What is a View State?

What is a ViewState? Introduction A Web application by nature is stateless, which means information is not persisted with each round trip of a web-page. Any information entered in by the user and sent to the server is not returned to the client back. To get over this limitation of Web Programming, the ASP.Net framework includes several state-management features like:- * View state * Control state * Hidden fields * Cookies * Query strings ViewState is a feature used by ASP.Net page framework to preserve page and control values between round trips. When the page is rendered, the state of the page and the values to be retained during postback are serialized into base64-encoded strings and stored in the view state hidden fields. Since view state is sent as a hidden field, changes to view state can be made until the PreRenderComplete event. Once the page is rendered to the browser, changes to view state will not be saved. You can access view state information using the page's ViewState property, which exposes a dictionary object. Because the data in view state is stored as a string, only objects that can be serialized can be stored. In some circumstances, such as data-driven pages that are refreshed from the data store on each postback, you should turn view state off to remove the large hidden fields generated by data controls such as the GridView control. Enable ViewState at different Levels By default viewstate is enabled for a Web-page. ViewState can be altered at different levels of a Web-Application. Like: · Application Level · Page Level · Control Level Application level At the Application Level all the pages in the application can have the viewstate configured by configuring the web.config file as shown below. enableViewState="true" /> Page Level To alter viewstate at the Page Level the EnableViewState attribute has to be added to the Page directive. Control Level Similarly, to enable view state at the control level, one has to set the ‘EnableViewState’ property of the control to ‘True’ Drawbacks of using a ViewState Storing the view state in hidden fields (which is its default behavior) is appropriate for most of the time, but it has it own disadvantages too. Like, * The information being stored in hidden fields in the page, it increases the page size, which in turn significantly increases the network traffic and slows down the connection. * Another important consideration is that if the amount of data in a hidden field becomes large, some proxies and firewalls will prevent access to the page that contains them * Some mobile devices do not allow hidden fields at all Persisting ViewState By default view state is stored as hidden fields at the client side. In ASP.Net 2.0 you can change this default behaviour and store view state in another location such as a SQL Server database, by implementing the PageStatePersister Class. Alternately, you can store the view state for your page in the Session Object on the server using the SessionPageStatePersister Class. It should be noted that only types marked with Serializable can be stored in view state. You can store objects of the following types in view state: * Strings * Integers * Boolean values * Array objects * ArrayList objects * Hash tables * Custom type converters You can store other types of data as well, but the class must be compiled with the Serializable attribute so that view state can serialize them into XML. You can set the maximum size for the hidden field which stores the viewstate by setting the MaxPageStateFieldLength field. When the MaxPageStateFieldLength property is set to a positive number, the view state sent to the client browser is broken into multiple hidden fields, and each field's value is less than the size specified in the MaxPageStateFieldLength property. Set the value of the MaxPageStateFieldLength property in the pages element of the Web.config file. Securing View State View State when used as it is, Has its security concerns. Though the data stored in hidden fields are encoded using base64 encoding, it is still available to users to tamper with. So it is advisable to encrypt the data. To encrypt the data, set the page's ViewStateEncryptionMode property to true. If you store information in view state, you can use normal read and write techniques; the page handles all encryption and decryption for you. Encrypting view state data can affect the performance of your application, so do not use encryption unless you need it. In the @ Page directive, set the ViewStateEncryptionMode attribute to "Always", as in the following example: So that’s an overview of View State in ASP.Net Happy Programming Robert