extracts values for the QUERY_STRING and HTTP_USER_AGENT server variables using the ServerVariables collection.

Dim strQuery As String = _ 
      Request.ServerVariables("QUERY_STRING")
Dim strAgent as String = _ 
      Request.ServerVariables("HTTP_USER_AGENT") 

Server variables such as these are at the heart of classical Common Gateway Interface (CGI) Web server programming. The Web server passes information to a CGI script or program by using environment variables. ASP.NET makes this low-level information available to you, in case you need it.

A common task is to extract information from controls on forms. In HTML, controls are identified by a name attribute, which can be used by the server to determine the corresponding value. The way in which form data is passed to the server depends on whether the form uses the HTTP GET method or the POST method.

With GET, the form data is encoded as part of the query string. The QueryString collection can then be used to retrieve the values. With POST, the form data is passed as content after the HTTP header. The Forms collection can then be used to extract the control values. You could use the value of the REQUEST_METHOD server variable (GET or POST) to determine which collection to use (the QueryString collection in the case of GET and the Forms collection in case of POST).

With ASP.NET you don't have to worry about which HTTP method was used in the request. ASP.NET provides a Params collection, which is a combination (union in the mathematical sense) of the ServerVariables, Que-ryString, Forms, and Cookies collections.

EXAMPLE PROGRAM

We illustrate all these ideas with a simple page Squares.aspx that displays a column of squares.

<!-- Squares.aspx -->
<%@ Page Language="VB" Trace="true"%>
<script runat="server">
Sub Page_Init(sender As Object, e As EventArgs)
     Dim strQuery As String = _
           Request.ServerVariables("QUERY_STRING")
     Response.Write("QUERY_STRING = " & strQuery & "<br>")
     Dim strAgent as String = _
           Request.ServerVariables("HTTP_USER_AGENT")
     Response.Write("HTTP_USER_AGENT = " & strAgent & "<br>")
     Dim length As Integer = Request.ContentLength
     Response.Write("ContentLength = " & length & "<br>")
     Dim strCount As String = Request.Params("txtCount")
     Dim count As Integer = Convert.ToInt32(strCount)
     Dim i As Integer
     For i = 1 To count
          Response.Write(i*i)
          Response.Write("<br>")
     Next
End Sub
</script>

How many squares to display is determined by a number submitted on a form. The page GetSquares.aspx submits the request using GET, and PostSquares.aspx submits the request using POST. These two pages have the same user interface, illustrated in Figure 14–11.

Figure 14-11Figure 14-11 Form for requesting a column of squares.

Here is the HTML for GetSquares.aspx. Notice that we are using straight HTML. Except for the Page directive, which turns tracing on, no features of ASP.NET are used.

<!-- GetSquares.aspx -->
<%@ Page Trace = "true" %>
<html>
<head>
</head>
<body>
<P>This program will print a column of squares</P>
<form 

method="get" action = Squares.aspx

> How many: <INPUT type=text size=2 value=5

name=txtCount

> <P></P> <INPUT type=submit value=Squares

name=cmdSquares

> </form> </body> </html>

The form tag has attributes specifying the method (GET or POST) and the action (target page). The controls have a name attribute, which will be used by server code to retrieve the value.

Run GetSquares.aspx and click Squares. You will see some HTTP information displayed, followed by the column of squares. Tracing is turned on, so details about the request are displayed by ASP.NET. Figure 14–12 illustrates the output from this GET request.

Figure 14-12Figure 14-12 Output from a GET request.

You can see that form data is encoded in the query string, and the content length is 0. If you scroll down on the trace output, you will see much information. For example, the QueryString collection is shown.

Now run PostSquares.aspx and click Squares. Again you will then see some HTTP information displayed, followed by the column of squares. Tracing is turned on, so details about the request are displayed by ASP.NET. Figure 14–13 illustrates the output from this POST request.

Figure 14-13Figure 14-13 Output from a POST request.

You can see that now the query string is empty, and the content length is 29. The form data is passed as part of the content, following the HTTP header information. If you scroll down on the trace output, you will see that now there is a Form collection, which is used by ASP.NET to provide access to the form data in the case of a POST method.

