ASP.NET MVC Best Practices
The ASP.NET MVC is becoming more and more popular each day. As the application grows in size so does the maintenance nightmare. Following are some of the better practices, that if followed, may help maintain our application and also provides a means of scalability as the demand increases. Feel free to add/update practices/tips as required.
Do note that this checklist are just for quick reference and are not detailed materials and can be used as a quick reference.
- Isolate Controllers
Isolate the controllers from dependencies on HttpContext, data access classes, configuration, logging etc. Isolation could be achieved by creating wrapper classes and using an IOC container for passing in these dependencies
- IoC Container
Use an IoC container to manage all external dependencies The following are some of the wellknown containers/framework.
- Unity Block
- Castle Windsor
- No "magic strings"
Never use magic strings in your code. This means hard-coding view names, link text etc. into your views. Frameworks such as T4MVC can help with this. More to come on this.
- Create a ViewModel for each view
Create a specialized ViewModel for each view. The role of ViewModel should only be databinding. It should not contain any presentation logic.
For generating view html use HtmlHelper. If the current HtmlHelper is not sufficient extend it using extension methods. This will keep the design in check.
- Action Methods
Decorate your action methods with appropriate verbs like Get or Post as applicable.
Decorate your most used action methods with OutputCache attribute.
- Controller and Domain logic
Try to keep away domain logic from controller. Controller should only be responsible for
- Input validation and sanitization.
- Get view related data from the model.
- Return the appropriate view or redirect to another appropriate action method.
- Use PRG pattern for data modification
PRG stands for Post-Redirect-Get to avoid the classic browser warning when refreshing a page after post. Whenever you make a POST request, once the request complets do a redirect so that a GET request is fired. In this way when the user refresh the page, the last GET request will be executed rather than the POST thereby avoiding unnecessary usability issue. It can also prevent the initial request being executed twice, thus avoiding possible duplication issues.
Design your routes carefully. The classic route debugger comes to rescue http://haacked.com/archive/2008/03/13/url-routing-debugger.aspx
- There should be no domain logic in the views. Views must be, only, responsible for showing the data.
- Views should not contain presentation logic
Views should not contain any presentation logic. For e.g. If a "Delete" button is to be displayed only for "Admin" role this should be abstracted away in an Html Helper. This is just an example and there will be many scenarios which will require this abstraction for easy maintenance of views.
- Use POST for "Delete" links instead of GET
Using Delete links (GET) is more vulnerable than using POST. Here is a detailed post on this along with a couple of alternatives.
Revision number 7, Thursday, July 05, 2012 2:31:04 PM by Philip Cole
You must Login to comment.
Fri, Dec 11, 2009 4:28 AM
I would like some more explanation, or at least some links to resources for each point you make.
Tue, Jan 12, 2010 2:53 AM
Can u please explain the article a bit
Sun, Jan 17, 2010 5:20 AM
Nice Covering. Thanks
Fri, Jan 29, 2010 5:02 PM
I agree with webloem, to many these days are posting blogs and wikis with "Best Practices" yet none seem to provide much if any reasoning or test samples & results to validate why something is a best practice. Even the mighty Yahoo Best Practices leaves much to be desired in this area.
Wed, Feb 10, 2010 8:24 AM
@webloem I’ve blogged about ASP.NET MVC best practices such as keeping logic out of your views, skinny controllers and how to unit test controllers see the links below. http://www.arrangeactassert.com/asp-net-mvc-view-best-practices-keep-logic-out-of-your-views/ http://www.arrangeactassert.com/asp-net-mvc-controller-best-practices-%e2%80%93-skinny-controllers/ http://www.arrangeactassert.com/how-to-unit-test-asp-net-mvc-controllers/ Kazi Manzur Rashid has also wrote a post about ASP.NET MVC best practices http://weblogs.asp.net/rashid/archive/2009/04/01/asp-net-mvc-best-practices-part-1.aspx as has Simone Chiaretta http://codeclimber.net.nz/archive/2009/10/27/12-asp.net-mvc-best-practices.aspx
Wed, May 19, 2010 10:02 AM
Kindly, can you post a link that explain the following: Use PRG pattern for data modification?
Wed, Jun 9, 2010 4:59 AM
Nice post. May i know where i can get the best practices for silverlight and WCF
Thu, Sep 9, 2010 11:14 AM
Fantastic! Please provide the addional links for example. Also what is Magic String?