ScottGu throws a new MVC CTP into the MIX

Scott Guthrie announced today that the next drop of the ASP.NET MVC framework will be made available at MIX08 in a few weeks. It is well worth reading the whole post because Scott then goes into details about what we can expect to see. To summarise:
  • MVC will be able to run in a partial trust environment - I hadn't tried this so I didn't realize it was an issue
  • More powerful Routing - Wildcard mapping, explicitly named routes, RESTful routes, etc.
  • The ability to select a test framework for your test project - The screenshot provided by Scott shows MSTest, NUnit, MbUnit and XUnit
  • The death of the ControllerAction attribute - This was a question asked at my presentation last week and I would have preferred that they kept it to be honest
  • Filters for Controllers and Controller Actions in the form of attributes - This is going to be a great addition to the platform, an extensible, meta-data based filtering system. The examples given in Scotts post include an Authroization filter and an OutputCache filter
  • Built-in HTML helpers - I guess this means that the MvcToolkit project is being merged into the MVC core project. Good Stuff
  • A refactored design to support better maintainability, flexibility and testability
  • Downloadable in Source form - Wait, what!?

That's right, the MVC framework will be made available as source code that you can include in your project and debug into. This is going to give us in the community a fantastic opportunity to help the team discover and fix defects as well as give us great insights into the development processes and standards within Microsoft.

If, like me, you aren't going to MIX don't worry, the CTP will be made available online at the same time. I can't wait to get my hands on these bits.

Posted by: Mike Minutillo
Last revised: 27 May, 2011 02:42 PM History


14 Feb, 2008 02:25 AM @ version 0

@Dave - I liked the ControllerAction attribute because it meant that you were starting from a position of safety and exposing only methods that you know are safe. By removing the attribute and presumably providing a NotControllerAction (or similar) attribute you are starting with the assumption that everything is safe and then hiding away methods that are not.

It is very similar to Server 2003 which started "locked-down" as opposed to Server which started "open". The risk of minor errors have major security implications is frightening.

One could argue that this is really covered by making method public or private but I think that developers new to MVC (especially those who are trying to figure out Unit-Testing Controllers) are likely to make some serious mistakes. A new era of script-kiddies be born.

13 Feb, 2008 11:43 AM @ version 0

I have to say I much prefer the implicit-ness of not requiring the ControllerAction attribute. Why are you against it?

The filter attributes look pretty sweet.

No new comments are allowed on this post.