hidden field in asp.net

ASP.NET allows you to store information in a HiddenField control, which renders as a standard HTML hidden field.

A hidden field does not render visibly in the browser, but you can set its properties just as you can with a standard control.

When a page is submitted to the server, the content of a hidden field is sent in the HTTP form collection along with the values of other controls.

A hidden field acts as a repository for any page-specific information that you want to store directly in the page.

You can store page-specific information in a hidden field on your page as a way of maintaining the state of your page.

If you use hidden fields, it is best to store only small amounts of frequently changed data on the client.  

Note:

If you use hidden fields, you must submit your pages to the server using the HTTP POST method rather than requesting the page via the page URL (the HTTP GET method). 

 

Advantages of using hidden fields in asp.net: –

No server resources are required:   The hidden field is stored and read from the page.

Widespread support:   Almost all browsers and client devices support forms with hidden fields.

Simple implementation:   Hidden fields are standard HTML controls that require no complex programming logic.

Disadvantages of using hidden fields in asp.net :-

Potential security risks:   The hidden field can be tampered with. The information in the hidden field can be seen if the page output source is viewed directly, creating a potential security issue. You can manually encrypt and decrypt the contents of a hidden field, but doing so requires extra coding and overhead. If security is a concern, consider using a server-based state mechanism so that no sensitive information is sent to the client.

Simple storage architecture:   The hidden field does not support rich data types. Hidden fields offer a single string value field in which to place information. To store multiple values, you must implement delimited strings and the code to parse those strings. You can manually serialize and de-serialize rich data types to and from hidden fields, respectively. However, it requires extra code to do so. If you need to store rich data types on the client, consider using view state instead. View state has serialization built-in, and it stores data in hidden fields.

Performance considerations:   Because hidden fields are stored in the page itself, storing large values can cause the page to slow down when users display it and when they post it.

Storage limitations:   If the amount of data in a hidden field becomes very large, some proxies and firewalls will prevent access to the page that contains them. Because the maximum amount can vary with different firewall and proxy implementations, large hidden fields can be sporadically problematic.

If you need to store many items of data, consider doing one of the following:

    Put each item in a separate hidden field.

    Use view state with view-state chunking turned on, which automatically separates data into multiple hidden fields.

    Instead of storing data on the client, persist the data on the server. The more data you send to the client, the slower the apparent response time of your application will be because the browser will need to download or send more data.