See what James Shaw from www.CoverYourASP thinks about render blocks. Once you have read this article you will think twice about using them.
A simple, normal, ASP page
Consider this simple ASP file below:
<%@ Language=JavaScript %>
<html>
<head>
<title>My page</title>
</head>
<body>
We're in "HTML mode" here...
<%
var sScript = Request.ServerVariables ( "SCRIPT_NAME" );
Response.Write ( '<p>I am called ' + sScript + '<p>' );
%>
...and here.
</body>
</html>
Most of this file is plain HTML. It is simply streamed out to the browser as-is. The section of JavaScript wrapped in a <% %> is called a render block.
Render blocks aren't a terribly good idea. Many ASP examples out there use them, but I'm going to try and persuade you never to use them again. This may be an uphill struggle!
System Inefficiency
Let's bring out the big guns first. Microsoft doesn't think you should use them. They are inefficient because they force the system to constantly switch back and forth between "HTML mode" and "ASP mode". You know how hard it is to work when your kids are playing in the same room? That's what it's like having to stop and output some HTML when you're busy interpreting script.
Since we're not likely to be writing the next eBay any time soon, that might not be the most relevant argument, so let's try another.
Wasting Bandwidth
You see how the file above is nicely formatted - the <title> tag is indented from the <head> tag? You need to do that when you're coding to make the code easily readable, and hence maintainable.
But you're punishing your users unnecessarily! They have to download your extra line feeds and tabs, when their browser could care less that they are there. The file below renders exactly the same:
<%@ Language=JavaScript %>
<html><head><title>My page</title></head><body>We're in "HTML mode" here...
<%
var sScript = Request.ServerVariables ( "SCRIPT_NAME" );
Response.Write ( '<p>I am called ' + sScript + '<p>' );
%>
...and here.</body></html>
So, the user is now happier because your page loads faster. If you don't think this matters much do a View/Source on some major sites and see the extra baggage they send out. Remove the HTML comments and the extra spaces/tabs and you'll be surprised how much quicker they download.
I did this exercise on a page generated with FrontPage. It started out as a 40k file - that's a sizeable page to download at 28.8kb. I removed the indentation (which were all spaces) and the HTML comments and the page reduced to 3k. The browser didn't render anything differently, just 10 times quicker!
But what about readability?
Ok, let's say you're with me on the bandwidth issue. But now the code isn't readable, right? Here's the real answer (using my Out function to wrap Response.Write):
<%@ Language=JavaScript %>
<%
// the statement below enables buffering of the data sent to the browser.
// see http://learnasp.com/learn/whybuffer.asp
%>
<% Response.Buffer=true %>
<%
Out ( '<html>' );
Out ( '<head>' );
Out ( '<title>My page</title>' );
Out ( '</head>' );
Out ( 'We're in "HTML mode" here...' );
// output the name of the script itself
var sScript = Request.ServerVariables ( "SCRIPT_NAME" );
Out ( '<p>I am called ' + sScript );
Out ( '<p>...and here.' );
Out ( '</body>' );
Out ( '</html>' );
%>
Indentation, comments, efficiency. What more could you possibly want? You want MORE?
Security
I'm pushing it to say security, but a side-effect of the bandwidth fix is that when everyone in the whole world does a View/Source on your page, they see the almost unintelligible code below. Yes, they can buy a code formatter that will make it look pretty again, but at least admit it's making it more difficult for them?
<html><head><title>My page</title></head><body>We're in "HTML mode" here...<p>I am called temp.asp<p>...and here.</body></html>
Try it now - View/Source - apart from the source code blocks it is just one long line of HTML. (Actually there is one exception. If you have to output an HTML comment add a \n (newline) after it)
It's out there - ASP.NET
My last ditch attempt to persuade you now - ASP.NET. Well it is coming you know, and ASP.NET doesn't allow render blocks that include functions anymore. So this particularly nasty piece of code (IMHO)...
