p-net | PROFINET device stack for embedded devices | Automation library

We have a test environment on a public site. There we use --disable-web-security flag on chrome for the testers to bypass CORS errors for public service calls during manual test phase. And also we have localhost requests on the agent machine. However today with Chrome 98 update we started struggling with the network requests targeting localhost.

The error we get is for the localhost requests from a public site:
Access to XMLHttpRequest at 'https://localhost:3030/static/first.qjson' from origin 'https://....com' has been blocked by CORS policy: Request had no target IP address space, yet the resource is in address space `local`.

The site on localhost is configured to return Access-Control-Allow-* CORS headers including "Access-Control-Allow-Private-Network: true".

And also I do not see any preflight request. Just one GET request with CORS error on it.

We suspect this might be a side effect caused when you disable web security by --disable-web-security. It might be preventing obtaining of the target IP address space. Our assumption is based on the CORS preflight section on https://wicg.github.io/private-network-access/

3.1.2. CORS preflight
The HTTP fetch algorithm should be adjusted to ensure that a preflight is triggered for all private network requests initiated from secure contexts.

The main issue here is again that the response’s IP address space is not known until a connection is obtained in HTTP-network fetch, which is layered under CORS-preflight fetch.

So does anyone know any workaround for Private Network Access with --disable-web-security flag ? Or maybe we are missing something. Thanks for the help.

I have added a webapi project to my solution with a controller to do an HttpGet. The Blazor server project can access it fine locally and deployed. I can make a postman call to the service locally, but the deployed version is giving me the Blazor connection failed message from my _Host file. How would I configure webapi access externally without Blazor interfering?

I think it may be a routing issue of some kind that I need to work out. I am using .NET5 and my webapi startup has this:

Before I start, I've tried all suggestions from the following and none work:

Integration testing ASP.NET Core with .NET Framework - can't find deps.json

https://zimmergren.net/unable-to-find-deps-json-dotnet-azure-devops/

So I'm trying to write some integration tests for dotnet 6. However, my WebApplicationFactory throws the following error:

System.InvalidOperationException: Can't find '/repos/subscription-info-api/tests/SubscriptionInfoApi.Tests.Integration/bin/Debug/net6.0/...

System.InvalidOperationException Can't find '/repos/subscription-info-api/tests/SubscriptionInfoApi.Tests.Integration/bin/Debug/net6.0/testhost.deps.json'. This file is required for functional tests to run properly. There should be a copy of the file on your source project bin folder. If that is not the case, make sure that the property PreserveCompilationContext is set to true on your project file. E.g 'true'. For functional tests to work they need to either run from the build output folder or the testhost.deps.json file from your application's output directory must be copied to the folder where the tests are running on. A common cause for this error is having shadow copying enabled when the tests run. at Microsoft.AspNetCore.Mvc.Testing.WebApplicationFactory1.EnsureDepsFile() at Microsoft.AspNetCore.Mvc.Testing.WebApplicationFactory1.EnsureServer() at Microsoft.AspNetCore.Mvc.Testing.WebApplicationFactory1.CreateDefaultClient(DelegatingHandler[] handlers) at Microsoft.AspNetCore.Mvc.Testing.WebApplicationFactory1.CreateDefaultClient(Uri baseAddress, DelegatingHandler[] handlers) at Microsoft.AspNetCore.Mvc.Testing.WebApplicationFactory1.CreateClient(WebApplicationFactoryClientOptions options) at Microsoft.AspNetCore.Mvc.Testing.WebApplicationFactory1.CreateClient() at SubscriptionInfoApi.Tests.Integration.UnitTest1.Test1() in /repos/subscription-info-api/tests/SubscriptionInfoApi.Tests.Integration/UnitTest1.cs:line 14 at SubscriptionInfoApi.Tests.Integration.UnitTest1.Test1() in /repos/subscription-info-api/tests/SubscriptionInfoApi.Tests.Integration/UnitTest1.cs:line 16 at Xunit.Sdk.TestInvoker1.<>c__DisplayClass48_0.<b__1>d.MoveNext() in /_/src/xunit.execution/Sdk/Frameworks/Runners/TestInvoker.cs:line 264 --- End of stack trace from previous location --- at Xunit.Sdk.ExecutionTimer.AggregateAsync(Func1 asyncAction) in //src/xunit.execution/Sdk/Frameworks/ExecutionTimer.cs:line 48 at Xunit.Sdk.ExceptionAggregator.RunAsync(Func`1 code) in //src/xunit.core/Sdk/ExceptionAggregator.cs:line 90

My actual test code is extremely simple:

Is there any way to change the tag for a given http method written with minimal api?