By comparing the output of these two examples, you can clearly see the difference between GET and POST, and you can also see the data structures used by ASP.NET to make it easy for you to extract data from HTTP requests.

HttpResponse Class

The HttpResponse class encapsulates HTTP response information that is built as part of an ASP.NET operation. The Framework uses this class when it is creating a response that includes writing server controls back to the client. Your own server code may also use the Write method of the Response object to write data to the output stream that will be sent to the client. We have already seen many illustrations of Response.Write.

REDIRECT

The HttpResponse class has a useful method, Redirect, that enables server code to redirect an HTTP request to a different URL. A simple redirection without passing any data is trivial—you need only call the Redirect method and pass the URL. An example of such usage would be a reorganization of a

Web site, where a certain page is no longer valid and the content has been moved to a new location. You can keep the old page live by simply redirecting traffic to the new location.

It should be noted that redirection always involves an HTTP GET request, like following a simple link to a URL. (POST arises as an option when submitting form data, where the action can be specified as GET or POST.) A more interesting case involves passing data to the new page. One way to pass data is to encode it in the query string. You must preserve standard HTTP conventions for the encoding of the query string. The class HttpUtility provides a method UrlEncode, which will properly encode an individual item of a query string. You must yourself provide code to separate the URL from the query string with a "?" and to separate items of the query string with "&".

The folder Hotel provides an example of a simple Web application that illustrates this method of passing data in redirection. The file default.aspx provides a form for collecting information to be used in making a hotel reservation. The reservation itself is made on the page Reservation1.aspx. You may access the starting default.aspx page through the URL

http://localhost/Chap14/Hotel/ 

As usual, we provide a link to this page in our home page of example programs. Figure 14–14 illustrates the starting page of our simple hotel reservation example.

Figure 14-14Figure 14-14 Starting page for making a hotel reservation.

Here is the script code that is executed when the Make Reservation button is clicked.

e As EventArgs)
   Dim query As String = "City=" & _
         HttpUtility.UrlEncode(txtCity.Text)
   query += "&Hotel=" & _
         HttpUtility.UrlEncode(txtHotel.Text)
   query += "&Date=" & _
         HttpUtility.UrlEncode(txtDate.Text)
   query += "&NumberDays=" & _
         HttpUtility.UrlEncode(txtNumberDays.Text)
   Response.Redirect("Reservation1.aspx?" + query)
End Sub

We build a query string, which gets appended to the Reservation1.aspx URL, separated by a "?". Note the ampersand that is used as a separator of items in the query string. We use the HttpUtility.UrlEncode method to encode the individual items. Special encoding is required for the slashes in the date and for the space in the name San Jose. Clicking the button brings up the reservation page. You can see the query string in the address window of the browser. Figure 14–15 illustrates the output shown by the browser.

Figure 14-15Figure 14-15 Browser output from making a hotel reservation

Our program does not actually make the reservation; it simply prints out the parameters passed to it.

<%@ Page language="VB" Debug="true" Trace="false" %>
<script runat="server">
     Sub Page_Load(sender As Object, e As EventArgs)
          Response.Write("Making reservation for ...")
          Response.Write("<br>")
          Dim city As String = Request.Params("City")
          Response.Write("City = " & city)
          Response.Write("<br>")
          Dim hotel As String = Request.Params("Hotel")
          Response.Write("Hotel = " & hotel)
          Response.Write("<br>")
          Dim strDate As String = Request.Params("Date")
          Response.Write("Date = " & strDate)
          Response.Write("<br>")
          Dim strDays As String = Request.Params("NumberDays")
          Response.Write("NumberDays = " & strDays)
          Response.Write("<br>")
    End Sub
</script>
<HTML>
<body>
</body>
</HTML>

You can turn on tracing (in the file Reservation1.aspx), and the trace output should serve to reinforce the ideas we have been discussing about request/response Web programming. In particular, you should examine the QueryString collection, as illustrated in Figure 14–16.

Figure 14-16Figure 14-16 The query string is used for passing parameters in redirection

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020