- part of #65
- NuGet added System.Configuration references
- add `[InternalsVisibleTo("DynamicProxyGenAssembly2, ...)]` attribute in MVC to fix more than 70 failures
- mainly impacted mocks of `internal` interface implementations e.g. `ActionDescriptor` & `IUniquelyIdentifiable`
- split some `Setup(...)` and `SetupGet(...)` lambda expressions in two
- mainly impacted mocks of types with `protected` constructors e.g. `HttpResponseBase`
- typo in `HttpRouteCollectionTest` should have always broken the test
- not sure why tests using `PortReserver` weren't failing before; tests shouldn't be opening UDP ports
- precondition for other tool upgrades; xUnit in particular does not support older framework versions
No-op `test` target in Microsoft.TestCommon project
- change `CultureUtilTest` to use `Thread.CurrentThread`
- when hosted in latest MSBuild, changing `thread.CurrentThread` changes `Thread.CurrentThread` instead
- find current Microsoft.Build.Tasks assembly in WebStack.tasks.targets, not just the WebApiHelpPage project
- add `$(TestInParallel)`
- allows user to e.g. build in parallel but test assemblies serially
- default remains doing everything in parallel
- change build.cmd to set %ErrorLevel% when exiting
- add empty top-level Directory.Build.* files
Use only VS 2017 or later
- ensure same MSBuild features are available in command-line and VS builds
- move `$(MinimumVisualStudioVersion)` project settings to global location and bump required version up
Use Microsoft.NET.Sdk and `<PackageReference/>`s in .NET Standard project
- create a "real" .NET Standard 1.1 assembly, not .NET Portable v5.0
Move to latest version of the xUnit MSBuild runner
- v2.3.0 has a few bugs related to XML results files e.g. xunit/xunit#1515
- switch to current XML results format (required with v2.3.0 but doesn't hurt with later versions)
- make runner discovery version-independent
- add support for `msbuild /t:test` in test project directories
- #72 and also related to #65
- v7.0.1 is the next major version after what the product code is built against (v6.0.4)
- this version corrects test failures I saw on a machine with .NET 4.7 (#72)
- add binding redirects and include the app.config files in test projects
- avoid new `TypeLoadException`s for Newtonsoft.Json that break numerous tests
- consistently disable Copy Local (aka `%(Private)` metadata) in `src` projects
- add Newtonsoft.Json references in test projects that bring it in transitively
- otherwise, product code is last to mention Newtonsoft.Json assembly
- #7
* According to RFC7034, only these three values, DENY, SAMEORIGIN and ALLOW FROM are valid values and they are mutually exclusive; that is, the header field must be set to exactly ONE of these three values. This will prevent the CSRF code from inserting it multiple times as well as duplicating it if it was already set elsewhere (e.g. IIS Header)
* Changed var to const string per request.
* Changed const name to avoid SA130 error
* Changing to correct cost naming per standard
- Roslyn swapped the way they performed dotless commit insertions. They went from:
date => date. => DateTime. to
date => date. => date => DateTime => DateTime.
The problem with the new approach is that date => DateTime would be rejected and therefore force the editor to reparse and reclassify any dots as HTML giving improper IntelliSense.
- Updated Razor implicit expression edit handling to allow identifier => identifier replacements as long as the identifiers didn't result in keyword or directives.
- Added tests to verify the scenarios impacted.
- bring System.Net.Http in from .NET Standard Library
- use .NET Standard version of Newtonsoft.Json
- bring other dependencies in transitively
- create initial test project, mostly a duplicate of existing "NetCore" one
nits:
- write detailed information to msbuild.log
- clean up trailing whitespace in a couple of test classes
- #16
- remove temporary suppression for this rule
- add suppressions for a couple of rules violated only in Debug builds
Tested to confirm all MW120x rule suppresions are needed and therefore that rules work fine.
- removed global override for MW1200; already suppressed in one place it's needed (`RazorParser`)
- #2
- a few manual changes in `License.txt`, `Settings.StyleCop`, `CommonAssemblyInfo.*`, and
`tools\src\Microsoft.Web.FxCop\Properties\AssemblyInfo.cs`
an attribute routed action while inside Controller.Initialize.
The issue is that we haven't selected the 'real' action yet and promoted
its route data when we run Controller.Initialize.
This change adds the required value to data tokens so that we return the
right value inside Initialize.
WebHost scenarios
The issue here is that when we do batching in a Web Host scenario, we
delegate to the System.Web route table - we do this by wrapping each
HttpRequestMessage in a wrapper that implements HttpRequestBase.
Our adapter isn't doing the right thing with respect to escaping. This
change brings the adapter into compliance and adds an integration test.
media type.
This change adds an overload to ReadAsMultipartAsync which bypasses header
validation for the individual 'parts'. This allows handling of file
uploads where the client doesn't specify a valid media type.
Note that the caller will have to retrieve the header values of the
'parts' using the indexer to the header collection. The getters for
strongly-typed header values will return null if the header is invalid.
