I am coding an MVC internet application, and I have a question in regards to using the ViewBag.
In many of my controllers, I have SelectList objects, where the user can select an object. The object that is selected is a foreign key value for my model.
My question is this: Should I use ViewBag for this? How secure is the ViewBag? Should I use values in my ViewModel instead of the ViewBag?
Thanks in advance.
Use your view model.
When the ViewBag was implemented (MVC 3) dynamic typing was new (.NET 4.0) and it was put in just as a side-option to ViewData or to quickly generate a view without the need for additional classes.
Any serious MVC project will take advantage of a model/viewmodel with a strongly typed view.
There are no security concerns with either because both essentially only exist through the controllers lifespan.