* Use BaseTypeInfo API to fix up polymorphic schemas
* Change schema for polymorphic types with non-abstract base class
* Add comments, update API name, and add more tests
* More feedback and tests
* Merging PathNormalizer Implementations
- Follow up on comment: https://github.com/dotnet/aspnetcore/pull/56805#discussion_r1702625899
- Moving PathNormalizer from Shared\HttpSys to Shared\PathNormalizer, changing the namespace to AspNetCore.Internal
- Shares the code between HttpSys and Kestrel.Core
- Remaining Kestrel specific code renamed to PathDecoder
- Keeping the benchmarks in Kestrel
* Update dependencies from https://github.com/dotnet/source-build-reference-packages build 20240729.2
Microsoft.SourceBuild.Intermediate.source-build-reference-packages
From Version 9.0.0-alpha.1.24374.1 -> To Version 9.0.0-alpha.1.24379.2
* Update dependencies from https://github.com/dotnet/source-build-reference-packages build 20240729.2
Microsoft.SourceBuild.Intermediate.source-build-reference-packages
From Version 9.0.0-alpha.1.24374.1 -> To Version 9.0.0-alpha.1.24379.2
* Update dependencies from https://github.com/dotnet/source-build-reference-packages build 20240729.2
Microsoft.SourceBuild.Intermediate.source-build-reference-packages
From Version 9.0.0-alpha.1.24374.1 -> To Version 9.0.0-alpha.1.24379.2
* Update SourceBuildPrebuiltBaseline.xml
---------
Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com>
Co-authored-by: William Godbe <wigodbe@microsoft.com>
* Parameters sourced from query, header, and route are never nullable
* Don't set nullable property on form parameters
* Remove default form encoding and set schema IDs
* Add more tests
* Add remarks to FromBodyAttrbiute
[[FromBody] attrbiute](https://learn.microsoft.com/en-us/aspnet/core/mvc/models/model-binding?view=aspnetcore-8.0#frombody-attribute) section contains a very important comment :
> The ASP.NET Core runtime delegates the responsibility of reading the body to an input formatter.
This is quite an important detail to capture it in the xmldoc of this attribute.
* Update src/Mvc/Mvc.Core/src/FromBodyAttribute.cs
Co-authored-by: Martin Costello <martin@martincostello.com>
---------
Co-authored-by: Martin Costello <martin@martincostello.com>
* Optimize new use of Base64Url
Rather than searching the whole input for + or / to know if we need to use Base64, we can search for those as well as - or _, which then on average means we only need to search through ~32 characters, assuming balanced input. The moment we see a - or _, we can just use Base64Url.
* Make Stream.Flush no-op
Make implementations of `Stream.Flush()` a no-op instead of throw an exception.
Relates to #57064.
* Make Stream.FlushAsync no-op
- Override `Stream.FlushAsync()` methods as a no-op.
- Make implementations of `Stream.FlushAsync()` a no-op instead of throw an exception.
* Get full path of OpenApiDocumentsDirectory
Convert `$(OpenApiDocumentsDirectory)` to a full path before passing it to the `dotnet-getdocument` tool.
Relates to #57044.
* Avoid warning about invalid OpenAPI version
Do not emit warning about an invalid OpenAPI version in the `dotnet-getdocument` tool if no explicit value was passed to the tool via the `` argument.
Relates to #57044.
* Fix TargetTest tests
Fix tests failing locally in Visual Studio due to test assets not being copied to the output directory.
* Fix tests
Fix assertions looking for relative paths instead of absolute paths.
* Create directories with secure permissions
If we're creating it, make it 700. If it already exists, warn if it's not 700.
* Don't create a directory specified by the user
* Add support for trusting dev certs on linux
There's no consistent way to do this that works for all clients on all Linux distros, but this approach gives us pretty good coverage. In particular, we aim to support .NET (esp HttpClient), Chromium, and Firefox on Ubuntu- and Fedora-based distros.
Certificate trust is applied per-user, which is simpler and preferable for security reasons, but comes with the notable downside that the process can't be completed within the tool - the user has to update an environment variable, probably in their user profile. In particular, OpenSSL consumes the `SSL_CERT_DIR` environment variable to determine where it should look for trusted certificates.
We break establishing trust into two categories: OpenSSL, which backs .NET, and NSS databases (henceforth, nssdb), which backs browsers.
To establish trust in OpenSSL, we put the certificate in `~/.dotnet/corefx/cryptography/trusted`, run a simplified version of OpenSSL's `c_rehash` tool on the directory, and ask the user to update `SSL_CERT_DIR`.
To establish trust in nssdb, we search the home directory for Firefox profiles and `~/.pki/nssdb`. For each one found, we add an entry to the nssdb therein.
Each of these locations (the trusted certificate folder and the list of nssdbs) can be overridden with an environment variable.
This large number of steps introduces a problem that doesn't exist on Windows or macOS - the dev cert can end up trusted by some clients but not by others. This change introduces a `TrustLevel` concept so that we can produce clearer output when this happens.
The only non-bundled tools required to update certificate trust are `openssl` (the CLI) and `certutil`. `sudo` is not required, since all changes are within the user's home directory.
* Also trust certificates in the Current User/Root store
A belt-and-suspenders approach for dotnet trust (i.e. in addition to OpenSSL trust) that has the notable advantage of not requiring any environment variables.
* Clarify the mac-specific comments in GetDevelopmentCertificateFromStore
* Make dev-certs import consistent with kestrel
Kestrel checks the subject name and our magic extension - import was only checking the extension. They can't easily share a method because import has a test hook.
* Commit modifies the InputNumber component to allow the 'type' attribute specified by the user to take precedence over the default 'type="number"'. By swapping the order in which attributes are added to the builder, any user-defined 'type' attribute is now respected, enabling the usage of different input types like 'range'.
Previously, the InputNumber component hardcoded the 'type' attribute as 'number', which prevented using it for other input types such as sliders (range inputs).
* Adding a test to the inputNumberTests to ensure the user defined type attribute overrides the default.
* Using the TestRederer to extract attributes and assert the user-defined type override the default
* Retrieving frames with new methodology
* Isolating the correct element to extract attributes from
* Only asserting the type attribute = range
* Isolating input element, atrributes and type attribute correctly
* Improving methodology of handling render tree frames and isolating the input element and attributes
* Ammendments to tests
* Update src/Components/Web/test/Forms/InputNumberTest.cs
Co-authored-by: Mackinnon Buck <mackinnon.buck@gmail.com>
* Update src/Components/Web/test/Forms/InputNumberTest.cs
Co-authored-by: Mackinnon Buck <mackinnon.buck@gmail.com>
* Update src/Components/Web/test/Forms/InputNumberTest.cs
Co-authored-by: Mackinnon Buck <mackinnon.buck@gmail.com>
* re-adding missing tests
* Using helper methods in tests.
* Update src/Components/Web/test/Forms/InputNumberTest.cs
---------
Co-authored-by: Mackinnon Buck <mackinnon.buck@gmail.com>
Mackinnon Buck
dotnet-maestro[bot]
Safia Abdalla
William Godbe
Martin Costello
Brennan
James Newton-King
ladeak
Javier Calvarro Nelson
Igor Velikorossov
Pavel Voronin
Stephen Toub
dependabot[bot]
Andrew Casey
Steve Sanderson
Matthew Leslie