- Added a cannot create error page for circumstances that prevent us from creating cookies for users.
- We only re-direct to this error page if we encounter a situation where we may need cookies to function properly.
- Added an authorize filter hook to control when the redirection occurs.
- Added a configuration value to make the no cookies error page act similarly to the existing error page.
Create an OData folder under aspnetwebstack.
The folder contains:
src
System.Web.Http.OData: v3 (moved from aspnetwebstack/src)
System.Web.OData: v4 (moved from aspnetwebstack/src)
test
System.Web.Http.OData.Test: v3 (moved from aspnetwebstack/test)
System.Web.OData.Test: v4 (moved from aspnetwebstack/test)
open type.
1. Support the open entity type and the CRUD of open entity type.
2. Support the collection of primitive, complex and enum type as the
dynamic property
Fix test cases in webapi.odata to take ODL fixes:
Bound action advertised in payload is with cast to the type defining the
action.
ODataUnrecognizedPathException error string change.
Navigation link is built upon read link, instead of edit link.
https://aspnetwebstack.codeplex.com/workitem/2047
Given an app that has actions attributed with QueryableAttribute, if that
application also uses config.EnableQuerySupport() it will make the actions with
QueryableAttribute fail. config.EnableQuerySupport() adds an EnableQueryAttribute
to the collection of global filters, which causes the action to have two filters
applied: EnableQueryAttribute and QueryableAttribute.
The fix is to check for instances of QueryableAttribute applied to the action or
to the controller when the user calls config.EnableQuerySupport or
config.AddODataQueryFilter without providing an explicit IFilter instance.
In those cases we avoid applying the EnableQueryAttribute to the action globally.
(The filter on the action/controller will still be applied as expected).
If the user used a custom query provider to plug in the QueryableAttribute,
this issue won't apply when updating from 5.1 to a later version as the only
attribute that can be used in 5.1 is QueryableAttribute.
When a customer updates to 5.2-5.3 and provides a custom QueryableAttribute instance to
config.EnableQuerySupport, if he updates his custom QueryableAttribute instance to use
EnableQueryAttribute, he also needs to update all the actions that use
QueryableAttribute on his application to use EnableQueryAttribute to avoid a similar issue
with conflicting filters on such actions.
- use new `ModelMetadata.HtmlEncode` property in HTML helpers
- conditionally in default HTML display and editor object templates (e.g.
`@Html.DisplayFor()`) when value is non-null and the template is invoked
with template depth greater than 1
- unconditionally in `@Html.DisplayText()` and `@Html.DisplayTextFor()`
- test new property and its use
Also test `DisplayTextExtensions`
- unit test gap
Instead of creating a string from the StringWriter (_tempWriter)
we will copy the underlying buffer in chunks to the output text buffer.
For large pages this both reduces the total allocations to 1KB as well
as avoid getting into the large object heap.
batch endpoint properly.
The root cause is that the base uri of ODataMessageReaderSettings doesn't
end with slash.
The fix is only for v3 and v4 works well for all kinds of urls because
ODL v4 will append a slash in the end of the base uri if there isn't one.
The issue here is that one of the requests in a batch was matched by an
MVC route when running in web host.
The batch handler uses HttpServer to invoke the individual requests.
Internally the HttpServer forwards the request to an
HttpRoutingDispatcher.
In the web host case, the HttpRoutingDispatcher has a reference to
HostedHttpRouteCollection - which is implemented by matching BOTH WebAPI
and MVC (System.Web) routes. If an MVC route matches, then the produced
IHttpRouteData instance doesn't have its .Route property set as the
underlying route that matched does not implement IHttpRoute.
This causes attribute routing in the controller selector to fail, as we
did not anticipate this case.
Followup filed to consider whether or not this is the right behavior for
the dispatcher/route-collection.
(cherry picked from commit f9a064cbf2)
The issue here is that one of the requests in a batch was matched by an
MVC route when running in web host.
The batch handler uses HttpServer to invoke the individual requests.
Internally the HttpServer forwards the request to an
HttpRoutingDispatcher.
In the web host case, the HttpRoutingDispatcher has a reference to
HostedHttpRouteCollection - which is implemented by matching BOTH WebAPI
and MVC (System.Web) routes. If an MVC route matches, then the produced
IHttpRouteData instance doesn't have its .Route property set as the
underlying route that matched does not implement IHttpRoute.
This causes attribute routing in the controller selector to fail, as we
did not anticipate this case.
Followup filed to consider whether or not this is the right behavior for
the dispatcher/route-collection.
If client sends a request with Prefer: return=minimal, and then service
may return an http status code 204 without response content, and also add
a response header OData-EntityId.
"if the service applies a return=minimal preference. In this case, the
response body MUST be empty."
