Sitecore Media Library like never before. Mind it before you leave its configuration unattended

According to me this topic is mostly overlooked and realized when it is in post production environment. It isn't that the sitecore media library is simple to use perhaps it is the only area where the subject is realized when dealt with different scenario.

Here is some of the scenarios I remember at top of my head.

• Media is cached at client or end user browser
• Media cached at server side
• Media is uploaded in file system and database without proper instruction set to the end-users. Then comes the problem such as multi content delivery sync with one authoring server. Architecture decision. 
• For multi-server environments, media must be propagated from the CMS server to the
• content delivery server(s) using the Sitecore Staging module
• AA Compliance site where image alt text is mandatory and content author dependency on alt text.etc.
• Performance and security concerns around media library.
• Performance hit if stored files in database as compared to disk. 

Here is few important settings that are important to take before it is released to production.

Locate these configuration in sitecore.config

MEDIA - DISABLE FILE MEDIA

  <!--  MEDIA - DISABLE FILE MEDIA

            Enables or disables storage of media as files rather than database records.

            If true, user interfaces do not present options to store media as files.

            All files will be stored in the database, disregarding the value of the Media.UploadAsFiles setting.  

           

            Default value: false

      -->

    <setting name="Media.DisableFileMedia" value="false">

MEDIA - CACHING ENABLED -Content delivery at SERVER Side

  <!--  MEDIA - CACHING ENABLED

            Indicates if caching of media files is enabled.

            Default value: true

      -->

    <setting name="Media.CachingEnabled" value="true" />

MEDIA - MAX SIZE IN MEMORY to edit media content

   <!--  MEDIA - MAX SIZE IN MEMORY

            The maximum size of media to load into memory for processing (resizing etc.).

            Default value: 40MB

      -->

MEDIA - MAX SIZE IN DATABASE to transfer and commit media in database

 <!--  MEDIA - MAX SIZE IN DATABASE

            The maximum allowed size of media intended to be stored in a database (binary blob).

            This value must be less than the ASP.NET httpRuntime.maxRequestLength setting.

            Default value: 500MB

      -->

    <setting name="Media.MaxSizeInDatabase" value="500MB" />

MEDIA - AUTO SET ALT

 <!--  MEDIA - AUTO SET ALT

            Indicates if the Alt field on the Image template is set automatically to the file

            path when the image is uploaded. If false, the Alt field is blank.

      -->

     <setting name="Media.AutoSetAlt" value="false" />

MEDIA BROWSER CACHED 

***The most important ones. Look into this configuration carefully. Read through.

I'll give you the real time scenario. Just imagine website is developed and released to production. Everything is going fine and this website is big brand corporate facing website which is publicly available. Unfortunately there is media release that needs urgent update to important policy document without changing the media url as this media url is used everywhere in newsletter and corporate bible and so on. Now there is content author or business marketing team that wants to change the file content and upload with same file name immediately. 

BOOM! .......................

Despite all the efforts with proper publish and all the changes done correctly still the new file with same name and url is not reflecting in the content delivery website. The reason is... it is cached in client and server browser. Production support team is called for the rescue with P2 level raised as service incident request. 

https://kb.sitecore.net/articles/218124

Courtesy Sitecore.

When new content is attached to an already published media item and the media item is published again, the content change might not be reflected in the browser immediately when you access the media using its URL.

This happens because the media is cached in the browser for the time specified in the MediaResponse.MaxAge setting. If a browser has already accessed the media item, it may not perform any requests to the server and may retrieve the media item from its cache until the cached version expires.

 <!--  MEDIA RESPONSE - CACHEABILITY

            The cacheability to use in media response headers.

            Possible values: NoCache, Private, Public, Server, ServerAndNoCache, ServerAndPrivate

            Default value: private

      -->

     <setting name="MediaResponse.Cacheability" value="private" />

    !--  MEDIA RESPONSE - CacheExtensions

            The cache extension(s) to use in media response headers.

            Default value: ""

      -->

     <setting name="MediaResponse.CacheExtensions" value="" />

    <!--  MEDIA RESPONSE - MAX AGE

            The max age to use in media response headers.

            Set it to "00:00:00" to omit this header.

            Default value: 7.00:00:00 (seven days)

      -->

     <setting name="MediaResponse.MaxAge" value="7.00:00:00" />

     <!--  MEDIA RESPONSE - SLIDING EXPIRATION

            The sliding expiration to use in media response headers.

            Set it to "" to omit this header. To include it, use "true" or "false".

