Top .NET Development Questions: Dependency Injection, Routing, CORS, Policies, Filters, Exceptions
Q1. What is Dependency Injection (DI) in .NET?
Answer
Dependency Injection (DI) is a design pattern used to implement IoC (Inversion of Control) for resolving dependencies. A class receives the objects it needs (dependencies) from an external source rather than creating them itself.
Q2. What are the benefits of using Dependency Injection?
Answer
DI promotes loose coupling, easier unit testing, and better code maintainability by allowing dependencies to be injected rather than hard-coded.
Q3. What are the different types of Dependency Injection?
Answer
The main types of DI are Constructor Injection, Property Injection, and Method Injection.
Q4. What is Constructor Injection in DI?
Answer
Constructor Injection is a DI pattern where dependencies are provided through a class constructor.
Q5. What is Property Injection in DI?
Answer
Property Injection is a DI pattern where dependencies are injected through public properties of a class.
Q6. What is Method Injection in DI?
Answer
Method Injection is a DI pattern where dependencies are passed to a method, usually after the object has been constructed.
Q7. How do you register services in ASP.NET Core for DI?
Answer
Services are registered in the `Startup.cs` file using methods like `AddTransient`, `AddScoped`, and `AddSingleton` in the `ConfigureServices` method.
Q8. What is the difference between AddTransient, AddScoped, and AddSingleton?
Answer
`AddTransient` creates a new instance every time it is requested. `AddScoped` creates an instance once per request. `AddSingleton` creates a single instance for the application's lifetime.
Q9. What is attribute routing in ASP.NET Core?
Answer
Attribute routing allows you to specify routing information directly in the controller or action using attributes, providing more control over URL patterns.
Q10. What is conventional routing in ASP.NET Core?
Answer
Conventional routing defines routes in a central location, typically in the `Startup.cs` file, using route templates that map URLs to controller actions.
Q11. How do you define a route in attribute routing?
Answer
Routes are defined using the `[Route]` attribute at the controller level and the `[HttpGet]`, `[HttpPost]`, etc., attributes at the action level.
Q12. What is the purpose of the [Route] attribute?
Answer
The `[Route]` attribute specifies the URL pattern for a controller or action, enabling custom routing configurations.
Q13. What is CORS in web development?
Answer
CORS (Cross-Origin Resource Sharing) is a security feature implemented by web browsers to allow or restrict resources on a web page from being requested from another domain.
Q14. How do you enable CORS in ASP.NET Core?
Answer
CORS is enabled by adding the CORS services in the `ConfigureServices` method and configuring the CORS policy in the `Configure` method of the `Startup.cs` file.
Q15. What is a CORS policy?
Answer
A CORS policy defines the rules for allowing or restricting cross-origin requests, specifying allowed origins, methods, and headers.
Q16. What is the purpose of the [EnableCors] attribute?
Answer
The `[EnableCors]` attribute is used to apply a CORS policy to a specific controller or action, allowing cross-origin requests.
Q17. What are filters in ASP.NET Core?
Answer
Filters are used to run code before or after specific stages in the request processing pipeline, such as authorization, resource, action, and result filters.
Q18. What are the different types of filters in ASP.NET Core?
Answer
The main types of filters are Authorization, Resource, Action, Result, and Exception filters.
Q19. How do you create a custom filter in ASP.NET Core?
Answer
Custom filters are created by implementing one of the filter interfaces (e.g., `IActionFilter`) and registering the filter in the `Startup.cs` file.
Q20. What is the purpose of the [Authorize] attribute?
Answer
The `[Authorize]` attribute is used to restrict access to controllers or actions based on the user's authentication and authorization status.
Q21. What is exception handling in .NET?
Answer
Exception handling is the process of managing runtime errors to maintain the normal flow of application execution, using try-catch blocks.
Q22. What is the purpose of the try-catch block?
Answer
The try-catch block is used to catch and handle exceptions that occur during the execution of code within the try block.
Q23. What is the finally block in exception handling?
Answer
The finally block contains code that is executed after the try and catch blocks, regardless of whether an exception was thrown, ensuring resource cleanup.
Q24. What is the difference between finally and finalize?
Answer
`finally` is a code block used for cleanup actions in exception handling, while `Finalize` is a method used for cleanup before an object is garbage collected.
Q25. What is the purpose of the using statement in C#?
Answer
The `using` statement ensures that objects are disposed of correctly, releasing resources when they are no longer needed.
Q26. What is a custom exception in .NET?
Answer
A custom exception is a user-defined exception class that inherits from the `Exception` class, allowing for more specific error handling.
Q27. How do you create a custom exception?
Answer
A custom exception is created by defining a new class that inherits from the `Exception` class and overriding its constructors and properties as needed.
