MSDN > Documentation > .NET > Concepts > Model Binding

Model Binding in ASP.NET

Model binding is a crucial feature in ASP.NET that simplifies the process of working with incoming request data. It automatically maps data from various sources in an HTTP request (such as form fields, query string parameters, route data, and the request body) to parameters of action methods in your controllers or Razor Page handlers.

How Model Binding Works

When an ASP.NET application receives an HTTP request, the model binder analyzes the request data and attempts to bind it to the parameters of the target action method. This process involves several steps:

Identifying Value Providers: The model binder looks for data in several locations, including:
- Route Data (e.g., /products/{id} where id is from the URL)
- Query String (e.g., ?search=term)
- Form Fields (e.g., from an HTML <form> submission)
- Request Body (e.g., JSON or XML data)
- HTTP Headers
- Cookies
Selecting a Model Binder: For each parameter that needs to be bound, the model binder selects an appropriate binder based on the parameter's type and any attributes applied.
Binding Values: The selected binder retrieves values from the available value providers and attempts to convert them into the target parameter type.
Validation: After binding, the data is typically validated. ASP.NET Core MVC includes a built-in validation framework.

Common Scenarios and Examples

Binding Simple Types

The model binder can automatically bind simple data types like strings, integers, booleans, and dates directly to action method parameters.


public class HomeController : Controller
{
    public IActionResult Index(string search, int page = 1)
    {
        // 'search' will be populated from the query string or form data
        // 'page' will be populated from the query string or form data, defaults to 1
        ViewBag.SearchTerm = search;
        ViewBag.PageNumber = page;
        return View();
    }
}

If the request URL is /Home/Index?search=asp.net&page=2, then the search parameter will be "asp.net" and the page parameter will be 2.

Binding Complex Objects

Model binding excels at populating complex objects (POCOs) from request data. The names of the properties in the object should match the names of the incoming data fields.

Consider a Product model:


public class Product
{
    public int Id { get; set; }
    public string Name { get; set; }
    public decimal Price { get; set; }
}

And an action method that accepts this model:


public class ProductController : Controller
{
    [HttpPost]
    public IActionResult Create(Product product)
    {
        // 'product' object is automatically populated from form data
        // Example form field names: Id, Name, Price
        if (ModelState.IsValid)
        {
            // Save product to database
            return RedirectToAction("Index");
        }
        return View(product); // Return view with validation errors
    }
}

If a POST request contains form data like:


Id=101
Name=Wireless Mouse
Price=25.99

The product parameter in the Create action method will be populated with these values.

Customizing Model Binding

[Bind] Attribute

You can use the [Bind] attribute to explicitly include or exclude properties when binding a complex object.


public class OrderController : Controller
{
    public IActionResult PlaceOrder([Bind("ProductName,Quantity")] Order order)
    {
        // Only ProductName and Quantity will be bound from request data.
        // Other properties like OrderDate or CustomerId will be ignored.
        // ...
        return View();
    }
}

Custom Model Binders

For more advanced scenarios, you can create custom model binders that define specific logic for converting request data into model types. This is particularly useful for complex or non-standard data formats.

Note: Creating and registering custom model binders is an advanced topic that requires implementing the IModelBinder interface and configuring it within your application's services.

Model Binding in Razor Pages

Razor Pages also leverage model binding, often with a slightly different syntax. The [BindProperty] attribute is commonly used on page models.


public class CreateModel : PageModel
{
    [BindProperty]
    public Product NewProduct { get; set; }

    public IActionResult OnPost()
    {
        if (ModelState.IsValid)
        {
            // NewProduct is automatically populated from form data
            // ...
            return RedirectToPage("./Index");
        }
        return Page();
    }
}

Best Practices

Use Clear Naming Conventions: Ensure property names in your models match form field or query string parameter names for straightforward binding.
Validate Input: Always validate bound data to ensure it meets your application's requirements and to prevent security vulnerabilities.
Be Specific with [Bind]: Use the [Bind] attribute judiciously to prevent over-posting or under-posting vulnerabilities.
Leverage Data Annotations: Utilize data annotations (e.g., [Required], [StringLength]) for automatic validation during the binding process.

Model binding significantly reduces boilerplate code for data handling, allowing developers to focus on business logic. Understanding its mechanisms and customization options is key to building robust and secure ASP.NET applications.