Professional Documents
Culture Documents
A reverse proxy:
● Can limit the exposed public surface area of the apps that it hosts.
● Provide an additional layer of configuration and defense.
● Might integrate better with existing infrastructure.
● Simplify load balancing and secure communication (HTTPS) configuration. Only the reverse proxy server requires an X.509 certificate,
and that server can communicate with the app's servers on the internal network using plain HTTP.
Globalization vs Localization
Internationalization involves Globalization and Localization. Globalization is the process of designing apps that support different cultures. Globalization
adds support for input, display, and output of a defined set of language scripts that relate to specific geographic areas.
Localization is the process of adapting a globalized app, which you have already processed for localizability, to a particular culture/locale. For more
information see Globalization and localization terms near the end of this document.
App localization involves the following:
1. Make the app's content localizable
2. Provide localized resources for the languages and cultures you support
3. Implement a strategy to select the language/culture for each request
What is Model binding
Controllers and Razor pages work with data that comes from HTTP requests. For example, route data may provide a record key, and posted form fields
may provide values for the properties of the model. Writing code to retrieve each of these values and convert them from strings to .NET types would be
tedious and error-prone. Model binding automates this process. The model binding system:
● Retrieves data from various sources such as route data, form fields, and query strings.
● Provides the data to controllers and Razor pages in method parameters and public properties.
● Converts string data to .NET types.
● Updates properties of complex types.
IModelBinder - For custom model binder
private The response must not be stored by a shared cache. A private cache may store and reuse the response.
max-age The client doesn't accept a response whose age is greater than the specified number of seconds. Examples: max-age=60 (60
seconds), max-age=2592000 (1 month)
no-cache On requests: A cache must not use a stored response to satisfy the request. The origin server regenerates the response for
the client, and the middleware updates the stored response in its cache.
On responses: The response must not be used for a subsequent request without validation on the origin server.
Other cache headers that play a role in caching are shown in the following table.
Header Function
Age An estimate of the amount of time in seconds since the response was generated or successfully validated at the origin server.
Pragma Exists for backwards compatibility with HTTP/1.0 caches for setting no-cache behavior. If the Cache-Control header is present,
the Pragma header is ignored.
Vary Specifies that a cached response must not be sent unless all of the Vary header fields match in both the cached response's
original request and the new request.
Caching basics
Caching can significantly improve the performance and scalability of an app by reducing the work required to generate content. Caching works best with
data that changes infrequently and is expensive to generate. Caching makes a copy of data that can be returned much faster than from the source. Apps
should be written and tested to never depend on cached data.
Cache guidelines
● Code should always have a fallback option to fetch data and not depend on a cached value being available.
● The cache uses a scarce resource, memory. Limit cache growth:
○ Do not use external input as cache keys.
○ Use expirations to limit cache growth.
○ Use SetSize, Size, and SizeLimit to limit cache size. The ASP.NET Core runtime does not limit cache size based on memory
pressure. It's up to the developer to limit cache size.
How garbage collection (GC) works in .NET Core
The GC allocates heap segments where each segment is a contiguous range of memory. Objects placed in the heap are categorized into one of 3
generations: 0, 1, or 2. The generation determines the frequency the GC attempts to release memory on managed objects that are no longer referenced
by the app. Lower numbered generations are GC'd more frequently.
Objects are moved from one generation to another based on their lifetime. As objects live longer, they are moved into a higher generation. As mentioned
previously, higher generations are GC'd less often. Short term lived objects always remain in generation 0. For example, objects that are referenced
during the life of a web request are short lived. Application level singletons generally migrate to generation 2.
When an ASP.NET Core app starts, the GC:
● Reserves some memory for the initial heap segments.
● Commits a small portion of memory when the runtime is loaded.
The preceding memory allocations are done for performance reasons. The performance benefit comes from heap segments in contiguous memory.
Authentication
is the process of determining a user's identity. Authorization is the process of determining whether a user has access to a resource. In ASP.NET Core,
authentication is handled by the IAuthenticationService, which is used by authentication middleware. The authentication service uses registered
authentication handlers to complete authentication-related actions. Examples of authentication-related actions include:
● Authenticating a user.
● Responding when an unauthenticated user tries to access a restricted resource.
Authorization
refers to the process that determines what a user is able to do. For example, an administrative user is allowed to create a document library, add
documents, edit documents, and delete them. A non-administrative user working with the library is only authorized to read the documents.
Authorization is orthogonal and independent from authentication. However, authorization requires an authentication mechanism. Authentication is the
process of ascertaining who a user is. Authentication may create one or more identities for the current user.
app.UseHttpsRedirection();
● .NET Framework is the "full" or "traditional" flavor of .NET that's distributed with Windows. Use this when you are building a desktop Windows
or UWP app, or working with older ASP.NET 4.6+.
● .NET Core is cross-platform .NET that runs on Windows, Mac, and Linux. Use this when you want to build console or web apps that can run on
any platform, including inside Docker containers. This does not include UWP/desktop apps currently.
● Xamarin is used for building mobile apps that can run on iOS, Android, or Windows Phone devices.
Explain the difference between Task and Thread in .NET
● Thread represents an actual OS-level thread, with its own stack and kernel resources. Thread allows the highest degree of control; you can
Abort() or Suspend() or Resume() a thread, you can observe its state, and you can set thread-level properties like the stack size, apartment
state, or culture. ThreadPool is a wrapper around a pool of threads maintained by the CLR.
● The Task class from the Task Parallel Library offers the best of both worlds. Like the ThreadPool, a task does not create its own OS thread.
Instead, tasks are executed by a TaskScheduler; the default scheduler simply runs on the ThreadPool. Unlike the ThreadPool, Task also allows
you to find out when it finishes, and (via the generic Task) to return a result.
What is JIT compiler?
Before a computer can execute the source code, special programs called compilers must rewrite it into machine instructions, also known as object code.
This process (commonly referred to simply as “compilation”) can be done explicitly or implicitly.
Implicit compilation is a two-step process:
● The first step is converting the source code to intermediate language (IL) by a language-specific compiler.
● The second step is converting the IL to machine instructions. The main difference with the explicit compilers is that only executed fragments of
IL code are compiled into machine instructions, at runtime. The .NET framework calls this compiler the JIT (Just-In-Time) compiler.
CTS
CTS defines several categories of types, each with their specific semantics and usage:
● Classes
● Structures
● Enums
● Interfaces
● Delegates
CTS also defines all other properties of the types, such as access modifiers, what are valid type
members, how inheritance and overloading works and so on. Unfortunately, going deep into any of those
is beyond the scope of an introductory article such as this, but you can consult More resources section at
the end for links to more in-depth content that covers these topics.