xviii Improving .NET Application Performance and Scalability
HTTP Modules..................................................... 316
Avoid Long-Running and Blocking Calls in Pipeline Code .................... 316
Consider Asynchronous Events ...................................... 316
More Information ................................................ 317
String Management................................................. 317
Use Response.Write for Formatting Output .............................. 317
Use StringBuilder for Temporary Buffers................................ 318
Use HtmlTextWriter When Building Custom Controls ....................... 318
More Information ................................................ 318
Exception Management .............................................. 318
Implement a Global.asax Error Handler ................................ 319
Monitor Application Exceptions ...................................... 320
Use Try/Finally on Disposable Resources............................... 320
Write Code That Avoids Exceptions.................................... 320
Set Timeouts Aggressively .......................................... 322
More Information ................................................ 323
COM Interop...................................................... 323
Use ASPCOMPAT to Call STA COM Objects.............................. 323
Avoid Storing COM Objects in Session State or Application State ............. 324
Avoid Storing STA Objects in Session State ............................. 324
Do Not Create STA Objects in a Page Constructor......................... 324
Supplement Classic ASP Server.CreateObject with Early Binding .............. 324
More Information ................................................ 325
Data Access...................................................... 325
Use Paging for Large Result Sets..................................... 326
Use a DataReader for Fast and Efficient Data Binding ...................... 327
Prevent Users from Requesting Too Much Data........................... 327
Consider Caching Data ............................................ 327
More Information ................................................ 327
Security Considerations.............................................. 328
Constrain Unwanted Web Server Traffic ................................ 328
Turn Off Authentication for Anonymous Access........................... 328
Validate User Input on the Client ..................................... 329
Avoid Per-Request Impersonation..................................... 329
Avoid Caching Sensitive Data........................................ 329
Segregate Secure and Non-Secure Content ............................. 329
Only Use SSL for Pages That Require It ................................ 330
Use Absolute URLs for Navigation .................................... 330
Consider Using SSL Hardware to Offload SSL Processing ................... 330
Tune SSL Timeout to Avoid SSL Session Expiration ........................ 331
More Information ................................................ 331
IIS 6.0 Considerations............................................... 332
Process Model .................................................. 332
Kernel Mode Caching ............................................. 333
Web Gardens ................................................... 334
Garbage Collector Configuration Flag.................................. 335