Checklist/Guidelines for ASP.Net Developers

This article provides consolidated guidelines/checklist for writing scalable, clean and high performance web applications using ASP.NET. Close adherence to the rules will help developers and code reviewers to understand a piece of code.

The article is divided into three parts as mentioned below.

1. Scalable and Maintainable
2. Meeting all the security standards
3. Giving high performance.

The following guidelines list specific techniques that you can use to avoid writing code that does not perform at acceptable levels.

Scope : Project Design & Scalability

1. Logically partition your application logic into presentation, business, and data access layers. This helps to create maintainable code, monitor and optimize the performance of each layer separately.
2. Derive all the web pages form common page. This common page can contain common code such as error handling. Tracing, Session validity etc.
3. Use web.config to declare flags and constant variables.
4. Use resource/XML file for all the error messages. Do not hard code the error messages in the code.
5. Appropriate directory structure should be followed for the web application.

Scope : ASPX Page Design

1. Web page should contain appropriate title.
2. Page Layout should be set to ‘Flow layout’.
3. Where possible logically partition the pages. Use of div layout instead of table layout
4. Use Html controls instead of server controls wherever possible.
5. Style sheet should be used to apply styles.
6. Maxlength property should be set for all editable controls.
7. Validation controls should be placed in the order corresponding to the order of controls placed on the screen.
8. Disable View State property for the controls / for the whole page where it is not required.
9. Usage of View state should be avoided to store bulky data
10. Code should be written to set focus to the first control of the web form.
11. In web page, the portions which are static in nature like several links. Instead of writing those controls in HTML, store the whole html string in a variable in JavaScript and call document.write in html.
12. Put “alt” to all the images
13. The page should support all the text size of the browser(zoom in/out)
14. Set proper “tabIndex” for all the HTML elements
15. Device independent event handlers should be  used
16. Set appropriate text to the “summary” attribute of the HTML table element
17. Set appropriate text to the “title” attribute of the HTML elements such as anchor tags
18. If your are using a repeater control or a table having repeated columns in your web page then instead of specifying the default attributes for each column Item Template use <COL> attribute in header template
19. Tune web.config to application specific needs. Some are “Authentication”, “SessionState”, and “AutoEventWireup”, “Encoding” etc.

Scope : ASPX code Behind

1. “QueryString” parameters should be checked for null before use.
2. “Session” values should be checked for null before they are accessed.
3. Disable session state if you do not use it
4. Avoid using Page.DataBind.
5. Use cookies, query strings, and hidden controls for storing lightweight, user-specific state
6. Use application state to share static, read-only data. Use static properties instead of the Application object to store application state
7. Use Response.Write for formatting output
8. Use the += operator when the number of appends is known. Use the ‘StringBuilder’ object when the number of appends is unknown
9. Server.Transfer used instead of Response.Redirect. To transfer to pages in other applications, you must use Response.Redirect. When you use Response.Redirect, ensure you use the overloaded method that accepts a Boolean second parameter, and pass a value of false to ensure an internal exception is not raised.
10. If we need to load content of the page from XML file, we can use JavaScript to load the content and we can use client side div instead of server side div
11. If page is required to be fetched every time from web server then explicitly disable page caching. Use caching and Page output wherever possible.
12. All required constant values should be defined as private constants in the beginning of the file and not hard coded in the code.
13. Regions should be used to group related functions, properties and variables.
14. All variables should be initialized before use.
15. Code should contain exception handling.
16. Prefer basic types to reduce serialization costs.
17. Remove unused HTTP modules from the pipeline.

Scope : Exception Handling

1. Finally block should be used for cleanup code.
2. Do not catch exceptions that you cannot handle.
3. Exceptions should be wrapped and re-thrown only when additional information is being added to the exception.
4. Order exceptions in the catch block appropriately.
5. Log as much information as possible from the exceptions.
6. Write code that avoids exceptions.
7. When exceptions are thrown from the application, it must not reveal the SQL information like tables, connection strings, column names, etc…
8. Use try/finally on disposable resources
9. Implement a Global.asax error handler
10. For client side (JavaScript) exceptions we can trap the exception and show user friendly message to client in alert or message box.
11. Exceptions should be logged and appropriate customized error message must be shown in the front-end.

We shall discus the next two topics in another article, Hope you enjoyed the article. Please pen down your comments

Related Posts

1. ASP.Net Developers Checklist – Security Checklist
2. ASP.Net Performance Improvement Tips
3. ASP.Net Tutorial: Wizard Control
4. Handling ASP.Net Controls in JavaScript
5. Call ASP.net MVC Server side function using Jquery Ajax

Tags: asp.net, dotnet developers checklist, Quality Document, Scalablity and Maintainablity