search
Follow Topic rss_feed
Writing a Roslyn analyzer
Writing a Roslyn analyzer

Roslyn is the C# and VB.NET compiler. Roslyn also provides language services that can be used by IDE such as refactorings, code fixes, or edit and continue. If you are not familiar with Roslyn, you should read the following post to discover the scope of Roslyn.

Bharat Dwarkani shared on Jan 26, 2020
image
meziantou.net
bookmarks
share
favorite_border0 visibility6
favorite_border0 visibility6 share bookmarks
IdentityServer4 Demos .NETCore 3.1
IdentityServer4 Demos .NETCore 3.1

This repository contains demo projects for IdentityServer4. To learn how to create these projects yourself you can use my zero to production-ready step-by-step tutorials and client app examples.

Bharat Dwarkani shared on Jan 25, 2020
image
github.com
bookmarks
share
favorite_border0 visibility46
favorite_border0 visibility46 share bookmarks
Get a Head Start Developing Multitenant SaaS Cloud Applications Using ASP.NET Core and Microsoft Azure
Get a Head Start Developing Multitenant SaaS Cloud Applications Using ASP.NET Core and Microsoft Azure

In this post, you will find some useful tips and libraries that will help you get a head start on your SaaS application using ASP.NET Core and Azure.

Bharat Dwarkani shared on Jan 22, 2020
image
syncfusion.com
bookmarks
share
favorite_border0 visibility20
favorite_border0 visibility20 share bookmarks
Posts on series of vulnerability and solution
Posts on series of vulnerability and solution

This post is part of the series 'Vulnerabilities'. Be sure to check out the rest of the blog posts of the series! Impersonation and security SQL injections How to prevent CSRF attacks ASP MVC and XSRF Cross-site scripting (XSS) ASP MVC: Mass Assignment Regex - Deny of Service (ReDoS) (this post) Deserialization can be dangerous Prevent Zip bombs in .NET

Bharat Dwarkani shared on Jan 22, 2020
image
meziantou.net
bookmarks
share
favorite_border0 visibility10
favorite_border0 visibility10 share bookmarks
ASP.NET Core Security overview and prevention guidelines
ASP.NET Core Security overview and prevention guidelines

ASP.NET Core enables developers to easily configure and manage security for their apps. ASP.NET Core contains features for managing authentication, authorization, data protection, HTTPS enforcement, app secrets, anti-request forgery protection, and CORS management. These security features allow you to build robust yet secure ASP.NET Core apps.

Bharat Dwarkani shared on Jan 19, 2020
image
docs.microsoft.com
bookmarks
share
favorite_border0 visibility18
favorite_border0 visibility18 share bookmarks
Prevent Cross-Site Scripting (XSS) in ASP.NET Core
Prevent Cross-Site Scripting (XSS) in ASP.NET Core

Cross-Site Scripting (XSS) is a security vulnerability which enables an attacker to place client side scripts (usually JavaScript) into web pages. When other users load affected pages the attacker's scripts will run, enabling the attacker to steal cookies and session tokens, change the contents of the web page through DOM manipulation or redirect the browser to another page. XSS vulnerabilities generally occur when an application takes user input and outputs it to a page without validating, enco

Bharat Dwarkani shared on Jan 19, 2020
image
docs.microsoft.com
bookmarks
share
favorite_border0 visibility9
favorite_border0 visibility9 share bookmarks
Deploying an ASP.NET Core App on Google Kubernetes Engine
Deploying an ASP.NET Core App on Google Kubernetes Engine

Since ASP.NET Core now runs on virtually any major OS, I wanted to give it a go with GCP’s Google Kubernetes Engine offering to see whether we can use it to host a .NET Core application.

Bharat Dwarkani shared on Jan 18, 2020
image
sahansera.dev
bookmarks
share
favorite_border0 visibility8
favorite_border0 visibility8 share bookmarks
Adding HATEOAS to an ASP.NET Core API
Adding HATEOAS to an ASP.NET Core API

RESTful APIs are very popular these days. When used consistently, they provide a great way to make our APIs easier for users to consume. But how can we make discovering endpoints and capabilities easier? One way is to implement Hypermedia as the Engine of Application State (HATEOAS). You may have seen HATEOAS used in other APIs without realizing it.

Bharat Dwarkani shared on Jan 18, 2020
image
baldbeardedbuilder.com
bookmarks
share
favorite_border0 visibility13
favorite_border0 visibility13 share bookmarks
Testing Azure AD-protected APIs Automated integration tests
Testing Azure AD-protected APIs Automated integration tests

This time instead of manual testing, we will make automated integration tests that make testing the API's behaviour easy. They can also confirm the API conforms to its contract. But the authentication requirement presents some challenges.

Bharat Dwarkani shared on Jan 18, 2020
image
joonasw.net
bookmarks
share
favorite_border0 visibility4
favorite_border0 visibility4 share bookmarks
Unit testing Fluent Validation rules against EF Core entity configuration
Unit testing Fluent Validation rules against EF Core entity configuration

In this post, I will share with you a solution to a problem that I see often when developing .NET applications that use both Fluent Validation and Entity Framework (Core). I'll first set the scene: Show the EF Core Entity + Configuration + Fluent Validation we'll be working on. Then, I'll show the actual problem that emerges with this approach. In the end, I'll present the solution I came up with.

Bharat Dwarkani shared on Jan 18, 2020
image
blog.joaograssi.com
bookmarks
share
favorite_border0 visibility8
favorite_border0 visibility8 share bookmarks
add