Q28. What is the base class for all exceptions in .NET?
Answer
The base class for all exceptions in .NET is the `System.Exception` class.
Q29. What is the purpose of the throw keyword?
Answer
The `throw` keyword is used to signal the occurrence of an exception during program execution.
Q30. What is the difference between throw and throw ex?
Answer
`throw` rethrows the current exception, preserving the original stack trace, while `throw ex` rethrows the exception `ex`, resetting the stack trace.
Q31. What is middleware in ASP.NET Core?
Answer
Middleware is software that handles requests and responses in the ASP.NET Core pipeline, enabling components to process HTTP requests and responses.
Q32. How do you add middleware to the request pipeline?
Answer
Middleware is added to the request pipeline in the `Configure` method of the `Startup.cs` file using the `app.Use` method.
Q33. What is the purpose of the UseExceptionHandler middleware?
Answer
The `UseExceptionHandler` middleware is used to handle exceptions that occur in the request pipeline, providing a centralized way to manage error responses.
Q34. What is the purpose of the UseHttpsRedirection middleware?
Answer
The `UseHttpsRedirection` middleware is used to redirect HTTP requests to HTTPS, enforcing secure communication.
Q35. What is the purpose of the UseStaticFiles middleware?
Answer
The `UseStaticFiles` middleware is used to serve static files, such as HTML, CSS, JavaScript, and images, from the `wwwroot` folder.
Q36. What is a policy in ASP.NET Core?
Answer
A policy in ASP.NET Core defines a set of rules or requirements that can be applied to various aspects of an application, such as authorization, CORS, and rate limiting.
Q37. How do you define an authorization policy?
Answer
An authorization policy is defined in the `Startup.cs` file using the `AddAuthorization` method and specifying requirements for access control.
Q38. What is the purpose of the [Authorize] attribute with policies?
Answer
The `[Authorize]` attribute with policies is used to enforce authorization requirements based on defined policies, restricting access to controllers or actions.
Q39. What is the difference between roles and policies in authorization?
Answer
Roles are a simple way to group users and assign permissions, while policies provide more granular control over authorization requirements, allowing for complex rules and conditions.
Q40. What is a custom authorization attribute?
Answer
A custom authorization attribute is a user-defined attribute that implements the `IAuthorizationFilter` interface, allowing for custom authorization logic.
Q41. How do you create a custom authorization attribute?
Answer
A custom authorization attribute is created by defining a new class that implements the `IAuthorizationFilter` interface and overriding the `OnAuthorization` method.
Q42. What is the purpose of the IAuthorizationFilter interface?
Answer
The `IAuthorizationFilter` interface is used to implement custom authorization logic, allowing developers to control access to controllers or actions based on specific criteria.
Q43. What is a custom action filter?
Answer
A custom action filter is a user-defined filter that implements the `IActionFilter` interface, allowing for custom logic to be executed before and after an action method.
Q44. How do you create a custom action filter?
Answer
A custom action filter is created by defining a new class that implements the `IActionFilter` interface and overriding the `OnActionExecuting` and `OnActionExecuted` methods.
Q45. What is the purpose of the OnActionExecuting method?
Answer
The `OnActionExecuting` method is called before an action method is executed, allowing for custom logic to be performed before the action.
Q46. What is the purpose of the OnActionExecuted method?
Answer
The `OnActionExecuted` method is called after an action method is executed, allowing for custom logic to be performed after the action.
Q47. What is a custom exception filter?
Answer
A custom exception filter is a user-defined filter that implements the `IExceptionFilter` interface, allowing for custom logic to be executed when an exception occurs in an action method.
Q48. How do you create a custom exception filter?
Answer
A custom exception filter is created by defining a new class that implements the `IExceptionFilter` interface and overriding the `OnException` method.
Q49. What is the purpose of the OnException method?
Answer
The `OnException` method is called when an exception occurs in an action method, allowing for custom logic to handle the exception.
Q50. What is a custom result filter?
Answer
A custom result filter is a user-defined filter that implements the `IResultFilter` interface, allowing for custom logic to be executed before and after the result of an action method.
Q51. How do you create a custom result filter?
Answer
A custom result filter is created by defining a new class that implements the `IResultFilter` interface and overriding the `OnResultExecuting` and `OnResultExecuted` methods.
Q52. What is the purpose of the OnResultExecuting method?
Answer
The `OnResultExecuting` method is called before the result of an action method is executed, allowing for custom logic to be performed before the result.
Q53. What is the purpose of the OnResultExecuted method?
Answer
The `OnResultExecuted` method is called after the result of an action method is executed, allowing for custom logic to be performed after the result.
Q54. What is a custom resource filter?
Answer
A custom resource filter is a user-defined filter that implements the `IResourceFilter` interface, allowing for custom logic to be executed before and after the execution of an action method and its result.
