Friday, March 8, 2013

SharePoint 2013 and SharePoint 2010 Website Webpages with Inline Code

Lately a number of people requested about including inline value into an aspx web page, that exists in a web page collection or papers collection. This is an exciting problem that could present some protection issues. Let's take a step back and look at how SharePoint performs with aspx that exists on the data source.

SharePoint has the capability to supply and personalize webpages within a site without the need to make any changes to the local computer file system of the front-end Web hosting server. This capability of SharePoint is made possible by saving personalized editions of .aspx information and .master information inside the material data source and accessing them on need when they are needed to process an inbound page need. SharePoint uses an element known as Exclusive Direction Company (which is presented in ASP.NET 2.0) to perform the webpages from the material data source.

The idea behind an exclusive direction company is that it abstracts information of where web page information is saved away from the ASP.NET playback. By creating a customized exclusive direction company, a designer can create a customized element that retrieves ASP.NET computer file types, such as .aspx and .master information, from a distant location, such as a MS SQL Hosting server data source. Once an exclusive direction company retrieves the material of an .aspx web page, it can complete it along to the ASP.NET playback for parsing.

The Windows SharePoint Solutions group designed an exclusive direction company known as SPVirtualPathProvider that is incorporated into every Web program. The SPVirtualPathProvider category is incorporated into the ASP.NET demand managing facilities by the SPRequestModule. More particularly, the SPRequestModule element contains value to sign-up the SPVirtualPathProvider category with the ASP.NET Structure as it does it’s perform to initialize a Web program. The SPVirtualPathProvider retrieves an ASP.NET web page computer file from the material data source, such as standard.aspx, and then goes it along to the ASP.NET web page parser. The SPVirtualPathProvider category performs together with another category known as the SPPageParserFilter to provide managing guidelines to the ASP.NET web page parse You could read more details from the MSDN article

From the structure of SharePoint Web page performance design we could determine that it is possible to run inline value from an ASP.Net page even if it exists on the material data source. Let us go through the making an aps page operating.

Determine PageParserPath in Application web.config

The first step is to set the PageParserPath in SharePoint web application's Web.config computer file. For example my SharePoint web program operating on slot 80 and it is planned to the actual listing "c:\inetpub\wwwroot\wss\80", then go to the actual listing and start the computer file and search for the site parser direction that prevails under the SafeMode Area like in the following. In the PageParserPath factor, set the exclusive direction to the comparative direction of the Page collection or papers collection in which we will be maintaining the aspx web page with inline value.

<SafeMode ... > 
</SafeMode> </SharePoint>

You need to set AlowServerSideScript and IncludeSubFolders and Comiplation Mode.

The possible values of Compilation Mode are:
  • Always: The default value, which compiles the page always
  • Auto: Page will not be compiled if possible
  • Never: The page will not be dynamically compiled
Create an aspx page

Create the aspx page that you want to have inline code, something like the following
. You could add a proper master page so it will maintain the UI consistency of your site.<%@ Import Namespace="System" %> <%@ Page Language="c#"%> <script runat="server">   public string ServerSideFunction()
     return "Hello I Am Your Inline Experiment";
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"     ""> <html xmlns="" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252" /> <title>ASP.NET inline</title> </head> <body> <% =ServerSideFunction() %> </body> </html

Add aspx Page to Document or Page Library

The final step is upload the aspx page into the document or page library so that it will go to the content database. Once you have uploaded you could browse to the aspx page and verify that it is working.
Example: Let assume I have a SharePoint Root site (http://MyServer/Sites) and created a subsite (http://MyServer/Sites/TestInline ) called TestInline under it. Then I created a page library called pages in the TestInline site for keeping all my inline code APS pages. In order to do that I added the PageParser element into my web.config with a virtualpath of "/sites/TestInline/Pages/*". In the final step I created a test.aspx and uploaded it to my page library and accessed the page "http://MyServer/Sites/TestInline/Test.aspx".

Important Points needs to be considered
  1. PerformanceThe PageParserPath directive is used in combination with the three properties CompilationMode="Always", AllowServerSideScript="true" and IncludeSubFolders="true". Each page in the folders specified in the VirtualPath attribute will be compiled into "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\" as an App_Web_GUID.dll file. When you edit the aspx page in SharePoint, the file's last modified date will change and ASP.Net will recompile the page. ASP.Net will restart the application domain after 15 recompilations that will unload all DLLs from memory and run garbage collection and release all cached resources. The next request will initialize a new application domain for the web site and start compiling pages and repopulate caches, therefore the request will take more time.

    In order to increase the recompilation limit the numRecompilesBeforeAppRestart must be added or edited in the compilation element, for example:

    Compilation Element (ASP.NET Settings Schema)
  2. Security
    This could introduce security issues to the site, so we need to properly control who can upload inline code aspx pages to the designated library. Otherwise this could lead to security vulnerability in the system.


No comments:

Post a Comment