Does C# code contained in Javascript still need to be compiled? - javascript

We have a web application built with C# and ASP.NET. I have to reference a few .NET session variables in my JavaScript code, so I use the following line to do so:
var layoutID = '<%=Server.UrlEncode(string.Format("{0}", Session["layout_id"]))%>';
This works just fine. The web application is built and published to our web server. If I want to make a change, a .NET change would require me to compile the changes and publish it to the web server again. If it's a JavaScript change, I can simply edit the js in the .ASPX page and the fix is immediately picked up...no compiling needed.
My question - what if I make a change to this inline C# code contained in JavaScript? Say, for example, I meant to access Session["layoutid"] without the underscore. Could I just edit the .ASPX page on the web server, or will this require compiling just as if it were in a .CS file? I'm guessing since it's C#, I will still need to compile for the change to be picked up. And yes I could just try it and see for myself, but I was hoping someone could give a little insight into what goes on behind the scenes with this inline c# code. And while we're on the topic, is the technique I'm using to access .NET sessions variables in JavaScript the most efficient way to do it?
Bonus question - what is this technique called? I tried searching for an answer but I wasn't sure what to search for other than "in-line c# code JavaScript".
Thanks!

No, changes to ASPX/CSHTML files don't require re-compilation.
Note: whether it is good idea to jump on production server and change random code bypassing source control/testing is question to discuss and answer by your team.

Related

Can I add pre-existing Javascript code to an ASP.NET MVC C# application

Apologies if this is a silly question. I currently have a small backend system written in ASP.NET Mvc in C# that allows you to do multiple features relating to profiles (Add, Edit, Delete, View) amongst other features.
My friend has an application he created as his University project and we're both just curious if we can merge his application with mine as his is purely a front-end system and mine is a back-end.
He has written an SQL web application that tests you with some general T-SQL questions with a pre-set SQLite3 database that you can modify based on the questions asked. He has written it all in Javascript and using HTML and CSS. He has 3 folders, a folder contaning all the javascript, a folder with an SQLITE3 database and a folder with the HTML/CSS.
I was just wondering, can I essentially 'drag and drop' all the 3 folders into my application on Visual Studio and will it just run seamlessly?. I assume I will need to go into the Javascript and modify any changes to the paths of the database which I can do. I'm not interested in calling any js functions or anything yet, just making it so I can start the application, be taken the HTML for the SQL application and then all the js scripts work for that page.
If this is not the case, is it a case where I can only use Javascript by injecting it into ASP.NET by using the tag <script type="text/javascript">?
Trying what I have stated. As it webpage was in HTML, I created an action in my controller that opens up the HTML page in CSHTML. This will display the HTML but no methods are called when the page loads therefore no database is loaded or what I presume to be any Javascript commands.
If there are any materials that help with this issue, can you please link them below. I had done some research but could not find anything that points to this specific issue.
Can I add pre-existing Javascript code to an ASP.NET MVC C# application
Yes.
Apologies if this is a silly question.
It isn't a silly question because there is an ambiguity in the question that might make the answer "no" in your specific case.
Firstly the good news - you can reference scripts written in Javascript in your HTML, and you can put blocks of Javascript in you CSHTML too. It's possible to use Razor to create a page that includes HTML, Javascript and C# in the same page - BUT there is a difference about where and when the code executes that might be an issue for you.
The question you need to determine is if your friend's project is written using the Node.js framework. Javascript is a language and it can be used in both front-end (execute in the client's browser) and back-end applications.
You can use your ASP application (which is server-side or back-end code) to write documents that either include Javscript or reference scripts to be executed by the client-side code in the browser. You can't get your back-end to run the Javascript in the same application) as it is intended for a different framework.
You can have two applications hosted on the same server, and make calls between them both and use them together in that respect, but otherwise you need to select one or other as the back-end providing framework for your web application.
So you can include Javascript in your ASP application, but for execution on the client-side in their browser. Your mentioning of database connections heavily implies that you are describing server-side code - so talk to your friend about Node.js to ensure that is what they are using.
You can read about Node.js here: https://nodejs.org/en/
There are some details about mixing ASP and Node on Azure here: Mixing node.js and ASP.NET projects in a single Azure Web Role?

Windows UI Automation from a Web Page

I have VB.NET code that handles automation of various application installs. I want to move this essentially out of a VB generated EXE package, and be able to execute the same code (or the equivalent result) from an HTML page on a server. Is this possible? It looks like javascript can't cross the web application/desktop application barrier. Perhaps I can execute the VB.NET code/application that handles the automation (stored server side) from code in the HTML? This is a fairly broad question(s) so ideas are welcome. Please post examples with your ideas!
Thanks.
Ian's comment made me read the question again. If you really plan to execute code on the client through a web browser, please ignore this answer.
You can use any server-side language that you want to do this. Since you already wrote it in VB, you can use ASP.NET or PHP's exec(). Example:
<?php
if($_GET["dosomething"]) {
exec("mycommand");
}
will execute mycommand when you pass dosomething as a paramter to the file.

MVC3 - How to dynamically set facebook app Id in javascript?

