We add IValidatableObject for class level validation. Next we look at our controllers and see how we protect against Cross-Site Request Forgery (CSRF) attacks and Overposting Attacks. Then we explore how to catch errors coming from the database by using try/catch.
Performance can be improved by using .AsNoTracking() in our LINQ when we are getting data from the database with no intention of changing the data. Finally we change the approach to the Edit process to follow industry best practice. Instead of just replacing the object in the database, we update it with TryUpdateModel.
0:00 Class Level Validaiton - IValidatableObject
4:15 Validate Nullable "sometimes" for OHIP
9:00 Start new set of Migrations
11:45 Controller Improvements
12:45 LINQ and .Include()
16:45 .AsNoTracking()
20:45 ValidateAntiForgeryToken
22:10 Overposting Attacks
27:20 Database Errors - Try/Catch
32:10 Edit Get - .FindAsync()
33:20 Edit Post - TryUpdateModelAsync()
41:30 Delete - Don't forget to add the Summary in the View!
Performance can be improved by using .AsNoTracking() in our LINQ when we are getting data from the database with no intention of changing the data. Finally we change the approach to the Edit process to follow industry best practice. Instead of just replacing the object in the database, we update it with TryUpdateModel.
0:00 Class Level Validaiton - IValidatableObject
4:15 Validate Nullable "sometimes" for OHIP
9:00 Start new set of Migrations
11:45 Controller Improvements
12:45 LINQ and .Include()
16:45 .AsNoTracking()
20:45 ValidateAntiForgeryToken
22:10 Overposting Attacks
27:20 Database Errors - Try/Catch
32:10 Edit Get - .FindAsync()
33:20 Edit Post - TryUpdateModelAsync()
41:30 Delete - Don't forget to add the Summary in the View!
Category
📚
Learning