I'm going to get so many "okay grandpa" comments for this one.

I've read a dozen articles and every SO question I could find on this subject.

I must have been away too long or missed something completely, because I swear that user authentication used to be very simple. I seem to recall built-in methods and a session on the server simply knowing who the user was via a cookie or similar, with the ability to store information "in session". I don't recall even setting up authentication in years past, it was just built-in to new applications.

Instead, the most succinct guide I could find is very involved. I think I need a token authorization/authentication setup because there may be consumers (like apps) who don't have a typical cookie pattern these days. In my head, the token works like a cookie except it's manually held on the user end and passed via header with each request?

To its credit, the guide worked, at least for logging in and correctly utilizing the simple Authorize attribute in controllers. However, User.Identity.Name is always empty, even when User.Identity.IsAuthenticated is true, which is perplexing.

How I think auth is working:

• User request hits API with username/password
• Service checks the combination, and returns an encrypted JWT to the user
• The user sends the JWT back with every request
• The server decrypts this JWT to identify the user - this is probably where I'm wrong

So here is where my question comes in:

I need more data about the user, like access to the entire UserModel with every request, but I don't want to go to the database to find it every time. This is where I think there should just be a session object in memory, but that doesn't appear to be the case with token authentication.

TL;DR:

Where do I put user-specific, short-term ("session") information for consumption in future requests where a user is identified with a JWT in the Authorization header instead of a cookie?

• Session state isn't right, because it's hard-wired to a cookie
• HttpContext.Items aren't right, because it's just for the one request
• Cache storage isn't right, because it's not user/session specific. I could potentially create a session-like user-keyed storage here but that seems way, way over-engineered for this.
• Basically anything where I'm passing all the data (not just a user identifier) to the client then relying on the client to pass it back seems wrong? But feel free to correct me.

I am using a tutorial for ASP.NET Core 5.0 + SQL Server, but I am actually using ASP.NET Core 6.0 + Sqlite.

The tutorial has the following code in StartUp.cs

I've got an application where the EDM datatypes are generated during the runtime of the application (they can even change during runtime). Based loosely on OData DynamicEDMModelCreation Sample - refactored to use the new endpoint routing. There the EDM model is dynamically generated at runtime and all requests are forwarded to the same controller.

Now I wanted to update to the newest ASP.NET Core OData 8.0 and the whole routing changed so that the current workaround does not work anymore.

I've read the two blog posts of the update Blog1Blog2 and it seems that I can't use the "old" workaround anymore as the function MapODataRoute() within the endpoints is now gone. It also seems that none of the built-in routing convention work for my use-case as all require the EDM model to be present at debug time.

Maybe I can use a custom IODataControllerActionConvention. I tried to active the convention by adding it to the Routing Convention but it seems I'm still missing a piece how to activate it.

I'm trying to understand how to do integration tests on ASP.NET Core 6 web API controllers. I've tried following all the guides, SO posts and recommendations I could find but for some reason I keep hitting errors that aren't mentioned in the guides.

EventControllerTests.cs

Based on today's announcement of the ASP.NET Core 6 release, it is my understanding that .NET 6 will be immediately available ("day 0 support") on Azure App Services via Early Access:

We are happy to announce that App Service is rolling out day 0 support for .NET 6.0 applications across all public regions and scenarios on both Windows and Linux App Service plans.

After upgrading my ASP.NET Core application to ASP.NET Core 6, configuring my Azure App Service to use .NET 6, and publishing my application to my existing Azure App Service, however, I get an HTTP Error 500.31 with the specific message:

The framework 'Microsoft.NETCore.App', version '6.0.0' (x64) was not found.

Notably, the only .NET 6 runtime it lists as available is RC2 (6.0.0-rc.2.21480.5), not today's release version.

To facilitate this, I performed the following steps:

• Project file (csproj): Updated the to target the net6.0
• Publishing profile (pubxml): Updated the to target the net6.0
• Project file (csproj): Updated all Microsoft.AspNetCore.* NuGet packages to 6.0.0
• Azure App Service Configuration: Updated the .NET Version to ".NET 6 (Early Access)"

When accessing my Azure App Service site with detailed errors enabled, however, I receive the following error:

HTTP Error 500.31 - ANCM Failed to Find Native Dependencies Common solutions to this issue:

The specified version of Microsoft.NetCore.App or Microsoft.AspNetCore.App was not found.

Specific error detected by ANCM: ...