Client Side State Management : ViewState

Client Side State Management : ViewState

What is ViewState:

ASP.NET page by default uses ViewState on the page to preserve page and control property values between round-trips. When each page

is processed, the ASP. NET engine hashes the current state of the page and each control on the page into a string and passes the string to

the client browser in a hidden field. When the client posts the page back to the server, ASP.NET parses the hidden field during page

initialization and restores the page and control values back to their prior state.

ViewState is the way in the .Net by which page state (information) is maintained between page postbacks, means. web form is submitted

by the user, this same page performs some processing and perhaps presents further information
ViewState allows the state of objects (serializable) to be stored in a hidden field on the page. ViewState is transported to the

client and back to the server, and is not stored on the server or any other external source. ViewState is used the retain the state of

server-side objects between postabacks.

AS Viewstate is enabled by default in page , you can able to see viewstate field ion the source of the page
like given below

<input type=”hidden” name=”__VIEWSTATE” id=”__VIEWSTATE”





XQ1BSxjdGwwMCRDb250ZW50UGxhY2VIb2xkZXJfTWFpbkNvbnRlbnQkUmFkQnV0NYyjVbeWmsKxw68mHT1S/NSpfWXM” />

ViewState is available for Page & Server Controls ( by default activated ) can be handled as follows :
For Page
<%@ Page EnableViewState=”false” %>

For Control eg TextBox
<asp:TextBox id=”tbxTrial” Text=”Trial” runat=”server” EnableViewState=”false” />

For GridView
<asp:GridView ID=”GridView1″ EnableViewState=false runat=”server”>

ViewState to store any object as long as it is serializable with no limitation on Size of object.

we can also save viewstate as like in HashTable Values as key-value pair

ViewState(“pageValue”) = value

and can be retrieved as

textBox.text = ViewState(“pageValue”)

There can possibility that Viewstate can be tampered , so to protect the viewstate from tampering ViewState is encoded using a hash code

using MD5 algorithm.On postback ASP.NET checks the encoded ViewState to verify it has not been tampered with. This is called a machine

authentication check it can be activated by using EnableViewStateMAC attribute as follows.
<%@ Page EnableViewStateMac=”true”%>
similar can be done with the controls also.

and encryption alogrithm mentioned in & can be changed in Machine.Config file.

Advantages of using ViewState

  1. No server resources required
  2. Simple implementation , There is no need to write possibly complex code to store form data between page submissions.It is possible to

enable, configure, and disable ViewState on a control-by-control basis, choosing to persist the values of some fields but not others.

  1. Automatic retention of page and control state
  2. Enhanced security features. The values in view state are hashed, compressed, and encoded for Unicode implementations.
  3. Viewstate has advantages the other 3 methods don’t have. One of the most important is the ability of viewstate to support structured data.This means that control values are maintainable across page postbacks.

This means that control values are maintainable across page postbacks.


  1. Performance. The view state is stored in the page itself, so increase the page size.
  2. Security. The view state is stoed in a hidden field on the page. Although view stateores data in a hashed format, it can be tampered with.
  3. Does not track across pages. ViewState information does not automatically transfer from page to page.
  4. Because the view state for a given page must be kept on the server, it is possible for the current state to be out of synchronization with the current page of the browser, if the user uses the Back feature on the browser to go back in the history.For example, suppose the user goes to Page 1, then clicks a button to go to Page 2, then presses Back to return to Page 1. The current page on the browser is now Page 1,but the current state on the server is that of Page 2.

One thought on “Client Side State Management : ViewState”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s