            Default value: ""

      -->

     <setting name="MediaResponse.SlidingExpiration" value="" />

Reference:

https://sdn.sitecore.net/upload/sdn5/articles%202/media/media%20facilities/sitecore%20media%20facilities.pdf

https://doc.sitecore.net/sitecore_experience_platform/content_authoring/media_items/using_media_items/upload_a_file_to_the_media_library

Chrome Postman interceptor Send XHR requests from postman.

Postman Interceptor

No need of fiddler anymore. It is handy and easy to intercept any web api or api call, xhr request . This is useful tool when you want to intercept any request that is fired from any website.

Installed this powerful extension in chrome. Also ensure you have postman client installed aswell.

Now switch on the interceptor and you can even filter the incoming request to the website.

And you can check the history tab of postman to see the request with output and all request body with details such as form post, post and get requests. 

Sometime the request payload is so high it is usually difficult to copy and it hangs. Chrome is memory hungry.Now after you intercept all request you can even save it as collection and can refer for future reference.

• Filter your requests
• See the results just beneath it
• Or you can view results in postman client and save it as collection.

Finally all you need these?

Asp.net MVC : The length of the string exceeds the value set on the maxJsonLength property ?

Introduction:

When you happen to see this exception, i m sure you'll get n number of solutions in stackoverflow and trust me you've to understand your problem very well. There are scenarios based on which each of this solution works and differs.

Problem Statement: 

Json Request body max length issue if in my case was sending large file in encoding format.

we used html 5 filereader api. There could be better solution to handle this we would have used HttpPostedFileBase So on.

But we had some custom implementation and some
design challenges. And the story is i ended up with below exception.
Days of research helped me come up with different
solution.

Exception:

• System.ArgumentException: Error during serialization or deserialization using the JSON JavaScriptSerializer. The length of the string exceeds the value set on the maxJsonLength property.
• Parameter name: input
• at System.Web.Script.Serialization.JavaScriptSerializer.Deserialize(JavaScriptSerializer serializer, String input, Type type, Int32 depthLimit)
• at System.Web.Mvc.JsonValueProviderFactory.GetDeserializedObject(ControllerContext controllerContext)
• at System.Web.Mvc.JsonValueProviderFactory.GetValueProvider(ControllerContext controllerContext)
• at Castle.Proxies.Invocations.ValueProviderFactory_GetValueProvider.InvokeMethodOnTarget()
• at Castle.DynamicProxy.AbstractInvocation.Proceed()
• at Glimpse.Core.Extensions.AlternateMethodContextExtensions.TryProceedWithTimer(IAlternateMethodContext context, TimerResult& timerResult)
• at Glimpse.Core.Extensibility.AlternateMethod.NewImplementation(IAlternateMethodContext context)
• at Castle.DynamicProxy.AbstractInvocation.Proceed()
• at Castle.Proxies.ValueProviderFactoryProxy.GetValueProvider(ControllerContext controllerContext)
• at System.Web.Mvc.ValueProviderFactoryCollection.GetValueProvider(ControllerContext controllerContext)
• at System.Web.Mvc.ControllerBase.get_ValueProvider()
• at System.Web.Mvc.ControllerActionInvoker.GetParameterValue(ControllerContext controllerContext, ParameterDescriptor parameterDescriptor)
• at System.Web.Mvc.ControllerActionInvoker.GetParameterValues(ControllerContext controllerContext, ActionDescriptor actionDescriptor)
• at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)

Solution that didn't work for me:

No web.config settings helped to resolve my issue.

Don't know why

Solution That helped.

Approach - Solution 1:

Created Custom Value provider as per below stackoverflow answers.

http://stackoverflow.com/questions/9943727/jsonmaxlength-exception-on-deserializing-large-json-objects

The only problem is this woul applied to all controller and all action. Which is kind of security threat as per microsoft they explicetly apply maxJsonlength restriction. So again I want a solution which is very specific to Action of the controller.

Approach - Solution 2: 

Create custom Model binder or Action Filter specific to controller. Due to architecture of our solution this was causing some problem.

In ASP.NET MVC, deserialize JSON prior to or in controller's action method

http://stackoverflow.com/questions/1474896/in-asp-net-mvc-deserialize-json-prior-to-or-in-controllers-action-method

The above solution was not compatible with solution architecture. It is also a compromise of custom validation that we had on model.

Approach 3 : Solution [Cooked Up- Worked For me]

Phill Haack blog caught my eye. It enlightened me to  some sort of brute force solution which in a way suits the overall design setup. This is win win situation.

