Practice
Last updated
Was this helpful?
Last updated
Was this helpful?
Requirement Document -> extract core use cases that can have the most impact on the design of the software project.
So instead of implementing each feature end-to-end and fully polished, we want to implement these core use cases first. Because implementing these use cases early on will give us an idea of the challenges involved in this project.
Backlogs are where we store all the use cases of the project.
Dependencies between the use cases are shown using dashed arrows. Based on these dependencies, we will know in which order we need to implement these use cases
Easier
Has Limitation
More Powerful
A bit more complex
Presentation Model or ViewModel is a different class that is purely used for presentation and is not part of the domain.
use parameterized queries
use Entity Framework to generate SQL queries
if we use SqlQuery() of DbSet, then it will again generate SQL Query and the application will be vulnerable to SQL Injection.
escaping content (eg. <script> => <script>)
By default, ASP.NET MVC applications have protection mechanism that detects javascript in inputs of the forms. (it can be explicity disabled in the Web.config file.)
By default, Razor views automatically escape content. (except Html.Raw())
Allows an attacker to perform actions on behalf of a user without their knowledge.
call @Html.AntiForgeryToken() in the forms, and then decorate the target action with [ValidateAntiForgeryToken] attribute.