Routing

ASP.NET routing allows developers to use URLs that do not map to the files of a web application.

ASP.NET platform

This allows URLs to be descriptive, understandable, and protects the application. ASP.NET MVC combined with ASP.NET Dynamic Data further extends routing capability into other areas supporting MVC. Dynamic Data automatically discovers data-model metadata at run time, and derives application behavior from the data. An ASP.NET application which does not utilize routing maps incoming requests to actual files. It specifies the file and uses a query string value to select the displayed content.

ASP.NET routing allows for the definition of URL patterns which map to request-handler files without the need to name specific files in the URL. It also allows for reserved spots in a URL pattern for the passing of variable data to the request handler without a query string requirement. An example of how this could work consists of a routing parser passing three string values (descriptive terms) to the page handler, and these string values form a URL pattern which defines the route. The page handler then associates these values with key areas, key actions, and key categories. A request without routing simply treats this information as a file location.

Handlers may be actual files, or classes responsible for processing the request (i.e., a controller). The creation of an instance of the Route class along with specifying a URL pattern, handler, and a name (names are optional) defines a route. Adding routes to the application requires adding the Route object to the static Routes property of the RouteTable class. The Routes property, an object of RouteCollection, stores all the application routes. MVC templates include pre-configured URL routes, making actual coding of routes unnecessary.

Some confuse routing with URL rewriting. URL rewriting changes the URL before sending requests, and usually does not involve the use of an API for creating specific URLs. URL rewriting also requires manual updating of all links when modifying any URL pattern. ASP.NET routing does not alter the URL during processing of a request due to the value extraction capability of routing; furthermore, a change to the URL pattern automatically modifies all related links.

URL PATTERNS

URL patterns hold values and variable placeholders (also known as URL parameters). These elements are found in the segments of the URL separated by slashes. A request parses the URL and values from it are passed to the request handler. Define placeholders through enclosing items in braces ( {item} ). More than a single item can be defined, but those definitions require the use of a delimiter or literal value between each item. This allows routing to determine how to parse.

In processing URL requests, routing attempts to match the URL with a route. How matching performs depends on route definitions, the order of their addition to the Routes collection, default values, and constraints. The definition process requires attention to detail in these areas.

The handler of a routed page request allows access to the values passed in processing. Routed single pages require management in contrast to MVC applications which automatically handle this area.

ROUTING SECURITY

In routing, authorization rules apply to either the route URL or both the route URL and the actual source (mapped) URL. This allows settings like controlling access; for example, to prevent users from accessing a page with the physical URL, apply authorization only to the route URL. The default setting is full authorization to the route and physical URL. Note that route authorization cannot fully secure a web application. Securing an MVC application requires setting the appropriate controller attributes.