0

Got a question: how far can we go without a form being implemented around the master page in a .net project?

I hate that form tag it stops us from having multiple smaller forms and thus we cannot use an "edit-in-place" feature properly, where i dont want to send all fields, just a few of them, and an ajax solutions is all good until we hit the wall of uploading a file, DAMN uploads, DAMN .net, DAMN HTML, does anyone know a way out of this ditch?

Question on the side, how on God's earth is posting a file thru the iframe regarded MORE SECURE than sending the file in an HTTPXML object? aren't they both an HTTP request?

thank you for bearing with my temper today

Ayyash
  • 4,257
  • 9
  • 39
  • 58

2 Answers2

0

There's so many places to start it's hard to pick a point.

First off, although the single form issue is enforced by regular .net web forms there are other options such as MVC. This would give you more control to emit multiple forms on the page. Just don't nest them as a number of browsers can't deal with nested forms very well.

As far as ajax, you don't have to make an ajax call back to the web form that served the page. It is pretty common to instead make several generic handlers (.ashx files) which your ajax controls post to. As an example, you might have one .ashx handler which deals simply with file uploads.

Besides separating out the functionality, generic handlers don't have to go through the entire page lifecycle to handle what amounts to a single action.

Regarding an iframe upload versus a regular upload, I've never seen anyone claim one is more secure than another. It's not. Further, some browsers (safari, I'm looking at you) have interesting issues regarding iframes so I tend to stay away from them anyway.

Community
  • 1
  • 1
NotMe
  • 87,343
  • 27
  • 171
  • 245
  • mm, i feel like coming from a different planet, uploads via ashx? are u sure? all of ajax uploader solutions on the net involve submitting to an iframe (or basically submitting the form via default browser http request), ur the first to claim otherwise, can u share an example? – Ayyash Jan 27 '11 at 18:31
  • The example shows it posting to a php file. Change that to a generic handler – NotMe Jan 27 '11 at 19:30
  • but u still need to "submit the form" right?, i juar looked at it, it doees rely on a single form – Ayyash Jan 28 '11 at 10:58
  • @Ayyash: No. That's what ajax does. – NotMe Jan 28 '11 at 15:05
  • no, thats what an iframe submit does.. but the work around would be use a hidden browse button, and trigger a click somewhere else on the page, grab file details in that hidden file input, which is located OUTSIDE the main form, now THAT is cool, i think there is a .net plugin that does that – Ayyash Jan 29 '11 at 12:39
  • FYI http://geekswithblogs.net/rashid/archive/2007/08/01/Create-An-Ajax-Style-File-Upload.aspx, as he says: " it is not possible, as the XMLHTTPRequest object that is used internally to post the form does not support file upload" and that is exactly the kind of answer i was hoping for – Ayyash Jan 29 '11 at 12:48
0

I got over this problem finally, i first used nested forms which is pretty ugle, it worked fine tho until i tried it on IE9 the look was broken (the behavior tho wasnt), one little small tweak and i was over it, i inserted the form tags on runtime, and IE9 didnt complain ;)

Ayyash
  • 4,257
  • 9
  • 39
  • 58