In previous posts about MS AJAX, we have been studying the new elements introduced in the web.config for a new project that uses Microsoft ASP.NET AJAX Extensions. The last thing we have to study is the ScriptModule HttpModule:
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
The ScriptModule is necessary to provide 3 features needed by the MS AJAX:
• To allow page redirection in a partial page update.
• To be able to call page methods instead of web service methods.
• To serve some files to the users skipping the standard authorization mechanism.
Let’s see how those features are implemented. The ScriptModule handles three HttpApplication events:
The PreSendRequestHeaders event is raised before the server sends the headers to the browser, and it is the last chance to modify them. The ScriptModule handles this event, and checks if the current response code is 302, emitted when you call to the Response.Redirect method.
As we will see when we study the UpdatePanel, it allows partial page updates, generating XMLHttp requests. A partial page update has a request header of type "X-MicrosoftAjax" with a value of “Delta=true”. However, as the response of this request is handled internally by the MS AJAX runtime instead of the browser, the redirect wasn’t working. The ScriptModule fixes this problem, because when a redirect is found for a partial page update request, it clears the response (headers and content), maintaining the cookie collection and returning a string as the content of the response. The content of the response is obtained by calling the EncodeString method of an internal class called PageRequestManager. This class plays a key role in the MS AJAX infrastructure and will be studied in detail in future posts. For now, we’re only interested in the EncodeString method, that has 3 main parameters (type, id and content) and generates a string that looks like this:
Length + ‘|’ + type + ‘|’ + id + ‘|’ + content + ‘|’
Encoding the characters “\u0000” and “\u00ff”.
In the client side, when the response has been received, the _onFormSubmitCompleted method of the PageRequestManager class checks the type of command specified, and acts accordingly.
When a redirect is found in response for a partial page update, the ScriptModule generates a string of type “pageRedirect”, where the redirect location is stored in the content. The client side handles this command as shown below:
window.location.href = deltaNode.content;
making the redirect work as expected.
One thing to point is that the ScriptModule checks if a rest call has generated a redirect, throwing and exception in that case. This is done for security reasons.
The PostAcquireRequestState event is raised after the session data has been obtained. If the request is for a class that implements System.Web.UI.Page and it is a rest method call, the WebServiceData class (that was explained in a previous post) is used to call the requested method from the Page. After the method has been called, the CompleteRequest method is called, bypassing all pipeline events and executing the EndRequest method. This allows MS AJAX to be able to call a method on a page instead of having to create a web service to call a method.
The AuthenticateRequest event is raised after the identity of the current user has been established. The handler for this event sets the SkipAuthorization property of the HttpContext for the current request. This property is checked in the authorization module to see if it has to omit authorization checking for the requested url. Usually an HttpModule use this property to allow anonymous access to some resources (for example, the Login Page if we’re using forms authentication). In our scenario, the ScriptModule sets the SkipAuthorization to true if the requested url is scriptresource.axd or if the authorization module is enabled and the request is a rest request to the authorization web service.
As you can see, the ScriptModule isn’t terribly complicated but it is necessary to have the MS AJAX infrastructure working properly.
If we check the AJAX ASP.NET Extensions server side source code, we have now studied about a 33% of it and we haven’t done anything more than study the new infrastructure elements provided for a MS AJAX application in the web.config. The most interesting stuff is to come.
In the next posts I’ll talk about the ScriptManager control.