I have an MVC3 web app that uses a number of the facebook api calls. When I am testing I am using one facebook app Id but will use another in prod (this will be swapped in during the build).
Ideally I'd like to put the app Id in the web.config file to make swapping it during the build easy and so that the id is only in one place. However, I can't see an elegant way to get the id from the app.config into the multiple javascript functions that need it. I looked at reading it into a variable in the _AppStart.cshtml file but not sure that this is right as it means reading the value into a c# object and then passing that as a string to a javascript function that is called before each page loads and that smells a bit wrong.
I'm still learning javascipt so I'm not sure how this thing "should" be done. Any pointers would be great.
Matt
So, I've just come across this which deals with my question. I thought I'd exhausted google before asking this question but obviously not ;-)
integrating-facebook-login-button-in-aspnet-mvc-4-application

Is it normal to be able to see JavaScript in page source?

I understand that scripting language such as PHP will not be shown in the page source of the browsers. Is it not the same for JavaScript?
If so, why are they treated differently and are there solutions available to hide JavaScript from page source (revealed by browser)?
I don't need the details about how exactly to hide it, just out of my curiosity if it has been worked on.
Thanks!
PHP is run on the server and produces some output, often HTML, but may also include XML, CSS, PHP, images etc.
JS gets sent to the client, and is run there, so they need to see it.
You can always view JS source, though you can obfuscate it. There isn't much point though, as a decent debugger will let you work things out anyway.
For instance, using the Web Inspector in Webkit browsers, or Firebug will allow you to view the javascript and set breakpoints and see variable values, so it's often trivial to work out what is going on.
This is OK though, and it one of the reasons why learning JS is so straight forward. When designed correctly, it's rare that this presents a security problem.
You may find sites where the JS looks mangled and unreadable - this is frequently done to reduce the file size, hence all the .min.js files you see on websites rather than to make it hard to read.
Most people do this automatically as part of their build process, rather than doing it by hand. To do this, https://github.com/mishoo/UglifyJS is a good choice.
You should understand that there are server-side and client-side scripting languages. What you see on the client (browser) is the output of execution of the server-side script (PHP, Perl etc).
That said, there have been libraries developed to obfuscate JavaScript code.
PHP isn't "shown" in the browser because it's not there: it's already been rendered as HTML and sent to the browser by the server. (Same as Java servlet or JSP code.)
In-line JavaScript is part of what's sent to the browser, so it can be shown in page source.
JavaScript source linked in a <script> tag is not shown as part of page source; you only see the tag and the URL.
I understand that scripting language such as PHP will not be shown in
the page source of the browsers. Is it not the same for JavaScript?
Yes, server-side script is not visible in the browser's source though client-script like
JavaScript is fed to and parsed by the browser.
If so, why are they treated differently and are there solutions available to hide JavaScript from page source (revealed by browser)?
"Hiding" JavaScript isn't possible. Though, you can minify and obfuscate the script.
http://en.wikipedia.org/wiki/Minification_(programming)
http://en.wikipedia.org/wiki/Obfuscation
No, you need to distinguish between serverside and clientside (scripting) languages.
A serverside script runs invisible [from the client] and sends its results (of any type, including js files) to the browser. These result files are public.
A browser receives public files. Some of them can and will be executed. As JavaScript is a non-compiling language, you will always see its source.
See also How to prevent View Source of page using Javascript?, how to hide javascript code etc. - you only can obfuscate it.
Javascript and PHP are two different concepts one of them is client side language which can be seen in browser and the other server side which is hidden to the eye.
One simple way to hide your javascript code would be to include in a file so it wouldn't be seen in that specific page - but everyone will have a link to it and can still see it when they click on it.
Other solution would be to minify it, which would work the same but is going to be petty much unreadable.
http://en.wikipedia.org/wiki/Minification_%28programming%29
PHP is like a macro running on the server, it outputs text that is sent to the client. JS is scripting that the browser must interpret to update the contents of the page.

How to hide Ruby generated JavaScript code in a separate file?

We currently have a tool on our website that is created by JavaScript. The JavaScript is generated by Ruby via .js.erb and .html.erb files. The problem is that it's proprietary code and we'd like to at least be able to move it to a separate file so it's not directly viewable when using "View Source" and maybe include it in our bundles like a regular .js file.
Is there some way to intercept the rendering and redirect it elsewhere or something?
The closest I've come was this - Rails Javascript compression/minification on respond_to javascript response?
We did have it working server-side but it was too slow for our clients.
We're using Rails 3.0
Try Javascript Obfuscation . Check this question on Stackoverflow for various ways to Obfuscate Javascript .
How can I obfuscate (protect) JavaScript?
You can try YUI Compressor, Google Closure Compiler or UglifyJS .
The best way to prevent source code from being copied is to have most of the proprietary work done on the server side .
So we didn't find any way to fully hide the Javascript. What we did end up doing was juggling a rather unfortunate number of variables and method stubs created via ruby and passed to more static javscript located in a separate file which gets minified. Not the most elegant of solutions but if you can follow the stub trail then I applaud you.

Categories