Monday, November 15, 2010

ASP.NET MVC aplication inside in an iframe (fix issue with empty session).

I developed application using ASP.NET MVC framework. It worked well but when I put my app inside of iframe I founded that in some case in Internet Explorer application missed session.
I started to investigate for the source of the issue.
I founded that application worked well if I decrease security level in the IE. But this fix weren’t suitable for me (I can`t request something in the customers). So I carried on with investigation.
Well description what happen I founded on the follow page (unfortunately, I didn’t found English version of this page, so I used google translate for figure out this article).
So for fix this I should add “PSP” header to response. How can I do it for the ASP.NET MVC application? In classic ASP.NET it is easy to do in code behind or in aspx file. I overrode ExecuteResult method in all classes inherited from ActionResult that used in my application. ViewResult for example:
public class CustomViewResult : ViewResult
{
public override void ExecuteResult(ControllerContext context)
{
context.HttpContext.Response.AddHeader("P3P", "CP=\"CAO PSA OUR\"");
base.ExecuteResult(context);
}
}

After it I used my customized classes in base controller of all controllers in application (It was very nice idea to implement one base controller for all other controllers, wasn't it?). For example:
public class BaseController : Controller
{
protected override ViewResult View(string viewName, string masterName, object model)
{
if (model != null)
{
base.ViewData.Model = model;
}

return new CustomViewResult
{
ViewName = viewName,
MasterName = masterName,
ViewData = base.ViewData,
TempData = base.TempData
};
}
}

For figure out which methods I need to override I used cool tools - .NET Reflector.