Sending JSON to an ASP.NET MVC Action Method Argument

http://haacked.com/archive/2010/04/15/sending-json-to-an-asp-net-mvc-action-method-argument.aspx/

This liner was breakthrough- Valueprovider vs ModelBinder 

Jonathan had the unique insight to write a custom value provider which received JSON data and serialized it to a dictionary rather than the target object. The beauty of his approach is that this dictionary data is then passed to the default model binder which binds it to the final object with validation!

What worked?

I added custom deserialize json object with Maxvalue in override initialize method of MVC Controller.

protected override void Initialize(RequestContext requestContext)
        {
            if ("Some specific Action")
            {
                requestContext.HttpContext.Request.InputStream.Position = 0;
                StreamReader reader = new StreamReader(requestContext.HttpContext.Request.InputStream);
                string bodyText = reader.ReadToEnd();
                if (String.IsNullOrEmpty(bodyText))
                {
                    // no JSON data               
                }
                JavaScriptSerializer serializer = new JavaScriptSerializer();
                serializer.MaxJsonLength = 2147483647;
                object model = serializer.DeserializeObject(bodyText);
                Dictionary < string, object > backingStore = new  Dictionary < string, object >(StringComparer.OrdinalIgnoreCase);
                AddToBackingStore(backingStore, String.Empty, model);
                ValueProvider = new DictionaryValueProvider<object>(backingStore, CultureInfo.CurrentCulture);             
            }
            else
            {
                base.Initialize(requestContext);
            }
        }

I took AddToBackingStore method implementation from below post.

http://stackoverflow.com/questions/9943727/jsonmaxlength-exception-on-deserializing-large-json-objects

After few struggle my api was working fine but with few roadblock and hiccup ahead.

I realized after fetching data from client side to my action controller i was hitting other api to post this data again. There is long design story , please don't ask me why.. The request was timing out.

I have to add this.. mind it..this is just specific to this action and calling api stuff only not impacting other module. This is stop gap arrangement.

I added this..to overcome httpclient timeout,

 Client.HttpClient.Timeout = new TimeSpan(1, 1, 1);

       // Serialize Request
            string _requestContent = null;
            _requestContent = SafeJsonConvert.SerializeObject(request, this.Client.SerializationSettings);
            _httpRequest.Content = new StringContent(_requestContent, Encoding.UTF8);
            _httpRequest.Content.Headers.ContentType = MediaTypeHeaderValue.Parse("application/json; charset=utf-8");
            // Send Request
            if (_shouldTrace)
            {
                ServiceClientTracing.SendRequest(_invocationId, _httpRequest);
            }
            cancellationToken.ThrowIfCancellationRequested();
            Client.HttpClient.Timeout = new TimeSpan(1, 1, 1);
            _httpResponse = await this.Client.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false);

Some Configuration: Revisited.

IIS Web server setting

system.webServer

  security

    requestFiltering

      requestLimits maxAllowedContentLength="6291456" /

    /requestFiltering

  /security

/system.webServer

Asp.net System web

httpRuntime maxRequestLength="51200" executionTimeout="3600" enableKernelOutputCache="false" relaxedUrlToFileSystemMapping="true" enableVersionHeader="false" 

Server Script timeout

http://stackoverflow.com/questions/579523/how-do-i-set-the-request-timeout-for-one-controller-action-in-an-asp-net-mvc-app

HttpContext.Server.ScriptTimeout = 300; Or location path="ControllerName/ActionName" httpRuntime executionTimeout="1000"/ /system.web /location

jsonSerialization maxJsonLength

http://stackoverflow.com/questions/5692836/maxjsonlength-exception-in-asp-net-mvc-during-javascriptserializer
This is more applicable when the JsonResult is huge

system.web.extensions
  scripting
    webServices>
      jsonSerialization maxJsonLength="2147483644"/
    /webServices
  

/system.web.extensions
This is more applicable when the Json Request is huge . This didn't work most of the cases. So not fruitful solution whereas this globally applies to all controller action. Security threat.

appSettings

  add key="aspnet:MaxJsonDeserializerMembers" value="150000" /

/appSettings

Few more story to hear. If you have patience to go through.Its worth reading.

http://odetocode.com/blogs/scott/archive/2009/04/27/6-tips-for-asp-net-mvc-model-binding.aspx

Search History:

Why MaxJson was not set to heavenly large value? DOS Attack

https://support.microsoft.com/en-in/kb/2661403

https://support.microsoft.com/en-us/kb/981884

https://social.msdn.microsoft.com/Forums/en-US/c017433c-0872-4689-a558-f0c2f301da10/javascriptserializer-deserialize-large-dictionary?forum=netfxnetcom

What Stackoverflow to offer?