Q55. How do you create a custom resource filter?
Answer
A custom resource filter is created by defining a new class that implements the `IResourceFilter` interface and overriding the `OnResourceExecuting` and `OnResourceExecuted` methods.
Q56. What is the purpose of the OnResourceExecuting method?
Answer
The `OnResourceExecuting` method is called before the execution of an action method and its result, allowing for custom logic to be performed before the resource.
Q57. What is the purpose of the OnResourceExecuted method?
Answer
The `OnResourceExecuted` method is called after the execution of an action method and its result, allowing for custom logic to be performed after the resource.
Q58. What is a custom middleware in ASP.NET Core?
Answer
A custom middleware is a user-defined component that processes HTTP requests and responses in the ASP.NET Core pipeline, allowing for custom logic to be executed during the request lifecycle.
Q59. How do you create a custom middleware?
Answer
A custom middleware is created by defining a class that implements the `IMiddleware` interface or by using the `Invoke` method convention, and registering it in the `Startup.cs` file.
Q60. What is the purpose of the Invoke method in custom middleware?
Answer
The `Invoke` method in custom middleware is called to process an HTTP request and response, allowing for custom logic to be executed during the request lifecycle.
Q61. What is the difference between Use and Run in middleware?
Answer
`Use` adds a middleware component to the pipeline that calls the next middleware component, while `Run` adds a terminal middleware component that does not call the next middleware component.
Q62. What is the purpose of the Map method in middleware?
Answer
The `Map` method is used to create a branch in the middleware pipeline based on a request path, allowing for different middleware components to be executed for specific paths.
Q63. What is the purpose of the UseWhen method in middleware?
Answer
The `UseWhen` method is used to conditionally add a middleware component to the pipeline based on a predicate, allowing for custom logic to be executed only when certain conditions are met.
Q64. What is a CORS error?
Answer
A CORS error occurs when a web application makes a request to a different domain than the one that served the web page, and the server does not allow the request due to CORS policy restrictions.
Q65. How do you troubleshoot a CORS error?
Answer
To troubleshoot a CORS error, check the browser console for error messages, ensure the server is configured to allow cross-origin requests, and verify that the request headers and methods are permitted by the CORS policy.
Q66. What is the purpose of the Access-Control-Allow-Origin header?
Answer
The `Access-Control-Allow-Origin` header specifies which origins are permitted to make cross-origin requests to the server, controlling access to resources.
Q67. What is the purpose of the Access-Control-Allow-Methods header?
Answer
The `Access-Control-Allow-Methods` header specifies the methods allowed when accessing a resource, such as GET, POST, PUT, DELETE, etc.
Q68. What is the purpose of the Access-Control-Allow-Headers header?
Answer
The `Access-Control-Allow-Headers` header specifies the headers that can be used when making a request, allowing for custom headers to be included.
Q69. What is the purpose of the Access-Control-Allow-Credentials header?
Answer
The `Access-Control-Allow-Credentials` header indicates whether the response to the request can be exposed when the credentials flag is true, allowing for cookies and authentication headers to be included.
Q70. What is the purpose of the Access-Control-Max-Age header?
Answer
The `Access-Control-Max-Age` header specifies how long the results of a preflight request can be cached, reducing the need for repeated preflight requests.
Q71. What is a preflight request in CORS?
Answer
A preflight request is an OPTIONS request sent by the browser to determine if the actual request is safe to send, checking for allowed methods and headers.
Q72. What is the purpose of the Options method in CORS?
Answer
The OPTIONS method is used in a preflight request to determine the options and requirements associated with a resource, checking for allowed methods and headers.
Q73. What is the difference between simple and preflight requests in CORS?
Answer
Simple requests are made with methods like GET or POST and do not require preflight, while preflight requests are made with methods like PUT or DELETE and require an OPTIONS request to check for allowed methods and headers.
Q74. What is the purpose of the [DisableCors] attribute?
Answer
The `[DisableCors]` attribute is used to disable CORS for a specific controller or action, preventing cross-origin requests.
Q75. What is the purpose of the [EnableCors] attribute with policies?
Answer
The `[EnableCors]` attribute with policies is used to apply a specific CORS policy to a controller or action, allowing cross-origin requests based on the defined policy.
Q76. What is the purpose of the AddCors method in Startup.cs?
Answer
The `AddCors` method is used to add CORS services to the application and configure CORS policies, defining the rules for cross-origin requests.
Q77. What is the purpose of the UseCors method in Startup.cs?
Answer
The `UseCors` method is used to apply a CORS policy to the middleware pipeline, enforcing the defined CORS rules for incoming requests.
Q78. What is a policy in ASP.NET Core?