<% function DoSomething ( ) { %>
something in HTML
<% } %>
...now has to be written like this:
<script language="JavaScript" runat="server">
function DoSomething ( )
{
Out ( 'something in HTML' );
}
</script>
I hope you're convinced now? If not, begone! Back to FrontPage with you...
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More ASP Articles
More By James Shaw
 developerWorks - FREE Tools!
|
As businesses grow increasingly dependent upon Web applications to provide services to customers, employees and partners, these complex applications become more difficult to secure. Although traditional security solutions protect Internet infrastructure layers, they do not guard against HTTP and HTML attacks. Many organizations that conduct security testing still deploy applications that allow attackers to manipulate their logic and wreak havoc on their business. To mitigate this risk, development and delivery teams must address Web application security throughout the lifecycle, addressing the many layers detailed in this paper.
FREE! Go There Now!
|
|
|
|
Effective governance for lean development isn’t about command and control. Instead, the focus is on enabling the right behaviors and practices through collaborative and supportive techniques. Hear from Scott Ambler on how it is far more effective to motivate people to do the right thing than it is to force them to do so. Learn how to form a lightweight, collaboration-based framework that reflects the realities of modern IT organizations.
FREE! Go There Now!
|
|
|
|
Poor Requirements Management capabilities in an Enterprise have been linked to excessive project failures, escalating IT costs, and failure to deliver competitive advantage into the marketplace. Join Brianna M Smith from IBM Rational and learn about how successful organizations align IT and Business stakeholders through collaborative processes and tools for effective requirements management, and how an integrated approach across the IT lifecycle can provide unparalleled visibility and traceability to ensure that project teams are delivering on the business vision by "doing the right things" and "doing things right."
FREE! Go There Now!
|
|
|
|
Learn to enable users to both rate existing animations and to combine existing animations into new snippets. This is the third in a series of three tutorials that chronicle the building of a site that enables collaborative discussion and animation building using Domino and OpenLaszlo.
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial version of WebSphere Extended Deployment Compute Grid, which lets you schedule, execute, and monitor batch jobs. Because online transaction processing and batch jobs execute simultaneously on the same server resources, you can avoid costly duplication of resources. Compute Grid supports job types of Java transactional batch, compute-intensive and a new type called "native execution", which enables non-Java workloads to run on distributed end points.
FREE! Go There Now!
|
|
|
|
In this tutorial, you can learn how to install and configure the IBM Rational Asset Manager Eclipse client, explore the different views in the Asset Management perspective, learn various search techniques, work with existing assets, and submit a new asset.
FREE! Go There Now!
|
|
|
|
Learn from the best! Find out how developers use Rational ClearCase to be more flexible, innovative and deliver higher quality code in the Rational ClearCase Power Users eKit. This complimentary eKit provides a collection of materials, like articles, whitepapers, and demos that can help you become a power user of Rational ClearCase.
FREE! Go There Now!
|
|
|
|
You can now evaluate IBM Rational Asset Manager V7.0 online without installing or configuring it on your own system! Rational Asset Manager helps create, modify, govern, find, and reuse any type of development assets, including SOA and systems development assets. Rational Asset Manager helps you reduce software development costs and improve quality by facilitating the reuse of all types of software development-related assets. Visit developerWorks to learn more about this product and register to explore its capabilities online.
FREE! Go There Now!
|
|
|
|
In this webcast, IBM Rational will discuss the importance of Web application security and will share techniques and best practices to introduce application security testing into current QA processes including: understanding common security vulnerabilities and techniques to integrate security testing with defect tracking and remediation systems in an effort to safeguard sensitive online information.
FREE! Go There Now!
|
|
|
|
The Eclipse community is constantly working to extend Eclipse's functionality. In this webcast, learn about some of the most important and feature-rich projects under development. From multi-language support to plug-in development, tune in to see what Eclipse is capable of now.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