Model Binder - To Deserialize the Json Object

http://stackoverflow.com/questions/13746472/using-modelbinder-attribute-vs-modelbinders-add

Custom Model binder derived from DefaulModelBinder

http://stackoverflow.com/questions/25577747/modelbinder-deserialize-arbitrary-json

In ASP.NET MVC, deserialize JSON prior to or in controller's action method

http://stackoverflow.com/questions/1474896/in-asp-net-mvc-deserialize-json-prior-to-or-in-controllers-action-method

Custom Value Provider 

http://stackoverflow.com/questions/9943727/jsonmaxlength-exception-on-deserializing-large-json-objects

 

Avoid querystring in Sitecore MVC using Route Redirect Approach

Use Case : Keep Url clean without any querystring parameter. No additional encoding of url string or tampering by user.




Note: This is not something related to Post Redirect Get Pattern in MVC
http://www.asp.net/mvc/overview/security/preventing-open-redirection-attacks
https://en.wikipedia.org/wiki/Post/Redirect/Get


The sitecore web page contains a list of product and click on product item redirect to product detail page without querystring identifier.


Solution:


Idea is to set session at the interim between href event called and destination item page.


In sitecore there will be controller rendering which is loaded as per sitecore item path url. In this controller we can have navigate method without view actionresult instead we return redirect as url. This navigate action is not control by sitecore item in fact is independent controller action which can be called outside sitecore controller rendering.

public partial class ProductController : RenderingBaseController
{

  public virtual ActionResult Navigate(int id)
        {
            _session.Set("Product", id);
             return Redirect("/product/Detail");
        }
}

Route Registration in sitecore solution

public partial class ProductController : RenderingBaseController
{

  public class MyAreaRegistration : AreaRegistration 
    {
        public override string AreaName 
        {
            get 
            {
                return "MyArea";
            }
        }

        public override void RegisterArea(AreaRegistrationContext context) 
        {
            context.MapRoute(
                "myArea_default",
                "myArea/{controller}/{action}/{id}",
                new { action = "Index", id = UrlParameter.Optional },
                new { controller = new RegexRouteConstraint("[^api]")  },
                new string[] { "Sitecore.MVC.Areas.MyArea.Controllers" }
            );
        }
    }
}
}

Sitecore Powershell Extension Snippet- Create Custom User Defined Template Item

As I said everything in Sitecore is indeed an Item. If you understand the way Item is represented knowing sitecore as CMS will be more easy.

Use Case: I want to cut down my time to create user defined template by 50% rather than creating it from sitecore content editor or using sitecore rocks. I used Sitecore Powershell Extension to my rescue.
Download https://marketplace.sitecore.net/en/Modules/Sitecore_PowerShell_console.aspx

In my case, there are 4 steps involved while creating a user defined template.They are as follows:-

• Create New Item using Template Item
• Create Standard Value Item for this new item
• Add Base Template which is already defined.
• Add Common Renderings across template.

The above is very specific to scenario I had in my project. Somehow I wanted to play with SPE. I tried this and it helped me save 50% of the work effort.

Solution
Go to TDS pick up any item and you will see the internal representation of field or standard field variables with key and name. Use this to set values using SPE.

Important to remember , when you want to assign or set standard field values switch on RAW values option from Tab Menu->View-> click on checkbox to enable it,
Using these raw values we can assign the predefined base template and renderings.

You can checkout the code snippet in Gist for more details.
Code Snippet 1

Sample TDS Code : Lookup Standard Field Variables
----item----
version: 1
id: {F80C735D-CB69D16F9C4}
database: master
path: /sitecore/content/v/extrassage
parent: {F90C17F3-5CB-85961DC46E1F}
name: extras-usage
master: {00000000-0000-0000-0000-000000000000}
template: {5AD9859D54E9F61485B}
templatekey: Menu Item

----field----
field: {BA3F86A2779C1B5E}
name: __Sortorder
key: __sortorder
content-length: 3

500
----version----
language: en
version: 1
revision: c9a8172a-0d3ea5665ed1

----field----
field: {FF1A9AB0-84B35A2676}
name: Title
key: title
content-length: 19

Hope this is helpful.