ReBuildAll Blog
Thoughts (mostly) on .NET development

Dangers of comments with ASP.NET   (ASP.NET)   
Ever wanted to comment out a section of your code - temporarily or for a longer time - in an .ASPX page? If you have not used server side comments, you might be surprised at the ends results.

There is something to remember concerning comments that you might not be aware of when commenting out code in an .ASPX or .ASCX file. When you use HTML comments, that is, <!-- ... -->, that code will not be commented out from an ASP.NET point of view. The code will be parsed. If you have controls there, they will be available to the page. If you have text there, it will be visible on the client side. This can pose a security risk and can lead to defective programs (as a worst case scenario).

A much better way is to use server side comments. These are available when you enclose the section in <%-- ... --%>. This section of code will not be visible on the client side, and it will not be parsed by ASP.NET.

Suppose you have the following in your ASPX page:

a picture in a bl0g

As you can see there are two comments after one another. To the casual observer, there is no real difference: both are comments.

Now check out what the generated HTML looks like:

a picture in a bl0g

As you can see the server side comment in the <%-- ... --%> form is completely hidden and not visible. However, the normal HTML comment was parsed and a control was rendered. Not only that, the control is available in server side code as well:

a picture in a bl0g

So next time you want to comment out something - for whatever reason - make sure you remember to do it right.

Of course I have to note that in any real world scenario you would not commit/checkin commented code into version control. That defeats the whole idea of version control. If you want to remove something you can be sure it will still exist in a prior version.

 

Comments

paul dwight Re: Dangers of comments with ASP.NET
I likeit