Answer
A policy in ASP.NET Core defines a set of rules or requirements that can be applied to various aspects of an application, such as authorization, CORS, and rate limiting.
Q79. How do you define a policy in ASP.NET Core?
Answer
A policy is defined in the `Startup.cs` file using the appropriate service configuration methods, such as `AddAuthorization` for authorization policies or `AddCors` for CORS policies.
Q80. What is the purpose of the AuthorizationPolicyBuilder class?
Answer
The `AuthorizationPolicyBuilder` class is used to build authorization policies, specifying requirements and rules for access control.
Q81. What is the purpose of the RequireAuthenticatedUser method?
Answer
The `RequireAuthenticatedUser` method is used to create an authorization policy that requires the user to be authenticated, enforcing access control based on authentication status.
Q82. What is the purpose of the RequireRole method?
Answer
The `RequireRole` method is used to create an authorization policy that requires the user to be in a specific role, enforcing access control based on role membership.
Q83. What is the purpose of the RequireClaim method?
Answer
The `RequireClaim` method is used to create an authorization policy that requires the user to have a specific claim, enforcing access control based on claim values.
Q84. What is the purpose of the AddPolicy method?
Answer
The `AddPolicy` method is used to add a custom authorization policy to the application, defining specific requirements and rules for access control.
Q85. What is the purpose of the AuthorizeAttribute class?
Answer
The `AuthorizeAttribute` class is used to enforce authorization requirements on controllers or actions, restricting access based on policies, roles, or claims.
Q86. What is the purpose of the Policy property in AuthorizeAttribute?
Answer
The `Policy` property in `AuthorizeAttribute` is used to specify a custom authorization policy to be applied to a controller or action, enforcing access control based on the defined policy.
Q87. What is the purpose of the Roles property in AuthorizeAttribute?
Answer
The `Roles` property in `AuthorizeAttribute` is used to specify the roles that are allowed to access a controller or action, enforcing access control based on role membership.
Q88. What is the purpose of the AuthenticationSchemes property in AuthorizeAttribute?
Answer
The `AuthenticationSchemes` property in `AuthorizeAttribute` is used to specify the authentication schemes that are accepted for a controller or action, enforcing access control based on authentication methods.
Q89. What is the purpose of the IAuthorizationRequirement interface?
Answer
The `IAuthorizationRequirement` interface is used to define custom authorization requirements, allowing for complex access control logic to be implemented.
Q90. What is the purpose of the IAuthorizationHandler interface?
Answer
The `IAuthorizationHandler` interface is used to handle custom authorization requirements, evaluating whether a user meets the specified criteria for access control.
Q91. What is the purpose of the HandleAsync method in IAuthorizationHandler?
Answer
The `HandleAsync` method in `IAuthorizationHandler` is used to evaluate custom authorization requirements asynchronously, determining whether a user meets the specified criteria for access control.
Q92. What is the purpose of the AuthorizationHandlerContext class?
Answer
The `AuthorizationHandlerContext` class provides contextual information for authorization handlers, including the user, resource, and requirements being evaluated.
Q93. What is the purpose of the Succeed method in AuthorizationHandlerContext?
Answer
The `Succeed` method in `AuthorizationHandlerContext` is used to indicate that a user meets the specified authorization requirements, granting access to the resource.
Q94. What is the purpose of the Fail method in AuthorizationHandlerContext?
Answer
The `Fail` method in `AuthorizationHandlerContext` is used to indicate that a user does not meet the specified authorization requirements, denying access to the resource.
Q95. What is the purpose of the AddAuthorization method in Startup.cs?
Answer
The `AddAuthorization` method is used to add authorization services to the application and configure authorization policies, defining the rules for access control.
Q96. What is the purpose of the UseAuthorization method in Startup.cs?
Answer
The `UseAuthorization` method is used to add the authorization middleware to the request pipeline, enforcing authorization policies for incoming requests.
Q97. What is the purpose of the AllowAnonymous attribute?
Answer
The `AllowAnonymous` attribute is used to bypass authorization requirements for a specific controller or action, allowing anonymous access.
Q98. What is the purpose of the DenyAnonymousAuthorizationRequirement class?
Answer
The `DenyAnonymousAuthorizationRequirement` class is used to create an authorization requirement that denies access to anonymous users, enforcing access control based on authentication status.
Q99. What is the purpose of the IAuthorizationService interface?
Answer
The `IAuthorizationService` interface is used to evaluate authorization requirements programmatically, allowing for custom authorization logic to be implemented within the application.
Q100. What is the purpose of the AuthorizeAsync method in IAuthorizationService?
Answer
The `AuthorizeAsync` method in `IAuthorizationService` is used to evaluate authorization requirements asynchronously, determining whether a user meets the specified criteria for access control.
.png)
