It's Friday...
On 16 Mar 2010, at 22:24, Jonathan Parker
<[email protected]> wrote:
Keep a lookout for Umbraco 5 as well as this is going to be written
in ASP.NET MVC.
I see this a fair bit and wonder... "If ASP.NET MVC came out first,
would people now be saying 'going to be [re-]written in ASP.NET Web
Forms'"? *shudder*
It's new... it must be better?
I understand the benefits of MVC (or, more realistically, not using
the abuse of HTML & HTTP that is WebForms) as I have a classic ASP
background and good understanding of the protocols used on the
Interwebs, but it just seems like people jump on the latest and
greatest without understanding what that brings (good and bad). More
XSS, etc. perhaps? Dunno.
I know MVC has some helpers to properly encode output and that's great
providing you know how/when/why one uses them. Same goes for
outputting into strings used by JavaScript - watchout for the
apostrophes and backslashes etc.
<sarcasm>Thank goodness ASP.NET traps 'dodgy' characters like < and >
in user supplied data</sarcasm>
--
Richard Carde