Change Prefer return parameter to: return=representation, and return=minimal
For a response to a create (post/patch/put) operation, add OData-EntityId header,
if response is with status code: NoContent
[Codeplex #1900]: ODataMediaTypes.GetMetadataLevel()` calculates incorrect
default metadata level
Summary of this fix:
1. clean the ODataMetaDataLevel.Default
2. Calculate the correct metadata level
3. fix the corresponding test cases
navigation source
1.If the user defines the return type of action/function by calling
"ReturnsEntityViaEntitySetPath<T>(entitySetPath)", we will call
"TryGetRelativeEntitySetPath(...) to get the target navigation source.
2.If the user defines the return type and the returned navigation source by
calling "ReturnFromEntitySet<T>(entitysetName)", we will define an
instance of "ReturnedEntitySetAnnotation" with the entity set name and set
it as an annotation in the Edm Model. When we dispose the action/function
call, we will get the annotation from the model and use the entity set
name in the annotation to find the target navigation source.
- Modify tests to account for new behavior.
- Only trigger one Facebook prompt hook per request.
- Expose new ShowPromptResult and JavaScriptRedirectResult.
on the response payload
Serialize null single valued navigation property as null in payload.
Serialize null collection valued navigation property as empty collection
in payload. Previously, they were not serialized, i.e., missing in
payload.
Based on profiling, found out that if an OData route prefix is null, the
existing ODataRoute.GetVirtualPath method does not call
GenerateLinkDirectly to generate an optimized direct link, instead
base.GetVirtualPath is invoked.
Add the support *PUT/PATCH* to a single-valued navigation property in
convention routing. But, it is not valid to *Put/Patch" to any collection-valued navigation property.
The root cause is that we catch ODataException only to create error
response, however NotImplementedException, NotSupportedException and
InvalidOperationException may throw for bad query string.
We need to catch all these exceptions to create error response.
This fix is not mapping derived types because it will break all the query
composition scenarios.
In this fix, I improve the error message to make
the message actionable and give out the workaround.
- route values are not configured when constraints execute during URI
resolution; that configuration occurs after all constraints are done
- this causes the UrlHelper to incorrectly calculate the service root,
expecially when the OData route prefix contains parameters
- in addition ODataPathRouteConstraint should not use UrlHelper since
constraints operate at a much lower abstraction level
- use RequestUri and route values directly to determine service root
Also fixes#1916, which relates to not using the application base
- that fix comes from different approach taken here
Require that ODataPath be in the RequestUri
- ODataRoute's template ensures this is true
- basically remove a special case from the product code
- fix the tests which required the special case
Revise ODataPath matching to provide ODL with escaped service root
- necessary to avoid incorrect escaping and unrelated links in responses
- add lower-level unit tests of ODataPathRouteConstraint
Handle corner case in `ODataPathRouteConstraint`
- an escaped slash may separate OData path from app base / virtual path
root / OData prefix before it
- but ODL and `DefaultODataPathHandler` expect a literal '/'
[Codeplex #1939]: Should do some clean up in ODataMediaTypeFormatters.CreateApplicationXml
codeplex #1917 only mentions to clean up the service document in
application/xml. But, as a fact, ODL only supports Metadata document in
application/xml format. For other payload kinds (for example, Property, EntityReferenceLink(s), Collection, Error) are not supported any more as application/xml format in ODL.
codeplex #1939 is required to clean up all other not-supported payload kinds from application/xml format. The requirement is similar with the above and the fix is same.
So, this changeset merges them together. Thanks.
Previously if a user wanted to only have default user permissions (which we support) the app would explode on redirects due to the model binder ensuring permissions existed.
Added a PrePermissionPromptHook, a DeniedPermissionPromptHook and added the infrastructure to support custom ActionResult responses from them in order to fully control the Facebook app login flow. Also added a new method to IFacebookPermissionService to utilize externally and internally for getting a users permission status.
1. Source of CollectionFunctionCallNode
2. Source of CollectionNavigationNode
3. Source of CollectionOpenPropertyAccessNode
4. Source of CollectionPropertyAccessNode
5. Source of CollectionPropertyCastNode
6. Source of EntityCollectionCastNode
7. Source of EntityCollectionFunctionCallNode
8. Source of SingleEntityCastNode
9. Source of SingleEntityFunctionCallNode
10. Source of SingleNavigationNode
11. Source of SingleValueCastNode
12. Source of SingleValueFunctionCallNode
13. Source of SingleValueOpenPropertyAccessNode
14. Source of SingleValuePropertyAccessNode
If a navigation source has a navigation property which is binding to a
single-valued object or non-collection valued object, then *post to* this
navigation property is not allowed.
Remove the string overload of HasEditLink, HasReadLink:
A link has to be a Uri as per OData spec.
The string overload is only referenced by a test method.
Doug Bunting
Yaroslav Yakhontov
Jay
Jass Bagga
N. Taylor Mullen
Pranav K
mgoyet
martincostello
Yishai Galatzer
Marc Gravell
Kiran Challa
Ryan Nowak
sornaks
jacalvar
Congyong Su
Sam Xu
fenzhao
Tian Pan
davidmatson